{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8416,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:04:33.568240024Z | 42 | PC: 12a6f | Get date 0x12a6f: cmp dx, 0x401 0x12a73: jne 0x12a86 0x12a75: mov ax, 0x515 0x12a78: mov ch, 0 0x12a7a: mov dx, 0 0x12a7d: mov es, dx 0x12a7f: mov bx, 0 0x12a82: int 0x13 0x12a84: int 0x20 0x12a86: jmp 0x12b2d 0x12a89: dec ax 0x12a8a: imul sp, word ptr [bx + di], 0x4920 0x12a8e: daa 0x12a8f: insw word ptr es:[di], dx 0x12a90: and byte ptr [bp + di + 0x61], al 0x12a93: jae 0x12b05 0x12a95: jb 0x12ab8 0x12a98: push sp 0x12a99: push 0x2065 0x12a9c: push si |
| 2018-12-25T12:04:33.571180433Z | 48 | PC: 12b4e | Get DOS version |
| 2018-12-25T12:04:33.572514506Z | 47 | PC: 12b5a | Get disk transfer address |
| 2018-12-25T12:04:33.573599974Z | 26 | PC: 12b6b | Set disk transfer address |
| 2018-12-25T12:04:33.575288637Z | 78 | PC: 12bec | Find first file |
| 2018-12-25T12:04:33.581464734Z | 67 | PC: 12c2a | Get or set file attributes |
| 2018-12-25T12:04:33.586820422Z | 67 | PC: 12c3b | Get or set file attributes |
| 2018-12-25T12:04:33.601783278Z | 61 | PC: 12c46 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:04:33.60756075Z | 87 | PC: 12c52 | Get or set file date and time |
| 2018-12-25T12:04:33.608833707Z | 63 | PC: 12c65 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:04:33.614471644Z | 66 | PC: 12c77 | Move file pointer |
| 2018-12-25T12:04:33.616022181Z | 44 | PC: 12c97 | Get time 0x12c97: xor dx, cx 0x12c99: mov word ptr [bp - 0x10], dx 0x12c9c: call 0x12d95 0x12c9f: mov ax, word ptr [bp - 0x10] 0x12ca2: and ax, 0xff 0x12ca5: add ax, 0x489 0x12ca8: mov word ptr [bp - 0x18], ax 0x12cab: mov word ptr [si + 7], ax 0x12caf: pop cx 0x12cb0: add cx, 0x127 0x12cb4: mov word ptr [si + 1], cx 0x12cb8: call 0x12d95 0x12cbb: mov ax, word ptr [bp - 0x10] 0x12cbe: mov word ptr [bp - 0x16], ax 0x12cc1: mov word ptr [si + 4], ax 0x12cc5: mov di, si 0x12cc7: sub di, 0x3a1 0x12ccb: mov bx, si 0x12ccd: add bx, 0x27 0x12cd1: mov word ptr [bp - 0x1a], 7 |
| 2018-12-25T12:04:33.619151864Z | 64 | PC: 1300f | Write file or device (Write 1200 bytes on handle 5) |
| 2018-12-25T12:04:33.626115142Z | 66 | PC: 12d47 | Move file pointer |
| 2018-12-25T12:04:33.627437248Z | 64 | PC: 12d56 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:04:33.632515628Z | 87 | PC: 12d67 | Get or set file date and time |
| 2018-12-25T12:04:33.633751183Z | 62 | PC: 12d6b | Close file |
| 2018-12-25T12:04:33.640343239Z | 67 | PC: 12d79 | Get or set file attributes |
| 2018-12-25T12:04:33.647661279Z | 26 | PC: 12d84 | Set disk transfer address |
| 2018-12-25T12:04:33.648529812Z | 0 | PC: 12a44 | Program terminate |
{"DateBased":true,"Day":1,"Month":4,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8416,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:04:35.197052497Z | 42 | PC: 12a6f | Get date 0x12a6f: cmp dx, 0x401 0x12a73: jne 0x12a86 0x12a75: mov ax, 0x515 0x12a78: mov ch, 0 0x12a7a: mov dx, 0 0x12a7d: mov es, dx 0x12a7f: mov bx, 0 0x12a82: int 0x13 0x12a84: int 0x20 0x12a86: jmp 0x12b2d 0x12a89: dec ax 0x12a8a: imul sp, word ptr [bx + di], 0x4920 0x12a8e: daa 0x12a8f: insw word ptr es:[di], dx 0x12a90: and byte ptr [bp + di + 0x61], al 0x12a93: jae 0x12b05 0x12a95: jb 0x12ab8 0x12a98: push sp 0x12a99: push 0x2065 0x12a9c: push si |