{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":3012,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:47:58.643391874Z | 74 | PC: 12c3a | Reallocate memory |
| 2018-12-25T11:47:58.645416781Z | 250 | PC: 12c44 | UNKNOWN! |
| 2018-12-25T11:47:58.646373217Z | 72 | PC: 12c67 | Allocate memory |
| 2018-12-25T11:47:58.647904184Z | 47 | PC: 12ca9 | Get disk transfer address |
| 2018-12-25T11:47:58.648995671Z | 72 | PC: 12cb4 | Allocate memory |
| 2018-12-25T11:47:58.651061416Z | 26 | PC: 12cbc | Set disk transfer address |
| 2018-12-25T11:47:58.652269249Z | 78 | PC: 12cdb | Find first file |
| 2018-12-25T11:47:58.658753224Z | 78 | PC: 12d2b | Find first file |
| 2018-12-25T11:47:58.665413026Z | 47 | PC: 12d5b | Get disk transfer address |
| 2018-12-25T11:47:58.666473868Z | 73 | PC: 12d5f | Release memory |
| 2018-12-25T11:47:58.667702815Z | 26 | PC: 12d67 | Set disk transfer address |
| 2018-12-25T11:47:58.669160191Z | 42 | PC: 12c7f | Get date 0x12c7f: cmp dx, 0x910 0x12c83: jne 0x12c88 0x12c85: call 0x12e9b 0x12c88: mov ah, 0x49 0x12c8a: int 0x21 0x12c8c: popaw 0x12c8d: pop es 0x12c8e: pop ds 0x12c8f: mov ah, 0x5b 0x12c91: dec dx 0x12c92: int 0x21 0x12c94: jae 0x12c9a 0x12c96: mov ah, 0x4a 0x12c98: int 0x21 0x12c9a: retf 0x12c9b: mov ah, 0x4c 0x12c9d: int 0x21 0x12c9f: cld 0x12ca0: mov al, 0x5c 0x12ca2: stosb byte ptr es:[di], al |
| 2018-12-25T11:47:58.671386608Z | 73 | PC: 12c8c | Release memory |
| 2018-12-25T11:47:58.67329376Z | 91 | PC: 12c94 | Create new file |
| 2018-12-25T11:47:58.676285371Z | 74 | PC: 12c9a | Reallocate memory |
{"DateBased":true,"Day":16,"Month":9,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":3012,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:47:58.831675921Z | 74 | PC: 12c3a | Reallocate memory |
| 2018-12-25T11:47:58.833107987Z | 250 | PC: 12c44 | UNKNOWN! |
| 2018-12-25T11:47:58.834973648Z | 72 | PC: 12c67 | Allocate memory |
| 2018-12-25T11:47:58.836878239Z | 47 | PC: 12ca9 | Get disk transfer address |
| 2018-12-25T11:47:58.838044851Z | 72 | PC: 12cb4 | Allocate memory |
| 2018-12-25T11:47:58.840339383Z | 26 | PC: 12cbc | Set disk transfer address |
| 2018-12-25T11:47:58.841789661Z | 78 | PC: 12cdb | Find first file |
| 2018-12-25T11:47:58.848254726Z | 78 | PC: 12d2b | Find first file |
| 2018-12-25T11:47:58.852266122Z | 47 | PC: 12d5b | Get disk transfer address |
| 2018-12-25T11:47:58.853309572Z | 73 | PC: 12d5f | Release memory |
| 2018-12-25T11:47:58.85471759Z | 26 | PC: 12d67 | Set disk transfer address |
| 2018-12-25T11:47:58.855932357Z | 42 | PC: 12c7f | Get date 0x12c7f: cmp dx, 0x910 0x12c83: jne 0x12c88 0x12c85: call 0x12e9b 0x12c88: mov ah, 0x49 0x12c8a: int 0x21 0x12c8c: popaw 0x12c8d: pop es 0x12c8e: pop ds 0x12c8f: mov ah, 0x5b 0x12c91: dec dx 0x12c92: int 0x21 0x12c94: jae 0x12c9a 0x12c96: mov ah, 0x4a 0x12c98: int 0x21 0x12c9a: retf 0x12c9b: mov ah, 0x4c 0x12c9d: int 0x21 0x12c9f: cld 0x12ca0: mov al, 0x5c 0x12ca2: stosb byte ptr es:[di], al |
| 2018-12-25T11:47:58.859158725Z | 0 | PC: 13383 | Program terminate |
| 2018-12-25T11:47:58.860914982Z | 56 | PC: 9ac88 | Get or set country info |