{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12731,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:36:08.637622166Z | 37 | PC: 12a8e | Set interrupt vector (Interrupt = '1' AKA 'Character input') |
| 2018-12-25T12:36:08.639418554Z | 65 | PC: 12a99 | Delete file (Filename = 'ANTI-VIR.DAT') |
| 2018-12-25T12:36:08.646997986Z | 65 | PC: 12aa4 | Delete file (Filename = 'AVP.CRC') |
| 2018-12-25T12:36:08.65427441Z | 26 | PC: 12aae | Set disk transfer address |
| 2018-12-25T12:36:08.661510312Z | 65 | PC: 12ab9 | Delete file (Filename = 'CHKLIST.MS') |
| 2018-12-25T12:36:08.667378523Z | 65 | PC: 12ac4 | Delete file (Filename = 'CHKLIST.CPS') |
| 2018-12-25T12:36:08.6731783Z | 42 | PC: 12acb | Get date 0x12acb: cmp dl, 0x1f 0x12ace: jne 0x12b05 0x12ad0: mov dx, 0x1f6 0x12ad3: mov al, 0xa0 0x12ad5: out dx, al 0x12ad6: mov dx, 0x1f2 0x12ad9: mov al, 1 0x12adb: out dx, al 0x12adc: mov dx, 0x1f3 0x12adf: mov al, 1 0x12ae1: out dx, al 0x12ae2: mov dx, 0x1f4 0x12ae5: sub al, al 0x12ae7: out dx, al 0x12ae8: mov dx, 0x1f5 0x12aeb: xor al, al 0x12aed: out dx, al 0x12aee: mov dx, 0x1f7 0x12af1: mov al, 0x30 0x12af3: out dx, al |
| 2018-12-25T12:36:08.676348934Z | 78 | PC: 12b12 | Find first file |
| 2018-12-25T12:36:08.687106841Z | 26 | PC: 12b1e | Set disk transfer address |
| 2018-12-25T12:36:08.68846026Z | 74 | PC: 12b71 | Reallocate memory |
| 2018-12-25T12:36:08.697090495Z | 75 | PC: 12b81 | Execute program |
| 2018-12-25T12:36:08.705271713Z | 76 | PC: 12b88 | Terminate with return code (Return code = '2') |
{"DateBased":true,"Day":31,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12731,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:36:09.08174819Z | 37 | PC: 12a8e | Set interrupt vector (Interrupt = '1' AKA 'Character input') |
| 2018-12-25T12:36:09.083775796Z | 65 | PC: 12a99 | Delete file (Filename = 'ANTI-VIR.DAT') |
| 2018-12-25T12:36:09.089430822Z | 65 | PC: 12aa4 | Delete file (Filename = 'AVP.CRC') |
| 2018-12-25T12:36:09.094899162Z | 26 | PC: 12aae | Set disk transfer address |
| 2018-12-25T12:36:09.096830624Z | 65 | PC: 12ab9 | Delete file (Filename = 'CHKLIST.MS') |
| 2018-12-25T12:36:09.103051836Z | 65 | PC: 12ac4 | Delete file (Filename = 'CHKLIST.CPS') |
| 2018-12-25T12:36:09.108845518Z | 42 | PC: 12acb | Get date 0x12acb: cmp dl, 0x1f 0x12ace: jne 0x12b05 0x12ad0: mov dx, 0x1f6 0x12ad3: mov al, 0xa0 0x12ad5: out dx, al 0x12ad6: mov dx, 0x1f2 0x12ad9: mov al, 1 0x12adb: out dx, al 0x12adc: mov dx, 0x1f3 0x12adf: mov al, 1 0x12ae1: out dx, al 0x12ae2: mov dx, 0x1f4 0x12ae5: sub al, al 0x12ae7: out dx, al 0x12ae8: mov dx, 0x1f5 0x12aeb: xor al, al 0x12aed: out dx, al 0x12aee: mov dx, 0x1f7 0x12af1: mov al, 0x30 0x12af3: out dx, al |
| 2018-12-25T12:36:09.745456289Z | 78 | PC: 12b12 | Find first file |
| 2018-12-25T12:36:09.757785067Z | 26 | PC: 12b1e | Set disk transfer address |
| 2018-12-25T12:36:09.759762128Z | 74 | PC: 12b71 | Reallocate memory |
| 2018-12-25T12:36:09.761641023Z | 75 | PC: 12b81 | Execute program |
| 2018-12-25T12:36:09.773180606Z | 76 | PC: 12b88 | Terminate with return code (Return code = '2') |