Sample viewer

vx.netlux.org/Virus.DOS.Sveta.309

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:57:52.119886749Z	26	PC: 901b9 \| Set disk transfer address
2018-12-17T22:57:52.132658941Z	78	PC: 90147 \| Find first file
2018-12-17T22:57:52.13930681Z	61	PC: 90158 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:57:52.146003274Z	66	PC: 9016a \| Move file pointer
2018-12-17T22:57:52.148655105Z	66	PC: 90173 \| Move file pointer
2018-12-17T22:57:52.15055247Z	63	PC: 901c8 \| Read file or device (Read 10 bytes on handle 5)
2018-12-17T22:57:52.156952971Z	66	PC: 901e5 \| Move file pointer
2018-12-17T22:57:52.158637856Z	63	PC: 901f6 \| Read file or device (Read 407 bytes on handle 5)
2018-12-17T22:57:52.162712019Z	66	PC: 90204 \| Move file pointer
2018-12-17T22:57:52.164089755Z	64	PC: 90219 \| Write file or device (Write 716 bytes on handle 5)
2018-12-17T22:57:52.177633925Z	62	PC: 90188 \| Close file
2018-12-17T22:57:52.197692891Z	79	PC: 9014e \| Find next file
2018-12-17T22:57:52.200689055Z	61	PC: 90158 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:57:52.207883116Z	66	PC: 9016a \| Move file pointer
2018-12-17T22:57:52.211330552Z	66	PC: 90173 \| Move file pointer
2018-12-17T22:57:52.213094619Z	63	PC: 901c8 \| Read file or device (Read 10 bytes on handle 5)
2018-12-17T22:57:52.220277937Z	66	PC: 901e5 \| Move file pointer
2018-12-17T22:57:52.222701688Z	63	PC: 901f6 \| Read file or device (Read 27 bytes on handle 5)
2018-12-17T22:57:52.225300311Z	66	PC: 90204 \| Move file pointer
2018-12-17T22:57:52.227014527Z	64	PC: 90219 \| Write file or device (Write 336 bytes on handle 5)
2018-12-17T22:57:52.231372812Z	62	PC: 90188 \| Close file
2018-12-17T22:57:52.239460406Z	79	PC: 9014e \| Find next file
2018-12-17T22:57:52.242290493Z	61	PC: 90158 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:57:52.249477975Z	66	PC: 9016a \| Move file pointer
2018-12-17T22:57:52.251834681Z	66	PC: 90173 \| Move file pointer
2018-12-17T22:57:52.253290428Z	63	PC: 901c8 \| Read file or device (Read 10 bytes on handle 5)
2018-12-17T22:57:52.260473631Z	66	PC: 901e5 \| Move file pointer
2018-12-17T22:57:52.262776111Z	63	PC: 901f6 \| Read file or device (Read 92 bytes on handle 5)
2018-12-17T22:57:52.265607119Z	66	PC: 90204 \| Move file pointer
2018-12-17T22:57:52.267206827Z	64	PC: 90219 \| Write file or device (Write 401 bytes on handle 5)
2018-12-17T22:57:52.270785024Z	62	PC: 90188 \| Close file
2018-12-17T22:57:52.278900645Z	79	PC: 9014e \| Find next file
2018-12-17T22:57:52.2824647Z	61	PC: 90158 \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:57:52.290769536Z	66	PC: 9016a \| Move file pointer
2018-12-17T22:57:52.29246541Z	66	PC: 90173 \| Move file pointer
2018-12-17T22:57:52.293965712Z	63	PC: 901c8 \| Read file or device (Read 10 bytes on handle 5)
2018-12-17T22:57:52.301282143Z	66	PC: 901e5 \| Move file pointer
2018-12-17T22:57:52.302968514Z	63	PC: 901f6 \| Read file or device (Read 29 bytes on handle 5)
2018-12-17T22:57:52.305694662Z	66	PC: 90204 \| Move file pointer
2018-12-17T22:57:52.308554726Z	64	PC: 90219 \| Write file or device (Write 338 bytes on handle 5)
2018-12-17T22:57:52.311448738Z	62	PC: 90188 \| Close file
2018-12-17T22:57:52.319764392Z	79	PC: 9014e \| Find next file
2018-12-17T22:57:52.323666396Z	61	PC: 90158 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:57:52.33087734Z	66	PC: 9016a \| Move file pointer
2018-12-17T22:57:52.333149628Z	66	PC: 90173 \| Move file pointer
2018-12-17T22:57:52.335175213Z	63	PC: 901c8 \| Read file or device (Read 10 bytes on handle 5)
2018-12-17T22:57:52.347892315Z	66	PC: 901e5 \| Move file pointer
2018-12-17T22:57:52.34966324Z	63	PC: 901f6 \| Read file or device (Read 29 bytes on handle 5)
2018-12-17T22:57:52.352777513Z	66	PC: 90204 \| Move file pointer
2018-12-17T22:57:52.354690792Z	64	PC: 90219 \| Write file or device (Write 338 bytes on handle 5)
2018-12-17T22:57:52.357761043Z	62	PC: 90188 \| Close file
2018-12-17T22:57:52.366226779Z	79	PC: 9014e \| Find next file
2018-12-17T22:57:52.369491469Z	61	PC: 90158 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:57:52.376171894Z	66	PC: 9016a \| Move file pointer
2018-12-17T22:57:52.3778683Z	66	PC: 90173 \| Move file pointer
2018-12-17T22:57:52.382361452Z	63	PC: 901c8 \| Read file or device (Read 10 bytes on handle 5)
2018-12-17T22:57:52.389083911Z	66	PC: 901e5 \| Move file pointer
2018-12-17T22:57:52.390929512Z	63	PC: 901f6 \| Read file or device (Read 501 bytes on handle 5)
2018-12-17T22:57:52.394550809Z	66	PC: 90204 \| Move file pointer
2018-12-17T22:57:52.395952757Z	64	PC: 90219 \| Write file or device (Write 810 bytes on handle 5)
2018-12-17T22:57:52.418418424Z	62	PC: 90188 \| Close file
2018-12-17T22:57:52.438521669Z	79	PC: 9014e \| Find next file
2018-12-17T22:57:52.441955308Z	61	PC: 90158 \| Open file (Filename = 'PAH.COM')
2018-12-17T22:57:52.448939992Z	66	PC: 9016a \| Move file pointer
2018-12-17T22:57:52.451512266Z	66	PC: 90173 \| Move file pointer
2018-12-17T22:57:52.45318521Z	63	PC: 901c8 \| Read file or device (Read 10 bytes on handle 5)
2018-12-17T22:57:52.460010164Z	66	PC: 901e5 \| Move file pointer
2018-12-17T22:57:52.463118457Z	63	PC: 901f6 \| Read file or device (Read 29 bytes on handle 5)
2018-12-17T22:57:52.466017938Z	66	PC: 90204 \| Move file pointer
2018-12-17T22:57:52.467657448Z	64	PC: 90219 \| Write file or device (Write 338 bytes on handle 5)
2018-12-17T22:57:52.471129191Z	62	PC: 90188 \| Close file
2018-12-17T22:57:52.493744875Z	79	PC: 9014e \| Find next file
2018-12-17T22:57:52.497433284Z	61	PC: 90158 \| Open file (Filename = 'TEST.COM')
2018-12-17T22:57:52.505054737Z	66	PC: 9016a \| Move file pointer
2018-12-17T22:57:52.507163667Z	66	PC: 90173 \| Move file pointer
2018-12-17T22:57:52.508865168Z	63	PC: 901c8 \| Read file or device (Read 10 bytes on handle 5)
2018-12-17T22:57:52.512568787Z	62	PC: 90188 \| Close file
2018-12-17T22:57:52.514996236Z	79	PC: 9014e \| Find next file
2018-12-17T22:57:52.517854625Z	42	PC: 9021e \| Get date 0x9021e: cmp dl, 6 0x90221: jne 0x90234 0x90223: cmp dh, 0xb 0x90226: jne 0x90234 0x90228: mov ax, 0xd 0x9022b: int 0x10 0x9022d: mov dx, 0x10d 0x90230: mov ah, 9 0x90232: int 0x21 0x90234: ret 0x90235: mov dx, 0x10d 0x90238: mov ah, 9 0x9023a: int 0x21 0x9023c: jmp 0x9023c 0x9023e: mov ah, 0x4c 0x90240: int 0x21 0x90242: dec ax 0x90243: insb byte ptr es:[di], dx 0x90245: insb byte ptr es:[di], dx 0x90246: outsw dx, word ptr [si]
2018-12-17T22:57:52.521068235Z	26	PC: 90196 \| Set disk transfer address
2018-12-17T22:57:52.522850559Z	9	PC: 12aa2 \| Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12698,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:35:59.276508639Z	26	PC: 901b9 \| Set disk transfer address
2018-12-25T12:35:59.27911822Z	78	PC: 90147 \| Find first file
2018-12-25T12:35:59.285553365Z	61	PC: 90158 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T12:35:59.289874062Z	66	PC: 9016a \| Move file pointer
2018-12-25T12:35:59.291376388Z	66	PC: 90173 \| Move file pointer
2018-12-25T12:35:59.292487386Z	63	PC: 901c8 \| Read file or device (Read 10 bytes on handle 5)
2018-12-25T12:35:59.29660257Z	66	PC: 901e5 \| Move file pointer
2018-12-25T12:35:59.31045835Z	63	PC: 901f6 \| Read file or device (Read 407 bytes on handle 5)
2018-12-25T12:35:59.312195535Z	66	PC: 90204 \| Move file pointer
2018-12-25T12:35:59.316763399Z	64	PC: 90219 \| Write file or device (Write 716 bytes on handle 5)
2018-12-25T12:35:59.663406004Z	62	PC: 90188 \| Close file
2018-12-25T12:35:59.673040139Z	79	PC: 9014e \| Find next file
2018-12-25T12:35:59.675934473Z	61	PC: 90158 \| Open file (See above)
2018-12-25T12:35:59.680862643Z	66	PC: 9016a \| Move file pointer (See above)
2018-12-25T12:35:59.682671711Z	66	PC: 90173 \| Move file pointer (See above)
2018-12-25T12:35:59.683719811Z	63	PC: 901c8 \| Read file or device (See above)
2018-12-25T12:35:59.687751683Z	66	PC: 901e5 \| Move file pointer (See above)
2018-12-25T12:35:59.68935759Z	63	PC: 901f6 \| Read file or device (See above)
2018-12-25T12:35:59.690998533Z	66	PC: 90204 \| Move file pointer (See above)
2018-12-25T12:35:59.692028287Z	64	PC: 90219 \| Write file or device (See above)
2018-12-25T12:35:59.694557995Z	62	PC: 90188 \| Close file (See above)
2018-12-25T12:35:59.705089331Z	79	PC: 9014e \| Find next file (See above)
2018-12-25T12:35:59.707532555Z	61	PC: 90158 \| Open file (See above)
2018-12-25T12:35:59.714285517Z	66	PC: 9016a \| Move file pointer (See above)
2018-12-25T12:35:59.715571283Z	66	PC: 90173 \| Move file pointer (See above)
2018-12-25T12:35:59.717212627Z	63	PC: 901c8 \| Read file or device (See above)
2018-12-25T12:35:59.724131606Z	66	PC: 901e5 \| Move file pointer (See above)
2018-12-25T12:35:59.726240577Z	63	PC: 901f6 \| Read file or device (See above)
2018-12-25T12:35:59.728507354Z	66	PC: 90204 \| Move file pointer (See above)
2018-12-25T12:35:59.72970903Z	64	PC: 90219 \| Write file or device (See above)
2018-12-25T12:35:59.733272594Z	62	PC: 90188 \| Close file (See above)
2018-12-25T12:35:59.740732166Z	79	PC: 9014e \| Find next file (See above)
2018-12-25T12:35:59.743686991Z	61	PC: 90158 \| Open file (See above)
2018-12-25T12:35:59.750277887Z	66	PC: 9016a \| Move file pointer (See above)
2018-12-25T12:35:59.751523907Z	66	PC: 90173 \| Move file pointer (See above)
2018-12-25T12:35:59.752731794Z	63	PC: 901c8 \| Read file or device (See above)
2018-12-25T12:35:59.760863807Z	66	PC: 901e5 \| Move file pointer (See above)
2018-12-25T12:35:59.761991751Z	63	PC: 901f6 \| Read file or device (See above)
2018-12-25T12:35:59.764171076Z	66	PC: 90204 \| Move file pointer (See above)
2018-12-25T12:35:59.766152274Z	64	PC: 90219 \| Write file or device (See above)
2018-12-25T12:35:59.76890865Z	62	PC: 90188 \| Close file (See above)
2018-12-25T12:35:59.776513697Z	79	PC: 9014e \| Find next file (See above)
2018-12-25T12:35:59.779506175Z	61	PC: 90158 \| Open file (See above)
2018-12-25T12:35:59.786401338Z	66	PC: 9016a \| Move file pointer (See above)
2018-12-25T12:35:59.787607768Z	66	PC: 90173 \| Move file pointer (See above)
2018-12-25T12:35:59.789220724Z	63	PC: 901c8 \| Read file or device (See above)
2018-12-25T12:35:59.795348607Z	66	PC: 901e5 \| Move file pointer (See above)
2018-12-25T12:35:59.796417034Z	63	PC: 901f6 \| Read file or device (See above)
2018-12-25T12:35:59.799204507Z	66	PC: 90204 \| Move file pointer (See above)
2018-12-25T12:35:59.800651822Z	64	PC: 90219 \| Write file or device (See above)
2018-12-25T12:35:59.803293851Z	62	PC: 90188 \| Close file (See above)
2018-12-25T12:35:59.811332557Z	79	PC: 9014e \| Find next file (See above)
2018-12-25T12:35:59.813762893Z	61	PC: 90158 \| Open file (See above)
2018-12-25T12:35:59.820056801Z	66	PC: 9016a \| Move file pointer (See above)
2018-12-25T12:35:59.821934175Z	66	PC: 90173 \| Move file pointer (See above)
2018-12-25T12:35:59.823370601Z	63	PC: 901c8 \| Read file or device (See above)
2018-12-25T12:35:59.829614752Z	66	PC: 901e5 \| Move file pointer (See above)
2018-12-25T12:35:59.83212865Z	63	PC: 901f6 \| Read file or device (See above)
2018-12-25T12:35:59.834686005Z	66	PC: 90204 \| Move file pointer (See above)
2018-12-25T12:35:59.836142486Z	64	PC: 90219 \| Write file or device (See above)
2018-12-25T12:35:59.84470974Z	62	PC: 90188 \| Close file (See above)
2018-12-25T12:35:59.852538067Z	79	PC: 9014e \| Find next file (See above)
2018-12-25T12:35:59.855795594Z	61	PC: 90158 \| Open file (See above)
2018-12-25T12:35:59.863330532Z	66	PC: 9016a \| Move file pointer (See above)
2018-12-25T12:35:59.865429019Z	66	PC: 90173 \| Move file pointer (See above)
2018-12-25T12:35:59.866890219Z	63	PC: 901c8 \| Read file or device (See above)
2018-12-25T12:35:59.873693835Z	66	PC: 901e5 \| Move file pointer (See above)
2018-12-25T12:35:59.875344697Z	63	PC: 901f6 \| Read file or device (See above)
2018-12-25T12:35:59.877714695Z	66	PC: 90204 \| Move file pointer (See above)
2018-12-25T12:35:59.879649561Z	64	PC: 90219 \| Write file or device (See above)
2018-12-25T12:35:59.882497679Z	62	PC: 90188 \| Close file (See above)
2018-12-25T12:35:59.889964495Z	79	PC: 9014e \| Find next file (See above)
2018-12-25T12:35:59.892734801Z	61	PC: 90158 \| Open file (See above)
2018-12-25T12:35:59.89933176Z	66	PC: 9016a \| Move file pointer (See above)
2018-12-25T12:35:59.900874204Z	66	PC: 90173 \| Move file pointer (See above)
2018-12-25T12:35:59.902722195Z	63	PC: 901c8 \| Read file or device (See above)
2018-12-25T12:35:59.905155946Z	62	PC: 90188 \| Close file (See above)
2018-12-25T12:35:59.906938234Z	79	PC: 9014e \| Find next file (See above)
2018-12-25T12:35:59.909706948Z	42	PC: 9021e \| Get date 0x9021e: cmp dl, 6 0x90221: jne 0x90234 0x90223: cmp dh, 0xb 0x90226: jne 0x90234 0x90228: mov ax, 0xd 0x9022b: int 0x10 0x9022d: mov dx, 0x10d 0x90230: mov ah, 9 0x90232: int 0x21 0x90234: ret 0x90235: mov dx, 0x10d 0x90238: mov ah, 9 0x9023a: int 0x21 0x9023c: jmp 0x9023c 0x9023e: mov ah, 0x4c 0x90240: int 0x21 0x90242: dec ax 0x90243: insb byte ptr es:[di], dx 0x90245: insb byte ptr es:[di], dx 0x90246: outsw dx, word ptr [si]
2018-12-25T12:35:59.911858661Z	26	PC: 90196 \| Set disk transfer address
2018-12-25T12:35:59.912936276Z	9	PC: 12aa2 \| Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')

{"DateBased":true,"Day":6,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12698,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:35:59.336314911Z	26	PC: 901b9 \| Set disk transfer address
2018-12-25T12:35:59.337949937Z	78	PC: 90147 \| Find first file
2018-12-25T12:35:59.341985128Z	61	PC: 90158 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T12:35:59.34613714Z	66	PC: 9016a \| Move file pointer
2018-12-25T12:35:59.347544832Z	66	PC: 90173 \| Move file pointer
2018-12-25T12:35:59.348632549Z	63	PC: 901c8 \| Read file or device (Read 10 bytes on handle 5)
2018-12-25T12:35:59.352580525Z	66	PC: 901e5 \| Move file pointer
2018-12-25T12:35:59.356617859Z	63	PC: 901f6 \| Read file or device (Read 407 bytes on handle 5)
2018-12-25T12:35:59.358437643Z	66	PC: 90204 \| Move file pointer
2018-12-25T12:35:59.359577184Z	64	PC: 90219 \| Write file or device (Write 716 bytes on handle 5)
2018-12-25T12:35:59.664769369Z	62	PC: 90188 \| Close file
2018-12-25T12:35:59.674561651Z	79	PC: 9014e \| Find next file
2018-12-25T12:35:59.677726656Z	61	PC: 90158 \| Open file (See above)
2018-12-25T12:35:59.685177436Z	66	PC: 9016a \| Move file pointer (See above)
2018-12-25T12:35:59.687962094Z	66	PC: 90173 \| Move file pointer (See above)
2018-12-25T12:35:59.689765143Z	63	PC: 901c8 \| Read file or device (See above)
2018-12-25T12:35:59.696456975Z	66	PC: 901e5 \| Move file pointer (See above)
2018-12-25T12:35:59.698298982Z	63	PC: 901f6 \| Read file or device (See above)
2018-12-25T12:35:59.701735476Z	66	PC: 90204 \| Move file pointer (See above)
2018-12-25T12:35:59.702914716Z	64	PC: 90219 \| Write file or device (See above)
2018-12-25T12:35:59.706413061Z	62	PC: 90188 \| Close file (See above)
2018-12-25T12:35:59.713894006Z	79	PC: 9014e \| Find next file (See above)
2018-12-25T12:35:59.716416389Z	61	PC: 90158 \| Open file (See above)
2018-12-25T12:35:59.723328022Z	66	PC: 9016a \| Move file pointer (See above)
2018-12-25T12:35:59.725308475Z	66	PC: 90173 \| Move file pointer (See above)
2018-12-25T12:35:59.727246758Z	63	PC: 901c8 \| Read file or device (See above)
2018-12-25T12:35:59.733764114Z	66	PC: 901e5 \| Move file pointer (See above)
2018-12-25T12:35:59.734799879Z	63	PC: 901f6 \| Read file or device (See above)
2018-12-25T12:35:59.736454263Z	66	PC: 90204 \| Move file pointer (See above)
2018-12-25T12:35:59.738047072Z	64	PC: 90219 \| Write file or device (See above)
2018-12-25T12:35:59.73986379Z	62	PC: 90188 \| Close file (See above)
2018-12-25T12:35:59.74710307Z	79	PC: 9014e \| Find next file (See above)
2018-12-25T12:35:59.750485968Z	61	PC: 90158 \| Open file (See above)
2018-12-25T12:35:59.757030222Z	66	PC: 9016a \| Move file pointer (See above)
2018-12-25T12:35:59.7585705Z	66	PC: 90173 \| Move file pointer (See above)
2018-12-25T12:35:59.760367593Z	63	PC: 901c8 \| Read file or device (See above)
2018-12-25T12:35:59.76474925Z	66	PC: 901e5 \| Move file pointer (See above)
2018-12-25T12:35:59.765700661Z	63	PC: 901f6 \| Read file or device (See above)
2018-12-25T12:35:59.768255529Z	66	PC: 90204 \| Move file pointer (See above)
2018-12-25T12:35:59.769591206Z	64	PC: 90219 \| Write file or device (See above)
2018-12-25T12:35:59.772030137Z	62	PC: 90188 \| Close file (See above)
2018-12-25T12:35:59.780023369Z	79	PC: 9014e \| Find next file (See above)
2018-12-25T12:35:59.782607398Z	61	PC: 90158 \| Open file (See above)
2018-12-25T12:35:59.78908575Z	66	PC: 9016a \| Move file pointer (See above)
2018-12-25T12:35:59.790654059Z	66	PC: 90173 \| Move file pointer (See above)
2018-12-25T12:35:59.792121626Z	63	PC: 901c8 \| Read file or device (See above)
2018-12-25T12:35:59.799352292Z	66	PC: 901e5 \| Move file pointer (See above)
2018-12-25T12:35:59.800972532Z	63	PC: 901f6 \| Read file or device (See above)
2018-12-25T12:35:59.803606596Z	66	PC: 90204 \| Move file pointer (See above)
2018-12-25T12:35:59.804802488Z	64	PC: 90219 \| Write file or device (See above)
2018-12-25T12:35:59.807413305Z	62	PC: 90188 \| Close file (See above)
2018-12-25T12:35:59.815256672Z	79	PC: 9014e \| Find next file (See above)
2018-12-25T12:35:59.817655929Z	61	PC: 90158 \| Open file (See above)
2018-12-25T12:35:59.824116107Z	66	PC: 9016a \| Move file pointer (See above)
2018-12-25T12:35:59.825732093Z	66	PC: 90173 \| Move file pointer (See above)
2018-12-25T12:35:59.827164525Z	63	PC: 901c8 \| Read file or device (See above)
2018-12-25T12:35:59.833347784Z	66	PC: 901e5 \| Move file pointer (See above)
2018-12-25T12:35:59.835183341Z	63	PC: 901f6 \| Read file or device (See above)
2018-12-25T12:35:59.837470171Z	66	PC: 90204 \| Move file pointer (See above)
2018-12-25T12:35:59.838786209Z	64	PC: 90219 \| Write file or device (See above)
2018-12-25T12:35:59.846927867Z	62	PC: 90188 \| Close file (See above)
2018-12-25T12:35:59.854541548Z	79	PC: 9014e \| Find next file (See above)
2018-12-25T12:35:59.856913579Z	61	PC: 90158 \| Open file (See above)
2018-12-25T12:35:59.864180607Z	66	PC: 9016a \| Move file pointer (See above)
2018-12-25T12:35:59.865427087Z	66	PC: 90173 \| Move file pointer (See above)
2018-12-25T12:35:59.866685562Z	63	PC: 901c8 \| Read file or device (See above)
2018-12-25T12:35:59.873436146Z	66	PC: 901e5 \| Move file pointer (See above)
2018-12-25T12:35:59.87468727Z	63	PC: 901f6 \| Read file or device (See above)
2018-12-25T12:35:59.876945037Z	66	PC: 90204 \| Move file pointer (See above)
2018-12-25T12:35:59.878713425Z	64	PC: 90219 \| Write file or device (See above)
2018-12-25T12:35:59.881209993Z	62	PC: 90188 \| Close file (See above)
2018-12-25T12:35:59.888586585Z	79	PC: 9014e \| Find next file (See above)
2018-12-25T12:35:59.891478707Z	61	PC: 90158 \| Open file (See above)
2018-12-25T12:35:59.89768579Z	66	PC: 9016a \| Move file pointer (See above)
2018-12-25T12:35:59.899127733Z	66	PC: 90173 \| Move file pointer (See above)
2018-12-25T12:35:59.90093584Z	63	PC: 901c8 \| Read file or device (See above)
2018-12-25T12:35:59.903326923Z	62	PC: 90188 \| Close file (See above)
2018-12-25T12:35:59.904942136Z	79	PC: 9014e \| Find next file (See above)
2018-12-25T12:35:59.907894425Z	42	PC: 9021e \| Get date 0x9021e: cmp dl, 6 0x90221: jne 0x90234 0x90223: cmp dh, 0xb 0x90226: jne 0x90234 0x90228: mov ax, 0xd 0x9022b: int 0x10 0x9022d: mov dx, 0x10d 0x90230: mov ah, 9 0x90232: int 0x21 0x90234: ret 0x90235: mov dx, 0x10d 0x90238: mov ah, 9 0x9023a: int 0x21 0x9023c: jmp 0x9023c 0x9023e: mov ah, 0x4c 0x90240: int 0x21 0x90242: dec ax 0x90243: insb byte ptr es:[di], dx 0x90245: insb byte ptr es:[di], dx 0x90246: outsw dx, word ptr [si]
2018-12-25T12:35:59.9102859Z	26	PC: 90196 \| Set disk transfer address
2018-12-25T12:35:59.911502645Z	9	PC: 12aa2 \| Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')

{"DateBased":true,"Day":6,"Month":11,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12698,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:35:59.385943673Z	26	PC: 901b9 \| Set disk transfer address
2018-12-25T12:35:59.388285599Z	78	PC: 90147 \| Find first file
2018-12-25T12:35:59.394150103Z	61	PC: 90158 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T12:35:59.40024176Z	66	PC: 9016a \| Move file pointer
2018-12-25T12:35:59.402003197Z	66	PC: 90173 \| Move file pointer
2018-12-25T12:35:59.403833704Z	63	PC: 901c8 \| Read file or device (Read 10 bytes on handle 5)
2018-12-25T12:35:59.409863392Z	66	PC: 901e5 \| Move file pointer
2018-12-25T12:35:59.411438945Z	63	PC: 901f6 \| Read file or device (Read 407 bytes on handle 5)
2018-12-25T12:35:59.414466224Z	66	PC: 90204 \| Move file pointer
2018-12-25T12:35:59.418052402Z	64	PC: 90219 \| Write file or device (Write 716 bytes on handle 5)
2018-12-25T12:35:59.664261408Z	62	PC: 90188 \| Close file
2018-12-25T12:35:59.673460528Z	79	PC: 9014e \| Find next file
2018-12-25T12:35:59.679214031Z	61	PC: 90158 \| Open file (See above)
2018-12-25T12:35:59.685984374Z	66	PC: 9016a \| Move file pointer (See above)
2018-12-25T12:35:59.688672967Z	66	PC: 90173 \| Move file pointer (See above)
2018-12-25T12:35:59.690021086Z	63	PC: 901c8 \| Read file or device (See above)
2018-12-25T12:35:59.700417722Z	66	PC: 901e5 \| Move file pointer (See above)
2018-12-25T12:35:59.703607623Z	63	PC: 901f6 \| Read file or device (See above)
2018-12-25T12:35:59.706135813Z	66	PC: 90204 \| Move file pointer (See above)
2018-12-25T12:35:59.70742435Z	64	PC: 90219 \| Write file or device (See above)
2018-12-25T12:35:59.710995622Z	62	PC: 90188 \| Close file (See above)
2018-12-25T12:35:59.71855836Z	79	PC: 9014e \| Find next file (See above)
2018-12-25T12:35:59.721167879Z	61	PC: 90158 \| Open file (See above)
2018-12-25T12:35:59.728027638Z	66	PC: 9016a \| Move file pointer (See above)
2018-12-25T12:35:59.729589598Z	66	PC: 90173 \| Move file pointer (See above)
2018-12-25T12:35:59.730739663Z	63	PC: 901c8 \| Read file or device (See above)
2018-12-25T12:35:59.740350914Z	66	PC: 901e5 \| Move file pointer (See above)
2018-12-25T12:35:59.742470076Z	63	PC: 901f6 \| Read file or device (See above)
2018-12-25T12:35:59.745626737Z	66	PC: 90204 \| Move file pointer (See above)
2018-12-25T12:35:59.748201359Z	64	PC: 90219 \| Write file or device (See above)
2018-12-25T12:35:59.751119939Z	62	PC: 90188 \| Close file (See above)
2018-12-25T12:35:59.75893072Z	79	PC: 9014e \| Find next file (See above)
2018-12-25T12:35:59.762329609Z	61	PC: 90158 \| Open file (See above)
2018-12-25T12:35:59.768789182Z	66	PC: 9016a \| Move file pointer (See above)
2018-12-25T12:35:59.770138316Z	66	PC: 90173 \| Move file pointer (See above)
2018-12-25T12:35:59.77148616Z	63	PC: 901c8 \| Read file or device (See above)
2018-12-25T12:35:59.778403621Z	66	PC: 901e5 \| Move file pointer (See above)
2018-12-25T12:35:59.779996912Z	63	PC: 901f6 \| Read file or device (See above)
2018-12-25T12:35:59.782688445Z	66	PC: 90204 \| Move file pointer (See above)
2018-12-25T12:35:59.784691736Z	64	PC: 90219 \| Write file or device (See above)
2018-12-25T12:35:59.787572119Z	62	PC: 90188 \| Close file (See above)
2018-12-25T12:35:59.795963304Z	79	PC: 9014e \| Find next file (See above)
2018-12-25T12:35:59.799409501Z	61	PC: 90158 \| Open file (See above)
2018-12-25T12:35:59.806081528Z	66	PC: 9016a \| Move file pointer (See above)
2018-12-25T12:35:59.807737334Z	66	PC: 90173 \| Move file pointer (See above)
2018-12-25T12:35:59.809631921Z	63	PC: 901c8 \| Read file or device (See above)
2018-12-25T12:35:59.815950661Z	66	PC: 901e5 \| Move file pointer (See above)
2018-12-25T12:35:59.817624083Z	63	PC: 901f6 \| Read file or device (See above)
2018-12-25T12:35:59.820779089Z	66	PC: 90204 \| Move file pointer (See above)
2018-12-25T12:35:59.822428802Z	64	PC: 90219 \| Write file or device (See above)
2018-12-25T12:35:59.825355803Z	62	PC: 90188 \| Close file (See above)
2018-12-25T12:35:59.834147027Z	79	PC: 9014e \| Find next file (See above)
2018-12-25T12:35:59.83698684Z	61	PC: 90158 \| Open file (See above)
2018-12-25T12:35:59.843924475Z	66	PC: 9016a \| Move file pointer (See above)
2018-12-25T12:35:59.846224543Z	66	PC: 90173 \| Move file pointer (See above)
2018-12-25T12:35:59.848901831Z	63	PC: 901c8 \| Read file or device (See above)
2018-12-25T12:35:59.85540935Z	66	PC: 901e5 \| Move file pointer (See above)
2018-12-25T12:35:59.857803216Z	63	PC: 901f6 \| Read file or device (See above)
2018-12-25T12:35:59.860879674Z	66	PC: 90204 \| Move file pointer (See above)
2018-12-25T12:35:59.862534232Z	64	PC: 90219 \| Write file or device (See above)
2018-12-25T12:35:59.871500856Z	62	PC: 90188 \| Close file (See above)
2018-12-25T12:35:59.880364093Z	79	PC: 9014e \| Find next file (See above)
2018-12-25T12:35:59.883207815Z	61	PC: 90158 \| Open file (See above)
2018-12-25T12:35:59.890105314Z	66	PC: 9016a \| Move file pointer (See above)
2018-12-25T12:35:59.892247313Z	66	PC: 90173 \| Move file pointer (See above)
2018-12-25T12:35:59.893779204Z	63	PC: 901c8 \| Read file or device (See above)
2018-12-25T12:35:59.90025692Z	66	PC: 901e5 \| Move file pointer (See above)
2018-12-25T12:35:59.902341236Z	63	PC: 901f6 \| Read file or device (See above)
2018-12-25T12:35:59.904668443Z	66	PC: 90204 \| Move file pointer (See above)
2018-12-25T12:35:59.905959667Z	64	PC: 90219 \| Write file or device (See above)
2018-12-25T12:35:59.909451747Z	62	PC: 90188 \| Close file (See above)
2018-12-25T12:35:59.918774642Z	79	PC: 9014e \| Find next file (See above)
2018-12-25T12:35:59.921553037Z	61	PC: 90158 \| Open file (See above)
2018-12-25T12:35:59.928992288Z	66	PC: 9016a \| Move file pointer (See above)
2018-12-25T12:35:59.930562369Z	66	PC: 90173 \| Move file pointer (See above)
2018-12-25T12:35:59.932168032Z	63	PC: 901c8 \| Read file or device (See above)
2018-12-25T12:35:59.935568953Z	62	PC: 90188 \| Close file (See above)
2018-12-25T12:35:59.937255065Z	79	PC: 9014e \| Find next file (See above)
2018-12-25T12:35:59.939774516Z	42	PC: 9021e \| Get date 0x9021e: cmp dl, 6 0x90221: jne 0x90234 0x90223: cmp dh, 0xb 0x90226: jne 0x90234 0x90228: mov ax, 0xd 0x9022b: int 0x10 0x9022d: mov dx, 0x10d 0x90230: mov ah, 9 0x90232: int 0x21 0x90234: ret 0x90235: mov dx, 0x10d 0x90238: mov ah, 9 0x9023a: int 0x21 0x9023c: jmp 0x9023c 0x9023e: mov ah, 0x4c 0x90240: int 0x21 0x90242: dec ax 0x90243: insb byte ptr es:[di], dx 0x90245: insb byte ptr es:[di], dx 0x90246: outsw dx, word ptr [si]
2018-12-25T12:35:59.953364637Z	9	PC: 90234 \| Display string (String= 'Sveta ')
2018-12-25T12:35:59.956894671Z	26	PC: 90196 \| Set disk transfer address
2018-12-25T12:35:59.95829034Z	9	PC: 12aa2 \| Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')