{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10164,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:27:20.775367689Z | 42 | PC: 12ed3 | Get date 0x12ed3: cmp dh, 5 0x12ed6: jae 0x12ee3 0x12ed8: xor ax, ax 0x12eda: push ax 0x12edb: pop es 0x12edc: mov ax, 0x11 0x12edf: mov word ptr es:[0x3fe], ax 0x12ee3: jmp 0x12c30 0x12ee6: nop 0x12ee7: mov ah, 0x4c 0x12ee9: int 0x21 0x12eeb: call 0x12f0a 0x12eee: cmp word ptr [0x2ac], ax 0x12ef2: je 0x12efa 0x12ef4: mov word ptr [0x2ac], 0xffff 0x12efa: and byte ptr [0x31d], 0xfb 0x12eff: cmp byte ptr [0x2a2], al 0x12f03: jne 0x12f08 0x12f05: jmp 0x1304d 0x12f08: stc |
| 2018-12-25T12:27:20.779794129Z | 48 | PC: 12c7a | Get DOS version |
| 2018-12-25T12:27:20.782643468Z | 53 | PC: 12ce3 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:27:20.78456433Z | 76 | PC: 12aa4 | Terminate with return code (Return code = '0') |
{"DateBased":true,"Day":1,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10164,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:27:20.766695504Z | 42 | PC: 12ed3 | Get date 0x12ed3: cmp dh, 5 0x12ed6: jae 0x12ee3 0x12ed8: xor ax, ax 0x12eda: push ax 0x12edb: pop es 0x12edc: mov ax, 0x11 0x12edf: mov word ptr es:[0x3fe], ax 0x12ee3: jmp 0x12c30 0x12ee6: nop 0x12ee7: mov ah, 0x4c 0x12ee9: int 0x21 0x12eeb: call 0x12f0a 0x12eee: cmp word ptr [0x2ac], ax 0x12ef2: je 0x12efa 0x12ef4: mov word ptr [0x2ac], 0xffff 0x12efa: and byte ptr [0x31d], 0xfb 0x12eff: cmp byte ptr [0x2a2], al 0x12f03: jne 0x12f08 0x12f05: jmp 0x1304d 0x12f08: stc |
| 2018-12-25T12:27:20.770771786Z | 48 | PC: 12c7a | Get DOS version |
| 2018-12-25T12:27:20.772129317Z | 53 | PC: 12ce3 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:27:20.773627367Z | 76 | PC: 12aa4 | Terminate with return code (Return code = '0') |