{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4515,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:51:55.39901976Z | 98 | PC: 17a47 | Get current PSP |
| 2018-12-25T11:51:55.400235084Z | 78 | PC: 1778f | Find first file |
| 2018-12-25T11:51:55.403882401Z | 47 | PC: 17771 | Get disk transfer address |
| 2018-12-25T11:51:55.404649804Z | 47 | PC: 177a7 | Get disk transfer address |
| 2018-12-25T11:51:55.40594459Z | 61 | PC: 1788d | Open file (Filename = 'TEST.EXE') |
| 2018-12-25T11:51:55.40981334Z | 66 | PC: 17884 | Move file pointer |
| 2018-12-25T11:51:55.410724364Z | 66 | PC: 17879 | Move file pointer |
| 2018-12-25T11:51:55.412126385Z | 63 | PC: 178cb | Read file or device (Read 24 bytes on handle 5) |
| 2018-12-25T11:51:55.414814875Z | 66 | PC: 17884 | Move file pointer (See above) |
| 2018-12-25T11:51:55.416702326Z | 64 | PC: 17915 | Write file or device (Write 11 bytes on handle 5) |
| 2018-12-25T11:51:55.420375313Z | 66 | PC: 17884 | Move file pointer (See above) |
| 2018-12-25T11:51:55.421828619Z | 64 | PC: 1795f | Write file or device (Write 1461 bytes on handle 5) |
| 2018-12-25T11:51:55.436403514Z | 66 | PC: 17884 | Move file pointer (See above) |
| 2018-12-25T11:51:55.438373521Z | 66 | PC: 17879 | Move file pointer (See above) |
| 2018-12-25T11:51:55.439785396Z | 64 | PC: 179af | Write file or device (Write 24 bytes on handle 5) |
| 2018-12-25T11:51:55.442465607Z | 62 | PC: 179b9 | Close file |
| 2018-12-25T11:51:55.45092318Z | 67 | PC: 179c6 | Get or set file attributes |
| 2018-12-25T11:51:55.461180831Z | 42 | PC: 17b74 | Get date 0x17b74: cmp dh, 0xa 0x17b77: jb 0x17b83 0x17b79: cmp dl, 7 0x17b7c: jb 0x17b83 0x17b7e: pop dx 0x17b7f: pop cx 0x17b80: pop ax 0x17b81: clc 0x17b82: ret 0x17b83: pop dx 0x17b84: pop cx 0x17b85: pop ax 0x17b86: stc 0x17b87: ret 0x17b88: mov al, 3 0x17b8a: mov cx, 1 0x17b8d: mov bx, 1 0x17b90: int 0x26 0x17b92: ret 0x17b93: add byte ptr [bx + si], al |
| 2018-12-25T11:51:55.463430899Z | 98 | PC: 17b5d | Get current PSP |
| 2018-12-25T11:51:55.464805049Z | 9 | PC: 1765a | Display string (Could not find end pointer) |
| 2018-12-25T11:51:55.470607082Z | 76 | PC: 17660 | Terminate with return code (Return code = '0') |
{"DateBased":true,"Day":1,"Month":10,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4515,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:51:55.469692293Z | 98 | PC: 17a47 | Get current PSP |
| 2018-12-25T11:51:55.471519003Z | 78 | PC: 1778f | Find first file |
| 2018-12-25T11:51:55.478283487Z | 47 | PC: 17771 | Get disk transfer address |
| 2018-12-25T11:51:55.479457455Z | 47 | PC: 177a7 | Get disk transfer address |
| 2018-12-25T11:51:55.481893019Z | 61 | PC: 1788d | Open file (Filename = 'TEST.EXE') |
| 2018-12-25T11:51:55.489394585Z | 66 | PC: 17884 | Move file pointer |
| 2018-12-25T11:51:55.491334516Z | 66 | PC: 17879 | Move file pointer |
| 2018-12-25T11:51:55.493933802Z | 63 | PC: 178cb | Read file or device (Read 24 bytes on handle 5) |
| 2018-12-25T11:51:55.496924825Z | 66 | PC: 17884 | Move file pointer (See above) |
| 2018-12-25T11:51:55.498433945Z | 64 | PC: 17915 | Write file or device (Write 11 bytes on handle 5) |
| 2018-12-25T11:51:55.502050856Z | 66 | PC: 17884 | Move file pointer (See above) |
| 2018-12-25T11:51:55.50374689Z | 64 | PC: 1795f | Write file or device (Write 1461 bytes on handle 5) |
| 2018-12-25T11:51:55.655326572Z | 66 | PC: 17884 | Move file pointer (See above) |
| 2018-12-25T11:51:55.657338756Z | 66 | PC: 17879 | Move file pointer (See above) |
| 2018-12-25T11:51:55.663840673Z | 64 | PC: 179af | Write file or device (Write 24 bytes on handle 5) |
| 2018-12-25T11:51:55.666527982Z | 62 | PC: 179b9 | Close file |
| 2018-12-25T11:51:55.675050075Z | 67 | PC: 179c6 | Get or set file attributes |
| 2018-12-25T11:51:55.685821507Z | 42 | PC: 17b74 | Get date 0x17b74: cmp dh, 0xa 0x17b77: jb 0x17b83 0x17b79: cmp dl, 7 0x17b7c: jb 0x17b83 0x17b7e: pop dx 0x17b7f: pop cx 0x17b80: pop ax 0x17b81: clc 0x17b82: ret 0x17b83: pop dx 0x17b84: pop cx 0x17b85: pop ax 0x17b86: stc 0x17b87: ret 0x17b88: mov al, 3 0x17b8a: mov cx, 1 0x17b8d: mov bx, 1 0x17b90: int 0x26 0x17b92: ret 0x17b93: add byte ptr [bx + si], al |
| 2018-12-25T11:51:55.68777357Z | 98 | PC: 17b5d | Get current PSP |
| 2018-12-25T11:51:55.688729391Z | 9 | PC: 1765a | Display string (Could not find end pointer) |
| 2018-12-25T11:51:55.694103909Z | 76 | PC: 17660 | Terminate with return code (Return code = '0') |
{"DateBased":true,"Day":7,"Month":10,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4515,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:51:55.549617915Z | 98 | PC: 17a47 | Get current PSP |
| 2018-12-25T11:51:55.559649328Z | 78 | PC: 1778f | Find first file |
| 2018-12-25T11:51:55.566076004Z | 47 | PC: 17771 | Get disk transfer address |
| 2018-12-25T11:51:55.567302972Z | 47 | PC: 177a7 | Get disk transfer address |
| 2018-12-25T11:51:55.569398838Z | 61 | PC: 1788d | Open file (Filename = 'TEST.EXE') |
| 2018-12-25T11:51:55.576694332Z | 66 | PC: 17884 | Move file pointer |
| 2018-12-25T11:51:55.578254664Z | 66 | PC: 17879 | Move file pointer |
| 2018-12-25T11:51:55.579934991Z | 63 | PC: 178cb | Read file or device (Read 24 bytes on handle 5) |
| 2018-12-25T11:51:55.58340495Z | 66 | PC: 17884 | Move file pointer (See above) |
| 2018-12-25T11:51:55.58483481Z | 64 | PC: 17915 | Write file or device (Write 11 bytes on handle 5) |
| 2018-12-25T11:51:55.588366647Z | 66 | PC: 17884 | Move file pointer (See above) |
| 2018-12-25T11:51:55.590700637Z | 64 | PC: 1795f | Write file or device (Write 1461 bytes on handle 5) |
| 2018-12-25T11:51:55.655434987Z | 66 | PC: 17884 | Move file pointer (See above) |
| 2018-12-25T11:51:55.657461442Z | 66 | PC: 17879 | Move file pointer (See above) |
| 2018-12-25T11:51:55.668585702Z | 64 | PC: 179af | Write file or device (Write 24 bytes on handle 5) |
| 2018-12-25T11:51:55.671605872Z | 62 | PC: 179b9 | Close file |
| 2018-12-25T11:51:55.680562205Z | 67 | PC: 179c6 | Get or set file attributes |
| 2018-12-25T11:51:55.69208273Z | 42 | PC: 17b74 | Get date 0x17b74: cmp dh, 0xa 0x17b77: jb 0x17b83 0x17b79: cmp dl, 7 0x17b7c: jb 0x17b83 0x17b7e: pop dx 0x17b7f: pop cx 0x17b80: pop ax 0x17b81: clc 0x17b82: ret 0x17b83: pop dx 0x17b84: pop cx 0x17b85: pop ax 0x17b86: stc 0x17b87: ret 0x17b88: mov al, 3 0x17b8a: mov cx, 1 0x17b8d: mov bx, 1 0x17b90: int 0x26 0x17b92: ret 0x17b93: add byte ptr [bx + si], al |
| 2018-12-25T11:51:55.695067704Z | 98 | PC: 17b5d | Get current PSP |
| 2018-12-25T11:51:55.695813967Z | 9 | PC: 1765a | Display string (Could not find end pointer) |
| 2018-12-25T11:51:55.706346019Z | 76 | PC: 17660 | Terminate with return code (Return code = '0') |