{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9187,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:22:40.713283908Z | 240 | PC: 13a01 | UNKNOWN! |
| 2018-12-25T12:22:40.716206788Z | 42 | PC: 14086 | Get date 0x14086: inc al 0x14088: shl al, 1 0x1408a: cmp dl, al 0x1408c: jne 0x140c1 0x1408e: mov ah, 0x13 0x14090: int 0x2f 0x14092: push ds 0x14093: push dx 0x14094: mov ah, 0x13 0x14096: int 0x2f 0x14098: pop dx 0x14099: pop ds 0x1409a: mov ax, 0x2513 0x1409d: int 0x21 0x1409f: mov cx, 1 0x140a2: mov dx, 0x580 0x140a5: mov ax, 0x308 0x140a8: int 0x13 0x140aa: jb 0x140b9 0x140ac: dec dh |
{"DateBased":true,"Day":10,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9187,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:22:40.725108146Z | 240 | PC: 13a01 | UNKNOWN! |
| 2018-12-25T12:22:40.726713203Z | 42 | PC: 14086 | Get date 0x14086: inc al 0x14088: shl al, 1 0x1408a: cmp dl, al 0x1408c: jne 0x140c1 0x1408e: mov ah, 0x13 0x14090: int 0x2f 0x14092: push ds 0x14093: push dx 0x14094: mov ah, 0x13 0x14096: int 0x2f 0x14098: pop dx 0x14099: pop ds 0x1409a: mov ax, 0x2513 0x1409d: int 0x21 0x1409f: mov cx, 1 0x140a2: mov dx, 0x580 0x140a5: mov ax, 0x308 0x140a8: int 0x13 0x140aa: jb 0x140b9 0x140ac: dec dh |
| 2018-12-25T12:22:40.728368773Z | 37 | PC: 1409f | Set interrupt vector (Interrupt = '19' AKA 'Delete file') |