{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15060,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:42:28.449391978Z | 255 | PC: 12abc | UNKNOWN! |
| 2018-12-25T12:42:28.450299303Z | 255 | PC: 12ac9 | UNKNOWN! |
| 2018-12-25T12:42:28.452005335Z | 47 | PC: 12afc | Get disk transfer address |
| 2018-12-25T12:42:28.453596268Z | 26 | PC: 12b11 | Set disk transfer address |
| 2018-12-25T12:42:28.45520457Z | 71 | PC: 12b2d | Get current directory |
| 2018-12-25T12:42:28.458791907Z | 78 | PC: 12b3b | Find first file |
| 2018-12-25T12:42:28.464339029Z | 59 | PC: 12d59 | Change current directory |
| 2018-12-25T12:42:28.468242786Z | 42 | PC: 12d5f | Get date 0x12d5f: cmp cx, 0x7c5 0x12d63: je 0x12dab 0x12d65: cmp dh, 4 0x12d68: jbe 0x12dab 0x12d6a: cmp dl, 3 0x12d6d: ja 0x12dab 0x12d6f: xor ax, ax 0x12d71: mov ds, ax 0x12d73: mov ax, word ptr [0x4e] 0x12d76: or ax, ax 0x12d78: je 0x12dab 0x12d7a: mov bx, word ptr [0x4c] 0x12d7e: mov es, word ptr [0x4e] 0x12d82: mov word ptr cs:[0x18], bx 0x12d87: mov word ptr cs:[0x1a], es 0x12d8c: xor ax, ax 0x12d8e: mov es, ax 0x12d90: push cs 0x12d91: pop ds 0x12d92: mov si, 2 |
| 2018-12-25T12:42:28.471044902Z | 26 | PC: 12dbb | Set disk transfer address |
{"DateBased":true,"Day":4,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15060,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:42:28.559662382Z | 255 | PC: 12abc | UNKNOWN! |
| 2018-12-25T12:42:28.561343169Z | 255 | PC: 12ac9 | UNKNOWN! |
| 2018-12-25T12:42:28.562076174Z | 47 | PC: 12afc | Get disk transfer address |
| 2018-12-25T12:42:28.563141497Z | 26 | PC: 12b11 | Set disk transfer address |
| 2018-12-25T12:42:28.564663602Z | 71 | PC: 12b2d | Get current directory |
| 2018-12-25T12:42:28.568075663Z | 78 | PC: 12b3b | Find first file |
| 2018-12-25T12:42:28.573589324Z | 59 | PC: 12d59 | Change current directory |
| 2018-12-25T12:42:28.577253107Z | 42 | PC: 12d5f | Get date 0x12d5f: cmp cx, 0x7c5 0x12d63: je 0x12dab 0x12d65: cmp dh, 4 0x12d68: jbe 0x12dab 0x12d6a: cmp dl, 3 0x12d6d: ja 0x12dab 0x12d6f: xor ax, ax 0x12d71: mov ds, ax 0x12d73: mov ax, word ptr [0x4e] 0x12d76: or ax, ax 0x12d78: je 0x12dab 0x12d7a: mov bx, word ptr [0x4c] 0x12d7e: mov es, word ptr [0x4e] 0x12d82: mov word ptr cs:[0x18], bx 0x12d87: mov word ptr cs:[0x1a], es 0x12d8c: xor ax, ax 0x12d8e: mov es, ax 0x12d90: push cs 0x12d91: pop ds 0x12d92: mov si, 2 |
| 2018-12-25T12:42:28.579818508Z | 26 | PC: 12dbb | Set disk transfer address |
{"DateBased":true,"Day":1,"Month":4,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15060,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:42:28.583820963Z | 255 | PC: 12abc | UNKNOWN! |
| 2018-12-25T12:42:28.58511752Z | 255 | PC: 12ac9 | UNKNOWN! |
| 2018-12-25T12:42:28.586576838Z | 47 | PC: 12afc | Get disk transfer address |
| 2018-12-25T12:42:28.588157786Z | 26 | PC: 12b11 | Set disk transfer address |
| 2018-12-25T12:42:28.590157242Z | 71 | PC: 12b2d | Get current directory |
| 2018-12-25T12:42:28.594114818Z | 78 | PC: 12b3b | Find first file |
| 2018-12-25T12:42:28.600496784Z | 59 | PC: 12d59 | Change current directory |
| 2018-12-25T12:42:28.604765699Z | 42 | PC: 12d5f | Get date 0x12d5f: cmp cx, 0x7c5 0x12d63: je 0x12dab 0x12d65: cmp dh, 4 0x12d68: jbe 0x12dab 0x12d6a: cmp dl, 3 0x12d6d: ja 0x12dab 0x12d6f: xor ax, ax 0x12d71: mov ds, ax 0x12d73: mov ax, word ptr [0x4e] 0x12d76: or ax, ax 0x12d78: je 0x12dab 0x12d7a: mov bx, word ptr [0x4c] 0x12d7e: mov es, word ptr [0x4e] 0x12d82: mov word ptr cs:[0x18], bx 0x12d87: mov word ptr cs:[0x1a], es 0x12d8c: xor ax, ax 0x12d8e: mov es, ax 0x12d90: push cs 0x12d91: pop ds 0x12d92: mov si, 2 |
| 2018-12-25T12:42:28.607820545Z | 26 | PC: 12dbb | Set disk transfer address |
{"DateBased":true,"Day":1,"Month":1,"Year":1989,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15060,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:42:28.699254087Z | 255 | PC: 12abc | UNKNOWN! |
| 2018-12-25T12:42:28.701494995Z | 255 | PC: 12ac9 | UNKNOWN! |
| 2018-12-25T12:42:28.702275698Z | 47 | PC: 12afc | Get disk transfer address |
| 2018-12-25T12:42:28.703320216Z | 26 | PC: 12b11 | Set disk transfer address |
| 2018-12-25T12:42:28.705704533Z | 71 | PC: 12b2d | Get current directory |
| 2018-12-25T12:42:28.708617939Z | 78 | PC: 12b3b | Find first file |
| 2018-12-25T12:42:28.714336502Z | 59 | PC: 12d59 | Change current directory |
| 2018-12-25T12:42:28.718207627Z | 42 | PC: 12d5f | Get date 0x12d5f: cmp cx, 0x7c5 0x12d63: je 0x12dab 0x12d65: cmp dh, 4 0x12d68: jbe 0x12dab 0x12d6a: cmp dl, 3 0x12d6d: ja 0x12dab 0x12d6f: xor ax, ax 0x12d71: mov ds, ax 0x12d73: mov ax, word ptr [0x4e] 0x12d76: or ax, ax 0x12d78: je 0x12dab 0x12d7a: mov bx, word ptr [0x4c] 0x12d7e: mov es, word ptr [0x4e] 0x12d82: mov word ptr cs:[0x18], bx 0x12d87: mov word ptr cs:[0x1a], es 0x12d8c: xor ax, ax 0x12d8e: mov es, ax 0x12d90: push cs 0x12d91: pop ds 0x12d92: mov si, 2 |
| 2018-12-25T12:42:28.721029713Z | 26 | PC: 12dbb | Set disk transfer address |