{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":6024,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:58:16.098464552Z | 26 | PC: 227d2 | Set disk transfer address |
| 2018-12-25T11:58:16.099727252Z | 78 | PC: 227d9 | Find first file |
| 2018-12-25T11:58:16.107230166Z | 61 | PC: 227ed | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T11:58:16.115444521Z | 63 | PC: 227fb | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T11:58:16.122749119Z | 66 | PC: 2280d | Move file pointer |
| 2018-12-25T11:58:16.125459595Z | 64 | PC: 228ca | Write file or device (Write 300 bytes on handle 5) |
| 2018-12-25T11:58:16.141335792Z | 66 | PC: 2281e | Move file pointer |
| 2018-12-25T11:58:16.14339269Z | 64 | PC: 22828 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T11:58:16.151790544Z | 87 | PC: 22836 | Get or set file date and time |
| 2018-12-25T11:58:16.153542413Z | 62 | PC: 2283a | Close file |
| 2018-12-25T11:58:16.162295096Z | 26 | PC: 22841 | Set disk transfer address |
| 2018-12-25T11:58:16.166693928Z | 42 | PC: 22845 | Get date 0x22845: cmp al, 4 0x22847: jne 0x228b3 0x22849: mov ah, 0x2c 0x2284b: int 0x21 0x2284d: mov ax, 4 0x22850: cmp dh, al 0x22852: jae 0x228b3 0x22854: int 0x10 0x22856: mov ah, 0xb 0x22858: pop bx 0x22859: push bx 0x2285a: int 0x10 0x2285c: pop bx 0x2285d: mov dx, 0xc6 0x22860: mov cx, 0x13e 0x22863: mov ax, 0xc00 0x22866: push bx 0x22867: push cx 0x22868: mov di, 3 0x2286b: or word ptr [bx], di |
| 2018-12-25T11:58:16.172685428Z | 9 | PC: 12a82 | Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ') |
| 2018-12-25T11:58:16.179750775Z | 76 | PC: 12a86 | Terminate with return code (Return code = '36') |
{"DateBased":true,"Day":3,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":6024,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:58:16.231323616Z | 26 | PC: 227d2 | Set disk transfer address |
| 2018-12-25T11:58:16.232952002Z | 78 | PC: 227d9 | Find first file |
| 2018-12-25T11:58:16.238880524Z | 61 | PC: 227ed | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T11:58:16.245453968Z | 63 | PC: 227fb | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T11:58:16.252936898Z | 66 | PC: 2280d | Move file pointer |
| 2018-12-25T11:58:16.254483832Z | 64 | PC: 228ca | Write file or device (Write 300 bytes on handle 5) |
| 2018-12-25T11:58:16.269386864Z | 66 | PC: 2281e | Move file pointer |
| 2018-12-25T11:58:16.271080569Z | 64 | PC: 22828 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T11:58:16.278421605Z | 87 | PC: 22836 | Get or set file date and time |
| 2018-12-25T11:58:16.280051576Z | 62 | PC: 2283a | Close file |
| 2018-12-25T11:58:16.288267753Z | 26 | PC: 22841 | Set disk transfer address |
| 2018-12-25T11:58:16.290798564Z | 42 | PC: 22845 | Get date 0x22845: cmp al, 4 0x22847: jne 0x228b3 0x22849: mov ah, 0x2c 0x2284b: int 0x21 0x2284d: mov ax, 4 0x22850: cmp dh, al 0x22852: jae 0x228b3 0x22854: int 0x10 0x22856: mov ah, 0xb 0x22858: pop bx 0x22859: push bx 0x2285a: int 0x10 0x2285c: pop bx 0x2285d: mov dx, 0xc6 0x22860: mov cx, 0x13e 0x22863: mov ax, 0xc00 0x22866: push bx 0x22867: push cx 0x22868: mov di, 3 0x2286b: or word ptr [bx], di |
| 2018-12-25T11:58:16.293097754Z | 44 | PC: 2284d | Get time 0x2284d: mov ax, 4 0x22850: cmp dh, al 0x22852: jae 0x228b3 0x22854: int 0x10 0x22856: mov ah, 0xb 0x22858: pop bx 0x22859: push bx 0x2285a: int 0x10 0x2285c: pop bx 0x2285d: mov dx, 0xc6 0x22860: mov cx, 0x13e 0x22863: mov ax, 0xc00 0x22866: push bx 0x22867: push cx 0x22868: mov di, 3 0x2286b: or word ptr [bx], di 0x2286d: sub bx, 0x13f 0x22871: mov cx, 3 0x22874: cmp byte ptr [bx], 0x7f 0x22877: adc al, 0 |
| 2018-12-25T11:58:16.313106912Z | 9 | PC: 12a82 | Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ') |
| 2018-12-25T11:58:16.319461359Z | 76 | PC: 12a86 | Terminate with return code (Return code = '36') |