{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11074,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:29:53.174315014Z | 192 | PC: 12a57 | UNKNOWN! |
| 2018-12-25T12:29:53.175299204Z | 53 | PC: 12a66 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:29:53.176877305Z | 74 | PC: 12a78 | Reallocate memory |
| 2018-12-25T12:29:53.178328432Z | 74 | PC: 12a7f | Reallocate memory |
| 2018-12-25T12:29:53.179608138Z | 72 | PC: 12a86 | Allocate memory |
| 2018-12-25T12:29:53.181455188Z | 37 | PC: 12aa0 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:29:53.182988358Z | 42 | PC: 12aa7 | Get date 0x12aa7: mov ah, 0x2c 0x12aa9: cmp al, 5 0x12aab: jne 0x12af1 0x12aad: int 0x21 0x12aaf: cmp dh, 2 0x12ab2: ja 0x12abc 0x12ab4: lea dx, word ptr [si + 0x7a] 0x12ab8: mov ah, 9 0x12aba: int 0x21 0x12abc: ret 0x12abd: or cl, byte ptr [di] 0x12abf: das 0x12ac0: sub ah, byte ptr [bx + si] 0x12ac2: inc bx 0x12ac3: dec ax 0x12ac4: push dx 0x12ac5: imul dx, word ptr [bp + di + 0x54], 0x4169 0x12aca: dec si 0x12acb: and byte ptr [bx + di + 0x53], ch 0x12ace: and byte ptr [bx + di + 0x20], al |
{"DateBased":true,"Day":4,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11074,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:29:53.35880269Z | 192 | PC: 12a57 | UNKNOWN! |
| 2018-12-25T12:29:53.360580787Z | 53 | PC: 12a66 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:29:53.368931408Z | 74 | PC: 12a78 | Reallocate memory |
| 2018-12-25T12:29:53.371040773Z | 74 | PC: 12a7f | Reallocate memory |
| 2018-12-25T12:29:53.373570707Z | 72 | PC: 12a86 | Allocate memory |
| 2018-12-25T12:29:53.375455296Z | 37 | PC: 12aa0 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:29:53.376972335Z | 42 | PC: 12aa7 | Get date 0x12aa7: mov ah, 0x2c 0x12aa9: cmp al, 5 0x12aab: jne 0x12af1 0x12aad: int 0x21 0x12aaf: cmp dh, 2 0x12ab2: ja 0x12abc 0x12ab4: lea dx, word ptr [si + 0x7a] 0x12ab8: mov ah, 9 0x12aba: int 0x21 0x12abc: ret 0x12abd: or cl, byte ptr [di] 0x12abf: das 0x12ac0: sub ah, byte ptr [bx + si] 0x12ac2: inc bx 0x12ac3: dec ax 0x12ac4: push dx 0x12ac5: imul dx, word ptr [bp + di + 0x54], 0x4169 0x12aca: dec si 0x12acb: and byte ptr [bx + di + 0x53], ch 0x12ace: and byte ptr [bx + di + 0x20], al |
| 2018-12-25T12:29:53.380199052Z | 44 | PC: 12aaf | Get time 0x12aaf: cmp dh, 2 0x12ab2: ja 0x12abc 0x12ab4: lea dx, word ptr [si + 0x7a] 0x12ab8: mov ah, 9 0x12aba: int 0x21 0x12abc: ret 0x12abd: or cl, byte ptr [di] 0x12abf: das 0x12ac0: sub ah, byte ptr [bx + si] 0x12ac2: inc bx 0x12ac3: dec ax 0x12ac4: push dx 0x12ac5: imul dx, word ptr [bp + di + 0x54], 0x4169 0x12aca: dec si 0x12acb: and byte ptr [bx + di + 0x53], ch 0x12ace: and byte ptr [bx + di + 0x20], al 0x12ad1: inc di 0x12ad2: outsw dx, word ptr [si] 0x12ad3: outsw dx, word ptr [si] 0x12ad4: dec si |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11074,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:29:53.578244346Z | 192 | PC: 12a57 | UNKNOWN! |
| 2018-12-25T12:29:53.57970289Z | 53 | PC: 12a66 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:29:53.58131552Z | 74 | PC: 12a78 | Reallocate memory |
| 2018-12-25T12:29:53.583130865Z | 74 | PC: 12a7f | Reallocate memory |
| 2018-12-25T12:29:53.584713657Z | 72 | PC: 12a86 | Allocate memory |
| 2018-12-25T12:29:53.586848344Z | 37 | PC: 12aa0 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:29:53.58852468Z | 42 | PC: 12aa7 | Get date 0x12aa7: mov ah, 0x2c 0x12aa9: cmp al, 5 0x12aab: jne 0x12af1 0x12aad: int 0x21 0x12aaf: cmp dh, 2 0x12ab2: ja 0x12abc 0x12ab4: lea dx, word ptr [si + 0x7a] 0x12ab8: mov ah, 9 0x12aba: int 0x21 0x12abc: ret 0x12abd: or cl, byte ptr [di] 0x12abf: das 0x12ac0: sub ah, byte ptr [bx + si] 0x12ac2: inc bx 0x12ac3: dec ax 0x12ac4: push dx 0x12ac5: imul dx, word ptr [bp + di + 0x54], 0x4169 0x12aca: dec si 0x12acb: and byte ptr [bx + di + 0x53], ch 0x12ace: and byte ptr [bx + di + 0x20], al |
{"DateBased":true,"Day":4,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11074,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:29:53.949061573Z | 192 | PC: 12a57 | UNKNOWN! |
| 2018-12-25T12:29:53.950420418Z | 53 | PC: 12a66 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:29:53.952740067Z | 74 | PC: 12a78 | Reallocate memory |
| 2018-12-25T12:29:53.955035791Z | 74 | PC: 12a7f | Reallocate memory |
| 2018-12-25T12:29:53.957038007Z | 72 | PC: 12a86 | Allocate memory |
| 2018-12-25T12:29:53.959783383Z | 37 | PC: 12aa0 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:29:53.961206701Z | 42 | PC: 12aa7 | Get date 0x12aa7: mov ah, 0x2c 0x12aa9: cmp al, 5 0x12aab: jne 0x12af1 0x12aad: int 0x21 0x12aaf: cmp dh, 2 0x12ab2: ja 0x12abc 0x12ab4: lea dx, word ptr [si + 0x7a] 0x12ab8: mov ah, 9 0x12aba: int 0x21 0x12abc: ret 0x12abd: or cl, byte ptr [di] 0x12abf: das 0x12ac0: sub ah, byte ptr [bx + si] 0x12ac2: inc bx 0x12ac3: dec ax 0x12ac4: push dx 0x12ac5: imul dx, word ptr [bp + di + 0x54], 0x4169 0x12aca: dec si 0x12acb: and byte ptr [bx + di + 0x53], ch 0x12ace: and byte ptr [bx + di + 0x20], al |
| 2018-12-25T12:29:53.963742752Z | 44 | PC: 12aaf | Get time 0x12aaf: cmp dh, 2 0x12ab2: ja 0x12abc 0x12ab4: lea dx, word ptr [si + 0x7a] 0x12ab8: mov ah, 9 0x12aba: int 0x21 0x12abc: ret 0x12abd: or cl, byte ptr [di] 0x12abf: das 0x12ac0: sub ah, byte ptr [bx + si] 0x12ac2: inc bx 0x12ac3: dec ax 0x12ac4: push dx 0x12ac5: imul dx, word ptr [bp + di + 0x54], 0x4169 0x12aca: dec si 0x12acb: and byte ptr [bx + di + 0x53], ch 0x12ace: and byte ptr [bx + di + 0x20], al 0x12ad1: inc di 0x12ad2: outsw dx, word ptr [si] 0x12ad3: outsw dx, word ptr [si] 0x12ad4: dec si |