{"DateBased":true,"Day":1,"Month":5,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":920,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:42:05.579906506Z | 78 | PC: 12a49 | Find first file |
| 2018-12-25T11:42:05.586278877Z | 61 | PC: 12a51 | Open file (Filename = '') |
| 2018-12-25T11:42:05.58864703Z | 64 | PC: 12a5d | Write file or device (Write 212 bytes on handle 2) |
| 2018-12-25T11:42:05.596547391Z | 62 | PC: 12a61 | Close file |
| 2018-12-25T11:42:05.598534657Z | 79 | PC: 12a65 | Find next file |
| 2018-12-25T11:42:05.60060855Z | 42 | PC: 12a6b | Get date 0x12a6b: cmp dh, 4 0x12a6e: je 0x12a7e 0x12a70: cmp dh, 5 0x12a73: je 0x12a7e 0x12a75: mov ah, 9 0x12a77: mov dx, 0x1ad 0x12a7a: int 0x21 0x12a7c: int 0x20 0x12a7e: mov ah, 9 0x12a80: mov dx, 0x188 0x12a83: int 0x21 0x12a85: mov dx, 0x80 0x12a88: xor ch, ch 0x12a8a: mov ah, 5 0x12a8c: int 0x13 0x12a8e: cmp dh, 0x20 0x12a91: je 0x12a97 0x12a93: inc dh 0x12a95: jmp 0x12a85 0x12a97: cmp ch, 0x20 |
| 2018-12-25T11:42:05.60296007Z | 9 | PC: 12a85 | Display string (String= 'Your hard drive is about to explode!') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":920,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:42:05.825815089Z | 78 | PC: 12a49 | Find first file |
| 2018-12-25T11:42:05.831823544Z | 61 | PC: 12a51 | Open file (Filename = '') |
| 2018-12-25T11:42:05.833719489Z | 64 | PC: 12a5d | Write file or device (Write 212 bytes on handle 2) |
| 2018-12-25T11:42:05.841765037Z | 62 | PC: 12a61 | Close file |
| 2018-12-25T11:42:05.843808299Z | 79 | PC: 12a65 | Find next file |
| 2018-12-25T11:42:05.845898363Z | 42 | PC: 12a6b | Get date 0x12a6b: cmp dh, 4 0x12a6e: je 0x12a7e 0x12a70: cmp dh, 5 0x12a73: je 0x12a7e 0x12a75: mov ah, 9 0x12a77: mov dx, 0x1ad 0x12a7a: int 0x21 0x12a7c: int 0x20 0x12a7e: mov ah, 9 0x12a80: mov dx, 0x188 0x12a83: int 0x21 0x12a85: mov dx, 0x80 0x12a88: xor ch, ch 0x12a8a: mov ah, 5 0x12a8c: int 0x13 0x12a8e: cmp dh, 0x20 0x12a91: je 0x12a97 0x12a93: inc dh 0x12a95: jmp 0x12a85 0x12a97: cmp ch, 0x20 |
| 2018-12-25T11:42:05.847554907Z | 9 | PC: 12a7c | Display string (String= 'Program too big to fit in memory.') |
{"DateBased":true,"Day":1,"Month":4,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":920,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:42:06.071815411Z | 78 | PC: 12a49 | Find first file |
| 2018-12-25T11:42:06.07628797Z | 61 | PC: 12a51 | Open file (Filename = '') |
| 2018-12-25T11:42:06.07771257Z | 64 | PC: 12a5d | Write file or device (Write 212 bytes on handle 2) |
| 2018-12-25T11:42:06.082291295Z | 62 | PC: 12a61 | Close file |
| 2018-12-25T11:42:06.084302681Z | 79 | PC: 12a65 | Find next file |
| 2018-12-25T11:42:06.086068946Z | 42 | PC: 12a6b | Get date 0x12a6b: cmp dh, 4 0x12a6e: je 0x12a7e 0x12a70: cmp dh, 5 0x12a73: je 0x12a7e 0x12a75: mov ah, 9 0x12a77: mov dx, 0x1ad 0x12a7a: int 0x21 0x12a7c: int 0x20 0x12a7e: mov ah, 9 0x12a80: mov dx, 0x188 0x12a83: int 0x21 0x12a85: mov dx, 0x80 0x12a88: xor ch, ch 0x12a8a: mov ah, 5 0x12a8c: int 0x13 0x12a8e: cmp dh, 0x20 0x12a91: je 0x12a97 0x12a93: inc dh 0x12a95: jmp 0x12a85 0x12a97: cmp ch, 0x20 |
| 2018-12-25T11:42:06.088988787Z | 9 | PC: 12a85 | Display string (String= 'Your hard drive is about to explode!') |