{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10928,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:29:35.697813506Z | 26 | PC: 13245 | Set disk transfer address |
| 2018-12-25T12:29:35.699606178Z | 42 | PC: 1324c | Get date 0x1324c: cmp al, 2 0x1324e: jne 0x13253 0x13250: call 0x13357 0x13253: jmp 0x13256 0x13255: nop 0x13256: mov word ptr [si + 0x4b], 0x7feb 0x1325b: push si 0x1325c: mov di, 0xfc00 0x1325f: xor si, si 0x13261: mov cx, 0x100 0x13264: rep movsb byte ptr es:[di], byte ptr [si] 0x13266: pop si 0x13267: mov word ptr [si + 0x4b], 0xbf56 0x1326c: push si 0x1326d: mov di, 0x100 0x13270: add si, 0x1d8 0x13274: mov cx, 4 0x13277: rep movsb byte ptr es:[di], byte ptr [si] 0x13279: pop si 0x1327a: mov ah, 0x4e |
| 2018-12-25T12:29:50.675225484Z | 0 | PC: 132e2 | Program terminate |
| 2018-12-25T12:29:50.678289772Z | 77 | PC: 11fe0 | Get program return code |
{"DateBased":true,"Day":2,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10928,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:29:35.719045354Z | 26 | PC: 13245 | Set disk transfer address |
| 2018-12-25T12:29:35.720320348Z | 42 | PC: 1324c | Get date 0x1324c: cmp al, 2 0x1324e: jne 0x13253 0x13250: call 0x13357 0x13253: jmp 0x13256 0x13255: nop 0x13256: mov word ptr [si + 0x4b], 0x7feb 0x1325b: push si 0x1325c: mov di, 0xfc00 0x1325f: xor si, si 0x13261: mov cx, 0x100 0x13264: rep movsb byte ptr es:[di], byte ptr [si] 0x13266: pop si 0x13267: mov word ptr [si + 0x4b], 0xbf56 0x1326c: push si 0x1326d: mov di, 0x100 0x13270: add si, 0x1d8 0x13274: mov cx, 4 0x13277: rep movsb byte ptr es:[di], byte ptr [si] 0x13279: pop si 0x1327a: mov ah, 0x4e |
| 2018-12-25T12:29:35.72375366Z | 42 | PC: 132e2 | Get date 0x132e2: cmp byte ptr [si + 0x1db], 0x5e 0x132e7: je 0x1333b 0x132e9: mov ax, 0x5700 0x132ec: int 0x21 0x132ee: push cx 0x132ef: push dx 0x132f0: push es 0x132f1: push bx 0x132f2: mov ax, 0x1220 0x132f5: int 0x2f 0x132f7: mov bl, byte ptr es:[di] 0x132fa: mov ax, 0x1216 0x132fd: int 0x2f 0x132ff: mov byte ptr es:[di + 2], 2 0x13304: pop bx 0x13305: pop es 0x13306: mov ax, 0x4202 0x13309: xor cx, cx 0x1330b: xor dx, dx 0x1330d: int 0x21 |
| 2018-12-25T12:29:35.726215153Z | 87 | PC: 132ee | Get or set file date and time |
| 2018-12-25T12:29:35.728255491Z | 66 | PC: 1330f | Move file pointer |
| 2018-12-25T12:29:35.731298961Z | 64 | PC: 13320 | Write file or device (Write 1503 bytes on handle 0) |
| 2018-12-25T12:29:35.738585224Z | 66 | PC: 13329 | Move file pointer |
| 2018-12-25T12:29:35.740505885Z | 64 | PC: 13334 | Write file or device (Write 4 bytes on handle 0) |
| 2018-12-25T12:29:35.744437382Z | 87 | PC: 1333b | Get or set file date and time |
| 2018-12-25T12:29:35.746132519Z | 62 | PC: 1333f | Close file |
| 2018-12-25T12:29:35.748111687Z | 79 | PC: 13343 | Find next file |