Sample viewer

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14828,"SideJobID":0}

.

GIF

Syscalls:

{"DateBased":true,"Day":4,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14828,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:41:44.468646958Z	42	PC: 12a73 | Get date 0x12a73: cmp al, 5 0x12a75: jne 0x12a9d 0x12a77: nop 0x12a78: nop 0x12a79: nop 0x12a7a: mov ah, 9 0x12a7c: mov dx, 0x165 0x12a7f: int 0x21 0x12a81: mov ah, 0x39 0x12a83: mov dx, 0x1e7 0x12a86: int 0x21 0x12a88: mov ah, 0x39 0x12a8a: mov dx, 0x1ef 0x12a8d: int 0x21 0x12a8f: mov ah, 0x39 0x12a91: mov dx, 0x1f8 0x12a94: int 0x21 0x12a96: mov ah, 0x39 0x12a98: mov dx, 0x201 0x12a9b: int 0x21
2018-12-25T12:41:44.472574947Z	9	PC: 12a81 | Display string (String= 'We have been in Flechtingen/Germany on 05/21/99. Knorkator rules! Cmon, itsfriday-take some friends together and njoy life... ')
2018-12-25T12:41:44.48088427Z	57	PC: 12a88 | Create subdirectory
2018-12-25T12:41:44.501916042Z	57	PC: 12a8f | Create subdirectory
2018-12-25T12:41:44.516545799Z	57	PC: 12a96 | Create subdirectory
2018-12-25T12:41:44.530973188Z	57	PC: 12a9d | Create subdirectory