2020-07-23 11:08:01 +00:00
|
|
|
0000000000000000 6660 PUSHA
|
|
|
|
DSIZE: 16, ASIZE: 32, VLEN: -
|
|
|
|
ISA Set: I386, Ins cat: PUSH, CET tracked: no
|
|
|
|
Valid modes
|
|
|
|
R0: yes, R1: yes, R2: yes, R3: yes
|
|
|
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: no
|
2020-09-10 08:06:20 +00:00
|
|
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
|
|
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
2020-07-23 11:08:01 +00:00
|
|
|
Valid prefixes
|
|
|
|
REP: no, REPcc: no, LOCK: no
|
|
|
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
|
|
|
BND: no, BHINT: no, DNT: no
|
|
|
|
Operand: 0, Acc: R-, Type: Register, Size: 2, RawSize: 2, Encoding: S, RegType: General Purpose, RegSize: 2, RegId: 0, RegCount: 1
|
|
|
|
Operand: 1, Acc: -W, Type: Memory, Size: 16, RawSize: 16, Encoding: S, Stack: yes,
|
|
|
|
Segment: 2, Base: 4,
|
|
|
|
|
|
|
|
0000000000000002 60 PUSHAD
|
|
|
|
DSIZE: 32, ASIZE: 32, VLEN: -
|
|
|
|
ISA Set: I386, Ins cat: PUSH, CET tracked: no
|
|
|
|
Valid modes
|
|
|
|
R0: yes, R1: yes, R2: yes, R3: yes
|
|
|
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: no
|
2020-09-10 08:06:20 +00:00
|
|
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
|
|
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
2020-07-23 11:08:01 +00:00
|
|
|
Valid prefixes
|
|
|
|
REP: no, REPcc: no, LOCK: no
|
|
|
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
|
|
|
BND: no, BHINT: no, DNT: no
|
|
|
|
Operand: 0, Acc: R-, Type: Bank, Size: -1, RawSize: -1, Encoding: S
|
|
|
|
Operand: 1, Acc: -W, Type: Memory, Size: 32, RawSize: 32, Encoding: S, Stack: yes,
|
|
|
|
Segment: 2, Base: 4,
|
|
|
|
|
|
|
|
0000000000000003 6661 POPA
|
|
|
|
DSIZE: 16, ASIZE: 32, VLEN: -
|
|
|
|
ISA Set: I386, Ins cat: POP, CET tracked: no
|
|
|
|
Valid modes
|
|
|
|
R0: yes, R1: yes, R2: yes, R3: yes
|
|
|
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: no
|
2020-09-10 08:06:20 +00:00
|
|
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
|
|
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
2020-07-23 11:08:01 +00:00
|
|
|
Valid prefixes
|
|
|
|
REP: no, REPcc: no, LOCK: no
|
|
|
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
|
|
|
BND: no, BHINT: no, DNT: no
|
|
|
|
Operand: 0, Acc: -W, Type: Register, Size: 2, RawSize: 2, Encoding: S, RegType: General Purpose, RegSize: 2, RegId: 0, RegCount: 1
|
|
|
|
Operand: 1, Acc: R-, Type: Memory, Size: 16, RawSize: 16, Encoding: S, Stack: yes,
|
|
|
|
Segment: 2, Base: 4,
|
|
|
|
|
|
|
|
0000000000000005 61 POPAD
|
|
|
|
DSIZE: 32, ASIZE: 32, VLEN: -
|
|
|
|
ISA Set: I386, Ins cat: POP, CET tracked: no
|
|
|
|
Valid modes
|
|
|
|
R0: yes, R1: yes, R2: yes, R3: yes
|
|
|
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: no
|
2020-09-10 08:06:20 +00:00
|
|
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
|
|
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
2020-07-23 11:08:01 +00:00
|
|
|
Valid prefixes
|
|
|
|
REP: no, REPcc: no, LOCK: no
|
|
|
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
|
|
|
BND: no, BHINT: no, DNT: no
|
|
|
|
Operand: 0, Acc: -W, Type: Bank, Size: -1, RawSize: -1, Encoding: S
|
|
|
|
Operand: 1, Acc: R-, Type: Memory, Size: 32, RawSize: 32, Encoding: S, Stack: yes,
|
|
|
|
Segment: 2, Base: 4,
|
|
|
|
|
|
|
|
0000000000000006 2682c0e4 ADD al, 0xe4
|
|
|
|
DSIZE: 32, ASIZE: 32, VLEN: -
|
|
|
|
ISA Set: I86, Ins cat: ARITH, CET tracked: no
|
|
|
|
FLAGS access
|
|
|
|
CF: m, PF: m, AF: m, ZF: m, SF: m, OF: m,
|
|
|
|
Valid modes
|
|
|
|
R0: yes, R1: yes, R2: yes, R3: yes
|
|
|
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: no
|
2020-09-10 08:06:20 +00:00
|
|
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
|
|
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
2020-07-23 11:08:01 +00:00
|
|
|
Valid prefixes
|
|
|
|
REP: no, REPcc: no, LOCK: yes
|
|
|
|
HLE: yes, XACQUIRE only: no, XRELEASE only: no
|
|
|
|
BND: no, BHINT: no, DNT: no
|
|
|
|
Operand: 0, Acc: RW, Type: Register, Size: 1, RawSize: 1, Encoding: M, RegType: General Purpose, RegSize: 1, RegId: 0, RegCount: 1
|
|
|
|
Operand: 1, Acc: R-, Type: Immediate, Size: 1, RawSize: 1, Encoding: I
|
|
|
|
Operand: 2, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: Flags, RegSize: 4, RegId: 0, RegCount: 1
|
|
|
|
|
|
|
|
000000000000000A 260f05 SYSCALL
|
|
|
|
DSIZE: 32, ASIZE: 32, VLEN: -
|
2021-08-31 10:37:50 +00:00
|
|
|
ISA Set: AMD, Ins cat: SYSCALL, CET tracked: yes
|
2020-07-23 11:08:01 +00:00
|
|
|
CPUID leaf: 0x80000001, reg: ecx, bit: 11
|
|
|
|
FLAGS access
|
|
|
|
Entire register
|
|
|
|
Valid modes
|
|
|
|
R0: yes, R1: yes, R2: yes, R3: yes
|
|
|
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
|
2020-09-10 08:06:20 +00:00
|
|
|
SMM on: yes, SMM off: yes, SGX on: no, SGX off: yes, TSX on: yes, TSX off: yes
|
|
|
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
2020-07-23 11:08:01 +00:00
|
|
|
Valid prefixes
|
|
|
|
REP: no, REPcc: no, LOCK: no
|
|
|
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
|
|
|
BND: no, BHINT: no, DNT: no
|
2020-09-21 09:16:45 +00:00
|
|
|
Operand: 0, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: Model Specific, RegSize: 8, RegId: 0xc0000081, RegCount: 1
|
|
|
|
Operand: 1, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: Model Specific, RegSize: 8, RegId: 0xc0000082, RegCount: 1
|
|
|
|
Operand: 2, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: Model Specific, RegSize: 8, RegId: 0xc0000084, RegCount: 1
|
2020-07-23 11:08:01 +00:00
|
|
|
Operand: 3, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: Segment, RegSize: 4, RegId: 2, RegCount: 1
|
|
|
|
Operand: 4, Acc: -W, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: General Purpose, RegSize: 8, RegId: 1, RegCount: 1
|
|
|
|
Operand: 5, Acc: -W, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: General Purpose, RegSize: 8, RegId: 11, RegCount: 1
|
|
|
|
Operand: 6, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: Segment, RegSize: 4, RegId: 1, RegCount: 1
|
|
|
|
Operand: 7, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: IP, RegSize: 4, RegId: 0, RegCount: 1
|
|
|
|
Operand: 8, Acc: RW, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: Flags, RegSize: 4, RegId: 0, RegCount: 1
|
|
|
|
Operand: 9, Acc: RW, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: SSP, RegSize: 4, RegId: 0, RegCount: 1
|
|
|
|
|
|
|
|
000000000000000D 260f07 SYSRET
|
|
|
|
DSIZE: 32, ASIZE: 32, VLEN: -
|
|
|
|
ISA Set: AMD, Ins cat: SYSRET, CET tracked: no
|
|
|
|
CPUID leaf: 0x80000001, reg: ecx, bit: 11
|
|
|
|
FLAGS access
|
|
|
|
Entire register
|
|
|
|
Valid modes
|
|
|
|
R0: yes, R1: no, R2: no, R3: no
|
|
|
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
|
2020-09-10 08:06:20 +00:00
|
|
|
SMM on: yes, SMM off: yes, SGX on: no, SGX off: yes, TSX on: yes, TSX off: yes
|
|
|
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
2020-07-23 11:08:01 +00:00
|
|
|
Valid prefixes
|
|
|
|
REP: no, REPcc: no, LOCK: no
|
|
|
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
|
|
|
BND: no, BHINT: no, DNT: no
|
2020-09-21 09:16:45 +00:00
|
|
|
Operand: 0, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: Model Specific, RegSize: 8, RegId: 0xc0000081, RegCount: 1
|
2020-07-23 11:08:01 +00:00
|
|
|
Operand: 1, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: Segment, RegSize: 4, RegId: 2, RegCount: 1
|
|
|
|
Operand: 2, Acc: R-, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: General Purpose, RegSize: 4, RegId: 1, RegCount: 1
|
|
|
|
Operand: 3, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: General Purpose, RegSize: 8, RegId: 11, RegCount: 1
|
|
|
|
Operand: 4, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: Segment, RegSize: 4, RegId: 1, RegCount: 1
|
|
|
|
Operand: 5, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: IP, RegSize: 4, RegId: 0, RegCount: 1
|
|
|
|
Operand: 6, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: Flags, RegSize: 4, RegId: 0, RegCount: 1
|
|
|
|
Operand: 7, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: SSP, RegSize: 4, RegId: 0, RegCount: 1
|
|
|
|
|
|
|
|
0000000000000010 f3660fc7f8 RDPID eax
|
|
|
|
DSIZE: 16, ASIZE: 32, VLEN: -
|
|
|
|
ISA Set: RDPID, Ins cat: RDPID, CET tracked: no
|
|
|
|
CPUID leaf: 0x00000007, sub-leaf: 0x00000000, reg: ecx, bit: 22
|
|
|
|
Valid modes
|
|
|
|
R0: yes, R1: yes, R2: yes, R3: yes
|
|
|
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
|
2020-09-10 08:06:20 +00:00
|
|
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
|
|
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
2020-07-23 11:08:01 +00:00
|
|
|
Valid prefixes
|
|
|
|
REP: no, REPcc: no, LOCK: no
|
|
|
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
|
|
|
BND: no, BHINT: no, DNT: no
|
|
|
|
Operand: 0, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: M, RegType: General Purpose, RegSize: 4, RegId: 0, RegCount: 1
|
2020-09-21 09:16:45 +00:00
|
|
|
Operand: 1, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: Model Specific, RegSize: 8, RegId: 0xc0000103, RegCount: 1
|
2020-07-23 11:08:01 +00:00
|
|
|
|
|
|
|
0000000000000015 f30f1b05a4274e6d BNDMK bnd0, dword ptr [0x6d4e27a4]
|
|
|
|
DSIZE: 32, ASIZE: 32, VLEN: -
|
|
|
|
ISA Set: MPX, Ins cat: MPX, CET tracked: no
|
|
|
|
CPUID leaf: 0x00000007, sub-leaf: 0x00000000, reg: ebx, bit: 14
|
|
|
|
Valid modes
|
|
|
|
R0: yes, R1: yes, R2: yes, R3: yes
|
|
|
|
Real: yes, V8086: yes, Prot: yes, Compat: yes, Long: yes
|
2020-09-10 08:06:20 +00:00
|
|
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
|
|
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
2020-07-23 11:08:01 +00:00
|
|
|
Valid prefixes
|
|
|
|
REP: no, REPcc: no, LOCK: no
|
|
|
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
|
|
|
BND: no, BHINT: no, DNT: no
|
|
|
|
Operand: 0, Acc: -W, Type: Register, Size: 8, RawSize: 8, Encoding: R, RegType: Bound, RegSize: 8, RegId: 0, RegCount: 1
|
|
|
|
Operand: 1, Acc: R-, Type: Memory, Size: 4, RawSize: 4, Encoding: M,
|
|
|
|
Segment: 3, Displacement: 0x000000006d4e27a4,
|
|
|
|
|
|
|
|
000000000000001D c4e13a10ca VMOVSS xmm1, xmm0, xmm2
|
|
|
|
DSIZE: 32, ASIZE: 32, VLEN: 128
|
|
|
|
ISA Set: AVX, Ins cat: DATAXFER, CET tracked: no
|
|
|
|
CPUID leaf: 0x00000001, reg: ecx, bit: 28
|
|
|
|
Exception class: SSE/VEX, exception type: 5
|
|
|
|
Valid modes
|
|
|
|
R0: yes, R1: yes, R2: yes, R3: yes
|
|
|
|
Real: no, V8086: no, Prot: yes, Compat: yes, Long: yes
|
2020-09-10 08:06:20 +00:00
|
|
|
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
|
|
|
|
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
|
2020-07-23 11:08:01 +00:00
|
|
|
Valid prefixes
|
|
|
|
REP: no, REPcc: no, LOCK: no
|
|
|
|
HLE: no, XACQUIRE only: no, XRELEASE only: no
|
|
|
|
BND: no, BHINT: no, DNT: no
|
|
|
|
Operand: 0, Acc: -W, Type: Register, Size: 16, RawSize: 16, Encoding: R, RegType: Vector, RegSize: 16, RegId: 1, RegCount: 1
|
|
|
|
Operand: 1, Acc: R-, Type: Register, Size: 16, RawSize: 16, Encoding: V, RegType: Vector, RegSize: 16, RegId: 0, RegCount: 1
|
|
|
|
Operand: 2, Acc: R-, Type: Register, Size: 4, RawSize: 4, Encoding: M, RegType: Vector, RegSize: 16, RegId: 2, RegCount: 1
|
|
|
|
|