{"DateBased":true,"Day":7,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8130,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:03:33.173464381Z | 42 | PC: 12a55 | Get date 0x12a55: cmp dl, 7 0x12a58: je 0x12a5c 0x12a5a: jne 0x12a76 0x12a5c: mov ax, 2 0x12a5f: mov cx, 0x3e7 0x12a62: cli 0x12a63: cdq 0x12a64: int 0x26 0x12a66: inc ax 0x12a67: cmp ax, 5 0x12a6a: jne 0x12a64 0x12a6c: sti 0x12a6d: mov ah, 9 0x12a6f: mov dx, 0x329 0x12a72: int 0x21 0x12a74: int 0x19 0x12a76: cmp dl, 5 0x12a79: jg 0x12a86 0x12a7b: mov ax, 0x5f08 0x12a7e: mov dl, 0 |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8130,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:03:33.599384651Z | 42 | PC: 12a55 | Get date 0x12a55: cmp dl, 7 0x12a58: je 0x12a5c 0x12a5a: jne 0x12a76 0x12a5c: mov ax, 2 0x12a5f: mov cx, 0x3e7 0x12a62: cli 0x12a63: cdq 0x12a64: int 0x26 0x12a66: inc ax 0x12a67: cmp ax, 5 0x12a6a: jne 0x12a64 0x12a6c: sti 0x12a6d: mov ah, 9 0x12a6f: mov dx, 0x329 0x12a72: int 0x21 0x12a74: int 0x19 0x12a76: cmp dl, 5 0x12a79: jg 0x12a86 0x12a7b: mov ax, 0x5f08 0x12a7e: mov dl, 0 |
| 2018-12-25T12:03:33.6023219Z | 95 | PC: 12a82 | Network redirection functions |
| 2018-12-25T12:03:33.604101658Z | 95 | PC: 12a86 | Network redirection functions |
| 2018-12-25T12:03:33.605810016Z | 26 | PC: 12abc | Set disk transfer address |
| 2018-12-25T12:03:33.60733905Z | 71 | PC: 12af5 | Get current directory |
| 2018-12-25T12:03:33.609820725Z | 78 | PC: 12b20 | Find first file |
| 2018-12-25T12:03:33.612136779Z | 59 | PC: 12b0c | Change current directory |
| 2018-12-25T12:03:33.614338327Z | 59 | PC: 12b17 | Change current directory |
| 2018-12-25T12:03:33.616905996Z | 26 | PC: 12acd | Set disk transfer address |
{"DateBased":true,"Day":6,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8130,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:03:33.970351408Z | 42 | PC: 12a55 | Get date 0x12a55: cmp dl, 7 0x12a58: je 0x12a5c 0x12a5a: jne 0x12a76 0x12a5c: mov ax, 2 0x12a5f: mov cx, 0x3e7 0x12a62: cli 0x12a63: cdq 0x12a64: int 0x26 0x12a66: inc ax 0x12a67: cmp ax, 5 0x12a6a: jne 0x12a64 0x12a6c: sti 0x12a6d: mov ah, 9 0x12a6f: mov dx, 0x329 0x12a72: int 0x21 0x12a74: int 0x19 0x12a76: cmp dl, 5 0x12a79: jg 0x12a86 0x12a7b: mov ax, 0x5f08 0x12a7e: mov dl, 0 |
| 2018-12-25T12:03:33.973429817Z | 26 | PC: 12abc | Set disk transfer address |
| 2018-12-25T12:03:33.975170159Z | 71 | PC: 12af5 | Get current directory |
| 2018-12-25T12:03:33.97800263Z | 78 | PC: 12b20 | Find first file |
| 2018-12-25T12:03:33.984501926Z | 67 | PC: 12b60 | Get or set file attributes |
| 2018-12-25T12:03:33.990141663Z | 67 | PC: 12c1a | Get or set file attributes |
| 2018-12-25T12:03:34.006018032Z | 61 | PC: 12b6d | Open file (Filename = 'UTOEXECBAT ') |
| 2018-12-25T12:03:34.01870089Z | 87 | PC: 12b78 | Get or set file date and time |
| 2018-12-25T12:03:34.020129138Z | 63 | PC: 12b85 | Read file or device (Read 28 bytes on handle 5) |
| 2018-12-25T12:03:34.02683367Z | 66 | PC: 12c22 | Move file pointer |
| 2018-12-25T12:03:34.028537567Z | 67 | PC: 12c1a | Get or set file attributes (See above) |
| 2018-12-25T12:03:34.039278069Z | 62 | PC: 12bed | Close file |
| 2018-12-25T12:03:34.041185985Z | 79 | PC: 12b34 | Find next file |
| 2018-12-25T12:03:34.043904805Z | 67 | PC: 12b60 | Get or set file attributes (See above) |
| 2018-12-25T12:03:34.051048079Z | 67 | PC: 12c1a | Get or set file attributes (See above) |
| 2018-12-25T12:03:34.062004111Z | 61 | PC: 12b6d | Open file (See above) |
| 2018-12-25T12:03:34.069078415Z | 87 | PC: 12b78 | Get or set file date and time (See above) |
| 2018-12-25T12:03:34.071682437Z | 63 | PC: 12b85 | Read file or device (See above) |
| 2018-12-25T12:03:34.07846883Z | 66 | PC: 12c22 | Move file pointer (See above) |
| 2018-12-25T12:03:34.080330063Z | 67 | PC: 12c1a | Get or set file attributes (See above) |
| 2018-12-25T12:03:34.094201235Z | 62 | PC: 12bed | Close file (See above) |
| 2018-12-25T12:03:34.096720025Z | 79 | PC: 12b34 | Find next file (See above) |
| 2018-12-25T12:03:34.099883285Z | 67 | PC: 12b60 | Get or set file attributes (See above) |
| 2018-12-25T12:03:34.106497972Z | 67 | PC: 12c1a | Get or set file attributes (See above) |
| 2018-12-25T12:03:34.116589935Z | 61 | PC: 12b6d | Open file (See above) |
| 2018-12-25T12:03:34.123929325Z | 87 | PC: 12b78 | Get or set file date and time (See above) |
| 2018-12-25T12:03:34.125759935Z | 63 | PC: 12b85 | Read file or device (See above) |
| 2018-12-25T12:03:34.132185523Z | 66 | PC: 12c22 | Move file pointer (See above) |
| 2018-12-25T12:03:34.133656744Z | 67 | PC: 12c1a | Get or set file attributes (See above) |
| 2018-12-25T12:03:34.143927051Z | 62 | PC: 12bed | Close file (See above) |
| 2018-12-25T12:03:34.146509793Z | 79 | PC: 12b34 | Find next file (See above) |
| 2018-12-25T12:03:34.149655443Z | 67 | PC: 12b60 | Get or set file attributes (See above) |
| 2018-12-25T12:03:34.16152846Z | 67 | PC: 12c1a | Get or set file attributes (See above) |
| 2018-12-25T12:03:34.171865605Z | 61 | PC: 12b6d | Open file (See above) |
| 2018-12-25T12:03:34.178724589Z | 87 | PC: 12b78 | Get or set file date and time (See above) |
| 2018-12-25T12:03:34.180513164Z | 63 | PC: 12b85 | Read file or device (See above) |
| 2018-12-25T12:03:34.187740241Z | 66 | PC: 12c22 | Move file pointer (See above) |
| 2018-12-25T12:03:34.189632699Z | 67 | PC: 12c1a | Get or set file attributes (See above) |
| 2018-12-25T12:03:34.19987499Z | 62 | PC: 12bed | Close file (See above) |
| 2018-12-25T12:03:34.203576006Z | 79 | PC: 12b34 | Find next file (See above) |
| 2018-12-25T12:03:34.206580043Z | 67 | PC: 12b60 | Get or set file attributes (See above) |
| 2018-12-25T12:03:34.212478152Z | 67 | PC: 12c1a | Get or set file attributes (See above) |
| 2018-12-25T12:03:34.230983137Z | 61 | PC: 12b6d | Open file (See above) |
| 2018-12-25T12:03:34.238360261Z | 87 | PC: 12b78 | Get or set file date and time (See above) |
| 2018-12-25T12:03:34.239864846Z | 63 | PC: 12b85 | Read file or device (See above) |
| 2018-12-25T12:03:34.246904676Z | 66 | PC: 12c22 | Move file pointer (See above) |
| 2018-12-25T12:03:34.24864199Z | 67 | PC: 12c1a | Get or set file attributes (See above) |
| 2018-12-25T12:03:34.259375744Z | 62 | PC: 12bed | Close file (See above) |
| 2018-12-25T12:03:34.262445745Z | 79 | PC: 12b34 | Find next file (See above) |
| 2018-12-25T12:03:34.265254198Z | 67 | PC: 12b60 | Get or set file attributes (See above) |
| 2018-12-25T12:03:34.270933453Z | 67 | PC: 12c1a | Get or set file attributes (See above) |
| 2018-12-25T12:03:34.281055182Z | 61 | PC: 12b6d | Open file (See above) |
| 2018-12-25T12:03:34.289226958Z | 87 | PC: 12b78 | Get or set file date and time (See above) |
| 2018-12-25T12:03:34.291039576Z | 63 | PC: 12b85 | Read file or device (See above) |
| 2018-12-25T12:03:34.297685968Z | 66 | PC: 12c22 | Move file pointer (See above) |
| 2018-12-25T12:03:34.302653803Z | 64 | PC: 12bc0 | Write file or device (Write 5 bytes on handle 5) |
| 2018-12-25T12:03:34.310283223Z | 64 | PC: 12bcb | Write file or device (Write 602 bytes on handle 5) |
| 2018-12-25T12:03:34.31935879Z | 66 | PC: 12c22 | Move file pointer (See above) |
| 2018-12-25T12:03:34.321919753Z | 64 | PC: 12bd6 | Write file or device (Write 5 bytes on handle 5) |
| 2018-12-25T12:03:34.328723237Z | 87 | PC: 12bdd | Get or set file date and time |
| 2018-12-25T12:03:34.330227882Z | 67 | PC: 12c1a | Get or set file attributes (See above) |
| 2018-12-25T12:03:34.341816834Z | 62 | PC: 12bed | Close file (See above) |
| 2018-12-25T12:03:34.349129694Z | 79 | PC: 12b34 | Find next file (See above) |
| 2018-12-25T12:03:34.351788345Z | 67 | PC: 12b60 | Get or set file attributes (See above) |
| 2018-12-25T12:03:34.358378646Z | 67 | PC: 12c1a | Get or set file attributes (See above) |
| 2018-12-25T12:03:34.372750261Z | 61 | PC: 12b6d | Open file (See above) |
| 2018-12-25T12:03:34.379286111Z | 87 | PC: 12b78 | Get or set file date and time (See above) |
| 2018-12-25T12:03:34.381540556Z | 63 | PC: 12b85 | Read file or device (See above) |
| 2018-12-25T12:03:34.388098295Z | 66 | PC: 12c22 | Move file pointer (See above) |
| 2018-12-25T12:03:34.389714024Z | 67 | PC: 12c1a | Get or set file attributes (See above) |
| 2018-12-25T12:03:34.398620253Z | 62 | PC: 12bed | Close file (See above) |
| 2018-12-25T12:03:34.400329772Z | 79 | PC: 12b34 | Find next file (See above) |
| 2018-12-25T12:03:34.402133601Z | 67 | PC: 12b60 | Get or set file attributes (See above) |
| 2018-12-25T12:03:34.405798322Z | 67 | PC: 12c1a | Get or set file attributes (See above) |
| 2018-12-25T12:03:34.412446564Z | 61 | PC: 12b6d | Open file (See above) |
| 2018-12-25T12:03:34.419882323Z | 87 | PC: 12b78 | Get or set file date and time (See above) |
| 2018-12-25T12:03:34.421941599Z | 63 | PC: 12b85 | Read file or device (See above) |
| 2018-12-25T12:03:34.429340313Z | 67 | PC: 12c1a | Get or set file attributes (See above) |
| 2018-12-25T12:03:34.441740682Z | 62 | PC: 12bed | Close file (See above) |
| 2018-12-25T12:03:34.443869302Z | 79 | PC: 12b34 | Find next file (See above) |
| 2018-12-25T12:03:34.446144817Z | 59 | PC: 12b0c | Change current directory |
| 2018-12-25T12:03:34.448777032Z | 59 | PC: 12b17 | Change current directory |
| 2018-12-25T12:03:34.452000531Z | 26 | PC: 12acd | Set disk transfer address |