{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15872,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:44:46.083115936Z | 74 | PC: 12aae | Reallocate memory |
| 2018-12-25T12:44:46.084876606Z | 72 | PC: 12ab5 | Allocate memory |
| 2018-12-25T12:44:46.086642743Z | 53 | PC: 12abf | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:44:46.087852039Z | 53 | PC: 12aeb | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:44:46.089176269Z | 37 | PC: 12af6 | Set interrupt vector (Interrupt = '145' AKA 'UNKNOWN!') |
| 2018-12-25T12:44:46.090521514Z | 37 | PC: 12b01 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:44:46.091704816Z | 42 | PC: 12c25 | Get date 0x12c25: cmp dl, 0x1c 0x12c28: je 0x12c2b 0x12c2a: ret 0x12c2b: cli 0x12c2c: mov di, 0 0x12c2f: mov al, 2 0x12c31: mov bx, 0 0x12c34: mov cx, 0x2bc 0x12c37: mov dx, di 0x12c39: int 0x26 0x12c3b: add di, 0x2bc 0x12c3f: jmp 0x12c2f 0x12c41: add byte ptr [bx + si], al 0x12c43: add byte ptr [bx + si], al 0x12c45: add byte ptr [bx + si], al 0x12c47: add byte ptr [bx + si], al 0x12c49: int 0x20 0x12c4b: add byte ptr [bx + si], al 0x12c4d: add byte ptr [bx + si], al 0x12c4f: add byte ptr [bx + si], al |
{"DateBased":true,"Day":28,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15872,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:44:46.107362239Z | 74 | PC: 12aae | Reallocate memory |
| 2018-12-25T12:44:46.115779395Z | 72 | PC: 12ab5 | Allocate memory |
| 2018-12-25T12:44:46.117309504Z | 53 | PC: 12abf | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:44:46.118570791Z | 53 | PC: 12aeb | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:44:46.11999952Z | 37 | PC: 12af6 | Set interrupt vector (Interrupt = '145' AKA 'UNKNOWN!') |
| 2018-12-25T12:44:46.12164067Z | 37 | PC: 12b01 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:44:46.123262483Z | 42 | PC: 12c25 | Get date 0x12c25: cmp dl, 0x1c 0x12c28: je 0x12c2b 0x12c2a: ret 0x12c2b: cli 0x12c2c: mov di, 0 0x12c2f: mov al, 2 0x12c31: mov bx, 0 0x12c34: mov cx, 0x2bc 0x12c37: mov dx, di 0x12c39: int 0x26 0x12c3b: add di, 0x2bc 0x12c3f: jmp 0x12c2f 0x12c41: add byte ptr [bx + si], al 0x12c43: add byte ptr [bx + si], al 0x12c45: add byte ptr [bx + si], al 0x12c47: add byte ptr [bx + si], al 0x12c49: int 0x20 0x12c4b: add byte ptr [bx + si], al 0x12c4d: add byte ptr [bx + si], al 0x12c4f: add byte ptr [bx + si], al |
| 2018-12-25T12:44:46.432293914Z | 42 | PC: 12c25 | Get date (See above) |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15872,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:44:46.379842414Z | 74 | PC: 12aae | Reallocate memory |
| 2018-12-25T12:44:46.381831463Z | 72 | PC: 12ab5 | Allocate memory |
| 2018-12-25T12:44:46.383413986Z | 53 | PC: 12abf | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:44:46.384622327Z | 53 | PC: 12aeb | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:44:46.386648807Z | 37 | PC: 12af6 | Set interrupt vector (Interrupt = '145' AKA 'UNKNOWN!') |
| 2018-12-25T12:44:46.388061612Z | 37 | PC: 12b01 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:44:46.389508902Z | 42 | PC: 12c25 | Get date 0x12c25: cmp dl, 0x1c 0x12c28: je 0x12c2b 0x12c2a: ret 0x12c2b: cli 0x12c2c: mov di, 0 0x12c2f: mov al, 2 0x12c31: mov bx, 0 0x12c34: mov cx, 0x2bc 0x12c37: mov dx, di 0x12c39: int 0x26 0x12c3b: add di, 0x2bc 0x12c3f: jmp 0x12c2f 0x12c41: add byte ptr [bx + si], al 0x12c43: add byte ptr [bx + si], al 0x12c45: add byte ptr [bx + si], al 0x12c47: add byte ptr [bx + si], al 0x12c49: int 0x20 0x12c4b: add byte ptr [bx + si], al 0x12c4d: add byte ptr [bx + si], al 0x12c4f: add byte ptr [bx + si], al |
{"DateBased":true,"Day":28,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15872,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:44:47.618193804Z | 74 | PC: 12aae | Reallocate memory |
| 2018-12-25T12:44:47.620148085Z | 72 | PC: 12ab5 | Allocate memory |
| 2018-12-25T12:44:47.621946693Z | 53 | PC: 12abf | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:44:47.623397253Z | 53 | PC: 12aeb | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:44:47.624994103Z | 37 | PC: 12af6 | Set interrupt vector (Interrupt = '145' AKA 'UNKNOWN!') |
| 2018-12-25T12:44:47.628121328Z | 37 | PC: 12b01 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:44:47.629890333Z | 42 | PC: 12c25 | Get date 0x12c25: cmp dl, 0x1c 0x12c28: je 0x12c2b 0x12c2a: ret 0x12c2b: cli 0x12c2c: mov di, 0 0x12c2f: mov al, 2 0x12c31: mov bx, 0 0x12c34: mov cx, 0x2bc 0x12c37: mov dx, di 0x12c39: int 0x26 0x12c3b: add di, 0x2bc 0x12c3f: jmp 0x12c2f 0x12c41: add byte ptr [bx + si], al 0x12c43: add byte ptr [bx + si], al 0x12c45: add byte ptr [bx + si], al 0x12c47: add byte ptr [bx + si], al 0x12c49: int 0x20 0x12c4b: add byte ptr [bx + si], al 0x12c4d: add byte ptr [bx + si], al 0x12c4f: add byte ptr [bx + si], al |
| 2018-12-25T12:44:48.489990564Z | 213 | PC: 12b97 | UNKNOWN! |
| 2018-12-25T12:44:48.49198331Z | 62 | PC: 12b9f | Close file |