{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":10375,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:27:51.660882241Z | 136 | PC: 12a51 | UNKNOWN! |
| 2018-12-25T12:27:51.662637235Z | 74 | PC: 12a5e | Reallocate memory |
| 2018-12-25T12:27:51.664962552Z | 74 | PC: 12a66 | Reallocate memory |
| 2018-12-25T12:27:51.666910266Z | 72 | PC: 12a6d | Allocate memory |
| 2018-12-25T12:27:51.669312585Z | 44 | PC: 12a92 | Get time 0x12a92: cmp cl, 0xa 0x12a95: jbe 0x12abd 0x12a97: cmp cl, 0x37 0x12a9a: jge 0x12a9c 0x12a9c: xor ax, ax 0x12a9e: mov ds, ax 0x12aa0: push ds 0x12aa1: lds ax, ptr [0x98] 0x12aa5: mov word ptr es:[0x2c8], ax 0x12aa9: mov word ptr es:[0x2ca], ds 0x12aae: pop ds 0x12aaf: mov word ptr [0x98], 0x27e 0x12ab5: mov bx, es 0x12ab7: mov word ptr [0x9a], bx 0x12abb: jmp 0x12adc 0x12abd: xor ax, ax 0x12abf: mov ds, ax 0x12ac1: push ds 0x12ac2: lds ax, ptr [0x24] 0x12ac6: mov word ptr es:[0x2c0], ax |
{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":10,"Second":0,"TimeBased":true,"OriginalID":10375,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:27:51.838346545Z | 136 | PC: 12a51 | UNKNOWN! |
| 2018-12-25T12:27:51.839810025Z | 74 | PC: 12a5e | Reallocate memory |
| 2018-12-25T12:27:51.84169204Z | 74 | PC: 12a66 | Reallocate memory |
| 2018-12-25T12:27:51.84372244Z | 72 | PC: 12a6d | Allocate memory |
| 2018-12-25T12:27:51.84589835Z | 44 | PC: 12a92 | Get time 0x12a92: cmp cl, 0xa 0x12a95: jbe 0x12abd 0x12a97: cmp cl, 0x37 0x12a9a: jge 0x12a9c 0x12a9c: xor ax, ax 0x12a9e: mov ds, ax 0x12aa0: push ds 0x12aa1: lds ax, ptr [0x98] 0x12aa5: mov word ptr es:[0x2c8], ax 0x12aa9: mov word ptr es:[0x2ca], ds 0x12aae: pop ds 0x12aaf: mov word ptr [0x98], 0x27e 0x12ab5: mov bx, es 0x12ab7: mov word ptr [0x9a], bx 0x12abb: jmp 0x12adc 0x12abd: xor ax, ax 0x12abf: mov ds, ax 0x12ac1: push ds 0x12ac2: lds ax, ptr [0x24] 0x12ac6: mov word ptr es:[0x2c0], ax |