{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15273,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:43:04.012385933Z | 239 | PC: 12cc0 | UNKNOWN! |
| 2018-12-25T12:43:04.014091557Z | 53 | PC: 12ccd | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:43:04.015562713Z | 54 | PC: 9f762 | Get free disk space |
| 2018-12-25T12:43:04.058665697Z | 53 | PC: 9f784 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:43:04.06149368Z | 67 | PC: 9f7ae | Get or set file attributes |
| 2018-12-25T12:43:04.069640466Z | 67 | PC: 9f7ba | Get or set file attributes |
| 2018-12-25T12:43:05.68458767Z | 61 | PC: 9f7c4 | Open file (Filename = '�S�') |
| 2018-12-25T12:43:05.691213326Z | 87 | PC: 9f7d4 | Get or set file date and time |
| 2018-12-25T12:43:05.694134562Z | 66 | PC: 9f7eb | Move file pointer |
| 2018-12-25T12:43:05.696313866Z | 63 | PC: 9f8c1 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:43:05.704018409Z | 66 | PC: 9f807 | Move file pointer |
| 2018-12-25T12:43:05.706040386Z | 63 | PC: 9f8c1 | Read file or device (See above) |
| 2018-12-25T12:43:05.711923938Z | 66 | PC: 9f823 | Move file pointer |
| 2018-12-25T12:43:05.713761181Z | 66 | PC: 9f840 | Move file pointer |
| 2018-12-25T12:43:05.715850488Z | 64 | PC: 9f84a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:43:05.718531071Z | 66 | PC: 9f853 | Move file pointer |
| 2018-12-25T12:43:05.719931733Z | 64 | PC: 9f85d | Write file or device (Write 722 bytes on handle 5) |
| 2018-12-25T12:43:05.740849519Z | 87 | PC: 9f871 | Get or set file date and time |
| 2018-12-25T12:43:05.745275023Z | 62 | PC: 9f875 | Close file |
| 2018-12-25T12:43:05.758587934Z | 67 | PC: 9f889 | Get or set file attributes |
| 2018-12-25T12:43:05.776754002Z | 42 | PC: 12d4c | Get date 0x12d4c: cmp dh, 8 0x12d4f: jne 0x12d67 0x12d51: lea dx, word ptr [si + 0x12] 0x12d54: mov si, dx 0x12d56: lodsb al, byte ptr [si] 0x12d57: cmp al, 0 0x12d59: je 0x12d63 0x12d5b: xor al, 6 0x12d5d: mov ah, 0xe 0x12d5f: int 0x10 0x12d61: jmp 0x12d56 0x12d63: xor ax, ax 0x12d65: int 0x16 0x12d67: mov si, 0x100 0x12d6a: push si 0x12d6b: ret 0x12d6c: sub cl, byte ptr [si + 0x41] 0x12d6f: dec bp 0x12d70: inc bp 0x12d71: inc di |
| 2018-12-25T12:43:05.778901186Z | 9 | PC: 12aa2 | Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ') |
{"DateBased":true,"Day":1,"Month":8,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15273,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:43:04.194926493Z | 239 | PC: 12cc0 | UNKNOWN! |
| 2018-12-25T12:43:04.206484883Z | 53 | PC: 12ccd | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:43:04.208342006Z | 54 | PC: 9f762 | Get free disk space |
| 2018-12-25T12:43:04.244259283Z | 53 | PC: 9f784 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:43:04.246035078Z | 67 | PC: 9f7ae | Get or set file attributes |
| 2018-12-25T12:43:04.254917457Z | 67 | PC: 9f7ba | Get or set file attributes |
| 2018-12-25T12:43:05.684400191Z | 61 | PC: 9f7c4 | Open file (Filename = '�S�') |
| 2018-12-25T12:43:05.694333902Z | 87 | PC: 9f7d4 | Get or set file date and time |
| 2018-12-25T12:43:05.696867555Z | 66 | PC: 9f7eb | Move file pointer |
| 2018-12-25T12:43:05.698449554Z | 63 | PC: 9f8c1 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:43:05.705239426Z | 66 | PC: 9f807 | Move file pointer |
| 2018-12-25T12:43:05.708556629Z | 63 | PC: 9f8c1 | Read file or device (See above) |
| 2018-12-25T12:43:05.713896013Z | 66 | PC: 9f823 | Move file pointer |
| 2018-12-25T12:43:05.715203358Z | 66 | PC: 9f840 | Move file pointer |
| 2018-12-25T12:43:05.716926163Z | 64 | PC: 9f84a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:43:05.719640996Z | 66 | PC: 9f853 | Move file pointer |
| 2018-12-25T12:43:05.721025962Z | 64 | PC: 9f85d | Write file or device (Write 722 bytes on handle 5) |
| 2018-12-25T12:43:05.731492458Z | 87 | PC: 9f871 | Get or set file date and time |
| 2018-12-25T12:43:05.733104164Z | 62 | PC: 9f875 | Close file |
| 2018-12-25T12:43:05.739868492Z | 67 | PC: 9f889 | Get or set file attributes |
| 2018-12-25T12:43:05.749146999Z | 42 | PC: 12d4c | Get date 0x12d4c: cmp dh, 8 0x12d4f: jne 0x12d67 0x12d51: lea dx, word ptr [si + 0x12] 0x12d54: mov si, dx 0x12d56: lodsb al, byte ptr [si] 0x12d57: cmp al, 0 0x12d59: je 0x12d63 0x12d5b: xor al, 6 0x12d5d: mov ah, 0xe 0x12d5f: int 0x10 0x12d61: jmp 0x12d56 0x12d63: xor ax, ax 0x12d65: int 0x16 0x12d67: mov si, 0x100 0x12d6a: push si 0x12d6b: ret 0x12d6c: sub cl, byte ptr [si + 0x41] 0x12d6f: dec bp 0x12d70: inc bp 0x12d71: inc di |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15273,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:43:04.224117734Z | 239 | PC: 12cc0 | UNKNOWN! |
| 2018-12-25T12:43:04.225471235Z | 53 | PC: 12ccd | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:43:04.226682445Z | 54 | PC: 9f762 | Get free disk space |
| 2018-12-25T12:43:04.262886452Z | 53 | PC: 9f784 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:43:04.264827058Z | 67 | PC: 9f7ae | Get or set file attributes |
| 2018-12-25T12:43:04.272753037Z | 67 | PC: 9f7ba | Get or set file attributes |
| 2018-12-25T12:43:05.691313054Z | 61 | PC: 9f7c4 | Open file (Filename = '�S�') |
| 2018-12-25T12:43:05.698296014Z | 87 | PC: 9f7d4 | Get or set file date and time |
| 2018-12-25T12:43:05.69969751Z | 66 | PC: 9f7eb | Move file pointer |
| 2018-12-25T12:43:05.701072215Z | 63 | PC: 9f8c1 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:43:05.707507644Z | 66 | PC: 9f807 | Move file pointer |
| 2018-12-25T12:43:05.709579813Z | 63 | PC: 9f8c1 | Read file or device (See above) |
| 2018-12-25T12:43:05.714813322Z | 66 | PC: 9f823 | Move file pointer |
| 2018-12-25T12:43:05.717219619Z | 66 | PC: 9f840 | Move file pointer |
| 2018-12-25T12:43:05.718754466Z | 64 | PC: 9f84a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:43:05.72118876Z | 66 | PC: 9f853 | Move file pointer |
| 2018-12-25T12:43:05.722483939Z | 64 | PC: 9f85d | Write file or device (Write 722 bytes on handle 5) |
| 2018-12-25T12:43:05.734747578Z | 87 | PC: 9f871 | Get or set file date and time |
| 2018-12-25T12:43:05.736070838Z | 62 | PC: 9f875 | Close file |
| 2018-12-25T12:43:05.743047986Z | 67 | PC: 9f889 | Get or set file attributes |
| 2018-12-25T12:43:05.753287021Z | 42 | PC: 12d4c | Get date 0x12d4c: cmp dh, 8 0x12d4f: jne 0x12d67 0x12d51: lea dx, word ptr [si + 0x12] 0x12d54: mov si, dx 0x12d56: lodsb al, byte ptr [si] 0x12d57: cmp al, 0 0x12d59: je 0x12d63 0x12d5b: xor al, 6 0x12d5d: mov ah, 0xe 0x12d5f: int 0x10 0x12d61: jmp 0x12d56 0x12d63: xor ax, ax 0x12d65: int 0x16 0x12d67: mov si, 0x100 0x12d6a: push si 0x12d6b: ret 0x12d6c: sub cl, byte ptr [si + 0x41] 0x12d6f: dec bp 0x12d70: inc bp 0x12d71: inc di |
| 2018-12-25T12:43:05.755439153Z | 9 | PC: 12aa2 | Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ') |
{"DateBased":true,"Day":1,"Month":8,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15273,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:43:04.447253714Z | 239 | PC: 12cc0 | UNKNOWN! |
| 2018-12-25T12:43:04.448836822Z | 53 | PC: 12ccd | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-25T12:43:04.450546634Z | 54 | PC: 9f762 | Get free disk space |
| 2018-12-25T12:43:04.492032929Z | 53 | PC: 9f784 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:43:04.495327614Z | 67 | PC: 9f7ae | Get or set file attributes |
| 2018-12-25T12:43:04.502957689Z | 67 | PC: 9f7ba | Get or set file attributes |
| 2018-12-25T12:43:05.685139167Z | 61 | PC: 9f7c4 | Open file (Filename = '�S�') |
| 2018-12-25T12:43:05.69198718Z | 87 | PC: 9f7d4 | Get or set file date and time |
| 2018-12-25T12:43:05.693181153Z | 66 | PC: 9f7eb | Move file pointer |
| 2018-12-25T12:43:05.694329327Z | 63 | PC: 9f8c1 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:43:05.699191855Z | 66 | PC: 9f807 | Move file pointer |
| 2018-12-25T12:43:05.700395068Z | 63 | PC: 9f8c1 | Read file or device (See above) |
| 2018-12-25T12:43:05.704068402Z | 66 | PC: 9f823 | Move file pointer |
| 2018-12-25T12:43:05.705974699Z | 66 | PC: 9f840 | Move file pointer |
| 2018-12-25T12:43:05.707649219Z | 64 | PC: 9f84a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:43:05.710535747Z | 66 | PC: 9f853 | Move file pointer |
| 2018-12-25T12:43:05.71224185Z | 64 | PC: 9f85d | Write file or device (Write 722 bytes on handle 5) |
| 2018-12-25T12:43:05.722829164Z | 87 | PC: 9f871 | Get or set file date and time |
| 2018-12-25T12:43:05.724916237Z | 62 | PC: 9f875 | Close file |
| 2018-12-25T12:43:05.732496541Z | 67 | PC: 9f889 | Get or set file attributes |
| 2018-12-25T12:43:05.742803372Z | 42 | PC: 12d4c | Get date 0x12d4c: cmp dh, 8 0x12d4f: jne 0x12d67 0x12d51: lea dx, word ptr [si + 0x12] 0x12d54: mov si, dx 0x12d56: lodsb al, byte ptr [si] 0x12d57: cmp al, 0 0x12d59: je 0x12d63 0x12d5b: xor al, 6 0x12d5d: mov ah, 0xe 0x12d5f: int 0x10 0x12d61: jmp 0x12d56 0x12d63: xor ax, ax 0x12d65: int 0x16 0x12d67: mov si, 0x100 0x12d6a: push si 0x12d6b: ret 0x12d6c: sub cl, byte ptr [si + 0x41] 0x12d6f: dec bp 0x12d70: inc bp 0x12d71: inc di |