Sample viewer

vx.netlux.org/Virus.DOS.Hor.810

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:03:51.655108645Z 53 PC: 13e65 | Get interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T23:03:51.657848633Z 53 PC: 13e71 | Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T23:03:51.659354698Z 37 PC: 13e83 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T23:03:51.660772327Z 37 PC: 13e8b | Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T23:03:51.662969925Z 71 PC: 13eab | Get current directory
2018-12-17T23:03:51.665982937Z 78 PC: 13eb5 | Find first file
2018-12-17T23:03:51.671845404Z 61 PC: 13ee1 | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:03:51.681493519Z 67 PC: 13eeb | Get or set file attributes
2018-12-17T23:03:51.687583029Z 67 PC: 13ef6 | Get or set file attributes
2018-12-17T23:03:51.706158831Z 62 PC: 13efa | Close file
2018-12-17T23:03:51.70829549Z 61 PC: 13eff | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:03:51.719554271Z 66 PC: 13f13 | Move file pointer
2018-12-17T23:03:51.720996721Z 63 PC: 13f1c | Read file or device (Read 1 bytes on handle 5)
2018-12-17T23:03:51.727539655Z 66 PC: 14112 | Move file pointer
2018-12-17T23:03:51.730815044Z 63 PC: 13f30 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:03:51.734855033Z 66 PC: 14112 | Move file pointer
2018-12-17T23:03:51.736709184Z 63 PC: 13f45 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:03:51.740142848Z 44 PC: 13f49 | Get time 0x13f49: add cl, ch
0x13f4b: add dl, dh
0x13f4d: cmp dl, 0
0x13f50: je 0x13f45
0x13f52: mov byte ptr [bp + 0x351], dl
0x13f56: mov byte ptr [bp + 0x117], dl
0x13f5a: add cl, dl
0x13f5c: jnp 0x13fa9
0x13f5e: mov ah, 0x2c
0x13f60: int 0x21
0x13f62: lea bx, word ptr [bp + 0x409]
0x13f66: mov al, dl
0x13f68: and al, 3
0x13f6a: push ax
0x13f6b: xlatb
0x13f6c: mov byte ptr [bp + 0x10b], al
0x13f70: pop ax
0x13f71: add bx, 4
0x13f74: xlatb
0x13f75: mov byte ptr [bp + 0x10f], al
2018-12-17T23:03:51.742242976Z 44 PC: 13f62 | Get time 0x13f62: lea bx, word ptr [bp + 0x409]
0x13f66: mov al, dl
0x13f68: and al, 3
0x13f6a: push ax
0x13f6b: xlatb
0x13f6c: mov byte ptr [bp + 0x10b], al
0x13f70: pop ax
0x13f71: add bx, 4
0x13f74: xlatb
0x13f75: mov byte ptr [bp + 0x10f], al
0x13f79: mov ah, 0x2c
0x13f7b: int 0x21
0x13f7d: add dl, dh
0x13f7f: lea bx, word ptr [bp + 0x411]
0x13f83: mov al, dl
0x13f85: and al, 6
0x13f87: cmp al, 6
0x13f89: je 0x13f79
0x13f8b: push ax
0x13f8c: xlatb
2018-12-17T23:03:51.744367776Z 44 PC: 13f7d | Get time 0x13f7d: add dl, dh
0x13f7f: lea bx, word ptr [bp + 0x411]
0x13f83: mov al, dl
0x13f85: and al, 6
0x13f87: cmp al, 6
0x13f89: je 0x13f79
0x13f8b: push ax
0x13f8c: xlatb
0x13f8d: mov byte ptr [bp + 0x116], al
0x13f91: pop ax
0x13f92: inc ax
0x13f93: xlatb
0x13f94: mov byte ptr [bp + 0x350], al
0x13f98: mov byte ptr [bp + 0x34c], 0xbe
0x13f9d: mov byte ptr [bp + 0x31b], 0x47
0x13fa2: mov byte ptr [bp + 0x352], 0x47
0x13fa7: jmp 0x13ff2
0x13fa9: mov ah, 0x2c
0x13fab: int 0x21
0x13fad: lea bx, word ptr [bp + 0x3fb]
2018-12-17T23:03:51.747185892Z 44 PC: 13f7d | Get time 0x13f7d: add dl, dh
0x13f7f: lea bx, word ptr [bp + 0x411]
0x13f83: mov al, dl
0x13f85: and al, 6
0x13f87: cmp al, 6
0x13f89: je 0x13f79
0x13f8b: push ax
0x13f8c: xlatb
0x13f8d: mov byte ptr [bp + 0x116], al
0x13f91: pop ax
0x13f92: inc ax
0x13f93: xlatb
0x13f94: mov byte ptr [bp + 0x350], al
0x13f98: mov byte ptr [bp + 0x34c], 0xbe
0x13f9d: mov byte ptr [bp + 0x31b], 0x47
0x13fa2: mov byte ptr [bp + 0x352], 0x47
0x13fa7: jmp 0x13ff2
0x13fa9: mov ah, 0x2c
0x13fab: int 0x21
0x13fad: lea bx, word ptr [bp + 0x3fb]
2018-12-17T23:03:51.749236548Z 44 PC: 13f7d | Get time 0x13f7d: add dl, dh
0x13f7f: lea bx, word ptr [bp + 0x411]
0x13f83: mov al, dl
0x13f85: and al, 6
0x13f87: cmp al, 6
0x13f89: je 0x13f79
0x13f8b: push ax
0x13f8c: xlatb
0x13f8d: mov byte ptr [bp + 0x116], al
0x13f91: pop ax
0x13f92: inc ax
0x13f93: xlatb
0x13f94: mov byte ptr [bp + 0x350], al
0x13f98: mov byte ptr [bp + 0x34c], 0xbe
0x13f9d: mov byte ptr [bp + 0x31b], 0x47
0x13fa2: mov byte ptr [bp + 0x352], 0x47
0x13fa7: jmp 0x13ff2
0x13fa9: mov ah, 0x2c
0x13fab: int 0x21
0x13fad: lea bx, word ptr [bp + 0x3fb]
2018-12-17T23:03:51.751208811Z 44 PC: 13f7d | Get time 0x13f7d: add dl, dh
0x13f7f: lea bx, word ptr [bp + 0x411]
0x13f83: mov al, dl
0x13f85: and al, 6
0x13f87: cmp al, 6
0x13f89: je 0x13f79
0x13f8b: push ax
0x13f8c: xlatb
0x13f8d: mov byte ptr [bp + 0x116], al
0x13f91: pop ax
0x13f92: inc ax
0x13f93: xlatb
0x13f94: mov byte ptr [bp + 0x350], al
0x13f98: mov byte ptr [bp + 0x34c], 0xbe
0x13f9d: mov byte ptr [bp + 0x31b], 0x47
0x13fa2: mov byte ptr [bp + 0x352], 0x47
0x13fa7: jmp 0x13ff2
0x13fa9: mov ah, 0x2c
0x13fab: int 0x21
0x13fad: lea bx, word ptr [bp + 0x3fb]
2018-12-17T23:03:51.75415415Z 44 PC: 13f7d | Get time 0x13f7d: add dl, dh
0x13f7f: lea bx, word ptr [bp + 0x411]
0x13f83: mov al, dl
0x13f85: and al, 6
0x13f87: cmp al, 6
0x13f89: je 0x13f79
0x13f8b: push ax
0x13f8c: xlatb
0x13f8d: mov byte ptr [bp + 0x116], al
0x13f91: pop ax
0x13f92: inc ax
0x13f93: xlatb
0x13f94: mov byte ptr [bp + 0x350], al
0x13f98: mov byte ptr [bp + 0x34c], 0xbe
0x13f9d: mov byte ptr [bp + 0x31b], 0x47
0x13fa2: mov byte ptr [bp + 0x352], 0x47
0x13fa7: jmp 0x13ff2
0x13fa9: mov ah, 0x2c
0x13fab: int 0x21
0x13fad: lea bx, word ptr [bp + 0x3fb]
2018-12-17T23:03:51.756436136Z 44 PC: 13f7d | Get time 0x13f7d: add dl, dh
0x13f7f: lea bx, word ptr [bp + 0x411]
0x13f83: mov al, dl
0x13f85: and al, 6
0x13f87: cmp al, 6
0x13f89: je 0x13f79
0x13f8b: push ax
0x13f8c: xlatb
0x13f8d: mov byte ptr [bp + 0x116], al
0x13f91: pop ax
0x13f92: inc ax
0x13f93: xlatb
0x13f94: mov byte ptr [bp + 0x350], al
0x13f98: mov byte ptr [bp + 0x34c], 0xbe
0x13f9d: mov byte ptr [bp + 0x31b], 0x47
0x13fa2: mov byte ptr [bp + 0x352], 0x47
0x13fa7: jmp 0x13ff2
0x13fa9: mov ah, 0x2c
0x13fab: int 0x21
0x13fad: lea bx, word ptr [bp + 0x3fb]
2018-12-17T23:03:51.758518225Z 44 PC: 13f7d | Get time 0x13f7d: add dl, dh
0x13f7f: lea bx, word ptr [bp + 0x411]
0x13f83: mov al, dl
0x13f85: and al, 6
0x13f87: cmp al, 6
0x13f89: je 0x13f79
0x13f8b: push ax
0x13f8c: xlatb
0x13f8d: mov byte ptr [bp + 0x116], al
0x13f91: pop ax
0x13f92: inc ax
0x13f93: xlatb
0x13f94: mov byte ptr [bp + 0x350], al
0x13f98: mov byte ptr [bp + 0x34c], 0xbe
0x13f9d: mov byte ptr [bp + 0x31b], 0x47
0x13fa2: mov byte ptr [bp + 0x352], 0x47
0x13fa7: jmp 0x13ff2
0x13fa9: mov ah, 0x2c
0x13fab: int 0x21
0x13fad: lea bx, word ptr [bp + 0x3fb]
2018-12-17T23:03:51.761329089Z 44 PC: 13f7d | Get time 0x13f7d: add dl, dh
0x13f7f: lea bx, word ptr [bp + 0x411]
0x13f83: mov al, dl
0x13f85: and al, 6
0x13f87: cmp al, 6
0x13f89: je 0x13f79
0x13f8b: push ax
0x13f8c: xlatb
0x13f8d: mov byte ptr [bp + 0x116], al
0x13f91: pop ax
0x13f92: inc ax
0x13f93: xlatb
0x13f94: mov byte ptr [bp + 0x350], al
0x13f98: mov byte ptr [bp + 0x34c], 0xbe
0x13f9d: mov byte ptr [bp + 0x31b], 0x47
0x13fa2: mov byte ptr [bp + 0x352], 0x47
0x13fa7: jmp 0x13ff2
0x13fa9: mov ah, 0x2c
0x13fab: int 0x21
0x13fad: lea bx, word ptr [bp + 0x3fb]
2018-12-17T23:03:51.763558558Z 44 PC: 13f7d | Get time 0x13f7d: add dl, dh
0x13f7f: lea bx, word ptr [bp + 0x411]
0x13f83: mov al, dl
0x13f85: and al, 6
0x13f87: cmp al, 6
0x13f89: je 0x13f79
0x13f8b: push ax
0x13f8c: xlatb
0x13f8d: mov byte ptr [bp + 0x116], al
0x13f91: pop ax
0x13f92: inc ax
0x13f93: xlatb
0x13f94: mov byte ptr [bp + 0x350], al
0x13f98: mov byte ptr [bp + 0x34c], 0xbe
0x13f9d: mov byte ptr [bp + 0x31b], 0x47
0x13fa2: mov byte ptr [bp + 0x352], 0x47
0x13fa7: jmp 0x13ff2
0x13fa9: mov ah, 0x2c
0x13fab: int 0x21
0x13fad: lea bx, word ptr [bp + 0x3fb]
2018-12-17T23:03:51.765750851Z 44 PC: 13f7d | Get time 0x13f7d: add dl, dh
0x13f7f: lea bx, word ptr [bp + 0x411]
0x13f83: mov al, dl
0x13f85: and al, 6
0x13f87: cmp al, 6
0x13f89: je 0x13f79
0x13f8b: push ax
0x13f8c: xlatb
0x13f8d: mov byte ptr [bp + 0x116], al
0x13f91: pop ax
0x13f92: inc ax
0x13f93: xlatb
0x13f94: mov byte ptr [bp + 0x350], al
0x13f98: mov byte ptr [bp + 0x34c], 0xbe
0x13f9d: mov byte ptr [bp + 0x31b], 0x47
0x13fa2: mov byte ptr [bp + 0x352], 0x47
0x13fa7: jmp 0x13ff2
0x13fa9: mov ah, 0x2c
0x13fab: int 0x21
0x13fad: lea bx, word ptr [bp + 0x3fb]
2018-12-17T23:03:51.768396195Z 44 PC: 13f7d | Get time 0x13f7d: add dl, dh
0x13f7f: lea bx, word ptr [bp + 0x411]
0x13f83: mov al, dl
0x13f85: and al, 6
0x13f87: cmp al, 6
0x13f89: je 0x13f79
0x13f8b: push ax
0x13f8c: xlatb
0x13f8d: mov byte ptr [bp + 0x116], al
0x13f91: pop ax
0x13f92: inc ax
0x13f93: xlatb
0x13f94: mov byte ptr [bp + 0x350], al
0x13f98: mov byte ptr [bp + 0x34c], 0xbe
0x13f9d: mov byte ptr [bp + 0x31b], 0x47
0x13fa2: mov byte ptr [bp + 0x352], 0x47
0x13fa7: jmp 0x13ff2
0x13fa9: mov ah, 0x2c
0x13fab: int 0x21
0x13fad: lea bx, word ptr [bp + 0x3fb]
2018-12-17T23:03:51.770514146Z 44 PC: 13f7d | Get time 0x13f7d: add dl, dh
0x13f7f: lea bx, word ptr [bp + 0x411]
0x13f83: mov al, dl
0x13f85: and al, 6
0x13f87: cmp al, 6
0x13f89: je 0x13f79
0x13f8b: push ax
0x13f8c: xlatb
0x13f8d: mov byte ptr [bp + 0x116], al
0x13f91: pop ax
0x13f92: inc ax
0x13f93: xlatb
0x13f94: mov byte ptr [bp + 0x350], al
0x13f98: mov byte ptr [bp + 0x34c], 0xbe
0x13f9d: mov byte ptr [bp + 0x31b], 0x47
0x13fa2: mov byte ptr [bp + 0x352], 0x47
0x13fa7: jmp 0x13ff2
0x13fa9: mov ah, 0x2c
0x13fab: int 0x21
0x13fad: lea bx, word ptr [bp + 0x3fb]
2018-12-17T23:03:51.772545647Z 44 PC: 13f7d | Get time 0x13f7d: add dl, dh
0x13f7f: lea bx, word ptr [bp + 0x411]
0x13f83: mov al, dl
0x13f85: and al, 6
0x13f87: cmp al, 6
0x13f89: je 0x13f79
0x13f8b: push ax
0x13f8c: xlatb
0x13f8d: mov byte ptr [bp + 0x116], al
0x13f91: pop ax
0x13f92: inc ax
0x13f93: xlatb
0x13f94: mov byte ptr [bp + 0x350], al
0x13f98: mov byte ptr [bp + 0x34c], 0xbe
0x13f9d: mov byte ptr [bp + 0x31b], 0x47
0x13fa2: mov byte ptr [bp + 0x352], 0x47
0x13fa7: jmp 0x13ff2
0x13fa9: mov ah, 0x2c
0x13fab: int 0x21
0x13fad: lea bx, word ptr [bp + 0x3fb]
2018-12-17T23:03:51.778943093Z 44 PC: 13f7d | Get time 0x13f7d: add dl, dh
0x13f7f: lea bx, word ptr [bp + 0x411]
0x13f83: mov al, dl
0x13f85: and al, 6
0x13f87: cmp al, 6
0x13f89: je 0x13f79
0x13f8b: push ax
0x13f8c: xlatb
0x13f8d: mov byte ptr [bp + 0x116], al
0x13f91: pop ax
0x13f92: inc ax
0x13f93: xlatb
0x13f94: mov byte ptr [bp + 0x350], al
0x13f98: mov byte ptr [bp + 0x34c], 0xbe
0x13f9d: mov byte ptr [bp + 0x31b], 0x47
0x13fa2: mov byte ptr [bp + 0x352], 0x47
0x13fa7: jmp 0x13ff2
0x13fa9: mov ah, 0x2c
0x13fab: int 0x21
0x13fad: lea bx, word ptr [bp + 0x3fb]
2018-12-17T23:03:51.781014565Z 44 PC: 13f7d | Get time 0x13f7d: add dl, dh
0x13f7f: lea bx, word ptr [bp + 0x411]
0x13f83: mov al, dl
0x13f85: and al, 6
0x13f87: cmp al, 6
0x13f89: je 0x13f79
0x13f8b: push ax
0x13f8c: xlatb
0x13f8d: mov byte ptr [bp + 0x116], al
0x13f91: pop ax
0x13f92: inc ax
0x13f93: xlatb
0x13f94: mov byte ptr [bp + 0x350], al
0x13f98: mov byte ptr [bp + 0x34c], 0xbe
0x13f9d: mov byte ptr [bp + 0x31b], 0x47
0x13fa2: mov byte ptr [bp + 0x352], 0x47
0x13fa7: jmp 0x13ff2
0x13fa9: mov ah, 0x2c
0x13fab: int 0x21
0x13fad: lea bx, word ptr [bp + 0x3fb]
2018-12-17T23:03:51.78305423Z 44 PC: 13f7d | Get time 0x13f7d: add dl, dh
0x13f7f: lea bx, word ptr [bp + 0x411]
0x13f83: mov al, dl
0x13f85: and al, 6
0x13f87: cmp al, 6
0x13f89: je 0x13f79
0x13f8b: push ax
0x13f8c: xlatb
0x13f8d: mov byte ptr [bp + 0x116], al
0x13f91: pop ax
0x13f92: inc ax
0x13f93: xlatb
0x13f94: mov byte ptr [bp + 0x350], al
0x13f98: mov byte ptr [bp + 0x34c], 0xbe
0x13f9d: mov byte ptr [bp + 0x31b], 0x47
0x13fa2: mov byte ptr [bp + 0x352], 0x47
0x13fa7: jmp 0x13ff2
0x13fa9: mov ah, 0x2c
0x13fab: int 0x21
0x13fad: lea bx, word ptr [bp + 0x3fb]
2018-12-17T23:03:51.786065409Z 44 PC: 13f7d | Get time 0x13f7d: add dl, dh
0x13f7f: lea bx, word ptr [bp + 0x411]
0x13f83: mov al, dl
0x13f85: and al, 6
0x13f87: cmp al, 6
0x13f89: je 0x13f79
0x13f8b: push ax
0x13f8c: xlatb
0x13f8d: mov byte ptr [bp + 0x116], al
0x13f91: pop ax
0x13f92: inc ax
0x13f93: xlatb
0x13f94: mov byte ptr [bp + 0x350], al
0x13f98: mov byte ptr [bp + 0x34c], 0xbe
0x13f9d: mov byte ptr [bp + 0x31b], 0x47
0x13fa2: mov byte ptr [bp + 0x352], 0x47
0x13fa7: jmp 0x13ff2
0x13fa9: mov ah, 0x2c
0x13fab: int 0x21
0x13fad: lea bx, word ptr [bp + 0x3fb]
2018-12-17T23:03:51.788122704Z 44 PC: 13f7d | Get time 0x13f7d: add dl, dh
0x13f7f: lea bx, word ptr [bp + 0x411]
0x13f83: mov al, dl
0x13f85: and al, 6
0x13f87: cmp al, 6
0x13f89: je 0x13f79
0x13f8b: push ax
0x13f8c: xlatb
0x13f8d: mov byte ptr [bp + 0x116], al
0x13f91: pop ax
0x13f92: inc ax
0x13f93: xlatb
0x13f94: mov byte ptr [bp + 0x350], al
0x13f98: mov byte ptr [bp + 0x34c], 0xbe
0x13f9d: mov byte ptr [bp + 0x31b], 0x47
0x13fa2: mov byte ptr [bp + 0x352], 0x47
0x13fa7: jmp 0x13ff2
0x13fa9: mov ah, 0x2c
0x13fab: int 0x21
0x13fad: lea bx, word ptr [bp + 0x3fb]
2018-12-17T23:03:51.790121406Z 44 PC: 13f7d | Get time 0x13f7d: add dl, dh
0x13f7f: lea bx, word ptr [bp + 0x411]
0x13f83: mov al, dl
0x13f85: and al, 6
0x13f87: cmp al, 6
0x13f89: je 0x13f79
0x13f8b: push ax
0x13f8c: xlatb
0x13f8d: mov byte ptr [bp + 0x116], al
0x13f91: pop ax
0x13f92: inc ax
0x13f93: xlatb
0x13f94: mov byte ptr [bp + 0x350], al
0x13f98: mov byte ptr [bp + 0x34c], 0xbe
0x13f9d: mov byte ptr [bp + 0x31b], 0x47
0x13fa2: mov byte ptr [bp + 0x352], 0x47
0x13fa7: jmp 0x13ff2
0x13fa9: mov ah, 0x2c
0x13fab: int 0x21
0x13fad: lea bx, word ptr [bp + 0x3fb]
2018-12-17T23:03:51.792167794Z 44 PC: 13f7d | Get time 0x13f7d: add dl, dh
0x13f7f: lea bx, word ptr [bp + 0x411]
0x13f83: mov al, dl
0x13f85: and al, 6
0x13f87: cmp al, 6
0x13f89: je 0x13f79
0x13f8b: push ax
0x13f8c: xlatb
0x13f8d: mov byte ptr [bp + 0x116], al
0x13f91: pop ax
0x13f92: inc ax
0x13f93: xlatb
0x13f94: mov byte ptr [bp + 0x350], al
0x13f98: mov byte ptr [bp + 0x34c], 0xbe
0x13f9d: mov byte ptr [bp + 0x31b], 0x47
0x13fa2: mov byte ptr [bp + 0x352], 0x47
0x13fa7: jmp 0x13ff2
0x13fa9: mov ah, 0x2c
0x13fab: int 0x21
0x13fad: lea bx, word ptr [bp + 0x3fb]
2018-12-17T23:03:51.794356368Z 44 PC: 13f7d | Get time 0x13f7d: add dl, dh
0x13f7f: lea bx, word ptr [bp + 0x411]
0x13f83: mov al, dl
0x13f85: and al, 6
0x13f87: cmp al, 6
0x13f89: je 0x13f79
0x13f8b: push ax
0x13f8c: xlatb
0x13f8d: mov byte ptr [bp + 0x116], al
0x13f91: pop ax
0x13f92: inc ax
0x13f93: xlatb
0x13f94: mov byte ptr [bp + 0x350], al
0x13f98: mov byte ptr [bp + 0x34c], 0xbe
0x13f9d: mov byte ptr [bp + 0x31b], 0x47
0x13fa2: mov byte ptr [bp + 0x352], 0x47
0x13fa7: jmp 0x13ff2
0x13fa9: mov ah, 0x2c
0x13fab: int 0x21
0x13fad: lea bx, word ptr [bp + 0x3fb]
2018-12-17T23:03:51.796364659Z 44 PC: 13f7d | Get time 0x13f7d: add dl, dh
0x13f7f: lea bx, word ptr [bp + 0x411]
0x13f83: mov al, dl
0x13f85: and al, 6
0x13f87: cmp al, 6
0x13f89: je 0x13f79
0x13f8b: push ax
0x13f8c: xlatb
0x13f8d: mov byte ptr [bp + 0x116], al
0x13f91: pop ax
0x13f92: inc ax
0x13f93: xlatb
0x13f94: mov byte ptr [bp + 0x350], al
0x13f98: mov byte ptr [bp + 0x34c], 0xbe
0x13f9d: mov byte ptr [bp + 0x31b], 0x47
0x13fa2: mov byte ptr [bp + 0x352], 0x47
0x13fa7: jmp 0x13ff2
0x13fa9: mov ah, 0x2c
0x13fab: int 0x21
0x13fad: lea bx, word ptr [bp + 0x3fb]
2018-12-17T23:03:51.798482954Z 44 PC: 13f7d | Get time 0x13f7d: add dl, dh
0x13f7f: lea bx, word ptr [bp + 0x411]
0x13f83: mov al, dl
0x13f85: and al, 6
0x13f87: cmp al, 6
0x13f89: je 0x13f79
0x13f8b: push ax
0x13f8c: xlatb
0x13f8d: mov byte ptr [bp + 0x116], al
0x13f91: pop ax
0x13f92: inc ax
0x13f93: xlatb
0x13f94: mov byte ptr [bp + 0x350], al
0x13f98: mov byte ptr [bp + 0x34c], 0xbe
0x13f9d: mov byte ptr [bp + 0x31b], 0x47
0x13fa2: mov byte ptr [bp + 0x352], 0x47
0x13fa7: jmp 0x13ff2
0x13fa9: mov ah, 0x2c
0x13fab: int 0x21
0x13fad: lea bx, word ptr [bp + 0x3fb]
2018-12-17T23:03:51.800630361Z 44 PC: 13f7d | Get time 0x13f7d: add dl, dh
0x13f7f: lea bx, word ptr [bp + 0x411]
0x13f83: mov al, dl
0x13f85: and al, 6
0x13f87: cmp al, 6
0x13f89: je 0x13f79
0x13f8b: push ax
0x13f8c: xlatb
0x13f8d: mov byte ptr [bp + 0x116], al
0x13f91: pop ax
0x13f92: inc ax
0x13f93: xlatb
0x13f94: mov byte ptr [bp + 0x350], al
0x13f98: mov byte ptr [bp + 0x34c], 0xbe
0x13f9d: mov byte ptr [bp + 0x31b], 0x47
0x13fa2: mov byte ptr [bp + 0x352], 0x47
0x13fa7: jmp 0x13ff2
0x13fa9: mov ah, 0x2c
0x13fab: int 0x21
0x13fad: lea bx, word ptr [bp + 0x3fb]
2018-12-17T23:03:51.802567472Z 44 PC: 13f7d | Get time 0x13f7d: add dl, dh
0x13f7f: lea bx, word ptr [bp + 0x411]
0x13f83: mov al, dl
0x13f85: and al, 6
0x13f87: cmp al, 6
0x13f89: je 0x13f79
0x13f8b: push ax
0x13f8c: xlatb
0x13f8d: mov byte ptr [bp + 0x116], al
0x13f91: pop ax
0x13f92: inc ax
0x13f93: xlatb
0x13f94: mov byte ptr [bp + 0x350], al
0x13f98: mov byte ptr [bp + 0x34c], 0xbe
0x13f9d: mov byte ptr [bp + 0x31b], 0x47
0x13fa2: mov byte ptr [bp + 0x352], 0x47
0x13fa7: jmp 0x13ff2
0x13fa9: mov ah, 0x2c
0x13fab: int 0x21
0x13fad: lea bx, word ptr [bp + 0x3fb]
2018-12-17T23:03:51.804606598Z 44 PC: 13f7d | Get time 0x13f7d: add dl, dh
0x13f7f: lea bx, word ptr [bp + 0x411]
0x13f83: mov al, dl
0x13f85: and al, 6
0x13f87: cmp al, 6
0x13f89: je 0x13f79
0x13f8b: push ax
0x13f8c: xlatb
0x13f8d: mov byte ptr [bp + 0x116], al
0x13f91: pop ax
0x13f92: inc ax
0x13f93: xlatb
0x13f94: mov byte ptr [bp + 0x350], al
0x13f98: mov byte ptr [bp + 0x34c], 0xbe
0x13f9d: mov byte ptr [bp + 0x31b], 0x47
0x13fa2: mov byte ptr [bp + 0x352], 0x47
0x13fa7: jmp 0x13ff2
0x13fa9: mov ah, 0x2c
0x13fab: int 0x21
0x13fad: lea bx, word ptr [bp + 0x3fb]
2018-12-17T23:03:51.807552487Z 44 PC: 1402f | Get time 0x1402f: xor dl, dh
0x14031: mov al, dl
0x14033: and al, 7
0x14035: lea bx, word ptr [bp + 0x417]
0x14039: push ax
0x1403a: xlatb
0x1403b: mov byte ptr [bp + 0x103], al
0x1403f: pop ax
0x14040: lea bx, word ptr [bp + 0x41f]
0x14044: xlatb
0x14045: mov byte ptr [bp + 0x105], al
0x14049: mov byte ptr [bp + 0x109], al
0x1404d: mov ah, 0x2c
0x1404f: int 0x21
0x14051: mov al, dl
0x14053: and al, cl
0x14055: and al, 3
0x14057: cwde
0x14058: mov si, ax
0x1405a: mov al, 0x47
2018-12-17T23:03:51.809502488Z 44 PC: 14051 | Get time 0x14051: mov al, dl
0x14053: and al, cl
0x14055: and al, 3
0x14057: cwde
0x14058: mov si, ax
0x1405a: mov al, 0x47
0x1405c: xchg byte ptr [bp + si + 0x119], al
0x14060: lea bx, word ptr [bp + 0x3ed]
0x14064: mov al, dl
0x14066: and al, 6
0x14068: mov ah, al
0x1406a: xlatb
0x1406b: mov byte ptr [bp + 0x113], al
0x1406f: mov al, ah
0x14071: inc ax
0x14072: xlatb
0x14073: mov byte ptr [bp + 0x114], al
0x14077: jmp 0x1407c
0x14079: call 0xb6cdb7
0x1407f: add word ptr [di + 0x77be], cx
2018-12-17T23:03:51.812058823Z 66 PC: 14112 | Move file pointer
2018-12-17T23:03:51.81380913Z 64 PC: 140b6 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:03:51.816319344Z 66 PC: 14112 | Move file pointer
2018-12-17T23:03:51.81779532Z 64 PC: 140c3 | Write file or device (Write 810 bytes on handle 5)
2018-12-17T23:03:51.826996466Z 62 PC: 140c7 | Close file
2018-12-17T23:03:51.834814896Z 67 PC: 14106 | Get or set file attributes
2018-12-17T23:03:51.844246236Z 59 PC: 140d1 | Change current directory
2018-12-17T23:03:51.846147827Z 37 PC: 140ee | Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T23:03:51.847281494Z 37 PC: 140f8 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T23:03:51.848552353Z 9 PC: 12a85 | Display string (String= ' COM goat 1400H bytes long ')
2018-12-17T23:03:51.854088956Z 0 PC: 12a89 | Program terminate

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":1,"TimeBased":true,"OriginalID":14676,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:41:21.842940962Z 53 PC: 13e65 | Get interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-25T12:41:21.845130895Z 53 PC: 13e71 | Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T12:41:21.84636196Z 37 PC: 13e83 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T12:41:21.847531159Z 37 PC: 13e8b | Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-25T12:41:21.849550492Z 71 PC: 13eab | Get current directory
2018-12-25T12:41:21.852420913Z 78 PC: 13eb5 | Find first file
2018-12-25T12:41:21.858209166Z 61 PC: 13ee1 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:41:21.878190544Z 67 PC: 13eeb | Get or set file attributes
2018-12-25T12:41:21.888928277Z 67 PC: 13ef6 | Get or set file attributes
2018-12-25T12:41:21.904070547Z 62 PC: 13efa | Close file
2018-12-25T12:41:21.906090816Z 61 PC: 13eff | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:41:21.912547642Z 66 PC: 13f13 | Move file pointer
2018-12-25T12:41:21.913928309Z 63 PC: 13f1c | Read file or device (Read 1 bytes on handle 5)
2018-12-25T12:41:21.920402347Z 66 PC: 14112 | Move file pointer
2018-12-25T12:41:21.922835525Z 63 PC: 13f30 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:41:21.925597562Z 66 PC: 14112 | Move file pointer (See above)
2018-12-25T12:41:21.927246164Z 63 PC: 13f45 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:41:21.931002867Z 44 PC: 13f49 | Get time 0x13f49: add cl, ch
0x13f4b: add dl, dh
0x13f4d: cmp dl, 0
0x13f50: je 0x13f45
0x13f52: mov byte ptr [bp + 0x351], dl
0x13f56: mov byte ptr [bp + 0x117], dl
0x13f5a: add cl, dl
0x13f5c: jnp 0x13fa9
0x13f5e: mov ah, 0x2c
0x13f60: int 0x21
0x13f62: lea bx, word ptr [bp + 0x409]
0x13f66: mov al, dl
0x13f68: and al, 3
0x13f6a: push ax
0x13f6b: xlatb
0x13f6c: mov byte ptr [bp + 0x10b], al
0x13f70: pop ax
0x13f71: add bx, 4
0x13f74: xlatb
0x13f75: mov byte ptr [bp + 0x10f], al
2018-12-25T12:41:21.933359973Z 44 PC: 13f62 | Get time 0x13f62: lea bx, word ptr [bp + 0x409]
0x13f66: mov al, dl
0x13f68: and al, 3
0x13f6a: push ax
0x13f6b: xlatb
0x13f6c: mov byte ptr [bp + 0x10b], al
0x13f70: pop ax
0x13f71: add bx, 4
0x13f74: xlatb
0x13f75: mov byte ptr [bp + 0x10f], al
0x13f79: mov ah, 0x2c
0x13f7b: int 0x21
0x13f7d: add dl, dh
0x13f7f: lea bx, word ptr [bp + 0x411]
0x13f83: mov al, dl
0x13f85: and al, 6
0x13f87: cmp al, 6
0x13f89: je 0x13f79
0x13f8b: push ax
0x13f8c: xlatb
2018-12-25T12:41:21.935699858Z 44 PC: 13f7d | Get time 0x13f7d: add dl, dh
0x13f7f: lea bx, word ptr [bp + 0x411]
0x13f83: mov al, dl
0x13f85: and al, 6
0x13f87: cmp al, 6
0x13f89: je 0x13f79
0x13f8b: push ax
0x13f8c: xlatb
0x13f8d: mov byte ptr [bp + 0x116], al
0x13f91: pop ax
0x13f92: inc ax
0x13f93: xlatb
0x13f94: mov byte ptr [bp + 0x350], al
0x13f98: mov byte ptr [bp + 0x34c], 0xbe
0x13f9d: mov byte ptr [bp + 0x31b], 0x47
0x13fa2: mov byte ptr [bp + 0x352], 0x47
0x13fa7: jmp 0x13ff2
0x13fa9: mov ah, 0x2c
0x13fab: int 0x21
0x13fad: lea bx, word ptr [bp + 0x3fb]
2018-12-25T12:41:21.939999427Z 44 PC: 1402f | Get time 0x1402f: xor dl, dh
0x14031: mov al, dl
0x14033: and al, 7
0x14035: lea bx, word ptr [bp + 0x417]
0x14039: push ax
0x1403a: xlatb
0x1403b: mov byte ptr [bp + 0x103], al
0x1403f: pop ax
0x14040: lea bx, word ptr [bp + 0x41f]
0x14044: xlatb
0x14045: mov byte ptr [bp + 0x105], al
0x14049: mov byte ptr [bp + 0x109], al
0x1404d: mov ah, 0x2c
0x1404f: int 0x21
0x14051: mov al, dl
0x14053: and al, cl
0x14055: and al, 3
0x14057: cwde
0x14058: mov si, ax
0x1405a: mov al, 0x47
2018-12-25T12:41:21.942054737Z 44 PC: 14051 | Get time 0x14051: mov al, dl
0x14053: and al, cl
0x14055: and al, 3
0x14057: cwde
0x14058: mov si, ax
0x1405a: mov al, 0x47
0x1405c: xchg byte ptr [bp + si + 0x119], al
0x14060: lea bx, word ptr [bp + 0x3ed]
0x14064: mov al, dl
0x14066: and al, 6
0x14068: mov ah, al
0x1406a: xlatb
0x1406b: mov byte ptr [bp + 0x113], al
0x1406f: mov al, ah
0x14071: inc ax
0x14072: xlatb
0x14073: mov byte ptr [bp + 0x114], al
0x14077: jmp 0x1407c
0x14079: call 0xb6cdb7
0x1407f: add word ptr [di + 0x77be], cx
2018-12-25T12:41:21.944666692Z 66 PC: 14112 | Move file pointer (See above)
2018-12-25T12:41:21.946453969Z 64 PC: 140b6 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:41:21.94907443Z 66 PC: 14112 | Move file pointer (See above)
2018-12-25T12:41:21.950477853Z 64 PC: 140c3 | Write file or device (Write 810 bytes on handle 5)
2018-12-25T12:41:21.959333748Z 62 PC: 140c7 | Close file
2018-12-25T12:41:21.967812178Z 67 PC: 14106 | Get or set file attributes
2018-12-25T12:41:21.978517332Z 59 PC: 140d1 | Change current directory
2018-12-25T12:41:21.980989246Z 37 PC: 140ee | Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-25T12:41:21.982196098Z 37 PC: 140f8 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T12:41:21.983470662Z 9 PC: 12a85 | Display string (String= ' COM goat 1400H bytes long ')
2018-12-25T12:41:21.98965191Z 0 PC: 12a89 | Program terminate

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":14676,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:41:22.277160681Z 53 PC: 13e65 | Get interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-25T12:41:22.279307888Z 53 PC: 13e71 | Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T12:41:22.280423534Z 37 PC: 13e83 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T12:41:22.281500168Z 37 PC: 13e8b | Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-25T12:41:22.283458939Z 71 PC: 13eab | Get current directory
2018-12-25T12:41:22.28548339Z 78 PC: 13eb5 | Find first file
2018-12-25T12:41:22.289203157Z 61 PC: 13ee1 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:41:22.293489766Z 67 PC: 13eeb | Get or set file attributes
2018-12-25T12:41:22.297641939Z 67 PC: 13ef6 | Get or set file attributes
2018-12-25T12:41:22.319507487Z 62 PC: 13efa | Close file
2018-12-25T12:41:22.321406134Z 61 PC: 13eff | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:41:22.33256697Z 66 PC: 13f13 | Move file pointer
2018-12-25T12:41:22.333505708Z 63 PC: 13f1c | Read file or device (Read 1 bytes on handle 5)
2018-12-25T12:41:22.337334376Z 66 PC: 14112 | Move file pointer
2018-12-25T12:41:22.338638616Z 63 PC: 13f30 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:41:22.340196322Z 66 PC: 14112 | Move file pointer (See above)
2018-12-25T12:41:22.341541836Z 63 PC: 13f45 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:41:22.343595052Z 44 PC: 13f49 | Get time 0x13f49: add cl, ch
0x13f4b: add dl, dh
0x13f4d: cmp dl, 0
0x13f50: je 0x13f45
0x13f52: mov byte ptr [bp + 0x351], dl
0x13f56: mov byte ptr [bp + 0x117], dl
0x13f5a: add cl, dl
0x13f5c: jnp 0x13fa9
0x13f5e: mov ah, 0x2c
0x13f60: int 0x21
0x13f62: lea bx, word ptr [bp + 0x409]
0x13f66: mov al, dl
0x13f68: and al, 3
0x13f6a: push ax
0x13f6b: xlatb
0x13f6c: mov byte ptr [bp + 0x10b], al
0x13f70: pop ax
0x13f71: add bx, 4
0x13f74: xlatb
0x13f75: mov byte ptr [bp + 0x10f], al
2018-12-25T12:41:22.345072905Z 44 PC: 13f62 | Get time 0x13f62: lea bx, word ptr [bp + 0x409]
0x13f66: mov al, dl
0x13f68: and al, 3
0x13f6a: push ax
0x13f6b: xlatb
0x13f6c: mov byte ptr [bp + 0x10b], al
0x13f70: pop ax
0x13f71: add bx, 4
0x13f74: xlatb
0x13f75: mov byte ptr [bp + 0x10f], al
0x13f79: mov ah, 0x2c
0x13f7b: int 0x21
0x13f7d: add dl, dh
0x13f7f: lea bx, word ptr [bp + 0x411]
0x13f83: mov al, dl
0x13f85: and al, 6
0x13f87: cmp al, 6
0x13f89: je 0x13f79
0x13f8b: push ax
0x13f8c: xlatb
2018-12-25T12:41:22.347094167Z 44 PC: 13f7d | Get time 0x13f7d: add dl, dh
0x13f7f: lea bx, word ptr [bp + 0x411]
0x13f83: mov al, dl
0x13f85: and al, 6
0x13f87: cmp al, 6
0x13f89: je 0x13f79
0x13f8b: push ax
0x13f8c: xlatb
0x13f8d: mov byte ptr [bp + 0x116], al
0x13f91: pop ax
0x13f92: inc ax
0x13f93: xlatb
0x13f94: mov byte ptr [bp + 0x350], al
0x13f98: mov byte ptr [bp + 0x34c], 0xbe
0x13f9d: mov byte ptr [bp + 0x31b], 0x47
0x13fa2: mov byte ptr [bp + 0x352], 0x47
0x13fa7: jmp 0x13ff2
0x13fa9: mov ah, 0x2c
0x13fab: int 0x21
0x13fad: lea bx, word ptr [bp + 0x3fb]
2018-12-25T12:41:22.350636481Z 44 PC: 1402f | Get time 0x1402f: xor dl, dh
0x14031: mov al, dl
0x14033: and al, 7
0x14035: lea bx, word ptr [bp + 0x417]
0x14039: push ax
0x1403a: xlatb
0x1403b: mov byte ptr [bp + 0x103], al
0x1403f: pop ax
0x14040: lea bx, word ptr [bp + 0x41f]
0x14044: xlatb
0x14045: mov byte ptr [bp + 0x105], al
0x14049: mov byte ptr [bp + 0x109], al
0x1404d: mov ah, 0x2c
0x1404f: int 0x21
0x14051: mov al, dl
0x14053: and al, cl
0x14055: and al, 3
0x14057: cwde
0x14058: mov si, ax
0x1405a: mov al, 0x47
2018-12-25T12:41:22.352725095Z 44 PC: 14051 | Get time 0x14051: mov al, dl
0x14053: and al, cl
0x14055: and al, 3
0x14057: cwde
0x14058: mov si, ax
0x1405a: mov al, 0x47
0x1405c: xchg byte ptr [bp + si + 0x119], al
0x14060: lea bx, word ptr [bp + 0x3ed]
0x14064: mov al, dl
0x14066: and al, 6
0x14068: mov ah, al
0x1406a: xlatb
0x1406b: mov byte ptr [bp + 0x113], al
0x1406f: mov al, ah
0x14071: inc ax
0x14072: xlatb
0x14073: mov byte ptr [bp + 0x114], al
0x14077: jmp 0x1407c
0x14079: call 0xb6cdb7
0x1407f: add word ptr [di + 0x77be], cx
2018-12-25T12:41:22.355468534Z 66 PC: 14112 | Move file pointer (See above)
2018-12-25T12:41:22.357716747Z 64 PC: 140b6 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:41:22.360636818Z 66 PC: 14112 | Move file pointer (See above)
2018-12-25T12:41:22.362156613Z 64 PC: 140c3 | Write file or device (Write 810 bytes on handle 5)
2018-12-25T12:41:22.371614571Z 62 PC: 140c7 | Close file
2018-12-25T12:41:22.37989293Z 67 PC: 14106 | Get or set file attributes
2018-12-25T12:41:22.389482584Z 59 PC: 140d1 | Change current directory
2018-12-25T12:41:22.392298102Z 37 PC: 140ee | Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-25T12:41:22.393143201Z 37 PC: 140f8 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T12:41:22.393919493Z 9 PC: 12a85 | Display string (String= ' COM goat 1400H bytes long ')
2018-12-25T12:41:22.397817041Z 0 PC: 12a89 | Program terminate