{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10854,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:29:22.897492897Z | 42 | PC: 12baf | Get date 0x12baf: cmp dx, 0x31e 0x12bb3: je 0x12bcb 0x12bb5: cmp dx, 0xc18 0x12bb9: je 0x12bcb 0x12bbb: cmp dx, 0xc1e 0x12bbf: je 0x12bcb 0x12bc1: cmp dx, 0x606 0x12bc5: jne 0x12bed 0x12bc7: jmp 0x12bcb 0x12bc9: nop 0x12bca: ljmp 0x10cd:0xfb4 0x12bcf: mov ah, 0 0x12bd1: int 0x10 0x12bd3: mov ah, 9 0x12bd5: lea dx, word ptr [bp + 0x377] 0x12bd9: int 0x21 0x12bdb: mov cx, 1 0x12bde: lea bx, word ptr [bp + 0x377] 0x12be2: cdq 0x12be3: mov al, 2 |
| 2018-12-25T12:29:22.900582241Z | 42 | PC: 12bf2 | Get date 0x12bf2: cmp bx, 0x2acc 0x12bf6: je 0x12c72 0x12bf8: jmp 0x12bfc 0x12bfa: nop 0x12bfb: jmp 0x14b0c 0x12bfe: mov ah, 0x4a 0x12c00: mov bx, 0xffff 0x12c03: int 0x21 0x12c05: mov ah, 0x4a 0x12c07: sub bx, 0x41 0x12c0a: nop 0x12c0b: int 0x21 0x12c0d: mov ah, 0x48 0x12c0f: mov bx, 0x40 0x12c12: int 0x21 0x12c14: jb 0x12c72 0x12c16: jmp 0x12c1a 0x12c18: nop 0x12c19: ljmp 0x26c0:0x8e48 0x12c1e: mov byte ptr [0], 0x5a |
| 2018-12-25T12:29:22.902606226Z | 74 | PC: 12c05 | Reallocate memory |
| 2018-12-25T12:29:22.904100448Z | 74 | PC: 12c0d | Reallocate memory |
| 2018-12-25T12:29:22.906342909Z | 72 | PC: 12c14 | Allocate memory |
{"DateBased":true,"Day":30,"Month":3,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10854,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:29:23.15964748Z | 42 | PC: 12baf | Get date 0x12baf: cmp dx, 0x31e 0x12bb3: je 0x12bcb 0x12bb5: cmp dx, 0xc18 0x12bb9: je 0x12bcb 0x12bbb: cmp dx, 0xc1e 0x12bbf: je 0x12bcb 0x12bc1: cmp dx, 0x606 0x12bc5: jne 0x12bed 0x12bc7: jmp 0x12bcb 0x12bc9: nop 0x12bca: ljmp 0x10cd:0xfb4 0x12bcf: mov ah, 0 0x12bd1: int 0x10 0x12bd3: mov ah, 9 0x12bd5: lea dx, word ptr [bp + 0x377] 0x12bd9: int 0x21 0x12bdb: mov cx, 1 0x12bde: lea bx, word ptr [bp + 0x377] 0x12be2: cdq 0x12be3: mov al, 2 |
| 2018-12-25T12:29:23.16965474Z | 9 | PC: 12bdb | Display string (Could not find end pointer) |
{"DateBased":true,"Day":6,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10854,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:29:23.159398765Z | 42 | PC: 12baf | Get date 0x12baf: cmp dx, 0x31e 0x12bb3: je 0x12bcb 0x12bb5: cmp dx, 0xc18 0x12bb9: je 0x12bcb 0x12bbb: cmp dx, 0xc1e 0x12bbf: je 0x12bcb 0x12bc1: cmp dx, 0x606 0x12bc5: jne 0x12bed 0x12bc7: jmp 0x12bcb 0x12bc9: nop 0x12bca: ljmp 0x10cd:0xfb4 0x12bcf: mov ah, 0 0x12bd1: int 0x10 0x12bd3: mov ah, 9 0x12bd5: lea dx, word ptr [bp + 0x377] 0x12bd9: int 0x21 0x12bdb: mov cx, 1 0x12bde: lea bx, word ptr [bp + 0x377] 0x12be2: cdq 0x12be3: mov al, 2 |
| 2018-12-25T12:29:23.172303585Z | 9 | PC: 12bdb | Display string (Could not find end pointer) |
{"DateBased":true,"Day":24,"Month":12,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10854,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:29:23.201722344Z | 42 | PC: 12baf | Get date 0x12baf: cmp dx, 0x31e 0x12bb3: je 0x12bcb 0x12bb5: cmp dx, 0xc18 0x12bb9: je 0x12bcb 0x12bbb: cmp dx, 0xc1e 0x12bbf: je 0x12bcb 0x12bc1: cmp dx, 0x606 0x12bc5: jne 0x12bed 0x12bc7: jmp 0x12bcb 0x12bc9: nop 0x12bca: ljmp 0x10cd:0xfb4 0x12bcf: mov ah, 0 0x12bd1: int 0x10 0x12bd3: mov ah, 9 0x12bd5: lea dx, word ptr [bp + 0x377] 0x12bd9: int 0x21 0x12bdb: mov cx, 1 0x12bde: lea bx, word ptr [bp + 0x377] 0x12be2: cdq 0x12be3: mov al, 2 |
| 2018-12-25T12:29:23.21287924Z | 9 | PC: 12bdb | Display string (Could not find end pointer) |
{"DateBased":true,"Day":30,"Month":12,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10854,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:29:23.264484933Z | 42 | PC: 12baf | Get date 0x12baf: cmp dx, 0x31e 0x12bb3: je 0x12bcb 0x12bb5: cmp dx, 0xc18 0x12bb9: je 0x12bcb 0x12bbb: cmp dx, 0xc1e 0x12bbf: je 0x12bcb 0x12bc1: cmp dx, 0x606 0x12bc5: jne 0x12bed 0x12bc7: jmp 0x12bcb 0x12bc9: nop 0x12bca: ljmp 0x10cd:0xfb4 0x12bcf: mov ah, 0 0x12bd1: int 0x10 0x12bd3: mov ah, 9 0x12bd5: lea dx, word ptr [bp + 0x377] 0x12bd9: int 0x21 0x12bdb: mov cx, 1 0x12bde: lea bx, word ptr [bp + 0x377] 0x12be2: cdq 0x12be3: mov al, 2 |
| 2018-12-25T12:29:23.274221742Z | 9 | PC: 12bdb | Display string (Could not find end pointer) |