{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16572,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:26.655111321Z | 224 | PC: 12a60 | UNKNOWN! |
| 2018-12-25T12:53:26.657040903Z | 74 | PC: 12a8b | Reallocate memory |
| 2018-12-25T12:53:26.658538424Z | 75 | PC: 12ae0 | Execute program |
| 2018-12-25T12:53:26.674273632Z | 9 | PC: 131e5 | Display string (String= 'Sophos Ltd, Oxford sacrificial COM goat 1400H bytes long ') |
| 2018-12-25T12:53:26.681826898Z | 0 | PC: 131e9 | Program terminate |
| 2018-12-25T12:53:26.685523045Z | 73 | PC: 12ae6 | Release memory |
| 2018-12-25T12:53:26.687303652Z | 77 | PC: 12aea | Get program return code |
| 2018-12-25T12:53:26.68878797Z | 49 | PC: 12af1 | Terminate and stay resident (Return code = '0' | Memory size = '96') |
{"DateBased":true,"Day":24,"Month":4,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16572,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:26.897772394Z | 224 | PC: 12a60 | UNKNOWN! |
| 2018-12-25T12:53:26.898705052Z | 74 | PC: 12a8b | Reallocate memory |
| 2018-12-25T12:53:26.901044458Z | 75 | PC: 12ae0 | Execute program |
| 2018-12-25T12:53:26.917414188Z | 9 | PC: 131e5 | Display string (String= 'Sophos Ltd, Oxford sacrificial COM goat 1400H bytes long ') |
| 2018-12-25T12:53:26.923629517Z | 0 | PC: 131e9 | Program terminate |
| 2018-12-25T12:53:26.927483899Z | 73 | PC: 12ae6 | Release memory |
| 2018-12-25T12:53:26.928631244Z | 77 | PC: 12aea | Get program return code |
| 2018-12-25T12:53:26.92974102Z | 49 | PC: 12af1 | Terminate and stay resident (Return code = '0' | Memory size = '96') |