{"DateBased":true,"Day":6,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7550,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:01:50.57475947Z | 47 | PC: 12aa5 | Get disk transfer address |
| 2018-12-25T12:01:50.57681204Z | 26 | PC: 12a8a | Set disk transfer address |
| 2018-12-25T12:01:50.577945017Z | 42 | PC: 12ab4 | Get date 0x12ab4: cmp al, 1 0x12ab6: jge 0x12abb 0x12ab8: jmp 0x12b06 0x12aba: nop 0x12abb: cmp al, 1 0x12abd: ja 0x12b06 0x12abf: jmp 0x12ac2 0x12ac1: nop 0x12ac2: mov dl, 2 0x12ac4: mov ah, 5 0x12ac6: mov dh, 0 0x12ac8: mov ch, 0 0x12aca: int 0x13 0x12acc: mov cx, 0x14 0x12acf: push cx 0x12ad0: call 0x12add 0x12ad3: mov cx, 0x4000 0x12ad6: loop 0x12ad6 0x12ad8: pop cx 0x12ad9: loop 0x12acf |
| 2018-12-25T12:01:50.580061545Z | 44 | PC: 12b0a | Get time 0x12b0a: and dh, 0xf 0x12b0d: cmp dh, 3 0x12b10: jb 0x12acc 0x12b12: cmp dh, 3 0x12b15: ja 0x12b41 0x12b17: int 0x19 0x12b19: mov ah, 0x47 0x12b1b: xor dl, dl 0x12b1d: add si, 0 0x12b20: nop 0x12b21: int 0x21 0x12b23: jb 0x12b41 0x12b25: mov ah, 0x3b 0x12b27: mov dx, si 0x12b29: add dx, 0x40 0x12b2c: nop 0x12b2d: int 0x21 0x12b2f: mov word ptr [bx + 0x43], di 0x12b32: nop 0x12b33: mov si, bx |
{"DateBased":true,"Day":7,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7550,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:01:50.841911706Z | 47 | PC: 12aa5 | Get disk transfer address |
| 2018-12-25T12:01:50.843526487Z | 26 | PC: 12a8a | Set disk transfer address |
| 2018-12-25T12:01:50.845230966Z | 42 | PC: 12ab4 | Get date 0x12ab4: cmp al, 1 0x12ab6: jge 0x12abb 0x12ab8: jmp 0x12b06 0x12aba: nop 0x12abb: cmp al, 1 0x12abd: ja 0x12b06 0x12abf: jmp 0x12ac2 0x12ac1: nop 0x12ac2: mov dl, 2 0x12ac4: mov ah, 5 0x12ac6: mov dh, 0 0x12ac8: mov ch, 0 0x12aca: int 0x13 0x12acc: mov cx, 0x14 0x12acf: push cx 0x12ad0: call 0x12add 0x12ad3: mov cx, 0x4000 0x12ad6: loop 0x12ad6 0x12ad8: pop cx 0x12ad9: loop 0x12acf |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7550,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:01:51.164417438Z | 47 | PC: 12aa5 | Get disk transfer address |
| 2018-12-25T12:01:51.166133595Z | 26 | PC: 12a8a | Set disk transfer address |
| 2018-12-25T12:01:51.167269965Z | 42 | PC: 12ab4 | Get date 0x12ab4: cmp al, 1 0x12ab6: jge 0x12abb 0x12ab8: jmp 0x12b06 0x12aba: nop 0x12abb: cmp al, 1 0x12abd: ja 0x12b06 0x12abf: jmp 0x12ac2 0x12ac1: nop 0x12ac2: mov dl, 2 0x12ac4: mov ah, 5 0x12ac6: mov dh, 0 0x12ac8: mov ch, 0 0x12aca: int 0x13 0x12acc: mov cx, 0x14 0x12acf: push cx 0x12ad0: call 0x12add 0x12ad3: mov cx, 0x4000 0x12ad6: loop 0x12ad6 0x12ad8: pop cx 0x12ad9: loop 0x12acf |
| 2018-12-25T12:01:51.169480706Z | 44 | PC: 12b0a | Get time 0x12b0a: and dh, 0xf 0x12b0d: cmp dh, 3 0x12b10: jb 0x12acc 0x12b12: cmp dh, 3 0x12b15: ja 0x12b41 0x12b17: int 0x19 0x12b19: mov ah, 0x47 0x12b1b: xor dl, dl 0x12b1d: add si, 0 0x12b20: nop 0x12b21: int 0x21 0x12b23: jb 0x12b41 0x12b25: mov ah, 0x3b 0x12b27: mov dx, si 0x12b29: add dx, 0x40 0x12b2c: nop 0x12b2d: int 0x21 0x12b2f: mov word ptr [bx + 0x43], di 0x12b32: nop 0x12b33: mov si, bx |