{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":3621,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:49:44.906528403Z | 250 | PC: 12a79 | UNKNOWN! |
| 2018-12-25T11:49:44.907882639Z | 42 | PC: 12a92 | Get date 0x12a92: cmp dl, 2 0x12a95: jne 0x12a9d 0x12a97: mov byte ptr cs:[bp + 0x2b0], 1 0x12a9d: mov ax, ds 0x12a9f: dec ax 0x12aa0: mov ds, ax 0x12aa2: cmp byte ptr [0], 0x5a 0x12aa7: jne 0x12ae6 0x12aa9: sub word ptr [3], 0x180 0x12aaf: sub word ptr [0x12], 0x180 0x12ab5: mov es, word ptr [0x12] 0x12ab9: push cs 0x12aba: pop ds 0x12abb: mov si, bp 0x12abd: mov cx, 0x53c 0x12ac0: xor di, di 0x12ac2: rep movsd dword ptr es:[di], dword ptr [si] 0x12ac4: xor ax, ax 0x12ac6: mov ds, ax 0x12ac8: push ds |
{"DateBased":true,"Day":2,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":3621,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:49:45.197564957Z | 250 | PC: 12a79 | UNKNOWN! |
| 2018-12-25T11:49:45.19888469Z | 42 | PC: 12a92 | Get date 0x12a92: cmp dl, 2 0x12a95: jne 0x12a9d 0x12a97: mov byte ptr cs:[bp + 0x2b0], 1 0x12a9d: mov ax, ds 0x12a9f: dec ax 0x12aa0: mov ds, ax 0x12aa2: cmp byte ptr [0], 0x5a 0x12aa7: jne 0x12ae6 0x12aa9: sub word ptr [3], 0x180 0x12aaf: sub word ptr [0x12], 0x180 0x12ab5: mov es, word ptr [0x12] 0x12ab9: push cs 0x12aba: pop ds 0x12abb: mov si, bp 0x12abd: mov cx, 0x53c 0x12ac0: xor di, di 0x12ac2: rep movsd dword ptr es:[di], dword ptr [si] 0x12ac4: xor ax, ax 0x12ac6: mov ds, ax 0x12ac8: push ds |