{"DateBased":true,"Day":1,"Month":1,"Year":1987,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11963,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:31:37.203094072Z | 51 | PC: 13339 | Get or set Ctrl-Break |
| 2018-12-25T12:31:37.205838848Z | 42 | PC: 1340f | Get date 0x1340f: cmp cx, 0x7c3 0x13413: jb 0x1341f 0x13415: ja 0x13427 0x13417: cmp dx, 0x501 0x1341b: jae 0x13427 0x1341d: jmp 0x13457 0x1341f: cmp byte ptr cs:[0x107], 2 0x13425: jb 0x13457 0x13427: push ds 0x13428: mov ax, 0xffff 0x1342b: mov ds, ax 0x1342d: mov al, byte ptr [0xe] 0x13430: and al, 0xfc 0x13432: cmp al, 0xfc 0x13434: pop ds 0x13435: jne 0x13457 0x13437: mov ax, word ptr [0x46c] 0x1343a: add ax, word ptr [0x46e] 0x1343e: xor ax, 0x55aa 0x13441: ror cx, cl |
| 2018-12-25T12:31:37.210195322Z | 76 | PC: 1361a | Terminate with return code (Return code = '0') |
{"DateBased":true,"Day":2,"Month":5,"Year":1987,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11963,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:31:37.760170047Z | 51 | PC: 13339 | Get or set Ctrl-Break |
| 2018-12-25T12:31:37.763292512Z | 42 | PC: 1340f | Get date 0x1340f: cmp cx, 0x7c3 0x13413: jb 0x1341f 0x13415: ja 0x13427 0x13417: cmp dx, 0x501 0x1341b: jae 0x13427 0x1341d: jmp 0x13457 0x1341f: cmp byte ptr cs:[0x107], 2 0x13425: jb 0x13457 0x13427: push ds 0x13428: mov ax, 0xffff 0x1342b: mov ds, ax 0x1342d: mov al, byte ptr [0xe] 0x13430: and al, 0xfc 0x13432: cmp al, 0xfc 0x13434: pop ds 0x13435: jne 0x13457 0x13437: mov ax, word ptr [0x46c] 0x1343a: add ax, word ptr [0x46e] 0x1343e: xor ax, 0x55aa 0x13441: ror cx, cl |
| 2018-12-25T12:31:37.765648688Z | 76 | PC: 1361a | Terminate with return code (Return code = '0') |
{"DateBased":true,"Day":1,"Month":1,"Year":1988,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11963,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:31:38.141504525Z | 51 | PC: 13339 | Get or set Ctrl-Break |
| 2018-12-25T12:31:38.144274924Z | 42 | PC: 1340f | Get date 0x1340f: cmp cx, 0x7c3 0x13413: jb 0x1341f 0x13415: ja 0x13427 0x13417: cmp dx, 0x501 0x1341b: jae 0x13427 0x1341d: jmp 0x13457 0x1341f: cmp byte ptr cs:[0x107], 2 0x13425: jb 0x13457 0x13427: push ds 0x13428: mov ax, 0xffff 0x1342b: mov ds, ax 0x1342d: mov al, byte ptr [0xe] 0x13430: and al, 0xfc 0x13432: cmp al, 0xfc 0x13434: pop ds 0x13435: jne 0x13457 0x13437: mov ax, word ptr [0x46c] 0x1343a: add ax, word ptr [0x46e] 0x1343e: xor ax, 0x55aa 0x13441: ror cx, cl |
| 2018-12-25T12:31:38.147581516Z | 76 | PC: 1361a | Terminate with return code (Return code = '0') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11963,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:31:38.684731999Z | 51 | PC: 13339 | Get or set Ctrl-Break |
| 2018-12-25T12:31:38.686984708Z | 42 | PC: 1340f | Get date 0x1340f: cmp cx, 0x7c3 0x13413: jb 0x1341f 0x13415: ja 0x13427 0x13417: cmp dx, 0x501 0x1341b: jae 0x13427 0x1341d: jmp 0x13457 0x1341f: cmp byte ptr cs:[0x107], 2 0x13425: jb 0x13457 0x13427: push ds 0x13428: mov ax, 0xffff 0x1342b: mov ds, ax 0x1342d: mov al, byte ptr [0xe] 0x13430: and al, 0xfc 0x13432: cmp al, 0xfc 0x13434: pop ds 0x13435: jne 0x13457 0x13437: mov ax, word ptr [0x46c] 0x1343a: add ax, word ptr [0x46e] 0x1343e: xor ax, 0x55aa 0x13441: ror cx, cl |
| 2018-12-25T12:31:38.690112841Z | 76 | PC: 1361a | Terminate with return code (Return code = '0') |