{"DateBased":true,"Day":22,"Month":12,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8365,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:04:29.927518911Z | 48 | PC: 12a4e | Get DOS version |
| 2018-12-25T12:04:29.929479692Z | 42 | PC: 12a5b | Get date 0x12a5b: cmp dx, 0xc16 0x12a5f: je 0x12a64 0x12a61: jmp 0x12a89 0x12a64: push cs 0x12a65: pop ds 0x12a66: push si 0x12a67: mov bl, 0xcf 0x12a69: mov dx, 0x254 0x12a6c: add si, dx 0x12a6e: call 0x12c58 0x12a71: mov ah, 0 0x12a73: int 0x16 0x12a75: pop si 0x12a76: push si 0x12a77: mov bl, 0x1e 0x12a79: mov dx, 0x342 0x12a7c: add si, dx 0x12a7e: call 0x12c58 0x12a81: mov ah, 0 0x12a83: int 0x16 |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8365,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:04:30.462937001Z | 48 | PC: 12a4e | Get DOS version |
| 2018-12-25T12:04:30.464589841Z | 42 | PC: 12a5b | Get date 0x12a5b: cmp dx, 0xc16 0x12a5f: je 0x12a64 0x12a61: jmp 0x12a89 0x12a64: push cs 0x12a65: pop ds 0x12a66: push si 0x12a67: mov bl, 0xcf 0x12a69: mov dx, 0x254 0x12a6c: add si, dx 0x12a6e: call 0x12c58 0x12a71: mov ah, 0 0x12a73: int 0x16 0x12a75: pop si 0x12a76: push si 0x12a77: mov bl, 0x1e 0x12a79: mov dx, 0x342 0x12a7c: add si, dx 0x12a7e: call 0x12c58 0x12a81: mov ah, 0 0x12a83: int 0x16 |
| 2018-12-25T12:04:30.467019789Z | 82 | PC: 12a8d | Get DOS internal pointers (SYSVARS) |