{"DateBased":true,"Day":1,"Month":2,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1407,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:43:30.981165261Z | 74 | PC: 12ca1 | Reallocate memory |
| 2018-12-25T11:43:30.983634006Z | 72 | PC: 12caa | Allocate memory |
| 2018-12-25T11:43:30.985249994Z | 82 | PC: 12cb6 | Get DOS internal pointers (SYSVARS) |
| 2018-12-25T11:43:30.986400781Z | 53 | PC: 9e3e0 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T11:43:30.987773147Z | 53 | PC: 9e3f1 | Get interrupt vector (Interrupt = '19' AKA 'Delete file') |
| 2018-12-25T11:43:30.989365654Z | 37 | PC: 9e407 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T11:43:30.990375899Z | 42 | PC: 9e40b | Get date 0x9e40b: cmp dh, 1 0x9e40e: jne 0x9e441 0x9e410: mov ax, 0x3508 0x9e413: int 0x21 0x9e415: mov word ptr cs:[0x7c0], bx 0x9e41a: mov bx, es 0x9e41c: mov word ptr cs:[0x7c2], bx 0x9e421: mov ax, 0x2508 0x9e424: push cs 0x9e425: pop ds 0x9e426: mov dx, 0x7d0 0x9e429: int 0x21 0x9e42b: mov ah, 0x2c 0x9e42d: int 0x21 0x9e42f: mov ax, 0x800 0x9e432: mov dh, 0 0x9e434: mov cl, 5 0x9e436: shl dx, cl 0x9e438: add ax, dx 0x9e43a: mov word ptr cs:[0x7cc], ax |
| 2018-12-25T11:43:30.992674162Z | 76 | PC: 12c17 | Terminate with return code (Return code = '0') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1407,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:43:30.987248308Z | 74 | PC: 12ca1 | Reallocate memory |
| 2018-12-25T11:43:30.989306272Z | 72 | PC: 12caa | Allocate memory |
| 2018-12-25T11:43:30.990951281Z | 82 | PC: 12cb6 | Get DOS internal pointers (SYSVARS) |
| 2018-12-25T11:43:30.992742716Z | 53 | PC: 9e3e0 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T11:43:30.993974972Z | 53 | PC: 9e3f1 | Get interrupt vector (Interrupt = '19' AKA 'Delete file') |
| 2018-12-25T11:43:30.997189126Z | 37 | PC: 9e407 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T11:43:30.99845381Z | 42 | PC: 9e40b | Get date 0x9e40b: cmp dh, 1 0x9e40e: jne 0x9e441 0x9e410: mov ax, 0x3508 0x9e413: int 0x21 0x9e415: mov word ptr cs:[0x7c0], bx 0x9e41a: mov bx, es 0x9e41c: mov word ptr cs:[0x7c2], bx 0x9e421: mov ax, 0x2508 0x9e424: push cs 0x9e425: pop ds 0x9e426: mov dx, 0x7d0 0x9e429: int 0x21 0x9e42b: mov ah, 0x2c 0x9e42d: int 0x21 0x9e42f: mov ax, 0x800 0x9e432: mov dh, 0 0x9e434: mov cl, 5 0x9e436: shl dx, cl 0x9e438: add ax, dx 0x9e43a: mov word ptr cs:[0x7cc], ax |
| 2018-12-25T11:43:31.001196917Z | 53 | PC: 9e415 | Get interrupt vector (Interrupt = '8' AKA 'Console input without echo') |
| 2018-12-25T11:43:31.003838914Z | 37 | PC: 9e42b | Set interrupt vector (Interrupt = '8' AKA 'Console input without echo') |
| 2018-12-25T11:43:31.005294909Z | 44 | PC: 9e42f | Get time 0x9e42f: mov ax, 0x800 0x9e432: mov dh, 0 0x9e434: mov cl, 5 0x9e436: shl dx, cl 0x9e438: add ax, dx 0x9e43a: mov word ptr cs:[0x7cc], ax 0x9e43e: call 0x9e511 0x9e441: jmp 0x9dd56 0x9e444: sub al, 0x4d 0x9e446: xor byte ptr [bx + di + 0x40f8], bl 0x9e44a: sbb word ptr [bx + si], ax 0x9e44c: sbb al, byte ptr [bx + di] 0x9e44e: mov word ptr [bp + di], cs 0x9e450: cmp al, 0 0x9e452: lcall 0xce30:0x7f10 0x9e457: sbb ax, word ptr [bx + si] 0x9e459: add byte ptr [bx + si], al 0x9e45b: add cl, al 0x9e45d: adc word ptr [bx + di - 0x80], bx 0x9e460: dec word ptr cs:[0x7ce] |
| 2018-12-25T11:43:31.007754686Z | 76 | PC: 12c17 | Terminate with return code (Return code = '0') |