{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":15048,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:42:30.765688975Z | 240 | PC: 12d46 | UNKNOWN! |
| 2018-12-25T12:42:30.766997206Z | 98 | PC: 12dc5 | Get current PSP |
| 2018-12-25T12:42:30.768683801Z | 74 | PC: 12dec | Reallocate memory |
| 2018-12-25T12:42:30.77020966Z | 75 | PC: 12e4b | Execute program |
| 2018-12-25T12:42:30.787061488Z | 9 | PC: 13127 | Display string (String= 'Warning! Infection: Wanderer.M.1332 Virus (1996/02/06) ') |
| 2018-12-25T12:42:30.796422502Z | 73 | PC: 12d27 | Release memory |
| 2018-12-25T12:42:30.79805187Z | 42 | PC: 12e56 | Get date 0x12e56: cmp al, 0 0x12e58: jne 0x12e60 0x12e5a: mov byte ptr cs:[0x536], 1 0x12e60: mov ah, 0x2c 0x12e62: int 0x21 0x12e64: cmp cl, 8 0x12e67: jne 0x12e70 0x12e69: mov byte ptr cs:[0x560], 1 0x12e6f: nop 0x12e70: mov al, 0x31 0x12e72: mov dx, 0x68 0x12e75: call 0x22d1f 0x12e78: push ax 0x12e79: add byte ptr [bx + si], al 0x12e7b: add byte ptr [bx + si - 0x6c00], al 0x12e7f: adc bl, byte ptr [si] 0x12e82: xchg ax, sp 0x12e83: adc ch, byte ptr [si] 0x12e86: xchg ax, sp 0x12e87: adc ch, bl |
| 2018-12-25T12:42:30.80827794Z | 44 | PC: 12e64 | Get time 0x12e64: cmp cl, 8 0x12e67: jne 0x12e70 0x12e69: mov byte ptr cs:[0x560], 1 0x12e6f: nop 0x12e70: mov al, 0x31 0x12e72: mov dx, 0x68 0x12e75: call 0x22d1f 0x12e78: push ax 0x12e79: add byte ptr [bx + si], al 0x12e7b: add byte ptr [bx + si - 0x6c00], al 0x12e7f: adc bl, byte ptr [si] 0x12e82: xchg ax, sp 0x12e83: adc ch, byte ptr [si] 0x12e86: xchg ax, sp 0x12e87: adc ch, bl 0x12e89: dec si 0x12e8a: pop bx 0x12e8b: dec bx 0x12e8c: jae 0x12ee2 0x12e8e: jb 0x12eff |
| 2018-12-25T12:42:30.814467451Z | 49 | PC: 12d27 | Terminate and stay resident (See above) |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":15048,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:42:30.930182624Z | 240 | PC: 12d46 | UNKNOWN! |
| 2018-12-25T12:42:30.932537662Z | 98 | PC: 12dc5 | Get current PSP |
| 2018-12-25T12:42:30.935859436Z | 74 | PC: 12dec | Reallocate memory |
| 2018-12-25T12:42:30.937925623Z | 75 | PC: 12e4b | Execute program |
| 2018-12-25T12:42:30.953497777Z | 9 | PC: 13127 | Display string (String= 'Warning! Infection: Wanderer.M.1332 Virus (1996/02/06) ') |
| 2018-12-25T12:42:30.959553061Z | 73 | PC: 12d27 | Release memory |
| 2018-12-25T12:42:30.961258549Z | 42 | PC: 12e56 | Get date 0x12e56: cmp al, 0 0x12e58: jne 0x12e60 0x12e5a: mov byte ptr cs:[0x536], 1 0x12e60: mov ah, 0x2c 0x12e62: int 0x21 0x12e64: cmp cl, 8 0x12e67: jne 0x12e70 0x12e69: mov byte ptr cs:[0x560], 1 0x12e6f: nop 0x12e70: mov al, 0x31 0x12e72: mov dx, 0x68 0x12e75: call 0x22d1f 0x12e78: push ax 0x12e79: add byte ptr [bx + si], al 0x12e7b: add byte ptr [bx + si - 0x6c00], al 0x12e7f: adc bl, byte ptr [si] 0x12e82: xchg ax, sp 0x12e83: adc ch, byte ptr [si] 0x12e86: xchg ax, sp 0x12e87: adc ch, bl |
| 2018-12-25T12:42:30.963373579Z | 44 | PC: 12e64 | Get time 0x12e64: cmp cl, 8 0x12e67: jne 0x12e70 0x12e69: mov byte ptr cs:[0x560], 1 0x12e6f: nop 0x12e70: mov al, 0x31 0x12e72: mov dx, 0x68 0x12e75: call 0x22d1f 0x12e78: push ax 0x12e79: add byte ptr [bx + si], al 0x12e7b: add byte ptr [bx + si - 0x6c00], al 0x12e7f: adc bl, byte ptr [si] 0x12e82: xchg ax, sp 0x12e83: adc ch, byte ptr [si] 0x12e86: xchg ax, sp 0x12e87: adc ch, bl 0x12e89: dec si 0x12e8a: pop bx 0x12e8b: dec bx 0x12e8c: jae 0x12ee2 0x12e8e: jb 0x12eff |
| 2018-12-25T12:42:30.966590817Z | 49 | PC: 12d27 | Terminate and stay resident (See above) |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":8,"Second":0,"TimeBased":true,"OriginalID":15048,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:42:31.09462989Z | 240 | PC: 12d46 | UNKNOWN! |
| 2018-12-25T12:42:31.096205656Z | 98 | PC: 12dc5 | Get current PSP |
| 2018-12-25T12:42:31.097931236Z | 74 | PC: 12dec | Reallocate memory |
| 2018-12-25T12:42:31.099618803Z | 75 | PC: 12e4b | Execute program |
| 2018-12-25T12:42:31.11624807Z | 9 | PC: 13127 | Display string (String= 'Warning! Infection: Wanderer.M.1332 Virus (1996/02/06) ') |
| 2018-12-25T12:42:31.126430143Z | 73 | PC: 12d27 | Release memory |
| 2018-12-25T12:42:31.128656512Z | 42 | PC: 12e56 | Get date 0x12e56: cmp al, 0 0x12e58: jne 0x12e60 0x12e5a: mov byte ptr cs:[0x536], 1 0x12e60: mov ah, 0x2c 0x12e62: int 0x21 0x12e64: cmp cl, 8 0x12e67: jne 0x12e70 0x12e69: mov byte ptr cs:[0x560], 1 0x12e6f: nop 0x12e70: mov al, 0x31 0x12e72: mov dx, 0x68 0x12e75: call 0x22d1f 0x12e78: push ax 0x12e79: add byte ptr [bx + si], al 0x12e7b: add byte ptr [bx + si - 0x6c00], al 0x12e7f: adc bl, byte ptr [si] 0x12e82: xchg ax, sp 0x12e83: adc ch, byte ptr [si] 0x12e86: xchg ax, sp 0x12e87: adc ch, bl |
| 2018-12-25T12:42:31.132269641Z | 44 | PC: 12e64 | Get time 0x12e64: cmp cl, 8 0x12e67: jne 0x12e70 0x12e69: mov byte ptr cs:[0x560], 1 0x12e6f: nop 0x12e70: mov al, 0x31 0x12e72: mov dx, 0x68 0x12e75: call 0x22d1f 0x12e78: push ax 0x12e79: add byte ptr [bx + si], al 0x12e7b: add byte ptr [bx + si - 0x6c00], al 0x12e7f: adc bl, byte ptr [si] 0x12e82: xchg ax, sp 0x12e83: adc ch, byte ptr [si] 0x12e86: xchg ax, sp 0x12e87: adc ch, bl 0x12e89: dec si 0x12e8a: pop bx 0x12e8b: dec bx 0x12e8c: jae 0x12ee2 0x12e8e: jb 0x12eff |
| 2018-12-25T12:42:31.136346895Z | 49 | PC: 12d27 | Terminate and stay resident (See above) |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":8,"Second":0,"TimeBased":true,"OriginalID":15048,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:42:31.18837509Z | 240 | PC: 12d46 | UNKNOWN! |
| 2018-12-25T12:42:31.190080641Z | 98 | PC: 12dc5 | Get current PSP |
| 2018-12-25T12:42:31.193134098Z | 74 | PC: 12dec | Reallocate memory |
| 2018-12-25T12:42:31.198532206Z | 75 | PC: 12e4b | Execute program |
| 2018-12-25T12:42:31.214659421Z | 9 | PC: 13127 | Display string (String= 'Warning! Infection: Wanderer.M.1332 Virus (1996/02/06) ') |
| 2018-12-25T12:42:31.225526709Z | 73 | PC: 12d27 | Release memory |
| 2018-12-25T12:42:31.227356364Z | 42 | PC: 12e56 | Get date 0x12e56: cmp al, 0 0x12e58: jne 0x12e60 0x12e5a: mov byte ptr cs:[0x536], 1 0x12e60: mov ah, 0x2c 0x12e62: int 0x21 0x12e64: cmp cl, 8 0x12e67: jne 0x12e70 0x12e69: mov byte ptr cs:[0x560], 1 0x12e6f: nop 0x12e70: mov al, 0x31 0x12e72: mov dx, 0x68 0x12e75: call 0x22d1f 0x12e78: push ax 0x12e79: add byte ptr [bx + si], al 0x12e7b: add byte ptr [bx + si - 0x6c00], al 0x12e7f: adc bl, byte ptr [si] 0x12e82: xchg ax, sp 0x12e83: adc ch, byte ptr [si] 0x12e86: xchg ax, sp 0x12e87: adc ch, bl |
| 2018-12-25T12:42:31.229864207Z | 44 | PC: 12e64 | Get time 0x12e64: cmp cl, 8 0x12e67: jne 0x12e70 0x12e69: mov byte ptr cs:[0x560], 1 0x12e6f: nop 0x12e70: mov al, 0x31 0x12e72: mov dx, 0x68 0x12e75: call 0x22d1f 0x12e78: push ax 0x12e79: add byte ptr [bx + si], al 0x12e7b: add byte ptr [bx + si - 0x6c00], al 0x12e7f: adc bl, byte ptr [si] 0x12e82: xchg ax, sp 0x12e83: adc ch, byte ptr [si] 0x12e86: xchg ax, sp 0x12e87: adc ch, bl 0x12e89: dec si 0x12e8a: pop bx 0x12e8b: dec bx 0x12e8c: jae 0x12ee2 0x12e8e: jb 0x12eff |
| 2018-12-25T12:42:31.233602122Z | 49 | PC: 12d27 | Terminate and stay resident (See above) |