{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17122,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:54:58.12495485Z | 42 | PC: 12ca7 | Get date 0x12ca7: cmp dl, 0xd 0x12caa: jne 0x12ceb 0x12cac: cmp al, 5 0x12cae: jne 0x12ceb 0x12cb0: xor cx, cx 0x12cb2: mov dh, 1 0x12cb4: mov dl, 0x80 0x12cb6: xor bx, bx 0x12cb8: mov es, bx 0x12cba: mov ax, 0x9f 0x12cbd: add ax, bp 0x12cbf: pushf 0x12cc0: push cs 0x12cc1: push ax 0x12cc2: mov ah, 0 0x12cc4: jmp 0x1320b 0x12cc7: mov ax, 0xb0 0x12cca: add ax, bp 0x12ccc: pushf 0x12ccd: push cs |
| 2018-12-25T12:54:58.128337032Z | 82 | PC: 12cff | Get DOS internal pointers (SYSVARS) |
| 2018-12-25T12:54:58.129848758Z | 88 | PC: 12d4c | case 0xGet or set allocation strateg: |
| 2018-12-25T12:54:58.131084877Z | 88 | PC: 12d58 | case 0xGet or set allocation strateg: |
| 2018-12-25T12:54:58.132591246Z | 74 | PC: 12d65 | Reallocate memory |
| 2018-12-25T12:54:58.134946271Z | 72 | PC: 12d73 | Allocate memory |
| 2018-12-25T12:54:58.137059538Z | 53 | PC: 12db4 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:54:58.138678275Z | 37 | PC: 12dc6 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:54:58.149479909Z | 88 | PC: 12dd9 | case 0xGet or set allocation strateg: |
| 2018-12-25T12:54:58.150826326Z | 9 | PC: 12a82 | Display string (String= 'Goat file (EXE). Size=000003E8h/0000001000d bytes. ') |
| 2018-12-25T12:54:58.15683547Z | 76 | PC: 12a86 | Terminate with return code (Return code = '36') |
{"DateBased":true,"Day":13,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17122,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:54:58.305947844Z | 42 | PC: 12ca7 | Get date 0x12ca7: cmp dl, 0xd 0x12caa: jne 0x12ceb 0x12cac: cmp al, 5 0x12cae: jne 0x12ceb 0x12cb0: xor cx, cx 0x12cb2: mov dh, 1 0x12cb4: mov dl, 0x80 0x12cb6: xor bx, bx 0x12cb8: mov es, bx 0x12cba: mov ax, 0x9f 0x12cbd: add ax, bp 0x12cbf: pushf 0x12cc0: push cs 0x12cc1: push ax 0x12cc2: mov ah, 0 0x12cc4: jmp 0x1320b 0x12cc7: mov ax, 0xb0 0x12cca: add ax, bp 0x12ccc: pushf 0x12ccd: push cs |
| 2018-12-25T12:54:58.308297344Z | 82 | PC: 12cff | Get DOS internal pointers (SYSVARS) |
| 2018-12-25T12:54:58.310167816Z | 88 | PC: 12d4c | case 0xGet or set allocation strateg: |
| 2018-12-25T12:54:58.311382018Z | 88 | PC: 12d58 | case 0xGet or set allocation strateg: |
| 2018-12-25T12:54:58.312608357Z | 74 | PC: 12d65 | Reallocate memory |
| 2018-12-25T12:54:58.314481455Z | 72 | PC: 12d73 | Allocate memory |
| 2018-12-25T12:54:58.316342899Z | 53 | PC: 12db4 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:54:58.317794364Z | 37 | PC: 12dc6 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:54:58.320222262Z | 88 | PC: 12dd9 | case 0xGet or set allocation strateg: |
| 2018-12-25T12:54:58.321788425Z | 9 | PC: 12a82 | Display string (String= 'Goat file (EXE). Size=000003E8h/0000001000d bytes. ') |
| 2018-12-25T12:54:58.326052491Z | 76 | PC: 12a86 | Terminate with return code (Return code = '36') |