{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":2767,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:46:24.872639096Z | 74 | PC: 14fc1 | Reallocate memory |
| 2018-12-25T11:46:24.874870043Z | 72 | PC: 14fca | Allocate memory |
| 2018-12-25T11:46:24.87668972Z | 82 | PC: 14fd6 | Get DOS internal pointers (SYSVARS) |
| 2018-12-25T11:46:24.878434429Z | 53 | PC: 9e3e0 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T11:46:24.879823646Z | 53 | PC: 9e3f1 | Get interrupt vector (Interrupt = '19' AKA 'Delete file') |
| 2018-12-25T11:46:24.881318046Z | 37 | PC: 9e407 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T11:46:24.88228805Z | 42 | PC: 9e40b | Get date 0x9e40b: cmp dh, 1 0x9e40e: jne 0x9e441 0x9e410: mov ax, 0x3508 0x9e413: int 0x21 0x9e415: mov word ptr cs:[0x7c0], bx 0x9e41a: mov bx, es 0x9e41c: mov word ptr cs:[0x7c2], bx 0x9e421: mov ax, 0x2508 0x9e424: push cs 0x9e425: pop ds 0x9e426: mov dx, 0x7d0 0x9e429: int 0x21 0x9e42b: mov ah, 0x2c 0x9e42d: int 0x21 0x9e42f: mov ax, 0x800 0x9e432: mov dh, 0 0x9e434: mov cl, 5 0x9e436: shl dx, cl 0x9e438: add ax, dx 0x9e43a: mov word ptr cs:[0x7cc], ax |
| 2018-12-25T11:46:24.884240823Z | 53 | PC: 9e415 | Get interrupt vector (Interrupt = '8' AKA 'Console input without echo') |
| 2018-12-25T11:46:24.885794389Z | 37 | PC: 9e42b | Set interrupt vector (Interrupt = '8' AKA 'Console input without echo') |
| 2018-12-25T11:46:24.88730366Z | 44 | PC: 9e42f | Get time 0x9e42f: mov ax, 0x800 0x9e432: mov dh, 0 0x9e434: mov cl, 5 0x9e436: shl dx, cl 0x9e438: add ax, dx 0x9e43a: mov word ptr cs:[0x7cc], ax 0x9e43e: call 0x9e511 0x9e441: jmp 0x9dd56 0x9e444: add ax, 0xdf5 0x9e448: clc 0x9e449: inc ax 0x9e44a: sbb word ptr [bx + si], ax 0x9e44c: sbb al, byte ptr [bx + di] 0x9e44e: mov word ptr [bp + di], cs 0x9e450: cmp al, 0 0x9e452: lcall 0x7007:0x7410 0x9e457: add byte ptr [bx + si], al 0x9e459: add byte ptr [bx + si], al 0x9e45b: add byte ptr [bx + di], al 0x9e45d: or ax, 0x8306 |
| 2018-12-25T11:46:24.889755798Z | 9 | PC: 12a5c | Display string (Could not find end pointer) |
| 2018-12-25T11:46:24.893993904Z | 76 | PC: 12a61 | Terminate with return code (Return code = '1') |
{"DateBased":true,"Day":1,"Month":2,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":2767,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:46:24.995071161Z | 74 | PC: 14fc1 | Reallocate memory |
| 2018-12-25T11:46:24.998127998Z | 72 | PC: 14fca | Allocate memory |
| 2018-12-25T11:46:25.000140101Z | 82 | PC: 14fd6 | Get DOS internal pointers (SYSVARS) |
| 2018-12-25T11:46:25.001917642Z | 53 | PC: 9e3e0 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T11:46:25.004609826Z | 53 | PC: 9e3f1 | Get interrupt vector (Interrupt = '19' AKA 'Delete file') |
| 2018-12-25T11:46:25.00629792Z | 37 | PC: 9e407 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T11:46:25.007901682Z | 42 | PC: 9e40b | Get date 0x9e40b: cmp dh, 1 0x9e40e: jne 0x9e441 0x9e410: mov ax, 0x3508 0x9e413: int 0x21 0x9e415: mov word ptr cs:[0x7c0], bx 0x9e41a: mov bx, es 0x9e41c: mov word ptr cs:[0x7c2], bx 0x9e421: mov ax, 0x2508 0x9e424: push cs 0x9e425: pop ds 0x9e426: mov dx, 0x7d0 0x9e429: int 0x21 0x9e42b: mov ah, 0x2c 0x9e42d: int 0x21 0x9e42f: mov ax, 0x800 0x9e432: mov dh, 0 0x9e434: mov cl, 5 0x9e436: shl dx, cl 0x9e438: add ax, dx 0x9e43a: mov word ptr cs:[0x7cc], ax |
| 2018-12-25T11:46:25.010953424Z | 9 | PC: 12a5c | Display string (Could not find end pointer) |
| 2018-12-25T11:46:25.017188713Z | 76 | PC: 12a61 | Terminate with return code (Return code = '1') |