{"DateBased":true,"Day":5,"Month":5,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12830,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:36:37.906301808Z | 42 | PC: 1321e | Get date 0x1321e: cmp dx, 0x505 0x13222: je 0x1322a 0x13224: cmp dx, 0x1111 0x13228: jne 0x13264 0x1322a: mov cx, 0xffff 0x1322d: mov al, 2 0x1322f: mov dx, 1 0x13232: mov bx, 0x80 0x13235: mov word ptr [bx], 1 0x13239: mov word ptr [bx + 2], 0 0x1323e: mov word ptr [bx + 4], 0x500 0x13243: int 0x26 0x13245: popf 0x13246: mov cx, 0xff 0x13249: mov al, 2 0x1324b: mov dx, 1 0x1324e: mov bx, 0x80 0x13251: int 0x26 0x13253: popf 0x13254: mov al, 0 |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12830,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:36:38.02175592Z | 42 | PC: 1321e | Get date 0x1321e: cmp dx, 0x505 0x13222: je 0x1322a 0x13224: cmp dx, 0x1111 0x13228: jne 0x13264 0x1322a: mov cx, 0xffff 0x1322d: mov al, 2 0x1322f: mov dx, 1 0x13232: mov bx, 0x80 0x13235: mov word ptr [bx], 1 0x13239: mov word ptr [bx + 2], 0 0x1323e: mov word ptr [bx + 4], 0x500 0x13243: int 0x26 0x13245: popf 0x13246: mov cx, 0xff 0x13249: mov al, 2 0x1324b: mov dx, 1 0x1324e: mov bx, 0x80 0x13251: int 0x26 0x13253: popf 0x13254: mov al, 0 |
| 2018-12-25T12:36:38.025431412Z | 74 | PC: 1329c | Reallocate memory |
| 2018-12-25T12:36:38.027477904Z | 72 | PC: 132a3 | Allocate memory |
| 2018-12-25T12:36:38.029695744Z | 53 | PC: 9f92a | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:36:38.031738543Z | 37 | PC: 9f93e | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:36:38.033943605Z | 76 | PC: 12a45 | Terminate with return code (Return code = '0') |