{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":14498,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:40:46.992109451Z | 71 | PC: 12a9e | Get current directory |
| 2018-12-25T12:40:46.995741848Z | 26 | PC: 12aaf | Set disk transfer address |
| 2018-12-25T12:40:46.99843252Z | 78 | PC: 12abb | Find first file |
| 2018-12-25T12:40:47.006014832Z | 67 | PC: 12db1 | Get or set file attributes |
| 2018-12-25T12:40:47.0227287Z | 61 | PC: 12d20 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:40:47.032514051Z | 63 | PC: 12d36 | Read file or device (Read 28 bytes on handle 5) |
| 2018-12-25T12:40:47.044131962Z | 62 | PC: 12d61 | Close file |
| 2018-12-25T12:40:47.046274008Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.060829396Z | 79 | PC: 12acc | Find next file |
| 2018-12-25T12:40:47.064698403Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.075937041Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:47.084450857Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:47.092555836Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:47.095002119Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.106505556Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:47.110519815Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.122158653Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:47.130061256Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:47.138176998Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:47.140848667Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.152111517Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:47.155397327Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.167165297Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:47.174735274Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:47.18258039Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:47.185441577Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.197415711Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:47.200844001Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.213272882Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:47.22166143Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:47.229178134Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:47.232793767Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.244816153Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:47.24861941Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.260620997Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:47.268196463Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:47.272714511Z | 44 | PC: 12d12 | Get time 0x12d12: mov byte ptr [bp + 0x127], cl 0x12d16: ret 0x12d17: mov ax, 0x3d02 0x12d1a: lea dx, word ptr [bp + 0x717] 0x12d1e: int 0x21 0x12d20: jae 0x12d25 0x12d22: jmp 0x12d5d 0x12d24: nop 0x12d25: mov word ptr [bp + 0x6f7], ax 0x12d29: xchg ax, bx 0x12d2a: mov cx, 0x1c 0x12d2d: mov ax, 0x3f00 0x12d30: lea dx, word ptr [bp + 0x769] 0x12d34: int 0x21 0x12d36: jae 0x12d3b 0x12d38: jmp 0x12d5d 0x12d3a: nop 0x12d3b: cmp byte ptr [bp + 0x781], 0x40 0x12d40: je 0x12d52 0x12d42: cmp word ptr [bp + 0x76c], 0x6565 |
| 2018-12-25T12:40:47.274693828Z | 66 | PC: 12b01 | Move file pointer |
| 2018-12-25T12:40:47.276047051Z | 64 | PC: 12dd5 | Write file or device (Write 49 bytes on handle 5) |
| 2018-12-25T12:40:47.281429646Z | 64 | PC: 12dd5 | Write file or device (See above) |
| 2018-12-25T12:40:47.28718805Z | 66 | PC: 12de1 | Move file pointer |
| 2018-12-25T12:40:47.288642153Z | 64 | PC: 12dd5 | Write file or device (See above) |
| 2018-12-25T12:40:47.293005125Z | 87 | PC: 12dc7 | Get or set file date and time |
| 2018-12-25T12:40:47.294053094Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:47.30021923Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.306832938Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:47.310593365Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.322519567Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:47.330265299Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:47.337739238Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:47.341184444Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.353013521Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:47.35669242Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.368898726Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:47.377549105Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:47.385312322Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:47.387849502Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.400386131Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:47.403580556Z | 78 | PC: 12b47 | Find first file |
| 2018-12-25T12:40:47.410528737Z | 59 | PC: 12cb5 | Change current directory |
| 2018-12-25T12:40:47.41654477Z | 78 | PC: 12cc5 | Find first file |
| 2018-12-25T12:40:47.423591706Z | 59 | PC: 12cfd | Change current directory |
| 2018-12-25T12:40:47.436757569Z | 78 | PC: 12abb | Find first file (See above) |
| 2018-12-25T12:40:47.444863618Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.456405413Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:47.464318623Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:47.472415388Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:47.474577976Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.486234952Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:47.489921465Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.501551725Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:47.509307331Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:47.516881491Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:47.519664686Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.534303958Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:47.53772901Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.548938459Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:47.55629202Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:47.563917961Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:47.566654774Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.578417927Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:47.58181472Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.593459846Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:47.601560416Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:47.608964978Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:47.612033392Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.624108203Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:47.626958994Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.63855804Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:47.646720411Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:47.654334514Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:47.656634493Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.669638734Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:47.673017842Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.68419752Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:47.692928589Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:47.701273823Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:47.703659978Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.716196738Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:47.719860842Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.730787123Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:47.738795401Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:47.746845165Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:47.749060812Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.76129804Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:47.765581894Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.776684095Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:47.784762711Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:47.793213564Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:47.795323404Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.806385687Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:47.8103009Z | 78 | PC: 12b47 | Find first file (See above) |
| 2018-12-25T12:40:47.816633997Z | 59 | PC: 12cb5 | Change current directory (See above) |
| 2018-12-25T12:40:47.826735574Z | 78 | PC: 12cc5 | Find first file (See above) |
| 2018-12-25T12:40:47.836840791Z | 79 | PC: 12cde | Find next file |
| 2018-12-25T12:40:47.841501361Z | 79 | PC: 12cde | Find next file (See above) |
| 2018-12-25T12:40:47.844694554Z | 79 | PC: 12cde | Find next file (See above) |
| 2018-12-25T12:40:47.847854666Z | 79 | PC: 12cde | Find next file (See above) |
| 2018-12-25T12:40:47.851993185Z | 79 | PC: 12cde | Find next file (See above) |
| 2018-12-25T12:40:47.855182734Z | 79 | PC: 12cde | Find next file (See above) |
| 2018-12-25T12:40:47.858294003Z | 79 | PC: 12cde | Find next file (See above) |
| 2018-12-25T12:40:47.862395006Z | 79 | PC: 12cde | Find next file (See above) |
| 2018-12-25T12:40:47.865971746Z | 79 | PC: 12cde | Find next file (See above) |
| 2018-12-25T12:40:47.868721629Z | 44 | PC: 12c34 | Get time 0x12c34: cmp cl, 0x1e 0x12c37: jne 0x12c41 0x12c39: cmp dh, 0x1e 0x12c3c: ja 0x12c41 0x12c3e: jmp 0x12de2 0x12c41: push ax 0x12c42: push bp 0x12c43: mov bp, sp 0x12c45: mov word ptr [bp + 2], 0x1a00 0x12c4a: pop bp 0x12c4b: pop ax 0x12c4c: mov dx, 0x80 0x12c4f: int 0x21 0x12c51: lea dx, word ptr [bp + 0x729] 0x12c55: mov ax, 0x3b00 0x12c58: int 0x21 0x12c5a: cmp byte ptr cs:[0], 0xcd 0x12c60: je 0x12c91 0x12c62: pop ds 0x12c63: push ds |
| 2018-12-25T12:40:47.871656111Z | 26 | PC: 12c51 | Set disk transfer address |
| 2018-12-25T12:40:47.872978765Z | 59 | PC: 12c5a | Change current directory |
| 2018-12-25T12:40:47.875024335Z | 76 | PC: 12a4f | Terminate with return code (Return code = '0') |
{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":30,"Second":0,"TimeBased":true,"OriginalID":14498,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:40:47.451894424Z | 71 | PC: 12a9e | Get current directory |
| 2018-12-25T12:40:47.454458241Z | 26 | PC: 12aaf | Set disk transfer address |
| 2018-12-25T12:40:47.455345909Z | 78 | PC: 12abb | Find first file |
| 2018-12-25T12:40:47.459087895Z | 67 | PC: 12db1 | Get or set file attributes |
| 2018-12-25T12:40:47.471084776Z | 61 | PC: 12d20 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:40:47.475324369Z | 63 | PC: 12d36 | Read file or device (Read 28 bytes on handle 5) |
| 2018-12-25T12:40:47.479268961Z | 62 | PC: 12d61 | Close file |
| 2018-12-25T12:40:47.480440771Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.488680263Z | 79 | PC: 12acc | Find next file |
| 2018-12-25T12:40:47.494947159Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.534840779Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:47.54235751Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:47.548897693Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:47.550989372Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.561552505Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:47.563418892Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.570020363Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:47.575245722Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:47.58045893Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:47.582015931Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.603250247Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:47.605869607Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.612467007Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:47.617559854Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:47.621603801Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:47.623675162Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.63226379Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:47.634509774Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.642082956Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:47.647376252Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:47.652805833Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:47.65421158Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.662340739Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:47.664853989Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.671735116Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:47.676154581Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:47.680729272Z | 44 | PC: 12d12 | Get time 0x12d12: mov byte ptr [bp + 0x127], cl 0x12d16: ret 0x12d17: mov ax, 0x3d02 0x12d1a: lea dx, word ptr [bp + 0x717] 0x12d1e: int 0x21 0x12d20: jae 0x12d25 0x12d22: jmp 0x12d5d 0x12d24: nop 0x12d25: mov word ptr [bp + 0x6f7], ax 0x12d29: xchg ax, bx 0x12d2a: mov cx, 0x1c 0x12d2d: mov ax, 0x3f00 0x12d30: lea dx, word ptr [bp + 0x769] 0x12d34: int 0x21 0x12d36: jae 0x12d3b 0x12d38: jmp 0x12d5d 0x12d3a: nop 0x12d3b: cmp byte ptr [bp + 0x781], 0x40 0x12d40: je 0x12d52 0x12d42: cmp word ptr [bp + 0x76c], 0x6565 |
| 2018-12-25T12:40:47.682441285Z | 66 | PC: 12b01 | Move file pointer |
| 2018-12-25T12:40:47.683656151Z | 64 | PC: 12dd5 | Write file or device (Write 49 bytes on handle 5) |
| 2018-12-25T12:40:47.689287474Z | 64 | PC: 12dd5 | Write file or device (See above) |
| 2018-12-25T12:40:47.695085922Z | 66 | PC: 12de1 | Move file pointer |
| 2018-12-25T12:40:47.696271826Z | 64 | PC: 12dd5 | Write file or device (See above) |
| 2018-12-25T12:40:47.70125712Z | 87 | PC: 12dc7 | Get or set file date and time |
| 2018-12-25T12:40:47.703030418Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:47.710868661Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.721156295Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:47.724246127Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.734288447Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:47.742518054Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:47.74915561Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:47.751087631Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.762075857Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:47.765367486Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.775138358Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:47.782280417Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:47.788587682Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:47.790332082Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.800983191Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:47.803573589Z | 78 | PC: 12b47 | Find first file |
| 2018-12-25T12:40:47.80986688Z | 59 | PC: 12cb5 | Change current directory |
| 2018-12-25T12:40:47.81485686Z | 78 | PC: 12cc5 | Find first file |
| 2018-12-25T12:40:47.825683743Z | 59 | PC: 12cfd | Change current directory |
| 2018-12-25T12:40:47.836420869Z | 78 | PC: 12abb | Find first file (See above) |
| 2018-12-25T12:40:47.843269066Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.853052208Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:47.859535103Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:47.8666853Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:47.868556526Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.87891813Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:47.882147768Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.895520282Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:47.902384726Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:47.908999204Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:47.911349201Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.921260725Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:47.923992842Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.934267099Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:47.940981174Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:47.947371084Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:47.949861899Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.962308374Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:47.964884594Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.974980185Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:47.981458079Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:47.987677737Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:47.990175503Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:47.999928204Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:48.002542341Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:48.013302289Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:48.038150848Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:48.044373888Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:48.047496837Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:48.057832596Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:48.06074872Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:48.071294058Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:48.079322864Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:48.085803546Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:48.088571626Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:48.09857628Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:48.101562574Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:48.112183942Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:48.119167637Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:48.125720382Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:48.128347576Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:48.1387222Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:48.141333269Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:48.151983649Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:48.159141251Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:48.165791405Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:48.168525224Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:48.178685356Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:48.181345825Z | 78 | PC: 12b47 | Find first file (See above) |
| 2018-12-25T12:40:48.187904337Z | 59 | PC: 12cb5 | Change current directory (See above) |
| 2018-12-25T12:40:48.192263687Z | 78 | PC: 12cc5 | Find first file (See above) |
| 2018-12-25T12:40:48.203090946Z | 79 | PC: 12cde | Find next file |
| 2018-12-25T12:40:48.207016187Z | 79 | PC: 12cde | Find next file (See above) |
| 2018-12-25T12:40:48.210554259Z | 79 | PC: 12cde | Find next file (See above) |
| 2018-12-25T12:40:48.21383268Z | 79 | PC: 12cde | Find next file (See above) |
| 2018-12-25T12:40:48.217366818Z | 79 | PC: 12cde | Find next file (See above) |
| 2018-12-25T12:40:48.220269637Z | 79 | PC: 12cde | Find next file (See above) |
| 2018-12-25T12:40:48.223018554Z | 79 | PC: 12cde | Find next file (See above) |
| 2018-12-25T12:40:48.225944548Z | 79 | PC: 12cde | Find next file (See above) |
| 2018-12-25T12:40:48.229321393Z | 79 | PC: 12cde | Find next file (See above) |
| 2018-12-25T12:40:48.231780377Z | 44 | PC: 12c34 | Get time 0x12c34: cmp cl, 0x1e 0x12c37: jne 0x12c41 0x12c39: cmp dh, 0x1e 0x12c3c: ja 0x12c41 0x12c3e: jmp 0x12de2 0x12c41: push ax 0x12c42: push bp 0x12c43: mov bp, sp 0x12c45: mov word ptr [bp + 2], 0x1a00 0x12c4a: pop bp 0x12c4b: pop ax 0x12c4c: mov dx, 0x80 0x12c4f: int 0x21 0x12c51: lea dx, word ptr [bp + 0x729] 0x12c55: mov ax, 0x3b00 0x12c58: int 0x21 0x12c5a: cmp byte ptr cs:[0], 0xcd 0x12c60: je 0x12c91 0x12c62: pop ds 0x12c63: push ds |
{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":30,"Second":31,"TimeBased":true,"OriginalID":14498,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:40:48.179873764Z | 71 | PC: 12a9e | Get current directory |
| 2018-12-25T12:40:48.182831484Z | 26 | PC: 12aaf | Set disk transfer address |
| 2018-12-25T12:40:48.183561593Z | 78 | PC: 12abb | Find first file |
| 2018-12-25T12:40:48.18766464Z | 67 | PC: 12db1 | Get or set file attributes |
| 2018-12-25T12:40:48.199803179Z | 61 | PC: 12d20 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:40:48.206390175Z | 63 | PC: 12d36 | Read file or device (Read 28 bytes on handle 5) |
| 2018-12-25T12:40:48.21252636Z | 62 | PC: 12d61 | Close file |
| 2018-12-25T12:40:48.214635402Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:48.235234745Z | 79 | PC: 12acc | Find next file |
| 2018-12-25T12:40:48.238142306Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:48.248834699Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:48.256143128Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:48.262794192Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:48.264755876Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:48.27531115Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:48.277944449Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:48.287366831Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:48.299228759Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:48.30578232Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:48.307432504Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:48.319069336Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:48.321953019Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:48.331942727Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:48.33909165Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:48.345459488Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:48.347538201Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:48.358646391Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:48.361243787Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:48.370985703Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:48.383443961Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:48.389634249Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:48.391745677Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:48.402307242Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:48.405183243Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:48.414795471Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:48.421443344Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:48.428211819Z | 44 | PC: 12d12 | Get time 0x12d12: mov byte ptr [bp + 0x127], cl 0x12d16: ret 0x12d17: mov ax, 0x3d02 0x12d1a: lea dx, word ptr [bp + 0x717] 0x12d1e: int 0x21 0x12d20: jae 0x12d25 0x12d22: jmp 0x12d5d 0x12d24: nop 0x12d25: mov word ptr [bp + 0x6f7], ax 0x12d29: xchg ax, bx 0x12d2a: mov cx, 0x1c 0x12d2d: mov ax, 0x3f00 0x12d30: lea dx, word ptr [bp + 0x769] 0x12d34: int 0x21 0x12d36: jae 0x12d3b 0x12d38: jmp 0x12d5d 0x12d3a: nop 0x12d3b: cmp byte ptr [bp + 0x781], 0x40 0x12d40: je 0x12d52 0x12d42: cmp word ptr [bp + 0x76c], 0x6565 |
| 2018-12-25T12:40:48.430259334Z | 66 | PC: 12b01 | Move file pointer |
| 2018-12-25T12:40:48.431794823Z | 64 | PC: 12dd5 | Write file or device (Write 49 bytes on handle 5) |
| 2018-12-25T12:40:48.440061843Z | 64 | PC: 12dd5 | Write file or device (See above) |
| 2018-12-25T12:40:48.448769924Z | 66 | PC: 12de1 | Move file pointer |
| 2018-12-25T12:40:48.450473314Z | 64 | PC: 12dd5 | Write file or device (See above) |
| 2018-12-25T12:40:48.457994351Z | 87 | PC: 12dc7 | Get or set file date and time |
| 2018-12-25T12:40:48.459677865Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:48.467562118Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:48.478130032Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:48.480998898Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:48.490703981Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:48.498034027Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:48.504538353Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:48.506523592Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:48.517337913Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:48.519928498Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:48.527422026Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:48.534650373Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:48.540936878Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:48.542619722Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:48.632418997Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:48.635071021Z | 78 | PC: 12b47 | Find first file |
| 2018-12-25T12:40:48.642607116Z | 59 | PC: 12cb5 | Change current directory |
| 2018-12-25T12:40:48.653253532Z | 78 | PC: 12cc5 | Find first file |
| 2018-12-25T12:40:48.662453937Z | 59 | PC: 12cfd | Change current directory |
| 2018-12-25T12:40:48.668321778Z | 78 | PC: 12abb | Find first file (See above) |
| 2018-12-25T12:40:48.674879334Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:48.850335737Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:48.861585974Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:48.866619925Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:48.867912545Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:48.885028431Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:48.888049473Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:48.900370989Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:48.906737703Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:48.913277651Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:48.914923063Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:48.92812188Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:48.930949778Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:48.9445317Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:48.955729511Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:48.962305824Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:48.963929159Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:48.982101681Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:48.985148533Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:49.002488093Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:49.007667769Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:49.013314152Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:49.014851255Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:49.032781963Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:49.035824493Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:49.058469327Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:49.064651835Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:49.072813629Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:49.074344948Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:49.0937151Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:49.096629436Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:49.119392766Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:49.12569861Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:49.133006655Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:49.134709774Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:49.601802058Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:49.605047487Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:50.603974229Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:50.609660221Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:50.735102194Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:50.738175079Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:51.042141204Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:51.044195987Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:51.151730758Z | 61 | PC: 12d20 | Open file (See above) |
| 2018-12-25T12:40:51.159525779Z | 63 | PC: 12d36 | Read file or device (See above) |
| 2018-12-25T12:40:51.16650027Z | 62 | PC: 12d61 | Close file (See above) |
| 2018-12-25T12:40:51.169849604Z | 67 | PC: 12db1 | Get or set file attributes (See above) |
| 2018-12-25T12:40:51.183121209Z | 79 | PC: 12acc | Find next file (See above) |
| 2018-12-25T12:40:51.185460074Z | 78 | PC: 12b47 | Find first file (See above) |
| 2018-12-25T12:40:51.192335157Z | 59 | PC: 12cb5 | Change current directory (See above) |
| 2018-12-25T12:40:51.196850224Z | 78 | PC: 12cc5 | Find first file (See above) |
| 2018-12-25T12:40:51.202931208Z | 79 | PC: 12cde | Find next file |
| 2018-12-25T12:40:51.206756657Z | 79 | PC: 12cde | Find next file (See above) |
| 2018-12-25T12:40:51.208463793Z | 79 | PC: 12cde | Find next file (See above) |
| 2018-12-25T12:40:51.210340562Z | 79 | PC: 12cde | Find next file (See above) |
| 2018-12-25T12:40:51.213610209Z | 79 | PC: 12cde | Find next file (See above) |
| 2018-12-25T12:40:51.215962264Z | 79 | PC: 12cde | Find next file (See above) |
| 2018-12-25T12:40:51.218268508Z | 79 | PC: 12cde | Find next file (See above) |
| 2018-12-25T12:40:51.222000604Z | 79 | PC: 12cde | Find next file (See above) |
| 2018-12-25T12:40:51.22522415Z | 79 | PC: 12cde | Find next file (See above) |
| 2018-12-25T12:40:51.227646981Z | 44 | PC: 12c34 | Get time 0x12c34: cmp cl, 0x1e 0x12c37: jne 0x12c41 0x12c39: cmp dh, 0x1e 0x12c3c: ja 0x12c41 0x12c3e: jmp 0x12de2 0x12c41: push ax 0x12c42: push bp 0x12c43: mov bp, sp 0x12c45: mov word ptr [bp + 2], 0x1a00 0x12c4a: pop bp 0x12c4b: pop ax 0x12c4c: mov dx, 0x80 0x12c4f: int 0x21 0x12c51: lea dx, word ptr [bp + 0x729] 0x12c55: mov ax, 0x3b00 0x12c58: int 0x21 0x12c5a: cmp byte ptr cs:[0], 0xcd 0x12c60: je 0x12c91 0x12c62: pop ds 0x12c63: push ds |
| 2018-12-25T12:40:51.23079262Z | 26 | PC: 12c51 | Set disk transfer address |
| 2018-12-25T12:40:51.231882854Z | 59 | PC: 12c5a | Change current directory |
| 2018-12-25T12:40:51.233425267Z | 76 | PC: 12a4f | Terminate with return code (Return code = '0') |