{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14178,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:40:05.323660602Z | 250 | PC: 12b18 | UNKNOWN! |
| 2018-12-25T12:40:05.324498721Z | 42 | PC: 12b20 | Get date 0x12b20: cmp dl, 0x13 0x12b23: jne 0x12b2b 0x12b25: mov byte ptr cs:[bp + 0x58e], 1 0x12b2b: mov ax, es 0x12b2d: dec ax 0x12b2e: mov ds, ax 0x12b30: cmp byte ptr [0], 0x5a 0x12b35: jne 0x12b7c 0x12b37: sub word ptr [3], 0x140 0x12b3d: sub word ptr [0x12], 0x140 0x12b43: mov es, word ptr [0x12] 0x12b47: push cs 0x12b48: pop ds 0x12b49: mov si, bp 0x12b4b: mov cx, 0x3af 0x12b4e: xor di, di 0x12b50: rep movsd dword ptr es:[di], dword ptr [si] 0x12b52: xor ax, ax 0x12b54: mov ds, ax 0x12b56: push ds |
| 2018-12-25T12:40:05.327514007Z | 44 | PC: 12ef2 | Get time 0x12ef2: ret 0x12ef3: and dh, bh 0x12ef5: and byte ptr [bx + si + 0x49], dl 0x12ef8: out dx, ax 0x12ef9: push di 0x12efa: jmp 0x17c6f 0x12efd: push word ptr [bp + 0x31] 0x12f00: xor byte ptr cs:[bx + si], dh 0x12f03: and byte ptr [di], ch 0x12f05: and byte ptr [bp + di + 0x6f], al 0x12f08: and byte ptr fs:[bp + si + 0x79], ah 0x12f0e: and bl, bh 0x12f10: imul si, word ptr [bp + si + 0x6f], 0x6567 0x12f15: outsb dx, byte ptr [si] 0x12f16: and byte ptr [bx + di + 0x6e], ch 0x12f19: and byte ptr [bx + di + 0x70], al 0x12f1c: jb 0x12f87 0x12f1e: insb byte ptr es:[di], dx 0x12f1f: and byte ptr [bx + di], dh 0x12f21: cmp word ptr [bx + di], di |
{"DateBased":true,"Day":19,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14178,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:40:05.354138862Z | 250 | PC: 12b18 | UNKNOWN! |
| 2018-12-25T12:40:05.354884487Z | 42 | PC: 12b20 | Get date 0x12b20: cmp dl, 0x13 0x12b23: jne 0x12b2b 0x12b25: mov byte ptr cs:[bp + 0x58e], 1 0x12b2b: mov ax, es 0x12b2d: dec ax 0x12b2e: mov ds, ax 0x12b30: cmp byte ptr [0], 0x5a 0x12b35: jne 0x12b7c 0x12b37: sub word ptr [3], 0x140 0x12b3d: sub word ptr [0x12], 0x140 0x12b43: mov es, word ptr [0x12] 0x12b47: push cs 0x12b48: pop ds 0x12b49: mov si, bp 0x12b4b: mov cx, 0x3af 0x12b4e: xor di, di 0x12b50: rep movsd dword ptr es:[di], dword ptr [si] 0x12b52: xor ax, ax 0x12b54: mov ds, ax 0x12b56: push ds |
| 2018-12-25T12:40:05.357572539Z | 44 | PC: 12ef2 | Get time 0x12ef2: ret 0x12ef3: and dh, bh 0x12ef5: and byte ptr [bx + si + 0x49], dl 0x12ef8: out dx, ax 0x12ef9: push di 0x12efa: jmp 0x17c6f 0x12efd: push word ptr [bp + 0x31] 0x12f00: xor byte ptr cs:[bx + si], dh 0x12f03: and byte ptr [di], ch 0x12f05: and byte ptr [bp + di + 0x6f], al 0x12f08: and byte ptr fs:[bp + si + 0x79], ah 0x12f0e: and bl, bh 0x12f10: imul si, word ptr [bp + si + 0x6f], 0x6567 0x12f15: outsb dx, byte ptr [si] 0x12f16: and byte ptr [bx + di + 0x6e], ch 0x12f19: and byte ptr [bx + di + 0x70], al 0x12f1c: jb 0x12f87 0x12f1e: insb byte ptr es:[di], dx 0x12f1f: and byte ptr [bx + di], dh 0x12f21: cmp word ptr [bx + di], di |