{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12340,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:32:29.56613951Z | 42 | PC: 13c58 | Get date 0x13c58: cmp dh, 6 0x13c5b: jbe 0x13c63 0x13c5d: sub word ptr cs:[si + 0x3d5], 0x10 0x13c63: mov ax, word ptr cs:[si + 0x3d5] 0x13c68: push ax 0x13c69: push ds 0x13c6a: push es 0x13c6b: mov ax, 0xcafa 0x13c6e: int 0x21 0x13c70: cmp ax, 0x5332 0x13c73: je 0x13cd3 0x13c75: mov ax, es 0x13c77: dec ax 0x13c78: mov es, ax 0x13c7a: mov ax, word ptr es:[3] 0x13c7e: sub ax, 0x48 0x13c81: mov word ptr es:[3], ax 0x13c85: mov bx, word ptr es:[1] 0x13c8a: add bx, ax 0x13c8c: mov es, bx |
| 2018-12-25T12:32:29.568763181Z | 202 | PC: 13c70 | UNKNOWN! |
{"DateBased":true,"Day":1,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12340,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:32:29.608705189Z | 42 | PC: 13c58 | Get date 0x13c58: cmp dh, 6 0x13c5b: jbe 0x13c63 0x13c5d: sub word ptr cs:[si + 0x3d5], 0x10 0x13c63: mov ax, word ptr cs:[si + 0x3d5] 0x13c68: push ax 0x13c69: push ds 0x13c6a: push es 0x13c6b: mov ax, 0xcafa 0x13c6e: int 0x21 0x13c70: cmp ax, 0x5332 0x13c73: je 0x13cd3 0x13c75: mov ax, es 0x13c77: dec ax 0x13c78: mov es, ax 0x13c7a: mov ax, word ptr es:[3] 0x13c7e: sub ax, 0x48 0x13c81: mov word ptr es:[3], ax 0x13c85: mov bx, word ptr es:[1] 0x13c8a: add bx, ax 0x13c8c: mov es, bx |
| 2018-12-25T12:32:29.612934118Z | 202 | PC: 13c70 | UNKNOWN! |