{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":3553,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:49:29.773971306Z | 250 | PC: 12a50 | UNKNOWN! |
| 2018-12-25T11:49:29.775048761Z | 42 | PC: 12a69 | Get date 0x12a69: cmp dl, 3 0x12a6c: jne 0x12a74 0x12a6e: mov byte ptr cs:[bp + 0x339], 1 0x12a74: mov ax, ds 0x12a76: dec ax 0x12a77: mov ds, ax 0x12a79: cmp byte ptr [0], 0x5a 0x12a7e: jne 0x12abd 0x12a80: sub word ptr [3], 0x180 0x12a86: sub word ptr [0x12], 0x180 0x12a8c: mov es, word ptr [0x12] 0x12a90: push cs 0x12a91: pop ds 0x12a92: mov si, bp 0x12a94: mov cx, 0x52a 0x12a97: xor di, di 0x12a99: rep movsd dword ptr es:[di], dword ptr [si] 0x12a9b: xor ax, ax 0x12a9d: mov ds, ax 0x12a9f: push ds |
{"DateBased":true,"Day":3,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":3553,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:49:29.787985266Z | 250 | PC: 12a50 | UNKNOWN! |
| 2018-12-25T11:49:29.789527438Z | 42 | PC: 12a69 | Get date 0x12a69: cmp dl, 3 0x12a6c: jne 0x12a74 0x12a6e: mov byte ptr cs:[bp + 0x339], 1 0x12a74: mov ax, ds 0x12a76: dec ax 0x12a77: mov ds, ax 0x12a79: cmp byte ptr [0], 0x5a 0x12a7e: jne 0x12abd 0x12a80: sub word ptr [3], 0x180 0x12a86: sub word ptr [0x12], 0x180 0x12a8c: mov es, word ptr [0x12] 0x12a90: push cs 0x12a91: pop ds 0x12a92: mov si, bp 0x12a94: mov cx, 0x52a 0x12a97: xor di, di 0x12a99: rep movsd dword ptr es:[di], dword ptr [si] 0x12a9b: xor ax, ax 0x12a9d: mov ds, ax 0x12a9f: push ds |