Sample viewer

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":14525,"SideJobID":0}

.

GIF

Syscalls:

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":14525,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:40:52.900410554Z	26	PC: 12aa5 | Set disk transfer address
2018-12-25T12:40:52.901923042Z	78	PC: 12afb | Find first file
2018-12-25T12:40:52.907935361Z	61	PC: 12b07 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:40:52.914552719Z	63	PC: 12b16 | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:40:52.921723076Z	66	PC: 12b2d | Move file pointer
2018-12-25T12:40:52.92351353Z	64	PC: 12b41 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:40:52.926533952Z	64	PC: 12b4c | Write file or device (Write 739 bytes on handle 5)
2018-12-25T12:40:52.940430498Z	66	PC: 12b55 | Move file pointer
2018-12-25T12:40:52.941644575Z	64	PC: 12b73 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:40:52.945843485Z	62	PC: 12aef | Close file
2018-12-25T12:40:52.951486438Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:52.953758892Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:52.958183244Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:52.962429668Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:52.964150916Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:52.966641778Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:52.975623588Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:52.986942867Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:52.993325651Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.001847771Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.005361852Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.012109663Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.018738198Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.021463364Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.02456382Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.033258288Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.036042087Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.042491344Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.051206309Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.054231156Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.058713006Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.066311936Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.069132144Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.07191793Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.080202429Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.08229Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.088415902Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.09501292Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.097478162Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.116789144Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.125118399Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.1278734Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.131020936Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.139156757Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.140859976Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.148332415Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.156720565Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.159620024Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.167429032Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.173927105Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.175459867Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.179358314Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.188786108Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.190166895Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.197488421Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.205733269Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.208697861Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.216757526Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.223049107Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.224166475Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.22673259Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.232256567Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.233881774Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.241279608Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.249805678Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.252635061Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.259428512Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.263091517Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.265118846Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.26777634Z	42	PC: 12ba1 | Get date 0x12ba1: cmp dl, 4 0x12ba4: jne 0x12bb0 0x12ba6: cmp dh, 7 0x12ba9: jne 0x12bb0 0x12bab: xor ax, ax 0x12bad: jmp 0x12bce 0x12baf: nop 0x12bb0: mov ah, 0x2c 0x12bb2: int 0x21 0x12bb4: or cl, cl 0x12bb6: jne 0x12bdb 0x12bb8: cmp ch, 6 0x12bbb: jge 0x12bdb 0x12bbd: add cl, ch 0x12bbf: mov ax, cx 0x12bc1: cwde 0x12bc2: add al, dh 0x12bc4: adc al, dl 0x12bc6: adc ah, 0 0x12bc9: or ax, ax
2018-12-25T12:40:53.271205105Z	44	PC: 12bb4 | Get time 0x12bb4: or cl, cl 0x12bb6: jne 0x12bdb 0x12bb8: cmp ch, 6 0x12bbb: jge 0x12bdb 0x12bbd: add cl, ch 0x12bbf: mov ax, cx 0x12bc1: cwde 0x12bc2: add al, dh 0x12bc4: adc al, dl 0x12bc6: adc ah, 0 0x12bc9: or ax, ax 0x12bcb: jne 0x12bce 0x12bcd: inc ax 0x12bce: mov dx, ax 0x12bd0: mov cx, 1 0x12bd3: xor bx, bx 0x12bd5: mov ah, 0x19 0x12bd7: int 0x21 0x12bd9: int 0x26 0x12bdb: mov bx, 0x31a
2018-12-25T12:40:53.273629185Z	25	PC: 12bd9 | Get default drive

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":14525,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:40:52.701254362Z	26	PC: 12aa5 | Set disk transfer address
2018-12-25T12:40:52.702451491Z	78	PC: 12afb | Find first file
2018-12-25T12:40:52.718689968Z	61	PC: 12b07 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:40:52.725950146Z	63	PC: 12b16 | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:40:52.732980993Z	66	PC: 12b2d | Move file pointer
2018-12-25T12:40:52.73960721Z	64	PC: 12b41 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:40:52.742435951Z	64	PC: 12b4c | Write file or device (Write 739 bytes on handle 5)
2018-12-25T12:40:52.758854358Z	66	PC: 12b55 | Move file pointer
2018-12-25T12:40:52.761381125Z	64	PC: 12b73 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:40:52.768475245Z	62	PC: 12aef | Close file
2018-12-25T12:40:52.777301853Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:52.787922502Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:52.795215129Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:52.802453401Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:52.804797921Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:52.807761324Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:52.81665124Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:52.819283046Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:52.826706822Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:52.836000945Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:52.838833856Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:52.846132596Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:52.853734951Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:52.855168859Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:52.859410422Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:52.868338456Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:52.86996684Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:52.87799906Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:52.887466073Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:52.89106445Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:52.901100489Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:52.908394653Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:52.909921688Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:52.915829372Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:52.925059914Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:52.926607121Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:52.934650175Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:52.950341566Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:52.95367661Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:52.961743091Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:52.9687384Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:52.970181585Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:52.973333076Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:52.98691297Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:52.989479692Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:52.996803513Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.006822094Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.009977779Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.017622688Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.025676759Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.027820783Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.032157465Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.043379486Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.045568778Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.05316998Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.063487559Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.066584691Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.071368721Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.075760659Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.077328182Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.079381608Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.084668061Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.087307435Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.091726089Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.09772469Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.100239757Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.104723353Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.106849245Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.109379414Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.111271823Z	42	PC: 12ba1 | Get date 0x12ba1: cmp dl, 4 0x12ba4: jne 0x12bb0 0x12ba6: cmp dh, 7 0x12ba9: jne 0x12bb0 0x12bab: xor ax, ax 0x12bad: jmp 0x12bce 0x12baf: nop 0x12bb0: mov ah, 0x2c 0x12bb2: int 0x21 0x12bb4: or cl, cl 0x12bb6: jne 0x12bdb 0x12bb8: cmp ch, 6 0x12bbb: jge 0x12bdb 0x12bbd: add cl, ch 0x12bbf: mov ax, cx 0x12bc1: cwde 0x12bc2: add al, dh 0x12bc4: adc al, dl 0x12bc6: adc ah, 0 0x12bc9: or ax, ax
2018-12-25T12:40:53.113358086Z	44	PC: 12bb4 | Get time 0x12bb4: or cl, cl 0x12bb6: jne 0x12bdb 0x12bb8: cmp ch, 6 0x12bbb: jge 0x12bdb 0x12bbd: add cl, ch 0x12bbf: mov ax, cx 0x12bc1: cwde 0x12bc2: add al, dh 0x12bc4: adc al, dl 0x12bc6: adc ah, 0 0x12bc9: or ax, ax 0x12bcb: jne 0x12bce 0x12bcd: inc ax 0x12bce: mov dx, ax 0x12bd0: mov cx, 1 0x12bd3: xor bx, bx 0x12bd5: mov ah, 0x19 0x12bd7: int 0x21 0x12bd9: int 0x26 0x12bdb: mov bx, 0x31a
2018-12-25T12:40:53.115743203Z	25	PC: 12bd9 | Get default drive

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":14525,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:40:52.777898706Z	64	PC: 0 | Write file or device (Write 2 bytes on handle 1)
2018-12-25T12:40:52.784495251Z	41	PC: 94fae | Parse filename
2018-12-25T12:40:52.786644531Z	41	PC: 9502f | Parse filename
2018-12-25T12:40:52.789314254Z	41	PC: 9504c | Parse filename
2018-12-25T12:40:52.791329205Z	26	PC: 984f7 | Set disk transfer address
2018-12-25T12:40:52.797175709Z	71	PC: 986f3 | Get current directory
2018-12-25T12:40:52.80014183Z	78	PC: 986fe | Find first file
2018-12-25T12:40:52.8091136Z	71	PC: 986f3 | Get current directory (See above)
2018-12-25T12:40:52.811798287Z	78	PC: 986fe | Find first file (See above)
2018-12-25T12:40:52.818718242Z	64	PC: 9a848 | Write file or device (Write 26 bytes on handle 2)
2018-12-25T12:40:52.821951709Z	37	PC: 123c4 | Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-25T12:40:52.823539319Z	37	PC: 123cb | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-25T12:40:52.824341967Z	37	PC: 123d2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:40:52.82517428Z	62	PC: 122ab | Close file
2018-12-25T12:40:52.826506895Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:52.827495275Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:52.828432962Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:52.829697046Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:52.830715034Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:52.831659392Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:52.833050021Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:52.834021972Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:52.835160095Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:52.838150975Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:52.839203391Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:52.840194394Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:52.841759509Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:52.842834703Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:52.844489465Z	99	PC: 9a5d7 | Get DBCS lead byte table pointer
2018-12-25T12:40:52.84599182Z	56	PC: 94df9 | Get or set country info
2018-12-25T12:40:52.848080302Z	64	PC: 9a848 | Write file or device (See above)
2018-12-25T12:40:52.853782529Z	25	PC: 94e62 | Get default drive
2018-12-25T12:40:52.856514226Z	71	PC: 970dd | Get current directory
2018-12-25T12:40:52.869445715Z	64	PC: 9a848 | Write file or device (See above)
2018-12-25T12:40:52.872710352Z	2	PC: 970b2 | Character output (Char = '3e')
2018-12-25T12:40:52.874715348Z	93	PC: 94f20 | File sharing functions
2018-12-25T12:40:52.87782496Z	93	PC: 94f27 | File sharing functions
2018-12-25T12:40:52.879700682Z	10	PC: 94f39 | Buffered keyboard input
2018-12-25T12:41:07.824984974Z	0	PC: 0 | Program terminate (See above)
2018-12-25T12:41:09.182203879Z	0	PC: 0 | Program terminate (See above)
2018-12-25T12:41:09.283885962Z	64	PC: 9a848 | Write file or device (See above)
2018-12-25T12:41:09.289993723Z	41	PC: 94fae | Parse filename (See above)
2018-12-25T12:41:09.29159287Z	41	PC: 9502f | Parse filename (See above)
2018-12-25T12:41:09.29285684Z	41	PC: 9504c | Parse filename (See above)
2018-12-25T12:41:09.296670537Z	26	PC: 984f7 | Set disk transfer address (See above)
2018-12-25T12:41:09.298083112Z	71	PC: 986f3 | Get current directory (See above)
2018-12-25T12:41:09.306370506Z	78	PC: 986fe | Find first file (See above)
2018-12-25T12:41:09.316705299Z	71	PC: 9856c | Get current directory
2018-12-25T12:41:09.319676573Z	73	PC: 97c09 | Release memory
2018-12-25T12:41:09.320860829Z	75	PC: 11821 | Execute program
2018-12-25T12:41:09.334134394Z	9	PC: 12a47 | Display string (String= 'Hello, World! ')
2018-12-25T12:41:09.33783622Z	76	PC: 12a4b | Terminate with return code (Return code = '36')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":6,"Min":0,"Second":0,"TimeBased":true,"OriginalID":14525,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:40:52.773324524Z	64	PC: 0 | Write file or device (Write 2 bytes on handle 1)
2018-12-25T12:40:52.778302318Z	41	PC: 94fae | Parse filename
2018-12-25T12:40:52.781747295Z	41	PC: 9502f | Parse filename
2018-12-25T12:40:52.783081025Z	41	PC: 9504c | Parse filename
2018-12-25T12:40:52.786588459Z	26	PC: 984f7 | Set disk transfer address
2018-12-25T12:40:52.789046303Z	71	PC: 986f3 | Get current directory
2018-12-25T12:40:52.79178266Z	78	PC: 986fe | Find first file
2018-12-25T12:40:52.799492235Z	71	PC: 986f3 | Get current directory (See above)
2018-12-25T12:40:52.8029599Z	78	PC: 986fe | Find first file (See above)
2018-12-25T12:40:52.812354167Z	64	PC: 9a848 | Write file or device (Write 26 bytes on handle 2)
2018-12-25T12:40:52.816942323Z	37	PC: 123c4 | Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-25T12:40:52.818300338Z	37	PC: 123cb | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-25T12:40:52.819638785Z	37	PC: 123d2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:40:52.820714503Z	62	PC: 122ab | Close file
2018-12-25T12:40:52.822571795Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:52.823876935Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:52.825056847Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:52.826691117Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:52.827945492Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:52.829120379Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:52.830337921Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:52.831956441Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:52.833192692Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:52.834302317Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:52.835822287Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:52.837126622Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:52.838677761Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:52.841220838Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:52.842713291Z	99	PC: 9a5d7 | Get DBCS lead byte table pointer
2018-12-25T12:40:52.843880478Z	56	PC: 94df9 | Get or set country info
2018-12-25T12:40:52.84786121Z	64	PC: 9a848 | Write file or device (See above)
2018-12-25T12:40:52.85239534Z	25	PC: 94e62 | Get default drive
2018-12-25T12:40:52.853599411Z	71	PC: 970dd | Get current directory
2018-12-25T12:40:52.858293627Z	64	PC: 9a848 | Write file or device (See above)
2018-12-25T12:40:52.861044352Z	2	PC: 970b2 | Character output (Char = '3e')
2018-12-25T12:40:52.863069568Z	93	PC: 94f20 | File sharing functions
2018-12-25T12:40:52.865093475Z	93	PC: 94f27 | File sharing functions
2018-12-25T12:40:52.867566539Z	10	PC: 94f39 | Buffered keyboard input
2018-12-25T12:41:07.820797182Z	0	PC: 0 | Program terminate (See above)
2018-12-25T12:41:09.174032975Z	0	PC: 0 | Program terminate (See above)
2018-12-25T12:41:09.276024169Z	64	PC: 9a848 | Write file or device (See above)
2018-12-25T12:41:09.281888865Z	41	PC: 94fae | Parse filename (See above)
2018-12-25T12:41:09.283660016Z	41	PC: 9502f | Parse filename (See above)
2018-12-25T12:41:09.284982614Z	41	PC: 9504c | Parse filename (See above)
2018-12-25T12:41:09.288550485Z	26	PC: 984f7 | Set disk transfer address (See above)
2018-12-25T12:41:09.290419977Z	71	PC: 986f3 | Get current directory (See above)
2018-12-25T12:41:09.298210391Z	78	PC: 986fe | Find first file (See above)
2018-12-25T12:41:09.308452785Z	71	PC: 9856c | Get current directory
2018-12-25T12:41:09.310648824Z	73	PC: 97c09 | Release memory
2018-12-25T12:41:09.311744811Z	75	PC: 11821 | Execute program
2018-12-25T12:41:09.3206959Z	9	PC: 12a47 | Display string (String= 'Hello, World! ')
2018-12-25T12:41:09.324749631Z	76	PC: 12a4b | Terminate with return code (Return code = '36')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":6,"Min":0,"Second":0,"TimeBased":true,"OriginalID":14525,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:40:53.004221633Z	64	PC: 0 | Write file or device (Write 2 bytes on handle 1)
2018-12-25T12:40:53.011517465Z	41	PC: 94fae | Parse filename
2018-12-25T12:40:53.031365515Z	41	PC: 9502f | Parse filename
2018-12-25T12:40:53.033242492Z	41	PC: 9504c | Parse filename
2018-12-25T12:40:53.035807976Z	26	PC: 984f7 | Set disk transfer address
2018-12-25T12:40:53.038067858Z	71	PC: 986f3 | Get current directory
2018-12-25T12:40:53.041623378Z	78	PC: 986fe | Find first file
2018-12-25T12:40:53.052163925Z	71	PC: 986f3 | Get current directory (See above)
2018-12-25T12:40:53.06027172Z	78	PC: 986fe | Find first file (See above)
2018-12-25T12:40:53.072187958Z	64	PC: 9a848 | Write file or device (Write 26 bytes on handle 2)
2018-12-25T12:40:53.078189067Z	37	PC: 123c4 | Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-25T12:40:53.079803286Z	37	PC: 123cb | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-25T12:40:53.081077399Z	37	PC: 123d2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:40:53.082374693Z	62	PC: 122ab | Close file
2018-12-25T12:40:53.083864403Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:53.085818319Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:53.086895219Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:53.087936129Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:53.090125565Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:53.09145385Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:53.092747164Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:53.094681676Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:53.102074101Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:53.103520883Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:53.108717796Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:53.110933492Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:53.113035466Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:53.116014408Z	62	PC: 122ab | Close file (See above)
2018-12-25T12:40:53.118866077Z	99	PC: 9a5d7 | Get DBCS lead byte table pointer
2018-12-25T12:40:53.120703942Z	56	PC: 94df9 | Get or set country info
2018-12-25T12:40:53.123178519Z	64	PC: 9a848 | Write file or device (See above)
2018-12-25T12:40:53.130727343Z	25	PC: 94e62 | Get default drive
2018-12-25T12:40:53.132446099Z	71	PC: 970dd | Get current directory
2018-12-25T12:40:53.136854924Z	64	PC: 9a848 | Write file or device (See above)
2018-12-25T12:40:53.144149824Z	2	PC: 970b2 | Character output (Char = '3e')
2018-12-25T12:40:53.146848075Z	93	PC: 94f20 | File sharing functions
2018-12-25T12:40:53.149083444Z	93	PC: 94f27 | File sharing functions
2018-12-25T12:40:53.151785084Z	10	PC: 94f39 | Buffered keyboard input
2018-12-25T12:41:08.050724082Z	0	PC: 0 | Program terminate (See above)
2018-12-25T12:41:09.404888429Z	0	PC: 0 | Program terminate (See above)
2018-12-25T12:41:09.507521249Z	64	PC: 9a848 | Write file or device (See above)
2018-12-25T12:41:09.514999031Z	41	PC: 94fae | Parse filename (See above)
2018-12-25T12:41:09.518128105Z	41	PC: 9502f | Parse filename (See above)
2018-12-25T12:41:09.521273917Z	41	PC: 9504c | Parse filename (See above)
2018-12-25T12:41:09.523907289Z	26	PC: 984f7 | Set disk transfer address (See above)
2018-12-25T12:41:09.526520999Z	71	PC: 986f3 | Get current directory (See above)
2018-12-25T12:41:09.535547172Z	78	PC: 986fe | Find first file (See above)
2018-12-25T12:41:09.546659835Z	71	PC: 9856c | Get current directory
2018-12-25T12:41:09.549988958Z	73	PC: 97c09 | Release memory
2018-12-25T12:41:09.551854603Z	75	PC: 11821 | Execute program
2018-12-25T12:41:09.567399832Z	9	PC: 12a47 | Display string (String= 'Hello, World! ')
2018-12-25T12:41:09.571918752Z	76	PC: 12a4b | Terminate with return code (Return code = '36')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":6,"Min":0,"Second":0,"TimeBased":true,"OriginalID":14525,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:40:53.223953841Z	26	PC: 12aa5 | Set disk transfer address
2018-12-25T12:40:53.225951202Z	78	PC: 12afb | Find first file
2018-12-25T12:40:53.23352492Z	61	PC: 12b07 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:40:53.241160118Z	63	PC: 12b16 | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:40:53.248612985Z	66	PC: 12b2d | Move file pointer
2018-12-25T12:40:53.252526932Z	64	PC: 12b41 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:40:53.255613841Z	64	PC: 12b4c | Write file or device (Write 739 bytes on handle 5)
2018-12-25T12:40:53.271786159Z	66	PC: 12b55 | Move file pointer
2018-12-25T12:40:53.276897414Z	64	PC: 12b73 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:40:53.284135591Z	62	PC: 12aef | Close file
2018-12-25T12:40:53.292846413Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.295888978Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.302728463Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.30941276Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.310947832Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.314294661Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.323045813Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.324505485Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.331841608Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.340683843Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.343361525Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.351525361Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.358335837Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.359670002Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.363047301Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.371770872Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.373304954Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.38114212Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.39076894Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.393501904Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.401714486Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.409063654Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.41055031Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.413956135Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.422721162Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.423955991Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.43125196Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.441771854Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.444871207Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.452996528Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.460062899Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.461544152Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.464320277Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.473421067Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.475384183Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.482349355Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.49247441Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.495792492Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.503547157Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.511924664Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.513477574Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.516735186Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.52657911Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.528219978Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.535190806Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.544433166Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.547414965Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.554725265Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.562142423Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.564479789Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.567282206Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.576279554Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.577993973Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.585387051Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.594783539Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.598234545Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.60573888Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.6089432Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.611704722Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.614498884Z	42	PC: 12ba1 | Get date 0x12ba1: cmp dl, 4 0x12ba4: jne 0x12bb0 0x12ba6: cmp dh, 7 0x12ba9: jne 0x12bb0 0x12bab: xor ax, ax 0x12bad: jmp 0x12bce 0x12baf: nop 0x12bb0: mov ah, 0x2c 0x12bb2: int 0x21 0x12bb4: or cl, cl 0x12bb6: jne 0x12bdb 0x12bb8: cmp ch, 6 0x12bbb: jge 0x12bdb 0x12bbd: add cl, ch 0x12bbf: mov ax, cx 0x12bc1: cwde 0x12bc2: add al, dh 0x12bc4: adc al, dl 0x12bc6: adc ah, 0 0x12bc9: or ax, ax
2018-12-25T12:40:53.616924582Z	44	PC: 12bb4 | Get time 0x12bb4: or cl, cl 0x12bb6: jne 0x12bdb 0x12bb8: cmp ch, 6 0x12bbb: jge 0x12bdb 0x12bbd: add cl, ch 0x12bbf: mov ax, cx 0x12bc1: cwde 0x12bc2: add al, dh 0x12bc4: adc al, dl 0x12bc6: adc ah, 0 0x12bc9: or ax, ax 0x12bcb: jne 0x12bce 0x12bcd: inc ax 0x12bce: mov dx, ax 0x12bd0: mov cx, 1 0x12bd3: xor bx, bx 0x12bd5: mov ah, 0x19 0x12bd7: int 0x21 0x12bd9: int 0x26 0x12bdb: mov bx, 0x31a
2018-12-25T12:40:53.61988952Z	44	PC: 12be2 | Get time 0x12be2: inc dh 0x12be4: cmp dh, byte ptr [0x319] 0x12be8: jl 0x12bf0 0x12bea: sub dh, byte ptr [0x319] 0x12bee: jmp 0x12be4 0x12bf0: mov al, dh 0x12bf2: mov cl, al 0x12bf4: cwde 0x12bf5: shl ax, 1 0x12bf7: add bx, ax 0x12bf9: mov si, word ptr [bx] 0x12bfb: mov ch, byte ptr [si - 1] 0x12bfe: mov dx, si 0x12c00: mov ah, 9 0x12c02: int 0x21 0x12c04: cmp ch, 0 0x12c07: jne 0x12c0b 0x12c09: int 0x20 0x12c0b: cmp ch, 1 0x12c0e: jne 0x12c11
2018-12-25T12:40:53.622292529Z	9	PC: 12c04 | Display string (Could not find end pointer)
2018-12-25T12:40:53.628070624Z	26	PC: 12ab9 | Set disk transfer address

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":6,"Min":0,"Second":0,"TimeBased":true,"OriginalID":14525,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:40:53.058283964Z	26	PC: 12aa5 | Set disk transfer address
2018-12-25T12:40:53.05966077Z	78	PC: 12afb | Find first file
2018-12-25T12:40:53.065438003Z	61	PC: 12b07 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:40:53.070640447Z	63	PC: 12b16 | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:40:53.075959553Z	66	PC: 12b2d | Move file pointer
2018-12-25T12:40:53.077455976Z	64	PC: 12b41 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:40:53.080132279Z	64	PC: 12b4c | Write file or device (Write 739 bytes on handle 5)
2018-12-25T12:40:53.094516014Z	66	PC: 12b55 | Move file pointer
2018-12-25T12:40:53.096739393Z	64	PC: 12b73 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:40:53.10360547Z	62	PC: 12aef | Close file
2018-12-25T12:40:53.112079788Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.120270096Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.127208854Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.133747703Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.135675225Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.138508591Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.146521519Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.148891177Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.155491008Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.163762467Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.167375586Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.174026653Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.178332099Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.179346531Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.181861247Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.189345384Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.191210486Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.198678678Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.217398328Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.223739473Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.231016582Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.237595871Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.239362112Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.24317132Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.251347538Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.252635152Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.259827497Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.270193228Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.273363496Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.282027626Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.28894615Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.290819848Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.294743411Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.303752889Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.305451758Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.31301794Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.322384219Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.325573238Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.334578794Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.341934799Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.343487803Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.346279124Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.355705687Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.357339074Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.364017724Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.373397426Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.376912385Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.384472802Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.392127706Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.393508867Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.396143961Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.405183895Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.406894457Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.413605744Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.422188222Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.425336135Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.432308318Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.436020032Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.438099529Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.44085652Z	42	PC: 12ba1 | Get date 0x12ba1: cmp dl, 4 0x12ba4: jne 0x12bb0 0x12ba6: cmp dh, 7 0x12ba9: jne 0x12bb0 0x12bab: xor ax, ax 0x12bad: jmp 0x12bce 0x12baf: nop 0x12bb0: mov ah, 0x2c 0x12bb2: int 0x21 0x12bb4: or cl, cl 0x12bb6: jne 0x12bdb 0x12bb8: cmp ch, 6 0x12bbb: jge 0x12bdb 0x12bbd: add cl, ch 0x12bbf: mov ax, cx 0x12bc1: cwde 0x12bc2: add al, dh 0x12bc4: adc al, dl 0x12bc6: adc ah, 0 0x12bc9: or ax, ax
2018-12-25T12:40:53.444257949Z	44	PC: 12bb4 | Get time 0x12bb4: or cl, cl 0x12bb6: jne 0x12bdb 0x12bb8: cmp ch, 6 0x12bbb: jge 0x12bdb 0x12bbd: add cl, ch 0x12bbf: mov ax, cx 0x12bc1: cwde 0x12bc2: add al, dh 0x12bc4: adc al, dl 0x12bc6: adc ah, 0 0x12bc9: or ax, ax 0x12bcb: jne 0x12bce 0x12bcd: inc ax 0x12bce: mov dx, ax 0x12bd0: mov cx, 1 0x12bd3: xor bx, bx 0x12bd5: mov ah, 0x19 0x12bd7: int 0x21 0x12bd9: int 0x26 0x12bdb: mov bx, 0x31a
2018-12-25T12:40:53.446736931Z	44	PC: 12be2 | Get time 0x12be2: inc dh 0x12be4: cmp dh, byte ptr [0x319] 0x12be8: jl 0x12bf0 0x12bea: sub dh, byte ptr [0x319] 0x12bee: jmp 0x12be4 0x12bf0: mov al, dh 0x12bf2: mov cl, al 0x12bf4: cwde 0x12bf5: shl ax, 1 0x12bf7: add bx, ax 0x12bf9: mov si, word ptr [bx] 0x12bfb: mov ch, byte ptr [si - 1] 0x12bfe: mov dx, si 0x12c00: mov ah, 9 0x12c02: int 0x21 0x12c04: cmp ch, 0 0x12c07: jne 0x12c0b 0x12c09: int 0x20 0x12c0b: cmp ch, 1 0x12c0e: jne 0x12c11
2018-12-25T12:40:53.449743505Z	9	PC: 12c04 | Display string (String= 'S��S��S��S��S��S��S��S��S��S��S���x��'B66a:' �test.4c.om2 �0.40 � ')
2018-12-25T12:40:53.455382012Z	26	PC: 12ab9 | Set disk transfer address

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":14525,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:40:53.160450099Z	26	PC: 12aa5 | Set disk transfer address
2018-12-25T12:40:53.162540019Z	78	PC: 12afb | Find first file
2018-12-25T12:40:53.168462672Z	61	PC: 12b07 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:40:53.175419542Z	63	PC: 12b16 | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:40:53.182803686Z	66	PC: 12b2d | Move file pointer
2018-12-25T12:40:53.184512041Z	64	PC: 12b41 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:40:53.187428116Z	64	PC: 12b4c | Write file or device (Write 739 bytes on handle 5)
2018-12-25T12:40:53.201128638Z	66	PC: 12b55 | Move file pointer
2018-12-25T12:40:53.202770908Z	64	PC: 12b73 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:40:53.209430377Z	62	PC: 12aef | Close file
2018-12-25T12:40:53.226885911Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.230646712Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.2466783Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.258069441Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.260196887Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.263338978Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.271553235Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.273824044Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.280622022Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.289825233Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.293294879Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.300484902Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.308447713Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.311574165Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.314487293Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.322906791Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.324958656Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.331638643Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.33958866Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.343751051Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.350351587Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.358801259Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.36088573Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.36345389Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.394829802Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.398010722Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.404639262Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.412706784Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.416380937Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.422926027Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.428962824Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.430527296Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.433466031Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.441179207Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.442613625Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.449609947Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.457369311Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.459958488Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.466667111Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.473150531Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.474682362Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.477745114Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.485667379Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.486953401Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.494316981Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.502280354Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.505139738Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.513177495Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.519472818Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.521064777Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.524813151Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.532533631Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.53390874Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.540691991Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.549418955Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.552175816Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.559425868Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.562194516Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.56416691Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.56745519Z	42	PC: 12ba1 | Get date 0x12ba1: cmp dl, 4 0x12ba4: jne 0x12bb0 0x12ba6: cmp dh, 7 0x12ba9: jne 0x12bb0 0x12bab: xor ax, ax 0x12bad: jmp 0x12bce 0x12baf: nop 0x12bb0: mov ah, 0x2c 0x12bb2: int 0x21 0x12bb4: or cl, cl 0x12bb6: jne 0x12bdb 0x12bb8: cmp ch, 6 0x12bbb: jge 0x12bdb 0x12bbd: add cl, ch 0x12bbf: mov ax, cx 0x12bc1: cwde 0x12bc2: add al, dh 0x12bc4: adc al, dl 0x12bc6: adc ah, 0 0x12bc9: or ax, ax
2018-12-25T12:40:53.569630727Z	44	PC: 12bb4 | Get time 0x12bb4: or cl, cl 0x12bb6: jne 0x12bdb 0x12bb8: cmp ch, 6 0x12bbb: jge 0x12bdb 0x12bbd: add cl, ch 0x12bbf: mov ax, cx 0x12bc1: cwde 0x12bc2: add al, dh 0x12bc4: adc al, dl 0x12bc6: adc ah, 0 0x12bc9: or ax, ax 0x12bcb: jne 0x12bce 0x12bcd: inc ax 0x12bce: mov dx, ax 0x12bd0: mov cx, 1 0x12bd3: xor bx, bx 0x12bd5: mov ah, 0x19 0x12bd7: int 0x21 0x12bd9: int 0x26 0x12bdb: mov bx, 0x31a
2018-12-25T12:40:53.571753861Z	25	PC: 12bd9 | Get default drive

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":14525,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:40:53.174772961Z	26	PC: 12aa5 | Set disk transfer address
2018-12-25T12:40:53.177061685Z	78	PC: 12afb | Find first file
2018-12-25T12:40:53.183234874Z	61	PC: 12b07 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:40:53.196860976Z	63	PC: 12b16 | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:40:53.207616898Z	66	PC: 12b2d | Move file pointer
2018-12-25T12:40:53.209671786Z	64	PC: 12b41 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:40:53.212017801Z	64	PC: 12b4c | Write file or device (Write 739 bytes on handle 5)
2018-12-25T12:40:53.22173042Z	66	PC: 12b55 | Move file pointer
2018-12-25T12:40:53.223930458Z	64	PC: 12b73 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:40:53.228401803Z	62	PC: 12aef | Close file
2018-12-25T12:40:53.23366958Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.236140067Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.240343793Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.244910218Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.246634416Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.249137057Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.256945661Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.258700593Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.265099744Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.273131586Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.275646175Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.282686829Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.288582561Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.289808625Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.292904041Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.300737339Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.302365786Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.309560895Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.317657039Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.320877128Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.327689401Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.334511239Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.335901781Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.345264422Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.355196761Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.356597763Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.363589833Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.371994512Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.374821718Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.381663042Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.389163625Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.391537938Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.394393543Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.408311822Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.410204659Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.415788675Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.424441613Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.426932776Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.433364319Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.44104983Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.442404376Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.444891567Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.453973912Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.455417811Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.462776045Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.47142878Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.474047052Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.480554588Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.487914078Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.489781155Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.492689476Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.50123553Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.502979267Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.50951581Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.518400924Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.521555042Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.528771888Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.531782723Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.533965511Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.536591093Z	42	PC: 12ba1 | Get date 0x12ba1: cmp dl, 4 0x12ba4: jne 0x12bb0 0x12ba6: cmp dh, 7 0x12ba9: jne 0x12bb0 0x12bab: xor ax, ax 0x12bad: jmp 0x12bce 0x12baf: nop 0x12bb0: mov ah, 0x2c 0x12bb2: int 0x21 0x12bb4: or cl, cl 0x12bb6: jne 0x12bdb 0x12bb8: cmp ch, 6 0x12bbb: jge 0x12bdb 0x12bbd: add cl, ch 0x12bbf: mov ax, cx 0x12bc1: cwde 0x12bc2: add al, dh 0x12bc4: adc al, dl 0x12bc6: adc ah, 0 0x12bc9: or ax, ax
2018-12-25T12:40:53.539148805Z	44	PC: 12bb4 | Get time 0x12bb4: or cl, cl 0x12bb6: jne 0x12bdb 0x12bb8: cmp ch, 6 0x12bbb: jge 0x12bdb 0x12bbd: add cl, ch 0x12bbf: mov ax, cx 0x12bc1: cwde 0x12bc2: add al, dh 0x12bc4: adc al, dl 0x12bc6: adc ah, 0 0x12bc9: or ax, ax 0x12bcb: jne 0x12bce 0x12bcd: inc ax 0x12bce: mov dx, ax 0x12bd0: mov cx, 1 0x12bd3: xor bx, bx 0x12bd5: mov ah, 0x19 0x12bd7: int 0x21 0x12bd9: int 0x26 0x12bdb: mov bx, 0x31a
2018-12-25T12:40:53.542054782Z	25	PC: 12bd9 | Get default drive

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":14525,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:40:53.150099151Z	26	PC: 12aa5 | Set disk transfer address
2018-12-25T12:40:53.151490484Z	78	PC: 12afb | Find first file
2018-12-25T12:40:53.15712388Z	61	PC: 12b07 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:40:53.161444851Z	63	PC: 12b16 | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:40:53.167396194Z	66	PC: 12b2d | Move file pointer
2018-12-25T12:40:53.168537895Z	64	PC: 12b41 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:40:53.170695725Z	64	PC: 12b4c | Write file or device (Write 739 bytes on handle 5)
2018-12-25T12:40:53.183944376Z	66	PC: 12b55 | Move file pointer
2018-12-25T12:40:53.185919303Z	64	PC: 12b73 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:40:53.192895795Z	62	PC: 12aef | Close file
2018-12-25T12:40:53.200626248Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.204469513Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.208662665Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.213161702Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.214420121Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.218721343Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.226785153Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.229341128Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.236041197Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.244367552Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.247740439Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.254326324Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.260832352Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.263336515Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.266202408Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.274315398Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.276939664Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.283993104Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.29220648Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.295657533Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.302368991Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.308874722Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.311314572Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.314081473Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.322268637Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.324748435Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.332196843Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.340184814Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.343358365Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.350459335Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.356500853Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.358118773Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.360766919Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.368548742Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.370488503Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.382725086Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.389287023Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.391812969Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.396061903Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.400301864Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.401925976Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.403772496Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.413584566Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.416338023Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.423406018Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.431839064Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.43499908Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.442761003Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.449361064Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.451101836Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.454573071Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.463762556Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.465587393Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.473492458Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.482172685Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.484864995Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.492434224Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.495247451Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.497257618Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.501052874Z	42	PC: 12ba1 | Get date 0x12ba1: cmp dl, 4 0x12ba4: jne 0x12bb0 0x12ba6: cmp dh, 7 0x12ba9: jne 0x12bb0 0x12bab: xor ax, ax 0x12bad: jmp 0x12bce 0x12baf: nop 0x12bb0: mov ah, 0x2c 0x12bb2: int 0x21 0x12bb4: or cl, cl 0x12bb6: jne 0x12bdb 0x12bb8: cmp ch, 6 0x12bbb: jge 0x12bdb 0x12bbd: add cl, ch 0x12bbf: mov ax, cx 0x12bc1: cwde 0x12bc2: add al, dh 0x12bc4: adc al, dl 0x12bc6: adc ah, 0 0x12bc9: or ax, ax
2018-12-25T12:40:53.50349036Z	44	PC: 12bb4 | Get time 0x12bb4: or cl, cl 0x12bb6: jne 0x12bdb 0x12bb8: cmp ch, 6 0x12bbb: jge 0x12bdb 0x12bbd: add cl, ch 0x12bbf: mov ax, cx 0x12bc1: cwde 0x12bc2: add al, dh 0x12bc4: adc al, dl 0x12bc6: adc ah, 0 0x12bc9: or ax, ax 0x12bcb: jne 0x12bce 0x12bcd: inc ax 0x12bce: mov dx, ax 0x12bd0: mov cx, 1 0x12bd3: xor bx, bx 0x12bd5: mov ah, 0x19 0x12bd7: int 0x21 0x12bd9: int 0x26 0x12bdb: mov bx, 0x31a
2018-12-25T12:40:53.505920669Z	25	PC: 12bd9 | Get default drive

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":14525,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:40:53.159721783Z	26	PC: 12aa5 | Set disk transfer address
2018-12-25T12:40:53.161871312Z	78	PC: 12afb | Find first file
2018-12-25T12:40:53.168564365Z	61	PC: 12b07 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:40:53.175925731Z	63	PC: 12b16 | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:40:53.183351523Z	66	PC: 12b2d | Move file pointer
2018-12-25T12:40:53.185673367Z	64	PC: 12b41 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:40:53.189375221Z	64	PC: 12b4c | Write file or device (Write 739 bytes on handle 5)
2018-12-25T12:40:53.204411708Z	66	PC: 12b55 | Move file pointer
2018-12-25T12:40:53.206515852Z	64	PC: 12b73 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:40:53.214410832Z	62	PC: 12aef | Close file
2018-12-25T12:40:53.224614452Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.228325901Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.23575741Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.242932911Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.245590763Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.248929265Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.257880332Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.26053181Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.268288472Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.277135885Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.27951808Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.284100015Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.291453966Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.293588717Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.296575554Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.305412996Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.306825153Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.314368458Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.323903602Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.327047423Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.334977551Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.342109885Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.343779856Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.347423178Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.356799084Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.358725115Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.364971847Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.371284119Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.373944755Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.378896273Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.383426585Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.38452398Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.386663747Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.392760665Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.394242585Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.401916104Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.411196146Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.414088307Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.421248935Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.429395689Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.431089964Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.434500469Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.445039539Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.446519691Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.45504698Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.46616486Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.469326055Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.476670138Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.484928613Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.486634078Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.489659366Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.498549381Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.50035158Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.50778434Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.517025Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.522690708Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.530375484Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.533613143Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.536462554Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.541039866Z	42	PC: 12ba1 | Get date 0x12ba1: cmp dl, 4 0x12ba4: jne 0x12bb0 0x12ba6: cmp dh, 7 0x12ba9: jne 0x12bb0 0x12bab: xor ax, ax 0x12bad: jmp 0x12bce 0x12baf: nop 0x12bb0: mov ah, 0x2c 0x12bb2: int 0x21 0x12bb4: or cl, cl 0x12bb6: jne 0x12bdb 0x12bb8: cmp ch, 6 0x12bbb: jge 0x12bdb 0x12bbd: add cl, ch 0x12bbf: mov ax, cx 0x12bc1: cwde 0x12bc2: add al, dh 0x12bc4: adc al, dl 0x12bc6: adc ah, 0 0x12bc9: or ax, ax
2018-12-25T12:40:53.54380002Z	44	PC: 12bb4 | Get time 0x12bb4: or cl, cl 0x12bb6: jne 0x12bdb 0x12bb8: cmp ch, 6 0x12bbb: jge 0x12bdb 0x12bbd: add cl, ch 0x12bbf: mov ax, cx 0x12bc1: cwde 0x12bc2: add al, dh 0x12bc4: adc al, dl 0x12bc6: adc ah, 0 0x12bc9: or ax, ax 0x12bcb: jne 0x12bce 0x12bcd: inc ax 0x12bce: mov dx, ax 0x12bd0: mov cx, 1 0x12bd3: xor bx, bx 0x12bd5: mov ah, 0x19 0x12bd7: int 0x21 0x12bd9: int 0x26 0x12bdb: mov bx, 0x31a
2018-12-25T12:40:53.547091989Z	25	PC: 12bd9 | Get default drive

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":6,"Min":0,"Second":0,"TimeBased":true,"OriginalID":14525,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:40:53.48221252Z	26	PC: 12aa5 | Set disk transfer address
2018-12-25T12:40:53.483243209Z	78	PC: 12afb | Find first file
2018-12-25T12:40:53.489489766Z	61	PC: 12b07 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:40:53.497340649Z	63	PC: 12b16 | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:40:53.503847127Z	66	PC: 12b2d | Move file pointer
2018-12-25T12:40:53.506078119Z	64	PC: 12b41 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:40:53.510028911Z	64	PC: 12b4c | Write file or device (Write 739 bytes on handle 5)
2018-12-25T12:40:53.522933548Z	66	PC: 12b55 | Move file pointer
2018-12-25T12:40:53.524556714Z	64	PC: 12b73 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:40:53.532365579Z	62	PC: 12aef | Close file
2018-12-25T12:40:53.543630907Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.546365665Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.554181096Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.560697054Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.562367171Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.565506666Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.580833762Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.58257925Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.589871128Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.598407551Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.601262766Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.607747275Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.615612835Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.617215243Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.621629741Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.63039896Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.631793474Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.638508027Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.65561609Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.658609734Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.666348321Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.674507671Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.676279825Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.679260183Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.690023534Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.691390543Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.697846918Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.706464576Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.709535116Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.716484151Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.723500801Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.725480008Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.728453171Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.736729381Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.739020175Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.74549643Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.753352611Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.756395854Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.767884162Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.774440777Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.77646664Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.779254535Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.789997777Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.792265978Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.798881676Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.80714376Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.810331163Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.817025096Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.823472272Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.826100756Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.828947889Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.83693806Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.839573969Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.846026781Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.854921756Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.858612064Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.864910576Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.867360468Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.869821908Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.87244364Z	42	PC: 12ba1 | Get date 0x12ba1: cmp dl, 4 0x12ba4: jne 0x12bb0 0x12ba6: cmp dh, 7 0x12ba9: jne 0x12bb0 0x12bab: xor ax, ax 0x12bad: jmp 0x12bce 0x12baf: nop 0x12bb0: mov ah, 0x2c 0x12bb2: int 0x21 0x12bb4: or cl, cl 0x12bb6: jne 0x12bdb 0x12bb8: cmp ch, 6 0x12bbb: jge 0x12bdb 0x12bbd: add cl, ch 0x12bbf: mov ax, cx 0x12bc1: cwde 0x12bc2: add al, dh 0x12bc4: adc al, dl 0x12bc6: adc ah, 0 0x12bc9: or ax, ax
2018-12-25T12:40:53.874497918Z	44	PC: 12bb4 | Get time 0x12bb4: or cl, cl 0x12bb6: jne 0x12bdb 0x12bb8: cmp ch, 6 0x12bbb: jge 0x12bdb 0x12bbd: add cl, ch 0x12bbf: mov ax, cx 0x12bc1: cwde 0x12bc2: add al, dh 0x12bc4: adc al, dl 0x12bc6: adc ah, 0 0x12bc9: or ax, ax 0x12bcb: jne 0x12bce 0x12bcd: inc ax 0x12bce: mov dx, ax 0x12bd0: mov cx, 1 0x12bd3: xor bx, bx 0x12bd5: mov ah, 0x19 0x12bd7: int 0x21 0x12bd9: int 0x26 0x12bdb: mov bx, 0x31a
2018-12-25T12:40:53.877171306Z	44	PC: 12be2 | Get time 0x12be2: inc dh 0x12be4: cmp dh, byte ptr [0x319] 0x12be8: jl 0x12bf0 0x12bea: sub dh, byte ptr [0x319] 0x12bee: jmp 0x12be4 0x12bf0: mov al, dh 0x12bf2: mov cl, al 0x12bf4: cwde 0x12bf5: shl ax, 1 0x12bf7: add bx, ax 0x12bf9: mov si, word ptr [bx] 0x12bfb: mov ch, byte ptr [si - 1] 0x12bfe: mov dx, si 0x12c00: mov ah, 9 0x12c02: int 0x21 0x12c04: cmp ch, 0 0x12c07: jne 0x12c0b 0x12c09: int 0x20 0x12c0b: cmp ch, 1 0x12c0e: jne 0x12c11
2018-12-25T12:40:53.879248869Z	9	PC: 12c04 | Display string (Could not find end pointer)
2018-12-25T12:40:53.884242172Z	26	PC: 12ab9 | Set disk transfer address

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":6,"Min":0,"Second":0,"TimeBased":true,"OriginalID":14525,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:40:53.704037169Z	26	PC: 12aa5 | Set disk transfer address
2018-12-25T12:40:53.706907286Z	78	PC: 12afb | Find first file
2018-12-25T12:40:53.713157772Z	61	PC: 12b07 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:40:53.71961862Z	63	PC: 12b16 | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:40:53.726634887Z	66	PC: 12b2d | Move file pointer
2018-12-25T12:40:53.72965142Z	64	PC: 12b41 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:40:53.732558436Z	64	PC: 12b4c | Write file or device (Write 739 bytes on handle 5)
2018-12-25T12:40:53.74598205Z	66	PC: 12b55 | Move file pointer
2018-12-25T12:40:53.751530029Z	64	PC: 12b73 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:40:53.758224356Z	62	PC: 12aef | Close file
2018-12-25T12:40:53.767061358Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.769903036Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.776784576Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.783513102Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.785580181Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.788636003Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.797342664Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.799543777Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.806610867Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.814541187Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.81788963Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.8245272Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.8308392Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.833032718Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.836101075Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.844030501Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.846203037Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.852871361Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.861097989Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.865860765Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.872626584Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.87928074Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.882143791Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.885094096Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.89380465Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.896308078Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.90342485Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.911777966Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.914686735Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.922475241Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.929575999Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.931289354Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.934630455Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.942864323Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.944496827Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:53.951933213Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:53.960373976Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:53.963220804Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:53.971324117Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:53.977624672Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:53.979111338Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:53.982484785Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:53.990912163Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:53.99245409Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:54.00005859Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:54.008702224Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:54.011468616Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:54.018787038Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:54.02560304Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:54.027232843Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:54.030869407Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:54.039125662Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:54.040460907Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:54.04702305Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:54.055860671Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:54.058613574Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:54.065731185Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:54.068864241Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:54.07067839Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:54.072947738Z	42	PC: 12ba1 | Get date 0x12ba1: cmp dl, 4 0x12ba4: jne 0x12bb0 0x12ba6: cmp dh, 7 0x12ba9: jne 0x12bb0 0x12bab: xor ax, ax 0x12bad: jmp 0x12bce 0x12baf: nop 0x12bb0: mov ah, 0x2c 0x12bb2: int 0x21 0x12bb4: or cl, cl 0x12bb6: jne 0x12bdb 0x12bb8: cmp ch, 6 0x12bbb: jge 0x12bdb 0x12bbd: add cl, ch 0x12bbf: mov ax, cx 0x12bc1: cwde 0x12bc2: add al, dh 0x12bc4: adc al, dl 0x12bc6: adc ah, 0 0x12bc9: or ax, ax
2018-12-25T12:40:54.075658621Z	44	PC: 12bb4 | Get time 0x12bb4: or cl, cl 0x12bb6: jne 0x12bdb 0x12bb8: cmp ch, 6 0x12bbb: jge 0x12bdb 0x12bbd: add cl, ch 0x12bbf: mov ax, cx 0x12bc1: cwde 0x12bc2: add al, dh 0x12bc4: adc al, dl 0x12bc6: adc ah, 0 0x12bc9: or ax, ax 0x12bcb: jne 0x12bce 0x12bcd: inc ax 0x12bce: mov dx, ax 0x12bd0: mov cx, 1 0x12bd3: xor bx, bx 0x12bd5: mov ah, 0x19 0x12bd7: int 0x21 0x12bd9: int 0x26 0x12bdb: mov bx, 0x31a
2018-12-25T12:40:54.077969547Z	44	PC: 12be2 | Get time 0x12be2: inc dh 0x12be4: cmp dh, byte ptr [0x319] 0x12be8: jl 0x12bf0 0x12bea: sub dh, byte ptr [0x319] 0x12bee: jmp 0x12be4 0x12bf0: mov al, dh 0x12bf2: mov cl, al 0x12bf4: cwde 0x12bf5: shl ax, 1 0x12bf7: add bx, ax 0x12bf9: mov si, word ptr [bx] 0x12bfb: mov ch, byte ptr [si - 1] 0x12bfe: mov dx, si 0x12c00: mov ah, 9 0x12c02: int 0x21 0x12c04: cmp ch, 0 0x12c07: jne 0x12c0b 0x12c09: int 0x20 0x12c0b: cmp ch, 1 0x12c0e: jne 0x12c11
2018-12-25T12:40:54.080301794Z	9	PC: 12c04 | Display string (String= 'S��S��S��S��S��S��S��S��S��S��S���x��'B66a:' �test.4c.om2 �0.40 � ')
2018-12-25T12:40:54.086519054Z	26	PC: 12ab9 | Set disk transfer address

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":6,"Min":0,"Second":0,"TimeBased":true,"OriginalID":14525,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:40:54.058323295Z	26	PC: 12aa5 | Set disk transfer address
2018-12-25T12:40:54.060778278Z	78	PC: 12afb | Find first file
2018-12-25T12:40:54.067796843Z	61	PC: 12b07 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:40:54.075083271Z	63	PC: 12b16 | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:40:54.083036245Z	66	PC: 12b2d | Move file pointer
2018-12-25T12:40:54.084558246Z	64	PC: 12b41 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:40:54.087337115Z	64	PC: 12b4c | Write file or device (Write 739 bytes on handle 5)
2018-12-25T12:40:54.10378336Z	66	PC: 12b55 | Move file pointer
2018-12-25T12:40:54.105556649Z	64	PC: 12b73 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:40:54.113168474Z	62	PC: 12aef | Close file
2018-12-25T12:40:54.123217692Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:54.126972227Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:54.134216201Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:54.141330466Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:54.143747441Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:54.147419527Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:54.156907108Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:54.165931321Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:54.174081796Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:54.183851709Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:54.187712706Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:54.195929937Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:54.20308714Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:54.205099608Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:54.208385897Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:54.217056644Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:54.21879819Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:54.241135451Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:54.25094563Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:54.25532507Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:54.26379489Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:54.271226257Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:54.273079229Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:54.277453994Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:54.28626699Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:54.28745009Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:54.292652169Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:54.302087745Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:54.305490014Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:54.314356937Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:54.322154194Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:54.324526504Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:54.32806065Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:54.337213689Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:54.33894693Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:54.346996937Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:54.354036585Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:54.356635514Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:54.362247428Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:54.366968777Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:54.368155928Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:54.370094789Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:54.379914724Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:54.381846608Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:54.405520133Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:54.413073192Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:54.41582216Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:54.422928482Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:54.430089982Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:54.431759232Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:54.434068048Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:54.440083716Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:54.441462506Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:54.445953844Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:54.452077883Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:54.464649925Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:54.471800258Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:54.474697924Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:54.476514804Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:54.478899725Z	42	PC: 12ba1 | Get date 0x12ba1: cmp dl, 4 0x12ba4: jne 0x12bb0 0x12ba6: cmp dh, 7 0x12ba9: jne 0x12bb0 0x12bab: xor ax, ax 0x12bad: jmp 0x12bce 0x12baf: nop 0x12bb0: mov ah, 0x2c 0x12bb2: int 0x21 0x12bb4: or cl, cl 0x12bb6: jne 0x12bdb 0x12bb8: cmp ch, 6 0x12bbb: jge 0x12bdb 0x12bbd: add cl, ch 0x12bbf: mov ax, cx 0x12bc1: cwde 0x12bc2: add al, dh 0x12bc4: adc al, dl 0x12bc6: adc ah, 0 0x12bc9: or ax, ax
2018-12-25T12:40:54.48113841Z	44	PC: 12bb4 | Get time 0x12bb4: or cl, cl 0x12bb6: jne 0x12bdb 0x12bb8: cmp ch, 6 0x12bbb: jge 0x12bdb 0x12bbd: add cl, ch 0x12bbf: mov ax, cx 0x12bc1: cwde 0x12bc2: add al, dh 0x12bc4: adc al, dl 0x12bc6: adc ah, 0 0x12bc9: or ax, ax 0x12bcb: jne 0x12bce 0x12bcd: inc ax 0x12bce: mov dx, ax 0x12bd0: mov cx, 1 0x12bd3: xor bx, bx 0x12bd5: mov ah, 0x19 0x12bd7: int 0x21 0x12bd9: int 0x26 0x12bdb: mov bx, 0x31a
2018-12-25T12:40:54.483694876Z	44	PC: 12be2 | Get time 0x12be2: inc dh 0x12be4: cmp dh, byte ptr [0x319] 0x12be8: jl 0x12bf0 0x12bea: sub dh, byte ptr [0x319] 0x12bee: jmp 0x12be4 0x12bf0: mov al, dh 0x12bf2: mov cl, al 0x12bf4: cwde 0x12bf5: shl ax, 1 0x12bf7: add bx, ax 0x12bf9: mov si, word ptr [bx] 0x12bfb: mov ch, byte ptr [si - 1] 0x12bfe: mov dx, si 0x12c00: mov ah, 9 0x12c02: int 0x21 0x12c04: cmp ch, 0 0x12c07: jne 0x12c0b 0x12c09: int 0x20 0x12c0b: cmp ch, 1 0x12c0e: jne 0x12c11
2018-12-25T12:40:54.485932458Z	9	PC: 12c04 | Display string (Could not find end pointer)
2018-12-25T12:40:54.491718242Z	26	PC: 12ab9 | Set disk transfer address

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":6,"Min":0,"Second":0,"TimeBased":true,"OriginalID":14525,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:40:54.063124399Z	26	PC: 12aa5 | Set disk transfer address
2018-12-25T12:40:54.065305936Z	78	PC: 12afb | Find first file
2018-12-25T12:40:54.071261684Z	61	PC: 12b07 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:40:54.077856805Z	63	PC: 12b16 | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:40:54.084531359Z	66	PC: 12b2d | Move file pointer
2018-12-25T12:40:54.086378932Z	64	PC: 12b41 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:40:54.095720481Z	64	PC: 12b4c | Write file or device (Write 739 bytes on handle 5)
2018-12-25T12:40:54.108710807Z	66	PC: 12b55 | Move file pointer
2018-12-25T12:40:54.110743666Z	64	PC: 12b73 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:40:54.117797713Z	62	PC: 12aef | Close file
2018-12-25T12:40:54.126272451Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:54.129453996Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:54.136582109Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:54.143687966Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:54.146319854Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:54.149243059Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:54.157499426Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:54.16016064Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:54.167115694Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:54.175147485Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:54.179044489Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:54.18547468Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:54.191830678Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:54.193598648Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:54.196359498Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:54.205114938Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:54.207611391Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:54.214345686Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:54.222473785Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:54.225786816Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:54.232307498Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:54.238471139Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:54.244894646Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:54.246727598Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:54.251911561Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:54.253245818Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:54.257462025Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:54.262724554Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:54.265020376Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:54.269379081Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:54.273557783Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:54.274936548Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:54.276733182Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:54.284932756Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:54.287282702Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:54.294056975Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:54.302106751Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:54.305095145Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:54.311785688Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:54.318003208Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:54.31957415Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:54.322527753Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:54.332013636Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:54.333569531Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:54.341549076Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:54.349896177Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:54.352737309Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:54.360441914Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:54.366966307Z	66	PC: 12b2d | Move file pointer (See above)
2018-12-25T12:40:54.368666207Z	64	PC: 12b41 | Write file or device (See above)
2018-12-25T12:40:54.372603333Z	64	PC: 12b4c | Write file or device (See above)
2018-12-25T12:40:54.380683451Z	66	PC: 12b55 | Move file pointer (See above)
2018-12-25T12:40:54.382336648Z	64	PC: 12b73 | Write file or device (See above)
2018-12-25T12:40:54.389952123Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:54.398509913Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:54.401009766Z	61	PC: 12b07 | Open file (See above)
2018-12-25T12:40:54.409008964Z	63	PC: 12b16 | Read file or device (See above)
2018-12-25T12:40:54.411535886Z	62	PC: 12aef | Close file (See above)
2018-12-25T12:40:54.413310002Z	79	PC: 12afb | Find next file (See above)
2018-12-25T12:40:54.416341046Z	42	PC: 12ba1 | Get date 0x12ba1: cmp dl, 4 0x12ba4: jne 0x12bb0 0x12ba6: cmp dh, 7 0x12ba9: jne 0x12bb0 0x12bab: xor ax, ax 0x12bad: jmp 0x12bce 0x12baf: nop 0x12bb0: mov ah, 0x2c 0x12bb2: int 0x21 0x12bb4: or cl, cl 0x12bb6: jne 0x12bdb 0x12bb8: cmp ch, 6 0x12bbb: jge 0x12bdb 0x12bbd: add cl, ch 0x12bbf: mov ax, cx 0x12bc1: cwde 0x12bc2: add al, dh 0x12bc4: adc al, dl 0x12bc6: adc ah, 0 0x12bc9: or ax, ax
2018-12-25T12:40:54.418424671Z	44	PC: 12bb4 | Get time 0x12bb4: or cl, cl 0x12bb6: jne 0x12bdb 0x12bb8: cmp ch, 6 0x12bbb: jge 0x12bdb 0x12bbd: add cl, ch 0x12bbf: mov ax, cx 0x12bc1: cwde 0x12bc2: add al, dh 0x12bc4: adc al, dl 0x12bc6: adc ah, 0 0x12bc9: or ax, ax 0x12bcb: jne 0x12bce 0x12bcd: inc ax 0x12bce: mov dx, ax 0x12bd0: mov cx, 1 0x12bd3: xor bx, bx 0x12bd5: mov ah, 0x19 0x12bd7: int 0x21 0x12bd9: int 0x26 0x12bdb: mov bx, 0x31a
2018-12-25T12:40:54.420514097Z	44	PC: 12be2 | Get time 0x12be2: inc dh 0x12be4: cmp dh, byte ptr [0x319] 0x12be8: jl 0x12bf0 0x12bea: sub dh, byte ptr [0x319] 0x12bee: jmp 0x12be4 0x12bf0: mov al, dh 0x12bf2: mov cl, al 0x12bf4: cwde 0x12bf5: shl ax, 1 0x12bf7: add bx, ax 0x12bf9: mov si, word ptr [bx] 0x12bfb: mov ch, byte ptr [si - 1] 0x12bfe: mov dx, si 0x12c00: mov ah, 9 0x12c02: int 0x21 0x12c04: cmp ch, 0 0x12c07: jne 0x12c0b 0x12c09: int 0x20 0x12c0b: cmp ch, 1 0x12c0e: jne 0x12c11
2018-12-25T12:40:54.42275499Z	9	PC: 12c04 | Display string (String= 'S��S��S��S��S��S��S��S��S��S��S���x��'B66a:' �test.4c.om2 �0.40 � ')
2018-12-25T12:40:54.428646297Z	26	PC: 12ab9 | Set disk transfer address