{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10226,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:27:30.364430706Z | 71 | PC: 12a94 | Get current directory |
| 2018-12-25T12:27:30.368433752Z | 59 | PC: 12aa8 | Change current directory |
| 2018-12-25T12:27:30.373797037Z | 48 | PC: 12bc1 | Get DOS version |
| 2018-12-25T12:27:30.374971836Z | 42 | PC: 12bcc | Get date 0x12bcc: cmp cx, 0x7d0 0x12bd0: jne 0x12bd5 0x12bd2: jmp 0x12c05 0x12bd4: nop 0x12bd5: cmp dl, 0x1b 0x12bd8: jne 0x12bdd 0x12bda: jmp 0x12c05 0x12bdc: nop 0x12bdd: mov ah, 0x2c 0x12bdf: int 0x21 0x12be1: cmp dl, 0x32 0x12be4: jne 0x12be9 0x12be6: jmp 0x12bfb 0x12be8: nop 0x12be9: mov ax, 0x100 0x12bec: mov di, ax 0x12bee: lea si, word ptr [bp + 0x3b2] 0x12bf2: movsw word ptr es:[di], word ptr [si] 0x12bf3: movsb byte ptr es:[di], byte ptr [si] 0x12bf4: mov bx, 0x100 |
| 2018-12-25T12:27:30.37689826Z | 44 | PC: 12be1 | Get time 0x12be1: cmp dl, 0x32 0x12be4: jne 0x12be9 0x12be6: jmp 0x12bfb 0x12be8: nop 0x12be9: mov ax, 0x100 0x12bec: mov di, ax 0x12bee: lea si, word ptr [bp + 0x3b2] 0x12bf2: movsw word ptr es:[di], word ptr [si] 0x12bf3: movsb byte ptr es:[di], byte ptr [si] 0x12bf4: mov bx, 0x100 0x12bf7: xor ax, ax 0x12bf9: push bx 0x12bfa: ret 0x12bfb: mov ah, 0x39 0x12bfd: lea dx, word ptr [bp + 0x367] 0x12c01: int 0x21 0x12c03: jmp 0x12be9 0x12c05: mov dx, 0 0x12c08: mov al, 2 0x12c0a: mov cx, 0xffff |
{"DateBased":true,"Day":27,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10226,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:27:31.358939328Z | 71 | PC: 12a94 | Get current directory |
| 2018-12-25T12:27:31.362703662Z | 59 | PC: 12aa8 | Change current directory |
| 2018-12-25T12:27:31.368732825Z | 48 | PC: 12bc1 | Get DOS version |
| 2018-12-25T12:27:31.369893002Z | 42 | PC: 12bcc | Get date 0x12bcc: cmp cx, 0x7d0 0x12bd0: jne 0x12bd5 0x12bd2: jmp 0x12c05 0x12bd4: nop 0x12bd5: cmp dl, 0x1b 0x12bd8: jne 0x12bdd 0x12bda: jmp 0x12c05 0x12bdc: nop 0x12bdd: mov ah, 0x2c 0x12bdf: int 0x21 0x12be1: cmp dl, 0x32 0x12be4: jne 0x12be9 0x12be6: jmp 0x12bfb 0x12be8: nop 0x12be9: mov ax, 0x100 0x12bec: mov di, ax 0x12bee: lea si, word ptr [bp + 0x3b2] 0x12bf2: movsw word ptr es:[di], word ptr [si] 0x12bf3: movsb byte ptr es:[di], byte ptr [si] 0x12bf4: mov bx, 0x100 |
| 2018-12-25T12:27:33.590163971Z | 71 | PC: 12a94 | Get current directory (See above) |
| 2018-12-25T12:27:33.598427941Z | 59 | PC: 12aa8 | Change current directory (See above) |
| 2018-12-25T12:27:33.602491113Z | 48 | PC: 12bc1 | Get DOS version (See above) |
| 2018-12-25T12:27:33.603749186Z | 42 | PC: 12bcc | Get date (See above) |
{"DateBased":true,"Day":1,"Month":1,"Year":2000,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10226,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:27:32.644376328Z | 71 | PC: 12a94 | Get current directory |
| 2018-12-25T12:27:32.66358416Z | 59 | PC: 12aa8 | Change current directory |
| 2018-12-25T12:27:32.670344521Z | 48 | PC: 12bc1 | Get DOS version |
| 2018-12-25T12:27:32.671965075Z | 42 | PC: 12bcc | Get date 0x12bcc: cmp cx, 0x7d0 0x12bd0: jne 0x12bd5 0x12bd2: jmp 0x12c05 0x12bd4: nop 0x12bd5: cmp dl, 0x1b 0x12bd8: jne 0x12bdd 0x12bda: jmp 0x12c05 0x12bdc: nop 0x12bdd: mov ah, 0x2c 0x12bdf: int 0x21 0x12be1: cmp dl, 0x32 0x12be4: jne 0x12be9 0x12be6: jmp 0x12bfb 0x12be8: nop 0x12be9: mov ax, 0x100 0x12bec: mov di, ax 0x12bee: lea si, word ptr [bp + 0x3b2] 0x12bf2: movsw word ptr es:[di], word ptr [si] 0x12bf3: movsb byte ptr es:[di], byte ptr [si] 0x12bf4: mov bx, 0x100 |
| 2018-12-25T12:27:37.686392568Z | 3 | PC: 12b39 | Auxiliary input |