{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":6348,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:59:10.462129593Z | 144 | PC: 12d32 | UNKNOWN! |
| 2018-12-25T11:59:10.465744646Z | 42 | PC: 1317f | Get date 0x1317f: cmp cx, 0x7cd 0x13183: jne 0x13196 0x13185: cmp dl, 4 0x13188: jne 0x13196 0x1318a: mov ah, 0x2c 0x1318c: int 0x21 0x1318e: cmp ch, 7 0x13191: jne 0x13196 0x13193: call 0x230c7 0x13196: pop dx 0x13197: pop cx 0x13198: pop ax 0x13199: ret 0x1319a: dec bp 0x1319b: pop dx 0x1319c: call 0x133a0 0x1319f: add byte ptr [bx + si], al 0x131a1: add byte ptr [bx + si], ah 0x131a3: add byte ptr [bx + si], al 0x131a5: add bh, bh |
| 2018-12-25T11:59:10.468462171Z | 9 | PC: 12a82 | Display string (String= 'Goat file (EXE). Size=000003E8h/0000001000d bytes. ') |
| 2018-12-25T11:59:10.474615115Z | 76 | PC: 12a86 | Terminate with return code (Return code = '36') |
{"DateBased":true,"Day":1,"Month":1,"Year":1997,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":6348,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:59:10.695671939Z | 144 | PC: 12d32 | UNKNOWN! |
| 2018-12-25T11:59:10.708864077Z | 42 | PC: 1317f | Get date 0x1317f: cmp cx, 0x7cd 0x13183: jne 0x13196 0x13185: cmp dl, 4 0x13188: jne 0x13196 0x1318a: mov ah, 0x2c 0x1318c: int 0x21 0x1318e: cmp ch, 7 0x13191: jne 0x13196 0x13193: call 0x230c7 0x13196: pop dx 0x13197: pop cx 0x13198: pop ax 0x13199: ret 0x1319a: dec bp 0x1319b: pop dx 0x1319c: call 0x133a0 0x1319f: add byte ptr [bx + si], al 0x131a1: add byte ptr [bx + si], ah 0x131a3: add byte ptr [bx + si], al 0x131a5: add bh, bh |
| 2018-12-25T11:59:10.71138293Z | 9 | PC: 12a82 | Display string (String= 'Goat file (EXE). Size=000003E8h/0000001000d bytes. ') |
| 2018-12-25T11:59:10.716806711Z | 76 | PC: 12a86 | Terminate with return code (Return code = '36') |
{"DateBased":true,"Day":4,"Month":1,"Year":1997,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":6348,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:59:10.815881953Z | 144 | PC: 12d32 | UNKNOWN! |
| 2018-12-25T11:59:10.819784306Z | 42 | PC: 1317f | Get date 0x1317f: cmp cx, 0x7cd 0x13183: jne 0x13196 0x13185: cmp dl, 4 0x13188: jne 0x13196 0x1318a: mov ah, 0x2c 0x1318c: int 0x21 0x1318e: cmp ch, 7 0x13191: jne 0x13196 0x13193: call 0x230c7 0x13196: pop dx 0x13197: pop cx 0x13198: pop ax 0x13199: ret 0x1319a: dec bp 0x1319b: pop dx 0x1319c: call 0x133a0 0x1319f: add byte ptr [bx + si], al 0x131a1: add byte ptr [bx + si], ah 0x131a3: add byte ptr [bx + si], al 0x131a5: add bh, bh |
| 2018-12-25T11:59:10.821991131Z | 44 | PC: 1318e | Get time 0x1318e: cmp ch, 7 0x13191: jne 0x13196 0x13193: call 0x230c7 0x13196: pop dx 0x13197: pop cx 0x13198: pop ax 0x13199: ret 0x1319a: dec bp 0x1319b: pop dx 0x1319c: call 0x133a0 0x1319f: add byte ptr [bx + si], al 0x131a1: add byte ptr [bx + si], ah 0x131a3: add byte ptr [bx + si], al 0x131a5: add bh, bh 0x131a7: ljmp ptr [di] 0x131a9: add al, al 0x131ab: add ax, 0x1972 0x131ae: push es 0x131af: add byte ptr [di], ch 0x131b1: add byte ptr [bp + di + 0x4f], al |
| 2018-12-25T11:59:10.83059602Z | 9 | PC: 12a82 | Display string (String= 'Goat file (EXE). Size=000003E8h/0000001000d bytes. ') |
| 2018-12-25T11:59:10.835516538Z | 76 | PC: 12a86 | Terminate with return code (Return code = '36') |