{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":3507,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:49:20.618224257Z | 44 | PC: 12b2e | Get time 0x12b2e: cmp dh, 0xd 0x12b31: jne 0x12b38 0x12b33: mov byte ptr [bp + 0x1d7], 0xd 0x12b38: mov ax, 0xffff 0x12b3b: int 0x21 0x12b3d: cmp ax, 0 0x12b40: je 0x12b1c 0x12b42: mov ax, 0xfa01 0x12b45: mov dx, 0x5945 0x12b48: int 0x16 0x12b4a: push es 0x12b4b: mov ax, 0x3524 0x12b4e: int 0x21 0x12b50: mov word ptr cs:[bp + 0x1d8], bx 0x12b55: mov word ptr cs:[bp + 0x1da], es 0x12b5a: pop es 0x12b5b: inc word ptr [bp + 0x1d0] 0x12b5f: xor ax, ax 0x12b61: mov ds, ax 0x12b63: dec word ptr [0x413] |
| 2018-12-25T11:49:20.621517245Z | 255 | PC: 12b3d | UNKNOWN! |
| 2018-12-25T11:49:20.622981839Z | 53 | PC: 12b50 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":13,"TimeBased":true,"OriginalID":3507,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:49:21.302042448Z | 44 | PC: 12b2e | Get time 0x12b2e: cmp dh, 0xd 0x12b31: jne 0x12b38 0x12b33: mov byte ptr [bp + 0x1d7], 0xd 0x12b38: mov ax, 0xffff 0x12b3b: int 0x21 0x12b3d: cmp ax, 0 0x12b40: je 0x12b1c 0x12b42: mov ax, 0xfa01 0x12b45: mov dx, 0x5945 0x12b48: int 0x16 0x12b4a: push es 0x12b4b: mov ax, 0x3524 0x12b4e: int 0x21 0x12b50: mov word ptr cs:[bp + 0x1d8], bx 0x12b55: mov word ptr cs:[bp + 0x1da], es 0x12b5a: pop es 0x12b5b: inc word ptr [bp + 0x1d0] 0x12b5f: xor ax, ax 0x12b61: mov ds, ax 0x12b63: dec word ptr [0x413] |
| 2018-12-25T11:49:21.305478226Z | 255 | PC: 12b3d | UNKNOWN! |
| 2018-12-25T11:49:21.307065779Z | 53 | PC: 12b50 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":3507,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:49:22.943449177Z | 44 | PC: 12b2e | Get time 0x12b2e: cmp dh, 0xd 0x12b31: jne 0x12b38 0x12b33: mov byte ptr [bp + 0x1d7], 0xd 0x12b38: mov ax, 0xffff 0x12b3b: int 0x21 0x12b3d: cmp ax, 0 0x12b40: je 0x12b1c 0x12b42: mov ax, 0xfa01 0x12b45: mov dx, 0x5945 0x12b48: int 0x16 0x12b4a: push es 0x12b4b: mov ax, 0x3524 0x12b4e: int 0x21 0x12b50: mov word ptr cs:[bp + 0x1d8], bx 0x12b55: mov word ptr cs:[bp + 0x1da], es 0x12b5a: pop es 0x12b5b: inc word ptr [bp + 0x1d0] 0x12b5f: xor ax, ax 0x12b61: mov ds, ax 0x12b63: dec word ptr [0x413] |
| 2018-12-25T11:49:22.946644765Z | 255 | PC: 12b3d | UNKNOWN! |
| 2018-12-25T11:49:22.947727951Z | 53 | PC: 12b50 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":13,"TimeBased":true,"OriginalID":3507,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:49:23.258839449Z | 44 | PC: 12b2e | Get time 0x12b2e: cmp dh, 0xd 0x12b31: jne 0x12b38 0x12b33: mov byte ptr [bp + 0x1d7], 0xd 0x12b38: mov ax, 0xffff 0x12b3b: int 0x21 0x12b3d: cmp ax, 0 0x12b40: je 0x12b1c 0x12b42: mov ax, 0xfa01 0x12b45: mov dx, 0x5945 0x12b48: int 0x16 0x12b4a: push es 0x12b4b: mov ax, 0x3524 0x12b4e: int 0x21 0x12b50: mov word ptr cs:[bp + 0x1d8], bx 0x12b55: mov word ptr cs:[bp + 0x1da], es 0x12b5a: pop es 0x12b5b: inc word ptr [bp + 0x1d0] 0x12b5f: xor ax, ax 0x12b61: mov ds, ax 0x12b63: dec word ptr [0x413] |
| 2018-12-25T11:49:23.262763813Z | 255 | PC: 12b3d | UNKNOWN! |
| 2018-12-25T11:49:23.263901005Z | 53 | PC: 12b50 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |