{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10647,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:28:42.530085011Z | 42 | PC: 13ca5 | Get date 0x13ca5: cmp cx, 0x7d0 0x13ca9: jne 0x13cb3 0x13cab: cmp dh, 4 0x13cae: jg 0x13cb3 0x13cb0: jmp 0x13cb8 0x13cb2: nop 0x13cb3: mov byte ptr [0x802], 1 0x13cb8: push es 0x13cb9: mov ax, word ptr [0x1d8] 0x13cbc: mov word ptr [0x76d], ax 0x13cbf: mov ax, word ptr [0x1da] 0x13cc2: mov word ptr [0x76f], ax 0x13cc5: mov ax, word ptr [0x76b] 0x13cc8: mov word ptr [0x771], ax 0x13ccb: mov ax, word ptr [0x777] 0x13cce: mov word ptr [0x773], ax 0x13cd1: mov ax, word ptr [0x779] 0x13cd4: mov word ptr [0x775], ax 0x13cd7: mov bx, 0x1997 0x13cda: int 0x28 |
| 2018-12-25T12:28:42.532271373Z | 74 | PC: 13d7e | Reallocate memory |
| 2018-12-25T12:28:42.534551468Z | 74 | PC: 13d86 | Reallocate memory |
| 2018-12-25T12:28:42.53614964Z | 72 | PC: 13d93 | Allocate memory |
| 2018-12-25T12:28:42.538372526Z | 9 | PC: 12a5c | Display string (Could not find end pointer) |
| 2018-12-25T12:28:42.545025578Z | 76 | PC: 12a61 | Terminate with return code (Return code = '0') |
{"DateBased":true,"Day":1,"Month":1,"Year":2000,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10647,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:28:42.554367624Z | 42 | PC: 13ca5 | Get date 0x13ca5: cmp cx, 0x7d0 0x13ca9: jne 0x13cb3 0x13cab: cmp dh, 4 0x13cae: jg 0x13cb3 0x13cb0: jmp 0x13cb8 0x13cb2: nop 0x13cb3: mov byte ptr [0x802], 1 0x13cb8: push es 0x13cb9: mov ax, word ptr [0x1d8] 0x13cbc: mov word ptr [0x76d], ax 0x13cbf: mov ax, word ptr [0x1da] 0x13cc2: mov word ptr [0x76f], ax 0x13cc5: mov ax, word ptr [0x76b] 0x13cc8: mov word ptr [0x771], ax 0x13ccb: mov ax, word ptr [0x777] 0x13cce: mov word ptr [0x773], ax 0x13cd1: mov ax, word ptr [0x779] 0x13cd4: mov word ptr [0x775], ax 0x13cd7: mov bx, 0x1997 0x13cda: int 0x28 |
| 2018-12-25T12:28:42.557175111Z | 74 | PC: 13d7e | Reallocate memory |
| 2018-12-25T12:28:42.558565326Z | 74 | PC: 13d86 | Reallocate memory |
| 2018-12-25T12:28:42.559699714Z | 72 | PC: 13d93 | Allocate memory |
| 2018-12-25T12:28:42.562519687Z | 9 | PC: 12a5c | Display string (Could not find end pointer) |
| 2018-12-25T12:28:42.568297874Z | 76 | PC: 12a61 | Terminate with return code (Return code = '0') |
{"DateBased":true,"Day":1,"Month":5,"Year":2000,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10647,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:28:42.562206125Z | 42 | PC: 13ca5 | Get date 0x13ca5: cmp cx, 0x7d0 0x13ca9: jne 0x13cb3 0x13cab: cmp dh, 4 0x13cae: jg 0x13cb3 0x13cb0: jmp 0x13cb8 0x13cb2: nop 0x13cb3: mov byte ptr [0x802], 1 0x13cb8: push es 0x13cb9: mov ax, word ptr [0x1d8] 0x13cbc: mov word ptr [0x76d], ax 0x13cbf: mov ax, word ptr [0x1da] 0x13cc2: mov word ptr [0x76f], ax 0x13cc5: mov ax, word ptr [0x76b] 0x13cc8: mov word ptr [0x771], ax 0x13ccb: mov ax, word ptr [0x777] 0x13cce: mov word ptr [0x773], ax 0x13cd1: mov ax, word ptr [0x779] 0x13cd4: mov word ptr [0x775], ax 0x13cd7: mov bx, 0x1997 0x13cda: int 0x28 |
| 2018-12-25T12:28:42.565193221Z | 74 | PC: 13d7e | Reallocate memory |
| 2018-12-25T12:28:42.566796957Z | 74 | PC: 13d86 | Reallocate memory |
| 2018-12-25T12:28:42.568301539Z | 72 | PC: 13d93 | Allocate memory |
| 2018-12-25T12:28:42.570855102Z | 9 | PC: 12a5c | Display string (Could not find end pointer) |
| 2018-12-25T12:28:42.576787514Z | 76 | PC: 12a61 | Terminate with return code (Return code = '0') |