{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":138,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:40:16.521673631Z | 243 | PC: 12a85 | UNKNOWN! |
| 2018-12-25T11:40:16.52331808Z | 42 | PC: 12ad8 | Get date 0x12ad8: cmp cx, 0x7c9 0x12adc: jb 0x12aea 0x12ade: cmp dl, 3 0x12ae1: jne 0x12aea 0x12ae3: cmp al, 4 0x12ae5: jne 0x12aea 0x12ae7: jmp 0x12cb1 0x12aea: xor ax, ax 0x12aec: mov ds, ax 0x12aee: mov ax, word ptr [0x84] 0x12af1: mov bx, word ptr [0x86] 0x12af5: mov word ptr es:[0x401], ax 0x12af9: mov word ptr es:[0x403], bx 0x12afe: cli 0x12aff: mov word ptr [0x84], 0x249 0x12b05: mov word ptr [0x86], es 0x12b09: sti 0x12b0a: push cs 0x12b0b: pop es 0x12b0c: jmp 0x12a8c |
| 2018-12-25T11:40:16.525084055Z | 76 | PC: 12a44 | Terminate with return code (Return code = '0') |
{"DateBased":true,"Day":1,"Month":1,"Year":1993,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":138,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:40:16.552513825Z | 243 | PC: 12a85 | UNKNOWN! |
| 2018-12-25T11:40:16.553803361Z | 42 | PC: 12ad8 | Get date 0x12ad8: cmp cx, 0x7c9 0x12adc: jb 0x12aea 0x12ade: cmp dl, 3 0x12ae1: jne 0x12aea 0x12ae3: cmp al, 4 0x12ae5: jne 0x12aea 0x12ae7: jmp 0x12cb1 0x12aea: xor ax, ax 0x12aec: mov ds, ax 0x12aee: mov ax, word ptr [0x84] 0x12af1: mov bx, word ptr [0x86] 0x12af5: mov word ptr es:[0x401], ax 0x12af9: mov word ptr es:[0x403], bx 0x12afe: cli 0x12aff: mov word ptr [0x84], 0x249 0x12b05: mov word ptr [0x86], es 0x12b09: sti 0x12b0a: push cs 0x12b0b: pop es 0x12b0c: jmp 0x12a8c |
| 2018-12-25T11:40:16.557360992Z | 76 | PC: 12a44 | Terminate with return code (Return code = '0') |
{"DateBased":true,"Day":3,"Month":1,"Year":1993,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":138,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:40:16.760802265Z | 243 | PC: 12a85 | UNKNOWN! |
| 2018-12-25T11:40:16.762504593Z | 42 | PC: 12ad8 | Get date 0x12ad8: cmp cx, 0x7c9 0x12adc: jb 0x12aea 0x12ade: cmp dl, 3 0x12ae1: jne 0x12aea 0x12ae3: cmp al, 4 0x12ae5: jne 0x12aea 0x12ae7: jmp 0x12cb1 0x12aea: xor ax, ax 0x12aec: mov ds, ax 0x12aee: mov ax, word ptr [0x84] 0x12af1: mov bx, word ptr [0x86] 0x12af5: mov word ptr es:[0x401], ax 0x12af9: mov word ptr es:[0x403], bx 0x12afe: cli 0x12aff: mov word ptr [0x84], 0x249 0x12b05: mov word ptr [0x86], es 0x12b09: sti 0x12b0a: push cs 0x12b0b: pop es 0x12b0c: jmp 0x12a8c |
| 2018-12-25T11:40:16.76577562Z | 76 | PC: 12a44 | Terminate with return code (Return code = '0') |
{"DateBased":true,"Day":3,"Month":6,"Year":1993,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":138,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:40:16.907104674Z | 243 | PC: 12a85 | UNKNOWN! |
| 2018-12-25T11:40:16.90858145Z | 42 | PC: 12ad8 | Get date 0x12ad8: cmp cx, 0x7c9 0x12adc: jb 0x12aea 0x12ade: cmp dl, 3 0x12ae1: jne 0x12aea 0x12ae3: cmp al, 4 0x12ae5: jne 0x12aea 0x12ae7: jmp 0x12cb1 0x12aea: xor ax, ax 0x12aec: mov ds, ax 0x12aee: mov ax, word ptr [0x84] 0x12af1: mov bx, word ptr [0x86] 0x12af5: mov word ptr es:[0x401], ax 0x12af9: mov word ptr es:[0x403], bx 0x12afe: cli 0x12aff: mov word ptr [0x84], 0x249 0x12b05: mov word ptr [0x86], es 0x12b09: sti 0x12b0a: push cs 0x12b0b: pop es 0x12b0c: jmp 0x12a8c |
| 2018-12-25T11:40:16.912146016Z | 53 | PC: 12cfe | Get interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive') |
| 2018-12-25T11:40:16.913657718Z | 37 | PC: 12d0f | Set interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive') |
| 2018-12-25T11:40:16.915169585Z | 76 | PC: 12a44 | Terminate with return code (Return code = '0') |