{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10163,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:27:20.656300061Z | 42 | PC: 233bb | Get date 0x233bb: cmp dl, 0x13 0x233be: jb 0x23d44 0x233c2: mov ax, 0xaaaa 0x233c5: push ax 0x233c6: push es 0x233c7: xor ax, ax 0x233c9: mov es, ax 0x233cb: mov ax, word ptr es:[0x84] 0x233cf: mov word ptr cs:[0xda6], ax 0x233d3: mov ax, word ptr es:[0x86] 0x233d7: mov word ptr cs:[0xda8], ax 0x233db: pop es 0x233dc: pop ax 0x233dd: pushf 0x233de: lcall ptr cs:[0xda6] 0x233e3: jmp 0x233ea 0x233e5: nop 0x233e6: clc 0x233e7: inc ax 0x233e8: sbb word ptr [bx + si], ax |
| 2018-12-25T12:27:20.658836778Z | 9 | PC: 12a5c | Display string (Could not find end pointer) |
| 2018-12-25T12:27:20.665033999Z | 76 | PC: 12a61 | Terminate with return code (Return code = '0') |
{"DateBased":true,"Day":19,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10163,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:27:20.795581826Z | 42 | PC: 233bb | Get date 0x233bb: cmp dl, 0x13 0x233be: jb 0x23d44 0x233c2: mov ax, 0xaaaa 0x233c5: push ax 0x233c6: push es 0x233c7: xor ax, ax 0x233c9: mov es, ax 0x233cb: mov ax, word ptr es:[0x84] 0x233cf: mov word ptr cs:[0xda6], ax 0x233d3: mov ax, word ptr es:[0x86] 0x233d7: mov word ptr cs:[0xda8], ax 0x233db: pop es 0x233dc: pop ax 0x233dd: pushf 0x233de: lcall ptr cs:[0xda6] 0x233e3: jmp 0x233ea 0x233e5: nop 0x233e6: clc 0x233e7: inc ax 0x233e8: sbb word ptr [bx + si], ax |
| 2018-12-25T12:27:20.799655479Z | 170 | PC: 233e3 | UNKNOWN! |
| 2018-12-25T12:27:20.802162264Z | 9 | PC: 12a5c | Display string (Could not find end pointer) |
| 2018-12-25T12:27:20.809532772Z | 76 | PC: 12a61 | Terminate with return code (Return code = '0') |
| 2018-12-25T12:27:20.81470434Z | 77 | PC: 11fe0 | Get program return code |
| 2018-12-25T12:27:20.816663688Z | 98 | PC: 983d3 | Get current PSP |
| 2018-12-25T12:27:20.818068426Z | 72 | PC: 12174 | Allocate memory |
| 2018-12-25T12:27:20.821707065Z | 98 | PC: 983d3 | Get current PSP (See above) |
| 2018-12-25T12:27:20.823029279Z | 72 | PC: 1218d | Allocate memory |
| 2018-12-25T12:27:20.826003441Z | 37 | PC: 123c4 | Set interrupt vector (Interrupt = '34' AKA 'Random write') |
| 2018-12-25T12:27:20.82887272Z | 37 | PC: 123cb | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-25T12:27:20.830650968Z | 37 | PC: 123d2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:27:20.832489282Z | 62 | PC: 122ab | Close file |
| 2018-12-25T12:27:20.835694293Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:27:20.837882956Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:27:20.839901919Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:27:20.842003473Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:27:20.844653065Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:27:20.846250533Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:27:20.848143203Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:27:20.851059808Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:27:20.8532105Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:27:20.855182152Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:27:20.858335945Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:27:20.860024731Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:27:20.861957211Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:27:20.867952486Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:27:20.870887434Z | 61 | PC: 12354 | Open file (Filename = 'C:\COMMAND.COM') |
| 2018-12-25T12:27:20.878070029Z | 66 | PC: 12372 | Move file pointer |
| 2018-12-25T12:27:20.880525319Z | 63 | PC: 12383 | Read file or device (Read 44693 bytes on handle 5) |
| 2018-12-25T12:27:20.894419225Z | 62 | PC: 1238a | Close file |
| 2018-12-25T12:27:20.897391161Z | 99 | PC: 92757 | Get DBCS lead byte table pointer |
| 2018-12-25T12:27:20.90063405Z | 56 | PC: 8cf79 | Get or set country info |
| 2018-12-25T12:27:20.902719395Z | 64 | PC: 929c8 | Write file or device (Write 2 bytes on handle 1) |
| 2018-12-25T12:27:20.906296906Z | 25 | PC: 8cfe2 | Get default drive |
| 2018-12-25T12:27:20.9079926Z | 71 | PC: 8f25d | Get current directory |
| 2018-12-25T12:27:20.911146232Z | 64 | PC: 929c8 | Write file or device (See above) |
| 2018-12-25T12:27:20.915195388Z | 2 | PC: 8f232 | Character output (Char = '3e') |
| 2018-12-25T12:27:20.917960724Z | 93 | PC: 8d0a0 | File sharing functions |
| 2018-12-25T12:27:20.91940315Z | 93 | PC: 8d0a7 | File sharing functions |
| 2018-12-25T12:27:20.920839979Z | 10 | PC: 8d0b9 | Buffered keyboard input |
| 2018-12-25T12:27:35.769065535Z | 0 | PC: 0 | Program terminate |
| 2018-12-25T12:27:37.12322209Z | 0 | PC: 0 | Program terminate (See above) |
| 2018-12-25T12:27:37.226281118Z | 64 | PC: 929c8 | Write file or device (See above) |
| 2018-12-25T12:27:37.233345505Z | 41 | PC: 8d12e | Parse filename |
| 2018-12-25T12:27:37.236437783Z | 41 | PC: 8d1af | Parse filename |
| 2018-12-25T12:27:37.253645177Z | 41 | PC: 8d1cc | Parse filename |
| 2018-12-25T12:27:37.256627706Z | 26 | PC: 90677 | Set disk transfer address |
| 2018-12-25T12:27:37.259117265Z | 71 | PC: 90873 | Get current directory |