Sample viewer

vx.netlux.org/Virus.DOS.IVP.Mutation.482

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:05:55.99174642Z 26 PC: 12b74 | Set disk transfer address
2018-12-17T23:05:55.994215494Z 53 PC: 12a69 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:05:55.995510412Z 37 PC: 12a7b | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:05:55.996832016Z 71 PC: 12a87 | Get current directory
2018-12-17T23:05:56.000760407Z 78 PC: 12ac2 | Find first file
2018-12-17T23:05:56.011979915Z 61 PC: 12b7d | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:05:56.019713573Z 63 PC: 12add | Read file or device (Read 26 bytes on handle 5)
2018-12-17T23:05:56.026640548Z 62 PC: 12ae1 | Close file
2018-12-17T23:05:56.029591735Z 67 PC: 12b88 | Get or set file attributes
2018-12-17T23:05:56.047775373Z 61 PC: 12b7d | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:05:56.055672364Z 64 PC: 12b31 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:05:56.059538858Z 66 PC: 12b6f | Move file pointer
2018-12-17T23:05:56.061146588Z 44 PC: 12b3c | Get time 0x12b3c: cmp dh, 0
0x12b3f: je 0x12b38
0x12b41: mov byte ptr cs:[bp + 0x2e4], dh
0x12b46: call 0x12bdb
0x12b49: mov ax, 0x5701
0x12b4c: mov cx, word ptr cs:[bp + 0x357]
0x12b51: mov dx, word ptr cs:[bp + 0x359]
0x12b56: int 0x21
0x12b58: mov ah, 0x3e
0x12b5a: int 0x21
0x12b5c: xor cx, cx
0x12b5e: mov cl, byte ptr cs:[bp + 0x356]
0x12b63: call 0x12b7f
0x12b66: ret
0x12b67: mov ah, 0x42
0x12b69: xor cx, cx
0x12b6b: xor dx, dx
0x12b6d: int 0x21
0x12b6f: ret
0x12b70: mov ah, 0x1a
2018-12-17T23:05:56.064510961Z 64 PC: 12c38 | Write file or device (Write 482 bytes on handle 5)
2018-12-17T23:05:56.074222509Z 87 PC: 12b58 | Get or set file date and time
2018-12-17T23:05:56.075958979Z 62 PC: 12b5c | Close file
2018-12-17T23:05:56.084907407Z 67 PC: 12b88 | Get or set file attributes
2018-12-17T23:05:56.102317478Z 79 PC: 12ac2 | Find next file
2018-12-17T23:05:56.105352494Z 61 PC: 12b7d | Open file (Filename = 'PRINT.COM')
2018-12-17T23:05:56.115921952Z 63 PC: 12add | Read file or device (Read 26 bytes on handle 5)
2018-12-17T23:05:56.125526738Z 62 PC: 12ae1 | Close file
2018-12-17T23:05:56.127889128Z 67 PC: 12b88 | Get or set file attributes
2018-12-17T23:05:56.140375948Z 61 PC: 12b7d | Open file (Filename = 'PRINT.COM')
2018-12-17T23:05:56.14808519Z 64 PC: 12b31 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:05:56.151545482Z 66 PC: 12b6f | Move file pointer
2018-12-17T23:05:56.15317307Z 44 PC: 12b3c | Get time 0x12b3c: cmp dh, 0
0x12b3f: je 0x12b38
0x12b41: mov byte ptr cs:[bp + 0x2e4], dh
0x12b46: call 0x12bdb
0x12b49: mov ax, 0x5701
0x12b4c: mov cx, word ptr cs:[bp + 0x357]
0x12b51: mov dx, word ptr cs:[bp + 0x359]
0x12b56: int 0x21
0x12b58: mov ah, 0x3e
0x12b5a: int 0x21
0x12b5c: xor cx, cx
0x12b5e: mov cl, byte ptr cs:[bp + 0x356]
0x12b63: call 0x12b7f
0x12b66: ret
0x12b67: mov ah, 0x42
0x12b69: xor cx, cx
0x12b6b: xor dx, dx
0x12b6d: int 0x21
0x12b6f: ret
0x12b70: mov ah, 0x1a
2018-12-17T23:05:56.156040734Z 64 PC: 12c38 | Write file or device (Write 482 bytes on handle 5)
2018-12-17T23:05:56.159899398Z 87 PC: 12b58 | Get or set file date and time
2018-12-17T23:05:56.16206309Z 62 PC: 12b5c | Close file
2018-12-17T23:05:56.171199061Z 67 PC: 12b88 | Get or set file attributes
2018-12-17T23:05:56.182705258Z 79 PC: 12ac2 | Find next file
2018-12-17T23:05:56.185500595Z 61 PC: 12b7d | Open file (Filename = 'HELLO.COM')
2018-12-17T23:05:56.192945984Z 63 PC: 12add | Read file or device (Read 26 bytes on handle 5)
2018-12-17T23:05:56.200621462Z 62 PC: 12ae1 | Close file
2018-12-17T23:05:56.204064596Z 67 PC: 12b88 | Get or set file attributes
2018-12-17T23:05:56.21883947Z 61 PC: 12b7d | Open file (Filename = 'HELLO.COM')
2018-12-17T23:05:56.226899989Z 64 PC: 12b31 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:05:56.23061509Z 66 PC: 12b6f | Move file pointer
2018-12-17T23:05:56.232269452Z 44 PC: 12b3c | Get time 0x12b3c: cmp dh, 0
0x12b3f: je 0x12b38
0x12b41: mov byte ptr cs:[bp + 0x2e4], dh
0x12b46: call 0x12bdb
0x12b49: mov ax, 0x5701
0x12b4c: mov cx, word ptr cs:[bp + 0x357]
0x12b51: mov dx, word ptr cs:[bp + 0x359]
0x12b56: int 0x21
0x12b58: mov ah, 0x3e
0x12b5a: int 0x21
0x12b5c: xor cx, cx
0x12b5e: mov cl, byte ptr cs:[bp + 0x356]
0x12b63: call 0x12b7f
0x12b66: ret
0x12b67: mov ah, 0x42
0x12b69: xor cx, cx
0x12b6b: xor dx, dx
0x12b6d: int 0x21
0x12b6f: ret
0x12b70: mov ah, 0x1a
2018-12-17T23:05:56.235499551Z 64 PC: 12c38 | Write file or device (Write 482 bytes on handle 5)
2018-12-17T23:05:56.244674783Z 87 PC: 12b58 | Get or set file date and time
2018-12-17T23:05:56.246508848Z 62 PC: 12b5c | Close file
2018-12-17T23:05:56.256605302Z 67 PC: 12b88 | Get or set file attributes
2018-12-17T23:05:56.267723486Z 79 PC: 12ac2 | Find next file
2018-12-17T23:05:56.271630306Z 61 PC: 12b7d | Open file (Filename = 'PHANG.COM')
2018-12-17T23:05:56.280440719Z 63 PC: 12add | Read file or device (Read 26 bytes on handle 5)
2018-12-17T23:05:56.28916008Z 62 PC: 12ae1 | Close file
2018-12-17T23:05:56.291478106Z 67 PC: 12b88 | Get or set file attributes
2018-12-17T23:05:56.303366615Z 61 PC: 12b7d | Open file (Filename = 'PHANG.COM')
2018-12-17T23:05:56.319973955Z 64 PC: 12b31 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:05:56.323303634Z 66 PC: 12b6f | Move file pointer
2018-12-17T23:05:56.325205346Z 44 PC: 12b3c | Get time 0x12b3c: cmp dh, 0
0x12b3f: je 0x12b38
0x12b41: mov byte ptr cs:[bp + 0x2e4], dh
0x12b46: call 0x12bdb
0x12b49: mov ax, 0x5701
0x12b4c: mov cx, word ptr cs:[bp + 0x357]
0x12b51: mov dx, word ptr cs:[bp + 0x359]
0x12b56: int 0x21
0x12b58: mov ah, 0x3e
0x12b5a: int 0x21
0x12b5c: xor cx, cx
0x12b5e: mov cl, byte ptr cs:[bp + 0x356]
0x12b63: call 0x12b7f
0x12b66: ret
0x12b67: mov ah, 0x42
0x12b69: xor cx, cx
0x12b6b: xor dx, dx
0x12b6d: int 0x21
0x12b6f: ret
0x12b70: mov ah, 0x1a
2018-12-17T23:05:56.328557288Z 64 PC: 12c38 | Write file or device (Write 482 bytes on handle 5)
2018-12-17T23:05:56.332288528Z 87 PC: 12b58 | Get or set file date and time
2018-12-17T23:05:56.334497294Z 62 PC: 12b5c | Close file
2018-12-17T23:05:56.343304237Z 67 PC: 12b88 | Get or set file attributes
2018-12-17T23:05:56.354896694Z 79 PC: 12ac2 | Find next file
2018-12-17T23:05:56.3585531Z 61 PC: 12b7d | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T23:05:56.367478591Z 63 PC: 12add | Read file or device (Read 26 bytes on handle 5)
2018-12-17T23:05:56.374698249Z 62 PC: 12ae1 | Close file
2018-12-17T23:05:56.377253608Z 67 PC: 12b88 | Get or set file attributes
2018-12-17T23:05:56.383960411Z 61 PC: 12b7d | Open file (Filename = 'PRINTA~1.COM�')
2018-12-17T23:05:56.389617562Z 64 PC: 12b31 | Write file or device (Write 3 bytes on handle 2)
2018-12-17T23:05:56.393144781Z 66 PC: 12b6f | Move file pointer
2018-12-17T23:05:56.396214215Z 44 PC: 12b3c | Get time 0x12b3c: cmp dh, 0
0x12b3f: je 0x12b38
0x12b41: mov byte ptr cs:[bp + 0x2e4], dh
0x12b46: call 0x12bdb
0x12b49: mov ax, 0x5701
0x12b4c: mov cx, word ptr cs:[bp + 0x357]
0x12b51: mov dx, word ptr cs:[bp + 0x359]
0x12b56: int 0x21
0x12b58: mov ah, 0x3e
0x12b5a: int 0x21
0x12b5c: xor cx, cx
0x12b5e: mov cl, byte ptr cs:[bp + 0x356]
0x12b63: call 0x12b7f
0x12b66: ret
0x12b67: mov ah, 0x42
0x12b69: xor cx, cx
0x12b6b: xor dx, dx
0x12b6d: int 0x21
0x12b6f: ret
0x12b70: mov ah, 0x1a
2018-12-17T23:05:56.399040432Z 64 PC: 12c38 | Write file or device (Write 482 bytes on handle 2)
2018-12-17T23:05:56.406693792Z 87 PC: 12b58 | Get or set file date and time
2018-12-17T23:05:56.408891274Z 62 PC: 12b5c | Close file
2018-12-17T23:05:56.412031333Z 67 PC: 12b88 | Get or set file attributes
2018-12-17T23:05:56.417156948Z 79 PC: 12ac2 | Find next file
2018-12-17T23:05:56.421068111Z 61 PC: 12b7d | Open file (Filename = 'MANDEL.COM')
2018-12-17T23:05:56.429466996Z 63 PC: 12add | Read file or device (Read 26 bytes on handle 2)
2018-12-17T23:05:56.436559213Z 62 PC: 12ae1 | Close file
2018-12-17T23:05:56.438655037Z 67 PC: 12b88 | Get or set file attributes
2018-12-17T23:05:56.450785265Z 61 PC: 12b7d | Open file (Filename = 'MANDEL.COM')
2018-12-17T23:05:56.458679374Z 64 PC: 12b31 | Write file or device (Write 3 bytes on handle 2)
2018-12-17T23:05:56.462081763Z 66 PC: 12b6f | Move file pointer
2018-12-17T23:05:56.464620034Z 44 PC: 12b3c | Get time 0x12b3c: cmp dh, 0
0x12b3f: je 0x12b38
0x12b41: mov byte ptr cs:[bp + 0x2e4], dh
0x12b46: call 0x12bdb
0x12b49: mov ax, 0x5701
0x12b4c: mov cx, word ptr cs:[bp + 0x357]
0x12b51: mov dx, word ptr cs:[bp + 0x359]
0x12b56: int 0x21
0x12b58: mov ah, 0x3e
0x12b5a: int 0x21
0x12b5c: xor cx, cx
0x12b5e: mov cl, byte ptr cs:[bp + 0x356]
0x12b63: call 0x12b7f
0x12b66: ret
0x12b67: mov ah, 0x42
0x12b69: xor cx, cx
0x12b6b: xor dx, dx
0x12b6d: int 0x21
0x12b6f: ret
0x12b70: mov ah, 0x1a
2018-12-17T23:05:56.467431974Z 64 PC: 12c38 | Write file or device (Write 482 bytes on handle 2)
2018-12-17T23:05:56.478027658Z 87 PC: 12b58 | Get or set file date and time
2018-12-17T23:05:56.480089153Z 62 PC: 12b5c | Close file
2018-12-17T23:05:56.494250168Z 67 PC: 12b88 | Get or set file attributes
2018-12-17T23:05:56.505507314Z 79 PC: 12ac2 | Find next file
2018-12-17T23:05:56.508688533Z 61 PC: 12b7d | Open file (Filename = 'PAH.COM')
2018-12-17T23:05:56.516161169Z 63 PC: 12add | Read file or device (Read 26 bytes on handle 2)
2018-12-17T23:05:56.523303396Z 62 PC: 12ae1 | Close file
2018-12-17T23:05:56.525261612Z 67 PC: 12b88 | Get or set file attributes
2018-12-17T23:05:56.536528978Z 61 PC: 12b7d | Open file (Filename = 'PAH.COM')
2018-12-17T23:05:56.544062688Z 64 PC: 12b31 | Write file or device (Write 3 bytes on handle 2)
2018-12-17T23:05:56.547314937Z 66 PC: 12b6f | Move file pointer
2018-12-17T23:05:56.549776304Z 44 PC: 12b3c | Get time 0x12b3c: cmp dh, 0
0x12b3f: je 0x12b38
0x12b41: mov byte ptr cs:[bp + 0x2e4], dh
0x12b46: call 0x12bdb
0x12b49: mov ax, 0x5701
0x12b4c: mov cx, word ptr cs:[bp + 0x357]
0x12b51: mov dx, word ptr cs:[bp + 0x359]
0x12b56: int 0x21
0x12b58: mov ah, 0x3e
0x12b5a: int 0x21
0x12b5c: xor cx, cx
0x12b5e: mov cl, byte ptr cs:[bp + 0x356]
0x12b63: call 0x12b7f
0x12b66: ret
0x12b67: mov ah, 0x42
0x12b69: xor cx, cx
0x12b6b: xor dx, dx
0x12b6d: int 0x21
0x12b6f: ret
0x12b70: mov ah, 0x1a
2018-12-17T23:05:56.553108786Z 64 PC: 12c38 | Write file or device (Write 482 bytes on handle 2)
2018-12-17T23:05:56.55607173Z 87 PC: 12b58 | Get or set file date and time
2018-12-17T23:05:56.558274176Z 62 PC: 12b5c | Close file
2018-12-17T23:05:56.566239402Z 67 PC: 12b88 | Get or set file attributes
2018-12-17T23:05:56.577243141Z 79 PC: 12ac2 | Find next file
2018-12-17T23:05:56.580553836Z 61 PC: 12b7d | Open file (Filename = 'TEST.COM')
2018-12-17T23:05:56.587632443Z 63 PC: 12add | Read file or device (Read 26 bytes on handle 2)
2018-12-17T23:05:56.590420458Z 62 PC: 12ae1 | Close file
2018-12-17T23:05:56.592885121Z 79 PC: 12ac2 | Find next file
2018-12-17T23:05:56.596101437Z 59 PC: 12a96 | Change current directory
2018-12-17T23:05:56.600677701Z 9 PC: 12aa0 | Display string (String= 'Becky Conner - I Hate Mark! MuTaTiON INTERRUPT [NOVEMBER 1994] ')
2018-12-17T23:05:56.610069695Z 37 PC: 12aaa | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:05:56.611390031Z 59 PC: 12ab4 | Change current directory
2018-12-17T23:05:56.613295885Z 26 PC: 12b74 | Set disk transfer address

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":15356,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:43:14.144503912Z 26 PC: 12b74 | Set disk transfer address
2018-12-25T12:43:14.146629456Z 53 PC: 12a69 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:43:14.147867116Z 37 PC: 12a7b | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:43:14.148685154Z 71 PC: 12a87 | Get current directory
2018-12-25T12:43:14.151076151Z 78 PC: 12ac2 | Find first file
2018-12-25T12:43:14.156740554Z 61 PC: 12b7d | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:43:14.162422079Z 63 PC: 12add | Read file or device (Read 26 bytes on handle 5)
2018-12-25T12:43:14.166616939Z 62 PC: 12ae1 | Close file
2018-12-25T12:43:14.168434614Z 67 PC: 12b88 | Get or set file attributes
2018-12-25T12:43:14.18481559Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.194961093Z 64 PC: 12b31 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:43:14.199355455Z 66 PC: 12b6f | Move file pointer
2018-12-25T12:43:14.200452084Z 44 PC: 12b3c | Get time 0x12b3c: cmp dh, 0
0x12b3f: je 0x12b38
0x12b41: mov byte ptr cs:[bp + 0x2e4], dh
0x12b46: call 0x12bdb
0x12b49: mov ax, 0x5701
0x12b4c: mov cx, word ptr cs:[bp + 0x357]
0x12b51: mov dx, word ptr cs:[bp + 0x359]
0x12b56: int 0x21
0x12b58: mov ah, 0x3e
0x12b5a: int 0x21
0x12b5c: xor cx, cx
0x12b5e: mov cl, byte ptr cs:[bp + 0x356]
0x12b63: call 0x12b7f
0x12b66: ret
0x12b67: mov ah, 0x42
0x12b69: xor cx, cx
0x12b6b: xor dx, dx
0x12b6d: int 0x21
0x12b6f: ret
0x12b70: mov ah, 0x1a
2018-12-25T12:43:14.202766493Z 64 PC: 12c38 | Write file or device (Write 482 bytes on handle 5)
2018-12-25T12:43:14.210699174Z 87 PC: 12b58 | Get or set file date and time
2018-12-25T12:43:14.211988181Z 62 PC: 12b5c | Close file
2018-12-25T12:43:14.218921735Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.229637081Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T12:43:14.232102664Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.237990796Z 63 PC: 12add | Read file or device (See above)
2018-12-25T12:43:14.244340134Z 62 PC: 12ae1 | Close file (See above)
2018-12-25T12:43:14.245752966Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.255936973Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.267667528Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:43:14.274493207Z 66 PC: 12b6f | Move file pointer (See above)
2018-12-25T12:43:14.275953156Z 44 PC: 12b3c | Get time (See above)
2018-12-25T12:43:14.279122829Z 64 PC: 12c38 | Write file or device (See above)
2018-12-25T12:43:14.282399918Z 87 PC: 12b58 | Get or set file date and time (See above)
2018-12-25T12:43:14.283940965Z 62 PC: 12b5c | Close file (See above)
2018-12-25T12:43:14.292912922Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.303051144Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T12:43:14.305716315Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.312179335Z 63 PC: 12add | Read file or device (See above)
2018-12-25T12:43:14.31931915Z 62 PC: 12ae1 | Close file (See above)
2018-12-25T12:43:14.321053355Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.338639865Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.345665691Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:43:14.348352535Z 66 PC: 12b6f | Move file pointer (See above)
2018-12-25T12:43:14.349661251Z 44 PC: 12b3c | Get time (See above)
2018-12-25T12:43:14.352665917Z 64 PC: 12c38 | Write file or device (See above)
2018-12-25T12:43:14.360829167Z 87 PC: 12b58 | Get or set file date and time (See above)
2018-12-25T12:43:14.362512506Z 62 PC: 12b5c | Close file (See above)
2018-12-25T12:43:14.370840081Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.380521937Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T12:43:14.383353042Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.390298158Z 63 PC: 12add | Read file or device (See above)
2018-12-25T12:43:14.396458504Z 62 PC: 12ae1 | Close file (See above)
2018-12-25T12:43:14.398434526Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.409365805Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.415819327Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:43:14.418687712Z 66 PC: 12b6f | Move file pointer (See above)
2018-12-25T12:43:14.420552342Z 44 PC: 12b3c | Get time (See above)
2018-12-25T12:43:14.422836456Z 64 PC: 12c38 | Write file or device (See above)
2018-12-25T12:43:14.425486839Z 87 PC: 12b58 | Get or set file date and time (See above)
2018-12-25T12:43:14.427172129Z 62 PC: 12b5c | Close file (See above)
2018-12-25T12:43:14.434274926Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.443673654Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T12:43:14.446436247Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.453358985Z 63 PC: 12add | Read file or device (See above)
2018-12-25T12:43:14.459465183Z 62 PC: 12ae1 | Close file (See above)
2018-12-25T12:43:14.461278283Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.470472237Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.474814403Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:43:14.477339407Z 66 PC: 12b6f | Move file pointer (See above)
2018-12-25T12:43:14.47923013Z 44 PC: 12b3c | Get time (See above)
2018-12-25T12:43:14.481425194Z 64 PC: 12c38 | Write file or device (See above)
2018-12-25T12:43:14.4932581Z 87 PC: 12b58 | Get or set file date and time (See above)
2018-12-25T12:43:14.494958346Z 62 PC: 12b5c | Close file (See above)
2018-12-25T12:43:14.496479098Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.500330557Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T12:43:14.506803858Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.512830944Z 63 PC: 12add | Read file or device (See above)
2018-12-25T12:43:14.518815155Z 62 PC: 12ae1 | Close file (See above)
2018-12-25T12:43:14.521581506Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.60263781Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.609983977Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:43:14.616170817Z 66 PC: 12b6f | Move file pointer (See above)
2018-12-25T12:43:14.619141608Z 44 PC: 12b3c | Get time (See above)
2018-12-25T12:43:14.621538794Z 64 PC: 12c38 | Write file or device (See above)
2018-12-25T12:43:14.790181752Z 87 PC: 12b58 | Get or set file date and time (See above)
2018-12-25T12:43:14.792466237Z 62 PC: 12b5c | Close file (See above)
2018-12-25T12:43:14.800270596Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.811412129Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T12:43:14.813969168Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.821223969Z 63 PC: 12add | Read file or device (See above)
2018-12-25T12:43:14.827982872Z 62 PC: 12ae1 | Close file (See above)
2018-12-25T12:43:14.830227036Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.84036679Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.847764383Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:43:14.850588201Z 66 PC: 12b6f | Move file pointer (See above)
2018-12-25T12:43:14.85473019Z 44 PC: 12b3c | Get time (See above)
2018-12-25T12:43:14.857931586Z 64 PC: 12c38 | Write file or device (See above)
2018-12-25T12:43:14.861403464Z 87 PC: 12b58 | Get or set file date and time (See above)
2018-12-25T12:43:14.862781674Z 62 PC: 12b5c | Close file (See above)
2018-12-25T12:43:14.871493758Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.88131441Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T12:43:14.88414479Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.89205315Z 63 PC: 12add | Read file or device (See above)
2018-12-25T12:43:14.89884875Z 62 PC: 12ae1 | Close file (See above)
2018-12-25T12:43:14.900819747Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T12:43:14.903633886Z 59 PC: 12a96 | Change current directory
2018-12-25T12:43:14.908708853Z 9 PC: 12aa0 | Display string (String= 'Becky Conner - I Hate Mark! MuTaTiON INTERRUPT [NOVEMBER 1994] ')
2018-12-25T12:43:14.917725866Z 37 PC: 12aaa | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:43:14.919115662Z 59 PC: 12ab4 | Change current directory
2018-12-25T12:43:14.922068883Z 26 PC: 12b74 | Set disk transfer address (See above)

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":1,"TimeBased":true,"OriginalID":15356,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:43:14.170184763Z 26 PC: 12b74 | Set disk transfer address
2018-12-25T12:43:14.174995348Z 53 PC: 12a69 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:43:14.176238919Z 37 PC: 12a7b | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:43:14.177616955Z 71 PC: 12a87 | Get current directory
2018-12-25T12:43:14.181601137Z 78 PC: 12ac2 | Find first file
2018-12-25T12:43:14.187421287Z 61 PC: 12b7d | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:43:14.193681712Z 63 PC: 12add | Read file or device (Read 26 bytes on handle 5)
2018-12-25T12:43:14.217363441Z 62 PC: 12ae1 | Close file
2018-12-25T12:43:14.225646283Z 67 PC: 12b88 | Get or set file attributes
2018-12-25T12:43:14.240858593Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.261578696Z 64 PC: 12b31 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:43:14.265448194Z 66 PC: 12b6f | Move file pointer
2018-12-25T12:43:14.266792462Z 44 PC: 12b3c | Get time 0x12b3c: cmp dh, 0
0x12b3f: je 0x12b38
0x12b41: mov byte ptr cs:[bp + 0x2e4], dh
0x12b46: call 0x12bdb
0x12b49: mov ax, 0x5701
0x12b4c: mov cx, word ptr cs:[bp + 0x357]
0x12b51: mov dx, word ptr cs:[bp + 0x359]
0x12b56: int 0x21
0x12b58: mov ah, 0x3e
0x12b5a: int 0x21
0x12b5c: xor cx, cx
0x12b5e: mov cl, byte ptr cs:[bp + 0x356]
0x12b63: call 0x12b7f
0x12b66: ret
0x12b67: mov ah, 0x42
0x12b69: xor cx, cx
0x12b6b: xor dx, dx
0x12b6d: int 0x21
0x12b6f: ret
0x12b70: mov ah, 0x1a
2018-12-25T12:43:14.2766288Z 64 PC: 12c38 | Write file or device (Write 482 bytes on handle 5)
2018-12-25T12:43:14.285809125Z 87 PC: 12b58 | Get or set file date and time
2018-12-25T12:43:14.287270172Z 62 PC: 12b5c | Close file
2018-12-25T12:43:14.294663817Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.305352069Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T12:43:14.308171717Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.314786011Z 63 PC: 12add | Read file or device (See above)
2018-12-25T12:43:14.322015217Z 62 PC: 12ae1 | Close file (See above)
2018-12-25T12:43:14.32525476Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.335178459Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.342827224Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:43:14.345521305Z 66 PC: 12b6f | Move file pointer (See above)
2018-12-25T12:43:14.346965316Z 44 PC: 12b3c | Get time (See above)
2018-12-25T12:43:14.349578548Z 64 PC: 12c38 | Write file or device (See above)
2018-12-25T12:43:14.352481856Z 87 PC: 12b58 | Get or set file date and time (See above)
2018-12-25T12:43:14.35403558Z 62 PC: 12b5c | Close file (See above)
2018-12-25T12:43:14.361716384Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.371667101Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T12:43:14.374406029Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.380980202Z 63 PC: 12add | Read file or device (See above)
2018-12-25T12:43:14.388261722Z 62 PC: 12ae1 | Close file (See above)
2018-12-25T12:43:14.390033678Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.400345576Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.407129293Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:43:14.409804682Z 66 PC: 12b6f | Move file pointer (See above)
2018-12-25T12:43:14.411232035Z 44 PC: 12b3c | Get time (See above)
2018-12-25T12:43:14.414153676Z 64 PC: 12c38 | Write file or device (See above)
2018-12-25T12:43:14.422221485Z 87 PC: 12b58 | Get or set file date and time (See above)
2018-12-25T12:43:14.423604447Z 62 PC: 12b5c | Close file (See above)
2018-12-25T12:43:14.432186235Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.44655132Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T12:43:14.449270174Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.457332045Z 63 PC: 12add | Read file or device (See above)
2018-12-25T12:43:14.463630257Z 62 PC: 12ae1 | Close file (See above)
2018-12-25T12:43:14.465847131Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.597617605Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.604355667Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:43:14.607299614Z 66 PC: 12b6f | Move file pointer (See above)
2018-12-25T12:43:14.60994954Z 44 PC: 12b3c | Get time (See above)
2018-12-25T12:43:14.61322843Z 64 PC: 12c38 | Write file or device (See above)
2018-12-25T12:43:14.616448405Z 87 PC: 12b58 | Get or set file date and time (See above)
2018-12-25T12:43:14.61902737Z 62 PC: 12b5c | Close file (See above)
2018-12-25T12:43:14.796429498Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.806583912Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T12:43:14.809871707Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.819612424Z 63 PC: 12add | Read file or device (See above)
2018-12-25T12:43:14.82740501Z 62 PC: 12ae1 | Close file (See above)
2018-12-25T12:43:14.829775023Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.837138862Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.84239426Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:43:14.845148334Z 66 PC: 12b6f | Move file pointer (See above)
2018-12-25T12:43:14.847612991Z 44 PC: 12b3c | Get time (See above)
2018-12-25T12:43:14.850025028Z 64 PC: 12c38 | Write file or device (See above)
2018-12-25T12:43:14.859254341Z 87 PC: 12b58 | Get or set file date and time (See above)
2018-12-25T12:43:14.861512135Z 62 PC: 12b5c | Close file (See above)
2018-12-25T12:43:14.863491379Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.868079312Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T12:43:14.872030873Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.878661986Z 63 PC: 12add | Read file or device (See above)
2018-12-25T12:43:14.885239352Z 62 PC: 12ae1 | Close file (See above)
2018-12-25T12:43:14.887761585Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.897158499Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.903830465Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:43:14.90733099Z 66 PC: 12b6f | Move file pointer (See above)
2018-12-25T12:43:14.909908114Z 44 PC: 12b3c | Get time (See above)
2018-12-25T12:43:14.912516978Z 64 PC: 12c38 | Write file or device (See above)
2018-12-25T12:43:14.921460587Z 87 PC: 12b58 | Get or set file date and time (See above)
2018-12-25T12:43:14.923480443Z 62 PC: 12b5c | Close file (See above)
2018-12-25T12:43:14.930949563Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.940940986Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T12:43:14.943435553Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.950458079Z 63 PC: 12add | Read file or device (See above)
2018-12-25T12:43:14.957345933Z 62 PC: 12ae1 | Close file (See above)
2018-12-25T12:43:14.959480867Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.970336809Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.977812522Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:43:14.980958327Z 66 PC: 12b6f | Move file pointer (See above)
2018-12-25T12:43:14.982319659Z 44 PC: 12b3c | Get time (See above)
2018-12-25T12:43:14.984924669Z 64 PC: 12c38 | Write file or device (See above)
2018-12-25T12:43:14.987990353Z 87 PC: 12b58 | Get or set file date and time (See above)
2018-12-25T12:43:14.989451201Z 62 PC: 12b5c | Close file (See above)
2018-12-25T12:43:14.996877919Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:15.006571987Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T12:43:15.008939239Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:15.016646508Z 63 PC: 12add | Read file or device (See above)
2018-12-25T12:43:15.019417496Z 62 PC: 12ae1 | Close file (See above)
2018-12-25T12:43:15.02133235Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T12:43:15.024049137Z 59 PC: 12a96 | Change current directory
2018-12-25T12:43:15.028629544Z 9 PC: 12aa0 | Display string (String= 'Becky Conner - I Hate Mark! MuTaTiON INTERRUPT [NOVEMBER 1994] ')
2018-12-25T12:43:15.036774159Z 37 PC: 12aaa | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:43:15.037823631Z 59 PC: 12ab4 | Change current directory
2018-12-25T12:43:15.040146344Z 26 PC: 12b74 | Set disk transfer address (See above)

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":15356,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:43:14.237980196Z 26 PC: 12b74 | Set disk transfer address
2018-12-25T12:43:14.239380607Z 53 PC: 12a69 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:43:14.240756986Z 37 PC: 12a7b | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:43:14.242042413Z 71 PC: 12a87 | Get current directory
2018-12-25T12:43:14.245157954Z 78 PC: 12ac2 | Find first file
2018-12-25T12:43:14.252566019Z 61 PC: 12b7d | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:43:14.260227539Z 63 PC: 12add | Read file or device (Read 26 bytes on handle 5)
2018-12-25T12:43:14.267570729Z 62 PC: 12ae1 | Close file
2018-12-25T12:43:14.270454252Z 67 PC: 12b88 | Get or set file attributes
2018-12-25T12:43:14.59458371Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.602255273Z 64 PC: 12b31 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:43:14.611513858Z 66 PC: 12b6f | Move file pointer
2018-12-25T12:43:14.613218719Z 44 PC: 12b3c | Get time 0x12b3c: cmp dh, 0
0x12b3f: je 0x12b38
0x12b41: mov byte ptr cs:[bp + 0x2e4], dh
0x12b46: call 0x12bdb
0x12b49: mov ax, 0x5701
0x12b4c: mov cx, word ptr cs:[bp + 0x357]
0x12b51: mov dx, word ptr cs:[bp + 0x359]
0x12b56: int 0x21
0x12b58: mov ah, 0x3e
0x12b5a: int 0x21
0x12b5c: xor cx, cx
0x12b5e: mov cl, byte ptr cs:[bp + 0x356]
0x12b63: call 0x12b7f
0x12b66: ret
0x12b67: mov ah, 0x42
0x12b69: xor cx, cx
0x12b6b: xor dx, dx
0x12b6d: int 0x21
0x12b6f: ret
0x12b70: mov ah, 0x1a
2018-12-25T12:43:14.616006745Z 64 PC: 12c38 | Write file or device (Write 482 bytes on handle 5)
2018-12-25T12:43:14.62856725Z 87 PC: 12b58 | Get or set file date and time
2018-12-25T12:43:14.630290264Z 62 PC: 12b5c | Close file
2018-12-25T12:43:14.639038944Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.653830616Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T12:43:14.657864967Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.666875953Z 63 PC: 12add | Read file or device (See above)
2018-12-25T12:43:14.674117883Z 62 PC: 12ae1 | Close file (See above)
2018-12-25T12:43:14.677321288Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.688731588Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.700406366Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:43:14.704796087Z 66 PC: 12b6f | Move file pointer (See above)
2018-12-25T12:43:14.706509604Z 44 PC: 12b3c | Get time (See above)
2018-12-25T12:43:14.709322278Z 64 PC: 12c38 | Write file or device (See above)
2018-12-25T12:43:14.713761893Z 87 PC: 12b58 | Get or set file date and time (See above)
2018-12-25T12:43:14.71584961Z 62 PC: 12b5c | Close file (See above)
2018-12-25T12:43:14.733152014Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.745612115Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T12:43:14.748580995Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.756726796Z 63 PC: 12add | Read file or device (See above)
2018-12-25T12:43:14.765593068Z 62 PC: 12ae1 | Close file (See above)
2018-12-25T12:43:14.767932536Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.779915266Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.787782604Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:43:14.791386835Z 66 PC: 12b6f | Move file pointer (See above)
2018-12-25T12:43:14.793391825Z 44 PC: 12b3c | Get time (See above)
2018-12-25T12:43:14.79733072Z 64 PC: 12c38 | Write file or device (See above)
2018-12-25T12:43:14.807256495Z 87 PC: 12b58 | Get or set file date and time (See above)
2018-12-25T12:43:14.80909148Z 62 PC: 12b5c | Close file (See above)
2018-12-25T12:43:14.818690215Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.830684483Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T12:43:14.834108323Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.842603319Z 63 PC: 12add | Read file or device (See above)
2018-12-25T12:43:14.851733333Z 62 PC: 12ae1 | Close file (See above)
2018-12-25T12:43:14.855902987Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.867847552Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.876380363Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:43:14.879949141Z 66 PC: 12b6f | Move file pointer (See above)
2018-12-25T12:43:14.881705621Z 44 PC: 12b3c | Get time (See above)
2018-12-25T12:43:14.884871338Z 64 PC: 12c38 | Write file or device (See above)
2018-12-25T12:43:14.888684864Z 87 PC: 12b58 | Get or set file date and time (See above)
2018-12-25T12:43:14.890820771Z 62 PC: 12b5c | Close file (See above)
2018-12-25T12:43:14.899954246Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.911863777Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T12:43:14.915194994Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.923436069Z 63 PC: 12add | Read file or device (See above)
2018-12-25T12:43:14.932725544Z 62 PC: 12ae1 | Close file (See above)
2018-12-25T12:43:14.935081986Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.939981952Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.946388162Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:43:14.949691517Z 66 PC: 12b6f | Move file pointer (See above)
2018-12-25T12:43:14.95168249Z 44 PC: 12b3c | Get time (See above)
2018-12-25T12:43:14.955643586Z 64 PC: 12c38 | Write file or device (See above)
2018-12-25T12:43:14.971639705Z 87 PC: 12b58 | Get or set file date and time (See above)
2018-12-25T12:43:14.973733372Z 62 PC: 12b5c | Close file (See above)
2018-12-25T12:43:14.976643266Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.981443748Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T12:43:14.984308149Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.993050404Z 63 PC: 12add | Read file or device (See above)
2018-12-25T12:43:15.000628351Z 62 PC: 12ae1 | Close file (See above)
2018-12-25T12:43:15.003325357Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:15.016819981Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:15.028909268Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:43:15.032822071Z 66 PC: 12b6f | Move file pointer (See above)
2018-12-25T12:43:15.035202167Z 44 PC: 12b3c | Get time (See above)
2018-12-25T12:43:15.03856045Z 64 PC: 12c38 | Write file or device (See above)
2018-12-25T12:43:15.048320791Z 87 PC: 12b58 | Get or set file date and time (See above)
2018-12-25T12:43:15.050274202Z 62 PC: 12b5c | Close file (See above)
2018-12-25T12:43:15.059926036Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:15.071148304Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T12:43:15.07420509Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:15.082064027Z 63 PC: 12add | Read file or device (See above)
2018-12-25T12:43:15.089452936Z 62 PC: 12ae1 | Close file (See above)
2018-12-25T12:43:15.092258122Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:15.10401504Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:15.111592448Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:43:15.11574287Z 66 PC: 12b6f | Move file pointer (See above)
2018-12-25T12:43:15.118322604Z 44 PC: 12b3c | Get time (See above)
2018-12-25T12:43:15.12209926Z 64 PC: 12c38 | Write file or device (See above)
2018-12-25T12:43:15.125744933Z 87 PC: 12b58 | Get or set file date and time (See above)
2018-12-25T12:43:15.128093291Z 62 PC: 12b5c | Close file (See above)
2018-12-25T12:43:15.136746176Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:15.147753253Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T12:43:15.151439898Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:15.159423929Z 63 PC: 12add | Read file or device (See above)
2018-12-25T12:43:15.162658011Z 62 PC: 12ae1 | Close file (See above)
2018-12-25T12:43:15.165139545Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T12:43:15.168678341Z 59 PC: 12a96 | Change current directory
2018-12-25T12:43:15.173269065Z 9 PC: 12aa0 | Display string (String= 'Becky Conner - I Hate Mark! MuTaTiON INTERRUPT [NOVEMBER 1994] ')
2018-12-25T12:43:15.183563276Z 37 PC: 12aaa | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:43:15.186349015Z 59 PC: 12ab4 | Change current directory
2018-12-25T12:43:15.188281042Z 26 PC: 12b74 | Set disk transfer address (See above)

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":1,"TimeBased":true,"OriginalID":15356,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:43:14.602921217Z 26 PC: 12b74 | Set disk transfer address
2018-12-25T12:43:14.604762318Z 53 PC: 12a69 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:43:14.605883891Z 37 PC: 12a7b | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:43:14.606908037Z 71 PC: 12a87 | Get current directory
2018-12-25T12:43:14.610835727Z 78 PC: 12ac2 | Find first file
2018-12-25T12:43:14.619019965Z 61 PC: 12b7d | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:43:14.625725029Z 63 PC: 12add | Read file or device (Read 26 bytes on handle 5)
2018-12-25T12:43:14.632883828Z 62 PC: 12ae1 | Close file
2018-12-25T12:43:14.641619653Z 67 PC: 12b88 | Get or set file attributes
2018-12-25T12:43:14.797344781Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.80908781Z 64 PC: 12b31 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:43:14.816935906Z 66 PC: 12b6f | Move file pointer
2018-12-25T12:43:14.818689993Z 44 PC: 12b3c | Get time 0x12b3c: cmp dh, 0
0x12b3f: je 0x12b38
0x12b41: mov byte ptr cs:[bp + 0x2e4], dh
0x12b46: call 0x12bdb
0x12b49: mov ax, 0x5701
0x12b4c: mov cx, word ptr cs:[bp + 0x357]
0x12b51: mov dx, word ptr cs:[bp + 0x359]
0x12b56: int 0x21
0x12b58: mov ah, 0x3e
0x12b5a: int 0x21
0x12b5c: xor cx, cx
0x12b5e: mov cl, byte ptr cs:[bp + 0x356]
0x12b63: call 0x12b7f
0x12b66: ret
0x12b67: mov ah, 0x42
0x12b69: xor cx, cx
0x12b6b: xor dx, dx
0x12b6d: int 0x21
0x12b6f: ret
0x12b70: mov ah, 0x1a
2018-12-25T12:43:14.821306513Z 64 PC: 12c38 | Write file or device (Write 482 bytes on handle 5)
2018-12-25T12:43:14.830996818Z 87 PC: 12b58 | Get or set file date and time
2018-12-25T12:43:14.832541361Z 62 PC: 12b5c | Close file
2018-12-25T12:43:14.840270556Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.851030874Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T12:43:14.854506342Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.861065689Z 63 PC: 12add | Read file or device (See above)
2018-12-25T12:43:14.868067938Z 62 PC: 12ae1 | Close file (See above)
2018-12-25T12:43:14.869845716Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.881454135Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.890038742Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:43:14.905252139Z 66 PC: 12b6f | Move file pointer (See above)
2018-12-25T12:43:14.906974996Z 44 PC: 12b3c | Get time (See above)
2018-12-25T12:43:14.909948725Z 64 PC: 12c38 | Write file or device (See above)
2018-12-25T12:43:14.913958755Z 87 PC: 12b58 | Get or set file date and time (See above)
2018-12-25T12:43:14.915699637Z 62 PC: 12b5c | Close file (See above)
2018-12-25T12:43:14.923416851Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.93438616Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T12:43:14.937267431Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.944595763Z 63 PC: 12add | Read file or device (See above)
2018-12-25T12:43:14.952342247Z 62 PC: 12ae1 | Close file (See above)
2018-12-25T12:43:14.954471335Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:14.964556376Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:14.972108095Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:43:14.97485918Z 66 PC: 12b6f | Move file pointer (See above)
2018-12-25T12:43:14.976123726Z 44 PC: 12b3c | Get time (See above)
2018-12-25T12:43:14.978965635Z 64 PC: 12c38 | Write file or device (See above)
2018-12-25T12:43:14.987164651Z 87 PC: 12b58 | Get or set file date and time (See above)
2018-12-25T12:43:14.988913517Z 62 PC: 12b5c | Close file (See above)
2018-12-25T12:43:14.998333569Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:15.009307641Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T12:43:15.012171981Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:15.019028659Z 63 PC: 12add | Read file or device (See above)
2018-12-25T12:43:15.025571066Z 62 PC: 12ae1 | Close file (See above)
2018-12-25T12:43:15.027608214Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:15.037744008Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:15.044937117Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:43:15.047942416Z 66 PC: 12b6f | Move file pointer (See above)
2018-12-25T12:43:15.049925689Z 44 PC: 12b3c | Get time (See above)
2018-12-25T12:43:15.056955104Z 64 PC: 12c38 | Write file or device (See above)
2018-12-25T12:43:15.060039527Z 87 PC: 12b58 | Get or set file date and time (See above)
2018-12-25T12:43:15.061708906Z 62 PC: 12b5c | Close file (See above)
2018-12-25T12:43:15.0694425Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:15.081969201Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T12:43:15.084803982Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:15.091756731Z 63 PC: 12add | Read file or device (See above)
2018-12-25T12:43:15.099442058Z 62 PC: 12ae1 | Close file (See above)
2018-12-25T12:43:15.101124739Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:15.105607526Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:15.110698333Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:43:15.113584226Z 66 PC: 12b6f | Move file pointer (See above)
2018-12-25T12:43:15.115587943Z 44 PC: 12b3c | Get time (See above)
2018-12-25T12:43:15.118059751Z 64 PC: 12c38 | Write file or device (See above)
2018-12-25T12:43:15.127558426Z 87 PC: 12b58 | Get or set file date and time (See above)
2018-12-25T12:43:15.129664088Z 62 PC: 12b5c | Close file (See above)
2018-12-25T12:43:15.13139094Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:15.135899234Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T12:43:15.139387405Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:15.146278659Z 63 PC: 12add | Read file or device (See above)
2018-12-25T12:43:15.152366693Z 62 PC: 12ae1 | Close file (See above)
2018-12-25T12:43:15.155065104Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:15.164760085Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:15.17141772Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:43:15.174707928Z 66 PC: 12b6f | Move file pointer (See above)
2018-12-25T12:43:15.175662168Z 44 PC: 12b3c | Get time (See above)
2018-12-25T12:43:15.177121383Z 64 PC: 12c38 | Write file or device (See above)
2018-12-25T12:43:15.185301851Z 87 PC: 12b58 | Get or set file date and time (See above)
2018-12-25T12:43:15.186597808Z 62 PC: 12b5c | Close file (See above)
2018-12-25T12:43:15.193988021Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:15.205461205Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T12:43:15.20857356Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:15.214745215Z 63 PC: 12add | Read file or device (See above)
2018-12-25T12:43:15.221407549Z 62 PC: 12ae1 | Close file (See above)
2018-12-25T12:43:15.223061836Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:15.232781504Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:15.239647584Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:43:15.242884049Z 66 PC: 12b6f | Move file pointer (See above)
2018-12-25T12:43:15.244644261Z 44 PC: 12b3c | Get time (See above)
2018-12-25T12:43:15.24788377Z 64 PC: 12c38 | Write file or device (See above)
2018-12-25T12:43:15.25089444Z 87 PC: 12b58 | Get or set file date and time (See above)
2018-12-25T12:43:15.252566583Z 62 PC: 12b5c | Close file (See above)
2018-12-25T12:43:15.260432185Z 67 PC: 12b88 | Get or set file attributes (See above)
2018-12-25T12:43:15.269564518Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T12:43:15.272235891Z 61 PC: 12b7d | Open file (See above)
2018-12-25T12:43:15.277289647Z 63 PC: 12add | Read file or device (See above)
2018-12-25T12:43:15.283936275Z 62 PC: 12ae1 | Close file (See above)
2018-12-25T12:43:15.285787666Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T12:43:15.288150453Z 59 PC: 12a96 | Change current directory
2018-12-25T12:43:15.292833788Z 9 PC: 12aa0 | Display string (String= 'Becky Conner - I Hate Mark! MuTaTiON INTERRUPT [NOVEMBER 1994] ')
2018-12-25T12:43:15.300392071Z 37 PC: 12aaa | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:43:15.30148233Z 59 PC: 12ab4 | Change current directory
2018-12-25T12:43:15.303462275Z 26 PC: 12b74 | Set disk transfer address (See above)