{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8149,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:03:35.52432383Z | 190 | PC: 15659 | UNKNOWN! |
| 2018-12-25T12:03:35.526371201Z | 53 | PC: 1566a | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:03:35.528791268Z | 53 | PC: 15677 | Get interrupt vector (Interrupt = '16' AKA 'Close file') |
| 2018-12-25T12:03:35.530700928Z | 74 | PC: 15688 | Reallocate memory |
| 2018-12-25T12:03:35.532575718Z | 74 | PC: 15692 | Reallocate memory |
| 2018-12-25T12:03:35.53389682Z | 72 | PC: 15699 | Allocate memory |
| 2018-12-25T12:03:35.535201445Z | 37 | PC: 156bf | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:03:35.53674412Z | 42 | PC: 156c3 | Get date 0x156c3: cmp al, 1 0x156c5: jne 0x156de 0x156c7: nop 0x156c8: nop 0x156c9: nop 0x156ca: push es 0x156cb: pop ds 0x156cc: mov dx, 0x4c6 0x156cf: mov ax, 0x251c 0x156d2: int 0x21 0x156d4: push es 0x156d5: pop ds 0x156d6: mov dx, 0x52f 0x156d9: mov ax, 0x2510 0x156dc: int 0x21 0x156de: mov word ptr es:[2], es 0x156e3: add word ptr es:[2], 0x58 0x156e9: nop 0x156ea: mov word ptr es:[0], 0x20cd 0x156f1: mov ax, es |
| 2018-12-25T12:03:35.539321753Z | 9 | PC: 12a51 | Display string (String= 'This is a sample!') |
| 2018-12-25T12:03:35.541044584Z | 76 | PC: 12a56 | Terminate with return code (Return code = '0') |
{"DateBased":true,"Day":7,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8149,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:03:35.589421726Z | 190 | PC: 15659 | UNKNOWN! |
| 2018-12-25T12:03:35.591057366Z | 53 | PC: 1566a | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:03:35.592241278Z | 53 | PC: 15677 | Get interrupt vector (Interrupt = '16' AKA 'Close file') |
| 2018-12-25T12:03:35.593369049Z | 74 | PC: 15688 | Reallocate memory |
| 2018-12-25T12:03:35.59546899Z | 74 | PC: 15692 | Reallocate memory |
| 2018-12-25T12:03:35.596871437Z | 72 | PC: 15699 | Allocate memory |
| 2018-12-25T12:03:35.598524995Z | 37 | PC: 156bf | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:03:35.600291806Z | 42 | PC: 156c3 | Get date 0x156c3: cmp al, 1 0x156c5: jne 0x156de 0x156c7: nop 0x156c8: nop 0x156c9: nop 0x156ca: push es 0x156cb: pop ds 0x156cc: mov dx, 0x4c6 0x156cf: mov ax, 0x251c 0x156d2: int 0x21 0x156d4: push es 0x156d5: pop ds 0x156d6: mov dx, 0x52f 0x156d9: mov ax, 0x2510 0x156dc: int 0x21 0x156de: mov word ptr es:[2], es 0x156e3: add word ptr es:[2], 0x58 0x156e9: nop 0x156ea: mov word ptr es:[0], 0x20cd 0x156f1: mov ax, es |
| 2018-12-25T12:03:35.603008606Z | 37 | PC: 156d4 | Set interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive') |
| 2018-12-25T12:03:35.604179642Z | 37 | PC: 156de | Set interrupt vector (Interrupt = '16' AKA 'Close file') |
| 2018-12-25T12:03:35.606102395Z | 9 | PC: 12a51 | Display string (String= 'This is a sample!') |
| 2018-12-25T12:03:35.609371988Z | 76 | PC: 12a56 | Terminate with return code (Return code = '0') |