{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15973,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:44:57.039541058Z | 11 | PC: 12a73 | Get input status |
| 2018-12-25T12:44:57.043157626Z | 42 | PC: 12aa4 | Get date 0x12aa4: cmp dh, 0xb 0x12aa7: jae 0x12acc 0x12aa9: cmp dh, 1 0x12aac: je 0x12acc 0x12aae: mov ax, word ptr es:[0xa0] 0x12ab2: mov word ptr es:[0x320], ax 0x12ab6: mov ax, word ptr es:[0xa2] 0x12aba: mov word ptr es:[0x322], ax 0x12abe: mov word ptr es:[0xa0], 0x2d2 0x12ac5: mov word ptr es:[0xa2], 0 0x12acc: push ds 0x12acd: pop es 0x12ace: ljmp 0:0x288 0x12ad3: call 0x224d9 0x12ad6: add word ptr [bp + di + 0x41], di 0x12ad9: inc cx 0x12adb: jge 0x12a9c 0x12add: add byte ptr [bx + di], al 0x12adf: add si, 0x100 0x12ae3: push es |
| 2018-12-25T12:44:57.045388641Z | 9 | PC: 12e26 | Display string (String= 'Hello - This is a 1000 COM test file, 1993 ') |
{"DateBased":true,"Day":1,"Month":12,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15973,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:44:57.353520385Z | 11 | PC: 12a73 | Get input status |
| 2018-12-25T12:44:57.356915232Z | 42 | PC: 12aa4 | Get date 0x12aa4: cmp dh, 0xb 0x12aa7: jae 0x12acc 0x12aa9: cmp dh, 1 0x12aac: je 0x12acc 0x12aae: mov ax, word ptr es:[0xa0] 0x12ab2: mov word ptr es:[0x320], ax 0x12ab6: mov ax, word ptr es:[0xa2] 0x12aba: mov word ptr es:[0x322], ax 0x12abe: mov word ptr es:[0xa0], 0x2d2 0x12ac5: mov word ptr es:[0xa2], 0 0x12acc: push ds 0x12acd: pop es 0x12ace: ljmp 0:0x288 0x12ad3: call 0x224d9 0x12ad6: add word ptr [bp + di + 0x41], di 0x12ad9: inc cx 0x12adb: jge 0x12a9c 0x12add: add byte ptr [bx + di], al 0x12adf: add si, 0x100 0x12ae3: push es |
| 2018-12-25T12:44:57.360055117Z | 9 | PC: 12e26 | Display string (String= 'Hello - This is a 1000 COM test file, 1993 ') |