{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15478,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:43:31.021800833Z | 42 | PC: 12a44 | Get date 0x12a44: cmp al, 5 0x12a46: je 0x12a4a 0x12a48: jne 0x129e1 0x12a4a: mov ah, 5 0x12a4c: mov ch, 1 0x12a4e: mov cl, 5 0x12a50: mov dh, 0 0x12a52: mov dl, 2 0x12a54: int 0x13 0x12a56: mov ah, 0x4c 0x12a58: int 0x21 0x12a5a: fimul word ptr [bp + di - 0x530e] 0x12a5e: xor cx, cx 0x12a60: mov cl, al 0x12a62: jcxz 0x12a67 0x12a64: call 0x12a80 0x12a67: pop dx 0x12a68: pop cx 0x12a69: pop bx 0x12a6a: pop ax |
| 2018-12-25T12:43:31.026034477Z | 55 | PC: 12a44 | Get or set switch character (See above) |
| 2018-12-25T12:43:31.029436452Z | 57 | PC: 12a44 | Create subdirectory (See above) |
| 2018-12-25T12:43:31.035644673Z | 7 | PC: 12a44 | Direct console input without echo (See above) |
{"DateBased":true,"Day":4,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15478,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:43:31.504729626Z | 42 | PC: 12a44 | Get date 0x12a44: cmp al, 5 0x12a46: je 0x12a4a 0x12a48: jne 0x129e1 0x12a4a: mov ah, 5 0x12a4c: mov ch, 1 0x12a4e: mov cl, 5 0x12a50: mov dh, 0 0x12a52: mov dl, 2 0x12a54: int 0x13 0x12a56: mov ah, 0x4c 0x12a58: int 0x21 0x12a5a: fimul word ptr [bp + di - 0x530e] 0x12a5e: xor cx, cx 0x12a60: mov cl, al 0x12a62: jcxz 0x12a67 0x12a64: call 0x12a80 0x12a67: pop dx 0x12a68: pop cx 0x12a69: pop bx 0x12a6a: pop ax |
| 2018-12-25T12:43:31.507901652Z | 76 | PC: 12a5a | Terminate with return code (Return code = '5') |