{"DateBased":true,"Day":10,"Month":10,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":865,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:41:56.54875487Z | 44 | PC: 14039 | Get time 0x14039: push dx 0x1403a: mov cx, 0x200 0x1403d: loop 0x1403d 0x1403f: int 0x21 0x14041: pop bx 0x14042: pop bp 0x14043: push bp 0x14044: sub bp, 0x36d 0x14048: xor bx, dx 0x1404a: mov ax, 0x38b 0x1404d: xor ax, bx 0x1404f: add ax, bp 0x14051: push ax 0x14052: ret 0x14053: pop di 0x14054: sub di, 0x26d 0x14058: mov ah, 0xdd 0x1405a: int 0x21 0x1405c: cmp ax, 0xffff 0x1405f: je 0x140b0 |
| 2018-12-25T11:41:56.551546465Z | 44 | PC: 14041 | Get time 0x14041: pop bx 0x14042: pop bp 0x14043: push bp 0x14044: sub bp, 0x36d 0x14048: xor bx, dx 0x1404a: mov ax, 0x38b 0x1404d: xor ax, bx 0x1404f: add ax, bp 0x14051: push ax 0x14052: ret 0x14053: pop di 0x14054: sub di, 0x26d 0x14058: mov ah, 0xdd 0x1405a: int 0x21 0x1405c: cmp ax, 0xffff 0x1405f: je 0x140b0 0x14061: mov ax, 0x3521 0x14064: int 0x21 0x14066: mov word ptr cs:[di + 3], bx 0x1406b: mov word ptr cs:[di + 5], es |
| 2018-12-25T11:41:56.554401748Z | 221 | PC: 1405c | UNKNOWN! |
| 2018-12-25T11:41:56.555308345Z | 53 | PC: 14066 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T11:41:56.556698093Z | 37 | PC: 140b0 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T11:41:56.559600297Z | 9 | PC: 12a82 | Display string (String= 'Goat file (COM). Size=00001388h/0000005000d bytes. ') |
| 2018-12-25T11:41:56.566875972Z | 76 | PC: 12a86 | Terminate with return code (Return code = '36') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":865,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:41:56.596404506Z | 44 | PC: 14039 | Get time 0x14039: push dx 0x1403a: mov cx, 0x200 0x1403d: loop 0x1403d 0x1403f: int 0x21 0x14041: pop bx 0x14042: pop bp 0x14043: push bp 0x14044: sub bp, 0x36d 0x14048: xor bx, dx 0x1404a: mov ax, 0x38b 0x1404d: xor ax, bx 0x1404f: add ax, bp 0x14051: push ax 0x14052: ret 0x14053: pop di 0x14054: sub di, 0x26d 0x14058: mov ah, 0xdd 0x1405a: int 0x21 0x1405c: cmp ax, 0xffff 0x1405f: je 0x140b0 |
| 2018-12-25T11:41:56.599407005Z | 44 | PC: 14041 | Get time 0x14041: pop bx 0x14042: pop bp 0x14043: push bp 0x14044: sub bp, 0x36d 0x14048: xor bx, dx 0x1404a: mov ax, 0x38b 0x1404d: xor ax, bx 0x1404f: add ax, bp 0x14051: push ax 0x14052: ret 0x14053: pop di 0x14054: sub di, 0x26d 0x14058: mov ah, 0xdd 0x1405a: int 0x21 0x1405c: cmp ax, 0xffff 0x1405f: je 0x140b0 0x14061: mov ax, 0x3521 0x14064: int 0x21 0x14066: mov word ptr cs:[di + 3], bx 0x1406b: mov word ptr cs:[di + 5], es |
| 2018-12-25T11:41:56.601424629Z | 221 | PC: 1405c | UNKNOWN! |
| 2018-12-25T11:41:56.6021569Z | 53 | PC: 14066 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T11:41:56.603688504Z | 37 | PC: 140b0 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T11:41:56.605197073Z | 9 | PC: 12a82 | Display string (String= 'Goat file (COM). Size=00001388h/0000005000d bytes. ') |
| 2018-12-25T11:41:56.617232177Z | 76 | PC: 12a86 | Terminate with return code (Return code = '36') |