{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8506,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:04:55.770091978Z | 160 | PC: 12a4f | UNKNOWN! |
| 2018-12-25T12:04:55.772233346Z | 53 | PC: 12a5b | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:04:55.773370622Z | 37 | PC: 12ab0 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:04:55.774766879Z | 42 | PC: 12ab5 | Get date 0x12ab5: cmp al, 1 0x12ab7: je 0x12add 0x12ab9: cmp sp, 0xabcd 0x12abd: jne 0x12aee 0x12abf: push es 0x12ac0: pop ds 0x12ac1: mov ax, es 0x12ac3: add ax, 0x10 0x12ac6: add word ptr cs:[bp + 0x9b], ax 0x12acb: add ax, word ptr cs:[bp + 0x2a0] 0x12ad0: cli 0x12ad1: mov ss, ax 0x12ad3: mov sp, word ptr [bp + 0x29e] 0x12ad7: sti 0x12ad8: ljmp 0:0x20cd 0x12add: in al, 0x40 0x12adf: xchg ah, al 0x12ae1: in al, 0x40 0x12ae3: xchg ax, dx 0x12ae4: mov cx, 1 |
{"DateBased":true,"Day":7,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8506,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:04:56.534396425Z | 160 | PC: 12a4f | UNKNOWN! |
| 2018-12-25T12:04:56.535532818Z | 53 | PC: 12a5b | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:04:56.536673499Z | 37 | PC: 12ab0 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:04:56.537666175Z | 42 | PC: 12ab5 | Get date 0x12ab5: cmp al, 1 0x12ab7: je 0x12add 0x12ab9: cmp sp, 0xabcd 0x12abd: jne 0x12aee 0x12abf: push es 0x12ac0: pop ds 0x12ac1: mov ax, es 0x12ac3: add ax, 0x10 0x12ac6: add word ptr cs:[bp + 0x9b], ax 0x12acb: add ax, word ptr cs:[bp + 0x2a0] 0x12ad0: cli 0x12ad1: mov ss, ax 0x12ad3: mov sp, word ptr [bp + 0x29e] 0x12ad7: sti 0x12ad8: ljmp 0:0x20cd 0x12add: in al, 0x40 0x12adf: xchg ah, al 0x12ae1: in al, 0x40 0x12ae3: xchg ax, dx 0x12ae4: mov cx, 1 |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8506,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:04:58.169876665Z | 160 | PC: 12a4f | UNKNOWN! |
| 2018-12-25T12:04:58.170982673Z | 53 | PC: 12a5b | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:04:58.172101215Z | 37 | PC: 12ab0 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:04:58.173165845Z | 42 | PC: 12ab5 | Get date 0x12ab5: cmp al, 1 0x12ab7: je 0x12add 0x12ab9: cmp sp, 0xabcd 0x12abd: jne 0x12aee 0x12abf: push es 0x12ac0: pop ds 0x12ac1: mov ax, es 0x12ac3: add ax, 0x10 0x12ac6: add word ptr cs:[bp + 0x9b], ax 0x12acb: add ax, word ptr cs:[bp + 0x2a0] 0x12ad0: cli 0x12ad1: mov ss, ax 0x12ad3: mov sp, word ptr [bp + 0x29e] 0x12ad7: sti 0x12ad8: ljmp 0:0x20cd 0x12add: in al, 0x40 0x12adf: xchg ah, al 0x12ae1: in al, 0x40 0x12ae3: xchg ax, dx 0x12ae4: mov cx, 1 |
{"DateBased":true,"Day":7,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8506,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:05:00.077771648Z | 160 | PC: 12a4f | UNKNOWN! |
| 2018-12-25T12:05:00.078863345Z | 53 | PC: 12a5b | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:05:00.079879714Z | 37 | PC: 12ab0 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:05:00.080953124Z | 42 | PC: 12ab5 | Get date 0x12ab5: cmp al, 1 0x12ab7: je 0x12add 0x12ab9: cmp sp, 0xabcd 0x12abd: jne 0x12aee 0x12abf: push es 0x12ac0: pop ds 0x12ac1: mov ax, es 0x12ac3: add ax, 0x10 0x12ac6: add word ptr cs:[bp + 0x9b], ax 0x12acb: add ax, word ptr cs:[bp + 0x2a0] 0x12ad0: cli 0x12ad1: mov ss, ax 0x12ad3: mov sp, word ptr [bp + 0x29e] 0x12ad7: sti 0x12ad8: ljmp 0:0x20cd 0x12add: in al, 0x40 0x12adf: xchg ah, al 0x12ae1: in al, 0x40 0x12ae3: xchg ax, dx 0x12ae4: mov cx, 1 |