{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17719,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:56:39.325544322Z | 250 | PC: 12bc7 | UNKNOWN! |
| 2018-12-25T12:56:39.326915477Z | 42 | PC: 12bcf | Get date 0x12bcf: cmp dl, 1 0x12bd2: jne 0x12bda 0x12bd4: mov byte ptr cs:[bp + 0x68f], 1 0x12bda: mov ax, es 0x12bdc: dec ax 0x12bdd: mov ds, ax 0x12bdf: cmp byte ptr [0], 0x5a 0x12be4: jne 0x12c2b 0x12be6: sub word ptr [3], 0x180 0x12bec: sub word ptr [0x12], 0x180 0x12bf2: mov es, word ptr [0x12] 0x12bf6: push cs 0x12bf7: pop ds 0x12bf8: mov si, bp 0x12bfa: mov cx, 0x430 0x12bfd: xor di, di 0x12bff: rep movsd dword ptr es:[di], dword ptr [si] 0x12c01: xor ax, ax 0x12c03: mov ds, ax 0x12c05: push ds |
| 2018-12-25T12:56:39.329249933Z | 44 | PC: 13003 | Get time 0x13003: ret 0x13004: and dh, bh 0x13006: and byte ptr [bx + si + 0x49], dl 0x13009: out dx, ax 0x1300a: push di 0x1300b: jmp 0x17d80 0x1300e: push word ptr [bp + 0x31] 0x13011: xor byte ptr cs:[bx + si], dh 0x13014: and byte ptr [di], ch 0x13016: and byte ptr [bp + di + 0x6f], al 0x13019: and byte ptr fs:[bp + si + 0x79], ah 0x1301f: and bl, bh 0x13021: imul si, word ptr [bp + si + 0x6f], 0x6567 0x13026: outsb dx, byte ptr [si] 0x13027: and byte ptr [bx + di + 0x6e], ch 0x1302a: and byte ptr [bx + di + 0x70], al 0x1302d: jb 0x13098 0x1302f: insb byte ptr es:[di], dx 0x13030: and byte ptr [bx + di], dh 0x13032: cmp word ptr [bx + di], di |
{"DateBased":true,"Day":2,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17719,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:56:39.434923496Z | 250 | PC: 12bc7 | UNKNOWN! |
| 2018-12-25T12:56:39.437369607Z | 42 | PC: 12bcf | Get date 0x12bcf: cmp dl, 1 0x12bd2: jne 0x12bda 0x12bd4: mov byte ptr cs:[bp + 0x68f], 1 0x12bda: mov ax, es 0x12bdc: dec ax 0x12bdd: mov ds, ax 0x12bdf: cmp byte ptr [0], 0x5a 0x12be4: jne 0x12c2b 0x12be6: sub word ptr [3], 0x180 0x12bec: sub word ptr [0x12], 0x180 0x12bf2: mov es, word ptr [0x12] 0x12bf6: push cs 0x12bf7: pop ds 0x12bf8: mov si, bp 0x12bfa: mov cx, 0x430 0x12bfd: xor di, di 0x12bff: rep movsd dword ptr es:[di], dword ptr [si] 0x12c01: xor ax, ax 0x12c03: mov ds, ax 0x12c05: push ds |
| 2018-12-25T12:56:39.440037869Z | 44 | PC: 13003 | Get time 0x13003: ret 0x13004: and dh, bh 0x13006: and byte ptr [bx + si + 0x49], dl 0x13009: out dx, ax 0x1300a: push di 0x1300b: jmp 0x17d80 0x1300e: push word ptr [bp + 0x31] 0x13011: xor byte ptr cs:[bx + si], dh 0x13014: and byte ptr [di], ch 0x13016: and byte ptr [bp + di + 0x6f], al 0x13019: and byte ptr fs:[bp + si + 0x79], ah 0x1301f: and bl, bh 0x13021: imul si, word ptr [bp + si + 0x6f], 0x6567 0x13026: outsb dx, byte ptr [si] 0x13027: and byte ptr [bx + di + 0x6e], ch 0x1302a: and byte ptr [bx + di + 0x70], al 0x1302d: jb 0x13098 0x1302f: insb byte ptr es:[di], dx 0x13030: and byte ptr [bx + di], dh 0x13032: cmp word ptr [bx + di], di |