{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":13825,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:39:12.692373684Z | 42 | PC: 12a44 | Get date 0x12a44: cmp dl, 0x15 0x12a47: je 0x12a52 0x12a49: mov ah, 9 0x12a4b: mov dx, 0x1b7 0x12a4e: int 0x21 0x12a50: jmp 0x12a5c 0x12a52: mov cx, 0x3e8 0x12a55: mov ax, 0xe07 0x12a58: int 0x10 0x12a5a: loop 0x12a58 0x12a5c: jmp 0x12b11 0x12a5f: pushf 0x12a60: cmp ah, 0x4b 0x12a63: je 0x12a67 0x12a65: jmp 0x12aa0 0x12a67: mov ax, 0x4301 0x12a6a: and cl, 0xfe 0x12a6d: int 0x21 0x12a6f: mov ax, 0x3d02 0x12a72: int 0x21 |
| 2018-12-25T12:39:12.694928938Z | 9 | PC: 12a50 | Display string (String= 'Bad command or filename ') |
| 2018-12-25T12:39:12.70005547Z | 53 | PC: 12b16 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:39:12.701127017Z | 37 | PC: 12b28 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:39:12.703330098Z | 49 | PC: 12b2f | Terminate and stay resident (Return code = '0' | Memory size = '31') |
{"DateBased":true,"Day":21,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":13825,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:39:12.628347839Z | 42 | PC: 12a44 | Get date 0x12a44: cmp dl, 0x15 0x12a47: je 0x12a52 0x12a49: mov ah, 9 0x12a4b: mov dx, 0x1b7 0x12a4e: int 0x21 0x12a50: jmp 0x12a5c 0x12a52: mov cx, 0x3e8 0x12a55: mov ax, 0xe07 0x12a58: int 0x10 0x12a5a: loop 0x12a58 0x12a5c: jmp 0x12b11 0x12a5f: pushf 0x12a60: cmp ah, 0x4b 0x12a63: je 0x12a67 0x12a65: jmp 0x12aa0 0x12a67: mov ax, 0x4301 0x12a6a: and cl, 0xfe 0x12a6d: int 0x21 0x12a6f: mov ax, 0x3d02 0x12a72: int 0x21 |
| 2018-12-25T12:39:12.63900997Z | 53 | PC: 12b16 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:39:12.640769679Z | 37 | PC: 12b28 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:39:12.642541522Z | 49 | PC: 12b2f | Terminate and stay resident (Return code = '0' | Memory size = '31') |