{"DateBased":true,"Day":1,"Month":10,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7656,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:02:18.923772174Z | 26 | PC: 12b18 | Set disk transfer address |
| 2018-12-25T12:02:18.925630316Z | 78 | PC: 12b22 | Find first file |
| 2018-12-25T12:02:18.932301279Z | 61 | PC: 12b33 | Open file (Filename = 'h') |
| 2018-12-25T12:02:18.938547387Z | 66 | PC: 12b3f | Move file pointer |
| 2018-12-25T12:02:18.94029745Z | 66 | PC: 12b4c | Move file pointer |
| 2018-12-25T12:02:18.942083658Z | 63 | PC: 12b56 | Read file or device (Read 2 bytes on handle 5) |
| 2018-12-25T12:02:18.945162155Z | 66 | PC: 12b6b | Move file pointer |
| 2018-12-25T12:02:18.946658987Z | 64 | PC: 12b7c | Write file or device (Write 2 bytes on handle 5) |
| 2018-12-25T12:02:18.949605413Z | 66 | PC: 12b3f | Move file pointer (See above) |
| 2018-12-25T12:02:18.950902745Z | 66 | PC: 12b4c | Move file pointer (See above) |
| 2018-12-25T12:02:18.952161144Z | 63 | PC: 12b56 | Read file or device (See above) |
| 2018-12-25T12:02:18.955205732Z | 66 | PC: 12b95 | Move file pointer |
| 2018-12-25T12:02:18.956480291Z | 66 | PC: 12ba2 | Move file pointer |
| 2018-12-25T12:02:18.957665632Z | 64 | PC: 12bb1 | Write file or device (Write 2 bytes on handle 5) |
| 2018-12-25T12:02:18.96060427Z | 62 | PC: 12bb5 | Close file |
| 2018-12-25T12:02:19.647952914Z | 67 | PC: 12eec | Get or set file attributes |
| 2018-12-25T12:02:19.652991133Z | 42 | PC: 12bbe | Get date 0x12bbe: cmp dh, 0xa 0x12bc1: je 0x12bc6 0x12bc3: jmp 0x12be5 0x12bc5: nop 0x12bc6: cmp dl, 0x15 0x12bc9: je 0x12bce 0x12bcb: jmp 0x12be5 0x12bcd: nop 0x12bce: mov ax, 6 0x12bd1: int 0x10 0x12bd3: mov ax, 0xe07 0x12bd6: int 0x10 0x12bd8: push cs 0x12bd9: pop ds 0x12bda: mov ah, 9 0x12bdc: mov dx, 0x65c 0x12bdf: int 0x21 0x12be1: mov ah, 0 0x12be3: int 0x16 0x12be5: push cs |
| 2018-12-25T12:02:19.656596766Z | 67 | PC: 12bf0 | Get or set file attributes |
| 2018-12-25T12:02:19.66249656Z | 67 | PC: 12c01 | Get or set file attributes |
| 2018-12-25T12:02:19.679010736Z | 61 | PC: 12c0a | Open file (Filename = '���������������') |
| 2018-12-25T12:02:19.687580878Z | 63 | PC: 12c1f | Read file or device (Read 22 bytes on handle 5) |
| 2018-12-25T12:02:19.694317415Z | 66 | PC: 12c9a | Move file pointer |
| 2018-12-25T12:02:19.695876955Z | 64 | PC: 12cdd | Write file or device (Write 16 bytes on handle 5) |
| 2018-12-25T12:02:19.699522337Z | 66 | PC: 12ce6 | Move file pointer |
| 2018-12-25T12:02:19.701909083Z | 64 | PC: 12d26 | Write file or device (Write 1740 bytes on handle 5) |
| 2018-12-25T12:02:19.710747096Z | 66 | PC: 12d3c | Move file pointer |
| 2018-12-25T12:02:19.712829847Z | 64 | PC: 12d53 | Write file or device (Write 22 bytes on handle 5) |
| 2018-12-25T12:02:19.719065122Z | 62 | PC: 12d5c | Close file |
| 2018-12-25T12:02:19.742855665Z | 67 | PC: 12eec | Get or set file attributes (See above) |
| 2018-12-25T12:02:19.753794921Z | 76 | PC: 12a44 | Terminate with return code (Return code = '0') |
{"DateBased":true,"Day":21,"Month":10,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7656,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:02:18.995323938Z | 26 | PC: 12b18 | Set disk transfer address |
| 2018-12-25T12:02:18.996504952Z | 78 | PC: 12b22 | Find first file |
| 2018-12-25T12:02:19.002320641Z | 61 | PC: 12b33 | Open file (Filename = 'h') |
| 2018-12-25T12:02:19.00935673Z | 66 | PC: 12b3f | Move file pointer |
| 2018-12-25T12:02:19.010831382Z | 66 | PC: 12b4c | Move file pointer |
| 2018-12-25T12:02:19.012216052Z | 63 | PC: 12b56 | Read file or device (Read 2 bytes on handle 5) |
| 2018-12-25T12:02:19.015607416Z | 66 | PC: 12b6b | Move file pointer |
| 2018-12-25T12:02:19.017319678Z | 64 | PC: 12b7c | Write file or device (Write 2 bytes on handle 5) |
| 2018-12-25T12:02:19.020372994Z | 66 | PC: 12b3f | Move file pointer (See above) |
| 2018-12-25T12:02:19.021696888Z | 66 | PC: 12b4c | Move file pointer (See above) |
| 2018-12-25T12:02:19.023359959Z | 63 | PC: 12b56 | Read file or device (See above) |
| 2018-12-25T12:02:19.025717223Z | 66 | PC: 12b95 | Move file pointer |
| 2018-12-25T12:02:19.027055166Z | 66 | PC: 12ba2 | Move file pointer |
| 2018-12-25T12:02:19.028976557Z | 64 | PC: 12bb1 | Write file or device (Write 2 bytes on handle 5) |
| 2018-12-25T12:02:19.031857114Z | 62 | PC: 12bb5 | Close file |
| 2018-12-25T12:02:19.648142995Z | 67 | PC: 12eec | Get or set file attributes |
| 2018-12-25T12:02:19.654427911Z | 42 | PC: 12bbe | Get date 0x12bbe: cmp dh, 0xa 0x12bc1: je 0x12bc6 0x12bc3: jmp 0x12be5 0x12bc5: nop 0x12bc6: cmp dl, 0x15 0x12bc9: je 0x12bce 0x12bcb: jmp 0x12be5 0x12bcd: nop 0x12bce: mov ax, 6 0x12bd1: int 0x10 0x12bd3: mov ax, 0xe07 0x12bd6: int 0x10 0x12bd8: push cs 0x12bd9: pop ds 0x12bda: mov ah, 9 0x12bdc: mov dx, 0x65c 0x12bdf: int 0x21 0x12be1: mov ah, 0 0x12be3: int 0x16 0x12be5: push cs |
| 2018-12-25T12:02:19.664545577Z | 9 | PC: 12be1 | Display string (Could not find end pointer) |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7656,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:02:19.058207253Z | 26 | PC: 12b18 | Set disk transfer address |
| 2018-12-25T12:02:19.059794545Z | 78 | PC: 12b22 | Find first file |
| 2018-12-25T12:02:19.066195635Z | 61 | PC: 12b33 | Open file (Filename = 'h') |
| 2018-12-25T12:02:19.072782113Z | 66 | PC: 12b3f | Move file pointer |
| 2018-12-25T12:02:19.074582662Z | 66 | PC: 12b4c | Move file pointer |
| 2018-12-25T12:02:19.07608778Z | 63 | PC: 12b56 | Read file or device (Read 2 bytes on handle 5) |
| 2018-12-25T12:02:19.079104865Z | 66 | PC: 12b6b | Move file pointer |
| 2018-12-25T12:02:19.08073871Z | 64 | PC: 12b7c | Write file or device (Write 2 bytes on handle 5) |
| 2018-12-25T12:02:19.083613047Z | 66 | PC: 12b3f | Move file pointer (See above) |
| 2018-12-25T12:02:19.084871846Z | 66 | PC: 12b4c | Move file pointer (See above) |
| 2018-12-25T12:02:19.086219221Z | 63 | PC: 12b56 | Read file or device (See above) |
| 2018-12-25T12:02:19.08887455Z | 66 | PC: 12b95 | Move file pointer |
| 2018-12-25T12:02:19.090248325Z | 66 | PC: 12ba2 | Move file pointer |
| 2018-12-25T12:02:19.091464406Z | 64 | PC: 12bb1 | Write file or device (Write 2 bytes on handle 5) |
| 2018-12-25T12:02:19.09450846Z | 62 | PC: 12bb5 | Close file |
| 2018-12-25T12:02:19.444849393Z | 67 | PC: 12eec | Get or set file attributes |
| 2018-12-25T12:02:19.450201194Z | 42 | PC: 12bbe | Get date 0x12bbe: cmp dh, 0xa 0x12bc1: je 0x12bc6 0x12bc3: jmp 0x12be5 0x12bc5: nop 0x12bc6: cmp dl, 0x15 0x12bc9: je 0x12bce 0x12bcb: jmp 0x12be5 0x12bcd: nop 0x12bce: mov ax, 6 0x12bd1: int 0x10 0x12bd3: mov ax, 0xe07 0x12bd6: int 0x10 0x12bd8: push cs 0x12bd9: pop ds 0x12bda: mov ah, 9 0x12bdc: mov dx, 0x65c 0x12bdf: int 0x21 0x12be1: mov ah, 0 0x12be3: int 0x16 0x12be5: push cs |
| 2018-12-25T12:02:19.453324579Z | 67 | PC: 12bf0 | Get or set file attributes |
| 2018-12-25T12:02:19.459761149Z | 67 | PC: 12c01 | Get or set file attributes |
| 2018-12-25T12:02:19.477770095Z | 61 | PC: 12c0a | Open file (Filename = '���������������') |
| 2018-12-25T12:02:19.487382765Z | 63 | PC: 12c1f | Read file or device (Read 22 bytes on handle 5) |
| 2018-12-25T12:02:19.494924267Z | 66 | PC: 12c9a | Move file pointer |
| 2018-12-25T12:02:19.49685956Z | 64 | PC: 12cdd | Write file or device (Write 16 bytes on handle 5) |
| 2018-12-25T12:02:19.500974637Z | 66 | PC: 12ce6 | Move file pointer |
| 2018-12-25T12:02:19.503331983Z | 64 | PC: 12d26 | Write file or device (Write 1740 bytes on handle 5) |
| 2018-12-25T12:02:19.513209146Z | 66 | PC: 12d3c | Move file pointer |
| 2018-12-25T12:02:19.515918026Z | 64 | PC: 12d53 | Write file or device (Write 22 bytes on handle 5) |
| 2018-12-25T12:02:19.523179325Z | 62 | PC: 12d5c | Close file |
| 2018-12-25T12:02:19.532069004Z | 67 | PC: 12eec | Get or set file attributes (See above) |
| 2018-12-25T12:02:19.543481926Z | 76 | PC: 12a44 | Terminate with return code (Return code = '0') |