{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":10482,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:28:10.458538578Z | 240 | PC: 12a8f | UNKNOWN! |
| 2018-12-25T12:28:10.460985431Z | 44 | PC: 12c30 | Get time 0x12c30: cmp cl, 1 0x12c33: jne 0x12c42 0x12c35: push ds 0x12c36: push cs 0x12c37: pop ds 0x12c38: mov dx, 0xb5 0x12c3b: add dx, si 0x12c3d: mov ah, 9 0x12c3f: int 0x21 0x12c41: pop ds 0x12c42: ret 0x12c43: lcall ptr cs:[0x260] 0x12c48: pushf 0x12c49: cmp al, 0xff 0x12c4b: je 0x12c78 0x12c4d: push ax 0x12c4e: push si 0x12c4f: push ds 0x12c50: mov si, word ptr cs:[0x6ee] 0x12c55: mov ds, word ptr cs:[0x6f0] |
| 2018-12-25T12:28:10.46408276Z | 9 | PC: 12a47 | Display string (String= 'Infection: Next.1592 Virus ') |
| 2018-12-25T12:28:10.469015869Z | 76 | PC: 12a4c | Terminate with return code (Return code = '0') |
{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":1,"Second":0,"TimeBased":true,"OriginalID":10482,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:28:11.416441918Z | 240 | PC: 12a8f | UNKNOWN! |
| 2018-12-25T12:28:11.418819379Z | 44 | PC: 12c30 | Get time 0x12c30: cmp cl, 1 0x12c33: jne 0x12c42 0x12c35: push ds 0x12c36: push cs 0x12c37: pop ds 0x12c38: mov dx, 0xb5 0x12c3b: add dx, si 0x12c3d: mov ah, 9 0x12c3f: int 0x21 0x12c41: pop ds 0x12c42: ret 0x12c43: lcall ptr cs:[0x260] 0x12c48: pushf 0x12c49: cmp al, 0xff 0x12c4b: je 0x12c78 0x12c4d: push ax 0x12c4e: push si 0x12c4f: push ds 0x12c50: mov si, word ptr cs:[0x6ee] 0x12c55: mov ds, word ptr cs:[0x6f0] |
| 2018-12-25T12:28:11.421633538Z | 9 | PC: 12c41 | Display string (Could not find end pointer) |
| 2018-12-25T12:28:11.445662653Z | 9 | PC: 12a47 | Display string (String= 'Infection: Next.1592 Virus ') |
| 2018-12-25T12:28:11.450189277Z | 76 | PC: 12a4c | Terminate with return code (Return code = '0') |