{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8647,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:21:38.952742073Z | 42 | PC: 12c31 | Get date 0x12c31: cmp dx, 0xb1a 0x12c35: jne 0x12c5d 0x12c37: push cs 0x12c38: pop ds 0x12c39: call 0x12c56 0x12c3c: dec sp 0x12c3d: dec di 0x12c3e: push dx 0x12c3f: cli 0x12c40: sub byte ptr [bp + di + 0x29], al 0x12c43: cli 0x12c44: daa 0x12c45: cmp word ptr [bp + di], si 0x12c47: cli 0x12c48: bound di, dword ptr [bx + di - 6] 0x12c4b: inc di 0x12c4c: push dx 0x12c4d: dec di 0x12c4e: inc di 0x12c4f: cli |
| 2018-12-25T12:21:38.955827304Z | 75 | PC: 12c64 | Execute program |
| 2018-12-25T12:21:38.958768496Z | 76 | PC: 12c17 | Terminate with return code (Return code = '28') |
{"DateBased":true,"Day":26,"Month":11,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8647,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:21:39.074514429Z | 42 | PC: 12c31 | Get date 0x12c31: cmp dx, 0xb1a 0x12c35: jne 0x12c5d 0x12c37: push cs 0x12c38: pop ds 0x12c39: call 0x12c56 0x12c3c: dec sp 0x12c3d: dec di 0x12c3e: push dx 0x12c3f: cli 0x12c40: sub byte ptr [bp + di + 0x29], al 0x12c43: cli 0x12c44: daa 0x12c45: cmp word ptr [bp + di], si 0x12c47: cli 0x12c48: bound di, dword ptr [bx + di - 6] 0x12c4b: inc di 0x12c4c: push dx 0x12c4d: dec di 0x12c4e: inc di 0x12c4f: cli |
| 2018-12-25T12:21:39.077264705Z | 9 | PC: 12c5b | Display string (Could not find end pointer) |