{"DateBased":true,"Day":9,"Month":9,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7632,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:02:06.1896065Z | 42 | PC: 12a55 | Get date 0x12a55: cmp dx, 0x909 0x12a59: jne 0x12a66 0x12a5b: mov ah, 9 0x12a5d: lea dx, word ptr [si + 0x142] 0x12a61: int 0x21 0x12a63: cli 0x12a64: jmp 0x12a63 0x12a66: mov ax, 0x8f00 0x12a69: int 0x21 0x12a6b: cmp ax, 0x8f 0x12a6e: jne 0x12a7f 0x12a70: add si, 0x11e 0x12a74: mov di, 0x100 0x12a77: push ss 0x12a78: push di 0x12a79: cld 0x12a7a: movsw word ptr es:[di], word ptr [si] 0x12a7b: movsw word ptr es:[di], word ptr [si] 0x12a7c: push ss 0x12a7d: pop ds |
| 2018-12-25T12:02:06.192151146Z | 9 | PC: 12a63 | Display string (String= 'Hello !! I am [Flavour V1.1] By Dark Killer ... At Taiwan Power Virus Organization ! 1995/07/01/Saturday ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7632,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:02:06.332052148Z | 42 | PC: 12a55 | Get date 0x12a55: cmp dx, 0x909 0x12a59: jne 0x12a66 0x12a5b: mov ah, 9 0x12a5d: lea dx, word ptr [si + 0x142] 0x12a61: int 0x21 0x12a63: cli 0x12a64: jmp 0x12a63 0x12a66: mov ax, 0x8f00 0x12a69: int 0x21 0x12a6b: cmp ax, 0x8f 0x12a6e: jne 0x12a7f 0x12a70: add si, 0x11e 0x12a74: mov di, 0x100 0x12a77: push ss 0x12a78: push di 0x12a79: cld 0x12a7a: movsw word ptr es:[di], word ptr [si] 0x12a7b: movsw word ptr es:[di], word ptr [si] 0x12a7c: push ss 0x12a7d: pop ds |
| 2018-12-25T12:02:06.334469101Z | 143 | PC: 12a6b | UNKNOWN! |
| 2018-12-25T12:02:06.33506778Z | 82 | PC: 12a85 | Get DOS internal pointers (SYSVARS) |
| 2018-12-25T12:02:06.336290864Z | 82 | PC: 9f966 | Get DOS internal pointers (SYSVARS) |