{"DateBased":true,"Day":17,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16385,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:52:43.580924615Z | 48 | PC: 12b44 | Get DOS version |
| 2018-12-25T12:52:43.582535629Z | 44 | PC: 12b4c | Get time 0x12b4c: add dh, cl 0x12b4e: mov word ptr [0x103], dx 0x12b52: mov dx, 0x154 0x12b55: mov ah, 0x1a 0x12b57: int 0x21 0x12b59: mov ah, 0x19 0x12b5b: int 0x21 0x12b5d: mov dl, al 0x12b5f: inc dl 0x12b61: mov ah, 0x47 0x12b63: mov si, 0x1b3 0x12b66: int 0x21 0x12b68: mov dx, 0x152 0x12b6b: mov ah, 0x3b 0x12b6d: int 0x21 0x12b6f: mov cx, 0x13 0x12b72: mov dx, 0x14a 0x12b75: mov ah, 0x4e 0x12b77: int 0x21 0x12b79: cmp ax, 0x12 |
| 2018-12-25T12:52:43.584543938Z | 26 | PC: 12b59 | Set disk transfer address |
| 2018-12-25T12:52:43.585488254Z | 25 | PC: 12b5d | Get default drive |
| 2018-12-25T12:52:43.58680202Z | 71 | PC: 12b68 | Get current directory |
| 2018-12-25T12:52:43.589556585Z | 59 | PC: 12b6f | Change current directory |
| 2018-12-25T12:52:43.593365618Z | 78 | PC: 12b79 | Find first file |
| 2018-12-25T12:52:43.604275601Z | 42 | PC: 12c91 | Get date 0x12c91: cmp dl, 0x11 0x12c94: je 0x12c99 0x12c96: jmp 0x12d16 0x12c98: nop 0x12c99: add cl, byte ptr [di] 0x12c9b: or cl, byte ptr [si + 0x75] 0x12c9e: bound sp, dword ptr [di + 0x63] 0x12ca1: and byte ptr [bx + di + 0x49], cl 0x12ca4: and byte ptr [si], ch 0x12ca6: dec bp 0x12ca7: imul sp, word ptr [bp + di + 0x72], 0x736f 0x12cac: outsw dx, word ptr [si] 0x12cad: je 0x12cd0 0x12cb0: dec bp 0x12cb1: push bx 0x12cb2: sub ax, 0x4f44 0x12cb5: push bx 0x12cb6: and byte ptr [0x3630], dh 0x12cba: xor dl, byte ptr [bx + si + 0x54] 0x12cbd: inc bx |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16385,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:52:43.866188447Z | 48 | PC: 12b44 | Get DOS version |
| 2018-12-25T12:52:43.867591599Z | 44 | PC: 12b4c | Get time 0x12b4c: add dh, cl 0x12b4e: mov word ptr [0x103], dx 0x12b52: mov dx, 0x154 0x12b55: mov ah, 0x1a 0x12b57: int 0x21 0x12b59: mov ah, 0x19 0x12b5b: int 0x21 0x12b5d: mov dl, al 0x12b5f: inc dl 0x12b61: mov ah, 0x47 0x12b63: mov si, 0x1b3 0x12b66: int 0x21 0x12b68: mov dx, 0x152 0x12b6b: mov ah, 0x3b 0x12b6d: int 0x21 0x12b6f: mov cx, 0x13 0x12b72: mov dx, 0x14a 0x12b75: mov ah, 0x4e 0x12b77: int 0x21 0x12b79: cmp ax, 0x12 |
| 2018-12-25T12:52:43.869639504Z | 26 | PC: 12b59 | Set disk transfer address |
| 2018-12-25T12:52:43.870648692Z | 25 | PC: 12b5d | Get default drive |
| 2018-12-25T12:52:43.871967128Z | 71 | PC: 12b68 | Get current directory |
| 2018-12-25T12:52:43.874666972Z | 59 | PC: 12b6f | Change current directory |
| 2018-12-25T12:52:43.878285866Z | 78 | PC: 12b79 | Find first file |
| 2018-12-25T12:52:43.883779032Z | 42 | PC: 12c91 | Get date 0x12c91: cmp dl, 0x11 0x12c94: je 0x12c99 0x12c96: jmp 0x12d16 0x12c98: nop 0x12c99: add cl, byte ptr [di] 0x12c9b: or cl, byte ptr [si + 0x75] 0x12c9e: bound sp, dword ptr [di + 0x63] 0x12ca1: and byte ptr [bx + di + 0x49], cl 0x12ca4: and byte ptr [si], ch 0x12ca6: dec bp 0x12ca7: imul sp, word ptr [bp + di + 0x72], 0x736f 0x12cac: outsw dx, word ptr [si] 0x12cad: je 0x12cd0 0x12cb0: dec bp 0x12cb1: push bx 0x12cb2: sub ax, 0x4f44 0x12cb5: push bx 0x12cb6: and byte ptr [0x3630], dh 0x12cba: xor dl, byte ptr [bx + si + 0x54] 0x12cbd: inc bx |
| 2018-12-25T12:52:43.886072014Z | 76 | PC: 12d1b | Terminate with return code (Return code = '0') |