{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7144,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:00:53.314591732Z | 250 | PC: 12b1b | UNKNOWN! |
| 2018-12-25T12:00:53.316462229Z | 42 | PC: 12b23 | Get date 0x12b23: cmp dl, 0x13 0x12b26: jne 0x12b2e 0x12b28: mov byte ptr cs:[bp + 0x5ed], 1 0x12b2e: mov ax, es 0x12b30: dec ax 0x12b31: mov ds, ax 0x12b33: cmp byte ptr [0], 0x5a 0x12b38: jne 0x12b7f 0x12b3a: sub word ptr [3], 0x140 0x12b40: sub word ptr [0x12], 0x140 0x12b46: mov es, word ptr [0x12] 0x12b4a: push cs 0x12b4b: pop ds 0x12b4c: mov si, bp 0x12b4e: mov cx, 0x38a 0x12b51: xor di, di 0x12b53: rep movsd dword ptr es:[di], dword ptr [si] 0x12b55: xor ax, ax 0x12b57: mov ds, ax 0x12b59: push ds |
{"DateBased":true,"Day":19,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7144,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:00:53.383784639Z | 250 | PC: 12b1b | UNKNOWN! |
| 2018-12-25T12:00:53.385398049Z | 42 | PC: 12b23 | Get date 0x12b23: cmp dl, 0x13 0x12b26: jne 0x12b2e 0x12b28: mov byte ptr cs:[bp + 0x5ed], 1 0x12b2e: mov ax, es 0x12b30: dec ax 0x12b31: mov ds, ax 0x12b33: cmp byte ptr [0], 0x5a 0x12b38: jne 0x12b7f 0x12b3a: sub word ptr [3], 0x140 0x12b40: sub word ptr [0x12], 0x140 0x12b46: mov es, word ptr [0x12] 0x12b4a: push cs 0x12b4b: pop ds 0x12b4c: mov si, bp 0x12b4e: mov cx, 0x38a 0x12b51: xor di, di 0x12b53: rep movsd dword ptr es:[di], dword ptr [si] 0x12b55: xor ax, ax 0x12b57: mov ds, ax 0x12b59: push ds |