{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":939,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:42:16.161393172Z | 250 | PC: 12b36 | UNKNOWN! |
| 2018-12-25T11:42:16.165201387Z | 42 | PC: 12b44 | Get date 0x12b44: cmp dl, 1 0x12b47: jne 0x12b4f 0x12b49: mov byte ptr cs:[bp + 0x256], 1 0x12b4f: mov ax, ds 0x12b51: dec ax 0x12b52: mov ds, ax 0x12b54: cmp byte ptr [0], 0x5a 0x12b59: jne 0x12b98 0x12b5b: sub word ptr [3], 0x180 0x12b61: sub word ptr [0x12], 0x180 0x12b67: mov es, word ptr [0x12] 0x12b6b: push cs 0x12b6c: pop ds 0x12b6d: mov si, bp 0x12b6f: mov cx, 0x4d9 0x12b72: xor di, di 0x12b74: rep movsd dword ptr es:[di], dword ptr [si] 0x12b76: xor ax, ax 0x12b78: mov ds, ax 0x12b7a: push ds |
| 2018-12-25T11:42:16.166881099Z | 76 | PC: 12a44 | Terminate with return code (Return code = '248') |
{"DateBased":true,"Day":2,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":939,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:42:17.702021709Z | 250 | PC: 12b36 | UNKNOWN! |
| 2018-12-25T11:42:17.703111897Z | 42 | PC: 12b44 | Get date 0x12b44: cmp dl, 1 0x12b47: jne 0x12b4f 0x12b49: mov byte ptr cs:[bp + 0x256], 1 0x12b4f: mov ax, ds 0x12b51: dec ax 0x12b52: mov ds, ax 0x12b54: cmp byte ptr [0], 0x5a 0x12b59: jne 0x12b98 0x12b5b: sub word ptr [3], 0x180 0x12b61: sub word ptr [0x12], 0x180 0x12b67: mov es, word ptr [0x12] 0x12b6b: push cs 0x12b6c: pop ds 0x12b6d: mov si, bp 0x12b6f: mov cx, 0x4d9 0x12b72: xor di, di 0x12b74: rep movsd dword ptr es:[di], dword ptr [si] 0x12b76: xor ax, ax 0x12b78: mov ds, ax 0x12b7a: push ds |
| 2018-12-25T11:42:17.705911248Z | 76 | PC: 12a44 | Terminate with return code (Return code = '248') |