{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14287,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:40:17.266047754Z | 42 | PC: 12e53 | Get date 0x12e53: cmp dx, 0x401 0x12e57: jne 0x12e6a 0x12e59: mov ax, 0x515 0x12e5c: mov ch, 0 0x12e5e: mov dx, 0 0x12e61: mov es, dx 0x12e63: mov bx, 0 0x12e66: int 0x13 0x12e68: int 0x20 0x12e6a: jmp 0x12f11 0x12e6d: dec ax 0x12e6e: imul sp, word ptr [bx + di], 0x4920 0x12e72: daa 0x12e73: insw word ptr es:[di], dx 0x12e74: and byte ptr [bp + di + 0x61], al 0x12e77: jae 0x12ee9 0x12e79: jb 0x12e9c 0x12e7c: push sp 0x12e7d: push 0x2065 0x12e80: push si |
| 2018-12-25T12:40:17.268879767Z | 48 | PC: 12f56 | Get DOS version |
| 2018-12-25T12:40:17.270007637Z | 47 | PC: 12f64 | Get disk transfer address |
| 2018-12-25T12:40:17.271212278Z | 26 | PC: 12f79 | Set disk transfer address |
| 2018-12-25T12:40:17.276988102Z | 78 | PC: 12ffc | Find first file |
| 2018-12-25T12:40:17.282916834Z | 67 | PC: 1303b | Get or set file attributes |
| 2018-12-25T12:40:17.287532298Z | 67 | PC: 1304c | Get or set file attributes |
| 2018-12-25T12:40:18.21073067Z | 61 | PC: 13057 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:40:18.219535805Z | 87 | PC: 13064 | Get or set file date and time |
| 2018-12-25T12:40:18.221650583Z | 63 | PC: 13077 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:40:18.229561736Z | 66 | PC: 13093 | Move file pointer |
| 2018-12-25T12:40:18.23157003Z | 44 | PC: 130c1 | Get time 0x130c1: xor dx, cx 0x130c3: int3 0x130c4: pop ds 0x130c5: xchg ax, si 0x130c6: push si |
| 2018-12-25T12:40:18.23559131Z | 64 | PC: 134e3 | Write file or device (Write 1440 bytes on handle 5) |
| 2018-12-25T12:40:18.245200234Z | 66 | PC: 13194 | Move file pointer |
| 2018-12-25T12:40:18.247152441Z | 64 | PC: 131a5 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:40:18.253836305Z | 87 | PC: 131b6 | Get or set file date and time |
| 2018-12-25T12:40:18.255309925Z | 62 | PC: 131ba | Close file |
| 2018-12-25T12:40:18.265002714Z | 67 | PC: 131c8 | Get or set file attributes |
| 2018-12-25T12:40:18.274910623Z | 26 | PC: 131d3 | Set disk transfer address |
{"DateBased":true,"Day":1,"Month":4,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14287,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:40:17.30381373Z | 42 | PC: 12e53 | Get date 0x12e53: cmp dx, 0x401 0x12e57: jne 0x12e6a 0x12e59: mov ax, 0x515 0x12e5c: mov ch, 0 0x12e5e: mov dx, 0 0x12e61: mov es, dx 0x12e63: mov bx, 0 0x12e66: int 0x13 0x12e68: int 0x20 0x12e6a: jmp 0x12f11 0x12e6d: dec ax 0x12e6e: imul sp, word ptr [bx + di], 0x4920 0x12e72: daa 0x12e73: insw word ptr es:[di], dx 0x12e74: and byte ptr [bp + di + 0x61], al 0x12e77: jae 0x12ee9 0x12e79: jb 0x12e9c 0x12e7c: push sp 0x12e7d: push 0x2065 0x12e80: push si |