Sample viewer

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":5012,"SideJobID":0}

.

GIF

Syscalls:

{"DateBased":true,"Day":6,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":5012,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:53:28.439826559Z	240	PC: 13dee | UNKNOWN!
2018-12-25T11:53:28.441593533Z	255	PC: 13e1c | UNKNOWN!
2018-12-25T11:53:28.44253652Z	74	PC: 12eff | Reallocate memory
2018-12-25T11:53:28.443954913Z	75	PC: 12f65 | Execute program
2018-12-25T11:53:28.459287974Z	9	PC: 13272 | Display string (String= 'Goat file (EXE). Size=000011A0h/0000004512d bytes. ')
2018-12-25T11:53:28.467401321Z	76	PC: 13276 | Terminate with return code (Return code = '36')
2018-12-25T11:53:28.470212114Z	73	PC: 12f6b | Release memory
2018-12-25T11:53:28.471846007Z	77	PC: 12f6f | Get program return code
2018-12-25T11:53:28.473419354Z	42	PC: 12f73 | Get date 0x12f73: cmp al, 0 0x12f75: jne 0x12f80 0x12f77: mov ah, 0x2c 0x12f79: int 0x21 0x12f7b: cmp cl, 0x2c 0x12f7e: je 0x12f88 0x12f80: mov ah, 0x31 0x12f82: mov dx, 0x75 0x12f85: call 0x22ad2 0x12f88: mov ah, 0x19 0x12f8a: int 0x21 0x12f8c: mov dl, al 0x12f8e: cmp dl, 2 0x12f91: jb 0x12f95 0x12f93: add al, 0x7e 0x12f95: mov ax, 0x309 0x12f98: mov bx, 0x615 0x12f9b: mov cx, 1 0x12f9e: mov dh, 0 0x12fa0: int 0x13
2018-12-25T11:53:28.475522802Z	44	PC: 12f7b | Get time 0x12f7b: cmp cl, 0x2c 0x12f7e: je 0x12f88 0x12f80: mov ah, 0x31 0x12f82: mov dx, 0x75 0x12f85: call 0x22ad2 0x12f88: mov ah, 0x19 0x12f8a: int 0x21 0x12f8c: mov dl, al 0x12f8e: cmp dl, 2 0x12f91: jb 0x12f95 0x12f93: add al, 0x7e 0x12f95: mov ax, 0x309 0x12f98: mov bx, 0x615 0x12f9b: mov cx, 1 0x12f9e: mov dh, 0 0x12fa0: int 0x13 0x12fa2: mov cx, 0x40 0x12fa5: mov al, cl 0x12fa7: out 0x70, al 0x12fa9: mov al, 0xff
2018-12-25T11:53:28.477410943Z	49	PC: 12ad8 | Terminate and stay resident (Return code = '0' | Memory size = '117')