GET /api/techniques/64/?format=api
HTTP 200 OK
Allow: GET, PUT, PATCH, DELETE, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept
{
"id": 64,
"key": "rdtsc",
"unprotect_id": "U0126",
"name": "RDTSC",
"description": "The Read-Time-Stamp-Counter (RDTSC) instruction can be used by malware to determine how quicky the processor executes the program's instructions. It returns the count of the number of ticks since the last system reboot as a 64-bit value placed into `EDX:EAX`.\r\n\r\nIt will execute RDTSC twice and then calculate the difference between low order values and check it with CMP condition. If the difference lays below `0FFFh` no debugger is found if it is above or equal, then application is debugged.",
"resources": "https://www.codeproject.com/Articles/30815/An-Anti-Reverse-Engineering-Guide\nhttps://www.aldeid.com/wiki/RDTSC-Read-Time-Stamp-Counter",
"creation_date": "2019-03-18T13:35:53Z",
"tags": "RDTSC",
"modification_date": "2023-10-04T10:42:41.264000Z",
"category": [
3
],
"rules": [
80
],
"attachments": [],
"featured_api": [
23
],
"contributors": []
}
