{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10660,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:28:44.471513305Z | 78 | PC: 12aa2 | Find first file |
| 2018-12-25T12:28:44.478201021Z | 59 | PC: 12aaf | Change current directory |
| 2018-12-25T12:28:44.482691681Z | 42 | PC: 12ab5 | Get date 0x12ab5: cmp dl, 1 0x12ab8: je 0x12ac0 0x12aba: nop 0x12abb: nop 0x12abc: nop 0x12abd: jmp 0x12b1e 0x12abf: nop 0x12ac0: mov ah, 0x2c 0x12ac2: cmp cl, 0x1e 0x12ac5: jae 0x12acd 0x12ac7: nop 0x12ac8: nop 0x12ac9: nop 0x12aca: jmp 0x12b1e 0x12acc: nop 0x12acd: mov ax, 0xd 0x12ad0: int 0x10 0x12ad2: mov dx, 0x30a 0x12ad5: xor bh, bh 0x12ad7: mov ah, 2 |
| 2018-12-25T12:28:44.509722708Z | 76 | PC: 12b1e | Terminate with return code (Return code = '0') |
{"DateBased":true,"Day":2,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10660,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:28:44.719204558Z | 78 | PC: 12aa2 | Find first file |
| 2018-12-25T12:28:44.726181945Z | 59 | PC: 12aaf | Change current directory |
| 2018-12-25T12:28:44.730375787Z | 42 | PC: 12ab5 | Get date 0x12ab5: cmp dl, 1 0x12ab8: je 0x12ac0 0x12aba: nop 0x12abb: nop 0x12abc: nop 0x12abd: jmp 0x12b1e 0x12abf: nop 0x12ac0: mov ah, 0x2c 0x12ac2: cmp cl, 0x1e 0x12ac5: jae 0x12acd 0x12ac7: nop 0x12ac8: nop 0x12ac9: nop 0x12aca: jmp 0x12b1e 0x12acc: nop 0x12acd: mov ax, 0xd 0x12ad0: int 0x10 0x12ad2: mov dx, 0x30a 0x12ad5: xor bh, bh 0x12ad7: mov ah, 2 |