{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11912,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:31:29.456236122Z | 51 | PC: 13339 | Get or set Ctrl-Break |
| 2018-12-25T12:31:29.459096282Z | 42 | PC: 1340f | Get date 0x1340f: cmp cx, 0x7c3 0x13413: jb 0x1341f 0x13415: ja 0x13427 0x13417: cmp dx, 0x501 0x1341b: jae 0x13427 0x1341d: jmp 0x13457 0x1341f: cmp byte ptr cs:[0x107], 2 0x13425: jb 0x13457 0x13427: push ds 0x13428: mov ax, 0xffff 0x1342b: mov ds, ax 0x1342d: mov al, byte ptr [0xe] 0x13430: and al, 0xfc 0x13432: cmp al, 0xfc 0x13434: pop ds 0x13435: jne 0x13457 0x13437: mov ax, word ptr [0x46c] 0x1343a: add ax, word ptr [0x46e] 0x1343e: xor ax, 0x55aa 0x13441: ror cx, cl |
| 2018-12-25T12:31:29.462778069Z | 49 | PC: 13318 | Terminate and stay resident (Return code = '0' | Memory size = '189') |
{"DateBased":true,"Day":1,"Month":1,"Year":1987,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11912,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:31:29.397437762Z | 64 | PC: 0 | Write file or device (Write 2 bytes on handle 1) |
| 2018-12-25T12:31:29.407392592Z | 41 | PC: 94fae | Parse filename |
| 2018-12-25T12:31:29.411197998Z | 41 | PC: 9502f | Parse filename |
| 2018-12-25T12:31:29.4134018Z | 41 | PC: 9504c | Parse filename |
| 2018-12-25T12:31:29.415589603Z | 26 | PC: 984f7 | Set disk transfer address |
| 2018-12-25T12:31:29.418369308Z | 71 | PC: 986f3 | Get current directory |
| 2018-12-25T12:31:29.422621107Z | 78 | PC: 986fe | Find first file |
| 2018-12-25T12:31:29.434956123Z | 71 | PC: 986f3 | Get current directory (See above) |
| 2018-12-25T12:31:29.438894957Z | 78 | PC: 986fe | Find first file (See above) |
| 2018-12-25T12:31:29.450816814Z | 64 | PC: 9a848 | Write file or device (Write 26 bytes on handle 2) |
| 2018-12-25T12:31:29.456654226Z | 37 | PC: 123c4 | Set interrupt vector (Interrupt = '34' AKA 'Random write') |
| 2018-12-25T12:31:29.459395248Z | 37 | PC: 123cb | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-25T12:31:29.460716003Z | 37 | PC: 123d2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:31:29.462056191Z | 62 | PC: 122ab | Close file |
| 2018-12-25T12:31:29.463777789Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:31:29.466111334Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:31:29.468658707Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:31:29.470786002Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:31:29.476143753Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:31:29.477847071Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:31:29.479519913Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:31:29.48218263Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:31:29.484235878Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:31:29.486509353Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:31:29.494472969Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:31:29.496472254Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:31:29.501245709Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:31:29.503814349Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:31:29.506029021Z | 99 | PC: 9a5d7 | Get DBCS lead byte table pointer |
| 2018-12-25T12:31:29.507894507Z | 56 | PC: 94df9 | Get or set country info |
| 2018-12-25T12:31:29.510856438Z | 64 | PC: 9a848 | Write file or device (See above) |
| 2018-12-25T12:31:29.516194011Z | 25 | PC: 94e62 | Get default drive |
| 2018-12-25T12:31:29.517980574Z | 71 | PC: 970dd | Get current directory |
| 2018-12-25T12:31:29.522806823Z | 64 | PC: 9a848 | Write file or device (See above) |
| 2018-12-25T12:31:29.533478351Z | 2 | PC: 970b2 | Character output (Char = '3e') |
| 2018-12-25T12:31:29.535996413Z | 93 | PC: 94f20 | File sharing functions |
| 2018-12-25T12:31:29.537939353Z | 93 | PC: 94f27 | File sharing functions |
| 2018-12-25T12:31:29.540760404Z | 10 | PC: 94f39 | Buffered keyboard input |
| 2018-12-25T12:31:44.442308567Z | 0 | PC: 0 | Program terminate (See above) |
| 2018-12-25T12:31:45.798572342Z | 0 | PC: 0 | Program terminate (See above) |
| 2018-12-25T12:31:45.902123689Z | 64 | PC: 9a848 | Write file or device (See above) |
| 2018-12-25T12:31:45.909148865Z | 41 | PC: 94fae | Parse filename (See above) |
| 2018-12-25T12:31:45.91437427Z | 41 | PC: 9502f | Parse filename (See above) |
| 2018-12-25T12:31:45.91653289Z | 41 | PC: 9504c | Parse filename (See above) |
| 2018-12-25T12:31:45.919199395Z | 26 | PC: 984f7 | Set disk transfer address (See above) |
| 2018-12-25T12:31:45.922608813Z | 71 | PC: 986f3 | Get current directory (See above) |
| 2018-12-25T12:31:45.954235234Z | 78 | PC: 986fe | Find first file (See above) |
| 2018-12-25T12:31:45.981829151Z | 71 | PC: 9856c | Get current directory |
| 2018-12-25T12:31:45.985876226Z | 73 | PC: 97c09 | Release memory |
| 2018-12-25T12:31:45.987703987Z | 75 | PC: 11821 | Execute program |
| 2018-12-25T12:31:46.010746049Z | 9 | PC: 12a47 | Display string (String= 'Hello, World! ') |
| 2018-12-25T12:31:46.016324459Z | 76 | PC: 12a4b | Terminate with return code (Return code = '36') |
{"DateBased":true,"Day":2,"Month":5,"Year":1987,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11912,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:31:29.501849363Z | 51 | PC: 13339 | Get or set Ctrl-Break |
| 2018-12-25T12:31:29.504559517Z | 42 | PC: 1340f | Get date 0x1340f: cmp cx, 0x7c3 0x13413: jb 0x1341f 0x13415: ja 0x13427 0x13417: cmp dx, 0x501 0x1341b: jae 0x13427 0x1341d: jmp 0x13457 0x1341f: cmp byte ptr cs:[0x107], 2 0x13425: jb 0x13457 0x13427: push ds 0x13428: mov ax, 0xffff 0x1342b: mov ds, ax 0x1342d: mov al, byte ptr [0xe] 0x13430: and al, 0xfc 0x13432: cmp al, 0xfc 0x13434: pop ds 0x13435: jne 0x13457 0x13437: mov ax, word ptr [0x46c] 0x1343a: add ax, word ptr [0x46e] 0x1343e: xor ax, 0x55aa 0x13441: ror cx, cl |
| 2018-12-25T12:31:29.508829393Z | 49 | PC: 13318 | Terminate and stay resident (Return code = '0' | Memory size = '189') |
{"DateBased":true,"Day":1,"Month":1,"Year":1988,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11912,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:31:29.523191585Z | 51 | PC: 13339 | Get or set Ctrl-Break |
| 2018-12-25T12:31:29.525958658Z | 42 | PC: 1340f | Get date 0x1340f: cmp cx, 0x7c3 0x13413: jb 0x1341f 0x13415: ja 0x13427 0x13417: cmp dx, 0x501 0x1341b: jae 0x13427 0x1341d: jmp 0x13457 0x1341f: cmp byte ptr cs:[0x107], 2 0x13425: jb 0x13457 0x13427: push ds 0x13428: mov ax, 0xffff 0x1342b: mov ds, ax 0x1342d: mov al, byte ptr [0xe] 0x13430: and al, 0xfc 0x13432: cmp al, 0xfc 0x13434: pop ds 0x13435: jne 0x13457 0x13437: mov ax, word ptr [0x46c] 0x1343a: add ax, word ptr [0x46e] 0x1343e: xor ax, 0x55aa 0x13441: ror cx, cl |
| 2018-12-25T12:31:29.529279763Z | 49 | PC: 13318 | Terminate and stay resident (Return code = '0' | Memory size = '189') |