{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":289,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:40:25.125774585Z | 42 | PC: 12c37 | Get date 0x12c37: cmp dx, 0x51b 0x12c3b: je 0x12c40 0x12c3d: jmp 0x12d11 0x12c40: mov ax, 0x13 0x12c43: int 0x10 0x12c45: cli 0x12c46: mov ax, cs 0x12c48: sub ax, 0x60 0x12c4b: push ax 0x12c4c: pop es 0x12c4d: xor bx, bx 0x12c4f: mov ax, 1 0x12c52: xor dx, dx 0x12c54: mov cx, 0x100 0x12c57: mov byte ptr es:[bx], 0 0x12c5b: mov byte ptr es:[bx + 1], 0 0x12c60: mov byte ptr es:[bx + 2], dl 0x12c64: add bx, 3 0x12c67: add dx, ax 0x12c69: cmp dx, 0x3f |
| 2018-12-25T11:40:25.128955648Z | 82 | PC: 12d15 | Get DOS internal pointers (SYSVARS) |
| 2018-12-25T11:40:25.130015952Z | 82 | PC: 12d64 | Get DOS internal pointers (SYSVARS) |
{"DateBased":true,"Day":27,"Month":5,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":289,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:40:24.964481388Z | 42 | PC: 12c37 | Get date 0x12c37: cmp dx, 0x51b 0x12c3b: je 0x12c40 0x12c3d: jmp 0x12d11 0x12c40: mov ax, 0x13 0x12c43: int 0x10 0x12c45: cli 0x12c46: mov ax, cs 0x12c48: sub ax, 0x60 0x12c4b: push ax 0x12c4c: pop es 0x12c4d: xor bx, bx 0x12c4f: mov ax, 1 0x12c52: xor dx, dx 0x12c54: mov cx, 0x100 0x12c57: mov byte ptr es:[bx], 0 0x12c5b: mov byte ptr es:[bx + 1], 0 0x12c60: mov byte ptr es:[bx + 2], dl 0x12c64: add bx, 3 0x12c67: add dx, ax 0x12c69: cmp dx, 0x3f |
| 2018-12-25T11:40:24.975852642Z | 9 | PC: 12c8e | Display string (String= '�?��>��=��<��;��:��9��8��7��6��5��4��3��2��1��0��/��.��-��,��+��*��)��(��'��&��%��') |