{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":2747,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:46:23.028019182Z | 26 | PC: 12a54 | Set disk transfer address |
| 2018-12-25T11:46:23.029680119Z | 42 | PC: 12a74 | Get date 0x12a74: cmp dl, 0x12 0x12a77: jne 0x12a7c 0x12a79: jmp 0x12c6b 0x12a7c: mov bh, 1 0x12a7e: push bx 0x12a7f: mov ah, 0x19 0x12a81: int 0x21 0x12a83: push cs 0x12a84: pop ds 0x12a85: mov si, 0x37b 0x12a88: mov byte ptr [si], al 0x12a8a: mov ah, 0xe 0x12a8c: mov dl, 2 0x12a8e: int 0x21 0x12a90: push cs 0x12a91: pop ds 0x12a92: xor dx, dx 0x12a94: mov si, 0xfac8 0x12a97: mov ah, 0x47 0x12a99: int 0x21 |
| 2018-12-25T11:46:23.031733469Z | 25 | PC: 12a83 | Get default drive |
| 2018-12-25T11:46:23.032742629Z | 14 | PC: 12a90 | Set default drive (Drive = 'C') |
| 2018-12-25T11:46:23.034458629Z | 71 | PC: 12a9b | Get current directory |
| 2018-12-25T11:46:23.036696881Z | 59 | PC: 12aa2 | Change current directory |
| 2018-12-25T11:46:23.042201375Z | 67 | PC: 12ae8 | Get or set file attributes |
| 2018-12-25T11:46:23.051015879Z | 78 | PC: 12ad5 | Find first file |
| 2018-12-25T11:46:23.054568267Z | 67 | PC: 12ae8 | Get or set file attributes (See above) |
| 2018-12-25T11:46:23.060141928Z | 59 | PC: 12ab4 | Change current directory |
| 2018-12-25T11:46:23.062188243Z | 59 | PC: 12abb | Change current directory |
| 2018-12-25T11:46:23.063994777Z | 14 | PC: 12ac6 | Set default drive (Drive = 'A') |
| 2018-12-25T11:46:23.06518577Z | 67 | PC: 12ae8 | Get or set file attributes (See above) |
| 2018-12-25T11:46:23.071353047Z | 78 | PC: 12ad5 | Find first file (See above) |
| 2018-12-25T11:46:23.079252048Z | 67 | PC: 12ae8 | Get or set file attributes (See above) |
{"DateBased":true,"Day":18,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":2747,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:46:23.062695275Z | 26 | PC: 12a54 | Set disk transfer address |
| 2018-12-25T11:46:23.066524104Z | 42 | PC: 12a74 | Get date 0x12a74: cmp dl, 0x12 0x12a77: jne 0x12a7c 0x12a79: jmp 0x12c6b 0x12a7c: mov bh, 1 0x12a7e: push bx 0x12a7f: mov ah, 0x19 0x12a81: int 0x21 0x12a83: push cs 0x12a84: pop ds 0x12a85: mov si, 0x37b 0x12a88: mov byte ptr [si], al 0x12a8a: mov ah, 0xe 0x12a8c: mov dl, 2 0x12a8e: int 0x21 0x12a90: push cs 0x12a91: pop ds 0x12a92: xor dx, dx 0x12a94: mov si, 0xfac8 0x12a97: mov ah, 0x47 0x12a99: int 0x21 |
| 2018-12-25T11:46:23.069198516Z | 25 | PC: 12a83 | Get default drive |
| 2018-12-25T11:46:23.070281616Z | 14 | PC: 12a90 | Set default drive (Drive = 'C') |
| 2018-12-25T11:46:23.072633244Z | 71 | PC: 12a9b | Get current directory |
| 2018-12-25T11:46:23.075323797Z | 59 | PC: 12aa2 | Change current directory |
| 2018-12-25T11:46:23.081311189Z | 67 | PC: 12ae8 | Get or set file attributes |
| 2018-12-25T11:46:23.091284597Z | 78 | PC: 12ad5 | Find first file |
| 2018-12-25T11:46:23.095458759Z | 67 | PC: 12ae8 | Get or set file attributes (See above) |
| 2018-12-25T11:46:23.101071851Z | 59 | PC: 12ab4 | Change current directory |
| 2018-12-25T11:46:23.102692151Z | 59 | PC: 12abb | Change current directory |
| 2018-12-25T11:46:23.104691314Z | 14 | PC: 12ac6 | Set default drive (Drive = 'A') |
| 2018-12-25T11:46:23.105879079Z | 67 | PC: 12ae8 | Get or set file attributes (See above) |
| 2018-12-25T11:46:23.111968089Z | 78 | PC: 12ad5 | Find first file (See above) |
| 2018-12-25T11:46:23.11670407Z | 67 | PC: 12ae8 | Get or set file attributes (See above) |