{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":209,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:40:22.553835998Z | 160 | PC: 12a4f | UNKNOWN! |
| 2018-12-25T11:40:22.555354924Z | 53 | PC: 12a5b | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T11:40:22.556646758Z | 37 | PC: 12aae | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T11:40:22.557953758Z | 42 | PC: 12ab3 | Get date 0x12ab3: cmp al, 1 0x12ab5: je 0x12adb 0x12ab7: cmp sp, 0xabcd 0x12abb: jne 0x12aec 0x12abd: push es 0x12abe: pop ds 0x12abf: mov ax, es 0x12ac1: add ax, 0x10 0x12ac4: add word ptr cs:[bp + 0x99], ax 0x12ac9: add ax, word ptr cs:[bp + 0x29c] 0x12ace: cli 0x12acf: mov ss, ax 0x12ad1: mov sp, word ptr [bp + 0x29a] 0x12ad5: sti 0x12ad6: ljmp 0:0x20cd 0x12adb: in al, 0x40 0x12add: xchg ah, al 0x12adf: in al, 0x40 0x12ae1: xchg ax, dx 0x12ae2: mov cx, 1 |
{"DateBased":true,"Day":7,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":209,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:40:22.642081368Z | 160 | PC: 12a4f | UNKNOWN! |
| 2018-12-25T11:40:22.643391241Z | 53 | PC: 12a5b | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T11:40:22.644520918Z | 37 | PC: 12aae | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T11:40:22.645607628Z | 42 | PC: 12ab3 | Get date 0x12ab3: cmp al, 1 0x12ab5: je 0x12adb 0x12ab7: cmp sp, 0xabcd 0x12abb: jne 0x12aec 0x12abd: push es 0x12abe: pop ds 0x12abf: mov ax, es 0x12ac1: add ax, 0x10 0x12ac4: add word ptr cs:[bp + 0x99], ax 0x12ac9: add ax, word ptr cs:[bp + 0x29c] 0x12ace: cli 0x12acf: mov ss, ax 0x12ad1: mov sp, word ptr [bp + 0x29a] 0x12ad5: sti 0x12ad6: ljmp 0:0x20cd 0x12adb: in al, 0x40 0x12add: xchg ah, al 0x12adf: in al, 0x40 0x12ae1: xchg ax, dx 0x12ae2: mov cx, 1 |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":209,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:40:22.850428479Z | 160 | PC: 12a4f | UNKNOWN! |
| 2018-12-25T11:40:22.851530617Z | 53 | PC: 12a5b | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T11:40:22.852712823Z | 37 | PC: 12aae | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T11:40:22.85376617Z | 42 | PC: 12ab3 | Get date 0x12ab3: cmp al, 1 0x12ab5: je 0x12adb 0x12ab7: cmp sp, 0xabcd 0x12abb: jne 0x12aec 0x12abd: push es 0x12abe: pop ds 0x12abf: mov ax, es 0x12ac1: add ax, 0x10 0x12ac4: add word ptr cs:[bp + 0x99], ax 0x12ac9: add ax, word ptr cs:[bp + 0x29c] 0x12ace: cli 0x12acf: mov ss, ax 0x12ad1: mov sp, word ptr [bp + 0x29a] 0x12ad5: sti 0x12ad6: ljmp 0:0x20cd 0x12adb: in al, 0x40 0x12add: xchg ah, al 0x12adf: in al, 0x40 0x12ae1: xchg ax, dx 0x12ae2: mov cx, 1 |
{"DateBased":true,"Day":7,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":209,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:40:22.959966095Z | 160 | PC: 12a4f | UNKNOWN! |
| 2018-12-25T11:40:22.961278782Z | 53 | PC: 12a5b | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T11:40:22.962640721Z | 37 | PC: 12aae | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T11:40:22.963989367Z | 42 | PC: 12ab3 | Get date 0x12ab3: cmp al, 1 0x12ab5: je 0x12adb 0x12ab7: cmp sp, 0xabcd 0x12abb: jne 0x12aec 0x12abd: push es 0x12abe: pop ds 0x12abf: mov ax, es 0x12ac1: add ax, 0x10 0x12ac4: add word ptr cs:[bp + 0x99], ax 0x12ac9: add ax, word ptr cs:[bp + 0x29c] 0x12ace: cli 0x12acf: mov ss, ax 0x12ad1: mov sp, word ptr [bp + 0x29a] 0x12ad5: sti 0x12ad6: ljmp 0:0x20cd 0x12adb: in al, 0x40 0x12add: xchg ah, al 0x12adf: in al, 0x40 0x12ae1: xchg ax, dx 0x12ae2: mov cx, 1 |