Sample viewer

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16956,"SideJobID":0}

.

GIF

Syscalls:

{"DateBased":true,"Day":6,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16956,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:54:25.716596865Z	119	PC: 12a48 | UNKNOWN!
2018-12-25T12:54:25.718182662Z	42	PC: 12a51 | Get date 0x12a51: cmp dx, 0x606 0x12a55: jne 0x12a5a 0x12a57: call 0x12c91 0x12a5a: mov ah, 0x4a 0x12a5c: mov bx, 0xffff 0x12a5f: int 0x21 0x12a61: sub bx, 0x35 0x12a64: nop 0x12a65: mov ah, 0x4a 0x12a67: int 0x21 0x12a69: mov ah, 0x48 0x12a6b: mov bx, 0x34 0x12a6e: int 0x21 0x12a70: jb 0x12ac1 0x12a72: dec ax 0x12a73: mov es, ax 0x12a75: mov word ptr es:[1], 8 0x12a7c: push ax 0x12a7d: mov ax, 0x3521 0x12a80: int 0x21
2018-12-25T12:54:27.476807443Z	74	PC: 12a61 | Reallocate memory
2018-12-25T12:54:27.478695207Z	74	PC: 12a69 | Reallocate memory
2018-12-25T12:54:27.480242903Z	72	PC: 12a70 | Allocate memory
2018-12-25T12:54:27.482719555Z	53	PC: 12a82 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:54:27.484024211Z	53	PC: 12a8e | Get interrupt vector (Interrupt = '37' AKA 'Set interrupt vector')
2018-12-25T12:54:27.485853289Z	37	PC: 12ac1 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:54:27.487676146Z	44	PC: 12ad5 | Get time 0x12ad5: cmp dl, 1 0x12ad8: ja 0x12add 0x12ada: call 0x12c52 0x12add: mov ax, 0x100 0x12ae0: jmp ax 0x12ae2: int 0x20 0x12ae4: nop 0x12ae5: jmp 0x12ae8 0x12ae8: cmp ax, 0x7777 0x12aeb: jne 0x12af1 0x12aed: mov ax, 0x6952 0x12af0: iret 0x12af1: cmp ax, 0x4b00 0x12af4: je 0x12b56 0x12af6: cmp ah, 0x3d 0x12af9: jne 0x12afe 0x12afb: jmp 0x12c0f 0x12afe: cmp ah, 0x11 0x12b01: je 0x12b0b 0x12b03: cmp ah, 0x12