Sample viewer

vx.netlux.org/Virus.DOS.Wit.506

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:04:22.228751036Z 26 PC: 12a71 | Set disk transfer address
2018-12-17T23:04:22.23217185Z 42 PC: 12a7d | Get date 0x12a7d: cmp al, 0
0x12a7f: jne 0x12a94
0x12a81: mov word ptr [0x148], 0
0x12a87: mov cx, 1
0x12a8a: jcxz 0x12a8e
0x12a8c: jmp 0x12a94
0x12a8e: mov dx, 0x2c2
0x12a91: call 0x12abc
0x12a94: cmp dh, 4
0x12a97: jne 0x12aad
0x12a99: cmp dl, 0xf
0x12a9c: jne 0x12aad
0x12a9e: mov ax, 0x1010
0x12aa1: out 0x70, ax
0x12aa3: mov dx, 0x2a4
0x12aa6: call 0x12abc
0x12aa9: mov al, 0xfe
0x12aab: out 0x64, al
0x12aad: mov ah, byte ptr [bp + 5]
0x12ab0: mov cl, 7
2018-12-17T23:04:22.2355532Z 78 PC: 12ab7 | Find first file
2018-12-17T23:04:22.242539791Z 67 PC: 12ad0 | Get or set file attributes
2018-12-17T23:04:22.249301018Z 67 PC: 12ade | Get or set file attributes
2018-12-17T23:04:22.268663596Z 61 PC: 12ae6 | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:04:22.276100414Z 87 PC: 12af3 | Get or set file date and time
2018-12-17T23:04:22.278036216Z 63 PC: 12b0e | Read file or device (Read 554 bytes on handle 5)
2018-12-17T23:04:22.286385138Z 66 PC: 12b2b | Move file pointer
2018-12-17T23:04:22.288476492Z 66 PC: 12b48 | Move file pointer
2018-12-17T23:04:22.290433082Z 64 PC: 12b54 | Write file or device (Write 554 bytes on handle 5)
2018-12-17T23:04:22.300771728Z 66 PC: 12b5f | Move file pointer
2018-12-17T23:04:22.30314911Z 64 PC: 12b79 | Write file or device (Write 407 bytes on handle 5)
2018-12-17T23:04:22.317583429Z 87 PC: 12b88 | Get or set file date and time
2018-12-17T23:04:22.321308836Z 62 PC: 12b8d | Close file
2018-12-17T23:04:22.33025404Z 67 PC: 12b9c | Get or set file attributes
2018-12-17T23:04:22.34117941Z 79 PC: 12ab7 | Find next file
2018-12-17T23:04:22.345252441Z 67 PC: 12ad0 | Get or set file attributes
2018-12-17T23:04:22.351656917Z 67 PC: 12ade | Get or set file attributes
2018-12-17T23:04:22.362166213Z 61 PC: 12ae6 | Open file (Filename = 'PRINT.COM')
2018-12-17T23:04:22.369775175Z 87 PC: 12af3 | Get or set file date and time
2018-12-17T23:04:22.373255281Z 63 PC: 12b0e | Read file or device (Read 554 bytes on handle 5)
2018-12-17T23:04:22.384931522Z 66 PC: 12b2b | Move file pointer
2018-12-17T23:04:22.386842526Z 66 PC: 12b48 | Move file pointer
2018-12-17T23:04:22.389577841Z 64 PC: 12b54 | Write file or device (Write 554 bytes on handle 5)
2018-12-17T23:04:22.399132712Z 66 PC: 12b5f | Move file pointer
2018-12-17T23:04:22.401901891Z 64 PC: 12b79 | Write file or device (Write 27 bytes on handle 5)
2018-12-17T23:04:22.418146535Z 87 PC: 12b88 | Get or set file date and time
2018-12-17T23:04:22.420215757Z 62 PC: 12b8d | Close file
2018-12-17T23:04:22.429286598Z 67 PC: 12b9c | Get or set file attributes
2018-12-17T23:04:22.440657506Z 79 PC: 12ab7 | Find next file
2018-12-17T23:04:22.443946932Z 67 PC: 12ad0 | Get or set file attributes
2018-12-17T23:04:22.449972405Z 67 PC: 12ade | Get or set file attributes
2018-12-17T23:04:22.460702177Z 61 PC: 12ae6 | Open file (Filename = 'HELLO.COM')
2018-12-17T23:04:22.472699913Z 87 PC: 12af3 | Get or set file date and time
2018-12-17T23:04:22.473945386Z 63 PC: 12b0e | Read file or device (Read 554 bytes on handle 5)
2018-12-17T23:04:22.478950249Z 66 PC: 12b2b | Move file pointer
2018-12-17T23:04:22.480844572Z 66 PC: 12b48 | Move file pointer
2018-12-17T23:04:22.482163313Z 64 PC: 12b54 | Write file or device (Write 554 bytes on handle 5)
2018-12-17T23:04:22.488755201Z 66 PC: 12b5f | Move file pointer
2018-12-17T23:04:22.49193962Z 64 PC: 12b79 | Write file or device (Write 92 bytes on handle 5)
2018-12-17T23:04:22.494960663Z 87 PC: 12b88 | Get or set file date and time
2018-12-17T23:04:22.496630834Z 62 PC: 12b8d | Close file
2018-12-17T23:04:22.505637695Z 67 PC: 12b9c | Get or set file attributes
2018-12-17T23:04:22.517153264Z 79 PC: 12ab7 | Find next file
2018-12-17T23:04:22.520083606Z 67 PC: 12ad0 | Get or set file attributes
2018-12-17T23:04:22.52710345Z 67 PC: 12ade | Get or set file attributes
2018-12-17T23:04:22.538634608Z 61 PC: 12ae6 | Open file (Filename = 'PHANG.COM')
2018-12-17T23:04:22.546119737Z 87 PC: 12af3 | Get or set file date and time
2018-12-17T23:04:22.548716361Z 63 PC: 12b0e | Read file or device (Read 554 bytes on handle 5)
2018-12-17T23:04:22.556095159Z 66 PC: 12b2b | Move file pointer
2018-12-17T23:04:22.557686402Z 66 PC: 12b48 | Move file pointer
2018-12-17T23:04:22.559451121Z 64 PC: 12b54 | Write file or device (Write 554 bytes on handle 5)
2018-12-17T23:04:22.568317107Z 66 PC: 12b5f | Move file pointer
2018-12-17T23:04:22.570003389Z 64 PC: 12b79 | Write file or device (Write 29 bytes on handle 5)
2018-12-17T23:04:22.57292256Z 87 PC: 12b88 | Get or set file date and time
2018-12-17T23:04:22.575448571Z 62 PC: 12b8d | Close file
2018-12-17T23:04:22.584080376Z 67 PC: 12b9c | Get or set file attributes
2018-12-17T23:04:22.59521577Z 79 PC: 12ab7 | Find next file
2018-12-17T23:04:22.599117058Z 67 PC: 12ad0 | Get or set file attributes
2018-12-17T23:04:22.605576717Z 67 PC: 12ade | Get or set file attributes
2018-12-17T23:04:22.616310387Z 61 PC: 12ae6 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T23:04:22.624955898Z 87 PC: 12af3 | Get or set file date and time
2018-12-17T23:04:22.627152309Z 63 PC: 12b0e | Read file or device (Read 554 bytes on handle 5)
2018-12-17T23:04:22.634668065Z 66 PC: 12b2b | Move file pointer
2018-12-17T23:04:22.637446541Z 66 PC: 12b48 | Move file pointer
2018-12-17T23:04:22.639449829Z 64 PC: 12b54 | Write file or device (Write 554 bytes on handle 5)
2018-12-17T23:04:22.648256743Z 66 PC: 12b5f | Move file pointer
2018-12-17T23:04:22.651345623Z 64 PC: 12b79 | Write file or device (Write 29 bytes on handle 5)
2018-12-17T23:04:22.654266096Z 87 PC: 12b88 | Get or set file date and time
2018-12-17T23:04:22.656064028Z 62 PC: 12b8d | Close file
2018-12-17T23:04:22.665236841Z 67 PC: 12b9c | Get or set file attributes
2018-12-17T23:04:22.676528379Z 79 PC: 12ab7 | Find next file
2018-12-17T23:04:22.679722497Z 67 PC: 12ad0 | Get or set file attributes
2018-12-17T23:04:22.685945922Z 67 PC: 12ade | Get or set file attributes
2018-12-17T23:04:22.69713641Z 61 PC: 12ae6 | Open file (Filename = 'MANDEL.COM')
2018-12-17T23:04:22.704522182Z 87 PC: 12af3 | Get or set file date and time
2018-12-17T23:04:22.70650978Z 63 PC: 12b0e | Read file or device (Read 554 bytes on handle 5)
2018-12-17T23:04:22.714523032Z 66 PC: 12b2b | Move file pointer
2018-12-17T23:04:22.716487998Z 66 PC: 12b48 | Move file pointer
2018-12-17T23:04:22.718438216Z 64 PC: 12b54 | Write file or device (Write 554 bytes on handle 5)
2018-12-17T23:04:22.728413548Z 66 PC: 12b5f | Move file pointer
2018-12-17T23:04:22.730449528Z 64 PC: 12b79 | Write file or device (Write 501 bytes on handle 5)
2018-12-17T23:04:22.740271121Z 87 PC: 12b88 | Get or set file date and time
2018-12-17T23:04:22.743091265Z 62 PC: 12b8d | Close file
2018-12-17T23:04:22.751273836Z 67 PC: 12b9c | Get or set file attributes
2018-12-17T23:04:22.762510601Z 79 PC: 12ab7 | Find next file
2018-12-17T23:04:22.766214757Z 67 PC: 12ad0 | Get or set file attributes
2018-12-17T23:04:22.772842834Z 67 PC: 12ade | Get or set file attributes
2018-12-17T23:04:22.784060033Z 61 PC: 12ae6 | Open file (Filename = 'PAH.COM')
2018-12-17T23:04:22.791733816Z 87 PC: 12af3 | Get or set file date and time
2018-12-17T23:04:22.794266179Z 63 PC: 12b0e | Read file or device (Read 554 bytes on handle 5)
2018-12-17T23:04:22.801679773Z 66 PC: 12b2b | Move file pointer
2018-12-17T23:04:22.803492693Z 66 PC: 12b48 | Move file pointer
2018-12-17T23:04:22.806392036Z 64 PC: 12b54 | Write file or device (Write 554 bytes on handle 5)
2018-12-17T23:04:22.816536557Z 66 PC: 12b5f | Move file pointer
2018-12-17T23:04:22.818703352Z 64 PC: 12b79 | Write file or device (Write 29 bytes on handle 5)
2018-12-17T23:04:22.822759962Z 87 PC: 12b88 | Get or set file date and time
2018-12-17T23:04:22.825274111Z 62 PC: 12b8d | Close file
2018-12-17T23:04:22.834022625Z 67 PC: 12b9c | Get or set file attributes
2018-12-17T23:04:22.845864309Z 79 PC: 12ab7 | Find next file
2018-12-17T23:04:22.849606598Z 67 PC: 12ad0 | Get or set file attributes
2018-12-17T23:04:22.856281752Z 67 PC: 12ade | Get or set file attributes
2018-12-17T23:04:22.868323381Z 61 PC: 12ae6 | Open file (Filename = 'TEST.COM')
2018-12-17T23:04:22.883186336Z 87 PC: 12af3 | Get or set file date and time
2018-12-17T23:04:22.885154378Z 63 PC: 12b0e | Read file or device (Read 554 bytes on handle 5)
2018-12-17T23:04:22.893830647Z 87 PC: 12b88 | Get or set file date and time
2018-12-17T23:04:22.897015318Z 62 PC: 12b8d | Close file
2018-12-17T23:04:22.905302033Z 67 PC: 12b9c | Get or set file attributes
2018-12-17T23:04:22.916435574Z 79 PC: 12ab7 | Find next file
2018-12-17T23:04:22.920301726Z 26 PC: 12bc7 | Set disk transfer address

{"DateBased":true,"Day":15,"Month":4,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14846,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:41:48.093748993Z 26 PC: 12a71 | Set disk transfer address
2018-12-25T12:41:48.095466679Z 42 PC: 12a7d | Get date 0x12a7d: cmp al, 0
0x12a7f: jne 0x12a94
0x12a81: mov word ptr [0x148], 0
0x12a87: mov cx, 1
0x12a8a: jcxz 0x12a8e
0x12a8c: jmp 0x12a94
0x12a8e: mov dx, 0x2c2
0x12a91: call 0x12abc
0x12a94: cmp dh, 4
0x12a97: jne 0x12aad
0x12a99: cmp dl, 0xf
0x12a9c: jne 0x12aad
0x12a9e: mov ax, 0x1010
0x12aa1: out 0x70, ax
0x12aa3: mov dx, 0x2a4
0x12aa6: call 0x12abc
0x12aa9: mov al, 0xfe
0x12aab: out 0x64, al
0x12aad: mov ah, byte ptr [bp + 5]
0x12ab0: mov cl, 7
2018-12-25T12:41:48.097751434Z 9 PC: 12ac0 | Display string (String= '��ࠡ���� - rulez forever ! ')
2018-12-25T12:41:48.101672157Z 8 PC: 12ac4 | Console input without echo

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14846,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:41:48.416295884Z 26 PC: 12a71 | Set disk transfer address
2018-12-25T12:41:48.418580865Z 42 PC: 12a7d | Get date 0x12a7d: cmp al, 0
0x12a7f: jne 0x12a94
0x12a81: mov word ptr [0x148], 0
0x12a87: mov cx, 1
0x12a8a: jcxz 0x12a8e
0x12a8c: jmp 0x12a94
0x12a8e: mov dx, 0x2c2
0x12a91: call 0x12abc
0x12a94: cmp dh, 4
0x12a97: jne 0x12aad
0x12a99: cmp dl, 0xf
0x12a9c: jne 0x12aad
0x12a9e: mov ax, 0x1010
0x12aa1: out 0x70, ax
0x12aa3: mov dx, 0x2a4
0x12aa6: call 0x12abc
0x12aa9: mov al, 0xfe
0x12aab: out 0x64, al
0x12aad: mov ah, byte ptr [bp + 5]
0x12ab0: mov cl, 7
2018-12-25T12:41:48.42219378Z 78 PC: 12ab7 | Find first file
2018-12-25T12:41:48.436473644Z 67 PC: 12ad0 | Get or set file attributes
2018-12-25T12:41:48.443391413Z 67 PC: 12ade | Get or set file attributes
2018-12-25T12:41:48.460908888Z 61 PC: 12ae6 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:41:48.469519111Z 87 PC: 12af3 | Get or set file date and time
2018-12-25T12:41:48.475645231Z 63 PC: 12b0e | Read file or device (Read 554 bytes on handle 5)
2018-12-25T12:41:48.486119912Z 66 PC: 12b2b | Move file pointer
2018-12-25T12:41:48.488622753Z 66 PC: 12b48 | Move file pointer
2018-12-25T12:41:48.490888521Z 64 PC: 12b54 | Write file or device (Write 554 bytes on handle 5)
2018-12-25T12:41:48.516220371Z 66 PC: 12b5f | Move file pointer
2018-12-25T12:41:48.518152127Z 64 PC: 12b79 | Write file or device (Write 407 bytes on handle 5)
2018-12-25T12:41:48.521974474Z 87 PC: 12b88 | Get or set file date and time
2018-12-25T12:41:48.525721323Z 62 PC: 12b8d | Close file
2018-12-25T12:41:48.535865624Z 67 PC: 12b9c | Get or set file attributes
2018-12-25T12:41:48.548184482Z 79 PC: 12ab7 | Find next file (See above)
2018-12-25T12:41:48.551544631Z 67 PC: 12ad0 | Get or set file attributes (See above)
2018-12-25T12:41:48.559653296Z 67 PC: 12ade | Get or set file attributes (See above)
2018-12-25T12:41:48.571203261Z 61 PC: 12ae6 | Open file (See above)
2018-12-25T12:41:48.578658521Z 87 PC: 12af3 | Get or set file date and time (See above)
2018-12-25T12:41:48.59716462Z 63 PC: 12b0e | Read file or device (See above)
2018-12-25T12:41:48.60571367Z 66 PC: 12b2b | Move file pointer (See above)
2018-12-25T12:41:48.607850799Z 66 PC: 12b48 | Move file pointer (See above)
2018-12-25T12:41:48.610397813Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:41:48.620393032Z 66 PC: 12b5f | Move file pointer (See above)
2018-12-25T12:41:48.621946662Z 64 PC: 12b79 | Write file or device (See above)
2018-12-25T12:41:48.626281301Z 87 PC: 12b88 | Get or set file date and time (See above)
2018-12-25T12:41:48.629222132Z 62 PC: 12b8d | Close file (See above)
2018-12-25T12:41:48.638803512Z 67 PC: 12b9c | Get or set file attributes (See above)
2018-12-25T12:41:48.650385156Z 79 PC: 12ab7 | Find next file (See above)
2018-12-25T12:41:48.653171192Z 67 PC: 12ad0 | Get or set file attributes (See above)
2018-12-25T12:41:48.660047478Z 67 PC: 12ade | Get or set file attributes (See above)
2018-12-25T12:41:48.672302131Z 61 PC: 12ae6 | Open file (See above)
2018-12-25T12:41:48.679554102Z 87 PC: 12af3 | Get or set file date and time (See above)
2018-12-25T12:41:48.680773871Z 63 PC: 12b0e | Read file or device (See above)
2018-12-25T12:41:48.687815819Z 66 PC: 12b2b | Move file pointer (See above)
2018-12-25T12:41:48.689479372Z 66 PC: 12b48 | Move file pointer (See above)
2018-12-25T12:41:48.690755554Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:41:48.699277125Z 66 PC: 12b5f | Move file pointer (See above)
2018-12-25T12:41:48.703413907Z 64 PC: 12b79 | Write file or device (See above)
2018-12-25T12:41:48.708568714Z 87 PC: 12b88 | Get or set file date and time (See above)
2018-12-25T12:41:48.710511785Z 62 PC: 12b8d | Close file (See above)
2018-12-25T12:41:48.718580759Z 67 PC: 12b9c | Get or set file attributes (See above)
2018-12-25T12:41:48.726803271Z 79 PC: 12ab7 | Find next file (See above)
2018-12-25T12:41:48.729365202Z 67 PC: 12ad0 | Get or set file attributes (See above)
2018-12-25T12:41:48.735512558Z 67 PC: 12ade | Get or set file attributes (See above)
2018-12-25T12:41:48.743453147Z 61 PC: 12ae6 | Open file (See above)
2018-12-25T12:41:48.748335523Z 87 PC: 12af3 | Get or set file date and time (See above)
2018-12-25T12:41:48.75023994Z 63 PC: 12b0e | Read file or device (See above)
2018-12-25T12:41:48.755385645Z 66 PC: 12b2b | Move file pointer (See above)
2018-12-25T12:41:48.756542873Z 66 PC: 12b48 | Move file pointer (See above)
2018-12-25T12:41:48.757710083Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:41:48.764061341Z 66 PC: 12b5f | Move file pointer (See above)
2018-12-25T12:41:48.765321132Z 64 PC: 12b79 | Write file or device (See above)
2018-12-25T12:41:48.767829888Z 87 PC: 12b88 | Get or set file date and time (See above)
2018-12-25T12:41:48.76966212Z 62 PC: 12b8d | Close file (See above)
2018-12-25T12:41:48.775608715Z 67 PC: 12b9c | Get or set file attributes (See above)
2018-12-25T12:41:48.78276672Z 79 PC: 12ab7 | Find next file (See above)
2018-12-25T12:41:48.785707081Z 67 PC: 12ad0 | Get or set file attributes (See above)
2018-12-25T12:41:48.789709355Z 67 PC: 12ade | Get or set file attributes (See above)
2018-12-25T12:41:48.796393896Z 61 PC: 12ae6 | Open file (See above)
2018-12-25T12:41:48.80188891Z 87 PC: 12af3 | Get or set file date and time (See above)
2018-12-25T12:41:48.803030281Z 63 PC: 12b0e | Read file or device (See above)
2018-12-25T12:41:48.807353011Z 66 PC: 12b2b | Move file pointer (See above)
2018-12-25T12:41:48.809349801Z 66 PC: 12b48 | Move file pointer (See above)
2018-12-25T12:41:48.810607936Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:41:48.816486775Z 66 PC: 12b5f | Move file pointer (See above)
2018-12-25T12:41:48.821151601Z 64 PC: 12b79 | Write file or device (See above)
2018-12-25T12:41:48.823417699Z 87 PC: 12b88 | Get or set file date and time (See above)
2018-12-25T12:41:48.826013163Z 62 PC: 12b8d | Close file (See above)
2018-12-25T12:41:48.841288661Z 67 PC: 12b9c | Get or set file attributes (See above)
2018-12-25T12:41:48.855536621Z 79 PC: 12ab7 | Find next file (See above)
2018-12-25T12:41:48.858990851Z 67 PC: 12ad0 | Get or set file attributes (See above)
2018-12-25T12:41:48.866741117Z 67 PC: 12ade | Get or set file attributes (See above)
2018-12-25T12:41:48.878189843Z 61 PC: 12ae6 | Open file (See above)
2018-12-25T12:41:48.886018117Z 87 PC: 12af3 | Get or set file date and time (See above)
2018-12-25T12:41:48.888492577Z 63 PC: 12b0e | Read file or device (See above)
2018-12-25T12:41:48.896136999Z 66 PC: 12b2b | Move file pointer (See above)
2018-12-25T12:41:48.89796252Z 66 PC: 12b48 | Move file pointer (See above)
2018-12-25T12:41:48.900925684Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:41:48.910838519Z 66 PC: 12b5f | Move file pointer (See above)
2018-12-25T12:41:48.913097712Z 64 PC: 12b79 | Write file or device (See above)
2018-12-25T12:41:48.922357704Z 87 PC: 12b88 | Get or set file date and time (See above)
2018-12-25T12:41:48.925474681Z 62 PC: 12b8d | Close file (See above)
2018-12-25T12:41:48.934436594Z 67 PC: 12b9c | Get or set file attributes (See above)
2018-12-25T12:41:48.94572231Z 79 PC: 12ab7 | Find next file (See above)
2018-12-25T12:41:48.950161483Z 67 PC: 12ad0 | Get or set file attributes (See above)
2018-12-25T12:41:48.956846385Z 67 PC: 12ade | Get or set file attributes (See above)
2018-12-25T12:41:48.968502841Z 61 PC: 12ae6 | Open file (See above)
2018-12-25T12:41:48.97727888Z 87 PC: 12af3 | Get or set file date and time (See above)
2018-12-25T12:41:48.979247418Z 63 PC: 12b0e | Read file or device (See above)
2018-12-25T12:41:48.986762312Z 66 PC: 12b2b | Move file pointer (See above)
2018-12-25T12:41:48.98953899Z 66 PC: 12b48 | Move file pointer (See above)
2018-12-25T12:41:48.991796954Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:41:49.001093306Z 66 PC: 12b5f | Move file pointer (See above)
2018-12-25T12:41:49.003408151Z 64 PC: 12b79 | Write file or device (See above)
2018-12-25T12:41:49.006462531Z 87 PC: 12b88 | Get or set file date and time (See above)
2018-12-25T12:41:49.007977797Z 62 PC: 12b8d | Close file (See above)
2018-12-25T12:41:49.016668274Z 67 PC: 12b9c | Get or set file attributes (See above)
2018-12-25T12:41:49.028233384Z 79 PC: 12ab7 | Find next file (See above)
2018-12-25T12:41:49.032382221Z 67 PC: 12ad0 | Get or set file attributes (See above)
2018-12-25T12:41:49.042344975Z 67 PC: 12ade | Get or set file attributes (See above)
2018-12-25T12:41:49.054107197Z 61 PC: 12ae6 | Open file (See above)
2018-12-25T12:41:49.061973009Z 87 PC: 12af3 | Get or set file date and time (See above)
2018-12-25T12:41:49.064040048Z 63 PC: 12b0e | Read file or device (See above)
2018-12-25T12:41:49.073657352Z 87 PC: 12b88 | Get or set file date and time (See above)
2018-12-25T12:41:49.075489769Z 62 PC: 12b8d | Close file (See above)
2018-12-25T12:41:49.084187757Z 67 PC: 12b9c | Get or set file attributes (See above)
2018-12-25T12:41:49.096923679Z 79 PC: 12ab7 | Find next file (See above)
2018-12-25T12:41:49.100311174Z 26 PC: 12bc7 | Set disk transfer address

{"DateBased":true,"Day":6,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14846,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:41:48.435452249Z 26 PC: 12a71 | Set disk transfer address
2018-12-25T12:41:48.436822664Z 42 PC: 12a7d | Get date 0x12a7d: cmp al, 0
0x12a7f: jne 0x12a94
0x12a81: mov word ptr [0x148], 0
0x12a87: mov cx, 1
0x12a8a: jcxz 0x12a8e
0x12a8c: jmp 0x12a94
0x12a8e: mov dx, 0x2c2
0x12a91: call 0x12abc
0x12a94: cmp dh, 4
0x12a97: jne 0x12aad
0x12a99: cmp dl, 0xf
0x12a9c: jne 0x12aad
0x12a9e: mov ax, 0x1010
0x12aa1: out 0x70, ax
0x12aa3: mov dx, 0x2a4
0x12aa6: call 0x12abc
0x12aa9: mov al, 0xfe
0x12aab: out 0x64, al
0x12aad: mov ah, byte ptr [bp + 5]
0x12ab0: mov cl, 7
2018-12-25T12:41:48.439612709Z 9 PC: 12ac0 | Display string (String= '����� ��ᥫ��� �� 98% - 㡨��� ���� ������. ')
2018-12-25T12:41:48.445268699Z 8 PC: 12ac4 | Console input without echo

{"DateBased":true,"Day":1,"Month":4,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14846,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:41:48.494873445Z 26 PC: 12a71 | Set disk transfer address
2018-12-25T12:41:48.497613816Z 42 PC: 12a7d | Get date 0x12a7d: cmp al, 0
0x12a7f: jne 0x12a94
0x12a81: mov word ptr [0x148], 0
0x12a87: mov cx, 1
0x12a8a: jcxz 0x12a8e
0x12a8c: jmp 0x12a94
0x12a8e: mov dx, 0x2c2
0x12a91: call 0x12abc
0x12a94: cmp dh, 4
0x12a97: jne 0x12aad
0x12a99: cmp dl, 0xf
0x12a9c: jne 0x12aad
0x12a9e: mov ax, 0x1010
0x12aa1: out 0x70, ax
0x12aa3: mov dx, 0x2a4
0x12aa6: call 0x12abc
0x12aa9: mov al, 0xfe
0x12aab: out 0x64, al
0x12aad: mov ah, byte ptr [bp + 5]
0x12ab0: mov cl, 7
2018-12-25T12:41:48.500480511Z 78 PC: 12ab7 | Find first file
2018-12-25T12:41:48.507547768Z 67 PC: 12ad0 | Get or set file attributes
2018-12-25T12:41:48.514224665Z 67 PC: 12ade | Get or set file attributes
2018-12-25T12:41:48.533017916Z 61 PC: 12ae6 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:41:48.540207024Z 87 PC: 12af3 | Get or set file date and time
2018-12-25T12:41:48.541531094Z 63 PC: 12b0e | Read file or device (Read 554 bytes on handle 5)
2018-12-25T12:41:48.547112673Z 66 PC: 12b2b | Move file pointer
2018-12-25T12:41:48.54847829Z 66 PC: 12b48 | Move file pointer
2018-12-25T12:41:48.549965894Z 64 PC: 12b54 | Write file or device (Write 554 bytes on handle 5)
2018-12-25T12:41:48.557520424Z 66 PC: 12b5f | Move file pointer
2018-12-25T12:41:48.558991748Z 64 PC: 12b79 | Write file or device (Write 407 bytes on handle 5)
2018-12-25T12:41:48.561155103Z 87 PC: 12b88 | Get or set file date and time
2018-12-25T12:41:48.562691757Z 62 PC: 12b8d | Close file
2018-12-25T12:41:48.568222481Z 67 PC: 12b9c | Get or set file attributes
2018-12-25T12:41:48.597159631Z 79 PC: 12ab7 | Find next file (See above)
2018-12-25T12:41:48.600475092Z 67 PC: 12ad0 | Get or set file attributes (See above)
2018-12-25T12:41:48.611733704Z 67 PC: 12ade | Get or set file attributes (See above)
2018-12-25T12:41:48.627042784Z 61 PC: 12ae6 | Open file (See above)
2018-12-25T12:41:48.634850388Z 87 PC: 12af3 | Get or set file date and time (See above)
2018-12-25T12:41:48.639817177Z 63 PC: 12b0e | Read file or device (See above)
2018-12-25T12:41:48.650395314Z 66 PC: 12b2b | Move file pointer (See above)
2018-12-25T12:41:48.652615952Z 66 PC: 12b48 | Move file pointer (See above)
2018-12-25T12:41:48.655494799Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:41:48.665600793Z 66 PC: 12b5f | Move file pointer (See above)
2018-12-25T12:41:48.667617183Z 64 PC: 12b79 | Write file or device (See above)
2018-12-25T12:41:48.671343255Z 87 PC: 12b88 | Get or set file date and time (See above)
2018-12-25T12:41:48.676437127Z 62 PC: 12b8d | Close file (See above)
2018-12-25T12:41:48.686372545Z 67 PC: 12b9c | Get or set file attributes (See above)
2018-12-25T12:41:48.698579616Z 79 PC: 12ab7 | Find next file (See above)
2018-12-25T12:41:48.702094896Z 67 PC: 12ad0 | Get or set file attributes (See above)
2018-12-25T12:41:48.708770048Z 67 PC: 12ade | Get or set file attributes (See above)
2018-12-25T12:41:48.719816887Z 61 PC: 12ae6 | Open file (See above)
2018-12-25T12:41:48.728918319Z 87 PC: 12af3 | Get or set file date and time (See above)
2018-12-25T12:41:48.730856905Z 63 PC: 12b0e | Read file or device (See above)
2018-12-25T12:41:48.738426452Z 66 PC: 12b2b | Move file pointer (See above)
2018-12-25T12:41:48.741893508Z 66 PC: 12b48 | Move file pointer (See above)
2018-12-25T12:41:48.743787284Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:41:48.753539782Z 66 PC: 12b5f | Move file pointer (See above)
2018-12-25T12:41:48.756427344Z 64 PC: 12b79 | Write file or device (See above)
2018-12-25T12:41:48.759760255Z 87 PC: 12b88 | Get or set file date and time (See above)
2018-12-25T12:41:48.761846121Z 62 PC: 12b8d | Close file (See above)
2018-12-25T12:41:48.771472651Z 67 PC: 12b9c | Get or set file attributes (See above)
2018-12-25T12:41:48.783080855Z 79 PC: 12ab7 | Find next file (See above)
2018-12-25T12:41:48.786403649Z 67 PC: 12ad0 | Get or set file attributes (See above)
2018-12-25T12:41:48.793754495Z 67 PC: 12ade | Get or set file attributes (See above)
2018-12-25T12:41:48.804869868Z 61 PC: 12ae6 | Open file (See above)
2018-12-25T12:41:48.818876174Z 87 PC: 12af3 | Get or set file date and time (See above)
2018-12-25T12:41:48.821422483Z 63 PC: 12b0e | Read file or device (See above)
2018-12-25T12:41:48.829282787Z 66 PC: 12b2b | Move file pointer (See above)
2018-12-25T12:41:48.831315993Z 66 PC: 12b48 | Move file pointer (See above)
2018-12-25T12:41:48.833489258Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:41:48.846514309Z 66 PC: 12b5f | Move file pointer (See above)
2018-12-25T12:41:48.848648399Z 64 PC: 12b79 | Write file or device (See above)
2018-12-25T12:41:48.852082136Z 87 PC: 12b88 | Get or set file date and time (See above)
2018-12-25T12:41:48.855067171Z 62 PC: 12b8d | Close file (See above)
2018-12-25T12:41:48.864269246Z 67 PC: 12b9c | Get or set file attributes (See above)
2018-12-25T12:41:48.875410963Z 79 PC: 12ab7 | Find next file (See above)
2018-12-25T12:41:48.879618221Z 67 PC: 12ad0 | Get or set file attributes (See above)
2018-12-25T12:41:48.887500282Z 67 PC: 12ade | Get or set file attributes (See above)
2018-12-25T12:41:48.898948633Z 61 PC: 12ae6 | Open file (See above)
2018-12-25T12:41:48.907514673Z 87 PC: 12af3 | Get or set file date and time (See above)
2018-12-25T12:41:48.909845885Z 63 PC: 12b0e | Read file or device (See above)
2018-12-25T12:41:48.917234532Z 66 PC: 12b2b | Move file pointer (See above)
2018-12-25T12:41:48.919373Z 66 PC: 12b48 | Move file pointer (See above)
2018-12-25T12:41:48.922110426Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:41:48.931292155Z 66 PC: 12b5f | Move file pointer (See above)
2018-12-25T12:41:48.933305997Z 64 PC: 12b79 | Write file or device (See above)
2018-12-25T12:41:48.937657811Z 87 PC: 12b88 | Get or set file date and time (See above)
2018-12-25T12:41:48.939692931Z 62 PC: 12b8d | Close file (See above)
2018-12-25T12:41:48.949302793Z 67 PC: 12b9c | Get or set file attributes (See above)
2018-12-25T12:41:48.961310443Z 79 PC: 12ab7 | Find next file (See above)
2018-12-25T12:41:48.964590844Z 67 PC: 12ad0 | Get or set file attributes (See above)
2018-12-25T12:41:48.968393184Z 67 PC: 12ade | Get or set file attributes (See above)
2018-12-25T12:41:48.975416769Z 61 PC: 12ae6 | Open file (See above)
2018-12-25T12:41:48.979905918Z 87 PC: 12af3 | Get or set file date and time (See above)
2018-12-25T12:41:48.981151363Z 63 PC: 12b0e | Read file or device (See above)
2018-12-25T12:41:48.985658208Z 66 PC: 12b2b | Move file pointer (See above)
2018-12-25T12:41:48.987410192Z 66 PC: 12b48 | Move file pointer (See above)
2018-12-25T12:41:48.988677297Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:41:48.994145122Z 66 PC: 12b5f | Move file pointer (See above)
2018-12-25T12:41:48.995972933Z 64 PC: 12b79 | Write file or device (See above)
2018-12-25T12:41:49.001799675Z 87 PC: 12b88 | Get or set file date and time (See above)
2018-12-25T12:41:49.003739551Z 62 PC: 12b8d | Close file (See above)
2018-12-25T12:41:49.010179906Z 67 PC: 12b9c | Get or set file attributes (See above)
2018-12-25T12:41:49.019427521Z 79 PC: 12ab7 | Find next file (See above)
2018-12-25T12:41:49.021604841Z 67 PC: 12ad0 | Get or set file attributes (See above)
2018-12-25T12:41:49.026415241Z 67 PC: 12ade | Get or set file attributes (See above)
2018-12-25T12:41:49.037087305Z 61 PC: 12ae6 | Open file (See above)
2018-12-25T12:41:49.044950563Z 87 PC: 12af3 | Get or set file date and time (See above)
2018-12-25T12:41:49.04751398Z 63 PC: 12b0e | Read file or device (See above)
2018-12-25T12:41:49.054999047Z 66 PC: 12b2b | Move file pointer (See above)
2018-12-25T12:41:49.057096087Z 66 PC: 12b48 | Move file pointer (See above)
2018-12-25T12:41:49.059514036Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:41:49.065289191Z 66 PC: 12b5f | Move file pointer (See above)
2018-12-25T12:41:49.06658783Z 64 PC: 12b79 | Write file or device (See above)
2018-12-25T12:41:49.068853118Z 87 PC: 12b88 | Get or set file date and time (See above)
2018-12-25T12:41:49.070542183Z 62 PC: 12b8d | Close file (See above)
2018-12-25T12:41:49.076558795Z 67 PC: 12b9c | Get or set file attributes (See above)
2018-12-25T12:41:49.08527618Z 79 PC: 12ab7 | Find next file (See above)
2018-12-25T12:41:49.087873466Z 67 PC: 12ad0 | Get or set file attributes (See above)
2018-12-25T12:41:49.091748624Z 67 PC: 12ade | Get or set file attributes (See above)
2018-12-25T12:41:49.099491092Z 61 PC: 12ae6 | Open file (See above)
2018-12-25T12:41:49.108381762Z 87 PC: 12af3 | Get or set file date and time (See above)
2018-12-25T12:41:49.110367264Z 63 PC: 12b0e | Read file or device (See above)
2018-12-25T12:41:49.118480286Z 87 PC: 12b88 | Get or set file date and time (See above)
2018-12-25T12:41:49.12166452Z 62 PC: 12b8d | Close file (See above)
2018-12-25T12:41:49.12972286Z 67 PC: 12b9c | Get or set file attributes (See above)
2018-12-25T12:41:49.142565567Z 79 PC: 12ab7 | Find next file (See above)
2018-12-25T12:41:49.146451493Z 26 PC: 12bc7 | Set disk transfer address