{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":454,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:40:55.477789318Z | 53 | PC: 12a5e | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T11:40:55.4797891Z | 74 | PC: 12aa1 | Reallocate memory |
| 2018-12-25T11:40:55.481289814Z | 74 | PC: 12aa9 | Reallocate memory |
| 2018-12-25T11:40:55.48270253Z | 72 | PC: 12ab0 | Allocate memory |
| 2018-12-25T11:40:55.48534847Z | 42 | PC: 12ae2 | Get date 0x12ae2: cmp dx, 0x307 0x12ae6: jne 0x12af4 0x12ae8: lea dx, word ptr [bp + 0x120] 0x12aec: mov ah, 9 0x12aee: push cs 0x12aef: pop ds 0x12af0: int 0x21 0x12af2: jmp 0x12af2 0x12af4: mov ax, 0x4b00 0x12af7: int 0x21 0x12af9: pop es 0x12afa: pop cx 0x12afb: pop bx 0x12afc: cmp byte ptr [bp + 0x624], 0 0x12b01: jne 0x12b06 0x12b03: jmp 0x12a67 0x12b06: mov ax, es 0x12b08: mov ds, ax 0x12b0a: add ax, 0x10 0x12b0d: add word ptr cs:[bp + 0xed], ax |
| 2018-12-25T11:40:55.487482773Z | 44 | PC: 9f96b | Get time 0x9f96b: cmp dl, 0 0x9f96e: je 0x9f967 0x9f970: mov byte ptr cs:[0x956], dl 0x9f975: pop dx 0x9f976: call 0x9fb53 0x9f979: call 0x9faea 0x9f97c: jae 0x9f981 0x9f97e: jmp 0x9fad6 0x9f981: mov ax, 0x4300 0x9f984: int 0x21 0x9f986: mov word ptr cs:[0x600], cx 0x9f98b: jae 0x9f990 0x9f98d: jmp 0x9fad6 0x9f990: mov ax, 0x4301 0x9f993: xor cx, cx 0x9f995: int 0x21 0x9f997: jae 0x9f99c 0x9f999: jmp 0x9fad6 0x9f99c: mov ax, 0x3d02 0x9f99f: int 0x21 |
| 2018-12-25T11:40:55.489482028Z | 53 | PC: 9fb5e | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T11:40:55.490944683Z | 37 | PC: 9fb75 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T11:40:55.492137687Z | 37 | PC: 9fb86 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T11:40:55.493383749Z | 67 | PC: 9f986 | Get or set file attributes |
| 2018-12-25T11:40:55.499596329Z | 37 | PC: 9fba2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T11:40:55.500965651Z | 37 | PC: 9fbac | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T11:40:55.502070472Z | 75 | PC: 12af9 | Execute program |
{"DateBased":true,"Day":7,"Month":3,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":454,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:40:55.564853944Z | 53 | PC: 12a5e | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T11:40:55.567220419Z | 74 | PC: 12aa1 | Reallocate memory |
| 2018-12-25T11:40:55.56885411Z | 74 | PC: 12aa9 | Reallocate memory |
| 2018-12-25T11:40:55.570217348Z | 72 | PC: 12ab0 | Allocate memory |
| 2018-12-25T11:40:55.572674801Z | 42 | PC: 12ae2 | Get date 0x12ae2: cmp dx, 0x307 0x12ae6: jne 0x12af4 0x12ae8: lea dx, word ptr [bp + 0x120] 0x12aec: mov ah, 9 0x12aee: push cs 0x12aef: pop ds 0x12af0: int 0x21 0x12af2: jmp 0x12af2 0x12af4: mov ax, 0x4b00 0x12af7: int 0x21 0x12af9: pop es 0x12afa: pop cx 0x12afb: pop bx 0x12afc: cmp byte ptr [bp + 0x624], 0 0x12b01: jne 0x12b06 0x12b03: jmp 0x12a67 0x12b06: mov ax, es 0x12b08: mov ds, ax 0x12b0a: add ax, 0x10 0x12b0d: add word ptr cs:[bp + 0xed], ax |
| 2018-12-25T11:40:55.574947723Z | 9 | PC: 12af2 | Display string (Could not find end pointer) |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":454,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:40:55.702243938Z | 53 | PC: 12a5e | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T11:40:55.70421293Z | 74 | PC: 12aa1 | Reallocate memory |
| 2018-12-25T11:40:55.705966289Z | 74 | PC: 12aa9 | Reallocate memory |
| 2018-12-25T11:40:55.707533279Z | 72 | PC: 12ab0 | Allocate memory |
| 2018-12-25T11:40:55.709752399Z | 42 | PC: 12ae2 | Get date 0x12ae2: cmp dx, 0x307 0x12ae6: jne 0x12af4 0x12ae8: lea dx, word ptr [bp + 0x120] 0x12aec: mov ah, 9 0x12aee: push cs 0x12aef: pop ds 0x12af0: int 0x21 0x12af2: jmp 0x12af2 0x12af4: mov ax, 0x4b00 0x12af7: int 0x21 0x12af9: pop es 0x12afa: pop cx 0x12afb: pop bx 0x12afc: cmp byte ptr [bp + 0x624], 0 0x12b01: jne 0x12b06 0x12b03: jmp 0x12a67 0x12b06: mov ax, es 0x12b08: mov ds, ax 0x12b0a: add ax, 0x10 0x12b0d: add word ptr cs:[bp + 0xed], ax |
| 2018-12-25T11:40:55.712163056Z | 44 | PC: 9f96b | Get time 0x9f96b: cmp dl, 0 0x9f96e: je 0x9f967 0x9f970: mov byte ptr cs:[0x956], dl 0x9f975: pop dx 0x9f976: call 0x9fb53 0x9f979: call 0x9faea 0x9f97c: jae 0x9f981 0x9f97e: jmp 0x9fad6 0x9f981: mov ax, 0x4300 0x9f984: int 0x21 0x9f986: mov word ptr cs:[0x600], cx 0x9f98b: jae 0x9f990 0x9f98d: jmp 0x9fad6 0x9f990: mov ax, 0x4301 0x9f993: xor cx, cx 0x9f995: int 0x21 0x9f997: jae 0x9f99c 0x9f999: jmp 0x9fad6 0x9f99c: mov ax, 0x3d02 0x9f99f: int 0x21 |
| 2018-12-25T11:40:55.714756392Z | 53 | PC: 9fb5e | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T11:40:55.716697137Z | 37 | PC: 9fb75 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T11:40:55.718972973Z | 37 | PC: 9fb86 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T11:40:55.720779183Z | 67 | PC: 9f986 | Get or set file attributes |
| 2018-12-25T11:40:55.727501131Z | 37 | PC: 9fba2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T11:40:55.730006275Z | 37 | PC: 9fbac | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T11:40:55.731209609Z | 75 | PC: 12af9 | Execute program |
{"DateBased":true,"Day":7,"Month":3,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":454,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:40:55.859011664Z | 53 | PC: 12a5e | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T11:40:55.860802487Z | 74 | PC: 12aa1 | Reallocate memory |
| 2018-12-25T11:40:55.862525164Z | 74 | PC: 12aa9 | Reallocate memory |
| 2018-12-25T11:40:55.863807508Z | 72 | PC: 12ab0 | Allocate memory |
| 2018-12-25T11:40:55.865391698Z | 42 | PC: 12ae2 | Get date 0x12ae2: cmp dx, 0x307 0x12ae6: jne 0x12af4 0x12ae8: lea dx, word ptr [bp + 0x120] 0x12aec: mov ah, 9 0x12aee: push cs 0x12aef: pop ds 0x12af0: int 0x21 0x12af2: jmp 0x12af2 0x12af4: mov ax, 0x4b00 0x12af7: int 0x21 0x12af9: pop es 0x12afa: pop cx 0x12afb: pop bx 0x12afc: cmp byte ptr [bp + 0x624], 0 0x12b01: jne 0x12b06 0x12b03: jmp 0x12a67 0x12b06: mov ax, es 0x12b08: mov ds, ax 0x12b0a: add ax, 0x10 0x12b0d: add word ptr cs:[bp + 0xed], ax |
| 2018-12-25T11:40:55.867910899Z | 9 | PC: 12af2 | Display string (Could not find end pointer) |