{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":10502,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:28:13.04179846Z | 26 | PC: 12b2a | Set disk transfer address |
| 2018-12-25T12:28:13.043154675Z | 78 | PC: 12a82 | Find first file |
| 2018-12-25T12:28:13.049009368Z | 61 | PC: 12b33 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:28:13.055983953Z | 63 | PC: 12a9d | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-25T12:28:13.0622259Z | 62 | PC: 12aa1 | Close file |
| 2018-12-25T12:28:13.063521635Z | 67 | PC: 12b3e | Get or set file attributes |
| 2018-12-25T12:28:13.076075298Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.08067173Z | 64 | PC: 12ae7 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:28:13.082448945Z | 66 | PC: 12b25 | Move file pointer |
| 2018-12-25T12:28:13.083357379Z | 44 | PC: 12af2 | Get time 0x12af2: cmp dh, 0 0x12af5: je 0x12aee 0x12af7: mov byte ptr cs:[bp + 0x263], dh 0x12afc: call 0x12b5a 0x12aff: mov ax, 0x5701 0x12b02: mov cx, word ptr cs:[bp + 0x296] 0x12b07: mov dx, word ptr cs:[bp + 0x298] 0x12b0c: int 0x21 0x12b0e: mov ah, 0x3e 0x12b10: int 0x21 0x12b12: xor cx, cx 0x12b14: mov cl, byte ptr cs:[bp + 0x295] 0x12b19: call 0x12b35 0x12b1c: ret 0x12b1d: mov ah, 0x42 0x12b1f: xor cx, cx 0x12b21: xor dx, dx 0x12b23: int 0x21 0x12b25: ret 0x12b26: mov ah, 0x1a |
| 2018-12-25T12:28:13.0852346Z | 64 | PC: 12bb7 | Write file or device (Write 353 bytes on handle 5) |
| 2018-12-25T12:28:13.09175522Z | 87 | PC: 12b0e | Get or set file date and time |
| 2018-12-25T12:28:13.093368985Z | 62 | PC: 12b12 | Close file |
| 2018-12-25T12:28:13.099372013Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.105813486Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:28:13.107648243Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.115126141Z | 63 | PC: 12a9d | Read file or device (See above) |
| 2018-12-25T12:28:13.122103175Z | 62 | PC: 12aa1 | Close file (See above) |
| 2018-12-25T12:28:13.123819971Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.133750824Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.140343859Z | 64 | PC: 12ae7 | Write file or device (See above) |
| 2018-12-25T12:28:13.142972497Z | 66 | PC: 12b25 | Move file pointer (See above) |
| 2018-12-25T12:28:13.144187657Z | 44 | PC: 12af2 | Get time (See above) |
| 2018-12-25T12:28:13.146531413Z | 64 | PC: 12bb7 | Write file or device (See above) |
| 2018-12-25T12:28:13.149176911Z | 87 | PC: 12b0e | Get or set file date and time (See above) |
| 2018-12-25T12:28:13.150579123Z | 62 | PC: 12b12 | Close file (See above) |
| 2018-12-25T12:28:13.169038031Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.179464012Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:28:13.182704145Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.195894862Z | 63 | PC: 12a9d | Read file or device (See above) |
| 2018-12-25T12:28:13.202161673Z | 62 | PC: 12aa1 | Close file (See above) |
| 2018-12-25T12:28:13.203967631Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.214363086Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.229432674Z | 64 | PC: 12ae7 | Write file or device (See above) |
| 2018-12-25T12:28:13.232181053Z | 66 | PC: 12b25 | Move file pointer (See above) |
| 2018-12-25T12:28:13.233981757Z | 44 | PC: 12af2 | Get time (See above) |
| 2018-12-25T12:28:13.2364005Z | 64 | PC: 12bb7 | Write file or device (See above) |
| 2018-12-25T12:28:13.239536476Z | 87 | PC: 12b0e | Get or set file date and time (See above) |
| 2018-12-25T12:28:13.242482579Z | 62 | PC: 12b12 | Close file (See above) |
| 2018-12-25T12:28:13.254786513Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.264517687Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:28:13.268062814Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.274306231Z | 63 | PC: 12a9d | Read file or device (See above) |
| 2018-12-25T12:28:13.280337817Z | 62 | PC: 12aa1 | Close file (See above) |
| 2018-12-25T12:28:13.282765439Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.292737849Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.299283758Z | 64 | PC: 12ae7 | Write file or device (See above) |
| 2018-12-25T12:28:13.302559999Z | 66 | PC: 12b25 | Move file pointer (See above) |
| 2018-12-25T12:28:13.303917811Z | 44 | PC: 12af2 | Get time (See above) |
| 2018-12-25T12:28:13.306079566Z | 64 | PC: 12bb7 | Write file or device (See above) |
| 2018-12-25T12:28:13.309314751Z | 87 | PC: 12b0e | Get or set file date and time (See above) |
| 2018-12-25T12:28:13.310667729Z | 62 | PC: 12b12 | Close file (See above) |
| 2018-12-25T12:28:13.32008662Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.329827064Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:28:13.33234702Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.33858108Z | 63 | PC: 12a9d | Read file or device (See above) |
| 2018-12-25T12:28:13.344854724Z | 62 | PC: 12aa1 | Close file (See above) |
| 2018-12-25T12:28:13.346561436Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.35083771Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.355737004Z | 64 | PC: 12ae7 | Write file or device (See above) |
| 2018-12-25T12:28:13.35909804Z | 66 | PC: 12b25 | Move file pointer (See above) |
| 2018-12-25T12:28:13.360736637Z | 44 | PC: 12af2 | Get time (See above) |
| 2018-12-25T12:28:13.363502758Z | 64 | PC: 12bb7 | Write file or device (See above) |
| 2018-12-25T12:28:13.373760025Z | 87 | PC: 12b0e | Get or set file date and time (See above) |
| 2018-12-25T12:28:13.375143742Z | 62 | PC: 12b12 | Close file (See above) |
| 2018-12-25T12:28:13.376830329Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.38624741Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:28:13.392495507Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.398737633Z | 63 | PC: 12a9d | Read file or device (See above) |
| 2018-12-25T12:28:13.404867807Z | 62 | PC: 12aa1 | Close file (See above) |
| 2018-12-25T12:28:13.406570835Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.416029079Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.423064358Z | 64 | PC: 12ae7 | Write file or device (See above) |
| 2018-12-25T12:28:13.425720627Z | 66 | PC: 12b25 | Move file pointer (See above) |
| 2018-12-25T12:28:13.42704023Z | 44 | PC: 12af2 | Get time (See above) |
| 2018-12-25T12:28:13.430074519Z | 64 | PC: 12bb7 | Write file or device (See above) |
| 2018-12-25T12:28:13.437737282Z | 87 | PC: 12b0e | Get or set file date and time (See above) |
| 2018-12-25T12:28:13.439040427Z | 62 | PC: 12b12 | Close file (See above) |
| 2018-12-25T12:28:13.447119039Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.45697601Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:28:13.459585332Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.467375441Z | 63 | PC: 12a9d | Read file or device (See above) |
| 2018-12-25T12:28:13.473787332Z | 62 | PC: 12aa1 | Close file (See above) |
| 2018-12-25T12:28:13.475888899Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.486510317Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.49318055Z | 64 | PC: 12ae7 | Write file or device (See above) |
| 2018-12-25T12:28:13.496184267Z | 66 | PC: 12b25 | Move file pointer (See above) |
| 2018-12-25T12:28:13.498337073Z | 44 | PC: 12af2 | Get time (See above) |
| 2018-12-25T12:28:13.500957179Z | 64 | PC: 12bb7 | Write file or device (See above) |
| 2018-12-25T12:28:13.504052028Z | 87 | PC: 12b0e | Get or set file date and time (See above) |
| 2018-12-25T12:28:13.50630416Z | 62 | PC: 12b12 | Close file (See above) |
| 2018-12-25T12:28:13.514071365Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.520822103Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:28:13.523184729Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.527139402Z | 63 | PC: 12a9d | Read file or device (See above) |
| 2018-12-25T12:28:13.531846784Z | 62 | PC: 12aa1 | Close file (See above) |
| 2018-12-25T12:28:13.534417192Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:28:13.536629077Z | 9 | PC: 12a74 | Display string (String= 'Birgit [IVP] ') |
| 2018-12-25T12:28:13.540904771Z | 26 | PC: 12b2a | Set disk transfer address (See above) |
{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":1,"TimeBased":true,"OriginalID":10502,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:28:13.158309541Z | 26 | PC: 12b2a | Set disk transfer address |
| 2018-12-25T12:28:13.160059542Z | 78 | PC: 12a82 | Find first file |
| 2018-12-25T12:28:13.167250809Z | 61 | PC: 12b33 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:28:13.174690629Z | 63 | PC: 12a9d | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-25T12:28:13.181787123Z | 62 | PC: 12aa1 | Close file |
| 2018-12-25T12:28:13.184006816Z | 67 | PC: 12b3e | Get or set file attributes |
| 2018-12-25T12:28:13.201754045Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.209844908Z | 64 | PC: 12ae7 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:28:13.213088922Z | 66 | PC: 12b25 | Move file pointer |
| 2018-12-25T12:28:13.214632531Z | 44 | PC: 12af2 | Get time 0x12af2: cmp dh, 0 0x12af5: je 0x12aee 0x12af7: mov byte ptr cs:[bp + 0x263], dh 0x12afc: call 0x12b5a 0x12aff: mov ax, 0x5701 0x12b02: mov cx, word ptr cs:[bp + 0x296] 0x12b07: mov dx, word ptr cs:[bp + 0x298] 0x12b0c: int 0x21 0x12b0e: mov ah, 0x3e 0x12b10: int 0x21 0x12b12: xor cx, cx 0x12b14: mov cl, byte ptr cs:[bp + 0x295] 0x12b19: call 0x12b35 0x12b1c: ret 0x12b1d: mov ah, 0x42 0x12b1f: xor cx, cx 0x12b21: xor dx, dx 0x12b23: int 0x21 0x12b25: ret 0x12b26: mov ah, 0x1a |
| 2018-12-25T12:28:13.217283868Z | 64 | PC: 12bb7 | Write file or device (Write 353 bytes on handle 5) |
| 2018-12-25T12:28:13.227368585Z | 87 | PC: 12b0e | Get or set file date and time |
| 2018-12-25T12:28:13.229589698Z | 62 | PC: 12b12 | Close file |
| 2018-12-25T12:28:13.238440039Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.250564266Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:28:13.253637168Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.264369873Z | 63 | PC: 12a9d | Read file or device (See above) |
| 2018-12-25T12:28:13.272493398Z | 62 | PC: 12aa1 | Close file (See above) |
| 2018-12-25T12:28:13.27472307Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.286634061Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.294528594Z | 64 | PC: 12ae7 | Write file or device (See above) |
| 2018-12-25T12:28:13.298151995Z | 66 | PC: 12b25 | Move file pointer (See above) |
| 2018-12-25T12:28:13.300095951Z | 44 | PC: 12af2 | Get time (See above) |
| 2018-12-25T12:28:13.303169732Z | 64 | PC: 12bb7 | Write file or device (See above) |
| 2018-12-25T12:28:13.307324679Z | 87 | PC: 12b0e | Get or set file date and time (See above) |
| 2018-12-25T12:28:13.309408347Z | 62 | PC: 12b12 | Close file (See above) |
| 2018-12-25T12:28:13.317939066Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.328368758Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:28:13.336593549Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.341378723Z | 63 | PC: 12a9d | Read file or device (See above) |
| 2018-12-25T12:28:13.346197889Z | 62 | PC: 12aa1 | Close file (See above) |
| 2018-12-25T12:28:13.348194741Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.354918476Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.360060569Z | 64 | PC: 12ae7 | Write file or device (See above) |
| 2018-12-25T12:28:13.362184759Z | 66 | PC: 12b25 | Move file pointer (See above) |
| 2018-12-25T12:28:13.363463375Z | 44 | PC: 12af2 | Get time (See above) |
| 2018-12-25T12:28:13.365967667Z | 64 | PC: 12bb7 | Write file or device (See above) |
| 2018-12-25T12:28:13.368180726Z | 87 | PC: 12b0e | Get or set file date and time (See above) |
| 2018-12-25T12:28:13.369509019Z | 62 | PC: 12b12 | Close file (See above) |
| 2018-12-25T12:28:13.375589867Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.382175749Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:28:13.384242213Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.390225605Z | 63 | PC: 12a9d | Read file or device (See above) |
| 2018-12-25T12:28:13.398274519Z | 62 | PC: 12aa1 | Close file (See above) |
| 2018-12-25T12:28:13.40065753Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.415164937Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.423840816Z | 64 | PC: 12ae7 | Write file or device (See above) |
| 2018-12-25T12:28:13.431426773Z | 66 | PC: 12b25 | Move file pointer (See above) |
| 2018-12-25T12:28:13.432892743Z | 44 | PC: 12af2 | Get time (See above) |
| 2018-12-25T12:28:13.435741294Z | 64 | PC: 12bb7 | Write file or device (See above) |
| 2018-12-25T12:28:13.438919203Z | 87 | PC: 12b0e | Get or set file date and time (See above) |
| 2018-12-25T12:28:13.440441462Z | 62 | PC: 12b12 | Close file (See above) |
| 2018-12-25T12:28:13.448756943Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.459406441Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:28:13.462199844Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.47017Z | 63 | PC: 12a9d | Read file or device (See above) |
| 2018-12-25T12:28:13.477760555Z | 62 | PC: 12aa1 | Close file (See above) |
| 2018-12-25T12:28:13.47981881Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.484946242Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.490994218Z | 64 | PC: 12ae7 | Write file or device (See above) |
| 2018-12-25T12:28:13.49440081Z | 66 | PC: 12b25 | Move file pointer (See above) |
| 2018-12-25T12:28:13.496360135Z | 44 | PC: 12af2 | Get time (See above) |
| 2018-12-25T12:28:13.500489174Z | 64 | PC: 12bb7 | Write file or device (See above) |
| 2018-12-25T12:28:13.509594796Z | 87 | PC: 12b0e | Get or set file date and time (See above) |
| 2018-12-25T12:28:13.511581289Z | 62 | PC: 12b12 | Close file (See above) |
| 2018-12-25T12:28:13.514672434Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.520091447Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:28:13.523348468Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.531760214Z | 63 | PC: 12a9d | Read file or device (See above) |
| 2018-12-25T12:28:13.540091595Z | 62 | PC: 12aa1 | Close file (See above) |
| 2018-12-25T12:28:13.542509821Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.555651869Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.566883322Z | 64 | PC: 12ae7 | Write file or device (See above) |
| 2018-12-25T12:28:13.570093548Z | 66 | PC: 12b25 | Move file pointer (See above) |
| 2018-12-25T12:28:13.57223409Z | 44 | PC: 12af2 | Get time (See above) |
| 2018-12-25T12:28:13.575789849Z | 64 | PC: 12bb7 | Write file or device (See above) |
| 2018-12-25T12:28:13.5850174Z | 87 | PC: 12b0e | Get or set file date and time (See above) |
| 2018-12-25T12:28:13.586968205Z | 62 | PC: 12b12 | Close file (See above) |
| 2018-12-25T12:28:13.596347369Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.60902545Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:28:13.611931144Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.620781278Z | 63 | PC: 12a9d | Read file or device (See above) |
| 2018-12-25T12:28:13.628621835Z | 62 | PC: 12aa1 | Close file (See above) |
| 2018-12-25T12:28:13.631092015Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.643323249Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.65137433Z | 64 | PC: 12ae7 | Write file or device (See above) |
| 2018-12-25T12:28:13.654864345Z | 66 | PC: 12b25 | Move file pointer (See above) |
| 2018-12-25T12:28:13.657030924Z | 44 | PC: 12af2 | Get time (See above) |
| 2018-12-25T12:28:13.660939809Z | 64 | PC: 12bb7 | Write file or device (See above) |
| 2018-12-25T12:28:13.664469482Z | 87 | PC: 12b0e | Get or set file date and time (See above) |
| 2018-12-25T12:28:13.666512009Z | 62 | PC: 12b12 | Close file (See above) |
| 2018-12-25T12:28:13.675723652Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.992731673Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:28:13.99609109Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:14.004606249Z | 63 | PC: 12a9d | Read file or device (See above) |
| 2018-12-25T12:28:14.02843699Z | 62 | PC: 12aa1 | Close file (See above) |
| 2018-12-25T12:28:14.030664178Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:28:14.039444964Z | 9 | PC: 12a74 | Display string (String= 'Birgit [IVP] ') |
| 2018-12-25T12:28:14.048152931Z | 26 | PC: 12b2a | Set disk transfer address (See above) |
{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":10502,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:28:13.252595591Z | 26 | PC: 12b2a | Set disk transfer address |
| 2018-12-25T12:28:13.254785911Z | 78 | PC: 12a82 | Find first file |
| 2018-12-25T12:28:13.26134637Z | 61 | PC: 12b33 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:28:13.268279143Z | 63 | PC: 12a9d | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-25T12:28:13.275109369Z | 62 | PC: 12aa1 | Close file |
| 2018-12-25T12:28:13.277882113Z | 67 | PC: 12b3e | Get or set file attributes |
| 2018-12-25T12:28:13.294780597Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.301995617Z | 64 | PC: 12ae7 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:28:13.307903547Z | 66 | PC: 12b25 | Move file pointer |
| 2018-12-25T12:28:13.309329116Z | 44 | PC: 12af2 | Get time 0x12af2: cmp dh, 0 0x12af5: je 0x12aee 0x12af7: mov byte ptr cs:[bp + 0x263], dh 0x12afc: call 0x12b5a 0x12aff: mov ax, 0x5701 0x12b02: mov cx, word ptr cs:[bp + 0x296] 0x12b07: mov dx, word ptr cs:[bp + 0x298] 0x12b0c: int 0x21 0x12b0e: mov ah, 0x3e 0x12b10: int 0x21 0x12b12: xor cx, cx 0x12b14: mov cl, byte ptr cs:[bp + 0x295] 0x12b19: call 0x12b35 0x12b1c: ret 0x12b1d: mov ah, 0x42 0x12b1f: xor cx, cx 0x12b21: xor dx, dx 0x12b23: int 0x21 0x12b25: ret 0x12b26: mov ah, 0x1a |
| 2018-12-25T12:28:13.311771588Z | 64 | PC: 12bb7 | Write file or device (Write 353 bytes on handle 5) |
| 2018-12-25T12:28:13.321636312Z | 87 | PC: 12b0e | Get or set file date and time |
| 2018-12-25T12:28:13.324611911Z | 62 | PC: 12b12 | Close file |
| 2018-12-25T12:28:13.337227522Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.348949446Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:28:13.351675662Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.355955841Z | 63 | PC: 12a9d | Read file or device (See above) |
| 2018-12-25T12:28:13.360531054Z | 62 | PC: 12aa1 | Close file (See above) |
| 2018-12-25T12:28:13.362927564Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.374335893Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.381527604Z | 64 | PC: 12ae7 | Write file or device (See above) |
| 2018-12-25T12:28:13.384703102Z | 66 | PC: 12b25 | Move file pointer (See above) |
| 2018-12-25T12:28:13.386078887Z | 44 | PC: 12af2 | Get time (See above) |
| 2018-12-25T12:28:13.388488878Z | 64 | PC: 12bb7 | Write file or device (See above) |
| 2018-12-25T12:28:13.39189528Z | 87 | PC: 12b0e | Get or set file date and time (See above) |
| 2018-12-25T12:28:13.393265764Z | 62 | PC: 12b12 | Close file (See above) |
| 2018-12-25T12:28:13.401023289Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.412585711Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:28:13.414447431Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.418733713Z | 63 | PC: 12a9d | Read file or device (See above) |
| 2018-12-25T12:28:13.426853016Z | 62 | PC: 12aa1 | Close file (See above) |
| 2018-12-25T12:28:13.428929876Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.443334357Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.451086868Z | 64 | PC: 12ae7 | Write file or device (See above) |
| 2018-12-25T12:28:13.458592387Z | 66 | PC: 12b25 | Move file pointer (See above) |
| 2018-12-25T12:28:13.460032334Z | 44 | PC: 12af2 | Get time (See above) |
| 2018-12-25T12:28:13.462688274Z | 64 | PC: 12bb7 | Write file or device (See above) |
| 2018-12-25T12:28:13.466077299Z | 87 | PC: 12b0e | Get or set file date and time (See above) |
| 2018-12-25T12:28:13.467594358Z | 62 | PC: 12b12 | Close file (See above) |
| 2018-12-25T12:28:13.475908792Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.487356786Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:28:13.490452081Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.498719603Z | 63 | PC: 12a9d | Read file or device (See above) |
| 2018-12-25T12:28:13.507051563Z | 62 | PC: 12aa1 | Close file (See above) |
| 2018-12-25T12:28:13.509152412Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.520135858Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.528012364Z | 64 | PC: 12ae7 | Write file or device (See above) |
| 2018-12-25T12:28:13.531267631Z | 66 | PC: 12b25 | Move file pointer (See above) |
| 2018-12-25T12:28:13.532938996Z | 44 | PC: 12af2 | Get time (See above) |
| 2018-12-25T12:28:13.536200635Z | 64 | PC: 12bb7 | Write file or device (See above) |
| 2018-12-25T12:28:13.539788504Z | 87 | PC: 12b0e | Get or set file date and time (See above) |
| 2018-12-25T12:28:13.541504902Z | 62 | PC: 12b12 | Close file (See above) |
| 2018-12-25T12:28:13.550123509Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.561475006Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:28:13.564214805Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.571800851Z | 63 | PC: 12a9d | Read file or device (See above) |
| 2018-12-25T12:28:13.578783599Z | 62 | PC: 12aa1 | Close file (See above) |
| 2018-12-25T12:28:13.580667692Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.585373809Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.590568324Z | 64 | PC: 12ae7 | Write file or device (See above) |
| 2018-12-25T12:28:13.593644237Z | 66 | PC: 12b25 | Move file pointer (See above) |
| 2018-12-25T12:28:13.59519301Z | 44 | PC: 12af2 | Get time (See above) |
| 2018-12-25T12:28:13.5981791Z | 64 | PC: 12bb7 | Write file or device (See above) |
| 2018-12-25T12:28:13.609167281Z | 87 | PC: 12b0e | Get or set file date and time (See above) |
| 2018-12-25T12:28:13.610659544Z | 62 | PC: 12b12 | Close file (See above) |
| 2018-12-25T12:28:13.612835048Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.617515086Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:28:13.620389018Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.629009603Z | 63 | PC: 12a9d | Read file or device (See above) |
| 2018-12-25T12:28:13.635749969Z | 62 | PC: 12aa1 | Close file (See above) |
| 2018-12-25T12:28:13.637706236Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.649412903Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.656791776Z | 64 | PC: 12ae7 | Write file or device (See above) |
| 2018-12-25T12:28:13.660026246Z | 66 | PC: 12b25 | Move file pointer (See above) |
| 2018-12-25T12:28:13.662694281Z | 44 | PC: 12af2 | Get time (See above) |
| 2018-12-25T12:28:13.666091226Z | 64 | PC: 12bb7 | Write file or device (See above) |
| 2018-12-25T12:28:13.67721377Z | 87 | PC: 12b0e | Get or set file date and time (See above) |
| 2018-12-25T12:28:13.679708512Z | 62 | PC: 12b12 | Close file (See above) |
| 2018-12-25T12:28:13.992574584Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:14.006942907Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:28:14.009394862Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:14.016167201Z | 63 | PC: 12a9d | Read file or device (See above) |
| 2018-12-25T12:28:14.020691476Z | 62 | PC: 12aa1 | Close file (See above) |
| 2018-12-25T12:28:14.022221306Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:14.029249928Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:14.034350369Z | 64 | PC: 12ae7 | Write file or device (See above) |
| 2018-12-25T12:28:14.036347116Z | 66 | PC: 12b25 | Move file pointer (See above) |
| 2018-12-25T12:28:14.038093123Z | 44 | PC: 12af2 | Get time (See above) |
| 2018-12-25T12:28:14.039851678Z | 64 | PC: 12bb7 | Write file or device (See above) |
| 2018-12-25T12:28:14.042042238Z | 87 | PC: 12b0e | Get or set file date and time (See above) |
| 2018-12-25T12:28:14.043960832Z | 62 | PC: 12b12 | Close file (See above) |
| 2018-12-25T12:28:14.049150899Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:14.057917406Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:28:14.061121238Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:14.065576662Z | 63 | PC: 12a9d | Read file or device (See above) |
| 2018-12-25T12:28:14.069766885Z | 62 | PC: 12aa1 | Close file (See above) |
| 2018-12-25T12:28:14.072455394Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:28:14.074233124Z | 9 | PC: 12a74 | Display string (String= 'Birgit [IVP] ') |
| 2018-12-25T12:28:14.079270836Z | 26 | PC: 12b2a | Set disk transfer address (See above) |
{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":1,"TimeBased":true,"OriginalID":10502,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:28:13.343274315Z | 26 | PC: 12b2a | Set disk transfer address |
| 2018-12-25T12:28:13.352601513Z | 78 | PC: 12a82 | Find first file |
| 2018-12-25T12:28:13.359932204Z | 61 | PC: 12b33 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:28:13.367797247Z | 63 | PC: 12a9d | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-25T12:28:13.375340437Z | 62 | PC: 12aa1 | Close file |
| 2018-12-25T12:28:13.377827231Z | 67 | PC: 12b3e | Get or set file attributes |
| 2018-12-25T12:28:13.394393376Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.402627232Z | 64 | PC: 12ae7 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:28:13.408319036Z | 66 | PC: 12b25 | Move file pointer |
| 2018-12-25T12:28:13.409988425Z | 44 | PC: 12af2 | Get time 0x12af2: cmp dh, 0 0x12af5: je 0x12aee 0x12af7: mov byte ptr cs:[bp + 0x263], dh 0x12afc: call 0x12b5a 0x12aff: mov ax, 0x5701 0x12b02: mov cx, word ptr cs:[bp + 0x296] 0x12b07: mov dx, word ptr cs:[bp + 0x298] 0x12b0c: int 0x21 0x12b0e: mov ah, 0x3e 0x12b10: int 0x21 0x12b12: xor cx, cx 0x12b14: mov cl, byte ptr cs:[bp + 0x295] 0x12b19: call 0x12b35 0x12b1c: ret 0x12b1d: mov ah, 0x42 0x12b1f: xor cx, cx 0x12b21: xor dx, dx 0x12b23: int 0x21 0x12b25: ret 0x12b26: mov ah, 0x1a |
| 2018-12-25T12:28:13.412612434Z | 64 | PC: 12bb7 | Write file or device (Write 353 bytes on handle 5) |
| 2018-12-25T12:28:13.425025928Z | 87 | PC: 12b0e | Get or set file date and time |
| 2018-12-25T12:28:13.426688443Z | 62 | PC: 12b12 | Close file |
| 2018-12-25T12:28:13.432186906Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.444119062Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:28:13.446924452Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.45404507Z | 63 | PC: 12a9d | Read file or device (See above) |
| 2018-12-25T12:28:13.461608456Z | 62 | PC: 12aa1 | Close file (See above) |
| 2018-12-25T12:28:13.463811574Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.475396936Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.483088551Z | 64 | PC: 12ae7 | Write file or device (See above) |
| 2018-12-25T12:28:13.487179594Z | 66 | PC: 12b25 | Move file pointer (See above) |
| 2018-12-25T12:28:13.489223668Z | 44 | PC: 12af2 | Get time (See above) |
| 2018-12-25T12:28:13.492288903Z | 64 | PC: 12bb7 | Write file or device (See above) |
| 2018-12-25T12:28:13.496124868Z | 87 | PC: 12b0e | Get or set file date and time (See above) |
| 2018-12-25T12:28:13.49811314Z | 62 | PC: 12b12 | Close file (See above) |
| 2018-12-25T12:28:13.50664686Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.519653589Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:28:13.522599188Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.530132675Z | 63 | PC: 12a9d | Read file or device (See above) |
| 2018-12-25T12:28:13.538761918Z | 62 | PC: 12aa1 | Close file (See above) |
| 2018-12-25T12:28:13.541665106Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.553728472Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.562120936Z | 64 | PC: 12ae7 | Write file or device (See above) |
| 2018-12-25T12:28:13.56546375Z | 66 | PC: 12b25 | Move file pointer (See above) |
| 2018-12-25T12:28:13.567054907Z | 44 | PC: 12af2 | Get time (See above) |
| 2018-12-25T12:28:13.569939626Z | 64 | PC: 12bb7 | Write file or device (See above) |
| 2018-12-25T12:28:13.574418928Z | 87 | PC: 12b0e | Get or set file date and time (See above) |
| 2018-12-25T12:28:13.57652241Z | 62 | PC: 12b12 | Close file (See above) |
| 2018-12-25T12:28:13.585167627Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.597504827Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:28:13.60098919Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.609151811Z | 63 | PC: 12a9d | Read file or device (See above) |
| 2018-12-25T12:28:13.616955458Z | 62 | PC: 12aa1 | Close file (See above) |
| 2018-12-25T12:28:13.619083635Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.630344061Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.639178342Z | 64 | PC: 12ae7 | Write file or device (See above) |
| 2018-12-25T12:28:13.643329412Z | 66 | PC: 12b25 | Move file pointer (See above) |
| 2018-12-25T12:28:13.645406435Z | 44 | PC: 12af2 | Get time (See above) |
| 2018-12-25T12:28:13.649438199Z | 64 | PC: 12bb7 | Write file or device (See above) |
| 2018-12-25T12:28:13.653450495Z | 87 | PC: 12b0e | Get or set file date and time (See above) |
| 2018-12-25T12:28:13.655587125Z | 62 | PC: 12b12 | Close file (See above) |
| 2018-12-25T12:28:13.665042997Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.67738443Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:28:13.68083485Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.689192379Z | 63 | PC: 12a9d | Read file or device (See above) |
| 2018-12-25T12:28:13.697626953Z | 62 | PC: 12aa1 | Close file (See above) |
| 2018-12-25T12:28:13.699692749Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.704631665Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.71014001Z | 64 | PC: 12ae7 | Write file or device (See above) |
| 2018-12-25T12:28:13.716239785Z | 66 | PC: 12b25 | Move file pointer (See above) |
| 2018-12-25T12:28:13.720820469Z | 44 | PC: 12af2 | Get time (See above) |
| 2018-12-25T12:28:13.724222139Z | 64 | PC: 12bb7 | Write file or device (See above) |
| 2018-12-25T12:28:13.73490994Z | 87 | PC: 12b0e | Get or set file date and time (See above) |
| 2018-12-25T12:28:13.736585698Z | 62 | PC: 12b12 | Close file (See above) |
| 2018-12-25T12:28:13.739371096Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.744849917Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:28:13.747600112Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.76287848Z | 63 | PC: 12a9d | Read file or device (See above) |
| 2018-12-25T12:28:13.769848615Z | 62 | PC: 12aa1 | Close file (See above) |
| 2018-12-25T12:28:13.771905974Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:13.988084748Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:13.995903112Z | 64 | PC: 12ae7 | Write file or device (See above) |
| 2018-12-25T12:28:13.999511193Z | 66 | PC: 12b25 | Move file pointer (See above) |
| 2018-12-25T12:28:14.001706205Z | 44 | PC: 12af2 | Get time (See above) |
| 2018-12-25T12:28:14.005709639Z | 64 | PC: 12bb7 | Write file or device (See above) |
| 2018-12-25T12:28:14.015670364Z | 87 | PC: 12b0e | Get or set file date and time (See above) |
| 2018-12-25T12:28:14.017784064Z | 62 | PC: 12b12 | Close file (See above) |
| 2018-12-25T12:28:14.027553051Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:14.039366628Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:28:14.042788726Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:14.073342936Z | 63 | PC: 12a9d | Read file or device (See above) |
| 2018-12-25T12:28:14.081858095Z | 62 | PC: 12aa1 | Close file (See above) |
| 2018-12-25T12:28:14.084371979Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:14.09697248Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:14.105236368Z | 64 | PC: 12ae7 | Write file or device (See above) |
| 2018-12-25T12:28:14.108761726Z | 66 | PC: 12b25 | Move file pointer (See above) |
| 2018-12-25T12:28:14.111003071Z | 44 | PC: 12af2 | Get time (See above) |
| 2018-12-25T12:28:14.114966912Z | 64 | PC: 12bb7 | Write file or device (See above) |
| 2018-12-25T12:28:14.118584332Z | 87 | PC: 12b0e | Get or set file date and time (See above) |
| 2018-12-25T12:28:14.120668211Z | 62 | PC: 12b12 | Close file (See above) |
| 2018-12-25T12:28:14.130626625Z | 67 | PC: 12b3e | Get or set file attributes (See above) |
| 2018-12-25T12:28:14.14286202Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:28:14.14620442Z | 61 | PC: 12b33 | Open file (See above) |
| 2018-12-25T12:28:14.154854053Z | 63 | PC: 12a9d | Read file or device (See above) |
| 2018-12-25T12:28:14.158488552Z | 62 | PC: 12aa1 | Close file (See above) |
| 2018-12-25T12:28:14.160571031Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:28:14.163960256Z | 9 | PC: 12a74 | Display string (String= 'Birgit [IVP] ') |
| 2018-12-25T12:28:14.171174811Z | 26 | PC: 12b2a | Set disk transfer address (See above) |