{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7090,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:00:50.127027107Z | 48 | PC: 12a4e | Get DOS version |
| 2018-12-25T12:00:50.129689084Z | 42 | PC: 12a5b | Get date 0x12a5b: cmp dx, 0xc16 0x12a5f: je 0x12a63 0x12a61: jmp 0x12a87 0x12a63: push cs 0x12a64: pop ds 0x12a65: push si 0x12a66: mov bl, 0xcf 0x12a68: mov dx, 0x24d 0x12a6b: add si, dx 0x12a6d: call 0x12c51 0x12a70: mov ah, 0 0x12a72: int 0x16 0x12a74: pop si 0x12a75: push si 0x12a76: mov bl, 0x1e 0x12a78: mov dx, 0x33b 0x12a7b: add si, dx 0x12a7d: call 0x12c51 0x12a80: mov ah, 0 0x12a82: int 0x16 |
| 2018-12-25T12:00:50.13287135Z | 82 | PC: 12a8b | Get DOS internal pointers (SYSVARS) |
{"DateBased":true,"Day":22,"Month":12,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7090,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:00:50.135768271Z | 48 | PC: 12a4e | Get DOS version |
| 2018-12-25T12:00:50.137488786Z | 42 | PC: 12a5b | Get date 0x12a5b: cmp dx, 0xc16 0x12a5f: je 0x12a63 0x12a61: jmp 0x12a87 0x12a63: push cs 0x12a64: pop ds 0x12a65: push si 0x12a66: mov bl, 0xcf 0x12a68: mov dx, 0x24d 0x12a6b: add si, dx 0x12a6d: call 0x12c51 0x12a70: mov ah, 0 0x12a72: int 0x16 0x12a74: pop si 0x12a75: push si 0x12a76: mov bl, 0x1e 0x12a78: mov dx, 0x33b 0x12a7b: add si, dx 0x12a7d: call 0x12c51 0x12a80: mov ah, 0 0x12a82: int 0x16 |