{"DateBased":true,"Day":4,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17452,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:55:50.026648647Z | 42 | PC: 2e885 | Get date 0x2e885: cmp dx, 0x604 0x2e889: je 0x2e88c 0x2e88b: ret 0x2e88c: mov ah, 9 0x2e88e: mov dx, 0x1a4 0x2e891: mov bx, cs 0x2e893: mov ds, bx 0x2e895: int 0x21 0x2e897: mov ah, 9 0x2e899: mov dx, 0x1d1 0x2e89c: int 0x21 0x2e89e: mov bx, 0x10 0x2e8a1: mov cx, 0xffff 0x2e8a4: loop 0x2e8a4 0x2e8a6: dec bx 0x2e8a7: cmp bx, 0 0x2e8aa: je 0x2e8ae 0x2e8ac: jmp 0x2e8a1 0x2e8ae: mov ah, 9 0x2e8b0: mov dx, 0x20d |
| 2018-12-25T12:55:50.028545075Z | 9 | PC: 2e897 | Display string (Could not find end pointer) |
| 2018-12-25T12:55:50.033559718Z | 9 | PC: 2e89e | Display string (Could not find end pointer) |
| 2018-12-25T12:55:50.093134006Z | 9 | PC: 2e8b5 | Display string (Could not find end pointer) |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17452,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:55:50.656385439Z | 42 | PC: 2e885 | Get date 0x2e885: cmp dx, 0x604 0x2e889: je 0x2e88c 0x2e88b: ret 0x2e88c: mov ah, 9 0x2e88e: mov dx, 0x1a4 0x2e891: mov bx, cs 0x2e893: mov ds, bx 0x2e895: int 0x21 0x2e897: mov ah, 9 0x2e899: mov dx, 0x1d1 0x2e89c: int 0x21 0x2e89e: mov bx, 0x10 0x2e8a1: mov cx, 0xffff 0x2e8a4: loop 0x2e8a4 0x2e8a6: dec bx 0x2e8a7: cmp bx, 0 0x2e8aa: je 0x2e8ae 0x2e8ac: jmp 0x2e8a1 0x2e8ae: mov ah, 9 0x2e8b0: mov dx, 0x20d |
| 2018-12-25T12:55:50.65837896Z | 255 | PC: 2efcf | UNKNOWN! |
| 2018-12-25T12:55:50.659022308Z | 53 | PC: 2e91c | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:55:50.660431267Z | 37 | PC: 2e933 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |