Sample viewer

vx.netlux.org/Virus.DOS.IVP.Messenger.419

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:51:11.883882517Z 26 PC: 12bb4 | Set disk transfer address
2018-12-17T22:51:11.888093456Z 53 PC: 12acf | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:51:11.889358681Z 37 PC: 12ae1 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:51:11.89078426Z 78 PC: 12b0c | Find first file
2018-12-17T22:51:11.897231171Z 61 PC: 12bbd | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:51:11.90468119Z 63 PC: 12b27 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:51:11.910791162Z 62 PC: 12b2b | Close file
2018-12-17T22:51:11.912861418Z 67 PC: 12bc8 | Get or set file attributes
2018-12-17T22:51:11.932984229Z 61 PC: 12bbd | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:51:11.940066187Z 64 PC: 12b71 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:51:11.946824036Z 66 PC: 12baf | Move file pointer
2018-12-17T22:51:11.949899797Z 44 PC: 12b7c | Get time 0x12b7c: cmp dh, 0
0x12b7f: je 0x12b78
0x12b81: mov byte ptr cs:[bp + 0x2a5], dh
0x12b86: call 0x12bfd
0x12b89: mov ax, 0x5701
0x12b8c: mov cx, word ptr cs:[bp + 0x2d8]
0x12b91: mov dx, word ptr cs:[bp + 0x2da]
0x12b96: int 0x21
0x12b98: mov ah, 0x3e
0x12b9a: int 0x21
0x12b9c: xor cx, cx
0x12b9e: mov cl, byte ptr cs:[bp + 0x2d7]
0x12ba3: call 0x12bbf
0x12ba6: ret
0x12ba7: mov ah, 0x42
0x12ba9: xor cx, cx
0x12bab: xor dx, dx
0x12bad: int 0x21
0x12baf: ret
0x12bb0: mov ah, 0x1a
2018-12-17T22:51:11.952538223Z 64 PC: 12c5a | Write file or device (Write 419 bytes on handle 5)
2018-12-17T22:51:11.960745932Z 87 PC: 12b98 | Get or set file date and time
2018-12-17T22:51:11.963120768Z 62 PC: 12b9c | Close file
2018-12-17T22:51:11.970602272Z 67 PC: 12bc8 | Get or set file attributes
2018-12-17T22:51:11.980232467Z 79 PC: 12b0c | Find next file
2018-12-17T22:51:11.985568118Z 61 PC: 12bbd | Open file (Filename = 'PRINT.COM')
2018-12-17T22:51:11.992185977Z 63 PC: 12b27 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:51:11.999080221Z 62 PC: 12b2b | Close file
2018-12-17T22:51:12.002292805Z 67 PC: 12bc8 | Get or set file attributes
2018-12-17T22:51:12.012488237Z 61 PC: 12bbd | Open file (Filename = 'PRINT.COM')
2018-12-17T22:51:12.019599774Z 64 PC: 12b71 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:51:12.022927233Z 66 PC: 12baf | Move file pointer
2018-12-17T22:51:12.025301468Z 44 PC: 12b7c | Get time 0x12b7c: cmp dh, 0
0x12b7f: je 0x12b78
0x12b81: mov byte ptr cs:[bp + 0x2a5], dh
0x12b86: call 0x12bfd
0x12b89: mov ax, 0x5701
0x12b8c: mov cx, word ptr cs:[bp + 0x2d8]
0x12b91: mov dx, word ptr cs:[bp + 0x2da]
0x12b96: int 0x21
0x12b98: mov ah, 0x3e
0x12b9a: int 0x21
0x12b9c: xor cx, cx
0x12b9e: mov cl, byte ptr cs:[bp + 0x2d7]
0x12ba3: call 0x12bbf
0x12ba6: ret
0x12ba7: mov ah, 0x42
0x12ba9: xor cx, cx
0x12bab: xor dx, dx
0x12bad: int 0x21
0x12baf: ret
0x12bb0: mov ah, 0x1a
2018-12-17T22:51:12.028203078Z 64 PC: 12c5a | Write file or device (Write 419 bytes on handle 5)
2018-12-17T22:51:12.031499023Z 87 PC: 12b98 | Get or set file date and time
2018-12-17T22:51:12.034014361Z 62 PC: 12b9c | Close file
2018-12-17T22:51:12.053912799Z 67 PC: 12bc8 | Get or set file attributes
2018-12-17T22:51:12.06421008Z 79 PC: 12b0c | Find next file
2018-12-17T22:51:12.068247539Z 61 PC: 12bbd | Open file (Filename = 'HELLO.COM')
2018-12-17T22:51:12.074888838Z 63 PC: 12b27 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:51:12.081467925Z 62 PC: 12b2b | Close file
2018-12-17T22:51:12.084698002Z 67 PC: 12bc8 | Get or set file attributes
2018-12-17T22:51:12.094539504Z 61 PC: 12bbd | Open file (Filename = 'HELLO.COM')
2018-12-17T22:51:12.101047326Z 64 PC: 12b71 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:51:12.10445997Z 66 PC: 12baf | Move file pointer
2018-12-17T22:51:12.106047837Z 44 PC: 12b7c | Get time 0x12b7c: cmp dh, 0
0x12b7f: je 0x12b78
0x12b81: mov byte ptr cs:[bp + 0x2a5], dh
0x12b86: call 0x12bfd
0x12b89: mov ax, 0x5701
0x12b8c: mov cx, word ptr cs:[bp + 0x2d8]
0x12b91: mov dx, word ptr cs:[bp + 0x2da]
0x12b96: int 0x21
0x12b98: mov ah, 0x3e
0x12b9a: int 0x21
0x12b9c: xor cx, cx
0x12b9e: mov cl, byte ptr cs:[bp + 0x2d7]
0x12ba3: call 0x12bbf
0x12ba6: ret
0x12ba7: mov ah, 0x42
0x12ba9: xor cx, cx
0x12bab: xor dx, dx
0x12bad: int 0x21
0x12baf: ret
0x12bb0: mov ah, 0x1a
2018-12-17T22:51:12.10848905Z 64 PC: 12c5a | Write file or device (Write 419 bytes on handle 5)
2018-12-17T22:51:12.112265563Z 87 PC: 12b98 | Get or set file date and time
2018-12-17T22:51:12.11396502Z 62 PC: 12b9c | Close file
2018-12-17T22:51:12.121202386Z 67 PC: 12bc8 | Get or set file attributes
2018-12-17T22:51:12.13460063Z 79 PC: 12b0c | Find next file
2018-12-17T22:51:12.137702473Z 61 PC: 12bbd | Open file (Filename = 'PHANG.COM')
2018-12-17T22:51:12.144434053Z 63 PC: 12b27 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:51:12.151789443Z 62 PC: 12b2b | Close file
2018-12-17T22:51:12.154219485Z 67 PC: 12bc8 | Get or set file attributes
2018-12-17T22:51:12.164548968Z 61 PC: 12bbd | Open file (Filename = 'PHANG.COM')
2018-12-17T22:51:12.171505679Z 64 PC: 12b71 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:51:12.175236509Z 66 PC: 12baf | Move file pointer
2018-12-17T22:51:12.176981213Z 44 PC: 12b7c | Get time 0x12b7c: cmp dh, 0
0x12b7f: je 0x12b78
0x12b81: mov byte ptr cs:[bp + 0x2a5], dh
0x12b86: call 0x12bfd
0x12b89: mov ax, 0x5701
0x12b8c: mov cx, word ptr cs:[bp + 0x2d8]
0x12b91: mov dx, word ptr cs:[bp + 0x2da]
0x12b96: int 0x21
0x12b98: mov ah, 0x3e
0x12b9a: int 0x21
0x12b9c: xor cx, cx
0x12b9e: mov cl, byte ptr cs:[bp + 0x2d7]
0x12ba3: call 0x12bbf
0x12ba6: ret
0x12ba7: mov ah, 0x42
0x12ba9: xor cx, cx
0x12bab: xor dx, dx
0x12bad: int 0x21
0x12baf: ret
0x12bb0: mov ah, 0x1a
2018-12-17T22:51:12.179659446Z 64 PC: 12c5a | Write file or device (Write 419 bytes on handle 5)
2018-12-17T22:51:12.183280952Z 87 PC: 12b98 | Get or set file date and time
2018-12-17T22:51:12.185023898Z 62 PC: 12b9c | Close file
2018-12-17T22:51:12.192427575Z 67 PC: 12bc8 | Get or set file attributes
2018-12-17T22:51:12.205797232Z 79 PC: 12b0c | Find next file
2018-12-17T22:51:12.208675216Z 61 PC: 12bbd | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:51:12.215358649Z 63 PC: 12b27 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:51:12.223026989Z 62 PC: 12b2b | Close file
2018-12-17T22:51:12.225063687Z 67 PC: 12bc8 | Get or set file attributes
2018-12-17T22:51:12.2296367Z 61 PC: 12bbd | Open file (Filename = 'PRINTA~1.COM�')
2018-12-17T22:51:12.235053941Z 64 PC: 12b71 | Write file or device (Write 3 bytes on handle 2)
2018-12-17T22:51:12.237879157Z 66 PC: 12baf | Move file pointer
2018-12-17T22:51:12.239440677Z 44 PC: 12b7c | Get time 0x12b7c: cmp dh, 0
0x12b7f: je 0x12b78
0x12b81: mov byte ptr cs:[bp + 0x2a5], dh
0x12b86: call 0x12bfd
0x12b89: mov ax, 0x5701
0x12b8c: mov cx, word ptr cs:[bp + 0x2d8]
0x12b91: mov dx, word ptr cs:[bp + 0x2da]
0x12b96: int 0x21
0x12b98: mov ah, 0x3e
0x12b9a: int 0x21
0x12b9c: xor cx, cx
0x12b9e: mov cl, byte ptr cs:[bp + 0x2d7]
0x12ba3: call 0x12bbf
0x12ba6: ret
0x12ba7: mov ah, 0x42
0x12ba9: xor cx, cx
0x12bab: xor dx, dx
0x12bad: int 0x21
0x12baf: ret
0x12bb0: mov ah, 0x1a
2018-12-17T22:51:12.24301818Z 64 PC: 12c5a | Write file or device (Write 419 bytes on handle 2)
2018-12-17T22:51:12.25179013Z 87 PC: 12b98 | Get or set file date and time
2018-12-17T22:51:12.253456972Z 62 PC: 12b9c | Close file
2018-12-17T22:51:12.256219417Z 67 PC: 12bc8 | Get or set file attributes
2018-12-17T22:51:12.260998487Z 79 PC: 12b0c | Find next file
2018-12-17T22:51:12.263758899Z 61 PC: 12bbd | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:51:12.276799066Z 63 PC: 12b27 | Read file or device (Read 26 bytes on handle 2)
2018-12-17T22:51:12.283438813Z 62 PC: 12b2b | Close file
2018-12-17T22:51:12.285436142Z 67 PC: 12bc8 | Get or set file attributes
2018-12-17T22:51:12.295888311Z 61 PC: 12bbd | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:51:12.302805022Z 64 PC: 12b71 | Write file or device (Write 3 bytes on handle 2)
2018-12-17T22:51:12.305702304Z 66 PC: 12baf | Move file pointer
2018-12-17T22:51:12.307458229Z 44 PC: 12b7c | Get time 0x12b7c: cmp dh, 0
0x12b7f: je 0x12b78
0x12b81: mov byte ptr cs:[bp + 0x2a5], dh
0x12b86: call 0x12bfd
0x12b89: mov ax, 0x5701
0x12b8c: mov cx, word ptr cs:[bp + 0x2d8]
0x12b91: mov dx, word ptr cs:[bp + 0x2da]
0x12b96: int 0x21
0x12b98: mov ah, 0x3e
0x12b9a: int 0x21
0x12b9c: xor cx, cx
0x12b9e: mov cl, byte ptr cs:[bp + 0x2d7]
0x12ba3: call 0x12bbf
0x12ba6: ret
0x12ba7: mov ah, 0x42
0x12ba9: xor cx, cx
0x12bab: xor dx, dx
0x12bad: int 0x21
0x12baf: ret
0x12bb0: mov ah, 0x1a
2018-12-17T22:51:12.310762679Z 64 PC: 12c5a | Write file or device (Write 419 bytes on handle 2)
2018-12-17T22:51:12.328464278Z 87 PC: 12b98 | Get or set file date and time
2018-12-17T22:51:12.330063834Z 62 PC: 12b9c | Close file
2018-12-17T22:51:12.338654586Z 67 PC: 12bc8 | Get or set file attributes
2018-12-17T22:51:12.349536503Z 79 PC: 12b0c | Find next file
2018-12-17T22:51:12.352287661Z 61 PC: 12bbd | Open file (Filename = 'PAH.COM')
2018-12-17T22:51:12.360161859Z 63 PC: 12b27 | Read file or device (Read 26 bytes on handle 2)
2018-12-17T22:51:12.366656292Z 62 PC: 12b2b | Close file
2018-12-17T22:51:12.368589707Z 67 PC: 12bc8 | Get or set file attributes
2018-12-17T22:51:12.379219674Z 61 PC: 12bbd | Open file (Filename = 'PAH.COM')
2018-12-17T22:51:12.385875692Z 64 PC: 12b71 | Write file or device (Write 3 bytes on handle 2)
2018-12-17T22:51:12.38884858Z 66 PC: 12baf | Move file pointer
2018-12-17T22:51:12.391390719Z 44 PC: 12b7c | Get time 0x12b7c: cmp dh, 0
0x12b7f: je 0x12b78
0x12b81: mov byte ptr cs:[bp + 0x2a5], dh
0x12b86: call 0x12bfd
0x12b89: mov ax, 0x5701
0x12b8c: mov cx, word ptr cs:[bp + 0x2d8]
0x12b91: mov dx, word ptr cs:[bp + 0x2da]
0x12b96: int 0x21
0x12b98: mov ah, 0x3e
0x12b9a: int 0x21
0x12b9c: xor cx, cx
0x12b9e: mov cl, byte ptr cs:[bp + 0x2d7]
0x12ba3: call 0x12bbf
0x12ba6: ret
0x12ba7: mov ah, 0x42
0x12ba9: xor cx, cx
0x12bab: xor dx, dx
0x12bad: int 0x21
0x12baf: ret
0x12bb0: mov ah, 0x1a
2018-12-17T22:51:12.393949882Z 64 PC: 12c5a | Write file or device (Write 419 bytes on handle 2)
2018-12-17T22:51:12.397691178Z 87 PC: 12b98 | Get or set file date and time
2018-12-17T22:51:12.400164779Z 62 PC: 12b9c | Close file
2018-12-17T22:51:12.408168184Z 67 PC: 12bc8 | Get or set file attributes
2018-12-17T22:51:12.417887463Z 79 PC: 12b0c | Find next file
2018-12-17T22:51:12.421365134Z 61 PC: 12bbd | Open file (Filename = 'TEST.COM')
2018-12-17T22:51:12.428105244Z 63 PC: 12b27 | Read file or device (Read 26 bytes on handle 2)
2018-12-17T22:51:12.434409228Z 62 PC: 12b2b | Close file
2018-12-17T22:51:12.437075769Z 79 PC: 12b0c | Find next file
2018-12-17T22:51:12.440097731Z 9 PC: 12af2 | Display string (String= 'BlackJack Messenger From Hell [IVP] ')
2018-12-17T22:51:12.447744885Z 37 PC: 12afc | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:51:12.449750102Z 26 PC: 12bb4 | Set disk transfer address
2018-12-17T22:51:12.45126467Z 9 PC: 12aa2 | Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":1,"TimeBased":true,"OriginalID":10481,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:28:09.68767688Z 26 PC: 12bb4 | Set disk transfer address
2018-12-25T12:28:09.689176234Z 53 PC: 12acf | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:28:09.690925483Z 37 PC: 12ae1 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:28:09.692247773Z 78 PC: 12b0c | Find first file
2018-12-25T12:28:09.699685158Z 61 PC: 12bbd | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:28:09.708328777Z 63 PC: 12b27 | Read file or device (Read 26 bytes on handle 5)
2018-12-25T12:28:09.715744398Z 62 PC: 12b2b | Close file
2018-12-25T12:28:09.7182481Z 67 PC: 12bc8 | Get or set file attributes
2018-12-25T12:28:09.740406073Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:09.748614852Z 64 PC: 12b71 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:28:09.756393021Z 66 PC: 12baf | Move file pointer
2018-12-25T12:28:09.759256617Z 44 PC: 12b7c | Get time 0x12b7c: cmp dh, 0
0x12b7f: je 0x12b78
0x12b81: mov byte ptr cs:[bp + 0x2a5], dh
0x12b86: call 0x12bfd
0x12b89: mov ax, 0x5701
0x12b8c: mov cx, word ptr cs:[bp + 0x2d8]
0x12b91: mov dx, word ptr cs:[bp + 0x2da]
0x12b96: int 0x21
0x12b98: mov ah, 0x3e
0x12b9a: int 0x21
0x12b9c: xor cx, cx
0x12b9e: mov cl, byte ptr cs:[bp + 0x2d7]
0x12ba3: call 0x12bbf
0x12ba6: ret
0x12ba7: mov ah, 0x42
0x12ba9: xor cx, cx
0x12bab: xor dx, dx
0x12bad: int 0x21
0x12baf: ret
0x12bb0: mov ah, 0x1a
2018-12-25T12:28:09.762469709Z 64 PC: 12c5a | Write file or device (Write 419 bytes on handle 5)
2018-12-25T12:28:09.771812458Z 87 PC: 12b98 | Get or set file date and time
2018-12-25T12:28:09.773899204Z 62 PC: 12b9c | Close file
2018-12-25T12:28:09.783093532Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:09.794189673Z 79 PC: 12b0c | Find next file (See above)
2018-12-25T12:28:09.797145701Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:09.80602487Z 63 PC: 12b27 | Read file or device (See above)
2018-12-25T12:28:09.813478912Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:28:09.815831067Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:09.827746155Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:09.835548801Z 64 PC: 12b71 | Write file or device (See above)
2018-12-25T12:28:09.839078658Z 66 PC: 12baf | Move file pointer (See above)
2018-12-25T12:28:09.842023311Z 44 PC: 12b7c | Get time (See above)
2018-12-25T12:28:09.84509981Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T12:28:09.848713339Z 87 PC: 12b98 | Get or set file date and time (See above)
2018-12-25T12:28:09.851352688Z 62 PC: 12b9c | Close file (See above)
2018-12-25T12:28:09.859727498Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:09.87148564Z 79 PC: 12b0c | Find next file (See above)
2018-12-25T12:28:09.875029839Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:09.882743151Z 63 PC: 12b27 | Read file or device (See above)
2018-12-25T12:28:09.890072445Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:28:09.892566239Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:09.904823268Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:09.913021172Z 64 PC: 12b71 | Write file or device (See above)
2018-12-25T12:28:09.916147803Z 66 PC: 12baf | Move file pointer (See above)
2018-12-25T12:28:09.919078332Z 44 PC: 12b7c | Get time (See above)
2018-12-25T12:28:09.922217536Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T12:28:09.925529324Z 87 PC: 12b98 | Get or set file date and time (See above)
2018-12-25T12:28:09.927834935Z 62 PC: 12b9c | Close file (See above)
2018-12-25T12:28:09.936638511Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:09.94776348Z 79 PC: 12b0c | Find next file (See above)
2018-12-25T12:28:09.951732743Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:09.959411859Z 63 PC: 12b27 | Read file or device (See above)
2018-12-25T12:28:09.966831557Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:28:09.969886439Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:09.981408836Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:09.988884187Z 64 PC: 12b71 | Write file or device (See above)
2018-12-25T12:28:09.993622229Z 66 PC: 12baf | Move file pointer (See above)
2018-12-25T12:28:09.995605833Z 44 PC: 12b7c | Get time (See above)
2018-12-25T12:28:09.999162475Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T12:28:10.002550303Z 87 PC: 12b98 | Get or set file date and time (See above)
2018-12-25T12:28:10.005061402Z 62 PC: 12b9c | Close file (See above)
2018-12-25T12:28:10.013354674Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.024131505Z 79 PC: 12b0c | Find next file (See above)
2018-12-25T12:28:10.027798651Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.034927273Z 63 PC: 12b27 | Read file or device (See above)
2018-12-25T12:28:10.041630114Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:28:10.044288614Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.049115431Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.054224639Z 64 PC: 12b71 | Write file or device (See above)
2018-12-25T12:28:10.058393256Z 66 PC: 12baf | Move file pointer (See above)
2018-12-25T12:28:10.059963423Z 44 PC: 12b7c | Get time (See above)
2018-12-25T12:28:10.062688496Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T12:28:10.075133667Z 87 PC: 12b98 | Get or set file date and time (See above)
2018-12-25T12:28:10.076948777Z 62 PC: 12b9c | Close file (See above)
2018-12-25T12:28:10.078923525Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.083887599Z 79 PC: 12b0c | Find next file (See above)
2018-12-25T12:28:10.087141086Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.099084229Z 63 PC: 12b27 | Read file or device (See above)
2018-12-25T12:28:10.106063078Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:28:10.108440129Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.119401207Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.127880672Z 64 PC: 12b71 | Write file or device (See above)
2018-12-25T12:28:10.132057197Z 66 PC: 12baf | Move file pointer (See above)
2018-12-25T12:28:10.14783519Z 44 PC: 12b7c | Get time (See above)
2018-12-25T12:28:10.150782597Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T12:28:10.16081086Z 87 PC: 12b98 | Get or set file date and time (See above)
2018-12-25T12:28:10.162704061Z 62 PC: 12b9c | Close file (See above)
2018-12-25T12:28:10.171492547Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.182846912Z 79 PC: 12b0c | Find next file (See above)
2018-12-25T12:28:10.186171394Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.194219624Z 63 PC: 12b27 | Read file or device (See above)
2018-12-25T12:28:10.202480188Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:28:10.204758056Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.215909255Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.22361448Z 64 PC: 12b71 | Write file or device (See above)
2018-12-25T12:28:10.227037081Z 66 PC: 12baf | Move file pointer (See above)
2018-12-25T12:28:10.228635036Z 44 PC: 12b7c | Get time (See above)
2018-12-25T12:28:10.231710474Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T12:28:10.235905851Z 87 PC: 12b98 | Get or set file date and time (See above)
2018-12-25T12:28:10.237542951Z 62 PC: 12b9c | Close file (See above)
2018-12-25T12:28:10.245478233Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.257356614Z 79 PC: 12b0c | Find next file (See above)
2018-12-25T12:28:10.260448028Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.267595315Z 63 PC: 12b27 | Read file or device (See above)
2018-12-25T12:28:10.275139902Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:28:10.27867076Z 79 PC: 12b0c | Find next file (See above)
2018-12-25T12:28:10.281665309Z 9 PC: 12af2 | Display string (String= 'BlackJack Messenger From Hell [IVP] ')
2018-12-25T12:28:10.289696345Z 37 PC: 12afc | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:28:10.290857303Z 26 PC: 12bb4 | Set disk transfer address (See above)
2018-12-25T12:28:10.291830881Z 9 PC: 12aa2 | Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":10481,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:28:10.434528772Z 26 PC: 12bb4 | Set disk transfer address
2018-12-25T12:28:10.435633037Z 53 PC: 12acf | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:28:10.437461383Z 37 PC: 12ae1 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:28:10.438536603Z 78 PC: 12b0c | Find first file
2018-12-25T12:28:10.442591335Z 61 PC: 12bbd | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:28:10.447717792Z 63 PC: 12b27 | Read file or device (Read 26 bytes on handle 5)
2018-12-25T12:28:10.452026589Z 62 PC: 12b2b | Close file
2018-12-25T12:28:10.453538282Z 67 PC: 12bc8 | Get or set file attributes
2018-12-25T12:28:10.470918974Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.478520488Z 64 PC: 12b71 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:28:10.482003997Z 66 PC: 12baf | Move file pointer
2018-12-25T12:28:10.484792023Z 44 PC: 12b7c | Get time 0x12b7c: cmp dh, 0
0x12b7f: je 0x12b78
0x12b81: mov byte ptr cs:[bp + 0x2a5], dh
0x12b86: call 0x12bfd
0x12b89: mov ax, 0x5701
0x12b8c: mov cx, word ptr cs:[bp + 0x2d8]
0x12b91: mov dx, word ptr cs:[bp + 0x2da]
0x12b96: int 0x21
0x12b98: mov ah, 0x3e
0x12b9a: int 0x21
0x12b9c: xor cx, cx
0x12b9e: mov cl, byte ptr cs:[bp + 0x2d7]
0x12ba3: call 0x12bbf
0x12ba6: ret
0x12ba7: mov ah, 0x42
0x12ba9: xor cx, cx
0x12bab: xor dx, dx
0x12bad: int 0x21
0x12baf: ret
0x12bb0: mov ah, 0x1a
2018-12-25T12:28:10.487666814Z 64 PC: 12c5a | Write file or device (Write 419 bytes on handle 5)
2018-12-25T12:28:10.497148391Z 87 PC: 12b98 | Get or set file date and time
2018-12-25T12:28:10.499332608Z 62 PC: 12b9c | Close file
2018-12-25T12:28:10.511590717Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.527114586Z 79 PC: 12b0c | Find next file (See above)
2018-12-25T12:28:10.530526814Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.538853973Z 63 PC: 12b27 | Read file or device (See above)
2018-12-25T12:28:10.546929978Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:28:10.549137068Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.564263216Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.572031938Z 64 PC: 12b71 | Write file or device (See above)
2018-12-25T12:28:10.575290275Z 66 PC: 12baf | Move file pointer (See above)
2018-12-25T12:28:10.581096784Z 44 PC: 12b7c | Get time (See above)
2018-12-25T12:28:10.584052334Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T12:28:10.587843059Z 87 PC: 12b98 | Get or set file date and time (See above)
2018-12-25T12:28:10.590445355Z 62 PC: 12b9c | Close file (See above)
2018-12-25T12:28:10.599899051Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.611391199Z 79 PC: 12b0c | Find next file (See above)
2018-12-25T12:28:10.61581067Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.624562945Z 63 PC: 12b27 | Read file or device (See above)
2018-12-25T12:28:10.632106081Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:28:10.634521115Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.646844507Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.65450123Z 64 PC: 12b71 | Write file or device (See above)
2018-12-25T12:28:10.657627174Z 66 PC: 12baf | Move file pointer (See above)
2018-12-25T12:28:10.659918895Z 44 PC: 12b7c | Get time (See above)
2018-12-25T12:28:10.662696854Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T12:28:10.665928695Z 87 PC: 12b98 | Get or set file date and time (See above)
2018-12-25T12:28:10.668358683Z 62 PC: 12b9c | Close file (See above)
2018-12-25T12:28:10.676796621Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.688190421Z 79 PC: 12b0c | Find next file (See above)
2018-12-25T12:28:10.69129211Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.698854437Z 63 PC: 12b27 | Read file or device (See above)
2018-12-25T12:28:10.706685597Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:28:10.709028699Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.720487266Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.727810513Z 64 PC: 12b71 | Write file or device (See above)
2018-12-25T12:28:10.730894499Z 66 PC: 12baf | Move file pointer (See above)
2018-12-25T12:28:10.740265016Z 44 PC: 12b7c | Get time (See above)
2018-12-25T12:28:10.743231629Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T12:28:10.746946987Z 87 PC: 12b98 | Get or set file date and time (See above)
2018-12-25T12:28:10.7497677Z 62 PC: 12b9c | Close file (See above)
2018-12-25T12:28:10.758678196Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.769862169Z 79 PC: 12b0c | Find next file (See above)
2018-12-25T12:28:10.774242797Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.782454763Z 63 PC: 12b27 | Read file or device (See above)
2018-12-25T12:28:10.790310765Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:28:10.794309736Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.799354938Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.804703337Z 64 PC: 12b71 | Write file or device (See above)
2018-12-25T12:28:10.80867518Z 66 PC: 12baf | Move file pointer (See above)
2018-12-25T12:28:10.811195136Z 44 PC: 12b7c | Get time (See above)
2018-12-25T12:28:10.813830887Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T12:28:10.831041593Z 87 PC: 12b98 | Get or set file date and time (See above)
2018-12-25T12:28:10.834160728Z 62 PC: 12b9c | Close file (See above)
2018-12-25T12:28:10.836376458Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.841162119Z 79 PC: 12b0c | Find next file (See above)
2018-12-25T12:28:10.844850063Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.85206661Z 63 PC: 12b27 | Read file or device (See above)
2018-12-25T12:28:10.859018926Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:28:10.86244581Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.874092442Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.884097395Z 64 PC: 12b71 | Write file or device (See above)
2018-12-25T12:28:10.888813199Z 66 PC: 12baf | Move file pointer (See above)
2018-12-25T12:28:10.890855Z 44 PC: 12b7c | Get time (See above)
2018-12-25T12:28:10.893966137Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T12:28:10.903308803Z 87 PC: 12b98 | Get or set file date and time (See above)
2018-12-25T12:28:10.905860412Z 62 PC: 12b9c | Close file (See above)
2018-12-25T12:28:10.914484395Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.925549806Z 79 PC: 12b0c | Find next file (See above)
2018-12-25T12:28:10.929416544Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.937131886Z 63 PC: 12b27 | Read file or device (See above)
2018-12-25T12:28:10.944489861Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:28:10.947331797Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.958967286Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.966493233Z 64 PC: 12b71 | Write file or device (See above)
2018-12-25T12:28:10.970429909Z 66 PC: 12baf | Move file pointer (See above)
2018-12-25T12:28:10.972430091Z 44 PC: 12b7c | Get time (See above)
2018-12-25T12:28:10.975231411Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T12:28:10.978858405Z 87 PC: 12b98 | Get or set file date and time (See above)
2018-12-25T12:28:10.981088567Z 62 PC: 12b9c | Close file (See above)
2018-12-25T12:28:10.990301246Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:11.001442116Z 79 PC: 12b0c | Find next file (See above)
2018-12-25T12:28:11.005694165Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:11.013291904Z 63 PC: 12b27 | Read file or device (See above)
2018-12-25T12:28:11.01656832Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:28:11.020602756Z 79 PC: 12b0c | Find next file (See above)
2018-12-25T12:28:11.024041677Z 9 PC: 12af2 | Display string (String= 'BlackJack Messenger From Hell [IVP] ')
2018-12-25T12:28:11.034437809Z 37 PC: 12afc | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:28:11.036906149Z 26 PC: 12bb4 | Set disk transfer address (See above)
2018-12-25T12:28:11.038278289Z 9 PC: 12aa2 | Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":10481,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:28:10.404851521Z 26 PC: 12bb4 | Set disk transfer address
2018-12-25T12:28:10.406879614Z 53 PC: 12acf | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:28:10.408771043Z 37 PC: 12ae1 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:28:10.410636281Z 78 PC: 12b0c | Find first file
2018-12-25T12:28:10.418053335Z 61 PC: 12bbd | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:28:10.426575037Z 63 PC: 12b27 | Read file or device (Read 26 bytes on handle 5)
2018-12-25T12:28:10.436695402Z 62 PC: 12b2b | Close file
2018-12-25T12:28:10.441482742Z 67 PC: 12bc8 | Get or set file attributes
2018-12-25T12:28:10.460095611Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.467843308Z 64 PC: 12b71 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:28:10.471331954Z 66 PC: 12baf | Move file pointer
2018-12-25T12:28:10.474988026Z 44 PC: 12b7c | Get time 0x12b7c: cmp dh, 0
0x12b7f: je 0x12b78
0x12b81: mov byte ptr cs:[bp + 0x2a5], dh
0x12b86: call 0x12bfd
0x12b89: mov ax, 0x5701
0x12b8c: mov cx, word ptr cs:[bp + 0x2d8]
0x12b91: mov dx, word ptr cs:[bp + 0x2da]
0x12b96: int 0x21
0x12b98: mov ah, 0x3e
0x12b9a: int 0x21
0x12b9c: xor cx, cx
0x12b9e: mov cl, byte ptr cs:[bp + 0x2d7]
0x12ba3: call 0x12bbf
0x12ba6: ret
0x12ba7: mov ah, 0x42
0x12ba9: xor cx, cx
0x12bab: xor dx, dx
0x12bad: int 0x21
0x12baf: ret
0x12bb0: mov ah, 0x1a
2018-12-25T12:28:10.478815669Z 64 PC: 12c5a | Write file or device (Write 419 bytes on handle 5)
2018-12-25T12:28:10.488715091Z 87 PC: 12b98 | Get or set file date and time
2018-12-25T12:28:10.490835183Z 62 PC: 12b9c | Close file
2018-12-25T12:28:10.500680772Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.511957865Z 79 PC: 12b0c | Find next file (See above)
2018-12-25T12:28:10.515640627Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.523689615Z 63 PC: 12b27 | Read file or device (See above)
2018-12-25T12:28:10.531589292Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:28:10.537188167Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.556410346Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.565073316Z 64 PC: 12b71 | Write file or device (See above)
2018-12-25T12:28:10.57285801Z 66 PC: 12baf | Move file pointer (See above)
2018-12-25T12:28:10.575489856Z 44 PC: 12b7c | Get time (See above)
2018-12-25T12:28:10.57863939Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T12:28:10.582498598Z 87 PC: 12b98 | Get or set file date and time (See above)
2018-12-25T12:28:10.585335686Z 62 PC: 12b9c | Close file (See above)
2018-12-25T12:28:10.594045315Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.605418617Z 79 PC: 12b0c | Find next file (See above)
2018-12-25T12:28:10.609984231Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.618675912Z 63 PC: 12b27 | Read file or device (See above)
2018-12-25T12:28:10.626175219Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:28:10.62876165Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.640307703Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.648132724Z 64 PC: 12b71 | Write file or device (See above)
2018-12-25T12:28:10.652420414Z 66 PC: 12baf | Move file pointer (See above)
2018-12-25T12:28:10.654398349Z 44 PC: 12b7c | Get time (See above)
2018-12-25T12:28:10.657503388Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T12:28:10.661118246Z 87 PC: 12b98 | Get or set file date and time (See above)
2018-12-25T12:28:10.664195876Z 62 PC: 12b9c | Close file (See above)
2018-12-25T12:28:10.672478637Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.687252126Z 79 PC: 12b0c | Find next file (See above)
2018-12-25T12:28:10.691524537Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.699120204Z 63 PC: 12b27 | Read file or device (See above)
2018-12-25T12:28:10.706331081Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:28:10.709521117Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.720986709Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.728756141Z 64 PC: 12b71 | Write file or device (See above)
2018-12-25T12:28:10.733300843Z 66 PC: 12baf | Move file pointer (See above)
2018-12-25T12:28:10.735536108Z 44 PC: 12b7c | Get time (See above)
2018-12-25T12:28:10.73886524Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T12:28:10.742654598Z 87 PC: 12b98 | Get or set file date and time (See above)
2018-12-25T12:28:10.746682565Z 62 PC: 12b9c | Close file (See above)
2018-12-25T12:28:10.755366246Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.76656509Z 79 PC: 12b0c | Find next file (See above)
2018-12-25T12:28:10.774228597Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.782520695Z 63 PC: 12b27 | Read file or device (See above)
2018-12-25T12:28:10.790171804Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:28:10.793208923Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.798567731Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.804052213Z 64 PC: 12b71 | Write file or device (See above)
2018-12-25T12:28:10.807561671Z 66 PC: 12baf | Move file pointer (See above)
2018-12-25T12:28:10.809362304Z 44 PC: 12b7c | Get time (See above)
2018-12-25T12:28:10.812080512Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T12:28:10.82614165Z 87 PC: 12b98 | Get or set file date and time (See above)
2018-12-25T12:28:10.828109985Z 62 PC: 12b9c | Close file (See above)
2018-12-25T12:28:10.830361019Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.834433898Z 79 PC: 12b0c | Find next file (See above)
2018-12-25T12:28:10.837383343Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.843247658Z 63 PC: 12b27 | Read file or device (See above)
2018-12-25T12:28:10.847843874Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:28:10.849466487Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.856260497Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.861671639Z 64 PC: 12b71 | Write file or device (See above)
2018-12-25T12:28:10.86491134Z 66 PC: 12baf | Move file pointer (See above)
2018-12-25T12:28:10.86632641Z 44 PC: 12b7c | Get time (See above)
2018-12-25T12:28:10.872584231Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T12:28:10.882779868Z 87 PC: 12b98 | Get or set file date and time (See above)
2018-12-25T12:28:10.884371641Z 62 PC: 12b9c | Close file (See above)
2018-12-25T12:28:10.893106111Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.904227285Z 79 PC: 12b0c | Find next file (See above)
2018-12-25T12:28:10.907139512Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.914293907Z 63 PC: 12b27 | Read file or device (See above)
2018-12-25T12:28:10.921964948Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:28:10.923789654Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.934543635Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.942221035Z 64 PC: 12b71 | Write file or device (See above)
2018-12-25T12:28:10.945251052Z 66 PC: 12baf | Move file pointer (See above)
2018-12-25T12:28:10.947525199Z 44 PC: 12b7c | Get time (See above)
2018-12-25T12:28:10.950339916Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T12:28:10.95405909Z 87 PC: 12b98 | Get or set file date and time (See above)
2018-12-25T12:28:10.955556737Z 62 PC: 12b9c | Close file (See above)
2018-12-25T12:28:10.963597439Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.974711214Z 79 PC: 12b0c | Find next file (See above)
2018-12-25T12:28:10.977464457Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.984595588Z 63 PC: 12b27 | Read file or device (See above)
2018-12-25T12:28:10.988480697Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:28:10.990901492Z 79 PC: 12b0c | Find next file (See above)
2018-12-25T12:28:10.993610357Z 9 PC: 12af2 | Display string (String= 'BlackJack Messenger From Hell [IVP] ')
2018-12-25T12:28:11.002798784Z 37 PC: 12afc | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:28:11.004440224Z 26 PC: 12bb4 | Set disk transfer address (See above)
2018-12-25T12:28:11.006029862Z 9 PC: 12aa2 | Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":1,"TimeBased":true,"OriginalID":10481,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:28:10.339533848Z 26 PC: 12bb4 | Set disk transfer address
2018-12-25T12:28:10.348586799Z 53 PC: 12acf | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:28:10.35013223Z 37 PC: 12ae1 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:28:10.351344133Z 78 PC: 12b0c | Find first file
2018-12-25T12:28:10.358010325Z 61 PC: 12bbd | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:28:10.3647041Z 63 PC: 12b27 | Read file or device (Read 26 bytes on handle 5)
2018-12-25T12:28:10.371153046Z 62 PC: 12b2b | Close file
2018-12-25T12:28:10.373437851Z 67 PC: 12bc8 | Get or set file attributes
2018-12-25T12:28:10.391803065Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.399054882Z 64 PC: 12b71 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:28:10.403014747Z 66 PC: 12baf | Move file pointer
2018-12-25T12:28:10.404964844Z 44 PC: 12b7c | Get time 0x12b7c: cmp dh, 0
0x12b7f: je 0x12b78
0x12b81: mov byte ptr cs:[bp + 0x2a5], dh
0x12b86: call 0x12bfd
0x12b89: mov ax, 0x5701
0x12b8c: mov cx, word ptr cs:[bp + 0x2d8]
0x12b91: mov dx, word ptr cs:[bp + 0x2da]
0x12b96: int 0x21
0x12b98: mov ah, 0x3e
0x12b9a: int 0x21
0x12b9c: xor cx, cx
0x12b9e: mov cl, byte ptr cs:[bp + 0x2d7]
0x12ba3: call 0x12bbf
0x12ba6: ret
0x12ba7: mov ah, 0x42
0x12ba9: xor cx, cx
0x12bab: xor dx, dx
0x12bad: int 0x21
0x12baf: ret
0x12bb0: mov ah, 0x1a
2018-12-25T12:28:10.407116974Z 64 PC: 12c5a | Write file or device (Write 419 bytes on handle 5)
2018-12-25T12:28:10.415473658Z 87 PC: 12b98 | Get or set file date and time
2018-12-25T12:28:10.41741599Z 62 PC: 12b9c | Close file
2018-12-25T12:28:10.42470572Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.43439756Z 79 PC: 12b0c | Find next file (See above)
2018-12-25T12:28:10.437760981Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.444138078Z 63 PC: 12b27 | Read file or device (See above)
2018-12-25T12:28:10.450184338Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:28:10.452402973Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.463059231Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.469443611Z 64 PC: 12b71 | Write file or device (See above)
2018-12-25T12:28:10.473378522Z 66 PC: 12baf | Move file pointer (See above)
2018-12-25T12:28:10.474986055Z 44 PC: 12b7c | Get time (See above)
2018-12-25T12:28:10.477249858Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T12:28:10.480254536Z 87 PC: 12b98 | Get or set file date and time (See above)
2018-12-25T12:28:10.4820229Z 62 PC: 12b9c | Close file (See above)
2018-12-25T12:28:10.489116136Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.499432244Z 79 PC: 12b0c | Find next file (See above)
2018-12-25T12:28:10.503063824Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.509800991Z 63 PC: 12b27 | Read file or device (See above)
2018-12-25T12:28:10.516107607Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:28:10.518481684Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.531025674Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.537547533Z 64 PC: 12b71 | Write file or device (See above)
2018-12-25T12:28:10.545082086Z 66 PC: 12baf | Move file pointer (See above)
2018-12-25T12:28:10.54678883Z 44 PC: 12b7c | Get time (See above)
2018-12-25T12:28:10.549518432Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T12:28:10.553790123Z 87 PC: 12b98 | Get or set file date and time (See above)
2018-12-25T12:28:10.555615943Z 62 PC: 12b9c | Close file (See above)
2018-12-25T12:28:10.664490041Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.792678839Z 79 PC: 12b0c | Find next file (See above)
2018-12-25T12:28:10.795349647Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.801730663Z 63 PC: 12b27 | Read file or device (See above)
2018-12-25T12:28:10.808364101Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:28:10.81005597Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.827764603Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.834855243Z 64 PC: 12b71 | Write file or device (See above)
2018-12-25T12:28:10.841570808Z 66 PC: 12baf | Move file pointer (See above)
2018-12-25T12:28:10.842933656Z 44 PC: 12b7c | Get time (See above)
2018-12-25T12:28:10.845236163Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T12:28:10.848163337Z 87 PC: 12b98 | Get or set file date and time (See above)
2018-12-25T12:28:10.849440729Z 62 PC: 12b9c | Close file (See above)
2018-12-25T12:28:10.871936152Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.888449328Z 79 PC: 12b0c | Find next file (See above)
2018-12-25T12:28:10.891017993Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.897396963Z 63 PC: 12b27 | Read file or device (See above)
2018-12-25T12:28:10.904217107Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:28:10.905868294Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.91016092Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.91499053Z 64 PC: 12b71 | Write file or device (See above)
2018-12-25T12:28:10.917459933Z 66 PC: 12baf | Move file pointer (See above)
2018-12-25T12:28:10.918603836Z 44 PC: 12b7c | Get time (See above)
2018-12-25T12:28:10.921225228Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T12:28:10.9303398Z 87 PC: 12b98 | Get or set file date and time (See above)
2018-12-25T12:28:10.931769993Z 62 PC: 12b9c | Close file (See above)
2018-12-25T12:28:10.933715322Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.937763269Z 79 PC: 12b0c | Find next file (See above)
2018-12-25T12:28:10.940121654Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.947161402Z 63 PC: 12b27 | Read file or device (See above)
2018-12-25T12:28:10.953136825Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:28:10.954606936Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:10.96753413Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:10.971578466Z 64 PC: 12b71 | Write file or device (See above)
2018-12-25T12:28:10.975638054Z 66 PC: 12baf | Move file pointer (See above)
2018-12-25T12:28:10.977201622Z 44 PC: 12b7c | Get time (See above)
2018-12-25T12:28:10.978830083Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T12:28:10.987923817Z 87 PC: 12b98 | Get or set file date and time (See above)
2018-12-25T12:28:10.989491318Z 62 PC: 12b9c | Close file (See above)
2018-12-25T12:28:11.006895543Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:11.021531796Z 79 PC: 12b0c | Find next file (See above)
2018-12-25T12:28:11.02480329Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:11.031502815Z 63 PC: 12b27 | Read file or device (See above)
2018-12-25T12:28:11.037564034Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:28:11.039837742Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:11.062036868Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:11.068381513Z 64 PC: 12b71 | Write file or device (See above)
2018-12-25T12:28:11.076250941Z 66 PC: 12baf | Move file pointer (See above)
2018-12-25T12:28:11.078961574Z 44 PC: 12b7c | Get time (See above)
2018-12-25T12:28:11.082152049Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T12:28:11.090990652Z 87 PC: 12b98 | Get or set file date and time (See above)
2018-12-25T12:28:11.092913196Z 62 PC: 12b9c | Close file (See above)
2018-12-25T12:28:11.11721152Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T12:28:11.170696439Z 79 PC: 12b0c | Find next file (See above)
2018-12-25T12:28:11.174191711Z 61 PC: 12bbd | Open file (See above)
2018-12-25T12:28:11.180775805Z 63 PC: 12b27 | Read file or device (See above)
2018-12-25T12:28:11.187446409Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:28:11.19027881Z 79 PC: 12b0c | Find next file (See above)
2018-12-25T12:28:11.193980614Z 9 PC: 12af2 | Display string (String= 'BlackJack Messenger From Hell [IVP] ')
2018-12-25T12:28:11.200527712Z 37 PC: 12afc | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:28:11.202562997Z 26 PC: 12bb4 | Set disk transfer address (See above)
2018-12-25T12:28:11.203963664Z 9 PC: 12aa2 | Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')