{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17696,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:56:23.918705556Z | 74 | PC: 12ecd | Reallocate memory |
| 2018-12-25T12:56:23.920864763Z | 72 | PC: 12ed4 | Allocate memory |
| 2018-12-25T12:56:23.922847479Z | 42 | PC: 12e5e | Get date 0x12e5e: cmp dl, 0x13 0x12e61: je 0x12e61 0x12e63: mov ah, 1 0x12e65: cmp byte ptr [bp + 0x386], ah 0x12e69: jne 0x12e86 0x12e6b: pop es 0x12e6c: mov di, 0x100 0x12e6f: lea si, word ptr [bp + 0x387] 0x12e73: mov cx, 3 0x12e76: rep movsb byte ptr es:[di], byte ptr [si] 0x12e78: pop ds 0x12e79: call 0x12eae 0x12e7c: mov sp, 0xfffe 0x12e7f: mov bp, 0x100 0x12e82: push bp 0x12e83: mov bp, ax 0x12e85: ret 0x12e86: pop es 0x12e87: push es 0x12e88: pop ds |
{"DateBased":true,"Day":19,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17696,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:56:24.341210628Z | 74 | PC: 12ecd | Reallocate memory |
| 2018-12-25T12:56:24.343126705Z | 72 | PC: 12ed4 | Allocate memory |
| 2018-12-25T12:56:24.344885103Z | 42 | PC: 12e5e | Get date 0x12e5e: cmp dl, 0x13 0x12e61: je 0x12e61 0x12e63: mov ah, 1 0x12e65: cmp byte ptr [bp + 0x386], ah 0x12e69: jne 0x12e86 0x12e6b: pop es 0x12e6c: mov di, 0x100 0x12e6f: lea si, word ptr [bp + 0x387] 0x12e73: mov cx, 3 0x12e76: rep movsb byte ptr es:[di], byte ptr [si] 0x12e78: pop ds 0x12e79: call 0x12eae 0x12e7c: mov sp, 0xfffe 0x12e7f: mov bp, 0x100 0x12e82: push bp 0x12e83: mov bp, ax 0x12e85: ret 0x12e86: pop es 0x12e87: push es 0x12e88: pop ds |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17696,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:56:24.731263742Z | 74 | PC: 12ecd | Reallocate memory |
| 2018-12-25T12:56:24.73755288Z | 72 | PC: 12ed4 | Allocate memory |
| 2018-12-25T12:56:24.738988617Z | 42 | PC: 12e5e | Get date 0x12e5e: cmp dl, 0x13 0x12e61: je 0x12e61 0x12e63: mov ah, 1 0x12e65: cmp byte ptr [bp + 0x386], ah 0x12e69: jne 0x12e86 0x12e6b: pop es 0x12e6c: mov di, 0x100 0x12e6f: lea si, word ptr [bp + 0x387] 0x12e73: mov cx, 3 0x12e76: rep movsb byte ptr es:[di], byte ptr [si] 0x12e78: pop ds 0x12e79: call 0x12eae 0x12e7c: mov sp, 0xfffe 0x12e7f: mov bp, 0x100 0x12e82: push bp 0x12e83: mov bp, ax 0x12e85: ret 0x12e86: pop es 0x12e87: push es 0x12e88: pop ds |
{"DateBased":true,"Day":19,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17696,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:56:25.032389907Z | 74 | PC: 12ecd | Reallocate memory |
| 2018-12-25T12:56:25.034666914Z | 72 | PC: 12ed4 | Allocate memory |
| 2018-12-25T12:56:25.036788343Z | 42 | PC: 12e5e | Get date 0x12e5e: cmp dl, 0x13 0x12e61: je 0x12e61 0x12e63: mov ah, 1 0x12e65: cmp byte ptr [bp + 0x386], ah 0x12e69: jne 0x12e86 0x12e6b: pop es 0x12e6c: mov di, 0x100 0x12e6f: lea si, word ptr [bp + 0x387] 0x12e73: mov cx, 3 0x12e76: rep movsb byte ptr es:[di], byte ptr [si] 0x12e78: pop ds 0x12e79: call 0x12eae 0x12e7c: mov sp, 0xfffe 0x12e7f: mov bp, 0x100 0x12e82: push bp 0x12e83: mov bp, ax 0x12e85: ret 0x12e86: pop es 0x12e87: push es 0x12e88: pop ds |