{"DateBased":true,"Day":7,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8855,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:22:06.085248117Z | 42 | PC: 13b0a | Get date 0x13b0a: cmp dl, 7 0x13b0d: je 0x13b12 0x13b0f: jmp 0x13c7b 0x13b12: mov ah, 0x2c 0x13b14: int 0x21 0x13b16: cmp cl, 0x14 0x13b19: jg 0x13b1e 0x13b1b: jmp 0x13c7b 0x13b1e: jmp 0x13c0a 0x13b21: or cl, byte ptr [di] 0x13b23: or cl, byte ptr [di] 0x13b25: or cl, byte ptr [di] 0x13b27: or cl, byte ptr [di] 0x13b29: or cl, byte ptr [di] 0x13b2b: or cl, byte ptr [di] 0x13b2d: and byte ptr [bx + 0x65], dl 0x13b30: insb byte ptr es:[di], dx 0x13b31: insb byte ptr es:[di], dx 0x13b32: sub al, 0x20 0x13b34: je 0x13b9e |
| 2018-12-25T12:22:06.099632247Z | 44 | PC: 13b16 | Get time 0x13b16: cmp cl, 0x14 0x13b19: jg 0x13b1e 0x13b1b: jmp 0x13c7b 0x13b1e: jmp 0x13c0a 0x13b21: or cl, byte ptr [di] 0x13b23: or cl, byte ptr [di] 0x13b25: or cl, byte ptr [di] 0x13b27: or cl, byte ptr [di] 0x13b29: or cl, byte ptr [di] 0x13b2b: or cl, byte ptr [di] 0x13b2d: and byte ptr [bx + 0x65], dl 0x13b30: insb byte ptr es:[di], dx 0x13b31: insb byte ptr es:[di], dx 0x13b32: sub al, 0x20 0x13b34: je 0x13b9e 0x13b36: imul si, word ptr [bp + di + 0x20], 0x756a 0x13b3b: jae 0x13bb1 0x13b3d: and byte ptr [bx + di + 0x69], ah 0x13b40: outsb dx, byte ptr [si] 0x13b41: daa |
| 2018-12-25T12:22:06.109694317Z | 9 | PC: 13c4a | Display string (String= ' Well, this just ain't your lucky day ! You are blessed with WHIPLASH V.2.0. Beta release Variant A written and compiled in Bucharest, Romania by Lord Julus (c) ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8855,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:22:06.31838685Z | 42 | PC: 13b0a | Get date 0x13b0a: cmp dl, 7 0x13b0d: je 0x13b12 0x13b0f: jmp 0x13c7b 0x13b12: mov ah, 0x2c 0x13b14: int 0x21 0x13b16: cmp cl, 0x14 0x13b19: jg 0x13b1e 0x13b1b: jmp 0x13c7b 0x13b1e: jmp 0x13c0a 0x13b21: or cl, byte ptr [di] 0x13b23: or cl, byte ptr [di] 0x13b25: or cl, byte ptr [di] 0x13b27: or cl, byte ptr [di] 0x13b29: or cl, byte ptr [di] 0x13b2b: or cl, byte ptr [di] 0x13b2d: and byte ptr [bx + 0x65], dl 0x13b30: insb byte ptr es:[di], dx 0x13b31: insb byte ptr es:[di], dx 0x13b32: sub al, 0x20 0x13b34: je 0x13b9e |
| 2018-12-25T12:22:06.320791163Z | 94 | PC: 12e0e | Network functions |
| 2018-12-25T12:22:06.321666177Z | 88 | PC: 12e35 | case 0xGet or set allocation strateg: |
| 2018-12-25T12:22:06.322531103Z | 88 | PC: 12e3f | case 0xGet or set allocation strateg: |
| 2018-12-25T12:22:06.324039621Z | 88 | PC: 12e4c | case 0xGet or set allocation strateg: |
| 2018-12-25T12:22:06.325117077Z | 88 | PC: 12e54 | case 0xGet or set allocation strateg: |
| 2018-12-25T12:22:06.326656933Z | 88 | PC: 12ef9 | case 0xGet or set allocation strateg: |
| 2018-12-25T12:22:06.328023101Z | 88 | PC: 12f05 | case 0xGet or set allocation strateg: |
| 2018-12-25T12:22:06.329363867Z | 74 | PC: 12f1e | Reallocate memory |
| 2018-12-25T12:22:06.331154715Z | 74 | PC: 12f2c | Reallocate memory |
| 2018-12-25T12:22:06.332856828Z | 25 | PC: 12fd0 | Get default drive |
| 2018-12-25T12:22:06.3346155Z | 76 | PC: 130f5 | Terminate with return code (Return code = '0') |