{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16122,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:45:25.469483227Z | 42 | PC: 12a55 | Get date 0x12a55: cmp dx, 0x909 0x12a59: jne 0x12a66 0x12a5b: mov ah, 9 0x12a5d: lea dx, word ptr [si + 0x141] 0x12a61: int 0x21 0x12a63: cli 0x12a64: jmp 0x12a63 0x12a66: mov ax, 0x8f00 0x12a69: int 0x21 0x12a6b: cmp ax, 0x8f 0x12a6e: jne 0x12a7f 0x12a70: add si, 0x11d 0x12a74: mov di, 0x100 0x12a77: push ss 0x12a78: push di 0x12a79: cld 0x12a7a: movsw word ptr es:[di], word ptr [si] 0x12a7b: movsw word ptr es:[di], word ptr [si] 0x12a7c: push ss 0x12a7d: pop ds |
| 2018-12-25T12:45:25.47182451Z | 143 | PC: 12a6b | UNKNOWN! |
| 2018-12-25T12:45:25.472563554Z | 82 | PC: 12a85 | Get DOS internal pointers (SYSVARS) |
| 2018-12-25T12:45:25.474262443Z | 82 | PC: 9f975 | Get DOS internal pointers (SYSVARS) |
{"DateBased":true,"Day":9,"Month":9,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16122,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:45:25.506746381Z | 42 | PC: 12a55 | Get date 0x12a55: cmp dx, 0x909 0x12a59: jne 0x12a66 0x12a5b: mov ah, 9 0x12a5d: lea dx, word ptr [si + 0x141] 0x12a61: int 0x21 0x12a63: cli 0x12a64: jmp 0x12a63 0x12a66: mov ax, 0x8f00 0x12a69: int 0x21 0x12a6b: cmp ax, 0x8f 0x12a6e: jne 0x12a7f 0x12a70: add si, 0x11d 0x12a74: mov di, 0x100 0x12a77: push ss 0x12a78: push di 0x12a79: cld 0x12a7a: movsw word ptr es:[di], word ptr [si] 0x12a7b: movsw word ptr es:[di], word ptr [si] 0x12a7c: push ss 0x12a7d: pop ds |
| 2018-12-25T12:45:25.509270033Z | 9 | PC: 12a63 | Display string (String= 'Hello !! I am [Flavour V1.1] By Dark Killer ... At Taiwan Power Virus Organization ! 1995/07/01/Saturday ') |