Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D92033 second address: D9204D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF9ACEAA376h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D9204D second address: D92086 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACEA0FE8h 0x00000007 jmp 00007FF9ACEA0FE9h 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D92086 second address: D9208C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D9208C second address: D92090 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D92090 second address: D9209B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push ecx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D9209B second address: D920B1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 ja 00007FF9ACEA0FD6h 0x0000000a pop ecx 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 jne 00007FF9ACEA0FD6h 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D920B1 second address: D920C8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FF9ACEAA371h 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D7CEF2 second address: D7CF17 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007FF9ACEA0FD6h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FF9ACEA0FE7h 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D7CF17 second address: D7CF1B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D911E1 second address: D911E6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D911E6 second address: D911EC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D911EC second address: D911FB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007FF9ACEA0FD6h 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D91648 second address: D91650 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D91650 second address: D91654 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D94DC8 second address: D94DCC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D94DCC second address: D94DF2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop eax 0x00000007 mov dword ptr [esp], eax 0x0000000a mov dword ptr [ebp+122D1B9Fh], eax 0x00000010 push 00000000h 0x00000012 mov ecx, dword ptr [ebp+122D36A3h] 0x00000018 push ECC83BB5h 0x0000001d pushad 0x0000001e jng 00007FF9ACEA0FDCh 0x00000024 push eax 0x00000025 push edx 0x00000026 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D94DF2 second address: D94EB7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jns 00007FF9ACEAA368h 0x0000000a popad 0x0000000b add dword ptr [esp], 1337C4CBh 0x00000012 mov esi, dword ptr [ebp+122D36A7h] 0x00000018 push 00000003h 0x0000001a push 00000000h 0x0000001c push esi 0x0000001d call 00007FF9ACEAA368h 0x00000022 pop esi 0x00000023 mov dword ptr [esp+04h], esi 0x00000027 add dword ptr [esp+04h], 0000001Ch 0x0000002f inc esi 0x00000030 push esi 0x00000031 ret 0x00000032 pop esi 0x00000033 ret 0x00000034 mov esi, dword ptr [ebp+122D2711h] 0x0000003a push 00000000h 0x0000003c push 00000000h 0x0000003e push esi 0x0000003f call 00007FF9ACEAA368h 0x00000044 pop esi 0x00000045 mov dword ptr [esp+04h], esi 0x00000049 add dword ptr [esp+04h], 00000014h 0x00000051 inc esi 0x00000052 push esi 0x00000053 ret 0x00000054 pop esi 0x00000055 ret 0x00000056 movsx edx, bx 0x00000059 push 00000003h 0x0000005b or edi, 630735E2h 0x00000061 call 00007FF9ACEAA369h 0x00000066 jl 00007FF9ACEAA36Eh 0x0000006c jns 00007FF9ACEAA368h 0x00000072 push eax 0x00000073 jne 00007FF9ACEAA36Ah 0x00000079 mov eax, dword ptr [esp+04h] 0x0000007d jmp 00007FF9ACEAA372h 0x00000082 mov eax, dword ptr [eax] 0x00000084 push eax 0x00000085 push edx 0x00000086 jbe 00007FF9ACEAA37Ah 0x0000008c jmp 00007FF9ACEAA374h 0x00000091 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D94EB7 second address: D94EBD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D94EBD second address: D94EC1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D94EC1 second address: D94F16 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov dword ptr [esp+04h], eax 0x0000000c jmp 00007FF9ACEA0FDEh 0x00000011 pop eax 0x00000012 mov edi, 0337737Ah 0x00000017 mov dword ptr [ebp+122D1809h], eax 0x0000001d lea ebx, dword ptr [ebp+1245BAC8h] 0x00000023 push 00000000h 0x00000025 push ebp 0x00000026 call 00007FF9ACEA0FD8h 0x0000002b pop ebp 0x0000002c mov dword ptr [esp+04h], ebp 0x00000030 add dword ptr [esp+04h], 0000001Ah 0x00000038 inc ebp 0x00000039 push ebp 0x0000003a ret 0x0000003b pop ebp 0x0000003c ret 0x0000003d clc 0x0000003e push eax 0x0000003f push edi 0x00000040 push eax 0x00000041 push edx 0x00000042 push eax 0x00000043 push edx 0x00000044 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D94F16 second address: D94F1A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D94F6D second address: D95002 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF9ACEA0FDCh 0x00000009 popad 0x0000000a mov dword ptr [esp], eax 0x0000000d mov ecx, 528CBAD0h 0x00000012 push edx 0x00000013 pop esi 0x00000014 push 00000000h 0x00000016 push 00000000h 0x00000018 push edi 0x00000019 call 00007FF9ACEA0FD8h 0x0000001e pop edi 0x0000001f mov dword ptr [esp+04h], edi 0x00000023 add dword ptr [esp+04h], 0000001Dh 0x0000002b inc edi 0x0000002c push edi 0x0000002d ret 0x0000002e pop edi 0x0000002f ret 0x00000030 adc si, F791h 0x00000035 call 00007FF9ACEA0FD9h 0x0000003a jbe 00007FF9ACEA0FDEh 0x00000040 push eax 0x00000041 pushad 0x00000042 jmp 00007FF9ACEA0FE1h 0x00000047 jg 00007FF9ACEA0FD8h 0x0000004d popad 0x0000004e mov eax, dword ptr [esp+04h] 0x00000052 pushad 0x00000053 pushad 0x00000054 js 00007FF9ACEA0FD6h 0x0000005a je 00007FF9ACEA0FD6h 0x00000060 popad 0x00000061 push eax 0x00000062 push edx 0x00000063 jg 00007FF9ACEA0FD6h 0x00000069 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D95002 second address: D9504C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACEAA374h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a mov eax, dword ptr [eax] 0x0000000c pushad 0x0000000d jmp 00007FF9ACEAA36Fh 0x00000012 pushad 0x00000013 jmp 00007FF9ACEAA370h 0x00000018 pushad 0x00000019 popad 0x0000001a popad 0x0000001b popad 0x0000001c mov dword ptr [esp+04h], eax 0x00000020 push eax 0x00000021 push edx 0x00000022 push eax 0x00000023 push edx 0x00000024 push esi 0x00000025 pop esi 0x00000026 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D9504C second address: D95069 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACEA0FE9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D95069 second address: D950A2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jg 00007FF9ACEAA366h 0x00000009 jns 00007FF9ACEAA366h 0x0000000f popad 0x00000010 pop edx 0x00000011 pop eax 0x00000012 pop eax 0x00000013 mov edx, dword ptr [ebp+122D389Fh] 0x00000019 push 00000003h 0x0000001b push 00000000h 0x0000001d and esi, dword ptr [ebp+122D2F3Ah] 0x00000023 push 00000003h 0x00000025 mov dword ptr [ebp+122D17F5h], edx 0x0000002b call 00007FF9ACEAA369h 0x00000030 pushad 0x00000031 push eax 0x00000032 push edx 0x00000033 push ecx 0x00000034 pop ecx 0x00000035 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D950A2 second address: D950B2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 pushad 0x00000008 popad 0x00000009 pop eax 0x0000000a popad 0x0000000b push eax 0x0000000c push ebx 0x0000000d push edi 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D950B2 second address: D950C4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 pop ebx 0x00000006 mov eax, dword ptr [esp+04h] 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d push esi 0x0000000e pop esi 0x0000000f push ebx 0x00000010 pop ebx 0x00000011 popad 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D950C4 second address: D950CA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D950CA second address: D950E8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACEAA371h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b mov eax, dword ptr [eax] 0x0000000d push ecx 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D950E8 second address: D950EC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D950EC second address: D9514B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ecx 0x00000007 mov dword ptr [esp+04h], eax 0x0000000b jmp 00007FF9ACEAA375h 0x00000010 pop eax 0x00000011 push 00000000h 0x00000013 push edi 0x00000014 call 00007FF9ACEAA368h 0x00000019 pop edi 0x0000001a mov dword ptr [esp+04h], edi 0x0000001e add dword ptr [esp+04h], 0000001Ah 0x00000026 inc edi 0x00000027 push edi 0x00000028 ret 0x00000029 pop edi 0x0000002a ret 0x0000002b lea ebx, dword ptr [ebp+1245BAD3h] 0x00000031 mov edi, dword ptr [ebp+122D36B3h] 0x00000037 push eax 0x00000038 pushad 0x00000039 jmp 00007FF9ACEAA36Bh 0x0000003e pushad 0x0000003f push eax 0x00000040 push edx 0x00000041 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DB4FFF second address: DB5023 instructions: 0x00000000 rdtsc 0x00000002 jp 00007FF9ACEA0FD6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push edi 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f jmp 00007FF9ACEA0FE5h 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DB3003 second address: DB3031 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 ja 00007FF9ACEAA366h 0x0000000a pop ebx 0x0000000b jmp 00007FF9ACEAA370h 0x00000010 popad 0x00000011 push eax 0x00000012 push edx 0x00000013 pushad 0x00000014 jne 00007FF9ACEAA366h 0x0000001a push eax 0x0000001b pop eax 0x0000001c jbe 00007FF9ACEAA366h 0x00000022 popad 0x00000023 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DB3031 second address: DB3045 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007FF9ACEA0FD8h 0x00000008 push eax 0x00000009 push edx 0x0000000a ja 00007FF9ACEA0FD6h 0x00000010 pushad 0x00000011 popad 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DB3D09 second address: DB3D0F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DB3D0F second address: DB3D5D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007FF9ACEA0FE1h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jg 00007FF9ACEA0FDCh 0x00000011 js 00007FF9ACEA0FD6h 0x00000017 pop edx 0x00000018 pop eax 0x00000019 pushad 0x0000001a pushad 0x0000001b jno 00007FF9ACEA0FD6h 0x00000021 jnc 00007FF9ACEA0FD6h 0x00000027 jmp 00007FF9ACEA0FE9h 0x0000002c push eax 0x0000002d push edx 0x0000002e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D83AFD second address: D83B01 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D83B01 second address: D83B0D instructions: 0x00000000 rdtsc 0x00000002 jnp 00007FF9ACEA0FD6h 0x00000008 push ebx 0x00000009 pop ebx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DB48C0 second address: DB48C5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DB48C5 second address: DB48CB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DB48CB second address: DB48CF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D889A6 second address: D889AB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DBBF07 second address: DBBF0B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DBF0FF second address: DBF109 instructions: 0x00000000 rdtsc 0x00000002 jo 00007FF9ACEA2286h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DBF109 second address: DBF121 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push edx 0x00000009 pop edx 0x0000000a jmp 00007FF9ACE9409Eh 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DBF121 second address: DBF127 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DBF127 second address: DBF149 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACE940A6h 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a popad 0x0000000b jg 00007FF9ACE94096h 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DBF149 second address: DBF14F instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DBE8E5 second address: DBE8E9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DBE8E9 second address: DBE8EF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DBED08 second address: DBED0C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DBED0C second address: DBED10 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DC0B80 second address: DC0C38 instructions: 0x00000000 rdtsc 0x00000002 jl 00007FF9ACE94096h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b jmp 00007FF9ACE940A1h 0x00000010 mov eax, dword ptr [esp+04h] 0x00000014 jmp 00007FF9ACE940A9h 0x00000019 mov eax, dword ptr [eax] 0x0000001b pushad 0x0000001c js 00007FF9ACE94098h 0x00000022 pushad 0x00000023 js 00007FF9ACE94096h 0x00000029 push edx 0x0000002a pop edx 0x0000002b popad 0x0000002c popad 0x0000002d mov dword ptr [esp+04h], eax 0x00000031 jmp 00007FF9ACE940A3h 0x00000036 pop eax 0x00000037 call 00007FF9ACE94099h 0x0000003c jmp 00007FF9ACE940A0h 0x00000041 push eax 0x00000042 jmp 00007FF9ACE940A1h 0x00000047 mov eax, dword ptr [esp+04h] 0x0000004b jmp 00007FF9ACE9409Dh 0x00000050 mov eax, dword ptr [eax] 0x00000052 pushad 0x00000053 pushad 0x00000054 pushad 0x00000055 popad 0x00000056 jne 00007FF9ACE94096h 0x0000005c popad 0x0000005d push eax 0x0000005e push edx 0x0000005f jbe 00007FF9ACE94096h 0x00000065 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DC0C38 second address: DC0C4C instructions: 0x00000000 rdtsc 0x00000002 ja 00007FF9ACEA2286h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b mov dword ptr [esp+04h], eax 0x0000000f pushad 0x00000010 push eax 0x00000011 push edx 0x00000012 pushad 0x00000013 popad 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DC0D81 second address: DC0D98 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 jnp 00007FF9ACE94096h 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 ja 00007FF9ACE94096h 0x00000016 pop eax 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DC1348 second address: DC134D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DC134D second address: DC1353 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DC1353 second address: DC1357 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DC1828 second address: DC182C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DC182C second address: DC183E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ebx 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jnl 00007FF9ACEA2288h 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DC1968 second address: DC196F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DC196F second address: DC1975 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DC1975 second address: DC1979 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DC23B6 second address: DC23BA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DC23BA second address: DC23BE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DC2CB2 second address: DC2CB8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DC2CB8 second address: DC2CBC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DC2CBC second address: DC2D09 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov dword ptr [esp], eax 0x0000000b movzx edi, si 0x0000000e push 00000000h 0x00000010 jmp 00007FF9ACEA228Ah 0x00000015 push 00000000h 0x00000017 push 00000000h 0x00000019 push ecx 0x0000001a call 00007FF9ACEA2288h 0x0000001f pop ecx 0x00000020 mov dword ptr [esp+04h], ecx 0x00000024 add dword ptr [esp+04h], 00000018h 0x0000002c inc ecx 0x0000002d push ecx 0x0000002e ret 0x0000002f pop ecx 0x00000030 ret 0x00000031 mov esi, dword ptr [ebp+122D231Eh] 0x00000037 push eax 0x00000038 push eax 0x00000039 push edx 0x0000003a push eax 0x0000003b ja 00007FF9ACEA2286h 0x00000041 pop eax 0x00000042 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DC5201 second address: DC5207 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DC7675 second address: DC770F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 jmp 00007FF9ACEA2293h 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b nop 0x0000000c mov dword ptr [ebp+1245CDF0h], ebx 0x00000012 mov dword ptr [ebp+12466B76h], eax 0x00000018 push 00000000h 0x0000001a push 00000000h 0x0000001c push eax 0x0000001d call 00007FF9ACEA2288h 0x00000022 pop eax 0x00000023 mov dword ptr [esp+04h], eax 0x00000027 add dword ptr [esp+04h], 0000001Dh 0x0000002f inc eax 0x00000030 push eax 0x00000031 ret 0x00000032 pop eax 0x00000033 ret 0x00000034 push eax 0x00000035 xor edi, 1C614189h 0x0000003b pop edi 0x0000003c jmp 00007FF9ACEA2297h 0x00000041 push 00000000h 0x00000043 push 00000000h 0x00000045 push edi 0x00000046 call 00007FF9ACEA2288h 0x0000004b pop edi 0x0000004c mov dword ptr [esp+04h], edi 0x00000050 add dword ptr [esp+04h], 0000001Ah 0x00000058 inc edi 0x00000059 push edi 0x0000005a ret 0x0000005b pop edi 0x0000005c ret 0x0000005d xchg eax, ebx 0x0000005e push esi 0x0000005f push eax 0x00000060 push edx 0x00000061 js 00007FF9ACEA2286h 0x00000067 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DC964D second address: DC9690 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pushad 0x00000004 popad 0x00000005 pop ecx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push esi 0x0000000b jmp 00007FF9ACE9409Eh 0x00000010 jmp 00007FF9ACE9409Ah 0x00000015 pop esi 0x00000016 push eax 0x00000017 push edx 0x00000018 jmp 00007FF9ACE9409Eh 0x0000001d jmp 00007FF9ACE9409Fh 0x00000022 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DC9690 second address: DC96BF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACEA2295h 0x00000007 jmp 00007FF9ACEA2296h 0x0000000c pop edx 0x0000000d pop eax 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DCDE58 second address: DCDED3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACE940A6h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], eax 0x0000000c movsx ebx, cx 0x0000000f push 00000000h 0x00000011 pushad 0x00000012 jmp 00007FF9ACE940A8h 0x00000017 mov ebx, dword ptr [ebp+122D36D3h] 0x0000001d popad 0x0000001e push 00000000h 0x00000020 push 00000000h 0x00000022 push eax 0x00000023 call 00007FF9ACE94098h 0x00000028 pop eax 0x00000029 mov dword ptr [esp+04h], eax 0x0000002d add dword ptr [esp+04h], 0000001Dh 0x00000035 inc eax 0x00000036 push eax 0x00000037 ret 0x00000038 pop eax 0x00000039 ret 0x0000003a push ebx 0x0000003b mov bx, A6FDh 0x0000003f pop ebx 0x00000040 sub dword ptr [ebp+122D26CFh], eax 0x00000046 xchg eax, esi 0x00000047 push eax 0x00000048 push edx 0x00000049 pushad 0x0000004a push eax 0x0000004b push edx 0x0000004c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DCDED3 second address: DCDEEA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF9ACEA2292h 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DCEE3A second address: DCEE52 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF9ACE940A3h 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DCEFEE second address: DCF003 instructions: 0x00000000 rdtsc 0x00000002 jo 00007FF9ACEA2288h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e push eax 0x0000000f pop eax 0x00000010 pushad 0x00000011 popad 0x00000012 popad 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD0E23 second address: DD0E2C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD0075 second address: DD007A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD0E2C second address: DD0E30 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD007A second address: DD0080 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD0E30 second address: DD0EC8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 jmp 00007FF9ACE940A3h 0x0000000d nop 0x0000000e push 00000000h 0x00000010 push eax 0x00000011 call 00007FF9ACE94098h 0x00000016 pop eax 0x00000017 mov dword ptr [esp+04h], eax 0x0000001b add dword ptr [esp+04h], 0000001Bh 0x00000023 inc eax 0x00000024 push eax 0x00000025 ret 0x00000026 pop eax 0x00000027 ret 0x00000028 mov bh, 8Eh 0x0000002a push 00000000h 0x0000002c sbb bx, 11ACh 0x00000031 push 00000000h 0x00000033 push 00000000h 0x00000035 push ecx 0x00000036 call 00007FF9ACE94098h 0x0000003b pop ecx 0x0000003c mov dword ptr [esp+04h], ecx 0x00000040 add dword ptr [esp+04h], 0000001Dh 0x00000048 inc ecx 0x00000049 push ecx 0x0000004a ret 0x0000004b pop ecx 0x0000004c ret 0x0000004d xchg eax, esi 0x0000004e pushad 0x0000004f pushad 0x00000050 pushad 0x00000051 popad 0x00000052 jmp 00007FF9ACE9409Bh 0x00000057 popad 0x00000058 push eax 0x00000059 push edx 0x0000005a jmp 00007FF9ACE940A6h 0x0000005f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD0080 second address: DD0084 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD0EC8 second address: DD0EE8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACE940A2h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e pushad 0x0000000f popad 0x00000010 push ecx 0x00000011 pop ecx 0x00000012 popad 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD0EE8 second address: DD0EF3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jno 00007FF9ACEA2286h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D8BF31 second address: D8BF39 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D8BF39 second address: D8BF3F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D8BF3F second address: D8BF61 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jmp 00007FF9ACE940A2h 0x0000000a pushad 0x0000000b push ecx 0x0000000c pushad 0x0000000d popad 0x0000000e pop ecx 0x0000000f push eax 0x00000010 push edx 0x00000011 push ebx 0x00000012 pop ebx 0x00000013 push esi 0x00000014 pop esi 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD0FF4 second address: DD1010 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF9ACEA2297h 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D8BF61 second address: D8BF82 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACE940A5h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b jc 00007FF9ACE94096h 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D8BF82 second address: D8BF86 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD1010 second address: DD1016 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD1016 second address: DD101A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD35CA second address: DD35E6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACE9409Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jne 00007FF9ACE94098h 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD54B5 second address: DD5557 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACEA2293h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], eax 0x0000000c adc bx, 6756h 0x00000011 and edi, 0228A1EBh 0x00000017 push 00000000h 0x00000019 push 00000000h 0x0000001b push ebx 0x0000001c call 00007FF9ACEA2288h 0x00000021 pop ebx 0x00000022 mov dword ptr [esp+04h], ebx 0x00000026 add dword ptr [esp+04h], 00000019h 0x0000002e inc ebx 0x0000002f push ebx 0x00000030 ret 0x00000031 pop ebx 0x00000032 ret 0x00000033 movzx edi, cx 0x00000036 push 00000000h 0x00000038 push 00000000h 0x0000003a push eax 0x0000003b call 00007FF9ACEA2288h 0x00000040 pop eax 0x00000041 mov dword ptr [esp+04h], eax 0x00000045 add dword ptr [esp+04h], 0000001Ch 0x0000004d inc eax 0x0000004e push eax 0x0000004f ret 0x00000050 pop eax 0x00000051 ret 0x00000052 adc bx, 2EA6h 0x00000057 mov bl, 9Ah 0x00000059 xchg eax, esi 0x0000005a jmp 00007FF9ACEA2295h 0x0000005f push eax 0x00000060 push eax 0x00000061 push edx 0x00000062 jmp 00007FF9ACEA2291h 0x00000067 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD46F1 second address: DD46F7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD64D0 second address: DD64EB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACEA2297h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD568D second address: DD5692 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD5692 second address: DD5698 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD5698 second address: DD569C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD84BE second address: DD84C2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD84C2 second address: DD84D4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jc 00007FF9ACE9409Ch 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD84D4 second address: DD84EF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jns 00007FF9ACEA2286h 0x00000009 jno 00007FF9ACEA2286h 0x0000000f push ebx 0x00000010 pop ebx 0x00000011 jnc 00007FF9ACEA2286h 0x00000017 popad 0x00000018 push ebx 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D8A3D9 second address: D8A3E7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 jnp 00007FF9ACE94096h 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D8A3E7 second address: D8A404 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jmp 00007FF9ACEA2295h 0x0000000a push esi 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD8A8B second address: DD8A9E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FF9ACE9409Fh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD8A9E second address: DD8B28 instructions: 0x00000000 rdtsc 0x00000002 jg 00007FF9ACEA2286h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d jmp 00007FF9ACEA2296h 0x00000012 nop 0x00000013 push 00000000h 0x00000015 push edi 0x00000016 call 00007FF9ACEA2288h 0x0000001b pop edi 0x0000001c mov dword ptr [esp+04h], edi 0x00000020 add dword ptr [esp+04h], 00000018h 0x00000028 inc edi 0x00000029 push edi 0x0000002a ret 0x0000002b pop edi 0x0000002c ret 0x0000002d push edx 0x0000002e or dword ptr [ebp+122D1840h], edi 0x00000034 pop edi 0x00000035 push 00000000h 0x00000037 or dword ptr [ebp+122D292Dh], esi 0x0000003d push 00000000h 0x0000003f push 00000000h 0x00000041 push edi 0x00000042 call 00007FF9ACEA2288h 0x00000047 pop edi 0x00000048 mov dword ptr [esp+04h], edi 0x0000004c add dword ptr [esp+04h], 0000001Ah 0x00000054 inc edi 0x00000055 push edi 0x00000056 ret 0x00000057 pop edi 0x00000058 ret 0x00000059 mov edi, dword ptr [ebp+122D368Fh] 0x0000005f mov dword ptr [ebp+1249084Ch], eax 0x00000065 xchg eax, esi 0x00000066 pushad 0x00000067 push eax 0x00000068 push edx 0x00000069 push eax 0x0000006a pop eax 0x0000006b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD8B28 second address: DD8B40 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACE940A1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD8B40 second address: DD8B57 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 js 00007FF9ACEA2286h 0x0000000a popad 0x0000000b popad 0x0000000c push eax 0x0000000d je 00007FF9ACEA2294h 0x00000013 push eax 0x00000014 push edx 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD8B57 second address: DD8B5B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD6673 second address: DD6677 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD6677 second address: DD6680 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD6680 second address: DD66A4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 popad 0x00000007 popad 0x00000008 push eax 0x00000009 pushad 0x0000000a pushad 0x0000000b push eax 0x0000000c pop eax 0x0000000d jg 00007FF9ACEA2286h 0x00000013 popad 0x00000014 push eax 0x00000015 push edx 0x00000016 jmp 00007FF9ACEA228Eh 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD66A4 second address: DD66A8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD66A8 second address: DD6719 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 nop 0x00000008 push esi 0x00000009 jmp 00007FF9ACEA228Bh 0x0000000e pop ebx 0x0000000f push dword ptr fs:[00000000h] 0x00000016 mov ebx, dword ptr [ebp+122D1813h] 0x0000001c mov dword ptr fs:[00000000h], esp 0x00000023 adc ebx, 4A4D5C27h 0x00000029 mov eax, dword ptr [ebp+122D0719h] 0x0000002f mov ebx, dword ptr [ebp+122D2724h] 0x00000035 push FFFFFFFFh 0x00000037 push 00000000h 0x00000039 push esi 0x0000003a call 00007FF9ACEA2288h 0x0000003f pop esi 0x00000040 mov dword ptr [esp+04h], esi 0x00000044 add dword ptr [esp+04h], 00000019h 0x0000004c inc esi 0x0000004d push esi 0x0000004e ret 0x0000004f pop esi 0x00000050 ret 0x00000051 adc edi, 73125B47h 0x00000057 push eax 0x00000058 push eax 0x00000059 push edx 0x0000005a pushad 0x0000005b ja 00007FF9ACEA2286h 0x00000061 push edi 0x00000062 pop edi 0x00000063 popad 0x00000064 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD99CF second address: DD99D6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD8DBE second address: DD8DC4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD9B7D second address: DD9BAA instructions: 0x00000000 rdtsc 0x00000002 jl 00007FF9ACE9409Ch 0x00000008 jnp 00007FF9ACE94096h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push eax 0x00000011 pushad 0x00000012 push eax 0x00000013 push edx 0x00000014 jmp 00007FF9ACE940A9h 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DDB9C8 second address: DDB9CD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD9BAA second address: DD9C68 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACE9409Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a jmp 00007FF9ACE9409Ah 0x0000000f pop eax 0x00000010 popad 0x00000011 nop 0x00000012 mov ebx, dword ptr [ebp+122D37C3h] 0x00000018 push dword ptr fs:[00000000h] 0x0000001f mov dword ptr [ebp+1246513Bh], eax 0x00000025 mov dword ptr fs:[00000000h], esp 0x0000002c or edi, dword ptr [ebp+122D28E7h] 0x00000032 mov eax, dword ptr [ebp+122D099Dh] 0x00000038 push 00000000h 0x0000003a push ebp 0x0000003b call 00007FF9ACE94098h 0x00000040 pop ebp 0x00000041 mov dword ptr [esp+04h], ebp 0x00000045 add dword ptr [esp+04h], 00000014h 0x0000004d inc ebp 0x0000004e push ebp 0x0000004f ret 0x00000050 pop ebp 0x00000051 ret 0x00000052 add bx, E2D0h 0x00000057 push FFFFFFFFh 0x00000059 push 00000000h 0x0000005b push ebx 0x0000005c call 00007FF9ACE94098h 0x00000061 pop ebx 0x00000062 mov dword ptr [esp+04h], ebx 0x00000066 add dword ptr [esp+04h], 00000018h 0x0000006e inc ebx 0x0000006f push ebx 0x00000070 ret 0x00000071 pop ebx 0x00000072 ret 0x00000073 jmp 00007FF9ACE940A6h 0x00000078 nop 0x00000079 jmp 00007FF9ACE9409Ah 0x0000007e push eax 0x0000007f push eax 0x00000080 push edx 0x00000081 jmp 00007FF9ACE940A4h 0x00000086 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DD9C68 second address: DD9C85 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FF9ACEA2299h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DDD9E2 second address: DDDA2A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push esi 0x00000006 pushad 0x00000007 popad 0x00000008 pop esi 0x00000009 popad 0x0000000a nop 0x0000000b push 00000000h 0x0000000d push 00000000h 0x0000000f push ecx 0x00000010 call 00007FF9ACE94098h 0x00000015 pop ecx 0x00000016 mov dword ptr [esp+04h], ecx 0x0000001a add dword ptr [esp+04h], 0000001Ah 0x00000022 inc ecx 0x00000023 push ecx 0x00000024 ret 0x00000025 pop ecx 0x00000026 ret 0x00000027 mov di, E086h 0x0000002b push 00000000h 0x0000002d movsx ebx, cx 0x00000030 xchg eax, esi 0x00000031 push eax 0x00000032 push edx 0x00000033 push eax 0x00000034 push edx 0x00000035 jmp 00007FF9ACE9409Bh 0x0000003a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DDDA2A second address: DDDA30 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DDCAE1 second address: DDCAE7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DDDA30 second address: DDDA35 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DDDA35 second address: DDDA55 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 pushad 0x00000009 jbe 00007FF9ACE94098h 0x0000000f pushad 0x00000010 popad 0x00000011 pushad 0x00000012 jmp 00007FF9ACE9409Ch 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DDEA42 second address: DDEA6C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF9ACEA228Ah 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FF9ACEA2299h 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DDEA6C second address: DDEB2E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACE9409Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a nop 0x0000000b push 00000000h 0x0000000d push ebp 0x0000000e call 00007FF9ACE94098h 0x00000013 pop ebp 0x00000014 mov dword ptr [esp+04h], ebp 0x00000018 add dword ptr [esp+04h], 00000018h 0x00000020 inc ebp 0x00000021 push ebp 0x00000022 ret 0x00000023 pop ebp 0x00000024 ret 0x00000025 push 00000000h 0x00000027 push 00000000h 0x00000029 push eax 0x0000002a call 00007FF9ACE94098h 0x0000002f pop eax 0x00000030 mov dword ptr [esp+04h], eax 0x00000034 add dword ptr [esp+04h], 00000015h 0x0000003c inc eax 0x0000003d push eax 0x0000003e ret 0x0000003f pop eax 0x00000040 ret 0x00000041 mov edi, dword ptr [ebp+122D385Bh] 0x00000047 call 00007FF9ACE9409Ch 0x0000004c pop ebx 0x0000004d mov ebx, 1F679C15h 0x00000052 push 00000000h 0x00000054 pushad 0x00000055 mov bx, di 0x00000058 call 00007FF9ACE940A4h 0x0000005d and edx, 3C255B81h 0x00000063 pop esi 0x00000064 popad 0x00000065 push eax 0x00000066 pushad 0x00000067 jmp 00007FF9ACE940A9h 0x0000006c push eax 0x0000006d push edx 0x0000006e jmp 00007FF9ACE940A7h 0x00000073 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D8055E second address: D80577 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 jmp 00007FF9ACEA2291h 0x00000008 pop esi 0x00000009 push eax 0x0000000a push edx 0x0000000b push ecx 0x0000000c pop ecx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DDED70 second address: DDED76 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DDED76 second address: DDED7A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DE3240 second address: DE3244 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DE7B50 second address: DE7B55 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DE71D8 second address: DE71ED instructions: 0x00000000 rdtsc 0x00000002 jng 00007FF9ACE94096h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c popad 0x0000000d push edx 0x0000000e push eax 0x0000000f pushad 0x00000010 popad 0x00000011 pop eax 0x00000012 pushad 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DE71ED second address: DE71F5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DEBBBC second address: DEBBC6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DEBBC6 second address: DEBBFB instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov eax, dword ptr [esp+04h] 0x0000000b jmp 00007FF9ACEA228Dh 0x00000010 mov eax, dword ptr [eax] 0x00000012 push eax 0x00000013 push eax 0x00000014 push edx 0x00000015 jmp 00007FF9ACEA2298h 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DEBBFB second address: DEBC18 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007FF9ACE94096h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop eax 0x0000000b mov dword ptr [esp+04h], eax 0x0000000f push eax 0x00000010 push edx 0x00000011 jns 00007FF9ACE9409Ch 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DEBC18 second address: DEBC1D instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DED196 second address: DED1B3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jnl 00007FF9ACE94096h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jnc 00007FF9ACE940A1h 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DED1B3 second address: DED1BD instructions: 0x00000000 rdtsc 0x00000002 jc 00007FF9ACEA228Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DED1BD second address: DED1EE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF9ACE940A7h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push ecx 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FF9ACE9409Bh 0x00000013 jne 00007FF9ACE94096h 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DF47B8 second address: DF47BE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DF47BE second address: DF47D9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 popad 0x00000006 push ebx 0x00000007 jng 00007FF9ACE9409Ch 0x0000000d push eax 0x0000000e push edx 0x0000000f jg 00007FF9ACE94096h 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DF47D9 second address: DF47DD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D7EA1C second address: D7EA26 instructions: 0x00000000 rdtsc 0x00000002 js 00007FF9ACE9409Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DF34EC second address: DF34F2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DF3A4D second address: DF3A53 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DF3A53 second address: DF3A5E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jno 00007FF9ACEA2286h 0x0000000a popad 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DF3A5E second address: DF3A75 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACE940A0h 0x00000007 push ebx 0x00000008 push eax 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DF3F11 second address: DF3F54 instructions: 0x00000000 rdtsc 0x00000002 jno 00007FF9ACEA2292h 0x00000008 jmp 00007FF9ACEA2294h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007FF9ACEA2297h 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DF430D second address: DF4313 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DF4313 second address: DF4324 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edi 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b jnc 00007FF9ACEA2286h 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DF4324 second address: DF433E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 jl 00007FF9ACE94096h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e jno 00007FF9ACE94096h 0x00000014 jp 00007FF9ACE94096h 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DF433E second address: DF4342 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DF4342 second address: DF4348 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DF9C85 second address: DF9C8D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 push eax 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D7B3B4 second address: D7B3D6 instructions: 0x00000000 rdtsc 0x00000002 jo 00007FF9ACE94096h 0x00000008 js 00007FF9ACE94096h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 pop ecx 0x00000011 js 00007FF9ACE940B4h 0x00000017 pushad 0x00000018 push eax 0x00000019 pop eax 0x0000001a jo 00007FF9ACE94096h 0x00000020 push eax 0x00000021 push edx 0x00000022 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D7B3D6 second address: D7B3DC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D7B3DC second address: D7B3E4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push ebx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DF8B04 second address: DF8B08 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DF8B08 second address: DF8B13 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push edi 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DF90A2 second address: DF90A6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DF90A6 second address: DF90AC instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DF8803 second address: DF8808 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DF95CA second address: DF95D0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DF9704 second address: DF970A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E03E38 second address: E03E3E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E02A83 second address: E02A89 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E02A89 second address: E02A93 instructions: 0x00000000 rdtsc 0x00000002 je 00007FF9ACE94096h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E02BF9 second address: E02BFF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E02BFF second address: E02C05 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E02D61 second address: E02D6C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E02D6C second address: E02D70 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E032DA second address: E032DE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E032DE second address: E032E2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E036C5 second address: E036C9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E03831 second address: E03835 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E03835 second address: E0383B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E0383B second address: E03841 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E03841 second address: E03847 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E03847 second address: E03858 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF9ACE9409Dh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E03CC8 second address: E03CD7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jnp 00007FF9ACEA2286h 0x0000000d pushad 0x0000000e popad 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E03CD7 second address: E03CDD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E08756 second address: E0875A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E0875A second address: E08760 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E075F7 second address: E07600 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DC9E11 second address: DC9E85 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push eax 0x00000007 jmp 00007FF9ACE940A3h 0x0000000c nop 0x0000000d push 00000000h 0x0000000f push edi 0x00000010 call 00007FF9ACE94098h 0x00000015 pop edi 0x00000016 mov dword ptr [esp+04h], edi 0x0000001a add dword ptr [esp+04h], 0000001Dh 0x00000022 inc edi 0x00000023 push edi 0x00000024 ret 0x00000025 pop edi 0x00000026 ret 0x00000027 mov edi, dword ptr [ebp+122D36BFh] 0x0000002d lea eax, dword ptr [ebp+12490BA8h] 0x00000033 push 00000000h 0x00000035 push ebp 0x00000036 call 00007FF9ACE94098h 0x0000003b pop ebp 0x0000003c mov dword ptr [esp+04h], ebp 0x00000040 add dword ptr [esp+04h], 00000014h 0x00000048 inc ebp 0x00000049 push ebp 0x0000004a ret 0x0000004b pop ebp 0x0000004c ret 0x0000004d add edx, dword ptr [ebp+122D38B3h] 0x00000053 nop 0x00000054 push ecx 0x00000055 push eax 0x00000056 push edx 0x00000057 pushad 0x00000058 popad 0x00000059 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DC9E85 second address: DA9A64 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ecx 0x00000007 push eax 0x00000008 push ecx 0x00000009 pushad 0x0000000a js 00007FF9ACEA2286h 0x00000010 je 00007FF9ACEA2286h 0x00000016 popad 0x00000017 pop ecx 0x00000018 nop 0x00000019 push 00000000h 0x0000001b push edi 0x0000001c call 00007FF9ACEA2288h 0x00000021 pop edi 0x00000022 mov dword ptr [esp+04h], edi 0x00000026 add dword ptr [esp+04h], 0000001Bh 0x0000002e inc edi 0x0000002f push edi 0x00000030 ret 0x00000031 pop edi 0x00000032 ret 0x00000033 mov dh, F5h 0x00000035 call dword ptr [ebp+122D26FAh] 0x0000003b pushad 0x0000003c jp 00007FF9ACEA2288h 0x00000042 pushad 0x00000043 popad 0x00000044 jl 00007FF9ACEA2288h 0x0000004a push eax 0x0000004b pop eax 0x0000004c popad 0x0000004d jc 00007FF9ACEA22B0h 0x00000053 pushad 0x00000054 jns 00007FF9ACEA2286h 0x0000005a push eax 0x0000005b push edx 0x0000005c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DCA431 second address: DCA446 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ecx 0x00000007 mov eax, dword ptr [esp+04h] 0x0000000b push eax 0x0000000c push edx 0x0000000d push esi 0x0000000e jnl 00007FF9ACE94096h 0x00000014 pop esi 0x00000015 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DCA446 second address: DCA46C instructions: 0x00000000 rdtsc 0x00000002 jns 00007FF9ACEA228Ch 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov eax, dword ptr [eax] 0x0000000c jmp 00007FF9ACEA228Ah 0x00000011 mov dword ptr [esp+04h], eax 0x00000015 push eax 0x00000016 push edx 0x00000017 push edi 0x00000018 pushad 0x00000019 popad 0x0000001a pop edi 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DCA6F9 second address: DCA6FE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DCABC0 second address: DCABFF instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop esi 0x00000007 mov dword ptr [esp], eax 0x0000000a cld 0x0000000b push 0000001Eh 0x0000000d push 00000000h 0x0000000f push eax 0x00000010 call 00007FF9ACEA2288h 0x00000015 pop eax 0x00000016 mov dword ptr [esp+04h], eax 0x0000001a add dword ptr [esp+04h], 00000019h 0x00000022 inc eax 0x00000023 push eax 0x00000024 ret 0x00000025 pop eax 0x00000026 ret 0x00000027 xor dword ptr [ebp+122D21C5h], edx 0x0000002d push eax 0x0000002e push eax 0x0000002f push edx 0x00000030 jbe 00007FF9ACEA228Ch 0x00000036 push eax 0x00000037 push edx 0x00000038 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DCABFF second address: DCAC03 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DCAD52 second address: DCAD5C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jne 00007FF9ACEA2286h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DCAD5C second address: DCAD60 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DCAFA1 second address: DCAFAB instructions: 0x00000000 rdtsc 0x00000002 jns 00007FF9ACEA2286h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DCAFAB second address: DCB045 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACE940A5h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 nop 0x0000000a push 00000000h 0x0000000c push ebx 0x0000000d call 00007FF9ACE94098h 0x00000012 pop ebx 0x00000013 mov dword ptr [esp+04h], ebx 0x00000017 add dword ptr [esp+04h], 0000001Dh 0x0000001f inc ebx 0x00000020 push ebx 0x00000021 ret 0x00000022 pop ebx 0x00000023 ret 0x00000024 mov dword ptr [ebp+122D18D2h], esi 0x0000002a lea eax, dword ptr [ebp+12490BECh] 0x00000030 mov dword ptr [ebp+122D2600h], ecx 0x00000036 push eax 0x00000037 jmp 00007FF9ACE940A0h 0x0000003c mov dword ptr [esp], eax 0x0000003f jg 00007FF9ACE94096h 0x00000045 lea eax, dword ptr [ebp+12490BA8h] 0x0000004b push 00000000h 0x0000004d push ecx 0x0000004e call 00007FF9ACE94098h 0x00000053 pop ecx 0x00000054 mov dword ptr [esp+04h], ecx 0x00000058 add dword ptr [esp+04h], 00000016h 0x00000060 inc ecx 0x00000061 push ecx 0x00000062 ret 0x00000063 pop ecx 0x00000064 ret 0x00000065 nop 0x00000066 push eax 0x00000067 push edx 0x00000068 jc 00007FF9ACE94098h 0x0000006e pushad 0x0000006f popad 0x00000070 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DCB045 second address: DCB04A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DCB04A second address: DAA5CE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push ecx 0x00000009 pushad 0x0000000a pushad 0x0000000b popad 0x0000000c push eax 0x0000000d pop eax 0x0000000e popad 0x0000000f pop ecx 0x00000010 nop 0x00000011 push 00000000h 0x00000013 push esi 0x00000014 call 00007FF9ACE94098h 0x00000019 pop esi 0x0000001a mov dword ptr [esp+04h], esi 0x0000001e add dword ptr [esp+04h], 00000015h 0x00000026 inc esi 0x00000027 push esi 0x00000028 ret 0x00000029 pop esi 0x0000002a ret 0x0000002b xor dword ptr [ebp+12474D84h], edx 0x00000031 call dword ptr [ebp+122D35F4h] 0x00000037 pushad 0x00000038 jmp 00007FF9ACE940A6h 0x0000003d ja 00007FF9ACE94098h 0x00000043 pushad 0x00000044 jmp 00007FF9ACE940A7h 0x00000049 pushad 0x0000004a popad 0x0000004b push edx 0x0000004c pop edx 0x0000004d push eax 0x0000004e push edx 0x0000004f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E07922 second address: E07926 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E07926 second address: E07935 instructions: 0x00000000 rdtsc 0x00000002 ja 00007FF9ACE94096h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E07935 second address: E0793F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jng 00007FF9ACEA2286h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E0803B second address: E08040 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E082BE second address: E082C2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E082C2 second address: E082DD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007FF9ACE940A2h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E0B519 second address: E0B531 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF9ACEA2293h 0x00000009 pop esi 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E0B531 second address: E0B53E instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pushad 0x00000004 popad 0x00000005 pop ebx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E0B53E second address: E0B543 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E0E50D second address: E0E511 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E0E511 second address: E0E517 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E0DD46 second address: E0DD5C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF9ACE9409Bh 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d popad 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E0DD5C second address: E0DD60 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E0DD60 second address: E0DD6A instructions: 0x00000000 rdtsc 0x00000002 jp 00007FF9ACE94096h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E0DD6A second address: E0DD70 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E0DD70 second address: E0DD7D instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FF9ACE94098h 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E0DD7D second address: E0DD85 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E0DEC0 second address: E0DEC6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E0E071 second address: E0E077 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E0E1B2 second address: E0E1D3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jns 00007FF9ACE94096h 0x0000000a jmp 00007FF9ACE940A2h 0x0000000f popad 0x00000010 push eax 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E0E1D3 second address: E0E1D9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E0E1D9 second address: E0E1DF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E0E1DF second address: E0E1E5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E0E1E5 second address: E0E203 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FF9ACE940A9h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E0E203 second address: E0E216 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jng 00007FF9ACEA2286h 0x0000000a pushad 0x0000000b popad 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 popad 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E0E216 second address: E0E21A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E1073C second address: E10751 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 pushad 0x00000006 jmp 00007FF9ACEA228Bh 0x0000000b push ebx 0x0000000c pop ebx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E10751 second address: E10764 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 push ecx 0x00000009 jbe 00007FF9ACE94096h 0x0000000f pop ecx 0x00000010 push esi 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E10764 second address: E10777 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF9ACEA228Eh 0x00000009 pop esi 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E13C32 second address: E13C36 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E13D7F second address: E13D83 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E13D83 second address: E13DA5 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007FF9ACE94096h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jnl 00007FF9ACE9409Ch 0x00000010 push eax 0x00000011 push edx 0x00000012 push edi 0x00000013 jp 00007FF9ACE94096h 0x00000019 pushad 0x0000001a popad 0x0000001b pop edi 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E13DA5 second address: E13DC5 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 jmp 00007FF9ACEA2296h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E13DC5 second address: E13DC9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E14030 second address: E1403A instructions: 0x00000000 rdtsc 0x00000002 jg 00007FF9ACEA2286h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E1403A second address: E14044 instructions: 0x00000000 rdtsc 0x00000002 jng 00007FF9ACE9409Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E14044 second address: E1407A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 pushad 0x00000008 push ecx 0x00000009 pop ecx 0x0000000a pushad 0x0000000b popad 0x0000000c pushad 0x0000000d popad 0x0000000e popad 0x0000000f jnl 00007FF9ACEA22A4h 0x00000015 pushad 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E1407A second address: E14080 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E14080 second address: E14086 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E14086 second address: E1408C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E18167 second address: E18191 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FF9ACEA228Fh 0x0000000b jns 00007FF9ACEA228Ch 0x00000011 popad 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 pushad 0x00000017 popad 0x00000018 push ecx 0x00000019 pop ecx 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E18191 second address: E181AF instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 jmp 00007FF9ACE940A8h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E181AF second address: E181BB instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 pushad 0x00000006 popad 0x00000007 popad 0x00000008 push eax 0x00000009 push edx 0x0000000a push edi 0x0000000b pop edi 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E18610 second address: E1861F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jnp 00007FF9ACE94096h 0x0000000d pushad 0x0000000e popad 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E18784 second address: E18788 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E18788 second address: E187D5 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 pushad 0x00000008 popad 0x00000009 jmp 00007FF9ACE940A2h 0x0000000e push esi 0x0000000f pop esi 0x00000010 jne 00007FF9ACE94096h 0x00000016 popad 0x00000017 jl 00007FF9ACE9409Eh 0x0000001d pushad 0x0000001e popad 0x0000001f jno 00007FF9ACE94096h 0x00000025 popad 0x00000026 push eax 0x00000027 jmp 00007FF9ACE940A6h 0x0000002c pushad 0x0000002d push eax 0x0000002e push edx 0x0000002f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E1CD4F second address: E1CD53 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E1CD53 second address: E1CD59 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E1CD59 second address: E1CD60 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edx 0x00000004 pop edx 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E1CD60 second address: E1CD71 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 je 00007FF9ACE94096h 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f push edx 0x00000010 pop edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E1CD71 second address: E1CD75 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E1D042 second address: E1D063 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACE9409Eh 0x00000007 jng 00007FF9ACE94096h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push ebx 0x00000010 js 00007FF9ACE94096h 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DCA9A0 second address: DCA9A5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DCA9A5 second address: DCAA33 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b jmp 00007FF9ACE940A9h 0x00000010 pop eax 0x00000011 nop 0x00000012 push 00000000h 0x00000014 push ecx 0x00000015 call 00007FF9ACE94098h 0x0000001a pop ecx 0x0000001b mov dword ptr [esp+04h], ecx 0x0000001f add dword ptr [esp+04h], 00000019h 0x00000027 inc ecx 0x00000028 push ecx 0x00000029 ret 0x0000002a pop ecx 0x0000002b ret 0x0000002c jmp 00007FF9ACE940A6h 0x00000031 mov ebx, dword ptr [ebp+12490BE7h] 0x00000037 jmp 00007FF9ACE940A3h 0x0000003c add eax, ebx 0x0000003e jmp 00007FF9ACE9409Ah 0x00000043 nop 0x00000044 push eax 0x00000045 push edx 0x00000046 pushad 0x00000047 jc 00007FF9ACE94096h 0x0000004d push eax 0x0000004e push edx 0x0000004f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DCAA33 second address: DCAA38 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DCAA38 second address: DCAA3E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DCAA3E second address: DCAA42 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E1D6C6 second address: E1D6E4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 jmp 00007FF9ACE9409Fh 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pop eax 0x0000000c push eax 0x0000000d pushad 0x0000000e push ebx 0x0000000f pop ebx 0x00000010 pushad 0x00000011 popad 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E273FC second address: E27400 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E27400 second address: E27425 instructions: 0x00000000 rdtsc 0x00000002 jp 00007FF9ACE94096h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FF9ACE940A9h 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E27708 second address: E2770C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E27A00 second address: E27A13 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF9ACE9409Bh 0x00000009 popad 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E27A13 second address: E27A1F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnl 00007FF9ACEA2286h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E27A1F second address: E27A43 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 jmp 00007FF9ACE940A9h 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E27A43 second address: E27A50 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 jo 00007FF9ACEA2286h 0x0000000c popad 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E27A50 second address: E27A56 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E27A56 second address: E27A5A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E285F6 second address: E28611 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACE940A7h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E28611 second address: E28621 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 jne 00007FF9ACEA2286h 0x0000000d push ecx 0x0000000e pop ecx 0x0000000f pop eax 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E28621 second address: E2863D instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 jmp 00007FF9ACE940A7h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E2863D second address: E2867A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a jg 00007FF9ACEA2286h 0x00000010 jmp 00007FF9ACEA2293h 0x00000015 push ecx 0x00000016 pop ecx 0x00000017 popad 0x00000018 jmp 00007FF9ACEA2297h 0x0000001d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E28945 second address: E28949 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E28949 second address: E2896C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop eax 0x00000007 pushad 0x00000008 pushad 0x00000009 jmp 00007FF9ACEA2298h 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E2896C second address: E28972 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E28972 second address: E2898A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push esi 0x00000006 push ecx 0x00000007 pop ecx 0x00000008 jc 00007FF9ACEA2286h 0x0000000e pop esi 0x0000000f pushad 0x00000010 pushad 0x00000011 popad 0x00000012 push edi 0x00000013 pop edi 0x00000014 pushad 0x00000015 popad 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E2C271 second address: E2C29C instructions: 0x00000000 rdtsc 0x00000002 jng 00007FF9ACE94096h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push ebx 0x0000000d jns 00007FF9ACE94096h 0x00000013 jmp 00007FF9ACE940A7h 0x00000018 pop ebx 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E2C29C second address: E2C2BF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FF9ACEA2299h 0x00000009 ja 00007FF9ACEA2286h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E2C410 second address: E2C414 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E2C414 second address: E2C41A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E2C693 second address: E2C6AC instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 jmp 00007FF9ACE9409Ch 0x0000000c pop eax 0x0000000d pop ebx 0x0000000e push edi 0x0000000f pushad 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E32B18 second address: E32B29 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 popad 0x00000007 jl 00007FF9ACEA228Eh 0x0000000d push esi 0x0000000e pop esi 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E32B29 second address: E32B32 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 pushad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E32B32 second address: E32B38 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E340CE second address: E340DE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACE9409Ch 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E340DE second address: E340FA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACEA228Ch 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007FF9ACEA228Ch 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E340FA second address: E340FE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E3A96A second address: E3A986 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 pop edx 0x00000007 jmp 00007FF9ACEA2292h 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E3A986 second address: E3A98C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E3B0AB second address: E3B0BF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACEA2290h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E3B0BF second address: E3B0CF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jne 00007FF9ACE94096h 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E3B0CF second address: E3B0D3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E3B0D3 second address: E3B0EB instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 jmp 00007FF9ACE940A2h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E3B7CF second address: E3B808 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jmp 00007FF9ACEA2295h 0x0000000b popad 0x0000000c pop ebx 0x0000000d pushad 0x0000000e push eax 0x0000000f push edx 0x00000010 jmp 00007FF9ACEA2297h 0x00000015 pushad 0x00000016 popad 0x00000017 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E3B808 second address: E3B819 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 push edx 0x0000000a pop edx 0x0000000b push ebx 0x0000000c pop ebx 0x0000000d push eax 0x0000000e pop eax 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E3B819 second address: E3B82F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jns 00007FF9ACEA2288h 0x0000000b push edi 0x0000000c jne 00007FF9ACEA2286h 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E42B34 second address: E42B51 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 popad 0x00000007 push edi 0x00000008 jmp 00007FF9ACE940A3h 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E4F992 second address: E4F996 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E4F996 second address: E4F9A8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jg 00007FF9ACE94096h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f popad 0x00000010 push ecx 0x00000011 pop ecx 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E4F3DE second address: E4F3E2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E4F3E2 second address: E4F3F1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jng 00007FF9ACE94096h 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E4F3F1 second address: E4F3F7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E4F3F7 second address: E4F41E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF9ACE9409Fh 0x00000009 popad 0x0000000a pushad 0x0000000b jmp 00007FF9ACE9409Eh 0x00000010 pushad 0x00000011 popad 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E4F41E second address: E4F42B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jl 00007FF9ACEA228Ch 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E4F58F second address: E4F594 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E5192C second address: E51947 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jmp 00007FF9ACEA228Fh 0x0000000a popad 0x0000000b push esi 0x0000000c pushad 0x0000000d pushad 0x0000000e popad 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E514E3 second address: E514E9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E514E9 second address: E51501 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACEA2294h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E51501 second address: E5150F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 push edx 0x0000000a push edx 0x0000000b pop edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E5150F second address: E51520 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 push ecx 0x00000006 pushad 0x00000007 popad 0x00000008 pop ecx 0x00000009 push eax 0x0000000a push edx 0x0000000b js 00007FF9ACEA2286h 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D81FC5 second address: D81FCB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: D81FCB second address: D81FD8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jl 00007FF9ACEA2288h 0x0000000b push esi 0x0000000c pop esi 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E600D0 second address: E600D4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E600D4 second address: E600D8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E600D8 second address: E600EF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 jg 00007FF9ACE9409Eh 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E5FF43 second address: E5FF48 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E5FF48 second address: E5FF5A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF9ACE9409Ah 0x00000009 pop edi 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E667F8 second address: E66802 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jg 00007FF9ACEA2286h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E66802 second address: E66822 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACE940A1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007FF9ACE9409Bh 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E66822 second address: E66828 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E66962 second address: E6696E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 pop ecx 0x00000007 push ebx 0x00000008 push edi 0x00000009 pop edi 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E6696E second address: E66976 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E66EFA second address: E66EFF instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E694CE second address: E694D5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E694D5 second address: E694DB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E694DB second address: E694E0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E6D4D3 second address: E6D4DF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 popad 0x00000006 pushad 0x00000007 pushad 0x00000008 push eax 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E6D62D second address: E6D638 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 js 00007FF9ACEA2286h 0x0000000a pop eax 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E6D638 second address: E6D64F instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FF9ACE940A2h 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E76942 second address: E76948 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E76948 second address: E7694C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E8723D second address: E87247 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jne 00007FF9ACEA2286h 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E870B5 second address: E870B9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E870B9 second address: E870C1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E897F6 second address: E89811 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF9ACE940A7h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E89811 second address: E8981E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push esi 0x00000008 pop esi 0x00000009 pushad 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E8981E second address: E89827 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E89827 second address: E8983A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF9ACEA228Fh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E9F8DD second address: E9F8FE instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jmp 00007FF9ACE940A8h 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E9F8FE second address: E9F905 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 popad 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: E9FD06 second address: E9FD0C instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: EA1632 second address: EA1638 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: EA1638 second address: EA1652 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 pushad 0x00000006 popad 0x00000007 popad 0x00000008 push edx 0x00000009 pushad 0x0000000a popad 0x0000000b pushad 0x0000000c popad 0x0000000d pop edx 0x0000000e pop edx 0x0000000f pop eax 0x00000010 jnl 00007FF9ACE940B3h 0x00000016 push eax 0x00000017 push edx 0x00000018 pushad 0x00000019 popad 0x0000001a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: EA70C7 second address: EA70FF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 pop eax 0x00000006 mov dword ptr [esp], eax 0x00000009 push 00000000h 0x0000000b push ebx 0x0000000c call 00007FF9ACEA2288h 0x00000011 pop ebx 0x00000012 mov dword ptr [esp+04h], ebx 0x00000016 add dword ptr [esp+04h], 00000014h 0x0000001e inc ebx 0x0000001f push ebx 0x00000020 ret 0x00000021 pop ebx 0x00000022 ret 0x00000023 push 00000004h 0x00000025 or dword ptr [ebp+122D2D35h], edi 0x0000002b push 7F1E595Eh 0x00000030 push eax 0x00000031 push edx 0x00000032 push eax 0x00000033 push edx 0x00000034 pushad 0x00000035 popad 0x00000036 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: EA70FF second address: EA7105 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: EA7105 second address: EA710A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: DC37ED second address: DC37F1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53403E9 second address: 53403EF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53403EF second address: 53403F5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53403F5 second address: 5340497 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ebp 0x00000009 jmp 00007FF9ACEA2294h 0x0000000e push eax 0x0000000f jmp 00007FF9ACEA228Bh 0x00000014 xchg eax, ebp 0x00000015 pushad 0x00000016 movzx ecx, bx 0x00000019 push ebx 0x0000001a pushfd 0x0000001b jmp 00007FF9ACEA228Ch 0x00000020 xor cx, 6B78h 0x00000025 jmp 00007FF9ACEA228Bh 0x0000002a popfd 0x0000002b pop ecx 0x0000002c popad 0x0000002d mov ebp, esp 0x0000002f pushad 0x00000030 mov si, bx 0x00000033 call 00007FF9ACEA2291h 0x00000038 pushfd 0x00000039 jmp 00007FF9ACEA2290h 0x0000003e add ecx, 2C8F9508h 0x00000044 jmp 00007FF9ACEA228Bh 0x00000049 popfd 0x0000004a pop esi 0x0000004b popad 0x0000004c mov edx, dword ptr [ebp+0Ch] 0x0000004f push eax 0x00000050 push edx 0x00000051 jmp 00007FF9ACEA2292h 0x00000056 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53606B1 second address: 536071B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov dl, 1Eh 0x00000005 call 00007FF9ACE940A0h 0x0000000a pop ecx 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push ebx 0x0000000f jmp 00007FF9ACE9409Eh 0x00000014 mov dword ptr [esp], ebp 0x00000017 pushad 0x00000018 push esi 0x00000019 call 00007FF9ACE9409Dh 0x0000001e pop eax 0x0000001f pop ebx 0x00000020 popad 0x00000021 mov ebp, esp 0x00000023 jmp 00007FF9ACE940A3h 0x00000028 xchg eax, ecx 0x00000029 push eax 0x0000002a push edx 0x0000002b jmp 00007FF9ACE940A5h 0x00000030 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 536071B second address: 536073F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACEA2291h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FF9ACEA228Ch 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 536073F second address: 5360745 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5360745 second address: 53607A0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACEA228Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ecx 0x0000000c pushad 0x0000000d pushfd 0x0000000e jmp 00007FF9ACEA228Ch 0x00000013 adc esi, 627A9DC8h 0x00000019 jmp 00007FF9ACEA228Bh 0x0000001e popfd 0x0000001f mov ebx, esi 0x00000021 popad 0x00000022 xchg eax, esi 0x00000023 jmp 00007FF9ACEA2292h 0x00000028 push eax 0x00000029 push eax 0x0000002a push edx 0x0000002b jmp 00007FF9ACEA228Eh 0x00000030 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53607A0 second address: 53607C4 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACE9409Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, esi 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FF9ACE940A0h 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53607C4 second address: 53607CA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53607CA second address: 53607D0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53607D0 second address: 53607D4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53607D4 second address: 53607E5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 lea eax, dword ptr [ebp-04h] 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e mov bx, si 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53607E5 second address: 5360821 instructions: 0x00000000 rdtsc 0x00000002 mov dx, si 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push ecx 0x00000008 call 00007FF9ACEA228Fh 0x0000000d pop esi 0x0000000e pop ebx 0x0000000f popad 0x00000010 nop 0x00000011 pushad 0x00000012 push esi 0x00000013 push ebx 0x00000014 pop esi 0x00000015 pop edi 0x00000016 jmp 00007FF9ACEA228Ah 0x0000001b popad 0x0000001c push eax 0x0000001d push eax 0x0000001e push edx 0x0000001f jmp 00007FF9ACEA228Eh 0x00000024 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5360821 second address: 536084D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FF9ACE940A1h 0x00000009 add cl, 00000016h 0x0000000c jmp 00007FF9ACE940A1h 0x00000011 popfd 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 536084D second address: 536085A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 nop 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 536085A second address: 536085E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53608B7 second address: 53608EE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FF9ACEA228Fh 0x00000009 jmp 00007FF9ACEA2293h 0x0000000e popfd 0x0000000f popad 0x00000010 pop edx 0x00000011 pop eax 0x00000012 cmp dword ptr [ebp-04h], 00000000h 0x00000016 pushad 0x00000017 mov si, 1107h 0x0000001b push eax 0x0000001c push edx 0x0000001d push esi 0x0000001e pop edx 0x0000001f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53608EE second address: 536095D instructions: 0x00000000 rdtsc 0x00000002 call 00007FF9ACE940A6h 0x00000007 pop ecx 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b mov esi, eax 0x0000000d jmp 00007FF9ACE940A1h 0x00000012 je 00007FF9ACE94117h 0x00000018 push eax 0x00000019 push edx 0x0000001a pushad 0x0000001b pushfd 0x0000001c jmp 00007FF9ACE940A3h 0x00000021 adc eax, 47FEF7DEh 0x00000027 jmp 00007FF9ACE940A9h 0x0000002c popfd 0x0000002d push esi 0x0000002e pop edx 0x0000002f popad 0x00000030 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53609BA second address: 53609C9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACEA228Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53609C9 second address: 5360041 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FF9ACE9409Fh 0x00000008 mov dh, ch 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d pop esi 0x0000000e pushad 0x0000000f mov eax, edx 0x00000011 mov edx, 03E2E510h 0x00000016 popad 0x00000017 leave 0x00000018 pushad 0x00000019 movsx ebx, si 0x0000001c push esi 0x0000001d push edi 0x0000001e pop ecx 0x0000001f pop ebx 0x00000020 popad 0x00000021 retn 0004h 0x00000024 nop 0x00000025 sub esp, 04h 0x00000028 xor ebx, ebx 0x0000002a cmp eax, 00000000h 0x0000002d je 00007FF9ACE941E5h 0x00000033 xor eax, eax 0x00000035 mov dword ptr [esp], 00000000h 0x0000003c mov dword ptr [esp+04h], 00000000h 0x00000044 call 00007FF9B160FBEBh 0x00000049 mov edi, edi 0x0000004b jmp 00007FF9ACE940A7h 0x00000050 xchg eax, ebp 0x00000051 jmp 00007FF9ACE940A6h 0x00000056 push eax 0x00000057 push eax 0x00000058 push edx 0x00000059 jmp 00007FF9ACE9409Eh 0x0000005e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5360041 second address: 53600AC instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACEA228Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a pushad 0x0000000b mov al, A6h 0x0000000d pushad 0x0000000e mov di, C322h 0x00000012 pushfd 0x00000013 jmp 00007FF9ACEA2293h 0x00000018 add si, 101Eh 0x0000001d jmp 00007FF9ACEA2299h 0x00000022 popfd 0x00000023 popad 0x00000024 popad 0x00000025 mov ebp, esp 0x00000027 push eax 0x00000028 push edx 0x00000029 push eax 0x0000002a push edx 0x0000002b jmp 00007FF9ACEA2298h 0x00000030 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53600AC second address: 53600B0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53600B0 second address: 53600B6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53600B6 second address: 53600C7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FF9ACE9409Dh 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53600C7 second address: 5360188 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push FFFFFFFEh 0x0000000a jmp 00007FF9ACEA228Dh 0x0000000f push 37E2AB87h 0x00000014 jmp 00007FF9ACEA2297h 0x00000019 add dword ptr [esp], 3DC7F2C1h 0x00000020 jmp 00007FF9ACEA2296h 0x00000025 push 2FEC0DD5h 0x0000002a pushad 0x0000002b mov esi, edx 0x0000002d mov ax, dx 0x00000030 popad 0x00000031 add dword ptr [esp], 45B91D9Bh 0x00000038 pushad 0x00000039 pushfd 0x0000003a jmp 00007FF9ACEA228Bh 0x0000003f adc esi, 74546AFEh 0x00000045 jmp 00007FF9ACEA2299h 0x0000004a popfd 0x0000004b call 00007FF9ACEA2290h 0x00000050 call 00007FF9ACEA2292h 0x00000055 pop ecx 0x00000056 pop edi 0x00000057 popad 0x00000058 mov eax, dword ptr fs:[00000000h] 0x0000005e push eax 0x0000005f push edx 0x00000060 push eax 0x00000061 push edx 0x00000062 pushad 0x00000063 popad 0x00000064 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5360188 second address: 536019B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACE9409Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 536019B second address: 53601A1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53601A1 second address: 53601A5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53601A5 second address: 53601D4 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACEA228Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b nop 0x0000000c jmp 00007FF9ACEA2296h 0x00000011 push eax 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53601D4 second address: 53601D8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53601D8 second address: 53601F4 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACEA2298h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53601F4 second address: 53601FA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53601FA second address: 536021B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 nop 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c call 00007FF9ACEA2292h 0x00000011 pop esi 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 536021B second address: 5360220 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5360220 second address: 53602CD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACEA228Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 sub esp, 18h 0x0000000c pushad 0x0000000d pushfd 0x0000000e jmp 00007FF9ACEA228Eh 0x00000013 and esi, 73C75D08h 0x00000019 jmp 00007FF9ACEA228Bh 0x0000001e popfd 0x0000001f pushfd 0x00000020 jmp 00007FF9ACEA2298h 0x00000025 add ah, 00000068h 0x00000028 jmp 00007FF9ACEA228Bh 0x0000002d popfd 0x0000002e popad 0x0000002f xchg eax, ebx 0x00000030 pushad 0x00000031 pushfd 0x00000032 jmp 00007FF9ACEA2294h 0x00000037 jmp 00007FF9ACEA2295h 0x0000003c popfd 0x0000003d movzx esi, bx 0x00000040 popad 0x00000041 push eax 0x00000042 push eax 0x00000043 push edx 0x00000044 jmp 00007FF9ACEA2299h 0x00000049 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53602CD second address: 53602D3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53602D3 second address: 5360312 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACEA2293h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebx 0x0000000c jmp 00007FF9ACEA2296h 0x00000011 xchg eax, esi 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 jmp 00007FF9ACEA228Ah 0x0000001b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5360312 second address: 5360318 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5360318 second address: 536034D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FF9ACEA228Ch 0x00000009 jmp 00007FF9ACEA2295h 0x0000000e popfd 0x0000000f mov cx, 1AB7h 0x00000013 popad 0x00000014 pop edx 0x00000015 pop eax 0x00000016 push eax 0x00000017 pushad 0x00000018 mov ecx, ebx 0x0000001a push eax 0x0000001b push edx 0x0000001c push ebx 0x0000001d pop esi 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 536034D second address: 536036D instructions: 0x00000000 rdtsc 0x00000002 mov ecx, edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 xchg eax, esi 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007FF9ACE940A6h 0x0000000f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 536036D second address: 53603B0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 movsx ebx, cx 0x00000006 pushad 0x00000007 popad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, edi 0x0000000c jmp 00007FF9ACEA2296h 0x00000011 push eax 0x00000012 jmp 00007FF9ACEA228Bh 0x00000017 xchg eax, edi 0x00000018 push eax 0x00000019 push edx 0x0000001a push eax 0x0000001b push edx 0x0000001c jmp 00007FF9ACEA2290h 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53603B0 second address: 53603BF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACE9409Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53603BF second address: 536044E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ebx 0x00000004 pop eax 0x00000005 pushfd 0x00000006 jmp 00007FF9ACEA228Bh 0x0000000b and ecx, 3058D30Eh 0x00000011 jmp 00007FF9ACEA2299h 0x00000016 popfd 0x00000017 popad 0x00000018 pop edx 0x00000019 pop eax 0x0000001a mov eax, dword ptr [75AB4538h] 0x0000001f pushad 0x00000020 mov cl, 3Eh 0x00000022 pushfd 0x00000023 jmp 00007FF9ACEA2299h 0x00000028 add ax, 65F6h 0x0000002d jmp 00007FF9ACEA2291h 0x00000032 popfd 0x00000033 popad 0x00000034 xor dword ptr [ebp-08h], eax 0x00000037 jmp 00007FF9ACEA228Eh 0x0000003c xor eax, ebp 0x0000003e push eax 0x0000003f push edx 0x00000040 jmp 00007FF9ACEA228Ch 0x00000045 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 536044E second address: 5360454 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5360454 second address: 5360458 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5360458 second address: 5360478 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push ecx 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007FF9ACE940A5h 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5360478 second address: 536047F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 536047F second address: 53604D5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 mov dword ptr [esp], eax 0x0000000a jmp 00007FF9ACE940A9h 0x0000000f lea eax, dword ptr [ebp-10h] 0x00000012 pushad 0x00000013 pushfd 0x00000014 jmp 00007FF9ACE9409Ch 0x00000019 sub ch, 00000038h 0x0000001c jmp 00007FF9ACE9409Bh 0x00000021 popfd 0x00000022 mov ax, 6C6Fh 0x00000026 popad 0x00000027 mov dword ptr fs:[00000000h], eax 0x0000002d push eax 0x0000002e push edx 0x0000002f pushad 0x00000030 mov cx, bx 0x00000033 push eax 0x00000034 push edx 0x00000035 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53604D5 second address: 53604DA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53604DA second address: 53604E0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53604E0 second address: 53604E4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53604E4 second address: 53604E8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53604E8 second address: 5360510 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov dword ptr [ebp-18h], esp 0x0000000b pushad 0x0000000c mov dl, cl 0x0000000e mov ebx, 56FA09BAh 0x00000013 popad 0x00000014 mov eax, dword ptr fs:[00000018h] 0x0000001a push eax 0x0000001b push edx 0x0000001c jmp 00007FF9ACEA228Ch 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5360510 second address: 536053C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACE9409Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ecx, dword ptr [eax+00000FDCh] 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007FF9ACE940A5h 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 536053C second address: 53605EA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov esi, edx 0x00000005 pushfd 0x00000006 jmp 00007FF9ACEA2293h 0x0000000b and eax, 64AEBC1Eh 0x00000011 jmp 00007FF9ACEA2299h 0x00000016 popfd 0x00000017 popad 0x00000018 pop edx 0x00000019 pop eax 0x0000001a test ecx, ecx 0x0000001c pushad 0x0000001d pushfd 0x0000001e jmp 00007FF9ACEA228Ch 0x00000023 and al, 00000018h 0x00000026 jmp 00007FF9ACEA228Bh 0x0000002b popfd 0x0000002c mov dh, cl 0x0000002e popad 0x0000002f jns 00007FF9ACEA22A4h 0x00000035 pushad 0x00000036 mov al, bh 0x00000038 movzx esi, bx 0x0000003b popad 0x0000003c add eax, ecx 0x0000003e jmp 00007FF9ACEA2295h 0x00000043 mov ecx, dword ptr [ebp+08h] 0x00000046 jmp 00007FF9ACEA228Eh 0x0000004b test ecx, ecx 0x0000004d push eax 0x0000004e push edx 0x0000004f jmp 00007FF9ACEA2297h 0x00000054 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53605EA second address: 5360602 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FF9ACE940A4h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 535024B second address: 5350250 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5350250 second address: 535028E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push esp 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b pushfd 0x0000000c jmp 00007FF9ACE940A9h 0x00000011 adc ax, 7FC6h 0x00000016 jmp 00007FF9ACE940A1h 0x0000001b popfd 0x0000001c push eax 0x0000001d push edx 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 535028E second address: 5350293 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5350293 second address: 53502B7 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACE940A7h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], ebx 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f mov ecx, edi 0x00000011 popad 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53502B7 second address: 5350305 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 movsx edx, cx 0x00000006 pushfd 0x00000007 jmp 00007FF9ACEA2292h 0x0000000c xor esi, 7FE1C5F8h 0x00000012 jmp 00007FF9ACEA228Bh 0x00000017 popfd 0x00000018 popad 0x00000019 pop edx 0x0000001a pop eax 0x0000001b xchg eax, edi 0x0000001c pushad 0x0000001d push edi 0x0000001e mov si, 497Dh 0x00000022 pop esi 0x00000023 popad 0x00000024 push eax 0x00000025 push eax 0x00000026 push edx 0x00000027 push eax 0x00000028 push edx 0x00000029 jmp 00007FF9ACEA2292h 0x0000002e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5350305 second address: 5350314 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACE9409Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5350362 second address: 5350368 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5350368 second address: 535036C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 535036C second address: 535038C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 sub ebx, ebx 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FF9ACEA2294h 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 535038C second address: 53503A3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACE9409Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 sub edi, edi 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53503A3 second address: 53503A7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53503A7 second address: 53503AD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53503AD second address: 53503FC instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACEA2293h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 inc ebx 0x0000000a jmp 00007FF9ACEA2296h 0x0000000f test al, al 0x00000011 pushad 0x00000012 mov al, 71h 0x00000014 mov dh, 36h 0x00000016 popad 0x00000017 je 00007FF9ACEA2441h 0x0000001d push eax 0x0000001e push edx 0x0000001f jmp 00007FF9ACEA2291h 0x00000024 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53503FC second address: 5350418 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACE940A1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 lea ecx, dword ptr [ebp-14h] 0x0000000c pushad 0x0000000d pushad 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5350418 second address: 5350461 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 mov bx, cx 0x00000007 popad 0x00000008 pushfd 0x00000009 jmp 00007FF9ACEA2294h 0x0000000e xor cx, 2288h 0x00000013 jmp 00007FF9ACEA228Bh 0x00000018 popfd 0x00000019 popad 0x0000001a mov dword ptr [ebp-14h], edi 0x0000001d push eax 0x0000001e push edx 0x0000001f jmp 00007FF9ACEA2295h 0x00000024 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53504EB second address: 53504EF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53504EF second address: 53504F5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53504F5 second address: 53504FB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53504FB second address: 535058C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACEA2298h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b test eax, eax 0x0000000d jmp 00007FF9ACEA2290h 0x00000012 jg 00007FFA1D5B01E7h 0x00000018 jmp 00007FF9ACEA2290h 0x0000001d js 00007FF9ACEA22E3h 0x00000023 pushad 0x00000024 movzx esi, bx 0x00000027 movsx ebx, cx 0x0000002a popad 0x0000002b cmp dword ptr [ebp-14h], edi 0x0000002e pushad 0x0000002f pushfd 0x00000030 jmp 00007FF9ACEA2290h 0x00000035 adc ah, 00000058h 0x00000038 jmp 00007FF9ACEA228Bh 0x0000003d popfd 0x0000003e mov ebx, eax 0x00000040 popad 0x00000041 jne 00007FFA1D5B01ABh 0x00000047 push eax 0x00000048 push edx 0x00000049 push eax 0x0000004a push edx 0x0000004b jmp 00007FF9ACEA228Ch 0x00000050 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 535058C second address: 5350592 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5350592 second address: 53505C0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACEA228Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ebx, dword ptr [ebp+08h] 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FF9ACEA2297h 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53505C0 second address: 53505E6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACE940A9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 lea eax, dword ptr [ebp-2Ch] 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 popad 0x00000012 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53505E6 second address: 53505EC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53505EC second address: 5350662 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACE940A2h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, esi 0x0000000a jmp 00007FF9ACE940A0h 0x0000000f push eax 0x00000010 pushad 0x00000011 jmp 00007FF9ACE940A1h 0x00000016 jmp 00007FF9ACE940A0h 0x0000001b popad 0x0000001c xchg eax, esi 0x0000001d jmp 00007FF9ACE940A0h 0x00000022 nop 0x00000023 push eax 0x00000024 push edx 0x00000025 jmp 00007FF9ACE940A7h 0x0000002a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5350757 second address: 535075D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 535075D second address: 535079C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACE940A3h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b test esi, esi 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 pushfd 0x00000011 jmp 00007FF9ACE9409Eh 0x00000016 xor si, 66C8h 0x0000001b jmp 00007FF9ACE9409Bh 0x00000020 popfd 0x00000021 popad 0x00000022 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 535079C second address: 535002C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FF9ACEA228Fh 0x00000008 jmp 00007FF9ACEA2298h 0x0000000d popad 0x0000000e pop edx 0x0000000f pop eax 0x00000010 je 00007FFA1D5B0112h 0x00000016 xor eax, eax 0x00000018 jmp 00007FF9ACE7B9BAh 0x0000001d pop esi 0x0000001e pop edi 0x0000001f pop ebx 0x00000020 leave 0x00000021 retn 0004h 0x00000024 nop 0x00000025 sub esp, 04h 0x00000028 mov esi, eax 0x0000002a cmp esi, 00000000h 0x0000002d setne al 0x00000030 xor ebx, ebx 0x00000032 test al, 01h 0x00000034 jne 00007FF9ACEA2287h 0x00000036 jmp 00007FF9ACEA238Fh 0x0000003b call 00007FF9B160DCA5h 0x00000040 mov edi, edi 0x00000042 jmp 00007FF9ACEA2293h 0x00000047 xchg eax, ebp 0x00000048 pushad 0x00000049 push eax 0x0000004a push edx 0x0000004b call 00007FF9ACEA2292h 0x00000050 pop esi 0x00000051 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 535002C second address: 535008F instructions: 0x00000000 rdtsc 0x00000002 pushfd 0x00000003 jmp 00007FF9ACE9409Bh 0x00000008 and si, 784Eh 0x0000000d jmp 00007FF9ACE940A9h 0x00000012 popfd 0x00000013 pop edx 0x00000014 pop eax 0x00000015 pushfd 0x00000016 jmp 00007FF9ACE940A0h 0x0000001b xor ecx, 586374C8h 0x00000021 jmp 00007FF9ACE9409Bh 0x00000026 popfd 0x00000027 popad 0x00000028 push eax 0x00000029 push eax 0x0000002a push edx 0x0000002b push eax 0x0000002c push edx 0x0000002d jmp 00007FF9ACE9409Bh 0x00000032 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 535008F second address: 5350093 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5350093 second address: 5350099 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5350099 second address: 53500EE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACEA2294h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a jmp 00007FF9ACEA2290h 0x0000000f mov ebp, esp 0x00000011 jmp 00007FF9ACEA2290h 0x00000016 xchg eax, ecx 0x00000017 push eax 0x00000018 push edx 0x00000019 jmp 00007FF9ACEA2297h 0x0000001e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5350D0B second address: 5350D6C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACE940A0h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 je 00007FFA1D591D76h 0x0000000f pushad 0x00000010 push esi 0x00000011 push edi 0x00000012 pop eax 0x00000013 pop ebx 0x00000014 pushfd 0x00000015 jmp 00007FF9ACE940A6h 0x0000001a sbb eax, 173BCC38h 0x00000020 jmp 00007FF9ACE9409Bh 0x00000025 popfd 0x00000026 popad 0x00000027 pop ebp 0x00000028 push eax 0x00000029 push edx 0x0000002a jmp 00007FF9ACE940A5h 0x0000002f rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5350D6C second address: 5350D72 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5350D72 second address: 5350D76 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5350DDD second address: 5350E72 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FF9ACEA228Fh 0x00000009 adc cx, 3A1Eh 0x0000000e jmp 00007FF9ACEA2299h 0x00000013 popfd 0x00000014 pushfd 0x00000015 jmp 00007FF9ACEA2290h 0x0000001a sub si, 9018h 0x0000001f jmp 00007FF9ACEA228Bh 0x00000024 popfd 0x00000025 popad 0x00000026 pop edx 0x00000027 pop eax 0x00000028 push 1551FA81h 0x0000002d pushad 0x0000002e mov dl, 2Fh 0x00000030 call 00007FF9ACEA228Eh 0x00000035 jmp 00007FF9ACEA2292h 0x0000003a pop ecx 0x0000003b popad 0x0000003c xor dword ptr [esp], 60FB66A9h 0x00000043 push eax 0x00000044 push edx 0x00000045 pushad 0x00000046 mov ecx, 3B5FCAF9h 0x0000004b mov ax, 1DB5h 0x0000004f popad 0x00000050 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5350E72 second address: 5350E78 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5350E78 second address: 5350E7C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5350E7C second address: 5350EA7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 call 00007FFA1D598D84h 0x0000000d push 75A52B70h 0x00000012 push dword ptr fs:[00000000h] 0x00000019 mov eax, dword ptr [esp+10h] 0x0000001d mov dword ptr [esp+10h], ebp 0x00000021 lea ebp, dword ptr [esp+10h] 0x00000025 sub esp, eax 0x00000027 push ebx 0x00000028 push esi 0x00000029 push edi 0x0000002a mov eax, dword ptr [75AB4538h] 0x0000002f xor dword ptr [ebp-04h], eax 0x00000032 xor eax, ebp 0x00000034 push eax 0x00000035 mov dword ptr [ebp-18h], esp 0x00000038 push dword ptr [ebp-08h] 0x0000003b mov eax, dword ptr [ebp-04h] 0x0000003e mov dword ptr [ebp-04h], FFFFFFFEh 0x00000045 mov dword ptr [ebp-08h], eax 0x00000048 lea eax, dword ptr [ebp-10h] 0x0000004b mov dword ptr fs:[00000000h], eax 0x00000051 ret 0x00000052 push eax 0x00000053 push edx 0x00000054 pushad 0x00000055 movzx esi, bx 0x00000058 jmp 00007FF9ACE940A7h 0x0000005d popad 0x0000005e rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5350EA7 second address: 5350EAD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5350F6B second address: 5350FD0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushfd 0x00000007 jmp 00007FF9ACE940A1h 0x0000000c and eax, 1B8DCCB6h 0x00000012 jmp 00007FF9ACE940A1h 0x00000017 popfd 0x00000018 popad 0x00000019 je 00007FFA1D587A7Fh 0x0000001f jmp 00007FF9ACE9409Eh 0x00000024 cmp dword ptr [ebp+08h], 00002000h 0x0000002b push eax 0x0000002c push edx 0x0000002d jmp 00007FF9ACE940A7h 0x00000032 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5350FD0 second address: 5350FE8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FF9ACEA2294h 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5350FE8 second address: 5350FEC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 53609FF second address: 5360A10 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACEA228Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5360A10 second address: 5360A16 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5360A16 second address: 5360A3A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF9ACEA2293h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebp 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f push edx 0x00000010 pop ecx 0x00000011 mov bx, 6032h 0x00000015 popad 0x00000016 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5360A3A second address: 5360A6D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov ebx, eax 0x00000005 pushfd 0x00000006 jmp 00007FF9ACE940A2h 0x0000000b add ch, 00000048h 0x0000000e jmp 00007FF9ACE9409Bh 0x00000013 popfd 0x00000014 popad 0x00000015 pop edx 0x00000016 pop eax 0x00000017 push eax 0x00000018 push eax 0x00000019 push edx 0x0000001a pushad 0x0000001b push eax 0x0000001c pop edi 0x0000001d mov edi, ecx 0x0000001f popad 0x00000020 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5360A6D second address: 5360A73 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5360A73 second address: 5360A77 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5360A77 second address: 5360A9D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ebp 0x00000009 pushad 0x0000000a jmp 00007FF9ACEA2297h 0x0000000f push eax 0x00000010 push edx 0x00000011 mov dx, cx 0x00000014 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5360A9D second address: 5360AFE instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov ebp, esp 0x00000009 jmp 00007FF9ACE9409Ch 0x0000000e xchg eax, esi 0x0000000f push eax 0x00000010 push edx 0x00000011 pushad 0x00000012 pushfd 0x00000013 jmp 00007FF9ACE9409Dh 0x00000018 and si, 3526h 0x0000001d jmp 00007FF9ACE940A1h 0x00000022 popfd 0x00000023 pushfd 0x00000024 jmp 00007FF9ACE940A0h 0x00000029 sub ax, 96C8h 0x0000002e jmp 00007FF9ACE9409Bh 0x00000033 popfd 0x00000034 popad 0x00000035 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5360AFE second address: 5360B24 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edx 0x00000004 pop ecx 0x00000005 movsx ebx, cx 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FF9ACEA2298h 0x00000013 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5360B24 second address: 5360B71 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FF9ACE940A1h 0x00000009 or cx, E146h 0x0000000e jmp 00007FF9ACE940A1h 0x00000013 popfd 0x00000014 mov ebx, ecx 0x00000016 popad 0x00000017 pop edx 0x00000018 pop eax 0x00000019 xchg eax, esi 0x0000001a push eax 0x0000001b push edx 0x0000001c jmp 00007FF9ACE940A9h 0x00000021 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5360B71 second address: 5360B76 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5360B76 second address: 5360B7C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5360B7C second address: 5360BE8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 mov esi, dword ptr [ebp+0Ch] 0x0000000a jmp 00007FF9ACEA2299h 0x0000000f test esi, esi 0x00000011 push eax 0x00000012 push edx 0x00000013 pushad 0x00000014 pushfd 0x00000015 jmp 00007FF9ACEA2293h 0x0000001a adc cx, 933Eh 0x0000001f jmp 00007FF9ACEA2299h 0x00000024 popfd 0x00000025 jmp 00007FF9ACEA2290h 0x0000002a popad 0x0000002b rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5360BE8 second address: 5360BEE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5360BEE second address: 5360BF2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5360CDA second address: 5360CE4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 push eax 0x00000006 push edx 0x00000007 mov dx, ax 0x0000000a rdtsc |
Source: C:\Users\user\Desktop\file.exe |
RDTSC instruction interceptor: First address: 5360CE4 second address: 5360CFC instructions: 0x00000000 rdtsc 0x00000002 mov ecx, 1EFB2D45h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a xchg eax, esi 0x0000000b pushad 0x0000000c call 00007FF9ACEA228Ah 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc |