Sample viewer

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14963,"SideJobID":0}

.

GIF

Syscalls:

{"DateBased":true,"Day":4,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14963,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:42:14.783454229Z	42	PC: 12a71 | Get date 0x12a71: cmp al, 5 0x12a73: jne 0x12a98 0x12a75: mov ah, 9 0x12a77: mov dx, 0x160 0x12a7a: int 0x21 0x12a7c: mov ah, 0x39 0x12a7e: mov dx, 0x1e2 0x12a81: int 0x21 0x12a83: mov ah, 0x39 0x12a85: mov dx, 0x1ea 0x12a88: int 0x21 0x12a8a: mov ah, 0x39 0x12a8c: mov dx, 0x1f3 0x12a8f: int 0x21 0x12a91: mov ah, 0x39 0x12a93: mov dx, 0x1fc 0x12a96: int 0x21 0x12a98: in al, 0x20 0x12a9a: and al, 0xfd 0x12a9c: out 0x20, al
2018-12-25T12:42:14.786075053Z	9	PC: 12a7c | Display string (String= 'We have been in Flechtingen/Germany on 05/21/99. Knorkator rules! Cmon, itsfriday-take some friends together and njoy life... ')
2018-12-25T12:42:14.790152831Z	57	PC: 12a83 | Create subdirectory
2018-12-25T12:42:14.803445359Z	57	PC: 12a8a | Create subdirectory
2018-12-25T12:42:14.816218355Z	57	PC: 12a91 | Create subdirectory
2018-12-25T12:42:14.828617298Z	57	PC: 12a98 | Create subdirectory