{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8274,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:04:00.761771177Z | 255 | PC: 12a72 | UNKNOWN! |
| 2018-12-25T12:04:00.763849151Z | 53 | PC: 12a7e | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:04:00.765358536Z | 37 | PC: 12ad1 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:04:00.766752433Z | 42 | PC: 12ae9 | Get date 0x12ae9: cmp dx, 0x60c 0x12aed: jne 0x12b01 0x12aef: mov ax, 0x311 0x12af2: mov dx, 0x80 0x12af5: mov cx, 1 0x12af8: int 0x13 0x12afa: inc dh 0x12afc: mov ax, 0x311 0x12aff: int 0x13 0x12b01: nop 0x12b02: nop 0x12b03: nop 0x12b04: jmp 0x12b06 0x12b06: mov ah, 0x2a 0x12b08: int 0x21 0x12b0a: cmp dx, 0x503 0x12b0e: jne 0x12b1b 0x12b10: push ds 0x12b11: push cs 0x12b12: pop ds |
| 2018-12-25T12:04:00.769386232Z | 42 | PC: 12b0a | Get date 0x12b0a: cmp dx, 0x503 0x12b0e: jne 0x12b1b 0x12b10: push ds 0x12b11: push cs 0x12b12: pop ds 0x12b13: mov ah, 1 0x12b15: mov dx, 0x23f 0x12b18: int 0x21 0x12b1a: pop ds 0x12b1b: cmp byte ptr cs:[bp + 0x27b], 0 0x12b21: jne 0x12b42 0x12b23: lea si, word ptr [bp + 0x255] 0x12b27: mov di, 0x100 0x12b2a: mov cx, 3 0x12b2d: cld 0x12b2e: rep movsb byte ptr es:[di], byte ptr [si] 0x12b30: mov ax, 0x100 0x12b33: push ax 0x12b34: xor ax, ax 0x12b36: cdq |
{"DateBased":true,"Day":12,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8274,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:04:00.810117153Z | 255 | PC: 12a72 | UNKNOWN! |
| 2018-12-25T12:04:00.811065787Z | 53 | PC: 12a7e | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:04:00.812412611Z | 37 | PC: 12ad1 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:04:00.813396804Z | 42 | PC: 12ae9 | Get date 0x12ae9: cmp dx, 0x60c 0x12aed: jne 0x12b01 0x12aef: mov ax, 0x311 0x12af2: mov dx, 0x80 0x12af5: mov cx, 1 0x12af8: int 0x13 0x12afa: inc dh 0x12afc: mov ax, 0x311 0x12aff: int 0x13 0x12b01: nop 0x12b02: nop 0x12b03: nop 0x12b04: jmp 0x12b06 0x12b06: mov ah, 0x2a 0x12b08: int 0x21 0x12b0a: cmp dx, 0x503 0x12b0e: jne 0x12b1b 0x12b10: push ds 0x12b11: push cs 0x12b12: pop ds |
| 2018-12-25T12:04:01.159558406Z | 42 | PC: 12b0a | Get date 0x12b0a: cmp dx, 0x503 0x12b0e: jne 0x12b1b 0x12b10: push ds 0x12b11: push cs 0x12b12: pop ds 0x12b13: mov ah, 1 0x12b15: mov dx, 0x23f 0x12b18: int 0x21 0x12b1a: pop ds 0x12b1b: cmp byte ptr cs:[bp + 0x27b], 0 0x12b21: jne 0x12b42 0x12b23: lea si, word ptr [bp + 0x255] 0x12b27: mov di, 0x100 0x12b2a: mov cx, 3 0x12b2d: cld 0x12b2e: rep movsb byte ptr es:[di], byte ptr [si] 0x12b30: mov ax, 0x100 0x12b33: push ax 0x12b34: xor ax, ax 0x12b36: cdq |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8274,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:04:00.879659817Z | 255 | PC: 12a72 | UNKNOWN! |
| 2018-12-25T12:04:00.880758374Z | 53 | PC: 12a7e | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:04:00.882047581Z | 37 | PC: 12ad1 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:04:00.883007603Z | 42 | PC: 12ae9 | Get date 0x12ae9: cmp dx, 0x60c 0x12aed: jne 0x12b01 0x12aef: mov ax, 0x311 0x12af2: mov dx, 0x80 0x12af5: mov cx, 1 0x12af8: int 0x13 0x12afa: inc dh 0x12afc: mov ax, 0x311 0x12aff: int 0x13 0x12b01: nop 0x12b02: nop 0x12b03: nop 0x12b04: jmp 0x12b06 0x12b06: mov ah, 0x2a 0x12b08: int 0x21 0x12b0a: cmp dx, 0x503 0x12b0e: jne 0x12b1b 0x12b10: push ds 0x12b11: push cs 0x12b12: pop ds |
| 2018-12-25T12:04:00.885105267Z | 42 | PC: 12b0a | Get date 0x12b0a: cmp dx, 0x503 0x12b0e: jne 0x12b1b 0x12b10: push ds 0x12b11: push cs 0x12b12: pop ds 0x12b13: mov ah, 1 0x12b15: mov dx, 0x23f 0x12b18: int 0x21 0x12b1a: pop ds 0x12b1b: cmp byte ptr cs:[bp + 0x27b], 0 0x12b21: jne 0x12b42 0x12b23: lea si, word ptr [bp + 0x255] 0x12b27: mov di, 0x100 0x12b2a: mov cx, 3 0x12b2d: cld 0x12b2e: rep movsb byte ptr es:[di], byte ptr [si] 0x12b30: mov ax, 0x100 0x12b33: push ax 0x12b34: xor ax, ax 0x12b36: cdq |
{"DateBased":true,"Day":3,"Month":5,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8274,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:04:00.9891202Z | 255 | PC: 12a72 | UNKNOWN! |
| 2018-12-25T12:04:00.990348124Z | 53 | PC: 12a7e | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:04:00.992340842Z | 37 | PC: 12ad1 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:04:00.994127286Z | 42 | PC: 12ae9 | Get date 0x12ae9: cmp dx, 0x60c 0x12aed: jne 0x12b01 0x12aef: mov ax, 0x311 0x12af2: mov dx, 0x80 0x12af5: mov cx, 1 0x12af8: int 0x13 0x12afa: inc dh 0x12afc: mov ax, 0x311 0x12aff: int 0x13 0x12b01: nop 0x12b02: nop 0x12b03: nop 0x12b04: jmp 0x12b06 0x12b06: mov ah, 0x2a 0x12b08: int 0x21 0x12b0a: cmp dx, 0x503 0x12b0e: jne 0x12b1b 0x12b10: push ds 0x12b11: push cs 0x12b12: pop ds |
| 2018-12-25T12:04:00.996995531Z | 42 | PC: 12b0a | Get date 0x12b0a: cmp dx, 0x503 0x12b0e: jne 0x12b1b 0x12b10: push ds 0x12b11: push cs 0x12b12: pop ds 0x12b13: mov ah, 1 0x12b15: mov dx, 0x23f 0x12b18: int 0x21 0x12b1a: pop ds 0x12b1b: cmp byte ptr cs:[bp + 0x27b], 0 0x12b21: jne 0x12b42 0x12b23: lea si, word ptr [bp + 0x255] 0x12b27: mov di, 0x100 0x12b2a: mov cx, 3 0x12b2d: cld 0x12b2e: rep movsb byte ptr es:[di], byte ptr [si] 0x12b30: mov ax, 0x100 0x12b33: push ax 0x12b34: xor ax, ax 0x12b36: cdq |
| 2018-12-25T12:04:01.000169342Z | 1 | PC: 12b1a | Character input |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8274,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:04:01.027318419Z | 255 | PC: 12a72 | UNKNOWN! |
| 2018-12-25T12:04:01.028999811Z | 53 | PC: 12a7e | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:04:01.03038515Z | 37 | PC: 12ad1 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:04:01.03164213Z | 42 | PC: 12ae9 | Get date 0x12ae9: cmp dx, 0x60c 0x12aed: jne 0x12b01 0x12aef: mov ax, 0x311 0x12af2: mov dx, 0x80 0x12af5: mov cx, 1 0x12af8: int 0x13 0x12afa: inc dh 0x12afc: mov ax, 0x311 0x12aff: int 0x13 0x12b01: nop 0x12b02: nop 0x12b03: nop 0x12b04: jmp 0x12b06 0x12b06: mov ah, 0x2a 0x12b08: int 0x21 0x12b0a: cmp dx, 0x503 0x12b0e: jne 0x12b1b 0x12b10: push ds 0x12b11: push cs 0x12b12: pop ds |
| 2018-12-25T12:04:01.034359091Z | 42 | PC: 12b0a | Get date 0x12b0a: cmp dx, 0x503 0x12b0e: jne 0x12b1b 0x12b10: push ds 0x12b11: push cs 0x12b12: pop ds 0x12b13: mov ah, 1 0x12b15: mov dx, 0x23f 0x12b18: int 0x21 0x12b1a: pop ds 0x12b1b: cmp byte ptr cs:[bp + 0x27b], 0 0x12b21: jne 0x12b42 0x12b23: lea si, word ptr [bp + 0x255] 0x12b27: mov di, 0x100 0x12b2a: mov cx, 3 0x12b2d: cld 0x12b2e: rep movsb byte ptr es:[di], byte ptr [si] 0x12b30: mov ax, 0x100 0x12b33: push ax 0x12b34: xor ax, ax 0x12b36: cdq |
{"DateBased":true,"Day":12,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8274,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:04:01.351045783Z | 255 | PC: 12a72 | UNKNOWN! |
| 2018-12-25T12:04:01.352954991Z | 53 | PC: 12a7e | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:04:01.354738575Z | 37 | PC: 12ad1 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:04:01.356386737Z | 42 | PC: 12ae9 | Get date 0x12ae9: cmp dx, 0x60c 0x12aed: jne 0x12b01 0x12aef: mov ax, 0x311 0x12af2: mov dx, 0x80 0x12af5: mov cx, 1 0x12af8: int 0x13 0x12afa: inc dh 0x12afc: mov ax, 0x311 0x12aff: int 0x13 0x12b01: nop 0x12b02: nop 0x12b03: nop 0x12b04: jmp 0x12b06 0x12b06: mov ah, 0x2a 0x12b08: int 0x21 0x12b0a: cmp dx, 0x503 0x12b0e: jne 0x12b1b 0x12b10: push ds 0x12b11: push cs 0x12b12: pop ds |
| 2018-12-25T12:04:01.682881407Z | 42 | PC: 12b0a | Get date 0x12b0a: cmp dx, 0x503 0x12b0e: jne 0x12b1b 0x12b10: push ds 0x12b11: push cs 0x12b12: pop ds 0x12b13: mov ah, 1 0x12b15: mov dx, 0x23f 0x12b18: int 0x21 0x12b1a: pop ds 0x12b1b: cmp byte ptr cs:[bp + 0x27b], 0 0x12b21: jne 0x12b42 0x12b23: lea si, word ptr [bp + 0x255] 0x12b27: mov di, 0x100 0x12b2a: mov cx, 3 0x12b2d: cld 0x12b2e: rep movsb byte ptr es:[di], byte ptr [si] 0x12b30: mov ax, 0x100 0x12b33: push ax 0x12b34: xor ax, ax 0x12b36: cdq |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8274,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:04:01.404870961Z | 255 | PC: 12a72 | UNKNOWN! |
| 2018-12-25T12:04:01.406411786Z | 53 | PC: 12a7e | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:04:01.407666698Z | 37 | PC: 12ad1 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:04:01.408893165Z | 42 | PC: 12ae9 | Get date 0x12ae9: cmp dx, 0x60c 0x12aed: jne 0x12b01 0x12aef: mov ax, 0x311 0x12af2: mov dx, 0x80 0x12af5: mov cx, 1 0x12af8: int 0x13 0x12afa: inc dh 0x12afc: mov ax, 0x311 0x12aff: int 0x13 0x12b01: nop 0x12b02: nop 0x12b03: nop 0x12b04: jmp 0x12b06 0x12b06: mov ah, 0x2a 0x12b08: int 0x21 0x12b0a: cmp dx, 0x503 0x12b0e: jne 0x12b1b 0x12b10: push ds 0x12b11: push cs 0x12b12: pop ds |
| 2018-12-25T12:04:01.411494887Z | 42 | PC: 12b0a | Get date 0x12b0a: cmp dx, 0x503 0x12b0e: jne 0x12b1b 0x12b10: push ds 0x12b11: push cs 0x12b12: pop ds 0x12b13: mov ah, 1 0x12b15: mov dx, 0x23f 0x12b18: int 0x21 0x12b1a: pop ds 0x12b1b: cmp byte ptr cs:[bp + 0x27b], 0 0x12b21: jne 0x12b42 0x12b23: lea si, word ptr [bp + 0x255] 0x12b27: mov di, 0x100 0x12b2a: mov cx, 3 0x12b2d: cld 0x12b2e: rep movsb byte ptr es:[di], byte ptr [si] 0x12b30: mov ax, 0x100 0x12b33: push ax 0x12b34: xor ax, ax 0x12b36: cdq |
{"DateBased":true,"Day":3,"Month":5,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8274,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:04:01.766611589Z | 255 | PC: 12a72 | UNKNOWN! |
| 2018-12-25T12:04:01.767877264Z | 53 | PC: 12a7e | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:04:01.768866005Z | 37 | PC: 12ad1 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:04:01.769783408Z | 42 | PC: 12ae9 | Get date 0x12ae9: cmp dx, 0x60c 0x12aed: jne 0x12b01 0x12aef: mov ax, 0x311 0x12af2: mov dx, 0x80 0x12af5: mov cx, 1 0x12af8: int 0x13 0x12afa: inc dh 0x12afc: mov ax, 0x311 0x12aff: int 0x13 0x12b01: nop 0x12b02: nop 0x12b03: nop 0x12b04: jmp 0x12b06 0x12b06: mov ah, 0x2a 0x12b08: int 0x21 0x12b0a: cmp dx, 0x503 0x12b0e: jne 0x12b1b 0x12b10: push ds 0x12b11: push cs 0x12b12: pop ds |
| 2018-12-25T12:04:01.771426564Z | 42 | PC: 12b0a | Get date 0x12b0a: cmp dx, 0x503 0x12b0e: jne 0x12b1b 0x12b10: push ds 0x12b11: push cs 0x12b12: pop ds 0x12b13: mov ah, 1 0x12b15: mov dx, 0x23f 0x12b18: int 0x21 0x12b1a: pop ds 0x12b1b: cmp byte ptr cs:[bp + 0x27b], 0 0x12b21: jne 0x12b42 0x12b23: lea si, word ptr [bp + 0x255] 0x12b27: mov di, 0x100 0x12b2a: mov cx, 3 0x12b2d: cld 0x12b2e: rep movsb byte ptr es:[di], byte ptr [si] 0x12b30: mov ax, 0x100 0x12b33: push ax 0x12b34: xor ax, ax 0x12b36: cdq |
| 2018-12-25T12:04:01.773340019Z | 1 | PC: 12b1a | Character input |