{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":6170,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:58:41.504849951Z | 26 | PC: 12b54 | Set disk transfer address |
| 2018-12-25T11:58:41.50730896Z | 42 | PC: 12b74 | Get date 0x12b74: cmp dl, 0x12 0x12b77: jne 0x12b7c 0x12b79: jmp 0x12d6c 0x12b7c: mov bh, 1 0x12b7e: push bx 0x12b7f: mov ah, 0x19 0x12b81: int 0x21 0x12b83: push cs 0x12b84: pop ds 0x12b85: mov si, 0x37b 0x12b88: mov byte ptr [si], al 0x12b8a: mov ah, 0xe 0x12b8c: mov dl, 2 0x12b8e: int 0x21 0x12b90: push cs 0x12b91: pop ds 0x12b92: xor dx, dx 0x12b94: mov si, 0xfac8 0x12b97: mov ah, 0x47 0x12b99: int 0x21 |
| 2018-12-25T11:58:41.510042964Z | 25 | PC: 12b83 | Get default drive |
| 2018-12-25T11:58:41.511507339Z | 14 | PC: 12b90 | Set default drive (Drive = 'C') |
| 2018-12-25T11:58:41.513200336Z | 71 | PC: 12b9b | Get current directory |
| 2018-12-25T11:58:41.516847309Z | 59 | PC: 12ba2 | Change current directory |
| 2018-12-25T11:58:41.521057452Z | 67 | PC: 12be9 | Get or set file attributes |
| 2018-12-25T11:58:41.525650654Z | 59 | PC: 12bb5 | Change current directory |
| 2018-12-25T11:58:41.530673784Z | 59 | PC: 12bbc | Change current directory |
| 2018-12-25T11:58:41.532550084Z | 14 | PC: 12bc7 | Set default drive (Drive = 'A') |
| 2018-12-25T11:58:41.533956011Z | 67 | PC: 12be9 | Get or set file attributes (See above) |
| 2018-12-25T11:58:41.539493229Z | 78 | PC: 12bd6 | Find first file |
| 2018-12-25T11:58:41.544188945Z | 67 | PC: 12be9 | Get or set file attributes (See above) |
{"DateBased":true,"Day":18,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":6170,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:58:41.590527508Z | 26 | PC: 12b54 | Set disk transfer address |
| 2018-12-25T11:58:41.592159712Z | 42 | PC: 12b74 | Get date 0x12b74: cmp dl, 0x12 0x12b77: jne 0x12b7c 0x12b79: jmp 0x12d6c 0x12b7c: mov bh, 1 0x12b7e: push bx 0x12b7f: mov ah, 0x19 0x12b81: int 0x21 0x12b83: push cs 0x12b84: pop ds 0x12b85: mov si, 0x37b 0x12b88: mov byte ptr [si], al 0x12b8a: mov ah, 0xe 0x12b8c: mov dl, 2 0x12b8e: int 0x21 0x12b90: push cs 0x12b91: pop ds 0x12b92: xor dx, dx 0x12b94: mov si, 0xfac8 0x12b97: mov ah, 0x47 0x12b99: int 0x21 |
| 2018-12-25T11:58:41.601908133Z | 25 | PC: 12b83 | Get default drive |
| 2018-12-25T11:58:41.603027488Z | 14 | PC: 12b90 | Set default drive (Drive = 'C') |
| 2018-12-25T11:58:41.60447557Z | 71 | PC: 12b9b | Get current directory |
| 2018-12-25T11:58:41.607579699Z | 59 | PC: 12ba2 | Change current directory |
| 2018-12-25T11:58:41.612107662Z | 67 | PC: 12be9 | Get or set file attributes |
| 2018-12-25T11:58:41.616021407Z | 59 | PC: 12bb5 | Change current directory |
| 2018-12-25T11:58:41.620908875Z | 59 | PC: 12bbc | Change current directory |
| 2018-12-25T11:58:41.625777994Z | 14 | PC: 12bc7 | Set default drive (Drive = 'A') |
| 2018-12-25T11:58:41.627236853Z | 67 | PC: 12be9 | Get or set file attributes (See above) |
| 2018-12-25T11:58:41.632099463Z | 78 | PC: 12bd6 | Find first file |
| 2018-12-25T11:58:41.636548116Z | 67 | PC: 12be9 | Get or set file attributes (See above) |