{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4543,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:52:07.541641053Z | 48 | PC: 12e26 | Get DOS version |
| 2018-12-25T11:52:07.543262745Z | 38 | PC: 12e6e | Create PSP |
| 2018-12-25T11:52:07.544815685Z | 42 | PC: 12eb6 | Get date 0x12eb6: cmp dl, 5 0x12eb9: jne 0x12ec1 0x12ebb: mov byte ptr [0x5e7], 0xff 0x12ec0: nop 0x12ec1: xor ax, ax 0x12ec3: mov es, ax 0x12ec5: mov dx, word ptr es:[0x84] 0x12eca: mov word ptr [0x5df], dx 0x12ece: mov dx, word ptr es:[0x86] 0x12ed3: mov word ptr [0x5e1], dx 0x12ed7: mov dx, 0x356 0x12eda: cli 0x12edb: mov word ptr es:[0x84], dx 0x12ee0: mov word ptr es:[0x86], ds 0x12ee5: cmp byte ptr [0x5e7], 0xff 0x12eea: jne 0x12f0b 0x12eec: mov dx, word ptr es:[0x24] 0x12ef1: mov word ptr [0x594], dx 0x12ef5: mov dx, word ptr es:[0x26] 0x12efa: mov word ptr [0x596], dx |
{"DateBased":true,"Day":5,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4543,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:52:07.696302426Z | 48 | PC: 12e26 | Get DOS version |
| 2018-12-25T11:52:07.698383265Z | 38 | PC: 12e6e | Create PSP |
| 2018-12-25T11:52:07.700109368Z | 42 | PC: 12eb6 | Get date 0x12eb6: cmp dl, 5 0x12eb9: jne 0x12ec1 0x12ebb: mov byte ptr [0x5e7], 0xff 0x12ec0: nop 0x12ec1: xor ax, ax 0x12ec3: mov es, ax 0x12ec5: mov dx, word ptr es:[0x84] 0x12eca: mov word ptr [0x5df], dx 0x12ece: mov dx, word ptr es:[0x86] 0x12ed3: mov word ptr [0x5e1], dx 0x12ed7: mov dx, 0x356 0x12eda: cli 0x12edb: mov word ptr es:[0x84], dx 0x12ee0: mov word ptr es:[0x86], ds 0x12ee5: cmp byte ptr [0x5e7], 0xff 0x12eea: jne 0x12f0b 0x12eec: mov dx, word ptr es:[0x24] 0x12ef1: mov word ptr [0x594], dx 0x12ef5: mov dx, word ptr es:[0x26] 0x12efa: mov word ptr [0x596], dx |