{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12086,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:31:57.796112653Z | 47 | PC: 12ba8 | Get disk transfer address |
| 2018-12-25T12:31:57.797576855Z | 26 | PC: 12bb8 | Set disk transfer address |
| 2018-12-25T12:31:57.806337582Z | 37 | PC: 12bc1 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:31:57.807799235Z | 78 | PC: 12c2e | Find first file |
| 2018-12-25T12:31:57.813875562Z | 67 | PC: 12c63 | Get or set file attributes |
| 2018-12-25T12:31:57.833991236Z | 61 | PC: 12c6c | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:31:57.840671264Z | 63 | PC: 12c7b | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:31:57.847080692Z | 66 | PC: 12c8b | Move file pointer |
| 2018-12-25T12:31:57.849437161Z | 64 | PC: 12c9f | Write file or device (Write 474 bytes on handle 5) |
| 2018-12-25T12:31:57.858339997Z | 66 | PC: 12caf | Move file pointer |
| 2018-12-25T12:31:57.859955025Z | 64 | PC: 12cbc | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:31:57.864525113Z | 87 | PC: 12ccf | Get or set file date and time |
| 2018-12-25T12:31:57.865666983Z | 62 | PC: 12cd3 | Close file |
| 2018-12-25T12:31:57.870723689Z | 67 | PC: 12ce2 | Get or set file attributes |
| 2018-12-25T12:31:57.87873898Z | 26 | PC: 12ceb | Set disk transfer address |
| 2018-12-25T12:31:57.880254229Z | 37 | PC: 12cf5 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:31:57.882760474Z | 13 | PC: 12cfa | Disk reset |
| 2018-12-25T12:31:57.885169191Z | 42 | PC: 12cfe | Get date 0x12cfe: cmp dx, 0x505 0x12d02: je 0x12d10 0x12d04: cmp dx, 0x910 0x12d08: je 0x12d10 0x12d0a: cmp dx, 0xb14 0x12d0e: jne 0x12d18 0x12d10: lea dx, word ptr [bp + 0x2fb] 0x12d14: mov ah, 9 0x12d16: int 0x21 0x12d18: pop ax 0x12d19: xor bx, bx 0x12d1b: xor cx, cx 0x12d1d: xor dx, dx 0x12d1f: xor si, si 0x12d21: xor di, di 0x12d23: mov bp, 0x100 0x12d26: push bp 0x12d27: xor bp, bp 0x12d29: ret 0x12d2a: add sp, 6 |
| 2018-12-25T12:31:57.888390334Z | 9 | PC: 12a82 | Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ') |
| 2018-12-25T12:31:57.89378497Z | 76 | PC: 12a86 | Terminate with return code (Return code = '36') |
{"DateBased":true,"Day":5,"Month":5,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12086,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:31:58.093656857Z | 47 | PC: 12ba8 | Get disk transfer address |
| 2018-12-25T12:31:58.095393613Z | 26 | PC: 12bb8 | Set disk transfer address |
| 2018-12-25T12:31:58.097173735Z | 37 | PC: 12bc1 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:31:58.098650377Z | 78 | PC: 12c2e | Find first file |
| 2018-12-25T12:31:58.10497504Z | 67 | PC: 12c63 | Get or set file attributes |
| 2018-12-25T12:31:58.122173967Z | 61 | PC: 12c6c | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:31:58.129358022Z | 63 | PC: 12c7b | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:31:58.135880523Z | 66 | PC: 12c8b | Move file pointer |
| 2018-12-25T12:31:58.138496287Z | 64 | PC: 12c9f | Write file or device (Write 474 bytes on handle 5) |
| 2018-12-25T12:31:58.14625049Z | 66 | PC: 12caf | Move file pointer |
| 2018-12-25T12:31:58.147481516Z | 64 | PC: 12cbc | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:31:58.169858002Z | 87 | PC: 12ccf | Get or set file date and time |
| 2018-12-25T12:31:58.171468085Z | 62 | PC: 12cd3 | Close file |
| 2018-12-25T12:31:58.179086309Z | 67 | PC: 12ce2 | Get or set file attributes |
| 2018-12-25T12:31:58.193782376Z | 26 | PC: 12ceb | Set disk transfer address |
| 2018-12-25T12:31:58.195018278Z | 37 | PC: 12cf5 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:31:58.196016946Z | 13 | PC: 12cfa | Disk reset |
| 2018-12-25T12:31:58.198078771Z | 42 | PC: 12cfe | Get date 0x12cfe: cmp dx, 0x505 0x12d02: je 0x12d10 0x12d04: cmp dx, 0x910 0x12d08: je 0x12d10 0x12d0a: cmp dx, 0xb14 0x12d0e: jne 0x12d18 0x12d10: lea dx, word ptr [bp + 0x2fb] 0x12d14: mov ah, 9 0x12d16: int 0x21 0x12d18: pop ax 0x12d19: xor bx, bx 0x12d1b: xor cx, cx 0x12d1d: xor dx, dx 0x12d1f: xor si, si 0x12d21: xor di, di 0x12d23: mov bp, 0x100 0x12d26: push bp 0x12d27: xor bp, bp 0x12d29: ret 0x12d2a: add sp, 6 |
| 2018-12-25T12:31:58.2011273Z | 9 | PC: 12d18 | Display string (String= ' �Viva M�xico! ') |
| 2018-12-25T12:31:58.208508711Z | 9 | PC: 12a82 | Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ') |
| 2018-12-25T12:31:58.215499358Z | 76 | PC: 12a86 | Terminate with return code (Return code = '36') |
{"DateBased":true,"Day":16,"Month":9,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12086,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:31:58.361227136Z | 47 | PC: 12ba8 | Get disk transfer address |
| 2018-12-25T12:31:58.363347948Z | 26 | PC: 12bb8 | Set disk transfer address |
| 2018-12-25T12:31:58.364637567Z | 37 | PC: 12bc1 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:31:58.36604546Z | 78 | PC: 12c2e | Find first file |
| 2018-12-25T12:31:58.37345906Z | 67 | PC: 12c63 | Get or set file attributes |
| 2018-12-25T12:31:58.39263766Z | 61 | PC: 12c6c | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:31:58.408660074Z | 63 | PC: 12c7b | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:31:58.415971672Z | 66 | PC: 12c8b | Move file pointer |
| 2018-12-25T12:31:58.417883049Z | 64 | PC: 12c9f | Write file or device (Write 474 bytes on handle 5) |
| 2018-12-25T12:31:58.426179552Z | 66 | PC: 12caf | Move file pointer |
| 2018-12-25T12:31:58.437498325Z | 64 | PC: 12cbc | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:31:58.444440908Z | 87 | PC: 12ccf | Get or set file date and time |
| 2018-12-25T12:31:58.446247823Z | 62 | PC: 12cd3 | Close file |
| 2018-12-25T12:31:58.45438879Z | 67 | PC: 12ce2 | Get or set file attributes |
| 2018-12-25T12:31:58.464992499Z | 26 | PC: 12ceb | Set disk transfer address |
| 2018-12-25T12:31:58.466858635Z | 37 | PC: 12cf5 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:31:58.46830899Z | 13 | PC: 12cfa | Disk reset |
| 2018-12-25T12:31:58.470984626Z | 42 | PC: 12cfe | Get date 0x12cfe: cmp dx, 0x505 0x12d02: je 0x12d10 0x12d04: cmp dx, 0x910 0x12d08: je 0x12d10 0x12d0a: cmp dx, 0xb14 0x12d0e: jne 0x12d18 0x12d10: lea dx, word ptr [bp + 0x2fb] 0x12d14: mov ah, 9 0x12d16: int 0x21 0x12d18: pop ax 0x12d19: xor bx, bx 0x12d1b: xor cx, cx 0x12d1d: xor dx, dx 0x12d1f: xor si, si 0x12d21: xor di, di 0x12d23: mov bp, 0x100 0x12d26: push bp 0x12d27: xor bp, bp 0x12d29: ret 0x12d2a: add sp, 6 |
| 2018-12-25T12:31:58.473059065Z | 9 | PC: 12d18 | Display string (String= ' �Viva M�xico! ') |
| 2018-12-25T12:31:58.480305361Z | 9 | PC: 12a82 | Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ') |
| 2018-12-25T12:31:58.486851586Z | 76 | PC: 12a86 | Terminate with return code (Return code = '36') |
{"DateBased":true,"Day":20,"Month":11,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12086,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:31:59.310911472Z | 47 | PC: 12ba8 | Get disk transfer address |
| 2018-12-25T12:31:59.313043786Z | 26 | PC: 12bb8 | Set disk transfer address |
| 2018-12-25T12:31:59.313936086Z | 37 | PC: 12bc1 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:31:59.314876847Z | 78 | PC: 12c2e | Find first file |
| 2018-12-25T12:31:59.319184856Z | 67 | PC: 12c63 | Get or set file attributes |
| 2018-12-25T12:31:59.33354231Z | 61 | PC: 12c6c | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:31:59.337712642Z | 63 | PC: 12c7b | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:31:59.342079409Z | 66 | PC: 12c8b | Move file pointer |
| 2018-12-25T12:31:59.343364116Z | 64 | PC: 12c9f | Write file or device (Write 474 bytes on handle 5) |
| 2018-12-25T12:31:59.348398151Z | 66 | PC: 12caf | Move file pointer |
| 2018-12-25T12:31:59.349612042Z | 64 | PC: 12cbc | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:31:59.354905713Z | 87 | PC: 12ccf | Get or set file date and time |
| 2018-12-25T12:31:59.35602202Z | 62 | PC: 12cd3 | Close file |
| 2018-12-25T12:31:59.360876751Z | 67 | PC: 12ce2 | Get or set file attributes |
| 2018-12-25T12:31:59.367504373Z | 26 | PC: 12ceb | Set disk transfer address |
| 2018-12-25T12:31:59.368401608Z | 37 | PC: 12cf5 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:31:59.369274807Z | 13 | PC: 12cfa | Disk reset |
| 2018-12-25T12:31:59.370992508Z | 42 | PC: 12cfe | Get date 0x12cfe: cmp dx, 0x505 0x12d02: je 0x12d10 0x12d04: cmp dx, 0x910 0x12d08: je 0x12d10 0x12d0a: cmp dx, 0xb14 0x12d0e: jne 0x12d18 0x12d10: lea dx, word ptr [bp + 0x2fb] 0x12d14: mov ah, 9 0x12d16: int 0x21 0x12d18: pop ax 0x12d19: xor bx, bx 0x12d1b: xor cx, cx 0x12d1d: xor dx, dx 0x12d1f: xor si, si 0x12d21: xor di, di 0x12d23: mov bp, 0x100 0x12d26: push bp 0x12d27: xor bp, bp 0x12d29: ret 0x12d2a: add sp, 6 |
| 2018-12-25T12:31:59.372849518Z | 9 | PC: 12d18 | Display string (String= ' �Viva M�xico! ') |
| 2018-12-25T12:31:59.376983663Z | 9 | PC: 12a82 | Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ') |
| 2018-12-25T12:31:59.38098407Z | 76 | PC: 12a86 | Terminate with return code (Return code = '36') |