{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":13086,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:37:27.674826938Z | 53 | PC: 12b66 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:37:27.676492092Z | 44 | PC: 12b90 | Get time 0x12b90: cmp cl, 0 0x12b93: jne 0x12b9f 0x12b95: mov ah, 7 0x12b97: call 0x12beb 0x12b9a: dec ah 0x12b9c: call 0x12beb 0x12b9f: popf 0x12ba0: mov ax, 0x100 0x12ba3: push ax 0x12ba4: ret 0x12ba5: add si, 3 0x12ba8: mov ax, cs 0x12baa: mov es, ax 0x12bac: mov di, 0x100 0x12baf: mov cx, 3 0x12bb2: rep movsb byte ptr es:[di], byte ptr [si] 0x12bb4: sub si, 6 0x12bb7: ret 0x12bb8: mov ax, 0x4202 0x12bbb: xor cx, cx |
| 2018-12-25T12:37:27.705577762Z | 9 | PC: 12aa2 | Display string (String= 'Hello - This is a 100 COM test file, 1993 ') |
{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":1,"Second":0,"TimeBased":true,"OriginalID":13086,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:37:27.636333444Z | 53 | PC: 12b66 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:37:27.638644319Z | 44 | PC: 12b90 | Get time 0x12b90: cmp cl, 0 0x12b93: jne 0x12b9f 0x12b95: mov ah, 7 0x12b97: call 0x12beb 0x12b9a: dec ah 0x12b9c: call 0x12beb 0x12b9f: popf 0x12ba0: mov ax, 0x100 0x12ba3: push ax 0x12ba4: ret 0x12ba5: add si, 3 0x12ba8: mov ax, cs 0x12baa: mov es, ax 0x12bac: mov di, 0x100 0x12baf: mov cx, 3 0x12bb2: rep movsb byte ptr es:[di], byte ptr [si] 0x12bb4: sub si, 6 0x12bb7: ret 0x12bb8: mov ax, 0x4202 0x12bbb: xor cx, cx |
| 2018-12-25T12:37:27.641359176Z | 9 | PC: 12aa2 | Display string (String= 'Hello - This is a 100 COM test file, 1993 ') |