{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":13,"TimeBased":true,"OriginalID":13985,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:39:41.464444873Z | 44 | PC: 12c4c | Get time 0x12c4c: cmp dh, 0xd 0x12c4f: jne 0x12c54 0x12c51: jmp 0x12e88 0x12c54: mov ax, 0x4bee 0x12c57: int 0x21 0x12c59: jb 0x12c63 0x12c5b: pop word ptr cs:[0x6cb] 0x12c60: jmp 0x12cbb 0x12c62: nop 0x12c63: mov ax, es 0x12c65: dec ax 0x12c66: mov es, ax 0x12c68: cmp byte ptr es:[0], 0x5a 0x12c6e: jne 0x12cbb 0x12c70: sub word ptr es:[3], 0x6f 0x12c76: nop 0x12c77: jb 0x12c79 0x12c79: sub word ptr es:[0x12], 0x6f 0x12c7f: nop 0x12c80: mov es, word ptr es:[0x12] |
| 2018-12-25T12:39:41.467375081Z | 75 | PC: 12c59 | Execute program |
| 2018-12-25T12:39:41.46900282Z | 76 | PC: 12c17 | Terminate with return code (Return code = '175') |
{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":13985,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:39:41.530562094Z | 44 | PC: 12c4c | Get time 0x12c4c: cmp dh, 0xd 0x12c4f: jne 0x12c54 0x12c51: jmp 0x12e88 0x12c54: mov ax, 0x4bee 0x12c57: int 0x21 0x12c59: jb 0x12c63 0x12c5b: pop word ptr cs:[0x6cb] 0x12c60: jmp 0x12cbb 0x12c62: nop 0x12c63: mov ax, es 0x12c65: dec ax 0x12c66: mov es, ax 0x12c68: cmp byte ptr es:[0], 0x5a 0x12c6e: jne 0x12cbb 0x12c70: sub word ptr es:[3], 0x6f 0x12c76: nop 0x12c77: jb 0x12c79 0x12c79: sub word ptr es:[0x12], 0x6f 0x12c7f: nop 0x12c80: mov es, word ptr es:[0x12] |
| 2018-12-25T12:39:41.533926649Z | 75 | PC: 12c59 | Execute program |
| 2018-12-25T12:39:41.535738079Z | 76 | PC: 12c17 | Terminate with return code (Return code = '175') |