{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16995,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:54:36.005821177Z | 236 | PC: 131c7 | UNKNOWN! |
| 2018-12-25T12:54:36.008230034Z | 53 | PC: 131d6 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:54:36.009745041Z | 54 | PC: 9f4b8 | Get free disk space |
| 2018-12-25T12:54:36.034408904Z | 53 | PC: 9f4da | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:54:36.036849252Z | 67 | PC: 9f505 | Get or set file attributes |
| 2018-12-25T12:54:36.042355234Z | 67 | PC: 9f511 | Get or set file attributes |
| 2018-12-25T12:54:36.452698335Z | 61 | PC: 9f523 | Open file (Filename = '') |
| 2018-12-25T12:54:36.460726217Z | 87 | PC: 9f533 | Get or set file date and time |
| 2018-12-25T12:54:36.465637644Z | 66 | PC: 9f888 | Move file pointer |
| 2018-12-25T12:54:36.468214256Z | 63 | PC: 9f879 | Read file or device (Read 2 bytes on handle 5) |
| 2018-12-25T12:54:36.47579432Z | 66 | PC: 9f577 | Move file pointer |
| 2018-12-25T12:54:36.478762062Z | 63 | PC: 9f879 | Read file or device (See above) |
| 2018-12-25T12:54:36.485661092Z | 66 | PC: 9f888 | Move file pointer (See above) |
| 2018-12-25T12:54:36.487234115Z | 63 | PC: 9f5b3 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:54:36.490943995Z | 66 | PC: 9f897 | Move file pointer |
| 2018-12-25T12:54:36.492772147Z | 64 | PC: 9f5d4 | Write file or device (Write 1874 bytes on handle 5) |
| 2018-12-25T12:54:36.505064448Z | 66 | PC: 9f888 | Move file pointer (See above) |
| 2018-12-25T12:54:36.507932731Z | 64 | PC: 9f5fa | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:54:36.511599093Z | 87 | PC: 9f742 | Get or set file date and time |
| 2018-12-25T12:54:36.513756767Z | 62 | PC: 9f746 | Close file |
| 2018-12-25T12:54:36.522671172Z | 67 | PC: 9f75a | Get or set file attributes |
| 2018-12-25T12:54:36.533643981Z | 42 | PC: 9f89c | Get date 0x9f89c: cmp al, 0 0x9f89e: jne 0x9f8ba 0x9f8a0: mov ah, 0x2c 0x9f8a2: int 0x21 0x9f8a4: cmp ch, 0xc 0x9f8a7: jne 0x9f8ba 0x9f8a9: cmp byte ptr cs:[0x17e], 1 0x9f8af: je 0x9f8ba 0x9f8b1: mov byte ptr cs:[0x17e], 1 0x9f8b7: call 0x9f9b3 0x9f8ba: ret 0x9f8bb: add byte ptr [bx + si], al 0x9f8bd: add byte ptr [bx + si], al 0x9f8bf: add byte ptr [bx + si + 0x4007], al 0x9f8c3: adc byte ptr [bx], bh 0x9f8c5: adc byte ptr [bx + si + 0x10], al 0x9f8c8: aas 0x9f8c9: adc byte ptr [bx + si + 0x10], al 0x9f8cc: inc di 0x9f8cd: adc byte ptr [0x3c10], bh |
{"DateBased":true,"Day":6,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16995,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:54:36.674314037Z | 236 | PC: 131c7 | UNKNOWN! |
| 2018-12-25T12:54:36.676524824Z | 53 | PC: 131d6 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:54:36.678352669Z | 54 | PC: 9f4b8 | Get free disk space |
| 2018-12-25T12:54:36.725637896Z | 53 | PC: 9f4da | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:54:36.727612332Z | 67 | PC: 9f505 | Get or set file attributes |
| 2018-12-25T12:54:36.737018724Z | 67 | PC: 9f511 | Get or set file attributes |
| 2018-12-25T12:54:37.079305427Z | 61 | PC: 9f523 | Open file (Filename = '') |
| 2018-12-25T12:54:37.086881904Z | 87 | PC: 9f533 | Get or set file date and time |
| 2018-12-25T12:54:37.08976258Z | 66 | PC: 9f888 | Move file pointer |
| 2018-12-25T12:54:37.091738812Z | 63 | PC: 9f879 | Read file or device (Read 2 bytes on handle 5) |
| 2018-12-25T12:54:37.10422961Z | 66 | PC: 9f577 | Move file pointer |
| 2018-12-25T12:54:37.10721108Z | 63 | PC: 9f879 | Read file or device (See above) |
| 2018-12-25T12:54:37.113963832Z | 66 | PC: 9f888 | Move file pointer (See above) |
| 2018-12-25T12:54:37.115363536Z | 63 | PC: 9f5b3 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:54:37.119128731Z | 66 | PC: 9f897 | Move file pointer |
| 2018-12-25T12:54:37.121134045Z | 64 | PC: 9f5d4 | Write file or device (Write 1874 bytes on handle 5) |
| 2018-12-25T12:54:37.133388483Z | 66 | PC: 9f888 | Move file pointer (See above) |
| 2018-12-25T12:54:37.144266293Z | 64 | PC: 9f5fa | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:54:37.147720802Z | 87 | PC: 9f742 | Get or set file date and time |
| 2018-12-25T12:54:37.149759576Z | 62 | PC: 9f746 | Close file |
| 2018-12-25T12:54:37.155542832Z | 67 | PC: 9f75a | Get or set file attributes |
| 2018-12-25T12:54:37.163581123Z | 42 | PC: 9f89c | Get date 0x9f89c: cmp al, 0 0x9f89e: jne 0x9f8ba 0x9f8a0: mov ah, 0x2c 0x9f8a2: int 0x21 0x9f8a4: cmp ch, 0xc 0x9f8a7: jne 0x9f8ba 0x9f8a9: cmp byte ptr cs:[0x17e], 1 0x9f8af: je 0x9f8ba 0x9f8b1: mov byte ptr cs:[0x17e], 1 0x9f8b7: call 0x9f9b3 0x9f8ba: ret 0x9f8bb: add byte ptr [bx + si], al 0x9f8bd: add byte ptr [bx + si], al 0x9f8bf: add byte ptr [bx + si + 0x4007], al 0x9f8c3: adc byte ptr [bx], bh 0x9f8c5: adc byte ptr [bx + si + 0x10], al 0x9f8c8: aas 0x9f8c9: adc byte ptr [bx + si + 0x10], al 0x9f8cc: inc di 0x9f8cd: adc byte ptr [0x3c10], bh |
| 2018-12-25T12:54:37.165924217Z | 44 | PC: 9f8a4 | Get time 0x9f8a4: cmp ch, 0xc 0x9f8a7: jne 0x9f8ba 0x9f8a9: cmp byte ptr cs:[0x17e], 1 0x9f8af: je 0x9f8ba 0x9f8b1: mov byte ptr cs:[0x17e], 1 0x9f8b7: call 0x9f9b3 0x9f8ba: ret 0x9f8bb: add byte ptr [bx + si], al 0x9f8bd: add byte ptr [bx + si], al 0x9f8bf: add byte ptr [bx + si + 0x4007], al 0x9f8c3: adc byte ptr [bx], bh 0x9f8c5: adc byte ptr [bx + si + 0x10], al 0x9f8c8: aas 0x9f8c9: adc byte ptr [bx + si + 0x10], al 0x9f8cc: inc di 0x9f8cd: adc byte ptr [0x3c10], bh 0x9f8d1: adc byte ptr [di + 0x20], al |
| 2018-12-25T12:54:37.168333965Z | 44 | PC: 9f9bb | Get time 0x9f9bb: mov byte ptr cs:[0x5bf], dl 0x9f9c0: mov ah, 0x2c 0x9f9c2: int 0x21 0x9f9c4: cmp dl, byte ptr cs:[0x5bf] 0x9f9c9: je 0x9f9c0 0x9f9cb: mov byte ptr cs:[0x5bf], dl 0x9f9d0: mov ah, 0x2c 0x9f9d2: int 0x21 0x9f9d4: inc word ptr cs:[0x5bd] 0x9f9d9: cmp dl, byte ptr cs:[0x5bf] 0x9f9de: je 0x9f9d0 0x9f9e0: mov dx, 0 0x9f9e3: mov ax, word ptr cs:[0x5bd] 0x9f9e7: mov bx, 0x4b 0x9f9ea: mul bx 0x9f9ec: mov bx, 0x11 0x9f9ef: div bx 0x9f9f1: mov word ptr cs:[0x5bb], ax 0x9f9f5: call 0x9f9f9 0x9f9f8: ret |
| 2018-12-25T12:54:37.171063303Z | 44 | PC: 9f9c4 | Get time 0x9f9c4: cmp dl, byte ptr cs:[0x5bf] 0x9f9c9: je 0x9f9c0 0x9f9cb: mov byte ptr cs:[0x5bf], dl 0x9f9d0: mov ah, 0x2c 0x9f9d2: int 0x21 0x9f9d4: inc word ptr cs:[0x5bd] 0x9f9d9: cmp dl, byte ptr cs:[0x5bf] 0x9f9de: je 0x9f9d0 0x9f9e0: mov dx, 0 0x9f9e3: mov ax, word ptr cs:[0x5bd] 0x9f9e7: mov bx, 0x4b 0x9f9ea: mul bx 0x9f9ec: mov bx, 0x11 0x9f9ef: div bx 0x9f9f1: mov word ptr cs:[0x5bb], ax 0x9f9f5: call 0x9f9f9 0x9f9f8: ret 0x9f9f9: mov si, 0x5c2 0x9f9fc: mov al, byte ptr cs:[si] 0x9f9ff: mov byte ptr cs:[0x695], al |
| 2018-12-25T12:54:37.173539066Z | 44 | PC: 9f9c4 | Get time (See above) |
| 2018-12-25T12:54:37.175905519Z | 44 | PC: 9f9c4 | Get time (See above) |
| 2018-12-25T12:54:37.180573906Z | 44 | PC: 9f9c4 | Get time (See above) |
| 2018-12-25T12:54:37.182995933Z | 44 | PC: 9f9c4 | Get time (See above) |
| 2018-12-25T12:54:37.185524936Z | 44 | PC: 9f9c4 | Get time (See above) |
| 2018-12-25T12:54:37.199310671Z | 44 | PC: 9f9c4 | Get time (See above) |
| 2018-12-25T12:54:37.201713721Z | 44 | PC: 9f9c4 | Get time (See above) |
| 2018-12-25T12:54:37.204023328Z | 44 | PC: 9f9c4 | Get time (See above) |
| 2018-12-25T12:54:37.206957675Z | 44 | PC: 9f9c4 | Get time (See above) |
| 2018-12-25T12:54:37.209204876Z | 44 | PC: 9f9c4 | Get time (See above) |
| 2018-12-25T12:54:37.211124541Z | 44 | PC: 9f9c4 | Get time (See above) |
| 2018-12-25T12:54:37.213600489Z | 44 | PC: 9f9c4 | Get time (See above) |
| 2018-12-25T12:54:37.215416579Z | 44 | PC: 9f9c4 | Get time (See above) |
| 2018-12-25T12:54:37.217252964Z | 44 | PC: 9f9c4 | Get time (See above) |
| 2018-12-25T12:54:37.220797259Z | 44 | PC: 9f9c4 | Get time (See above) |
| 2018-12-25T12:54:37.222421195Z | 44 | PC: 9f9c4 | Get time (See above) |
| 2018-12-25T12:54:37.224146676Z | 44 | PC: 9f9c4 | Get time (See above) |
| 2018-12-25T12:54:37.226572814Z | 44 | PC: 9f9c4 | Get time (See above) |
| 2018-12-25T12:54:37.228439646Z | 44 | PC: 9f9c4 | Get time (See above) |
| 2018-12-25T12:54:37.230248144Z | 44 | PC: 9f9c4 | Get time (See above) |
| 2018-12-25T12:54:37.232218478Z | 44 | PC: 9f9c4 | Get time (See above) |
| 2018-12-25T12:54:37.236557401Z | 44 | PC: 9f9c4 | Get time (See above) |
| 2018-12-25T12:54:37.238140099Z | 44 | PC: 9f9c4 | Get time (See above) |
| 2018-12-25T12:54:37.239901313Z | 44 | PC: 9f9c4 | Get time (See above) |
| 2018-12-25T12:54:37.242033169Z | 44 | PC: 9f9d4 | Get time 0x9f9d4: inc word ptr cs:[0x5bd] 0x9f9d9: cmp dl, byte ptr cs:[0x5bf] 0x9f9de: je 0x9f9d0 0x9f9e0: mov dx, 0 0x9f9e3: mov ax, word ptr cs:[0x5bd] 0x9f9e7: mov bx, 0x4b 0x9f9ea: mul bx 0x9f9ec: mov bx, 0x11 0x9f9ef: div bx 0x9f9f1: mov word ptr cs:[0x5bb], ax 0x9f9f5: call 0x9f9f9 0x9f9f8: ret 0x9f9f9: mov si, 0x5c2 0x9f9fc: mov al, byte ptr cs:[si] 0x9f9ff: mov byte ptr cs:[0x695], al 0x9fa03: cmp byte ptr cs:[0x695], 0xff 0x9fa09: je 0x9fa1f 0x9fa0b: inc si 0x9fa0c: mov al, byte ptr cs:[si] 0x9fa0f: mov byte ptr cs:[0x696], al |
| 2018-12-25T12:54:37.243779264Z | 44 | PC: 9f9d4 | Get time (See above) |
| 2018-12-25T12:54:37.245552661Z | 44 | PC: 9f9d4 | Get time (See above) |
| 2018-12-25T12:54:37.247561847Z | 44 | PC: 9f9d4 | Get time (See above) |
| 2018-12-25T12:54:37.250096905Z | 44 | PC: 9f9d4 | Get time (See above) |
| 2018-12-25T12:54:37.252787236Z | 44 | PC: 9f9d4 | Get time (See above) |
| 2018-12-25T12:54:37.255462758Z | 44 | PC: 9f9d4 | Get time (See above) |
| 2018-12-25T12:54:37.257984504Z | 44 | PC: 9f9d4 | Get time (See above) |
| 2018-12-25T12:54:37.260601864Z | 44 | PC: 9f9d4 | Get time (See above) |
| 2018-12-25T12:54:37.263650792Z | 44 | PC: 9f9d4 | Get time (See above) |
| 2018-12-25T12:54:37.266399482Z | 44 | PC: 9f9d4 | Get time (See above) |
| 2018-12-25T12:54:37.26887808Z | 44 | PC: 9f9d4 | Get time (See above) |
| 2018-12-25T12:54:37.271830113Z | 44 | PC: 9f9d4 | Get time (See above) |
| 2018-12-25T12:54:37.274140119Z | 44 | PC: 9f9d4 | Get time (See above) |
| 2018-12-25T12:54:37.276657762Z | 44 | PC: 9f9d4 | Get time (See above) |
| 2018-12-25T12:54:37.279421883Z | 44 | PC: 9f9d4 | Get time (See above) |
| 2018-12-25T12:54:37.282134461Z | 44 | PC: 9f9d4 | Get time (See above) |
| 2018-12-25T12:54:37.284849738Z | 44 | PC: 9f9d4 | Get time (See above) |
| 2018-12-25T12:54:37.288418526Z | 44 | PC: 9f9d4 | Get time (See above) |
| 2018-12-25T12:54:37.291247771Z | 44 | PC: 9f9d4 | Get time (See above) |
| 2018-12-25T12:54:37.293949466Z | 44 | PC: 9f9d4 | Get time (See above) |
| 2018-12-25T12:54:37.296434056Z | 44 | PC: 9f9d4 | Get time (See above) |
| 2018-12-25T12:54:37.298967617Z | 44 | PC: 9f9d4 | Get time (See above) |
| 2018-12-25T12:54:37.301352252Z | 44 | PC: 9f9d4 | Get time (See above) |
| 2018-12-25T12:54:37.304624656Z | 44 | PC: 9f9d4 | Get time (See above) |
| 2018-12-25T12:54:37.307051274Z | 44 | PC: 9f9d4 | Get time (See above) |
| 2018-12-25T12:54:37.30941773Z | 44 | PC: 9f9d4 | Get time (See above) |
| 2018-12-25T12:54:37.311619689Z | 44 | PC: 9f9d4 | Get time (See above) |
| 2018-12-25T12:54:37.314198819Z | 44 | PC: 9f9d4 | Get time (See above) |