{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":6913,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:00:34.066339091Z | 254 | PC: 17cd5 | UNKNOWN! |
| 2018-12-25T12:00:34.075925992Z | 73 | PC: 17ced | Release memory |
| 2018-12-25T12:00:34.077513081Z | 72 | PC: 17cf4 | Allocate memory |
| 2018-12-25T12:00:34.079462151Z | 74 | PC: 17cfc | Reallocate memory |
| 2018-12-25T12:00:34.081853437Z | 72 | PC: 17d03 | Allocate memory |
| 2018-12-25T12:00:34.083603625Z | 53 | PC: 17d3d | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:00:34.084675976Z | 37 | PC: 17d4e | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:00:34.086510405Z | 42 | PC: 17d56 | Get date 0x17d56: cmp dl, 1 0x17d59: jne 0x17d6b 0x17d5b: cmp dh, 1 0x17d5e: je 0x17d65 0x17d60: cmp dh, 6 0x17d63: jne 0x17d6b 0x17d65: call 0x1816a 0x17d68: cli 0x17d69: jmp 0x17d68 0x17d6b: pop si 0x17d6c: cmp byte ptr cs:[si + 0x7ff], 0x4f 0x17d72: je 0x17de3 0x17d74: cmp byte ptr cs:[si + 0x7ff], 0x43 0x17d7a: je 0x17db5 0x17d7c: mov ax, word ptr cs:[si + 0x7f4] 0x17d81: add ax, 0x10 0x17d84: add word ptr cs:[si + 0x373], ax 0x17d89: mov dx, ax 0x17d8b: add ax, word ptr cs:[si + 0x7ec] 0x17d90: cli |
{"DateBased":true,"Day":2,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":6913,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:00:34.715170979Z | 254 | PC: 17cd5 | UNKNOWN! |
| 2018-12-25T12:00:34.716917458Z | 73 | PC: 17ced | Release memory |
| 2018-12-25T12:00:34.719016444Z | 72 | PC: 17cf4 | Allocate memory |
| 2018-12-25T12:00:34.722678901Z | 74 | PC: 17cfc | Reallocate memory |
| 2018-12-25T12:00:34.725476909Z | 72 | PC: 17d03 | Allocate memory |
| 2018-12-25T12:00:34.727774405Z | 53 | PC: 17d3d | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:00:34.729423714Z | 37 | PC: 17d4e | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:00:34.731384606Z | 42 | PC: 17d56 | Get date 0x17d56: cmp dl, 1 0x17d59: jne 0x17d6b 0x17d5b: cmp dh, 1 0x17d5e: je 0x17d65 0x17d60: cmp dh, 6 0x17d63: jne 0x17d6b 0x17d65: call 0x1816a 0x17d68: cli 0x17d69: jmp 0x17d68 0x17d6b: pop si 0x17d6c: cmp byte ptr cs:[si + 0x7ff], 0x4f 0x17d72: je 0x17de3 0x17d74: cmp byte ptr cs:[si + 0x7ff], 0x43 0x17d7a: je 0x17db5 0x17d7c: mov ax, word ptr cs:[si + 0x7f4] 0x17d81: add ax, 0x10 0x17d84: add word ptr cs:[si + 0x373], ax 0x17d89: mov dx, ax 0x17d8b: add ax, word ptr cs:[si + 0x7ec] 0x17d90: cli |
| 2018-12-25T12:00:34.734589913Z | 9 | PC: 1641a | Display string (String= ' �������������������������������������������������ͻ � Dynamic Mouse driver (version 9.10) � � Copyright 1988-1992 KYE Systems Corp. � �������������������������������������������������ͼ ') |
| 2018-12-25T12:00:34.748411166Z | 37 | PC: 168ad | Set interrupt vector (Interrupt = '16' AKA 'Close file') |
| 2018-12-25T12:00:34.750155096Z | 37 | PC: 168cc | Set interrupt vector (Interrupt = '51' AKA 'Get or set Ctrl-Break') |
| 2018-12-25T12:00:34.756368129Z | 53 | PC: 1637e | Get interrupt vector (Interrupt = '16' AKA 'Close file') |
| 2018-12-25T12:00:34.758205233Z | 37 | PC: 16392 | Set interrupt vector (Interrupt = '16' AKA 'Close file') |
| 2018-12-25T12:00:34.760164618Z | 9 | PC: 16cf1 | Display string (String= 'Personal System II Mouse driver installed. ') |
| 2018-12-25T12:00:34.767271731Z | 49 | PC: 1699d | Terminate and stay resident (Return code = '0' | Memory size = '928') |
{"DateBased":true,"Day":1,"Month":2,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":6913,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:00:37.266110207Z | 254 | PC: 17cd5 | UNKNOWN! |
| 2018-12-25T12:00:37.267295833Z | 73 | PC: 17ced | Release memory |
| 2018-12-25T12:00:37.269137693Z | 72 | PC: 17cf4 | Allocate memory |
| 2018-12-25T12:00:37.270666747Z | 74 | PC: 17cfc | Reallocate memory |
| 2018-12-25T12:00:37.272569908Z | 72 | PC: 17d03 | Allocate memory |
| 2018-12-25T12:00:37.273959383Z | 53 | PC: 17d3d | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:00:37.274969065Z | 37 | PC: 17d4e | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:00:37.276452962Z | 42 | PC: 17d56 | Get date 0x17d56: cmp dl, 1 0x17d59: jne 0x17d6b 0x17d5b: cmp dh, 1 0x17d5e: je 0x17d65 0x17d60: cmp dh, 6 0x17d63: jne 0x17d6b 0x17d65: call 0x1816a 0x17d68: cli 0x17d69: jmp 0x17d68 0x17d6b: pop si 0x17d6c: cmp byte ptr cs:[si + 0x7ff], 0x4f 0x17d72: je 0x17de3 0x17d74: cmp byte ptr cs:[si + 0x7ff], 0x43 0x17d7a: je 0x17db5 0x17d7c: mov ax, word ptr cs:[si + 0x7f4] 0x17d81: add ax, 0x10 0x17d84: add word ptr cs:[si + 0x373], ax 0x17d89: mov dx, ax 0x17d8b: add ax, word ptr cs:[si + 0x7ec] 0x17d90: cli |
| 2018-12-25T12:00:37.278785871Z | 9 | PC: 1641a | Display string (String= ' �������������������������������������������������ͻ � Dynamic Mouse driver (version 9.10) � � Copyright 1988-1992 KYE Systems Corp. � �������������������������������������������������ͼ ') |
| 2018-12-25T12:00:37.290553678Z | 37 | PC: 168ad | Set interrupt vector (Interrupt = '16' AKA 'Close file') |
| 2018-12-25T12:00:37.292061854Z | 37 | PC: 168cc | Set interrupt vector (Interrupt = '51' AKA 'Get or set Ctrl-Break') |
| 2018-12-25T12:00:37.296490968Z | 53 | PC: 1637e | Get interrupt vector (Interrupt = '16' AKA 'Close file') |
| 2018-12-25T12:00:37.297554403Z | 37 | PC: 16392 | Set interrupt vector (Interrupt = '16' AKA 'Close file') |
| 2018-12-25T12:00:37.299137556Z | 9 | PC: 16cf1 | Display string (String= 'Personal System II Mouse driver installed. ') |
| 2018-12-25T12:00:37.305493859Z | 49 | PC: 1699d | Terminate and stay resident (Return code = '0' | Memory size = '928') |
{"DateBased":true,"Day":1,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":6913,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:00:37.521943733Z | 254 | PC: 17cd5 | UNKNOWN! |
| 2018-12-25T12:00:37.523153174Z | 73 | PC: 17ced | Release memory |
| 2018-12-25T12:00:37.524052576Z | 72 | PC: 17cf4 | Allocate memory |
| 2018-12-25T12:00:37.52520209Z | 74 | PC: 17cfc | Reallocate memory |
| 2018-12-25T12:00:37.526978746Z | 72 | PC: 17d03 | Allocate memory |
| 2018-12-25T12:00:37.528352494Z | 53 | PC: 17d3d | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:00:37.529314109Z | 37 | PC: 17d4e | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:00:37.530636526Z | 42 | PC: 17d56 | Get date 0x17d56: cmp dl, 1 0x17d59: jne 0x17d6b 0x17d5b: cmp dh, 1 0x17d5e: je 0x17d65 0x17d60: cmp dh, 6 0x17d63: jne 0x17d6b 0x17d65: call 0x1816a 0x17d68: cli 0x17d69: jmp 0x17d68 0x17d6b: pop si 0x17d6c: cmp byte ptr cs:[si + 0x7ff], 0x4f 0x17d72: je 0x17de3 0x17d74: cmp byte ptr cs:[si + 0x7ff], 0x43 0x17d7a: je 0x17db5 0x17d7c: mov ax, word ptr cs:[si + 0x7f4] 0x17d81: add ax, 0x10 0x17d84: add word ptr cs:[si + 0x373], ax 0x17d89: mov dx, ax 0x17d8b: add ax, word ptr cs:[si + 0x7ec] 0x17d90: cli |