{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1400,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:43:30.837512354Z | 53 | PC: 13f3a | Get interrupt vector (Interrupt = '1' AKA 'Character input') |
| 2018-12-25T11:43:30.83928145Z | 42 | PC: 13f72 | Get date 0x13f72: shl dh, 1 0x13f74: cmp dh, dl 0x13f76: jne 0x13fd6 0x13f78: inc si 0x13f79: cmp byte ptr [si], 0x14 0x13f7c: jb 0x13fd6 0x13f7e: mov dx, si 0x13f80: inc dx 0x13f81: mov ah, 9 0x13f83: int 0x21 0x13f85: mov ah, 0xcd 0x13f87: xor ah, 0xde 0x13f8a: int 0x2f 0x13f8c: push es 0x13f8d: push bx 0x13f8e: int 0x2f 0x13f90: pop bx 0x13f91: pop es 0x13f92: pop si 0x13f93: push si |
| 2018-12-25T11:43:30.84136892Z | 240 | PC: 13fdd | UNKNOWN! |
| 2018-12-25T11:43:30.842331201Z | 53 | PC: 13ab7 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T11:43:30.843957416Z | 53 | PC: 13ac7 | Get interrupt vector (Interrupt = '22' AKA 'Create or truncate file') |
| 2018-12-25T11:43:30.84499664Z | 53 | PC: 13ad7 | Get interrupt vector (Interrupt = '1' AKA 'Character input') |
| 2018-12-25T11:43:30.846186954Z | 37 | PC: 13ae6 | Set interrupt vector (Interrupt = '1' AKA 'Character input') |
| 2018-12-25T11:43:30.847878698Z | 37 | PC: 13a03 | Set interrupt vector (Interrupt = '1' AKA 'Character input') |
| 2018-12-25T11:43:30.84927757Z | 9 | PC: 12a82 | Display string (String= 'Goat file (EXE). Size=000011A0h/0000004512d bytes. ') |
| 2018-12-25T11:43:30.854954188Z | 76 | PC: 12a86 | Terminate with return code (Return code = '36') |
{"DateBased":true,"Day":2,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1400,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:43:30.910817775Z | 53 | PC: 13f3a | Get interrupt vector (Interrupt = '1' AKA 'Character input') |
| 2018-12-25T11:43:30.915434629Z | 42 | PC: 13f72 | Get date 0x13f72: shl dh, 1 0x13f74: cmp dh, dl 0x13f76: jne 0x13fd6 0x13f78: inc si 0x13f79: cmp byte ptr [si], 0x14 0x13f7c: jb 0x13fd6 0x13f7e: mov dx, si 0x13f80: inc dx 0x13f81: mov ah, 9 0x13f83: int 0x21 0x13f85: mov ah, 0xcd 0x13f87: xor ah, 0xde 0x13f8a: int 0x2f 0x13f8c: push es 0x13f8d: push bx 0x13f8e: int 0x2f 0x13f90: pop bx 0x13f91: pop es 0x13f92: pop si 0x13f93: push si |
| 2018-12-25T11:43:30.917950577Z | 240 | PC: 13fdd | UNKNOWN! |
| 2018-12-25T11:43:30.919392374Z | 53 | PC: 13ab7 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T11:43:30.921370898Z | 53 | PC: 13ac7 | Get interrupt vector (Interrupt = '22' AKA 'Create or truncate file') |
| 2018-12-25T11:43:30.92283294Z | 53 | PC: 13ad7 | Get interrupt vector (Interrupt = '1' AKA 'Character input') |
| 2018-12-25T11:43:30.923869669Z | 37 | PC: 13ae6 | Set interrupt vector (Interrupt = '1' AKA 'Character input') |
| 2018-12-25T11:43:30.925505471Z | 37 | PC: 13a03 | Set interrupt vector (Interrupt = '1' AKA 'Character input') |
| 2018-12-25T11:43:30.927820887Z | 9 | PC: 12a82 | Display string (String= 'Goat file (EXE). Size=000011A0h/0000004512d bytes. ') |
| 2018-12-25T11:43:30.934615546Z | 76 | PC: 12a86 | Terminate with return code (Return code = '36') |