{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11160,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:30:05.115338765Z | 37 | PC: 12b79 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:30:05.116938259Z | 47 | PC: 12b7e | Get disk transfer address |
| 2018-12-25T12:30:05.117937654Z | 26 | PC: 12b8c | Set disk transfer address |
| 2018-12-25T12:30:05.118843334Z | 78 | PC: 12b9c | Find first file |
| 2018-12-25T12:30:05.125446654Z | 61 | PC: 12bc7 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:30:05.132290595Z | 63 | PC: 12bda | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:30:05.142565288Z | 66 | PC: 12bfb | Move file pointer |
| 2018-12-25T12:30:05.144155411Z | 64 | PC: 12c0d | Write file or device (Write 9 bytes on handle 5) |
| 2018-12-25T12:30:05.147675319Z | 64 | PC: 12c3b | Write file or device (Write 53131 bytes on handle 5) |
| 2018-12-25T12:30:05.983627648Z | 64 | PC: 12c44 | Write file or device (Write 2870 bytes on handle 5) |
| 2018-12-25T12:30:06.092492417Z | 64 | PC: 12c4b | Write file or device (Write 2870 bytes on handle 5) |
| 2018-12-25T12:30:06.105316225Z | 66 | PC: 12c53 | Move file pointer |
| 2018-12-25T12:30:06.10710284Z | 64 | PC: 12c5c | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:30:06.11375789Z | 87 | PC: 12c67 | Get or set file date and time |
| 2018-12-25T12:30:06.11605713Z | 62 | PC: 12c6b | Close file |
| 2018-12-25T12:30:06.174385155Z | 67 | PC: 12c7d | Get or set file attributes |
| 2018-12-25T12:30:06.203862264Z | 42 | PC: 12c81 | Get date 0x12c81: cmp al, 5 0x12c83: jne 0x12cc2 0x12c85: cmp dl, 0xd 0x12c88: jne 0x12cc2 0x12c8a: call 0x12cb8 0x12c8d: push sp 0x12c8e: push 0x7369 0x12c91: and byte ptr [bx + si + 0x72], dh 0x12c94: outsw dx, word ptr [si] 0x12c95: jb 0x12cf9 0x12c98: insw word ptr es:[di], dx 0x12c99: and byte ptr [bp + si + 0x65], dh 0x12c9c: jno 0x12d13 0x12c9e: imul si, word ptr [bp + si + 0x65], 0x2073 0x12ca3: dec bp 0x12ca4: imul sp, word ptr [bp + di + 0x72], 0x736f 0x12ca9: outsw dx, word ptr [si] 0x12caa: je 0x12ccd 0x12cad: push di 0x12cae: imul bp, word ptr [bp + 0x64], 0x776f |
| 2018-12-25T12:30:06.207122444Z | 26 | PC: 12cc8 | Set disk transfer address |
{"DateBased":true,"Day":4,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11160,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:30:05.15854261Z | 37 | PC: 12b79 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:30:05.161314347Z | 47 | PC: 12b7e | Get disk transfer address |
| 2018-12-25T12:30:05.162382854Z | 26 | PC: 12b8c | Set disk transfer address |
| 2018-12-25T12:30:05.163451271Z | 78 | PC: 12b9c | Find first file |
| 2018-12-25T12:30:05.168292761Z | 61 | PC: 12bc7 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:30:05.172691406Z | 63 | PC: 12bda | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:30:05.176737209Z | 66 | PC: 12bfb | Move file pointer |
| 2018-12-25T12:30:05.178415441Z | 64 | PC: 12c0d | Write file or device (Write 9 bytes on handle 5) |
| 2018-12-25T12:30:05.180562714Z | 64 | PC: 12c3b | Write file or device (Write 53131 bytes on handle 5) |
| 2018-12-25T12:30:05.985464166Z | 64 | PC: 12c44 | Write file or device (Write 2870 bytes on handle 5) |
| 2018-12-25T12:30:06.09226555Z | 64 | PC: 12c4b | Write file or device (Write 2870 bytes on handle 5) |
| 2018-12-25T12:30:06.10723316Z | 66 | PC: 12c53 | Move file pointer |
| 2018-12-25T12:30:06.109668637Z | 64 | PC: 12c5c | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:30:06.114650046Z | 87 | PC: 12c67 | Get or set file date and time |
| 2018-12-25T12:30:06.117933104Z | 62 | PC: 12c6b | Close file |
| 2018-12-25T12:30:06.174662289Z | 67 | PC: 12c7d | Get or set file attributes |
| 2018-12-25T12:30:06.215276898Z | 42 | PC: 12c81 | Get date 0x12c81: cmp al, 5 0x12c83: jne 0x12cc2 0x12c85: cmp dl, 0xd 0x12c88: jne 0x12cc2 0x12c8a: call 0x12cb8 0x12c8d: push sp 0x12c8e: push 0x7369 0x12c91: and byte ptr [bx + si + 0x72], dh 0x12c94: outsw dx, word ptr [si] 0x12c95: jb 0x12cf9 0x12c98: insw word ptr es:[di], dx 0x12c99: and byte ptr [bp + si + 0x65], dh 0x12c9c: jno 0x12d13 0x12c9e: imul si, word ptr [bp + si + 0x65], 0x2073 0x12ca3: dec bp 0x12ca4: imul sp, word ptr [bp + di + 0x72], 0x736f 0x12ca9: outsw dx, word ptr [si] 0x12caa: je 0x12ccd 0x12cad: push di 0x12cae: imul bp, word ptr [bp + 0x64], 0x776f |
| 2018-12-25T12:30:06.218577256Z | 26 | PC: 12cc8 | Set disk transfer address |
{"DateBased":true,"Day":13,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11160,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:30:05.168049503Z | 37 | PC: 12b79 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:30:05.169488304Z | 47 | PC: 12b7e | Get disk transfer address |
| 2018-12-25T12:30:05.170690732Z | 26 | PC: 12b8c | Set disk transfer address |
| 2018-12-25T12:30:05.171831713Z | 78 | PC: 12b9c | Find first file |
| 2018-12-25T12:30:05.178449648Z | 61 | PC: 12bc7 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:30:05.18489465Z | 63 | PC: 12bda | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:30:05.190933214Z | 66 | PC: 12bfb | Move file pointer |
| 2018-12-25T12:30:05.192469669Z | 64 | PC: 12c0d | Write file or device (Write 9 bytes on handle 5) |
| 2018-12-25T12:30:05.195087509Z | 64 | PC: 12c3b | Write file or device (Write 53131 bytes on handle 5) |
| 2018-12-25T12:30:05.985894935Z | 64 | PC: 12c44 | Write file or device (Write 2870 bytes on handle 5) |
| 2018-12-25T12:30:06.086318948Z | 64 | PC: 12c4b | Write file or device (Write 2870 bytes on handle 5) |
| 2018-12-25T12:30:06.105282416Z | 66 | PC: 12c53 | Move file pointer |
| 2018-12-25T12:30:06.106939483Z | 64 | PC: 12c5c | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:30:06.11359679Z | 87 | PC: 12c67 | Get or set file date and time |
| 2018-12-25T12:30:06.115578454Z | 62 | PC: 12c6b | Close file |
| 2018-12-25T12:30:06.169256983Z | 67 | PC: 12c7d | Get or set file attributes |
| 2018-12-25T12:30:06.188869593Z | 42 | PC: 12c81 | Get date 0x12c81: cmp al, 5 0x12c83: jne 0x12cc2 0x12c85: cmp dl, 0xd 0x12c88: jne 0x12cc2 0x12c8a: call 0x12cb8 0x12c8d: push sp 0x12c8e: push 0x7369 0x12c91: and byte ptr [bx + si + 0x72], dh 0x12c94: outsw dx, word ptr [si] 0x12c95: jb 0x12cf9 0x12c98: insw word ptr es:[di], dx 0x12c99: and byte ptr [bp + si + 0x65], dh 0x12c9c: jno 0x12d13 0x12c9e: imul si, word ptr [bp + si + 0x65], 0x2073 0x12ca3: dec bp 0x12ca4: imul sp, word ptr [bp + di + 0x72], 0x736f 0x12ca9: outsw dx, word ptr [si] 0x12caa: je 0x12ccd 0x12cad: push di 0x12cae: imul bp, word ptr [bp + 0x64], 0x776f |
| 2018-12-25T12:30:06.191595071Z | 9 | PC: 12cbd | Display string (String= 'This program requires Microsoft Windows. ') |
| 2018-12-25T12:30:06.196804034Z | 76 | PC: 12cc2 | Terminate with return code (Return code = '0') |