Sample viewer

vx.netlux.org/Virus.DOS.IVP.Birgit.396

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:01:54.016654987Z 26 PC: 12b52 | Set disk transfer address
2018-12-17T23:01:54.01856529Z 53 PC: 12a6d | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:01:54.020717931Z 37 PC: 12a7f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:01:54.023845584Z 78 PC: 12aaa | Find first file
2018-12-17T23:01:54.031800967Z 61 PC: 12b5b | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:01:54.039499721Z 63 PC: 12ac5 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T23:01:54.046272871Z 62 PC: 12ac9 | Close file
2018-12-17T23:01:54.048474691Z 67 PC: 12b66 | Get or set file attributes
2018-12-17T23:01:54.070637529Z 61 PC: 12b5b | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:01:54.07628226Z 64 PC: 12b0f | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:01:54.081614289Z 66 PC: 12b4d | Move file pointer
2018-12-17T23:01:54.083778087Z 44 PC: 12b1a | Get time 0x12b1a: cmp dh, 0
0x12b1d: je 0x12b16
0x12b1f: mov byte ptr cs:[bp + 0x28e], dh
0x12b24: call 0x12b85
0x12b27: mov ax, 0x5701
0x12b2a: mov cx, word ptr cs:[bp + 0x2c1]
0x12b2f: mov dx, word ptr cs:[bp + 0x2c3]
0x12b34: int 0x21
0x12b36: mov ah, 0x3e
0x12b38: int 0x21
0x12b3a: xor cx, cx
0x12b3c: mov cl, byte ptr cs:[bp + 0x2c0]
0x12b41: call 0x12b5d
0x12b44: ret
0x12b45: mov ah, 0x42
0x12b47: xor cx, cx
0x12b49: xor dx, dx
0x12b4b: int 0x21
0x12b4d: ret
0x12b4e: mov ah, 0x1a
2018-12-17T23:01:54.085822232Z 64 PC: 12be2 | Write file or device (Write 396 bytes on handle 5)
2018-12-17T23:01:54.09476267Z 87 PC: 12b36 | Get or set file date and time
2018-12-17T23:01:54.099311013Z 62 PC: 12b3a | Close file
2018-12-17T23:01:54.119838887Z 67 PC: 12b66 | Get or set file attributes
2018-12-17T23:01:54.13169394Z 79 PC: 12aaa | Find next file
2018-12-17T23:01:54.135653345Z 61 PC: 12b5b | Open file (Filename = 'PRINT.COM')
2018-12-17T23:01:54.14341087Z 63 PC: 12ac5 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T23:01:54.150351014Z 62 PC: 12ac9 | Close file
2018-12-17T23:01:54.152655225Z 67 PC: 12b66 | Get or set file attributes
2018-12-17T23:01:54.164252728Z 61 PC: 12b5b | Open file (Filename = 'PRINT.COM')
2018-12-17T23:01:54.171976133Z 64 PC: 12b0f | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:01:54.175535927Z 66 PC: 12b4d | Move file pointer
2018-12-17T23:01:54.178829444Z 44 PC: 12b1a | Get time 0x12b1a: cmp dh, 0
0x12b1d: je 0x12b16
0x12b1f: mov byte ptr cs:[bp + 0x28e], dh
0x12b24: call 0x12b85
0x12b27: mov ax, 0x5701
0x12b2a: mov cx, word ptr cs:[bp + 0x2c1]
0x12b2f: mov dx, word ptr cs:[bp + 0x2c3]
0x12b34: int 0x21
0x12b36: mov ah, 0x3e
0x12b38: int 0x21
0x12b3a: xor cx, cx
0x12b3c: mov cl, byte ptr cs:[bp + 0x2c0]
0x12b41: call 0x12b5d
0x12b44: ret
0x12b45: mov ah, 0x42
0x12b47: xor cx, cx
0x12b49: xor dx, dx
0x12b4b: int 0x21
0x12b4d: ret
0x12b4e: mov ah, 0x1a
2018-12-17T23:01:54.181953591Z 64 PC: 12be2 | Write file or device (Write 396 bytes on handle 5)
2018-12-17T23:01:54.185521665Z 87 PC: 12b36 | Get or set file date and time
2018-12-17T23:01:54.188746771Z 62 PC: 12b3a | Close file
2018-12-17T23:01:54.198077166Z 67 PC: 12b66 | Get or set file attributes
2018-12-17T23:01:54.209531107Z 79 PC: 12aaa | Find next file
2018-12-17T23:01:54.213915845Z 61 PC: 12b5b | Open file (Filename = 'HELLO.COM')
2018-12-17T23:01:54.222188425Z 63 PC: 12ac5 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T23:01:54.229722804Z 62 PC: 12ac9 | Close file
2018-12-17T23:01:54.232216667Z 67 PC: 12b66 | Get or set file attributes
2018-12-17T23:01:54.244961797Z 61 PC: 12b5b | Open file (Filename = 'HELLO.COM')
2018-12-17T23:01:54.252756692Z 64 PC: 12b0f | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:01:54.257137235Z 66 PC: 12b4d | Move file pointer
2018-12-17T23:01:54.259754124Z 44 PC: 12b1a | Get time 0x12b1a: cmp dh, 0
0x12b1d: je 0x12b16
0x12b1f: mov byte ptr cs:[bp + 0x28e], dh
0x12b24: call 0x12b85
0x12b27: mov ax, 0x5701
0x12b2a: mov cx, word ptr cs:[bp + 0x2c1]
0x12b2f: mov dx, word ptr cs:[bp + 0x2c3]
0x12b34: int 0x21
0x12b36: mov ah, 0x3e
0x12b38: int 0x21
0x12b3a: xor cx, cx
0x12b3c: mov cl, byte ptr cs:[bp + 0x2c0]
0x12b41: call 0x12b5d
0x12b44: ret
0x12b45: mov ah, 0x42
0x12b47: xor cx, cx
0x12b49: xor dx, dx
0x12b4b: int 0x21
0x12b4d: ret
0x12b4e: mov ah, 0x1a
2018-12-17T23:01:54.262497688Z 64 PC: 12be2 | Write file or device (Write 396 bytes on handle 5)
2018-12-17T23:01:54.266169435Z 87 PC: 12b36 | Get or set file date and time
2018-12-17T23:01:54.268796575Z 62 PC: 12b3a | Close file
2018-12-17T23:01:54.277223496Z 67 PC: 12b66 | Get or set file attributes
2018-12-17T23:01:54.288295122Z 79 PC: 12aaa | Find next file
2018-12-17T23:01:54.291979832Z 61 PC: 12b5b | Open file (Filename = 'PHANG.COM')
2018-12-17T23:01:54.299882651Z 63 PC: 12ac5 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T23:01:54.30732609Z 62 PC: 12ac9 | Close file
2018-12-17T23:01:54.309913438Z 67 PC: 12b66 | Get or set file attributes
2018-12-17T23:01:54.32159288Z 61 PC: 12b5b | Open file (Filename = 'PHANG.COM')
2018-12-17T23:01:54.330074043Z 64 PC: 12b0f | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:01:54.333613069Z 66 PC: 12b4d | Move file pointer
2018-12-17T23:01:54.33650522Z 44 PC: 12b1a | Get time 0x12b1a: cmp dh, 0
0x12b1d: je 0x12b16
0x12b1f: mov byte ptr cs:[bp + 0x28e], dh
0x12b24: call 0x12b85
0x12b27: mov ax, 0x5701
0x12b2a: mov cx, word ptr cs:[bp + 0x2c1]
0x12b2f: mov dx, word ptr cs:[bp + 0x2c3]
0x12b34: int 0x21
0x12b36: mov ah, 0x3e
0x12b38: int 0x21
0x12b3a: xor cx, cx
0x12b3c: mov cl, byte ptr cs:[bp + 0x2c0]
0x12b41: call 0x12b5d
0x12b44: ret
0x12b45: mov ah, 0x42
0x12b47: xor cx, cx
0x12b49: xor dx, dx
0x12b4b: int 0x21
0x12b4d: ret
0x12b4e: mov ah, 0x1a
2018-12-17T23:01:54.339636286Z 64 PC: 12be2 | Write file or device (Write 396 bytes on handle 5)
2018-12-17T23:01:54.34326871Z 87 PC: 12b36 | Get or set file date and time
2018-12-17T23:01:54.345810806Z 62 PC: 12b3a | Close file
2018-12-17T23:01:54.353503742Z 67 PC: 12b66 | Get or set file attributes
2018-12-17T23:01:54.364967998Z 79 PC: 12aaa | Find next file
2018-12-17T23:01:54.369461419Z 61 PC: 12b5b | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T23:01:54.377666908Z 63 PC: 12ac5 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T23:01:54.385232632Z 62 PC: 12ac9 | Close file
2018-12-17T23:01:54.38841004Z 67 PC: 12b66 | Get or set file attributes
2018-12-17T23:01:54.39476472Z 61 PC: 12b5b | Open file (Filename = 'PRINTA~1.COM�')
2018-12-17T23:01:54.400902057Z 64 PC: 12b0f | Write file or device (Write 3 bytes on handle 2)
2018-12-17T23:01:54.405363649Z 66 PC: 12b4d | Move file pointer
2018-12-17T23:01:54.407239953Z 44 PC: 12b1a | Get time 0x12b1a: cmp dh, 0
0x12b1d: je 0x12b16
0x12b1f: mov byte ptr cs:[bp + 0x28e], dh
0x12b24: call 0x12b85
0x12b27: mov ax, 0x5701
0x12b2a: mov cx, word ptr cs:[bp + 0x2c1]
0x12b2f: mov dx, word ptr cs:[bp + 0x2c3]
0x12b34: int 0x21
0x12b36: mov ah, 0x3e
0x12b38: int 0x21
0x12b3a: xor cx, cx
0x12b3c: mov cl, byte ptr cs:[bp + 0x2c0]
0x12b41: call 0x12b5d
0x12b44: ret
0x12b45: mov ah, 0x42
0x12b47: xor cx, cx
0x12b49: xor dx, dx
0x12b4b: int 0x21
0x12b4d: ret
0x12b4e: mov ah, 0x1a
2018-12-17T23:01:54.410213544Z 64 PC: 12be2 | Write file or device (Write 396 bytes on handle 2)
2018-12-17T23:01:54.423216117Z 87 PC: 12b36 | Get or set file date and time
2018-12-17T23:01:54.42632067Z 62 PC: 12b3a | Close file
2018-12-17T23:01:54.428519577Z 67 PC: 12b66 | Get or set file attributes
2018-12-17T23:01:54.433831785Z 79 PC: 12aaa | Find next file
2018-12-17T23:01:54.438021369Z 61 PC: 12b5b | Open file (Filename = 'MANDEL.COM')
2018-12-17T23:01:54.445729226Z 63 PC: 12ac5 | Read file or device (Read 26 bytes on handle 2)
2018-12-17T23:01:54.452728145Z 62 PC: 12ac9 | Close file
2018-12-17T23:01:54.455869258Z 67 PC: 12b66 | Get or set file attributes
2018-12-17T23:01:54.467820393Z 61 PC: 12b5b | Open file (Filename = 'MANDEL.COM')
2018-12-17T23:01:54.475676735Z 64 PC: 12b0f | Write file or device (Write 3 bytes on handle 2)
2018-12-17T23:01:54.480302326Z 66 PC: 12b4d | Move file pointer
2018-12-17T23:01:54.482479486Z 44 PC: 12b1a | Get time 0x12b1a: cmp dh, 0
0x12b1d: je 0x12b16
0x12b1f: mov byte ptr cs:[bp + 0x28e], dh
0x12b24: call 0x12b85
0x12b27: mov ax, 0x5701
0x12b2a: mov cx, word ptr cs:[bp + 0x2c1]
0x12b2f: mov dx, word ptr cs:[bp + 0x2c3]
0x12b34: int 0x21
0x12b36: mov ah, 0x3e
0x12b38: int 0x21
0x12b3a: xor cx, cx
0x12b3c: mov cl, byte ptr cs:[bp + 0x2c0]
0x12b41: call 0x12b5d
0x12b44: ret
0x12b45: mov ah, 0x42
0x12b47: xor cx, cx
0x12b49: xor dx, dx
0x12b4b: int 0x21
0x12b4d: ret
0x12b4e: mov ah, 0x1a
2018-12-17T23:01:54.485597183Z 64 PC: 12be2 | Write file or device (Write 396 bytes on handle 2)
2018-12-17T23:01:54.497020826Z 87 PC: 12b36 | Get or set file date and time
2018-12-17T23:01:54.499558521Z 62 PC: 12b3a | Close file
2018-12-17T23:01:54.508275671Z 67 PC: 12b66 | Get or set file attributes
2018-12-17T23:01:54.519274681Z 79 PC: 12aaa | Find next file
2018-12-17T23:01:54.523533271Z 61 PC: 12b5b | Open file (Filename = 'PAH.COM')
2018-12-17T23:01:54.53169457Z 63 PC: 12ac5 | Read file or device (Read 26 bytes on handle 2)
2018-12-17T23:01:54.549313044Z 62 PC: 12ac9 | Close file
2018-12-17T23:01:54.55258685Z 67 PC: 12b66 | Get or set file attributes
2018-12-17T23:01:54.56416656Z 61 PC: 12b5b | Open file (Filename = 'PAH.COM')
2018-12-17T23:01:54.572355341Z 64 PC: 12b0f | Write file or device (Write 3 bytes on handle 2)
2018-12-17T23:01:54.577799049Z 66 PC: 12b4d | Move file pointer
2018-12-17T23:01:54.579854548Z 44 PC: 12b1a | Get time 0x12b1a: cmp dh, 0
0x12b1d: je 0x12b16
0x12b1f: mov byte ptr cs:[bp + 0x28e], dh
0x12b24: call 0x12b85
0x12b27: mov ax, 0x5701
0x12b2a: mov cx, word ptr cs:[bp + 0x2c1]
0x12b2f: mov dx, word ptr cs:[bp + 0x2c3]
0x12b34: int 0x21
0x12b36: mov ah, 0x3e
0x12b38: int 0x21
0x12b3a: xor cx, cx
0x12b3c: mov cl, byte ptr cs:[bp + 0x2c0]
0x12b41: call 0x12b5d
0x12b44: ret
0x12b45: mov ah, 0x42
0x12b47: xor cx, cx
0x12b49: xor dx, dx
0x12b4b: int 0x21
0x12b4d: ret
0x12b4e: mov ah, 0x1a
2018-12-17T23:01:54.583078235Z 64 PC: 12be2 | Write file or device (Write 396 bytes on handle 2)
2018-12-17T23:01:54.587395461Z 87 PC: 12b36 | Get or set file date and time
2018-12-17T23:01:54.589804825Z 62 PC: 12b3a | Close file
2018-12-17T23:01:54.59907177Z 67 PC: 12b66 | Get or set file attributes
2018-12-17T23:01:54.610816401Z 79 PC: 12aaa | Find next file
2018-12-17T23:01:54.614831129Z 61 PC: 12b5b | Open file (Filename = 'TEST.COM')
2018-12-17T23:01:54.622714121Z 63 PC: 12ac5 | Read file or device (Read 26 bytes on handle 2)
2018-12-17T23:01:54.630503419Z 62 PC: 12ac9 | Close file
2018-12-17T23:01:54.634066828Z 79 PC: 12aaa | Find next file
2018-12-17T23:01:54.637395354Z 9 PC: 12a90 | Display string (String= 'Birgit [IVP] ')
2018-12-17T23:01:54.645192805Z 37 PC: 12a9a | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:01:54.648382282Z 26 PC: 12b52 | Set disk transfer address

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":14021,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:39:43.323070016Z 26 PC: 12b52 | Set disk transfer address
2018-12-25T12:39:43.325221715Z 53 PC: 12a6d | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:39:43.326648558Z 37 PC: 12a7f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:39:43.327980415Z 78 PC: 12aaa | Find first file
2018-12-25T12:39:43.335075971Z 61 PC: 12b5b | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:39:43.341485248Z 63 PC: 12ac5 | Read file or device (Read 26 bytes on handle 5)
2018-12-25T12:39:43.347749403Z 62 PC: 12ac9 | Close file
2018-12-25T12:39:43.349714156Z 67 PC: 12b66 | Get or set file attributes
2018-12-25T12:39:43.711775033Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:43.716971774Z 64 PC: 12b0f | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:39:43.718919832Z 66 PC: 12b4d | Move file pointer
2018-12-25T12:39:43.720179013Z 44 PC: 12b1a | Get time 0x12b1a: cmp dh, 0
0x12b1d: je 0x12b16
0x12b1f: mov byte ptr cs:[bp + 0x28e], dh
0x12b24: call 0x12b85
0x12b27: mov ax, 0x5701
0x12b2a: mov cx, word ptr cs:[bp + 0x2c1]
0x12b2f: mov dx, word ptr cs:[bp + 0x2c3]
0x12b34: int 0x21
0x12b36: mov ah, 0x3e
0x12b38: int 0x21
0x12b3a: xor cx, cx
0x12b3c: mov cl, byte ptr cs:[bp + 0x2c0]
0x12b41: call 0x12b5d
0x12b44: ret
0x12b45: mov ah, 0x42
0x12b47: xor cx, cx
0x12b49: xor dx, dx
0x12b4b: int 0x21
0x12b4d: ret
0x12b4e: mov ah, 0x1a
2018-12-25T12:39:43.721882408Z 64 PC: 12be2 | Write file or device (Write 396 bytes on handle 5)
2018-12-25T12:39:43.731380673Z 87 PC: 12b36 | Get or set file date and time
2018-12-25T12:39:43.733983436Z 62 PC: 12b3a | Close file
2018-12-25T12:39:43.746497859Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:43.757375361Z 79 PC: 12aaa | Find next file (See above)
2018-12-25T12:39:43.762172441Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:43.76885592Z 63 PC: 12ac5 | Read file or device (See above)
2018-12-25T12:39:43.775385244Z 62 PC: 12ac9 | Close file (See above)
2018-12-25T12:39:43.778058274Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:43.792894973Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:43.799849085Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:39:43.80323863Z 66 PC: 12b4d | Move file pointer (See above)
2018-12-25T12:39:43.804601737Z 44 PC: 12b1a | Get time (See above)
2018-12-25T12:39:43.806854806Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T12:39:43.810960716Z 87 PC: 12b36 | Get or set file date and time (See above)
2018-12-25T12:39:43.812756065Z 62 PC: 12b3a | Close file (See above)
2018-12-25T12:39:43.866089318Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:43.889886247Z 79 PC: 12aaa | Find next file (See above)
2018-12-25T12:39:43.891658708Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:43.895946197Z 63 PC: 12ac5 | Read file or device (See above)
2018-12-25T12:39:43.903405601Z 62 PC: 12ac9 | Close file (See above)
2018-12-25T12:39:43.904801526Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:43.925781566Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:43.932716206Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:39:43.935294078Z 66 PC: 12b4d | Move file pointer (See above)
2018-12-25T12:39:43.936588425Z 44 PC: 12b1a | Get time (See above)
2018-12-25T12:39:43.939188202Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T12:39:43.941918075Z 87 PC: 12b36 | Get or set file date and time (See above)
2018-12-25T12:39:43.943498342Z 62 PC: 12b3a | Close file (See above)
2018-12-25T12:39:43.97850846Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.008754433Z 79 PC: 12aaa | Find next file (See above)
2018-12-25T12:39:44.010514673Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.01488514Z 63 PC: 12ac5 | Read file or device (See above)
2018-12-25T12:39:44.019000288Z 62 PC: 12ac9 | Close file (See above)
2018-12-25T12:39:44.021327251Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.027807965Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.034485567Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:39:44.037044445Z 66 PC: 12b4d | Move file pointer (See above)
2018-12-25T12:39:44.038759566Z 44 PC: 12b1a | Get time (See above)
2018-12-25T12:39:44.040967147Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T12:39:44.043825386Z 87 PC: 12b36 | Get or set file date and time (See above)
2018-12-25T12:39:44.045669524Z 62 PC: 12b3a | Close file (See above)
2018-12-25T12:39:44.05271557Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.064385464Z 79 PC: 12aaa | Find next file (See above)
2018-12-25T12:39:44.067904305Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.0744292Z 63 PC: 12ac5 | Read file or device (See above)
2018-12-25T12:39:44.092738265Z 62 PC: 12ac9 | Close file (See above)
2018-12-25T12:39:44.09550476Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.099860982Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.104364403Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:39:44.107208399Z 66 PC: 12b4d | Move file pointer (See above)
2018-12-25T12:39:44.108896705Z 44 PC: 12b1a | Get time (See above)
2018-12-25T12:39:44.111405522Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T12:39:44.122195235Z 87 PC: 12b36 | Get or set file date and time (See above)
2018-12-25T12:39:44.123716819Z 62 PC: 12b3a | Close file (See above)
2018-12-25T12:39:44.125425575Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.13018971Z 79 PC: 12aaa | Find next file (See above)
2018-12-25T12:39:44.132826321Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.140252638Z 63 PC: 12ac5 | Read file or device (See above)
2018-12-25T12:39:44.146790248Z 62 PC: 12ac9 | Close file (See above)
2018-12-25T12:39:44.149184549Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.159472215Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.166194222Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:39:44.16999538Z 66 PC: 12b4d | Move file pointer (See above)
2018-12-25T12:39:44.171235764Z 44 PC: 12b1a | Get time (See above)
2018-12-25T12:39:44.17366773Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T12:39:44.181928963Z 87 PC: 12b36 | Get or set file date and time (See above)
2018-12-25T12:39:44.183352247Z 62 PC: 12b3a | Close file (See above)
2018-12-25T12:39:44.190632804Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.200887172Z 79 PC: 12aaa | Find next file (See above)
2018-12-25T12:39:44.203345194Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.20982052Z 63 PC: 12ac5 | Read file or device (See above)
2018-12-25T12:39:44.214361909Z 62 PC: 12ac9 | Close file (See above)
2018-12-25T12:39:44.216045994Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.225566855Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.232294644Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:39:44.23488972Z 66 PC: 12b4d | Move file pointer (See above)
2018-12-25T12:39:44.236067718Z 44 PC: 12b1a | Get time (See above)
2018-12-25T12:39:44.238857713Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T12:39:44.241470761Z 87 PC: 12b36 | Get or set file date and time (See above)
2018-12-25T12:39:44.242736365Z 62 PC: 12b3a | Close file (See above)
2018-12-25T12:39:44.249983172Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.262856212Z 79 PC: 12aaa | Find next file (See above)
2018-12-25T12:39:44.265240494Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.271958997Z 63 PC: 12ac5 | Read file or device (See above)
2018-12-25T12:39:44.278225984Z 62 PC: 12ac9 | Close file (See above)
2018-12-25T12:39:44.279815137Z 79 PC: 12aaa | Find next file (See above)
2018-12-25T12:39:44.282841426Z 9 PC: 12a90 | Display string (String= 'Birgit [IVP] ')
2018-12-25T12:39:44.288983562Z 37 PC: 12a9a | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:39:44.290081516Z 26 PC: 12b52 | Set disk transfer address (See above)

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":1,"TimeBased":true,"OriginalID":14021,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:39:43.357883783Z 26 PC: 12b52 | Set disk transfer address
2018-12-25T12:39:43.362823918Z 53 PC: 12a6d | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:39:43.364054583Z 37 PC: 12a7f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:39:43.365095418Z 78 PC: 12aaa | Find first file
2018-12-25T12:39:43.37135113Z 61 PC: 12b5b | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:39:43.378012434Z 63 PC: 12ac5 | Read file or device (Read 26 bytes on handle 5)
2018-12-25T12:39:43.3843522Z 62 PC: 12ac9 | Close file
2018-12-25T12:39:43.386800584Z 67 PC: 12b66 | Get or set file attributes
2018-12-25T12:39:43.711713402Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:43.71830064Z 64 PC: 12b0f | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:39:43.721495732Z 66 PC: 12b4d | Move file pointer
2018-12-25T12:39:43.723154691Z 44 PC: 12b1a | Get time 0x12b1a: cmp dh, 0
0x12b1d: je 0x12b16
0x12b1f: mov byte ptr cs:[bp + 0x28e], dh
0x12b24: call 0x12b85
0x12b27: mov ax, 0x5701
0x12b2a: mov cx, word ptr cs:[bp + 0x2c1]
0x12b2f: mov dx, word ptr cs:[bp + 0x2c3]
0x12b34: int 0x21
0x12b36: mov ah, 0x3e
0x12b38: int 0x21
0x12b3a: xor cx, cx
0x12b3c: mov cl, byte ptr cs:[bp + 0x2c0]
0x12b41: call 0x12b5d
0x12b44: ret
0x12b45: mov ah, 0x42
0x12b47: xor cx, cx
0x12b49: xor dx, dx
0x12b4b: int 0x21
0x12b4d: ret
0x12b4e: mov ah, 0x1a
2018-12-25T12:39:43.725558776Z 64 PC: 12be2 | Write file or device (Write 396 bytes on handle 5)
2018-12-25T12:39:43.736915626Z 87 PC: 12b36 | Get or set file date and time
2018-12-25T12:39:43.739075621Z 62 PC: 12b3a | Close file
2018-12-25T12:39:43.751291929Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:43.824264445Z 79 PC: 12aaa | Find next file (See above)
2018-12-25T12:39:43.827449429Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:43.833702673Z 63 PC: 12ac5 | Read file or device (See above)
2018-12-25T12:39:43.840183012Z 62 PC: 12ac9 | Close file (See above)
2018-12-25T12:39:43.842543002Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:43.861598565Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:43.868673405Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:39:43.872194329Z 66 PC: 12b4d | Move file pointer (See above)
2018-12-25T12:39:43.874372318Z 44 PC: 12b1a | Get time (See above)
2018-12-25T12:39:43.877148988Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T12:39:43.880951476Z 87 PC: 12b36 | Get or set file date and time (See above)
2018-12-25T12:39:43.882410503Z 62 PC: 12b3a | Close file (See above)
2018-12-25T12:39:43.897123679Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:43.919170537Z 79 PC: 12aaa | Find next file (See above)
2018-12-25T12:39:43.921668578Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:43.93332516Z 63 PC: 12ac5 | Read file or device (See above)
2018-12-25T12:39:43.940218727Z 62 PC: 12ac9 | Close file (See above)
2018-12-25T12:39:43.942245204Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:43.987901317Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:43.993050713Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:39:43.995680049Z 66 PC: 12b4d | Move file pointer (See above)
2018-12-25T12:39:43.996894277Z 44 PC: 12b1a | Get time (See above)
2018-12-25T12:39:43.999186373Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T12:39:44.001943769Z 87 PC: 12b36 | Get or set file date and time (See above)
2018-12-25T12:39:44.003446309Z 62 PC: 12b3a | Close file (See above)
2018-12-25T12:39:44.020495747Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.029951Z 79 PC: 12aaa | Find next file (See above)
2018-12-25T12:39:44.032538745Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.044007153Z 63 PC: 12ac5 | Read file or device (See above)
2018-12-25T12:39:44.050042573Z 62 PC: 12ac9 | Close file (See above)
2018-12-25T12:39:44.051912554Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.061817545Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.069196758Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:39:44.071773127Z 66 PC: 12b4d | Move file pointer (See above)
2018-12-25T12:39:44.073330818Z 44 PC: 12b1a | Get time (See above)
2018-12-25T12:39:44.076060503Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T12:39:44.078705742Z 87 PC: 12b36 | Get or set file date and time (See above)
2018-12-25T12:39:44.080030601Z 62 PC: 12b3a | Close file (See above)
2018-12-25T12:39:44.087370734Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.096803274Z 79 PC: 12aaa | Find next file (See above)
2018-12-25T12:39:44.099252962Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.111294676Z 63 PC: 12ac5 | Read file or device (See above)
2018-12-25T12:39:44.117379418Z 62 PC: 12ac9 | Close file (See above)
2018-12-25T12:39:44.119149164Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.124614793Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.12909394Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:39:44.131674043Z 66 PC: 12b4d | Move file pointer (See above)
2018-12-25T12:39:44.134516483Z 44 PC: 12b1a | Get time (See above)
2018-12-25T12:39:44.136778498Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T12:39:44.145866Z 87 PC: 12b36 | Get or set file date and time (See above)
2018-12-25T12:39:44.14758793Z 62 PC: 12b3a | Close file (See above)
2018-12-25T12:39:44.149516916Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.15369947Z 79 PC: 12aaa | Find next file (See above)
2018-12-25T12:39:44.156833105Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.163201992Z 63 PC: 12ac5 | Read file or device (See above)
2018-12-25T12:39:44.16996224Z 62 PC: 12ac9 | Close file (See above)
2018-12-25T12:39:44.173835807Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.183783394Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.190533978Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:39:44.195357734Z 66 PC: 12b4d | Move file pointer (See above)
2018-12-25T12:39:44.196750944Z 44 PC: 12b1a | Get time (See above)
2018-12-25T12:39:44.199129942Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T12:39:44.208103088Z 87 PC: 12b36 | Get or set file date and time (See above)
2018-12-25T12:39:44.209781604Z 62 PC: 12b3a | Close file (See above)
2018-12-25T12:39:44.214917123Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.221424062Z 79 PC: 12aaa | Find next file (See above)
2018-12-25T12:39:44.223159249Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.227228344Z 63 PC: 12ac5 | Read file or device (See above)
2018-12-25T12:39:44.231525979Z 62 PC: 12ac9 | Close file (See above)
2018-12-25T12:39:44.233105713Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.241364568Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.246117667Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:39:44.251266972Z 66 PC: 12b4d | Move file pointer (See above)
2018-12-25T12:39:44.252403257Z 44 PC: 12b1a | Get time (See above)
2018-12-25T12:39:44.254610545Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T12:39:44.25653643Z 87 PC: 12b36 | Get or set file date and time (See above)
2018-12-25T12:39:44.257834049Z 62 PC: 12b3a | Close file (See above)
2018-12-25T12:39:44.263811023Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.271044639Z 79 PC: 12aaa | Find next file (See above)
2018-12-25T12:39:44.272931039Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.27810632Z 63 PC: 12ac5 | Read file or device (See above)
2018-12-25T12:39:44.284689663Z 62 PC: 12ac9 | Close file (See above)
2018-12-25T12:39:44.28633254Z 79 PC: 12aaa | Find next file (See above)
2018-12-25T12:39:44.288836409Z 9 PC: 12a90 | Display string (String= 'Birgit [IVP] ')
2018-12-25T12:39:44.295351177Z 37 PC: 12a9a | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:39:44.296368281Z 26 PC: 12b52 | Set disk transfer address (See above)

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":14021,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:39:43.872697264Z 26 PC: 12b52 | Set disk transfer address
2018-12-25T12:39:43.87445289Z 53 PC: 12a6d | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:39:43.876322869Z 37 PC: 12a7f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:39:43.877988528Z 78 PC: 12aaa | Find first file
2018-12-25T12:39:43.884929063Z 61 PC: 12b5b | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:39:43.892595883Z 63 PC: 12ac5 | Read file or device (Read 26 bytes on handle 5)
2018-12-25T12:39:43.899458276Z 62 PC: 12ac9 | Close file
2018-12-25T12:39:43.901353847Z 67 PC: 12b66 | Get or set file attributes
2018-12-25T12:39:43.920211708Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:43.928165446Z 64 PC: 12b0f | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:39:43.931094825Z 66 PC: 12b4d | Move file pointer
2018-12-25T12:39:43.933175483Z 44 PC: 12b1a | Get time 0x12b1a: cmp dh, 0
0x12b1d: je 0x12b16
0x12b1f: mov byte ptr cs:[bp + 0x28e], dh
0x12b24: call 0x12b85
0x12b27: mov ax, 0x5701
0x12b2a: mov cx, word ptr cs:[bp + 0x2c1]
0x12b2f: mov dx, word ptr cs:[bp + 0x2c3]
0x12b34: int 0x21
0x12b36: mov ah, 0x3e
0x12b38: int 0x21
0x12b3a: xor cx, cx
0x12b3c: mov cl, byte ptr cs:[bp + 0x2c0]
0x12b41: call 0x12b5d
0x12b44: ret
0x12b45: mov ah, 0x42
0x12b47: xor cx, cx
0x12b49: xor dx, dx
0x12b4b: int 0x21
0x12b4d: ret
0x12b4e: mov ah, 0x1a
2018-12-25T12:39:43.935858073Z 64 PC: 12be2 | Write file or device (Write 396 bytes on handle 5)
2018-12-25T12:39:43.945000432Z 87 PC: 12b36 | Get or set file date and time
2018-12-25T12:39:43.947336466Z 62 PC: 12b3a | Close file
2018-12-25T12:39:43.955669802Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:43.966333761Z 79 PC: 12aaa | Find next file (See above)
2018-12-25T12:39:43.969856099Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:43.977190269Z 63 PC: 12ac5 | Read file or device (See above)
2018-12-25T12:39:43.984206906Z 62 PC: 12ac9 | Close file (See above)
2018-12-25T12:39:43.987447843Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:43.998509112Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.005866046Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:39:44.008917754Z 66 PC: 12b4d | Move file pointer (See above)
2018-12-25T12:39:44.010526079Z 44 PC: 12b1a | Get time (See above)
2018-12-25T12:39:44.013251362Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T12:39:44.016476829Z 87 PC: 12b36 | Get or set file date and time (See above)
2018-12-25T12:39:44.019247109Z 62 PC: 12b3a | Close file (See above)
2018-12-25T12:39:44.027482279Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.038251644Z 79 PC: 12aaa | Find next file (See above)
2018-12-25T12:39:44.04150397Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.049098053Z 63 PC: 12ac5 | Read file or device (See above)
2018-12-25T12:39:44.055816355Z 62 PC: 12ac9 | Close file (See above)
2018-12-25T12:39:44.058415522Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.068900181Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.075889846Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:39:44.07976539Z 66 PC: 12b4d | Move file pointer (See above)
2018-12-25T12:39:44.081341418Z 44 PC: 12b1a | Get time (See above)
2018-12-25T12:39:44.084061128Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T12:39:44.088053331Z 87 PC: 12b36 | Get or set file date and time (See above)
2018-12-25T12:39:44.089731206Z 62 PC: 12b3a | Close file (See above)
2018-12-25T12:39:44.097546744Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.107785314Z 79 PC: 12aaa | Find next file (See above)
2018-12-25T12:39:44.110720688Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.118273659Z 63 PC: 12ac5 | Read file or device (See above)
2018-12-25T12:39:44.124799748Z 62 PC: 12ac9 | Close file (See above)
2018-12-25T12:39:44.126932387Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.137461949Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.144440732Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:39:44.147820955Z 66 PC: 12b4d | Move file pointer (See above)
2018-12-25T12:39:44.149253112Z 44 PC: 12b1a | Get time (See above)
2018-12-25T12:39:44.151604239Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T12:39:44.155277989Z 87 PC: 12b36 | Get or set file date and time (See above)
2018-12-25T12:39:44.156806659Z 62 PC: 12b3a | Close file (See above)
2018-12-25T12:39:44.164587907Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.176468354Z 79 PC: 12aaa | Find next file (See above)
2018-12-25T12:39:44.181134626Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.189161805Z 63 PC: 12ac5 | Read file or device (See above)
2018-12-25T12:39:44.196628579Z 62 PC: 12ac9 | Close file (See above)
2018-12-25T12:39:44.199329466Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.203894799Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.208672003Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:39:44.212192742Z 66 PC: 12b4d | Move file pointer (See above)
2018-12-25T12:39:44.21410485Z 44 PC: 12b1a | Get time (See above)
2018-12-25T12:39:44.216758812Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T12:39:44.229405564Z 87 PC: 12b36 | Get or set file date and time (See above)
2018-12-25T12:39:44.230487205Z 62 PC: 12b3a | Close file (See above)
2018-12-25T12:39:44.232298804Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.237850121Z 79 PC: 12aaa | Find next file (See above)
2018-12-25T12:39:44.239670342Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.24432107Z 63 PC: 12ac5 | Read file or device (See above)
2018-12-25T12:39:44.249112017Z 62 PC: 12ac9 | Close file (See above)
2018-12-25T12:39:44.251043043Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.262648022Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.270059586Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:39:44.273034046Z 66 PC: 12b4d | Move file pointer (See above)
2018-12-25T12:39:44.274459097Z 44 PC: 12b1a | Get time (See above)
2018-12-25T12:39:44.276951753Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T12:39:44.286187536Z 87 PC: 12b36 | Get or set file date and time (See above)
2018-12-25T12:39:44.287724311Z 62 PC: 12b3a | Close file (See above)
2018-12-25T12:39:44.295931392Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.307063329Z 79 PC: 12aaa | Find next file (See above)
2018-12-25T12:39:44.309902014Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.31726936Z 63 PC: 12ac5 | Read file or device (See above)
2018-12-25T12:39:44.324726185Z 62 PC: 12ac9 | Close file (See above)
2018-12-25T12:39:44.32687358Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.337917459Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.345871534Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:39:44.348860718Z 66 PC: 12b4d | Move file pointer (See above)
2018-12-25T12:39:44.350372436Z 44 PC: 12b1a | Get time (See above)
2018-12-25T12:39:44.353643522Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T12:39:44.357157238Z 87 PC: 12b36 | Get or set file date and time (See above)
2018-12-25T12:39:44.359129793Z 62 PC: 12b3a | Close file (See above)
2018-12-25T12:39:44.366393519Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.375038312Z 79 PC: 12aaa | Find next file (See above)
2018-12-25T12:39:44.377065055Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.382007065Z 63 PC: 12ac5 | Read file or device (See above)
2018-12-25T12:39:44.389580284Z 62 PC: 12ac9 | Close file (See above)
2018-12-25T12:39:44.392108348Z 79 PC: 12aaa | Find next file (See above)
2018-12-25T12:39:44.396272674Z 9 PC: 12a90 | Display string (String= 'Birgit [IVP] ')
2018-12-25T12:39:44.403862527Z 37 PC: 12a9a | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:39:44.405549692Z 26 PC: 12b52 | Set disk transfer address (See above)

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":1,"TimeBased":true,"OriginalID":14021,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:39:44.5481681Z 26 PC: 12b52 | Set disk transfer address
2018-12-25T12:39:44.550395675Z 53 PC: 12a6d | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:39:44.552447572Z 37 PC: 12a7f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:39:44.553591633Z 78 PC: 12aaa | Find first file
2018-12-25T12:39:44.56011101Z 61 PC: 12b5b | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:39:44.567320936Z 63 PC: 12ac5 | Read file or device (Read 26 bytes on handle 5)
2018-12-25T12:39:44.574465937Z 62 PC: 12ac9 | Close file
2018-12-25T12:39:44.576293372Z 67 PC: 12b66 | Get or set file attributes
2018-12-25T12:39:44.593866436Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.600926728Z 64 PC: 12b0f | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:39:44.603686041Z 66 PC: 12b4d | Move file pointer
2018-12-25T12:39:44.605753939Z 44 PC: 12b1a | Get time 0x12b1a: cmp dh, 0
0x12b1d: je 0x12b16
0x12b1f: mov byte ptr cs:[bp + 0x28e], dh
0x12b24: call 0x12b85
0x12b27: mov ax, 0x5701
0x12b2a: mov cx, word ptr cs:[bp + 0x2c1]
0x12b2f: mov dx, word ptr cs:[bp + 0x2c3]
0x12b34: int 0x21
0x12b36: mov ah, 0x3e
0x12b38: int 0x21
0x12b3a: xor cx, cx
0x12b3c: mov cl, byte ptr cs:[bp + 0x2c0]
0x12b41: call 0x12b5d
0x12b44: ret
0x12b45: mov ah, 0x42
0x12b47: xor cx, cx
0x12b49: xor dx, dx
0x12b4b: int 0x21
0x12b4d: ret
0x12b4e: mov ah, 0x1a
2018-12-25T12:39:44.608493382Z 64 PC: 12be2 | Write file or device (Write 396 bytes on handle 5)
2018-12-25T12:39:44.617685003Z 87 PC: 12b36 | Get or set file date and time
2018-12-25T12:39:44.620377832Z 62 PC: 12b3a | Close file
2018-12-25T12:39:44.640276556Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.651777704Z 79 PC: 12aaa | Find next file (See above)
2018-12-25T12:39:44.655552695Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.66270005Z 63 PC: 12ac5 | Read file or device (See above)
2018-12-25T12:39:44.670016879Z 62 PC: 12ac9 | Close file (See above)
2018-12-25T12:39:44.673334361Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.684719857Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.692163521Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:39:44.696054779Z 66 PC: 12b4d | Move file pointer (See above)
2018-12-25T12:39:44.698771554Z 44 PC: 12b1a | Get time (See above)
2018-12-25T12:39:44.701640475Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T12:39:44.705024033Z 87 PC: 12b36 | Get or set file date and time (See above)
2018-12-25T12:39:44.707365029Z 62 PC: 12b3a | Close file (See above)
2018-12-25T12:39:44.714823414Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.721134033Z 79 PC: 12aaa | Find next file (See above)
2018-12-25T12:39:44.723915072Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.728350628Z 63 PC: 12ac5 | Read file or device (See above)
2018-12-25T12:39:44.732659386Z 62 PC: 12ac9 | Close file (See above)
2018-12-25T12:39:44.734708763Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.743684423Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.757025948Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:39:44.765601613Z 66 PC: 12b4d | Move file pointer (See above)
2018-12-25T12:39:44.768049985Z 44 PC: 12b1a | Get time (See above)
2018-12-25T12:39:44.771149674Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T12:39:44.775034107Z 87 PC: 12b36 | Get or set file date and time (See above)
2018-12-25T12:39:44.785792959Z 62 PC: 12b3a | Close file (See above)
2018-12-25T12:39:44.794322137Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.80534802Z 79 PC: 12aaa | Find next file (See above)
2018-12-25T12:39:44.809273776Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.816649868Z 63 PC: 12ac5 | Read file or device (See above)
2018-12-25T12:39:44.824196722Z 62 PC: 12ac9 | Close file (See above)
2018-12-25T12:39:44.826729104Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.837711458Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.844917953Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:39:44.848729946Z 66 PC: 12b4d | Move file pointer (See above)
2018-12-25T12:39:44.850158852Z 44 PC: 12b1a | Get time (See above)
2018-12-25T12:39:44.852770991Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T12:39:44.856597269Z 87 PC: 12b36 | Get or set file date and time (See above)
2018-12-25T12:39:44.858351582Z 62 PC: 12b3a | Close file (See above)
2018-12-25T12:39:44.866944682Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.879576604Z 79 PC: 12aaa | Find next file (See above)
2018-12-25T12:39:44.882980985Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.895838415Z 63 PC: 12ac5 | Read file or device (See above)
2018-12-25T12:39:44.902401774Z 62 PC: 12ac9 | Close file (See above)
2018-12-25T12:39:44.904447983Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.909039381Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.913821403Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:39:44.917252393Z 66 PC: 12b4d | Move file pointer (See above)
2018-12-25T12:39:44.918553059Z 44 PC: 12b1a | Get time (See above)
2018-12-25T12:39:44.920930913Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T12:39:44.931707077Z 87 PC: 12b36 | Get or set file date and time (See above)
2018-12-25T12:39:44.933356604Z 62 PC: 12b3a | Close file (See above)
2018-12-25T12:39:44.935271796Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.940595247Z 79 PC: 12aaa | Find next file (See above)
2018-12-25T12:39:44.943750715Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.951766503Z 63 PC: 12ac5 | Read file or device (See above)
2018-12-25T12:39:44.960676182Z 62 PC: 12ac9 | Close file (See above)
2018-12-25T12:39:44.962710165Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:44.973103676Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:44.980942963Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:39:44.9842506Z 66 PC: 12b4d | Move file pointer (See above)
2018-12-25T12:39:44.985829485Z 44 PC: 12b1a | Get time (See above)
2018-12-25T12:39:44.989038717Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T12:39:44.997763621Z 87 PC: 12b36 | Get or set file date and time (See above)
2018-12-25T12:39:44.999412352Z 62 PC: 12b3a | Close file (See above)
2018-12-25T12:39:45.009087706Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:45.021045Z 79 PC: 12aaa | Find next file (See above)
2018-12-25T12:39:45.023840909Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:45.030980436Z 63 PC: 12ac5 | Read file or device (See above)
2018-12-25T12:39:45.038054241Z 62 PC: 12ac9 | Close file (See above)
2018-12-25T12:39:45.03983626Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:45.050668552Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:45.058579575Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:39:45.061861666Z 66 PC: 12b4d | Move file pointer (See above)
2018-12-25T12:39:45.063395912Z 44 PC: 12b1a | Get time (See above)
2018-12-25T12:39:45.074176751Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T12:39:45.077741316Z 87 PC: 12b36 | Get or set file date and time (See above)
2018-12-25T12:39:45.079467915Z 62 PC: 12b3a | Close file (See above)
2018-12-25T12:39:45.088661344Z 67 PC: 12b66 | Get or set file attributes (See above)
2018-12-25T12:39:45.097064205Z 79 PC: 12aaa | Find next file (See above)
2018-12-25T12:39:45.098924252Z 61 PC: 12b5b | Open file (See above)
2018-12-25T12:39:45.103851974Z 63 PC: 12ac5 | Read file or device (See above)
2018-12-25T12:39:45.108027017Z 62 PC: 12ac9 | Close file (See above)
2018-12-25T12:39:45.109296635Z 79 PC: 12aaa | Find next file (See above)
2018-12-25T12:39:45.1110794Z 9 PC: 12a90 | Display string (String= 'Birgit [IVP] ')
2018-12-25T12:39:45.115260407Z 37 PC: 12a9a | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:39:45.117086076Z 26 PC: 12b52 | Set disk transfer address (See above)