{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":8313,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:04:15.298455618Z | 254 | PC: 1321e | UNKNOWN! |
| 2018-12-25T12:04:15.300428886Z | 53 | PC: 12b1b | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:04:15.301942186Z | 37 | PC: 12b2b | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:04:15.303430445Z | 74 | PC: 12b38 | Reallocate memory |
| 2018-12-25T12:04:15.306038679Z | 75 | PC: 12b69 | Execute program |
| 2018-12-25T12:04:15.32117439Z | 44 | PC: 12b6d | Get time 0x12b6d: cmp ch, 6 0x12b70: jae 0x12b8b 0x12b72: cmp ch, 0x12 0x12b75: jbe 0x12b8b 0x12b77: mov ax, 0x401 0x12b7a: mov cx, 1 0x12b7d: mov dx, 0x180 0x12b80: int 0x13 0x12b82: cmp ah, 1 0x12b85: je 0x12b8b 0x12b87: mov ah, 0xd7 0x12b89: int 0x21 0x12b8b: mov es, word ptr cs:[6] 0x12b90: mov ax, 0x4900 0x12b93: int 0x21 0x12b95: mov dx, 0x81 0x12b98: mov ax, 0x3100 0x12b9b: int 0x21 0x12b9d: xor ax, 0x6005 0x12ba0: add dx, word ptr [di + 1] |
| 2018-12-25T12:04:15.323633685Z | 73 | PC: 12b95 | Release memory |
| 2018-12-25T12:04:15.325445888Z | 49 | PC: 12b9d | Terminate and stay resident (Return code = '0' | Memory size = '129') |
{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":7,"Min":0,"Second":0,"TimeBased":true,"OriginalID":8313,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:04:16.013534933Z | 254 | PC: 1321e | UNKNOWN! |
| 2018-12-25T12:04:16.01469551Z | 53 | PC: 12b1b | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:04:16.015963622Z | 37 | PC: 12b2b | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:04:16.016847344Z | 74 | PC: 12b38 | Reallocate memory |
| 2018-12-25T12:04:16.018459693Z | 75 | PC: 12b69 | Execute program |
| 2018-12-25T12:04:16.028489092Z | 44 | PC: 12b6d | Get time 0x12b6d: cmp ch, 6 0x12b70: jae 0x12b8b 0x12b72: cmp ch, 0x12 0x12b75: jbe 0x12b8b 0x12b77: mov ax, 0x401 0x12b7a: mov cx, 1 0x12b7d: mov dx, 0x180 0x12b80: int 0x13 0x12b82: cmp ah, 1 0x12b85: je 0x12b8b 0x12b87: mov ah, 0xd7 0x12b89: int 0x21 0x12b8b: mov es, word ptr cs:[6] 0x12b90: mov ax, 0x4900 0x12b93: int 0x21 0x12b95: mov dx, 0x81 0x12b98: mov ax, 0x3100 0x12b9b: int 0x21 0x12b9d: xor ax, 0x6005 0x12ba0: add dx, word ptr [di + 1] |
| 2018-12-25T12:04:16.030111712Z | 73 | PC: 12b95 | Release memory |
| 2018-12-25T12:04:16.031337672Z | 49 | PC: 12b9d | Terminate and stay resident (Return code = '0' | Memory size = '129') |
{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":18,"Min":0,"Second":0,"TimeBased":true,"OriginalID":8313,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:04:18.076950977Z | 254 | PC: 1321e | UNKNOWN! |
| 2018-12-25T12:04:18.078299031Z | 53 | PC: 12b1b | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:04:18.079566386Z | 37 | PC: 12b2b | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:04:18.080785382Z | 74 | PC: 12b38 | Reallocate memory |
| 2018-12-25T12:04:18.082544741Z | 75 | PC: 12b69 | Execute program |
| 2018-12-25T12:04:18.092304245Z | 44 | PC: 12b6d | Get time 0x12b6d: cmp ch, 6 0x12b70: jae 0x12b8b 0x12b72: cmp ch, 0x12 0x12b75: jbe 0x12b8b 0x12b77: mov ax, 0x401 0x12b7a: mov cx, 1 0x12b7d: mov dx, 0x180 0x12b80: int 0x13 0x12b82: cmp ah, 1 0x12b85: je 0x12b8b 0x12b87: mov ah, 0xd7 0x12b89: int 0x21 0x12b8b: mov es, word ptr cs:[6] 0x12b90: mov ax, 0x4900 0x12b93: int 0x21 0x12b95: mov dx, 0x81 0x12b98: mov ax, 0x3100 0x12b9b: int 0x21 0x12b9d: xor ax, 0x6005 0x12ba0: add dx, word ptr [di + 1] |
| 2018-12-25T12:04:18.093828021Z | 73 | PC: 12b95 | Release memory |
| 2018-12-25T12:04:18.095252224Z | 49 | PC: 12b9d | Terminate and stay resident (Return code = '0' | Memory size = '129') |