{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16273,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:52:28.386962555Z | 42 | PC: 12b35 | Get date 0x12b35: cmp dl, 4 0x12b38: jne 0x12b3d 0x12b3a: jmp 0x12ce0 0x12b3d: cmp cx, 0x7d0 0x12b41: jne 0x12b46 0x12b43: jmp 0x12d2e 0x12b46: cmp dl, 0xd 0x12b49: jne 0x12b52 0x12b4b: cmp al, 5 0x12b4d: jne 0x12b52 0x12b4f: jmp 0x12d7f 0x12b52: call 0x12b58 0x12b55: jmp 0x12b97 0x12b57: nop 0x12b58: pop si 0x12b59: push si 0x12b5a: ret 0x12b5b: add bh, byte ptr [bx] 0x12b5d: aas 0x12b5e: aas |
| 2018-12-25T12:52:28.390512721Z | 26 | PC: 12ba0 | Set disk transfer address |
| 2018-12-25T12:52:28.392088406Z | 78 | PC: 12ba9 | Find first file |
| 2018-12-25T12:52:28.399655959Z | 67 | PC: 12bd0 | Get or set file attributes |
| 2018-12-25T12:52:29.591800215Z | 61 | PC: 12bd5 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:52:29.600197971Z | 87 | PC: 12be4 | Get or set file date and time |
| 2018-12-25T12:52:29.602208044Z | 63 | PC: 12bf5 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:52:29.610337886Z | 66 | PC: 12c08 | Move file pointer |
| 2018-12-25T12:52:29.612474186Z | 66 | PC: 12c19 | Move file pointer |
| 2018-12-25T12:52:29.614871401Z | 66 | PC: 12c34 | Move file pointer |
| 2018-12-25T12:52:29.617208697Z | 64 | PC: 12c4b | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:52:29.620670591Z | 66 | PC: 12c56 | Move file pointer |
| 2018-12-25T12:52:29.623221288Z | 64 | PC: 12c88 | Write file or device (Write 686 bytes on handle 5) |
| 2018-12-25T12:52:29.650224818Z | 87 | PC: 12c8f | Get or set file date and time |
| 2018-12-25T12:52:29.651495559Z | 62 | PC: 12c93 | Close file |
| 2018-12-25T12:52:29.671012795Z | 76 | PC: 12a5b | Terminate with return code (Return code = '1') |
{"DateBased":true,"Day":4,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16273,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:52:28.589366852Z | 42 | PC: 12b35 | Get date 0x12b35: cmp dl, 4 0x12b38: jne 0x12b3d 0x12b3a: jmp 0x12ce0 0x12b3d: cmp cx, 0x7d0 0x12b41: jne 0x12b46 0x12b43: jmp 0x12d2e 0x12b46: cmp dl, 0xd 0x12b49: jne 0x12b52 0x12b4b: cmp al, 5 0x12b4d: jne 0x12b52 0x12b4f: jmp 0x12d7f 0x12b52: call 0x12b58 0x12b55: jmp 0x12b97 0x12b57: nop 0x12b58: pop si 0x12b59: push si 0x12b5a: ret 0x12b5b: add bh, byte ptr [bx] 0x12b5d: aas 0x12b5e: aas |
| 2018-12-25T12:52:28.592046304Z | 9 | PC: 12d29 | Display string (String= 'Water detected in math-co-processor ') |
| 2018-12-25T12:52:28.598633631Z | 76 | PC: 12d2e | Terminate with return code (Return code = '1') |
{"DateBased":true,"Day":13,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16273,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:52:28.726947975Z | 42 | PC: 12b35 | Get date 0x12b35: cmp dl, 4 0x12b38: jne 0x12b3d 0x12b3a: jmp 0x12ce0 0x12b3d: cmp cx, 0x7d0 0x12b41: jne 0x12b46 0x12b43: jmp 0x12d2e 0x12b46: cmp dl, 0xd 0x12b49: jne 0x12b52 0x12b4b: cmp al, 5 0x12b4d: jne 0x12b52 0x12b4f: jmp 0x12d7f 0x12b52: call 0x12b58 0x12b55: jmp 0x12b97 0x12b57: nop 0x12b58: pop si 0x12b59: push si 0x12b5a: ret 0x12b5b: add bh, byte ptr [bx] 0x12b5d: aas 0x12b5e: aas |
| 2018-12-25T12:52:28.729331644Z | 26 | PC: 12ba0 | Set disk transfer address |
| 2018-12-25T12:52:28.730306723Z | 78 | PC: 12ba9 | Find first file |
| 2018-12-25T12:52:28.735942128Z | 67 | PC: 12bd0 | Get or set file attributes |
| 2018-12-25T12:52:29.856976833Z | 61 | PC: 12bd5 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:52:29.863483875Z | 87 | PC: 12be4 | Get or set file date and time |
| 2018-12-25T12:52:29.864720913Z | 63 | PC: 12bf5 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:52:29.871047912Z | 66 | PC: 12c08 | Move file pointer |
| 2018-12-25T12:52:29.872470637Z | 66 | PC: 12c19 | Move file pointer |
| 2018-12-25T12:52:29.873778299Z | 66 | PC: 12c34 | Move file pointer |
| 2018-12-25T12:52:29.875101768Z | 64 | PC: 12c4b | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:52:29.877808854Z | 66 | PC: 12c56 | Move file pointer |
| 2018-12-25T12:52:29.87903789Z | 64 | PC: 12c88 | Write file or device (Write 686 bytes on handle 5) |
| 2018-12-25T12:52:30.071866546Z | 87 | PC: 12c8f | Get or set file date and time |
| 2018-12-25T12:52:30.077209218Z | 62 | PC: 12c93 | Close file |
| 2018-12-25T12:52:30.282872883Z | 76 | PC: 12a5b | Terminate with return code (Return code = '1') |
{"DateBased":true,"Day":13,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16273,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:52:28.769302541Z | 42 | PC: 12b35 | Get date 0x12b35: cmp dl, 4 0x12b38: jne 0x12b3d 0x12b3a: jmp 0x12ce0 0x12b3d: cmp cx, 0x7d0 0x12b41: jne 0x12b46 0x12b43: jmp 0x12d2e 0x12b46: cmp dl, 0xd 0x12b49: jne 0x12b52 0x12b4b: cmp al, 5 0x12b4d: jne 0x12b52 0x12b4f: jmp 0x12d7f 0x12b52: call 0x12b58 0x12b55: jmp 0x12b97 0x12b57: nop 0x12b58: pop si 0x12b59: push si 0x12b5a: ret 0x12b5b: add bh, byte ptr [bx] 0x12b5d: aas 0x12b5e: aas |
| 2018-12-25T12:52:28.772122667Z | 9 | PC: 12dd9 | Display string (Could not find end pointer) |
| 2018-12-25T12:52:28.781066795Z | 26 | PC: 12ba0 | Set disk transfer address |
| 2018-12-25T12:52:28.782210968Z | 78 | PC: 12ba9 | Find first file |
| 2018-12-25T12:52:28.788967889Z | 67 | PC: 12bd0 | Get or set file attributes |
| 2018-12-25T12:52:30.599396064Z | 61 | PC: 12bd5 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:52:30.607180519Z | 87 | PC: 12be4 | Get or set file date and time |
| 2018-12-25T12:52:30.609233675Z | 63 | PC: 12bf5 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:52:30.617947977Z | 66 | PC: 12c08 | Move file pointer |
| 2018-12-25T12:52:30.619889543Z | 66 | PC: 12c19 | Move file pointer |
| 2018-12-25T12:52:30.621913516Z | 66 | PC: 12c34 | Move file pointer |
| 2018-12-25T12:52:30.625724647Z | 64 | PC: 12c4b | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:52:30.629148251Z | 66 | PC: 12c56 | Move file pointer |
| 2018-12-25T12:52:30.630832356Z | 64 | PC: 12c88 | Write file or device (Write 686 bytes on handle 5) |
| 2018-12-25T12:52:30.64314399Z | 87 | PC: 12c8f | Get or set file date and time |
| 2018-12-25T12:52:30.645210165Z | 62 | PC: 12c93 | Close file |
| 2018-12-25T12:52:30.655009703Z | 76 | PC: 12a5b | Terminate with return code (Return code = '1') |
{"DateBased":true,"Day":1,"Month":1,"Year":2000,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16273,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:52:28.973120096Z | 42 | PC: 12b35 | Get date 0x12b35: cmp dl, 4 0x12b38: jne 0x12b3d 0x12b3a: jmp 0x12ce0 0x12b3d: cmp cx, 0x7d0 0x12b41: jne 0x12b46 0x12b43: jmp 0x12d2e 0x12b46: cmp dl, 0xd 0x12b49: jne 0x12b52 0x12b4b: cmp al, 5 0x12b4d: jne 0x12b52 0x12b4f: jmp 0x12d7f 0x12b52: call 0x12b58 0x12b55: jmp 0x12b97 0x12b57: nop 0x12b58: pop si 0x12b59: push si 0x12b5a: ret 0x12b5b: add bh, byte ptr [bx] 0x12b5d: aas 0x12b5e: aas |
| 2018-12-25T12:52:28.974924006Z | 9 | PC: 12d6f | Display string (String= 'PARITY ERROR System halted ') |