{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17386,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:55:38.708607163Z | 250 | PC: 12a53 | UNKNOWN! |
| 2018-12-25T12:55:38.709923059Z | 42 | PC: 12a61 | Get date 0x12a61: cmp dl, 1 0x12a64: jne 0x12a6c 0x12a66: mov byte ptr cs:[bp + 0x287], 1 0x12a6c: mov ax, ds 0x12a6e: dec ax 0x12a6f: mov ds, ax 0x12a71: cmp byte ptr [0], 0x5a 0x12a76: jne 0x12ab5 0x12a78: sub word ptr [3], 0x180 0x12a7e: sub word ptr [0x12], 0x180 0x12a84: mov es, word ptr [0x12] 0x12a88: push cs 0x12a89: pop ds 0x12a8a: mov si, bp 0x12a8c: mov cx, 0x4d2 0x12a8f: xor di, di 0x12a91: rep movsd dword ptr es:[di], dword ptr [si] 0x12a93: xor ax, ax 0x12a95: mov ds, ax 0x12a97: push ds |
{"DateBased":true,"Day":2,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17386,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:55:39.162622441Z | 250 | PC: 12a53 | UNKNOWN! |
| 2018-12-25T12:55:39.164713482Z | 42 | PC: 12a61 | Get date 0x12a61: cmp dl, 1 0x12a64: jne 0x12a6c 0x12a66: mov byte ptr cs:[bp + 0x287], 1 0x12a6c: mov ax, ds 0x12a6e: dec ax 0x12a6f: mov ds, ax 0x12a71: cmp byte ptr [0], 0x5a 0x12a76: jne 0x12ab5 0x12a78: sub word ptr [3], 0x180 0x12a7e: sub word ptr [0x12], 0x180 0x12a84: mov es, word ptr [0x12] 0x12a88: push cs 0x12a89: pop ds 0x12a8a: mov si, bp 0x12a8c: mov cx, 0x4d2 0x12a8f: xor di, di 0x12a91: rep movsd dword ptr es:[di], dword ptr [si] 0x12a93: xor ax, ax 0x12a95: mov ds, ax 0x12a97: push ds |