{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9907,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:24:07.335499107Z | 53 | PC: 12a5e | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:24:07.338358376Z | 74 | PC: 12aa1 | Reallocate memory |
| 2018-12-25T12:24:07.339881485Z | 74 | PC: 12aa9 | Reallocate memory |
| 2018-12-25T12:24:07.341115685Z | 72 | PC: 12ab0 | Allocate memory |
| 2018-12-25T12:24:07.34603829Z | 42 | PC: 12ae2 | Get date 0x12ae2: cmp dx, 0x307 0x12ae6: jne 0x12af4 0x12ae8: lea dx, word ptr [bp + 0x120] 0x12aec: mov ah, 9 0x12aee: push cs 0x12aef: pop ds 0x12af0: int 0x21 0x12af2: jmp 0x12af2 0x12af4: mov ax, 0x4b00 0x12af7: int 0x21 0x12af9: pop es 0x12afa: pop cx 0x12afb: pop bx 0x12afc: cmp byte ptr [bp + 0x5ac], 0 0x12b01: jne 0x12b06 0x12b03: jmp 0x12a67 0x12b06: mov ax, es 0x12b08: mov ds, ax 0x12b0a: add ax, 0x10 0x12b0d: add word ptr cs:[bp + 0xed], ax |
| 2018-12-25T12:24:07.349451779Z | 44 | PC: 9f963 | Get time 0x9f963: cmp dl, 0 0x9f966: je 0x9f95f 0x9f968: mov byte ptr cs:[0x8de], dl 0x9f96d: pop dx 0x9f96e: call 0x9fb4b 0x9f971: call 0x9fae2 0x9f974: jae 0x9f979 0x9f976: jmp 0x9face 0x9f979: mov ax, 0x4300 0x9f97c: int 0x21 0x9f97e: mov word ptr cs:[0x588], cx 0x9f983: jae 0x9f988 0x9f985: jmp 0x9face 0x9f988: mov ax, 0x4301 0x9f98b: xor cx, cx 0x9f98d: int 0x21 0x9f98f: jae 0x9f994 0x9f991: jmp 0x9face 0x9f994: mov ax, 0x3d02 0x9f997: int 0x21 |
| 2018-12-25T12:24:07.351737924Z | 53 | PC: 9fb56 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:24:07.353539672Z | 37 | PC: 9fb6d | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:24:07.355329535Z | 37 | PC: 9fb7e | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:24:07.356773281Z | 67 | PC: 9f97e | Get or set file attributes |
| 2018-12-25T12:24:07.363589112Z | 37 | PC: 9fb9a | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:24:07.373674598Z | 37 | PC: 9fba4 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:24:07.37527241Z | 75 | PC: 12af9 | Execute program |
{"DateBased":true,"Day":7,"Month":3,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9907,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:24:07.427283716Z | 53 | PC: 12a5e | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:24:07.429007052Z | 74 | PC: 12aa1 | Reallocate memory |
| 2018-12-25T12:24:07.430616565Z | 74 | PC: 12aa9 | Reallocate memory |
| 2018-12-25T12:24:07.431926248Z | 72 | PC: 12ab0 | Allocate memory |
| 2018-12-25T12:24:07.433464385Z | 42 | PC: 12ae2 | Get date 0x12ae2: cmp dx, 0x307 0x12ae6: jne 0x12af4 0x12ae8: lea dx, word ptr [bp + 0x120] 0x12aec: mov ah, 9 0x12aee: push cs 0x12aef: pop ds 0x12af0: int 0x21 0x12af2: jmp 0x12af2 0x12af4: mov ax, 0x4b00 0x12af7: int 0x21 0x12af9: pop es 0x12afa: pop cx 0x12afb: pop bx 0x12afc: cmp byte ptr [bp + 0x5ac], 0 0x12b01: jne 0x12b06 0x12b03: jmp 0x12a67 0x12b06: mov ax, es 0x12b08: mov ds, ax 0x12b0a: add ax, 0x10 0x12b0d: add word ptr cs:[bp + 0xed], ax |
| 2018-12-25T12:24:07.43610482Z | 9 | PC: 12af2 | Display string (Could not find end pointer) |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9907,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T13:07:12.324410882Z | 53 | PC: 12a5e | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T13:07:12.325938703Z | 74 | PC: 12aa1 | Reallocate memory |
| 2018-12-25T13:07:12.327199352Z | 74 | PC: 12aa9 | Reallocate memory |
| 2018-12-25T13:07:12.328211071Z | 72 | PC: 12ab0 | Allocate memory |
| 2018-12-25T13:07:12.330244745Z | 42 | PC: 12ae2 | Get date 0x12ae2: cmp dx, 0x307 0x12ae6: jne 0x12af4 0x12ae8: lea dx, word ptr [bp + 0x120] 0x12aec: mov ah, 9 0x12aee: push cs 0x12aef: pop ds 0x12af0: int 0x21 0x12af2: jmp 0x12af2 0x12af4: mov ax, 0x4b00 0x12af7: int 0x21 0x12af9: pop es 0x12afa: pop cx 0x12afb: pop bx 0x12afc: cmp byte ptr [bp + 0x5ac], 0 0x12b01: jne 0x12b06 0x12b03: jmp 0x12a67 0x12b06: mov ax, es 0x12b08: mov ds, ax 0x12b0a: add ax, 0x10 0x12b0d: add word ptr cs:[bp + 0xed], ax |
| 2018-12-25T13:07:12.332325043Z | 44 | PC: 9f963 | Get time 0x9f963: cmp dl, 0 0x9f966: je 0x9f95f 0x9f968: mov byte ptr cs:[0x8de], dl 0x9f96d: pop dx 0x9f96e: call 0x9fb4b 0x9f971: call 0x9fae2 0x9f974: jae 0x9f979 0x9f976: jmp 0x9face 0x9f979: mov ax, 0x4300 0x9f97c: int 0x21 0x9f97e: mov word ptr cs:[0x588], cx 0x9f983: jae 0x9f988 0x9f985: jmp 0x9face 0x9f988: mov ax, 0x4301 0x9f98b: xor cx, cx 0x9f98d: int 0x21 0x9f98f: jae 0x9f994 0x9f991: jmp 0x9face 0x9f994: mov ax, 0x3d02 0x9f997: int 0x21 |
| 2018-12-25T13:07:12.334305068Z | 53 | PC: 9fb56 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T13:07:12.335943067Z | 37 | PC: 9fb6d | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T13:07:12.336924095Z | 37 | PC: 9fb7e | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T13:07:12.338051418Z | 67 | PC: 9f97e | Get or set file attributes |
| 2018-12-25T13:07:12.344203353Z | 37 | PC: 9fb9a | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T13:07:12.345716981Z | 37 | PC: 9fba4 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T13:07:12.346963658Z | 75 | PC: 12af9 | Execute program |
{"DateBased":true,"Day":7,"Month":3,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9907,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:24:08.00210717Z | 64 | PC: 0 | Write file or device (Write 2 bytes on handle 1) |
| 2018-12-25T12:24:08.01091989Z | 41 | PC: 94fae | Parse filename |
| 2018-12-25T12:24:08.016389268Z | 41 | PC: 9502f | Parse filename |
| 2018-12-25T12:24:08.018269116Z | 41 | PC: 9504c | Parse filename |
| 2018-12-25T12:24:08.020350483Z | 26 | PC: 984f7 | Set disk transfer address |
| 2018-12-25T12:24:08.022811004Z | 71 | PC: 986f3 | Get current directory |
| 2018-12-25T12:24:08.025770286Z | 78 | PC: 986fe | Find first file |
| 2018-12-25T12:24:08.035253327Z | 71 | PC: 986f3 | Get current directory (See above) |
| 2018-12-25T12:24:08.037957592Z | 78 | PC: 986fe | Find first file (See above) |
| 2018-12-25T12:24:08.048597325Z | 64 | PC: 9a848 | Write file or device (Write 26 bytes on handle 2) |
| 2018-12-25T12:24:08.053413238Z | 37 | PC: 123c4 | Set interrupt vector (Interrupt = '34' AKA 'Random write') |
| 2018-12-25T12:24:08.054956574Z | 37 | PC: 123cb | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-25T12:24:08.055962088Z | 37 | PC: 123d2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:24:08.057306267Z | 62 | PC: 122ab | Close file |
| 2018-12-25T12:24:08.059273445Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:24:08.061005056Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:24:08.062374853Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:24:08.064237245Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:24:08.065548115Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:24:08.066808876Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:24:08.068553372Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:24:08.070231823Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:24:08.071877186Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:24:08.074272968Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:24:08.076541721Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:24:08.07807005Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:24:08.079539949Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:24:08.081664049Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:24:08.083670873Z | 99 | PC: 9a5d7 | Get DBCS lead byte table pointer |
| 2018-12-25T12:24:08.085121451Z | 56 | PC: 94df9 | Get or set country info |
| 2018-12-25T12:24:08.100407817Z | 64 | PC: 9a848 | Write file or device (See above) |
| 2018-12-25T12:24:08.105687834Z | 25 | PC: 94e62 | Get default drive |
| 2018-12-25T12:24:08.107371045Z | 71 | PC: 970dd | Get current directory |
| 2018-12-25T12:24:08.11190989Z | 64 | PC: 9a848 | Write file or device (See above) |
| 2018-12-25T12:24:08.114858279Z | 2 | PC: 970b2 | Character output (Char = '3e') |
| 2018-12-25T12:24:08.116769914Z | 93 | PC: 94f20 | File sharing functions |
| 2018-12-25T12:24:08.118929767Z | 93 | PC: 94f27 | File sharing functions |
| 2018-12-25T12:24:08.120510057Z | 10 | PC: 94f39 | Buffered keyboard input |
| 2018-12-25T12:24:23.049481219Z | 0 | PC: 0 | Program terminate (See above) |
| 2018-12-25T12:24:24.406751748Z | 0 | PC: 0 | Program terminate (See above) |
| 2018-12-25T12:24:24.509428126Z | 64 | PC: 9a848 | Write file or device (See above) |
| 2018-12-25T12:24:24.516837133Z | 41 | PC: 94fae | Parse filename (See above) |
| 2018-12-25T12:24:24.519104536Z | 41 | PC: 9502f | Parse filename (See above) |
| 2018-12-25T12:24:24.534101803Z | 41 | PC: 9504c | Parse filename (See above) |
| 2018-12-25T12:24:24.537457029Z | 26 | PC: 984f7 | Set disk transfer address (See above) |
| 2018-12-25T12:24:24.539483759Z | 71 | PC: 986f3 | Get current directory (See above) |
| 2018-12-25T12:24:24.559857558Z | 78 | PC: 986fe | Find first file (See above) |
| 2018-12-25T12:24:24.570801148Z | 71 | PC: 9856c | Get current directory |
| 2018-12-25T12:24:24.574171569Z | 73 | PC: 97c09 | Release memory |
| 2018-12-25T12:24:24.575627908Z | 75 | PC: 11821 | Execute program |
| 2018-12-25T12:24:24.591117114Z | 9 | PC: 12a47 | Display string (String= 'Hello, World! ') |
| 2018-12-25T12:24:24.596354397Z | 76 | PC: 12a4b | Terminate with return code (Return code = '36') |