{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":6,"Second":0,"TimeBased":true,"OriginalID":14986,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:42:21.146929931Z | 42 | PC: 12f7b | Get date 0x12f7b: cmp cx, 0x7cb 0x12f7f: jne 0x12f8b 0x12f81: cmp dh, 4 0x12f84: ja 0x12f8b 0x12f86: cmp dl, 0xf 0x12f89: jb 0x12fd4 0x12f8b: mov al, 0xff 0x12f8d: mov ah, 0xf 0x12f8f: xchg al, ah 0x12f91: nop 0x12f92: int 0x21 0x12f94: cmp ax, 0x101 0x12f97: jne 0x12f9d 0x12f99: call 0x12fd8 0x12f9c: nop 0x12f9d: mov ax, 0x3521 0x12fa0: nop 0x12fa1: int 0x21 0x12fa3: cmp word ptr es:[0xa], 0x4254 0x12faa: jne 0x12fb8 |
| 2018-12-25T12:42:21.149807783Z | 255 | PC: 12f94 | UNKNOWN! |
| 2018-12-25T12:42:21.150946093Z | 53 | PC: 12fa3 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:42:21.152462929Z | 240 | PC: 12fd2 | UNKNOWN! |
| 2018-12-25T12:42:21.154622161Z | 44 | PC: 12ed1 | Get time 0x12ed1: cmp cl, 6 0x12ed4: jne 0x12f0a 0x12ed6: mov ax, 0xb800 0x12ed9: mov es, ax 0x12edb: mov cx, 0x30 0x12ede: push cx 0x12edf: mov cx, 0x7c0 0x12ee2: xor si, si 0x12ee4: mov ah, byte ptr es:[si] 0x12ee7: cmp ah, 0x77 0x12eea: jb 0x12ef8 0x12eec: dec ah 0x12eee: mov byte ptr es:[si], ah 0x12ef1: mov byte ptr es:[si + 1], 0x79 0x12ef6: jmp 0x12f02 0x12ef8: inc ah 0x12efa: mov byte ptr es:[si], ah 0x12efd: mov byte ptr es:[si + 1], 0x8f 0x12f02: inc si 0x12f03: inc si |
| 2018-12-25T12:42:21.212788402Z | 9 | PC: 12a4d | Display string (String= '') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":6,"Second":0,"TimeBased":true,"OriginalID":14986,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:42:21.522131646Z | 42 | PC: 12f7b | Get date 0x12f7b: cmp cx, 0x7cb 0x12f7f: jne 0x12f8b 0x12f81: cmp dh, 4 0x12f84: ja 0x12f8b 0x12f86: cmp dl, 0xf 0x12f89: jb 0x12fd4 0x12f8b: mov al, 0xff 0x12f8d: mov ah, 0xf 0x12f8f: xchg al, ah 0x12f91: nop 0x12f92: int 0x21 0x12f94: cmp ax, 0x101 0x12f97: jne 0x12f9d 0x12f99: call 0x12fd8 0x12f9c: nop 0x12f9d: mov ax, 0x3521 0x12fa0: nop 0x12fa1: int 0x21 0x12fa3: cmp word ptr es:[0xa], 0x4254 0x12faa: jne 0x12fb8 |
| 2018-12-25T12:42:21.525465357Z | 255 | PC: 12f94 | UNKNOWN! |
| 2018-12-25T12:42:21.526275819Z | 53 | PC: 12fa3 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:42:21.529222399Z | 240 | PC: 12fd2 | UNKNOWN! |
| 2018-12-25T12:42:21.537909428Z | 44 | PC: 12ed1 | Get time 0x12ed1: cmp cl, 6 0x12ed4: jne 0x12f0a 0x12ed6: mov ax, 0xb800 0x12ed9: mov es, ax 0x12edb: mov cx, 0x30 0x12ede: push cx 0x12edf: mov cx, 0x7c0 0x12ee2: xor si, si 0x12ee4: mov ah, byte ptr es:[si] 0x12ee7: cmp ah, 0x77 0x12eea: jb 0x12ef8 0x12eec: dec ah 0x12eee: mov byte ptr es:[si], ah 0x12ef1: mov byte ptr es:[si + 1], 0x79 0x12ef6: jmp 0x12f02 0x12ef8: inc ah 0x12efa: mov byte ptr es:[si], ah 0x12efd: mov byte ptr es:[si + 1], 0x8f 0x12f02: inc si 0x12f03: inc si |
| 2018-12-25T12:42:21.582541724Z | 9 | PC: 12a4d | Display string (String= '') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":14986,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:42:21.695026405Z | 42 | PC: 12f7b | Get date 0x12f7b: cmp cx, 0x7cb 0x12f7f: jne 0x12f8b 0x12f81: cmp dh, 4 0x12f84: ja 0x12f8b 0x12f86: cmp dl, 0xf 0x12f89: jb 0x12fd4 0x12f8b: mov al, 0xff 0x12f8d: mov ah, 0xf 0x12f8f: xchg al, ah 0x12f91: nop 0x12f92: int 0x21 0x12f94: cmp ax, 0x101 0x12f97: jne 0x12f9d 0x12f99: call 0x12fd8 0x12f9c: nop 0x12f9d: mov ax, 0x3521 0x12fa0: nop 0x12fa1: int 0x21 0x12fa3: cmp word ptr es:[0xa], 0x4254 0x12faa: jne 0x12fb8 |
| 2018-12-25T12:42:21.697354459Z | 255 | PC: 12f94 | UNKNOWN! |
| 2018-12-25T12:42:21.697953547Z | 53 | PC: 12fa3 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:42:21.699112111Z | 240 | PC: 12fd2 | UNKNOWN! |
| 2018-12-25T12:42:21.70045108Z | 44 | PC: 12ed1 | Get time 0x12ed1: cmp cl, 6 0x12ed4: jne 0x12f0a 0x12ed6: mov ax, 0xb800 0x12ed9: mov es, ax 0x12edb: mov cx, 0x30 0x12ede: push cx 0x12edf: mov cx, 0x7c0 0x12ee2: xor si, si 0x12ee4: mov ah, byte ptr es:[si] 0x12ee7: cmp ah, 0x77 0x12eea: jb 0x12ef8 0x12eec: dec ah 0x12eee: mov byte ptr es:[si], ah 0x12ef1: mov byte ptr es:[si + 1], 0x79 0x12ef6: jmp 0x12f02 0x12ef8: inc ah 0x12efa: mov byte ptr es:[si], ah 0x12efd: mov byte ptr es:[si + 1], 0x8f 0x12f02: inc si 0x12f03: inc si |
| 2018-12-25T12:42:21.703399472Z | 9 | PC: 12a4d | Display string (String= '') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":14986,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:42:21.919118016Z | 42 | PC: 12f7b | Get date 0x12f7b: cmp cx, 0x7cb 0x12f7f: jne 0x12f8b 0x12f81: cmp dh, 4 0x12f84: ja 0x12f8b 0x12f86: cmp dl, 0xf 0x12f89: jb 0x12fd4 0x12f8b: mov al, 0xff 0x12f8d: mov ah, 0xf 0x12f8f: xchg al, ah 0x12f91: nop 0x12f92: int 0x21 0x12f94: cmp ax, 0x101 0x12f97: jne 0x12f9d 0x12f99: call 0x12fd8 0x12f9c: nop 0x12f9d: mov ax, 0x3521 0x12fa0: nop 0x12fa1: int 0x21 0x12fa3: cmp word ptr es:[0xa], 0x4254 0x12faa: jne 0x12fb8 |
| 2018-12-25T12:42:21.92402702Z | 255 | PC: 12f94 | UNKNOWN! |
| 2018-12-25T12:42:21.92609969Z | 53 | PC: 12fa3 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:42:21.928181795Z | 240 | PC: 12fd2 | UNKNOWN! |
| 2018-12-25T12:42:21.930258261Z | 44 | PC: 12ed1 | Get time 0x12ed1: cmp cl, 6 0x12ed4: jne 0x12f0a 0x12ed6: mov ax, 0xb800 0x12ed9: mov es, ax 0x12edb: mov cx, 0x30 0x12ede: push cx 0x12edf: mov cx, 0x7c0 0x12ee2: xor si, si 0x12ee4: mov ah, byte ptr es:[si] 0x12ee7: cmp ah, 0x77 0x12eea: jb 0x12ef8 0x12eec: dec ah 0x12eee: mov byte ptr es:[si], ah 0x12ef1: mov byte ptr es:[si + 1], 0x79 0x12ef6: jmp 0x12f02 0x12ef8: inc ah 0x12efa: mov byte ptr es:[si], ah 0x12efd: mov byte ptr es:[si + 1], 0x8f 0x12f02: inc si 0x12f03: inc si |
| 2018-12-25T12:42:21.937418775Z | 9 | PC: 12a4d | Display string (String= '') |