C++ / GetLocalTime, GetSystemTime, timeGetTime, NtQueryPerformanceCounter

Windows C++ / GetLocalTime, GetSystemTime, timeGetTime, NtQueryPerformanceCounter

Author	External
Platform	Windows
Language	C++
Technique	GetLocalTime, GetSystemTime, timeGetTime, NtQueryPerformanceCounter

Description:

Original source code available here: https://anti-debug.checkpoint.com/techniques/timing.html#getsystemtime

Code

bool IsDebugged(DWORD64 qwNativeElapsed)
{
    SYSTEMTIME stStart, stEnd;
    FILETIME ftStart, ftEnd;
    ULARGE_INTEGER uiStart, uiEnd;

    GetLocalTime(&stStart);
    // ... some work
    GetLocalTime(&stEnd);

    if (!SystemTimeToFileTime(&stStart, &ftStart))
        return false;
    if (!SystemTimeToFileTime(&stEnd, &ftEnd))
        return false;

    uiStart.LowPart  = ftStart.dwLowDateTime;
    uiStart.HighPart = ftStart.dwHighDateTime;
    uiEnd.LowPart  = ftEnd.dwLowDateTime;
    uiEnd.HighPart = ftEnd.dwHighDateTime;
    return (uiEnd.QuadPart - uiStart.QuadPart) > qwNativeElapsed;
}

Download Raw

Created

June 22, 2022

Last Revised

April 22, 2024