Sample viewer

vx.netlux.org/Virus.DOS.Szamalk.2174

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:56:00.346724581Z 26 PC: 12eb5 | Set disk transfer address
2018-12-17T22:56:00.351232974Z 42 PC: 12ec5 | Get date 0x12ec5: cmp cx, 0x7c8
0x12ec9: jb 0x12f3e
0x12ecb: cmp dh, 9
0x12ece: jb 0x12f3e
0x12ed0: cmp dl, 1
0x12ed3: jne 0x12f3e
0x12ed5: call 0x130b8
0x12ed8: mov al, 2
0x12eda: push ax
0x12edb: mov cx, 0x80
0x12ede: mov dx, 0
0x12ee1: push ds
0x12ee2: mov ds, dx
0x12ee4: mov bx, 0
0x12ee7: int 0x26
0x12ee9: popf
0x12eea: pop ds
0x12eeb: pop ax
0x12eec: inc al
0x12eee: cmp al, 0
2018-12-17T22:56:00.353633711Z 53 PC: 12f46 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:56:00.354945209Z 37 PC: 12f5c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:56:00.356599681Z 78 PC: 12f6f | Find first file
2018-12-17T22:56:00.362433349Z 67 PC: 1325b | Get or set file attributes
2018-12-17T22:56:00.367753785Z 67 PC: 1325b | Get or set file attributes
2018-12-17T22:56:00.599379564Z 61 PC: 13103 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:56:00.606284985Z 87 PC: 13223 | Get or set file date and time
2018-12-17T22:56:00.607775029Z 63 PC: 1310f | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:56:00.622334856Z 62 PC: 13121 | Close file
2018-12-17T22:56:00.624007174Z 67 PC: 1325b | Get or set file attributes
2018-12-17T22:56:00.633810595Z 79 PC: 12fdc | Find next file
2018-12-17T22:56:00.637165571Z 67 PC: 1325b | Get or set file attributes
2018-12-17T22:56:00.643476249Z 67 PC: 1325b | Get or set file attributes
2018-12-17T22:56:00.653072713Z 61 PC: 13103 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:56:00.660457425Z 87 PC: 13223 | Get or set file date and time
2018-12-17T22:56:00.662110468Z 63 PC: 1310f | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:56:00.669328102Z 62 PC: 13121 | Close file
2018-12-17T22:56:00.671553967Z 67 PC: 1325b | Get or set file attributes
2018-12-17T22:56:00.681762493Z 79 PC: 12fdc | Find next file
2018-12-17T22:56:00.684370233Z 67 PC: 1325b | Get or set file attributes
2018-12-17T22:56:00.690024244Z 67 PC: 1325b | Get or set file attributes
2018-12-17T22:56:00.699891458Z 61 PC: 13103 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:56:00.711469126Z 87 PC: 13223 | Get or set file date and time
2018-12-17T22:56:00.71294558Z 63 PC: 1310f | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:56:00.718986691Z 62 PC: 13121 | Close file
2018-12-17T22:56:00.720640582Z 67 PC: 1325b | Get or set file attributes
2018-12-17T22:56:01.042874334Z 79 PC: 12fdc | Find next file
2018-12-17T22:56:01.046888017Z 67 PC: 1325b | Get or set file attributes
2018-12-17T22:56:01.054096839Z 67 PC: 1325b | Get or set file attributes
2018-12-17T22:56:01.064100642Z 61 PC: 13103 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:56:01.072186455Z 87 PC: 13223 | Get or set file date and time
2018-12-17T22:56:01.074012676Z 63 PC: 1310f | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:56:01.080670689Z 62 PC: 13121 | Close file
2018-12-17T22:56:01.083808041Z 67 PC: 1325b | Get or set file attributes
2018-12-17T22:56:01.094266743Z 79 PC: 12fdc | Find next file
2018-12-17T22:56:01.097073114Z 67 PC: 1325b | Get or set file attributes
2018-12-17T22:56:01.103240273Z 67 PC: 1325b | Get or set file attributes
2018-12-17T22:56:01.114409841Z 61 PC: 13103 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:56:01.121454486Z 87 PC: 13223 | Get or set file date and time
2018-12-17T22:56:01.123293862Z 63 PC: 1310f | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:56:01.129639249Z 62 PC: 13121 | Close file
2018-12-17T22:56:01.13212744Z 67 PC: 1325b | Get or set file attributes
2018-12-17T22:56:01.143297182Z 79 PC: 12fdc | Find next file
2018-12-17T22:56:01.146474087Z 67 PC: 1325b | Get or set file attributes
2018-12-17T22:56:01.157961071Z 67 PC: 1325b | Get or set file attributes
2018-12-17T22:56:01.168824263Z 61 PC: 13103 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:56:01.176031441Z 87 PC: 13223 | Get or set file date and time
2018-12-17T22:56:01.177913738Z 63 PC: 1310f | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:56:01.184707971Z 62 PC: 13121 | Close file
2018-12-17T22:56:01.18794215Z 67 PC: 1325b | Get or set file attributes
2018-12-17T22:56:01.198576106Z 79 PC: 12fdc | Find next file
2018-12-17T22:56:01.201548973Z 67 PC: 1325b | Get or set file attributes
2018-12-17T22:56:01.207967899Z 67 PC: 1325b | Get or set file attributes
2018-12-17T22:56:01.220521738Z 61 PC: 13103 | Open file (Filename = 'PAH.COM')
2018-12-17T22:56:01.227024457Z 87 PC: 13223 | Get or set file date and time
2018-12-17T22:56:01.229438737Z 63 PC: 1310f | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:56:01.235750788Z 62 PC: 13121 | Close file
2018-12-17T22:56:01.237429038Z 67 PC: 1325b | Get or set file attributes
2018-12-17T22:56:01.247738086Z 79 PC: 12fdc | Find next file
2018-12-17T22:56:01.250331813Z 78 PC: 12f6f | Find first file
2018-12-17T22:56:01.256033996Z 37 PC: 130aa | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:56:01.257593825Z 26 PC: 130fa | Set disk transfer address
2018-12-17T22:56:01.258603552Z 9 PC: 12a82 | Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ')
2018-12-17T22:56:01.262492421Z 76 PC: 12a86 | Terminate with return code (Return code = '36')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12078,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:31:55.259084961Z 26 PC: 12eb5 | Set disk transfer address
2018-12-25T12:31:55.261119273Z 42 PC: 12ec5 | Get date 0x12ec5: cmp cx, 0x7c8
0x12ec9: jb 0x12f3e
0x12ecb: cmp dh, 9
0x12ece: jb 0x12f3e
0x12ed0: cmp dl, 1
0x12ed3: jne 0x12f3e
0x12ed5: call 0x130b8
0x12ed8: mov al, 2
0x12eda: push ax
0x12edb: mov cx, 0x80
0x12ede: mov dx, 0
0x12ee1: push ds
0x12ee2: mov ds, dx
0x12ee4: mov bx, 0
0x12ee7: int 0x26
0x12ee9: popf
0x12eea: pop ds
0x12eeb: pop ax
0x12eec: inc al
0x12eee: cmp al, 0
2018-12-25T12:31:55.263816633Z 53 PC: 12f46 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:31:55.265294828Z 37 PC: 12f5c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:31:55.266984947Z 78 PC: 12f6f | Find first file
2018-12-25T12:31:55.274225217Z 67 PC: 1325b | Get or set file attributes
2018-12-25T12:31:55.280922498Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.298537339Z 61 PC: 13103 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:31:55.306802697Z 87 PC: 13223 | Get or set file date and time
2018-12-25T12:31:55.308558171Z 63 PC: 1310f | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:31:55.315686103Z 62 PC: 13121 | Close file
2018-12-25T12:31:55.318092748Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.332167361Z 79 PC: 12fdc | Find next file
2018-12-25T12:31:55.335389903Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.342354081Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.353476064Z 61 PC: 13103 | Open file (See above)
2018-12-25T12:31:55.360986302Z 87 PC: 13223 | Get or set file date and time (See above)
2018-12-25T12:31:55.363068995Z 63 PC: 1310f | Read file or device (See above)
2018-12-25T12:31:55.370158225Z 62 PC: 13121 | Close file (See above)
2018-12-25T12:31:55.372323511Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.384402678Z 79 PC: 12fdc | Find next file (See above)
2018-12-25T12:31:55.387632802Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.394176398Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.407191081Z 61 PC: 13103 | Open file (See above)
2018-12-25T12:31:55.414651293Z 87 PC: 13223 | Get or set file date and time (See above)
2018-12-25T12:31:55.416098872Z 63 PC: 1310f | Read file or device (See above)
2018-12-25T12:31:55.423777536Z 62 PC: 13121 | Close file (See above)
2018-12-25T12:31:55.42580717Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.436851532Z 79 PC: 12fdc | Find next file (See above)
2018-12-25T12:31:55.44511456Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.450104115Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.457714283Z 61 PC: 13103 | Open file (See above)
2018-12-25T12:31:55.466717802Z 87 PC: 13223 | Get or set file date and time (See above)
2018-12-25T12:31:55.470416179Z 63 PC: 1310f | Read file or device (See above)
2018-12-25T12:31:55.478496273Z 62 PC: 13121 | Close file (See above)
2018-12-25T12:31:55.480833126Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.492922068Z 79 PC: 12fdc | Find next file (See above)
2018-12-25T12:31:55.49617977Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.502316392Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.514656729Z 61 PC: 13103 | Open file (See above)
2018-12-25T12:31:55.52220103Z 87 PC: 13223 | Get or set file date and time (See above)
2018-12-25T12:31:55.523785704Z 63 PC: 1310f | Read file or device (See above)
2018-12-25T12:31:55.531640389Z 62 PC: 13121 | Close file (See above)
2018-12-25T12:31:55.533733988Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.544781663Z 79 PC: 12fdc | Find next file (See above)
2018-12-25T12:31:55.548637528Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.561644393Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.573247701Z 61 PC: 13103 | Open file (See above)
2018-12-25T12:31:55.583530689Z 87 PC: 13223 | Get or set file date and time (See above)
2018-12-25T12:31:55.585822234Z 63 PC: 1310f | Read file or device (See above)
2018-12-25T12:31:55.59331345Z 62 PC: 13121 | Close file (See above)
2018-12-25T12:31:55.595817649Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.808218543Z 79 PC: 12fdc | Find next file (See above)
2018-12-25T12:31:55.811229272Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.81776774Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.916602725Z 61 PC: 13103 | Open file (See above)
2018-12-25T12:31:55.924375791Z 87 PC: 13223 | Get or set file date and time (See above)
2018-12-25T12:31:55.926506499Z 63 PC: 1310f | Read file or device (See above)
2018-12-25T12:31:55.932637292Z 62 PC: 13121 | Close file (See above)
2018-12-25T12:31:55.934247851Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.942967677Z 79 PC: 12fdc | Find next file (See above)
2018-12-25T12:31:55.946408034Z 78 PC: 12f6f | Find first file (See above)
2018-12-25T12:31:55.950997822Z 37 PC: 130aa | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:31:55.952005846Z 26 PC: 130fa | Set disk transfer address
2018-12-25T12:31:55.95389584Z 9 PC: 12a82 | Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ')
2018-12-25T12:31:55.957541926Z 76 PC: 12a86 | Terminate with return code (Return code = '36')

{"DateBased":true,"Day":1,"Month":1,"Year":1992,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12078,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:31:55.38547869Z 26 PC: 12eb5 | Set disk transfer address
2018-12-25T12:31:55.387654961Z 42 PC: 12ec5 | Get date 0x12ec5: cmp cx, 0x7c8
0x12ec9: jb 0x12f3e
0x12ecb: cmp dh, 9
0x12ece: jb 0x12f3e
0x12ed0: cmp dl, 1
0x12ed3: jne 0x12f3e
0x12ed5: call 0x130b8
0x12ed8: mov al, 2
0x12eda: push ax
0x12edb: mov cx, 0x80
0x12ede: mov dx, 0
0x12ee1: push ds
0x12ee2: mov ds, dx
0x12ee4: mov bx, 0
0x12ee7: int 0x26
0x12ee9: popf
0x12eea: pop ds
0x12eeb: pop ax
0x12eec: inc al
0x12eee: cmp al, 0
2018-12-25T12:31:55.390131981Z 53 PC: 12f46 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:31:55.391285184Z 37 PC: 12f5c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:31:55.392395113Z 78 PC: 12f6f | Find first file
2018-12-25T12:31:55.39934851Z 67 PC: 1325b | Get or set file attributes
2018-12-25T12:31:55.405195539Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.420341955Z 61 PC: 13103 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:31:55.427693015Z 87 PC: 13223 | Get or set file date and time
2018-12-25T12:31:55.436297396Z 63 PC: 1310f | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:31:55.44370325Z 62 PC: 13121 | Close file
2018-12-25T12:31:55.447211483Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.460706204Z 79 PC: 12fdc | Find next file
2018-12-25T12:31:55.46371962Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.47350779Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.486747177Z 61 PC: 13103 | Open file (See above)
2018-12-25T12:31:55.493664754Z 87 PC: 13223 | Get or set file date and time (See above)
2018-12-25T12:31:55.49562828Z 63 PC: 1310f | Read file or device (See above)
2018-12-25T12:31:55.502245578Z 62 PC: 13121 | Close file (See above)
2018-12-25T12:31:55.504001606Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.513881162Z 79 PC: 12fdc | Find next file (See above)
2018-12-25T12:31:55.517358465Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.528298288Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.538219658Z 61 PC: 13103 | Open file (See above)
2018-12-25T12:31:55.545432652Z 87 PC: 13223 | Get or set file date and time (See above)
2018-12-25T12:31:55.547010012Z 63 PC: 1310f | Read file or device (See above)
2018-12-25T12:31:55.553555773Z 62 PC: 13121 | Close file (See above)
2018-12-25T12:31:55.556573764Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.727147913Z 79 PC: 12fdc | Find next file (See above)
2018-12-25T12:31:55.730309238Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.737106585Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.86003169Z 61 PC: 13103 | Open file (See above)
2018-12-25T12:31:55.86681826Z 87 PC: 13223 | Get or set file date and time (See above)
2018-12-25T12:31:55.868955424Z 63 PC: 1310f | Read file or device (See above)
2018-12-25T12:31:55.875688369Z 62 PC: 13121 | Close file (See above)
2018-12-25T12:31:55.877524412Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.975974313Z 79 PC: 12fdc | Find next file (See above)
2018-12-25T12:31:55.978917787Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.984441777Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:56.186504181Z 61 PC: 13103 | Open file (See above)
2018-12-25T12:31:56.198616791Z 87 PC: 13223 | Get or set file date and time (See above)
2018-12-25T12:31:56.200022257Z 63 PC: 1310f | Read file or device (See above)
2018-12-25T12:31:56.206551847Z 62 PC: 13121 | Close file (See above)
2018-12-25T12:31:56.208701522Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:56.399213253Z 79 PC: 12fdc | Find next file (See above)
2018-12-25T12:31:56.401788593Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:56.407779961Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:56.572753812Z 61 PC: 13103 | Open file (See above)
2018-12-25T12:31:56.584154215Z 87 PC: 13223 | Get or set file date and time (See above)
2018-12-25T12:31:56.586577055Z 63 PC: 1310f | Read file or device (See above)
2018-12-25T12:31:56.593529417Z 62 PC: 13121 | Close file (See above)
2018-12-25T12:31:56.595239108Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:56.616371453Z 79 PC: 12fdc | Find next file (See above)
2018-12-25T12:31:56.619832757Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:56.625208769Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:56.640491351Z 61 PC: 13103 | Open file (See above)
2018-12-25T12:31:56.646784731Z 87 PC: 13223 | Get or set file date and time (See above)
2018-12-25T12:31:56.648031303Z 63 PC: 1310f | Read file or device (See above)
2018-12-25T12:31:56.655422258Z 62 PC: 13121 | Close file (See above)
2018-12-25T12:31:56.657238521Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:56.671390395Z 79 PC: 12fdc | Find next file (See above)
2018-12-25T12:31:56.674088873Z 78 PC: 12f6f | Find first file (See above)
2018-12-25T12:31:56.68544226Z 37 PC: 130aa | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:31:56.686440406Z 26 PC: 130fa | Set disk transfer address
2018-12-25T12:31:56.687445264Z 9 PC: 12a82 | Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ')
2018-12-25T12:31:56.693753459Z 76 PC: 12a86 | Terminate with return code (Return code = '36')

{"DateBased":true,"Day":1,"Month":9,"Year":1992,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12078,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:31:55.471148161Z 26 PC: 12eb5 | Set disk transfer address
2018-12-25T12:31:55.473293793Z 42 PC: 12ec5 | Get date 0x12ec5: cmp cx, 0x7c8
0x12ec9: jb 0x12f3e
0x12ecb: cmp dh, 9
0x12ece: jb 0x12f3e
0x12ed0: cmp dl, 1
0x12ed3: jne 0x12f3e
0x12ed5: call 0x130b8
0x12ed8: mov al, 2
0x12eda: push ax
0x12edb: mov cx, 0x80
0x12ede: mov dx, 0
0x12ee1: push ds
0x12ee2: mov ds, dx
0x12ee4: mov bx, 0
0x12ee7: int 0x26
0x12ee9: popf
0x12eea: pop ds
0x12eeb: pop ax
0x12eec: inc al
0x12eee: cmp al, 0
2018-12-25T12:31:55.475792935Z 78 PC: 130c4 | Find first file
2018-12-25T12:31:55.493424141Z 9 PC: 12f1f | Display string (String= '===== SZ�MALK v�rus V1.10 Copyright (C) SZ�MALK 1992. (R) =====')
2018-12-25T12:31:55.498250679Z 9 PC: 12f1f | Display string (See above)
2018-12-25T12:31:55.502290398Z 9 PC: 12f1f | Display string (See above)
2018-12-25T12:31:55.506208492Z 9 PC: 12f1f | Display string (See above)
2018-12-25T12:31:55.510734963Z 9 PC: 12f1f | Display string (See above)
2018-12-25T12:31:55.514484624Z 9 PC: 12f1f | Display string (See above)
2018-12-25T12:31:55.518163718Z 9 PC: 12f1f | Display string (See above)
2018-12-25T12:31:55.528760699Z 9 PC: 12f1f | Display string (See above)
2018-12-25T12:31:55.532839668Z 9 PC: 12f1f | Display string (See above)
2018-12-25T12:31:55.535362541Z 9 PC: 12f1f | Display string (See above)
2018-12-25T12:31:55.539005416Z 9 PC: 12f1f | Display string (See above)
2018-12-25T12:31:55.541966133Z 9 PC: 12f1f | Display string (See above)

{"DateBased":true,"Day":2,"Month":9,"Year":1992,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12078,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:31:55.687694289Z 26 PC: 12eb5 | Set disk transfer address
2018-12-25T12:31:55.690492429Z 42 PC: 12ec5 | Get date 0x12ec5: cmp cx, 0x7c8
0x12ec9: jb 0x12f3e
0x12ecb: cmp dh, 9
0x12ece: jb 0x12f3e
0x12ed0: cmp dl, 1
0x12ed3: jne 0x12f3e
0x12ed5: call 0x130b8
0x12ed8: mov al, 2
0x12eda: push ax
0x12edb: mov cx, 0x80
0x12ede: mov dx, 0
0x12ee1: push ds
0x12ee2: mov ds, dx
0x12ee4: mov bx, 0
0x12ee7: int 0x26
0x12ee9: popf
0x12eea: pop ds
0x12eeb: pop ax
0x12eec: inc al
0x12eee: cmp al, 0
2018-12-25T12:31:55.693149799Z 53 PC: 12f46 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:31:55.694896196Z 37 PC: 12f5c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:31:55.696911798Z 78 PC: 12f6f | Find first file
2018-12-25T12:31:55.705265788Z 67 PC: 1325b | Get or set file attributes
2018-12-25T12:31:55.713095435Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.917645391Z 61 PC: 13103 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:31:55.927296849Z 87 PC: 13223 | Get or set file date and time
2018-12-25T12:31:55.928937329Z 63 PC: 1310f | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:31:55.935927043Z 62 PC: 13121 | Close file
2018-12-25T12:31:55.939026955Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.949839167Z 79 PC: 12fdc | Find next file
2018-12-25T12:31:55.952724786Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.959891496Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.971558227Z 61 PC: 13103 | Open file (See above)
2018-12-25T12:31:55.976644886Z 87 PC: 13223 | Get or set file date and time (See above)
2018-12-25T12:31:55.978353233Z 63 PC: 1310f | Read file or device (See above)
2018-12-25T12:31:55.983229294Z 62 PC: 13121 | Close file (See above)
2018-12-25T12:31:55.984660427Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:55.991452949Z 79 PC: 12fdc | Find next file (See above)
2018-12-25T12:31:56.000834744Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:56.007366912Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:56.018338529Z 61 PC: 13103 | Open file (See above)
2018-12-25T12:31:56.032248409Z 87 PC: 13223 | Get or set file date and time (See above)
2018-12-25T12:31:56.038563307Z 63 PC: 1310f | Read file or device (See above)
2018-12-25T12:31:56.045661873Z 62 PC: 13121 | Close file (See above)
2018-12-25T12:31:56.048497194Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:56.059507954Z 79 PC: 12fdc | Find next file (See above)
2018-12-25T12:31:56.062373971Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:56.069853235Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:56.081578474Z 61 PC: 13103 | Open file (See above)
2018-12-25T12:31:56.089357491Z 87 PC: 13223 | Get or set file date and time (See above)
2018-12-25T12:31:56.091684439Z 63 PC: 1310f | Read file or device (See above)
2018-12-25T12:31:56.100447715Z 62 PC: 13121 | Close file (See above)
2018-12-25T12:31:56.102612013Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:56.114017268Z 79 PC: 12fdc | Find next file (See above)
2018-12-25T12:31:56.118593984Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:56.125321888Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:56.136497129Z 61 PC: 13103 | Open file (See above)
2018-12-25T12:31:56.145487164Z 87 PC: 13223 | Get or set file date and time (See above)
2018-12-25T12:31:56.147449171Z 63 PC: 1310f | Read file or device (See above)
2018-12-25T12:31:56.154857434Z 62 PC: 13121 | Close file (See above)
2018-12-25T12:31:56.158146017Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:56.173022494Z 79 PC: 12fdc | Find next file (See above)
2018-12-25T12:31:56.176166701Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:56.183908135Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:56.19489606Z 61 PC: 13103 | Open file (See above)
2018-12-25T12:31:56.202624838Z 87 PC: 13223 | Get or set file date and time (See above)
2018-12-25T12:31:56.204327341Z 63 PC: 1310f | Read file or device (See above)
2018-12-25T12:31:56.212029124Z 62 PC: 13121 | Close file (See above)
2018-12-25T12:31:56.214462179Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:56.22625011Z 79 PC: 12fdc | Find next file (See above)
2018-12-25T12:31:56.231632537Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:56.238433581Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:56.249710845Z 61 PC: 13103 | Open file (See above)
2018-12-25T12:31:56.258423148Z 87 PC: 13223 | Get or set file date and time (See above)
2018-12-25T12:31:56.260701955Z 63 PC: 1310f | Read file or device (See above)
2018-12-25T12:31:56.268057327Z 62 PC: 13121 | Close file (See above)
2018-12-25T12:31:56.270719551Z 67 PC: 1325b | Get or set file attributes (See above)
2018-12-25T12:31:56.288726416Z 79 PC: 12fdc | Find next file (See above)
2018-12-25T12:31:56.292687714Z 78 PC: 12f6f | Find first file (See above)
2018-12-25T12:31:56.29952863Z 37 PC: 130aa | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:31:56.301378557Z 26 PC: 130fa | Set disk transfer address
2018-12-25T12:31:56.303032398Z 9 PC: 12a82 | Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ')
2018-12-25T12:31:56.309528743Z 76 PC: 12a86 | Terminate with return code (Return code = '36')