Sample viewer

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":13889,"SideJobID":0}

.

GIF

Syscalls:

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":1,"TimeBased":true,"OriginalID":13889,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:39:17.899897389Z	44	PC: 12c52 | Get time 0x12c52: cmp dh, ch 0x12c54: jne 0x12c5d 0x12c56: cmp ch, cl 0x12c58: jne 0x12c5d 0x12c5a: jmp 0x12eca 0x12c5d: not cx 0x12c5f: mov ax, 0x4bef 0x12c62: int 0x21 0x12c64: cmp cx, 0 0x12c67: jne 0x12c6c 0x12c69: jmp 0x12cc4 0x12c6b: nop 0x12c6c: mov ax, es 0x12c6e: dec ax 0x12c6f: mov es, ax 0x12c71: cmp byte ptr es:[0], 0x5a 0x12c77: jne 0x12cc4 0x12c79: sub word ptr es:[3], 0x73 0x12c7f: nop 0x12c80: jb 0x12c82
2018-12-25T12:39:17.902754639Z	75	PC: 12c64 | Execute program
2018-12-25T12:39:17.90433032Z	76	PC: 12c17 | Terminate with return code (Return code = '175')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":1,"Second":0,"TimeBased":true,"OriginalID":13889,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:39:18.014568176Z	44	PC: 12c52 | Get time 0x12c52: cmp dh, ch 0x12c54: jne 0x12c5d 0x12c56: cmp ch, cl 0x12c58: jne 0x12c5d 0x12c5a: jmp 0x12eca 0x12c5d: not cx 0x12c5f: mov ax, 0x4bef 0x12c62: int 0x21 0x12c64: cmp cx, 0 0x12c67: jne 0x12c6c 0x12c69: jmp 0x12cc4 0x12c6b: nop 0x12c6c: mov ax, es 0x12c6e: dec ax 0x12c6f: mov es, ax 0x12c71: cmp byte ptr es:[0], 0x5a 0x12c77: jne 0x12cc4 0x12c79: sub word ptr es:[3], 0x73 0x12c7f: nop 0x12c80: jb 0x12c82
2018-12-25T12:39:18.017088561Z	75	PC: 12c64 | Execute program
2018-12-25T12:39:18.018713654Z	76	PC: 12c17 | Terminate with return code (Return code = '175')