{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16401,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:52:52.313051362Z | 26 | PC: 12a5b | Set disk transfer address |
| 2018-12-25T12:52:52.314627427Z | 78 | PC: 12a65 | Find first file |
| 2018-12-25T12:52:52.32126622Z | 67 | PC: 12a70 | Get or set file attributes |
| 2018-12-25T12:52:52.327670982Z | 67 | PC: 12a78 | Get or set file attributes |
| 2018-12-25T12:52:52.348578087Z | 61 | PC: 12a81 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:52:52.36219346Z | 66 | PC: 12a8d | Move file pointer |
| 2018-12-25T12:52:52.364124908Z | 66 | PC: 12a9a | Move file pointer |
| 2018-12-25T12:52:52.366017894Z | 63 | PC: 12aa5 | Read file or device (Read 1 bytes on handle 5) |
| 2018-12-25T12:52:52.373810048Z | 66 | PC: 12ad0 | Move file pointer |
| 2018-12-25T12:52:52.37562614Z | 63 | PC: 12adc | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:52:52.37831698Z | 66 | PC: 12ae7 | Move file pointer |
| 2018-12-25T12:52:52.380757593Z | 64 | PC: 12af7 | Write file or device (Write 441 bytes on handle 5) |
| 2018-12-25T12:52:52.390306497Z | 66 | PC: 12b02 | Move file pointer |
| 2018-12-25T12:52:52.392578226Z | 64 | PC: 12b0d | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:52:52.401075526Z | 62 | PC: 12b11 | Close file |
| 2018-12-25T12:52:52.410830574Z | 42 | PC: 12b27 | Get date 0x12b27: cmp dh, 5 0x12b2a: jne 0x12b34 0x12b2c: cmp dl, 0xc 0x12b2f: jne 0x12b34 0x12b31: jmp 0x12b3e 0x12b33: nop 0x12b34: cmp dh, 2 0x12b37: jne 0x12b3e 0x12b39: cmp dl, 0x19 0x12b3c: jne 0x12b3e 0x12b3e: pop cx 0x12b3f: lea dx, word ptr [si + 0x2d6] 0x12b43: mov ax, 0x4301 0x12b46: int 0x21 0x12b48: xor ax, ax 0x12b4a: xor bx, bx 0x12b4c: xor cx, cx 0x12b4e: xor dx, dx 0x12b50: xor si, si 0x12b52: call 0x12b57 |
| 2018-12-25T12:52:52.413935106Z | 67 | PC: 12b48 | Get or set file attributes |
{"DateBased":true,"Day":1,"Month":2,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16401,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:52:54.346162346Z | 26 | PC: 12a5b | Set disk transfer address |
| 2018-12-25T12:52:54.347993253Z | 78 | PC: 12a65 | Find first file |
| 2018-12-25T12:52:54.355358843Z | 67 | PC: 12a70 | Get or set file attributes |
| 2018-12-25T12:52:54.361791381Z | 67 | PC: 12a78 | Get or set file attributes |
| 2018-12-25T12:52:54.381549041Z | 61 | PC: 12a81 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:52:54.391022527Z | 66 | PC: 12a8d | Move file pointer |
| 2018-12-25T12:52:54.392893408Z | 66 | PC: 12a9a | Move file pointer |
| 2018-12-25T12:52:54.394679962Z | 63 | PC: 12aa5 | Read file or device (Read 1 bytes on handle 5) |
| 2018-12-25T12:52:54.402883612Z | 66 | PC: 12ad0 | Move file pointer |
| 2018-12-25T12:52:54.404689674Z | 63 | PC: 12adc | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:52:54.407649346Z | 66 | PC: 12ae7 | Move file pointer |
| 2018-12-25T12:52:54.424309894Z | 64 | PC: 12af7 | Write file or device (Write 441 bytes on handle 5) |
| 2018-12-25T12:52:54.433184106Z | 66 | PC: 12b02 | Move file pointer |
| 2018-12-25T12:52:54.434896405Z | 64 | PC: 12b0d | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:52:54.442312182Z | 62 | PC: 12b11 | Close file |
| 2018-12-25T12:52:54.451430039Z | 42 | PC: 12b27 | Get date 0x12b27: cmp dh, 5 0x12b2a: jne 0x12b34 0x12b2c: cmp dl, 0xc 0x12b2f: jne 0x12b34 0x12b31: jmp 0x12b3e 0x12b33: nop 0x12b34: cmp dh, 2 0x12b37: jne 0x12b3e 0x12b39: cmp dl, 0x19 0x12b3c: jne 0x12b3e 0x12b3e: pop cx 0x12b3f: lea dx, word ptr [si + 0x2d6] 0x12b43: mov ax, 0x4301 0x12b46: int 0x21 0x12b48: xor ax, ax 0x12b4a: xor bx, bx 0x12b4c: xor cx, cx 0x12b4e: xor dx, dx 0x12b50: xor si, si 0x12b52: call 0x12b57 |
| 2018-12-25T12:52:54.453799221Z | 67 | PC: 12b48 | Get or set file attributes |
{"DateBased":true,"Day":1,"Month":5,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16401,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:52:55.043187239Z | 26 | PC: 12a5b | Set disk transfer address |
| 2018-12-25T12:52:55.044815309Z | 78 | PC: 12a65 | Find first file |
| 2018-12-25T12:52:55.052291662Z | 67 | PC: 12a70 | Get or set file attributes |
| 2018-12-25T12:52:55.058670823Z | 67 | PC: 12a78 | Get or set file attributes |
| 2018-12-25T12:52:55.076017783Z | 61 | PC: 12a81 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:52:55.084208924Z | 66 | PC: 12a8d | Move file pointer |
| 2018-12-25T12:52:55.08573053Z | 66 | PC: 12a9a | Move file pointer |
| 2018-12-25T12:52:55.087195472Z | 63 | PC: 12aa5 | Read file or device (Read 1 bytes on handle 5) |
| 2018-12-25T12:52:55.094708373Z | 66 | PC: 12ad0 | Move file pointer |
| 2018-12-25T12:52:55.096311173Z | 63 | PC: 12adc | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:52:55.099056835Z | 66 | PC: 12ae7 | Move file pointer |
| 2018-12-25T12:52:55.10170193Z | 64 | PC: 12af7 | Write file or device (Write 441 bytes on handle 5) |
| 2018-12-25T12:52:55.111191586Z | 66 | PC: 12b02 | Move file pointer |
| 2018-12-25T12:52:55.112839036Z | 64 | PC: 12b0d | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:52:55.120537805Z | 62 | PC: 12b11 | Close file |
| 2018-12-25T12:52:55.130370547Z | 42 | PC: 12b27 | Get date 0x12b27: cmp dh, 5 0x12b2a: jne 0x12b34 0x12b2c: cmp dl, 0xc 0x12b2f: jne 0x12b34 0x12b31: jmp 0x12b3e 0x12b33: nop 0x12b34: cmp dh, 2 0x12b37: jne 0x12b3e 0x12b39: cmp dl, 0x19 0x12b3c: jne 0x12b3e 0x12b3e: pop cx 0x12b3f: lea dx, word ptr [si + 0x2d6] 0x12b43: mov ax, 0x4301 0x12b46: int 0x21 0x12b48: xor ax, ax 0x12b4a: xor bx, bx 0x12b4c: xor cx, cx 0x12b4e: xor dx, dx 0x12b50: xor si, si 0x12b52: call 0x12b57 |
| 2018-12-25T12:52:55.133029655Z | 67 | PC: 12b48 | Get or set file attributes |
{"DateBased":true,"Day":12,"Month":5,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16401,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:52:55.367311032Z | 26 | PC: 12a5b | Set disk transfer address |
| 2018-12-25T12:52:55.368815819Z | 78 | PC: 12a65 | Find first file |
| 2018-12-25T12:52:55.376460706Z | 67 | PC: 12a70 | Get or set file attributes |
| 2018-12-25T12:52:55.383274097Z | 67 | PC: 12a78 | Get or set file attributes |
| 2018-12-25T12:52:55.400350962Z | 61 | PC: 12a81 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:52:55.40866066Z | 66 | PC: 12a8d | Move file pointer |
| 2018-12-25T12:52:55.410215887Z | 66 | PC: 12a9a | Move file pointer |
| 2018-12-25T12:52:55.411755102Z | 63 | PC: 12aa5 | Read file or device (Read 1 bytes on handle 5) |
| 2018-12-25T12:52:55.419961997Z | 66 | PC: 12ad0 | Move file pointer |
| 2018-12-25T12:52:55.421555523Z | 63 | PC: 12adc | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:52:55.424289016Z | 66 | PC: 12ae7 | Move file pointer |
| 2018-12-25T12:52:55.426417954Z | 64 | PC: 12af7 | Write file or device (Write 441 bytes on handle 5) |
| 2018-12-25T12:52:55.435567703Z | 66 | PC: 12b02 | Move file pointer |
| 2018-12-25T12:52:55.436893444Z | 64 | PC: 12b0d | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:52:55.444431279Z | 62 | PC: 12b11 | Close file |
| 2018-12-25T12:52:55.453980154Z | 42 | PC: 12b27 | Get date 0x12b27: cmp dh, 5 0x12b2a: jne 0x12b34 0x12b2c: cmp dl, 0xc 0x12b2f: jne 0x12b34 0x12b31: jmp 0x12b3e 0x12b33: nop 0x12b34: cmp dh, 2 0x12b37: jne 0x12b3e 0x12b39: cmp dl, 0x19 0x12b3c: jne 0x12b3e 0x12b3e: pop cx 0x12b3f: lea dx, word ptr [si + 0x2d6] 0x12b43: mov ax, 0x4301 0x12b46: int 0x21 0x12b48: xor ax, ax 0x12b4a: xor bx, bx 0x12b4c: xor cx, cx 0x12b4e: xor dx, dx 0x12b50: xor si, si 0x12b52: call 0x12b57 |
| 2018-12-25T12:52:55.456796544Z | 67 | PC: 12b48 | Get or set file attributes |