{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17335,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:55:30.807014894Z | 42 | PC: 12a44 | Get date 0x12a44: cmp al, 5 0x12a46: jne 0x12a69 0x12a48: mov ax, 0x13 0x12a4b: int 0x10 0x12a4d: mov bx, 0xa000 0x12a50: mov ds, bx 0x12a52: mov byte ptr [bx], cl 0x12a54: add bx, bx 0x12a56: jae 0x12a5b 0x12a58: xor bl, 0x2d 0x12a5b: loop 0x12a52 0x12a5d: mov ah, 1 0x12a5f: int 0x16 0x12a61: je 0x12a52 0x12a63: mov ax, 3 0x12a66: int 0x10 0x12a68: ret 0x12a69: mov ax, 0x3521 0x12a6c: int 0x21 0x12a6e: mov word ptr [0x182], bx |
| 2018-12-25T12:55:30.809249089Z | 53 | PC: 12a6e | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:55:30.811091913Z | 37 | PC: 12a7d | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:55:30.812648704Z | 49 | PC: 12a81 | Terminate and stay resident (Return code = '0' | Memory size = '27') |
{"DateBased":true,"Day":4,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17335,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:55:31.027067095Z | 42 | PC: 12a44 | Get date 0x12a44: cmp al, 5 0x12a46: jne 0x12a69 0x12a48: mov ax, 0x13 0x12a4b: int 0x10 0x12a4d: mov bx, 0xa000 0x12a50: mov ds, bx 0x12a52: mov byte ptr [bx], cl 0x12a54: add bx, bx 0x12a56: jae 0x12a5b 0x12a58: xor bl, 0x2d 0x12a5b: loop 0x12a52 0x12a5d: mov ah, 1 0x12a5f: int 0x16 0x12a61: je 0x12a52 0x12a63: mov ax, 3 0x12a66: int 0x10 0x12a68: ret 0x12a69: mov ax, 0x3521 0x12a6c: int 0x21 0x12a6e: mov word ptr [0x182], bx |