{"DateBased":true,"Day":2,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15755,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:44:24.703860832Z | 250 | PC: 12ac0 | UNKNOWN! |
| 2018-12-25T12:44:24.704879471Z | 42 | PC: 12ad9 | Get date 0x12ad9: cmp dl, 2 0x12adc: jne 0x12ae4 0x12ade: mov byte ptr cs:[bp + 0x2ad], 1 0x12ae4: mov ax, ds 0x12ae6: dec ax 0x12ae7: mov ds, ax 0x12ae9: cmp byte ptr [0], 0x5a 0x12aee: jne 0x12b2d 0x12af0: sub word ptr [3], 0x180 0x12af6: sub word ptr [0x12], 0x180 0x12afc: mov es, word ptr [0x12] 0x12b00: push cs 0x12b01: pop ds 0x12b02: mov si, bp 0x12b04: mov cx, 0x53b 0x12b07: xor di, di 0x12b09: rep movsd dword ptr es:[di], dword ptr [si] 0x12b0b: xor ax, ax 0x12b0d: mov ds, ax 0x12b0f: push ds |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15755,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:44:25.009504348Z | 250 | PC: 12ac0 | UNKNOWN! |
| 2018-12-25T12:44:25.011227512Z | 42 | PC: 12ad9 | Get date 0x12ad9: cmp dl, 2 0x12adc: jne 0x12ae4 0x12ade: mov byte ptr cs:[bp + 0x2ad], 1 0x12ae4: mov ax, ds 0x12ae6: dec ax 0x12ae7: mov ds, ax 0x12ae9: cmp byte ptr [0], 0x5a 0x12aee: jne 0x12b2d 0x12af0: sub word ptr [3], 0x180 0x12af6: sub word ptr [0x12], 0x180 0x12afc: mov es, word ptr [0x12] 0x12b00: push cs 0x12b01: pop ds 0x12b02: mov si, bp 0x12b04: mov cx, 0x53b 0x12b07: xor di, di 0x12b09: rep movsd dword ptr es:[di], dword ptr [si] 0x12b0b: xor ax, ax 0x12b0d: mov ds, ax 0x12b0f: push ds |