Sample viewer

vx.netlux.org/Virus.DOS.Crunch.1555

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:59:31.198448941Z 12 PC: 151ec | Flush input buffer and input
2018-12-17T22:59:31.20251884Z 75 PC: 15234 | Execute program
2018-12-17T22:59:31.204644975Z 42 PC: 15571 | Get date 0x15571: cmp dx, 0x911
0x15575: jb 0x155b5
0x15577: cmp dh, 0x10
0x1557a: ja 0x155b5
0x1557c: in al, 0x40
0x1557e: cmp al, dl
0x15580: jne 0x155b5
0x15582: push dx
0x15583: push bx
0x15584: push cx
0x15585: push ax
0x15586: push bp
0x15587: mov ax, 0xd
0x1558a: int 0x21
0x1558c: mov ah, 0x19
0x1558e: int 0x21
0x15590: xor dx, dx
0x15592: call 0x155c0
0x15595: mov bp, bx
0x15597: mov bx, word ptr es:[bp + 0x16]
2018-12-17T22:59:31.207484111Z 98 PC: 154f6 | Get current PSP
2018-12-17T22:59:31.209607652Z 78 PC: 1519f | Find first file
2018-12-17T22:59:31.216754524Z 47 PC: 151a5 | Get disk transfer address
2018-12-17T22:59:31.218315688Z 79 PC: 151d4 | Find next file
2018-12-17T22:59:31.221437845Z 47 PC: 151a5 | Get disk transfer address
2018-12-17T22:59:31.223690639Z 79 PC: 151d4 | Find next file
2018-12-17T22:59:31.227171Z 47 PC: 151a5 | Get disk transfer address
2018-12-17T22:59:31.229100165Z 79 PC: 151d4 | Find next file
2018-12-17T22:59:31.23319482Z 47 PC: 151a5 | Get disk transfer address
2018-12-17T22:59:31.234880198Z 79 PC: 151d4 | Find next file
2018-12-17T22:59:31.237901456Z 47 PC: 151a5 | Get disk transfer address
2018-12-17T22:59:31.240192923Z 79 PC: 151d4 | Find next file
2018-12-17T22:59:31.242835259Z 78 PC: 1519f | Find first file
2018-12-17T22:59:31.245707868Z 48 PC: 1528f | Get DOS version
2018-12-17T22:59:31.248682377Z 9 PC: 12a47 | Display string (String= 'GOAT File Generator 1.01 � (c) 1994-96 by ROSE, Ralph Roth! (28.12.1996) File: ROSE001.COM - 10.000 (2710h) Bytes length! ')
2018-12-17T22:59:31.259198501Z 77 PC: 11fe0 | Get program return code
2018-12-17T22:59:31.261229157Z 72 PC: 12174 | Allocate memory
2018-12-17T22:59:31.267914682Z 72 PC: 1218d | Allocate memory
2018-12-17T22:59:31.271523264Z 37 PC: 123c4 | Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:59:31.273731804Z 37 PC: 123cb | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:59:31.276751088Z 37 PC: 123d2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:59:31.278812843Z 78 PC: 9f897 | Find first file
2018-12-17T22:59:31.281467332Z 62 PC: 122ab | Close file
2018-12-17T22:59:31.284255182Z 78 PC: 9f897 | Find first file
2018-12-17T22:59:31.286664509Z 62 PC: 122ab | Close file
2018-12-17T22:59:31.288762342Z 78 PC: 9f897 | Find first file
2018-12-17T22:59:31.290981312Z 62 PC: 122ab | Close file
2018-12-17T22:59:31.293912772Z 78 PC: 9f897 | Find first file
2018-12-17T22:59:31.296035581Z 62 PC: 122ab | Close file
2018-12-17T22:59:31.297944408Z 78 PC: 9f897 | Find first file
2018-12-17T22:59:31.300936892Z 62 PC: 122ab | Close file
2018-12-17T22:59:31.309515375Z 78 PC: 9f897 | Find first file
2018-12-17T22:59:31.31214136Z 62 PC: 122ab | Close file
2018-12-17T22:59:31.315093157Z 78 PC: 9f897 | Find first file
2018-12-17T22:59:31.317210506Z 62 PC: 122ab | Close file
2018-12-17T22:59:31.319090619Z 78 PC: 9f897 | Find first file
2018-12-17T22:59:31.322308878Z 62 PC: 122ab | Close file
2018-12-17T22:59:31.327787855Z 78 PC: 9f897 | Find first file
2018-12-17T22:59:31.33026504Z 62 PC: 122ab | Close file
2018-12-17T22:59:31.332743528Z 78 PC: 9f897 | Find first file
2018-12-17T22:59:31.335662374Z 62 PC: 122ab | Close file
2018-12-17T22:59:31.337655219Z 78 PC: 9f897 | Find first file
2018-12-17T22:59:31.339795141Z 62 PC: 122ab | Close file
2018-12-17T22:59:31.342324845Z 78 PC: 9f897 | Find first file
2018-12-17T22:59:31.34447754Z 62 PC: 122ab | Close file
2018-12-17T22:59:31.346167055Z 78 PC: 9f897 | Find first file
2018-12-17T22:59:31.348953082Z 62 PC: 122ab | Close file
2018-12-17T22:59:31.351024154Z 78 PC: 9f897 | Find first file
2018-12-17T22:59:31.353316251Z 62 PC: 122ab | Close file
2018-12-17T22:59:31.356655798Z 78 PC: 9f897 | Find first file
2018-12-17T22:59:31.359078721Z 62 PC: 122ab | Close file
2018-12-17T22:59:31.362702782Z 99 PC: 99dd7 | Get DBCS lead byte table pointer
2018-12-17T22:59:31.365578718Z 56 PC: 945f9 | Get or set country info
2018-12-17T22:59:31.368126215Z 64 PC: 9a048 | Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:59:31.373242601Z 25 PC: 94662 | Get default drive
2018-12-17T22:59:31.376124807Z 71 PC: 968dd | Get current directory
2018-12-17T22:59:31.3808726Z 64 PC: 9a048 | Write file or device (Write 3 bytes on handle 1)
2018-12-17T22:59:31.384761178Z 2 PC: 968b2 | Character output (Char = '3e')
2018-12-17T22:59:31.38865729Z 93 PC: 94720 | File sharing functions
2018-12-17T22:59:31.391381831Z 93 PC: 94727 | File sharing functions
2018-12-17T22:59:31.393774698Z 10 PC: 94739 | Buffered keyboard input
2018-12-17T22:59:46.161853516Z 0 PC: 0 | Program terminate
2018-12-17T22:59:47.516884212Z 0 PC: 0 | Program terminate
2018-12-17T22:59:47.620930025Z 64 PC: 9a048 | Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:59:47.62824428Z 41 PC: 947ae | Parse filename
2018-12-17T22:59:47.630632879Z 41 PC: 9482f | Parse filename
2018-12-17T22:59:47.633994417Z 41 PC: 9484c | Parse filename
2018-12-17T22:59:47.637852948Z 26 PC: 97cf7 | Set disk transfer address
2018-12-17T22:59:47.640113807Z 71 PC: 97ef3 | Get current directory
2018-12-17T22:59:47.649042576Z 78 PC: 97efe | Find first file
2018-12-17T22:59:47.675243967Z 71 PC: 97d6c | Get current directory
2018-12-17T22:59:47.67980547Z 73 PC: 97409 | Release memory
2018-12-17T22:59:47.682158281Z 67 PC: 9f67a | Get or set file attributes
2018-12-17T22:59:47.689571624Z 67 PC: 9f67a | Get or set file attributes
2018-12-17T22:59:47.706965011Z 61 PC: 9f67a | Open file (Filename = 'A:\PRINT.COM')
2018-12-17T22:59:47.714332567Z 87 PC: 9f6c4 | Get or set file date and time
2018-12-17T22:59:47.71732465Z 63 PC: 9f67a | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:59:47.724640448Z 66 PC: 9f6ed | Move file pointer
2018-12-17T22:59:47.726737719Z 64 PC: 9f67a | Write file or device (Write 1555 bytes on handle 5)
2018-12-17T22:59:47.736751849Z 66 PC: 9f78d | Move file pointer
2018-12-17T22:59:47.740121361Z 64 PC: 9f67a | Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:59:47.747882567Z 87 PC: 9f67a | Get or set file date and time
2018-12-17T22:59:47.75065609Z 62 PC: 9f67a | Close file
2018-12-17T22:59:47.760626056Z 67 PC: 9f67a | Get or set file attributes
2018-12-17T22:59:47.771790127Z 75 PC: 11821 | Execute program
2018-12-17T22:59:47.787992696Z 12 PC: 12af7 | Flush input buffer and input
2018-12-17T22:59:47.792639209Z 9 PC: 12a47 | Display string (String= 'Hello, World! ')
2018-12-17T22:59:47.797774529Z 76 PC: 12a4b | Terminate with return code (Return code = '36')
2018-12-17T22:59:47.801514027Z 77 PC: 11fe0 | Get program return code
2018-12-17T22:59:47.803954313Z 72 PC: 12174 | Allocate memory
2018-12-17T22:59:47.810110543Z 72 PC: 1218d | Allocate memory
2018-12-17T22:59:47.812309184Z 37 PC: 123c4 | Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:59:47.814085873Z 37 PC: 123cb | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:59:47.816650032Z 37 PC: 123d2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:59:47.818657585Z 78 PC: 9f897 | Find first file
2018-12-17T22:59:47.821232373Z 62 PC: 122ab | Close file
2018-12-17T22:59:47.824218506Z 78 PC: 9f897 | Find first file
2018-12-17T22:59:47.826801831Z 62 PC: 122ab | Close file
2018-12-17T22:59:47.829144734Z 78 PC: 9f897 | Find first file
2018-12-17T22:59:47.832349426Z 62 PC: 122ab | Close file
2018-12-17T22:59:47.834317344Z 78 PC: 9f897 | Find first file
2018-12-17T22:59:47.838241589Z 62 PC: 122ab | Close file
2018-12-17T22:59:47.841398161Z 78 PC: 9f897 | Find first file
2018-12-17T22:59:47.843679178Z 62 PC: 122ab | Close file
2018-12-17T22:59:47.846153128Z 78 PC: 9f897 | Find first file
2018-12-17T22:59:47.849492653Z 62 PC: 122ab | Close file
2018-12-17T22:59:47.851758892Z 78 PC: 9f897 | Find first file
2018-12-17T22:59:47.854296571Z 62 PC: 122ab | Close file
2018-12-17T22:59:47.857486065Z 78 PC: 9f897 | Find first file
2018-12-17T22:59:47.860119935Z 62 PC: 122ab | Close file
2018-12-17T22:59:47.862302156Z 78 PC: 9f897 | Find first file
2018-12-17T22:59:47.865567703Z 62 PC: 122ab | Close file
2018-12-17T22:59:47.868594572Z 78 PC: 9f897 | Find first file
2018-12-17T22:59:47.871016483Z 62 PC: 122ab | Close file
2018-12-17T22:59:47.873210125Z 78 PC: 9f897 | Find first file
2018-12-17T22:59:47.877773982Z 62 PC: 122ab | Close file
2018-12-17T22:59:47.88062525Z 78 PC: 9f897 | Find first file
2018-12-17T22:59:47.883164573Z 62 PC: 122ab | Close file
2018-12-17T22:59:47.886625788Z 78 PC: 9f897 | Find first file
2018-12-17T22:59:47.890018003Z 62 PC: 122ab | Close file
2018-12-17T22:59:47.89227275Z 78 PC: 9f897 | Find first file
2018-12-17T22:59:47.895605884Z 62 PC: 122ab | Close file
2018-12-17T22:59:47.897916105Z 78 PC: 9f897 | Find first file
2018-12-17T22:59:47.90019062Z 62 PC: 122ab | Close file
2018-12-17T22:59:47.904844997Z 99 PC: 99dd7 | Get DBCS lead byte table pointer
2018-12-17T22:59:47.906892285Z 56 PC: 945f9 | Get or set country info
2018-12-17T22:59:47.909510966Z 64 PC: 9a048 | Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:59:47.915596021Z 25 PC: 94662 | Get default drive
2018-12-17T22:59:47.928059915Z 71 PC: 968dd | Get current directory
2018-12-17T22:59:47.932971285Z 64 PC: 9a048 | Write file or device (Write 3 bytes on handle 1)
2018-12-17T22:59:47.938136081Z 2 PC: 968b2 | Character output (Char = '3e')
2018-12-17T22:59:47.941241588Z 93 PC: 94720 | File sharing functions
2018-12-17T22:59:47.943700839Z 93 PC: 94727 | File sharing functions
2018-12-17T22:59:47.947409579Z 10 PC: 94739 | Buffered keyboard input

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":13234,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T13:07:23.512950517Z 12 PC: 151ec | Flush input buffer and input
2018-12-25T13:07:23.516300896Z 75 PC: 15234 | Execute program
2018-12-25T13:07:23.517958398Z 42 PC: 15571 | Get date 0x15571: cmp dx, 0x911
0x15575: jb 0x155b5
0x15577: cmp dh, 0x10
0x1557a: ja 0x155b5
0x1557c: in al, 0x40
0x1557e: cmp al, dl
0x15580: jne 0x155b5
0x15582: push dx
0x15583: push bx
0x15584: push cx
0x15585: push ax
0x15586: push bp
0x15587: mov ax, 0xd
0x1558a: int 0x21
0x1558c: mov ah, 0x19
0x1558e: int 0x21
0x15590: xor dx, dx
0x15592: call 0x155c0
0x15595: mov bp, bx
0x15597: mov bx, word ptr es:[bp + 0x16]
2018-12-25T13:07:23.520001287Z 98 PC: 154f6 | Get current PSP
2018-12-25T13:07:23.521641568Z 78 PC: 1519f | Find first file
2018-12-25T13:07:23.527044858Z 47 PC: 151a5 | Get disk transfer address
2018-12-25T13:07:23.52823128Z 79 PC: 151d4 | Find next file
2018-12-25T13:07:23.531946371Z 47 PC: 151a5 | Get disk transfer address (See above)
2018-12-25T13:07:23.533748241Z 79 PC: 151d4 | Find next file (See above)
2018-12-25T13:07:23.53682316Z 47 PC: 151a5 | Get disk transfer address (See above)
2018-12-25T13:07:23.539483134Z 79 PC: 151d4 | Find next file (See above)
2018-12-25T13:07:23.542731114Z 47 PC: 151a5 | Get disk transfer address (See above)
2018-12-25T13:07:23.544297679Z 79 PC: 151d4 | Find next file (See above)
2018-12-25T13:07:23.547228336Z 47 PC: 151a5 | Get disk transfer address (See above)
2018-12-25T13:07:23.548325546Z 79 PC: 151d4 | Find next file (See above)
2018-12-25T13:07:23.550057403Z 78 PC: 1519f | Find first file (See above)
2018-12-25T13:07:23.5517658Z 48 PC: 1528f | Get DOS version
2018-12-25T13:07:23.554166793Z 9 PC: 12a47 | Display string (String= 'GOAT File Generator 1.01 � (c) 1994-96 by ROSE, Ralph Roth! (28.12.1996) File: ROSE001.COM - 10.000 (2710h) Bytes length! ')
2018-12-25T13:07:23.559973894Z 77 PC: 11fe0 | Get program return code
2018-12-25T13:07:23.561354584Z 72 PC: 12174 | Allocate memory
2018-12-25T13:07:23.565132663Z 72 PC: 1218d | Allocate memory
2018-12-25T13:07:23.56886134Z 37 PC: 123c4 | Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-25T13:07:23.570304749Z 37 PC: 123cb | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-25T13:07:23.572016445Z 37 PC: 123d2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T13:07:23.573480265Z 78 PC: 9f897 | Find first file
2018-12-25T13:07:23.575347429Z 62 PC: 122ab | Close file
2018-12-25T13:07:23.577018462Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T13:07:23.578406357Z 62 PC: 122ab | Close file (See above)
2018-12-25T13:07:23.579747566Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T13:07:23.581851161Z 62 PC: 122ab | Close file (See above)
2018-12-25T13:07:23.583715059Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T13:07:23.585104854Z 62 PC: 122ab | Close file (See above)
2018-12-25T13:07:23.58732585Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T13:07:23.58886835Z 62 PC: 122ab | Close file (See above)
2018-12-25T13:07:23.59026787Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T13:07:23.592298147Z 62 PC: 122ab | Close file (See above)
2018-12-25T13:07:23.59418613Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T13:07:23.596020704Z 62 PC: 122ab | Close file (See above)
2018-12-25T13:07:23.598149906Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T13:07:23.599932478Z 62 PC: 122ab | Close file (See above)
2018-12-25T13:07:23.601414325Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T13:07:23.603827037Z 62 PC: 122ab | Close file (See above)
2018-12-25T13:07:23.605313827Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T13:07:23.606571758Z 62 PC: 122ab | Close file (See above)
2018-12-25T13:07:23.608673851Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T13:07:23.610253733Z 62 PC: 122ab | Close file (See above)
2018-12-25T13:07:23.611555761Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T13:07:23.613704654Z 62 PC: 122ab | Close file (See above)
2018-12-25T13:07:23.61560106Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T13:07:23.617981276Z 62 PC: 122ab | Close file (See above)
2018-12-25T13:07:23.621344166Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T13:07:23.623290773Z 62 PC: 122ab | Close file (See above)
2018-12-25T13:07:23.625009298Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T13:07:23.628970307Z 62 PC: 122ab | Close file (See above)
2018-12-25T13:07:23.632079119Z 99 PC: 99dd7 | Get DBCS lead byte table pointer
2018-12-25T13:07:23.633691221Z 56 PC: 945f9 | Get or set country info
2018-12-25T13:07:23.636679963Z 64 PC: 9a048 | Write file or device (Write 2 bytes on handle 1)
2018-12-25T13:07:23.641589608Z 25 PC: 94662 | Get default drive
2018-12-25T13:07:23.643373531Z 71 PC: 968dd | Get current directory
2018-12-25T13:07:23.649080591Z 64 PC: 9a048 | Write file or device (See above)
2018-12-25T13:07:23.652681066Z 2 PC: 968b2 | Character output (Char = '3e')
2018-12-25T13:07:23.654952241Z 93 PC: 94720 | File sharing functions
2018-12-25T13:07:23.65760778Z 93 PC: 94727 | File sharing functions
2018-12-25T13:07:23.659694326Z 10 PC: 94739 | Buffered keyboard input
2018-12-25T13:07:38.504677858Z 0 PC: 0 | Program terminate
2018-12-25T13:07:39.859318635Z 0 PC: 0 | Program terminate (See above)
2018-12-25T13:07:39.961097355Z 64 PC: 9a048 | Write file or device (See above)
2018-12-25T13:07:39.965472541Z 41 PC: 947ae | Parse filename
2018-12-25T13:07:39.966823854Z 41 PC: 9482f | Parse filename
2018-12-25T13:07:39.967912757Z 41 PC: 9484c | Parse filename
2018-12-25T13:07:39.97021137Z 26 PC: 97cf7 | Set disk transfer address
2018-12-25T13:07:39.971957495Z 71 PC: 97ef3 | Get current directory
2018-12-25T13:07:39.980580679Z 78 PC: 97efe | Find first file
2018-12-25T13:07:39.990481406Z 71 PC: 97d6c | Get current directory
2018-12-25T13:07:39.993511547Z 73 PC: 97409 | Release memory
2018-12-25T13:07:39.994925552Z 67 PC: 9f67a | Get or set file attributes
2018-12-25T13:07:40.000668429Z 67 PC: 9f67a | Get or set file attributes (See above)
2018-12-25T13:07:40.018466334Z 61 PC: 9f67a | Open file (See above)
2018-12-25T13:07:40.025159906Z 87 PC: 9f6c4 | Get or set file date and time
2018-12-25T13:07:40.027049499Z 63 PC: 9f67a | Read file or device (See above)
2018-12-25T13:07:40.033868884Z 66 PC: 9f6ed | Move file pointer
2018-12-25T13:07:40.035571073Z 64 PC: 9f67a | Write file or device (See above)
2018-12-25T13:07:40.044202649Z 66 PC: 9f78d | Move file pointer
2018-12-25T13:07:40.045481348Z 64 PC: 9f67a | Write file or device (See above)
2018-12-25T13:07:40.051886022Z 87 PC: 9f67a | Get or set file date and time (See above)
2018-12-25T13:07:40.053700681Z 62 PC: 9f67a | Close file (See above)
2018-12-25T13:07:40.069528937Z 67 PC: 9f67a | Get or set file attributes (See above)
2018-12-25T13:07:40.079389495Z 75 PC: 11821 | Execute program
2018-12-25T13:07:40.094910733Z 12 PC: 12af7 | Flush input buffer and input
2018-12-25T13:07:40.097421699Z 9 PC: 12a47 | Display string (See above)
2018-12-25T13:07:40.101507594Z 76 PC: 12a4b | Terminate with return code (Return code = '36')
2018-12-25T13:07:40.105559712Z 77 PC: 11fe0 | Get program return code (See above)
2018-12-25T13:07:40.107118323Z 72 PC: 12174 | Allocate memory (See above)
2018-12-25T13:07:40.108935829Z 72 PC: 1218d | Allocate memory (See above)
2018-12-25T13:07:40.111620133Z 37 PC: 123c4 | Set interrupt vector (See above)
2018-12-25T13:07:40.112984146Z 37 PC: 123cb | Set interrupt vector (See above)
2018-12-25T13:07:40.114531464Z 37 PC: 123d2 | Set interrupt vector (See above)
2018-12-25T13:07:40.117320428Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T13:07:40.119181031Z 62 PC: 122ab | Close file (See above)
2018-12-25T13:07:40.120778311Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T13:07:40.122810105Z 62 PC: 122ab | Close file (See above)
2018-12-25T13:07:40.125558132Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T13:07:40.127710553Z 62 PC: 122ab | Close file (See above)
2018-12-25T13:07:40.130300976Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T13:07:40.132028073Z 62 PC: 122ab | Close file (See above)
2018-12-25T13:07:40.133520129Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T13:07:40.136951412Z 62 PC: 122ab | Close file (See above)
2018-12-25T13:07:40.1481498Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T13:07:40.149878542Z 62 PC: 122ab | Close file (See above)
2018-12-25T13:07:40.151676793Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T13:07:40.153614044Z 62 PC: 122ab | Close file (See above)
2018-12-25T13:07:40.155233323Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T13:07:40.157416672Z 62 PC: 122ab | Close file (See above)
2018-12-25T13:07:40.159049531Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T13:07:40.161161836Z 62 PC: 122ab | Close file (See above)
2018-12-25T13:07:40.163660302Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T13:07:40.165785935Z 62 PC: 122ab | Close file (See above)
2018-12-25T13:07:40.167790345Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T13:07:40.170906119Z 62 PC: 122ab | Close file (See above)
2018-12-25T13:07:40.172791891Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T13:07:40.174790353Z 62 PC: 122ab | Close file (See above)
2018-12-25T13:07:40.176768529Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T13:07:40.179093367Z 62 PC: 122ab | Close file (See above)
2018-12-25T13:07:40.180218115Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T13:07:40.181703133Z 62 PC: 122ab | Close file (See above)
2018-12-25T13:07:40.183151872Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T13:07:40.184309988Z 62 PC: 122ab | Close file (See above)
2018-12-25T13:07:40.186524959Z 99 PC: 99dd7 | Get DBCS lead byte table pointer (See above)
2018-12-25T13:07:40.188387572Z 56 PC: 945f9 | Get or set country info (See above)
2018-12-25T13:07:40.190433645Z 64 PC: 9a048 | Write file or device (See above)
2018-12-25T13:07:40.19514377Z 25 PC: 94662 | Get default drive (See above)
2018-12-25T13:07:40.197799839Z 71 PC: 968dd | Get current directory (See above)
2018-12-25T13:07:40.201829276Z 64 PC: 9a048 | Write file or device (See above)
2018-12-25T13:07:40.206207116Z 2 PC: 968b2 | Character output (See above)
2018-12-25T13:07:40.209719126Z 93 PC: 94720 | File sharing functions (See above)
2018-12-25T13:07:40.211466451Z 93 PC: 94727 | File sharing functions (See above)
2018-12-25T13:07:40.213732164Z 10 PC: 94739 | Buffered keyboard input (See above)

{"DateBased":true,"Day":17,"Month":9,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":13234,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:37:45.422644198Z 12 PC: 151ec | Flush input buffer and input
2018-12-25T12:37:45.425895913Z 75 PC: 15234 | Execute program
2018-12-25T12:37:45.428323959Z 42 PC: 15571 | Get date 0x15571: cmp dx, 0x911
0x15575: jb 0x155b5
0x15577: cmp dh, 0x10
0x1557a: ja 0x155b5
0x1557c: in al, 0x40
0x1557e: cmp al, dl
0x15580: jne 0x155b5
0x15582: push dx
0x15583: push bx
0x15584: push cx
0x15585: push ax
0x15586: push bp
0x15587: mov ax, 0xd
0x1558a: int 0x21
0x1558c: mov ah, 0x19
0x1558e: int 0x21
0x15590: xor dx, dx
0x15592: call 0x155c0
0x15595: mov bp, bx
0x15597: mov bx, word ptr es:[bp + 0x16]
2018-12-25T12:37:45.432189371Z 98 PC: 154f6 | Get current PSP
2018-12-25T12:37:45.433811952Z 78 PC: 1519f | Find first file
2018-12-25T12:37:45.440627186Z 47 PC: 151a5 | Get disk transfer address
2018-12-25T12:37:45.441914249Z 79 PC: 151d4 | Find next file
2018-12-25T12:37:45.445062923Z 47 PC: 151a5 | Get disk transfer address (See above)
2018-12-25T12:37:45.446366958Z 79 PC: 151d4 | Find next file (See above)
2018-12-25T12:37:45.449360691Z 47 PC: 151a5 | Get disk transfer address (See above)
2018-12-25T12:37:45.45065372Z 79 PC: 151d4 | Find next file (See above)
2018-12-25T12:37:45.454376076Z 47 PC: 151a5 | Get disk transfer address (See above)
2018-12-25T12:37:45.455532054Z 79 PC: 151d4 | Find next file (See above)
2018-12-25T12:37:45.458197309Z 47 PC: 151a5 | Get disk transfer address (See above)
2018-12-25T12:37:45.466822506Z 79 PC: 151d4 | Find next file (See above)
2018-12-25T12:37:45.469504443Z 78 PC: 1519f | Find first file (See above)
2018-12-25T12:37:45.472349467Z 48 PC: 1528f | Get DOS version
2018-12-25T12:37:45.475024891Z 9 PC: 12a47 | Display string (String= 'GOAT File Generator 1.01 � (c) 1994-96 by ROSE, Ralph Roth! (28.12.1996) File: ROSE001.COM - 10.000 (2710h) Bytes length! ')
2018-12-25T12:37:45.485281954Z 77 PC: 11fe0 | Get program return code
2018-12-25T12:37:45.486958444Z 72 PC: 12174 | Allocate memory
2018-12-25T12:37:45.492534769Z 72 PC: 1218d | Allocate memory
2018-12-25T12:37:45.495200813Z 37 PC: 123c4 | Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-25T12:37:45.497005377Z 37 PC: 123cb | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-25T12:37:45.500361422Z 37 PC: 123d2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:37:45.501933774Z 78 PC: 9f897 | Find first file
2018-12-25T12:37:45.504081218Z 62 PC: 122ab | Close file
2018-12-25T12:37:45.505941531Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T12:37:45.509419219Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:37:45.512352198Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T12:37:45.515801961Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:37:45.517701897Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T12:37:45.519122814Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:37:45.520528236Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T12:37:45.522789217Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:37:45.523968377Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T12:37:45.5252502Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:37:45.535293566Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T12:37:45.538035903Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:37:45.539871207Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T12:37:45.542647965Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:37:45.544786457Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T12:37:45.546118043Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:37:45.548029183Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T12:37:45.549431506Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:37:45.550660355Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T12:37:45.552345438Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:37:45.553700168Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T12:37:45.555048802Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:37:45.556509351Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T12:37:45.563930482Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:37:45.56520303Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T12:37:45.566601467Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:37:45.568238383Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T12:37:45.569629765Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:37:45.571696126Z 99 PC: 99dd7 | Get DBCS lead byte table pointer
2018-12-25T12:37:45.573476467Z 56 PC: 945f9 | Get or set country info
2018-12-25T12:37:45.575302357Z 64 PC: 9a048 | Write file or device (Write 2 bytes on handle 1)
2018-12-25T12:37:45.578371156Z 25 PC: 94662 | Get default drive
2018-12-25T12:37:45.580119933Z 71 PC: 968dd | Get current directory
2018-12-25T12:37:45.583040662Z 64 PC: 9a048 | Write file or device (See above)
2018-12-25T12:37:45.585789268Z 2 PC: 968b2 | Character output (Char = '3e')
2018-12-25T12:37:45.587998257Z 93 PC: 94720 | File sharing functions
2018-12-25T12:37:45.590108399Z 93 PC: 94727 | File sharing functions
2018-12-25T12:37:45.592178866Z 10 PC: 94739 | Buffered keyboard input
2018-12-25T12:38:00.401518455Z 0 PC: 0 | Program terminate
2018-12-25T12:38:01.756145913Z 0 PC: 0 | Program terminate (See above)
2018-12-25T12:38:01.859820665Z 64 PC: 9a048 | Write file or device (See above)
2018-12-25T12:38:01.868753441Z 41 PC: 947ae | Parse filename
2018-12-25T12:38:01.873025232Z 41 PC: 9482f | Parse filename
2018-12-25T12:38:01.876755624Z 41 PC: 9484c | Parse filename
2018-12-25T12:38:01.879543662Z 26 PC: 97cf7 | Set disk transfer address
2018-12-25T12:38:01.881609972Z 71 PC: 97ef3 | Get current directory
2018-12-25T12:38:01.89078368Z 78 PC: 97efe | Find first file
2018-12-25T12:38:01.902488606Z 71 PC: 97d6c | Get current directory
2018-12-25T12:38:01.907443515Z 73 PC: 97409 | Release memory
2018-12-25T12:38:01.909791221Z 67 PC: 9f67a | Get or set file attributes
2018-12-25T12:38:01.917209471Z 67 PC: 9f67a | Get or set file attributes (See above)
2018-12-25T12:38:01.935676818Z 61 PC: 9f67a | Open file (See above)
2018-12-25T12:38:01.949688571Z 87 PC: 9f6c4 | Get or set file date and time
2018-12-25T12:38:01.952652978Z 63 PC: 9f67a | Read file or device (See above)
2018-12-25T12:38:01.960230632Z 66 PC: 9f6ed | Move file pointer
2018-12-25T12:38:01.962337482Z 64 PC: 9f67a | Write file or device (See above)
2018-12-25T12:38:01.97286615Z 66 PC: 9f78d | Move file pointer
2018-12-25T12:38:01.974566279Z 64 PC: 9f67a | Write file or device (See above)
2018-12-25T12:38:01.982097552Z 87 PC: 9f67a | Get or set file date and time (See above)
2018-12-25T12:38:01.984708972Z 62 PC: 9f67a | Close file (See above)
2018-12-25T12:38:01.993978157Z 67 PC: 9f67a | Get or set file attributes (See above)
2018-12-25T12:38:02.006231713Z 75 PC: 11821 | Execute program
2018-12-25T12:38:02.025004646Z 12 PC: 12af7 | Flush input buffer and input
2018-12-25T12:38:02.028714977Z 9 PC: 12a47 | Display string (See above)
2018-12-25T12:38:02.033884522Z 76 PC: 12a4b | Terminate with return code (Return code = '36')
2018-12-25T12:38:02.038585725Z 77 PC: 11fe0 | Get program return code (See above)
2018-12-25T12:38:02.041808458Z 72 PC: 12174 | Allocate memory (See above)
2018-12-25T12:38:02.044454081Z 72 PC: 1218d | Allocate memory (See above)
2018-12-25T12:38:02.047507233Z 37 PC: 123c4 | Set interrupt vector (See above)
2018-12-25T12:38:02.050533977Z 37 PC: 123cb | Set interrupt vector (See above)
2018-12-25T12:38:02.052484965Z 37 PC: 123d2 | Set interrupt vector (See above)
2018-12-25T12:38:02.054411681Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T12:38:02.058957309Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:38:02.061640433Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T12:38:02.063806619Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:38:02.066652462Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T12:38:02.068971838Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:38:02.071029406Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T12:38:02.074171519Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:38:02.076475847Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T12:38:02.078983223Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:38:02.08133338Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T12:38:02.085061646Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:38:02.087178405Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T12:38:02.090458333Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:38:02.094064411Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T12:38:02.096650098Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:38:02.098612912Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T12:38:02.101946712Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:38:02.104186871Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T12:38:02.106737239Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:38:02.109726165Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T12:38:02.111333331Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:38:02.1129051Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T12:38:02.114955089Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:38:02.116649542Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T12:38:02.118225608Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:38:02.120248043Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T12:38:02.121833975Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:38:02.123285461Z 78 PC: 9f897 | Find first file (See above)
2018-12-25T12:38:02.12542822Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:38:02.127638865Z 99 PC: 99dd7 | Get DBCS lead byte table pointer (See above)
2018-12-25T12:38:02.128949741Z 56 PC: 945f9 | Get or set country info (See above)
2018-12-25T12:38:02.131204325Z 64 PC: 9a048 | Write file or device (See above)
2018-12-25T12:38:02.134422514Z 25 PC: 94662 | Get default drive (See above)
2018-12-25T12:38:02.136062901Z 71 PC: 968dd | Get current directory (See above)
2018-12-25T12:38:02.139660431Z 64 PC: 9a048 | Write file or device (See above)
2018-12-25T12:38:02.142167965Z 2 PC: 968b2 | Character output (See above)
2018-12-25T12:38:02.144946665Z 93 PC: 94720 | File sharing functions (See above)
2018-12-25T12:38:02.147116352Z 93 PC: 94727 | File sharing functions (See above)
2018-12-25T12:38:02.148877901Z 10 PC: 94739 | Buffered keyboard input (See above)