{"DateBased":true,"Day":2,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1625,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:43:57.393965153Z | 250 | PC: 12ae1 | UNKNOWN! |
| 2018-12-25T11:43:57.394736351Z | 42 | PC: 12aef | Get date 0x12aef: cmp dl, 1 0x12af2: jne 0x12afa 0x12af4: mov byte ptr cs:[bp + 0x287], 1 0x12afa: mov ax, ds 0x12afc: dec ax 0x12afd: mov ds, ax 0x12aff: cmp byte ptr [0], 0x5a 0x12b04: jne 0x12b43 0x12b06: sub word ptr [3], 0x180 0x12b0c: sub word ptr [0x12], 0x180 0x12b12: mov es, word ptr [0x12] 0x12b16: push cs 0x12b17: pop ds 0x12b18: mov si, bp 0x12b1a: mov cx, 0x529 0x12b1d: xor di, di 0x12b1f: rep movsd dword ptr es:[di], dword ptr [si] 0x12b21: xor ax, ax 0x12b23: mov ds, ax 0x12b25: push ds |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1625,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:43:57.51251914Z | 250 | PC: 12ae1 | UNKNOWN! |
| 2018-12-25T11:43:57.513441542Z | 42 | PC: 12aef | Get date 0x12aef: cmp dl, 1 0x12af2: jne 0x12afa 0x12af4: mov byte ptr cs:[bp + 0x287], 1 0x12afa: mov ax, ds 0x12afc: dec ax 0x12afd: mov ds, ax 0x12aff: cmp byte ptr [0], 0x5a 0x12b04: jne 0x12b43 0x12b06: sub word ptr [3], 0x180 0x12b0c: sub word ptr [0x12], 0x180 0x12b12: mov es, word ptr [0x12] 0x12b16: push cs 0x12b17: pop ds 0x12b18: mov si, bp 0x12b1a: mov cx, 0x529 0x12b1d: xor di, di 0x12b1f: rep movsd dword ptr es:[di], dword ptr [si] 0x12b21: xor ax, ax 0x12b23: mov ds, ax 0x12b25: push ds |