{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:00.52041953Z | 47 | PC: 12b77 | Get disk transfer address |
| 2018-12-25T12:53:00.52219114Z | 26 | PC: 12b8a | Set disk transfer address |
| 2018-12-25T12:53:00.525308699Z | 78 | PC: 12c19 | Find first file |
| 2018-12-25T12:53:00.532879797Z | 67 | PC: 12c60 | Get or set file attributes |
| 2018-12-25T12:53:00.540330007Z | 67 | PC: 12c72 | Get or set file attributes |
| 2018-12-25T12:53:00.558821096Z | 61 | PC: 12c7e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:53:00.582806628Z | 87 | PC: 12c8a | Get or set file date and time |
| 2018-12-25T12:53:00.591867071Z | 44 | PC: 12c97 | Get time 0x12c97: mov ah, 0x3f 0x12c99: mov cx, 3 0x12c9c: mov dx, 0xa 0x12c9f: nop 0x12ca0: add dx, si 0x12ca2: int 0x21 0x12ca4: jb 0x12d0a 0x12ca6: cmp ax, 3 0x12ca9: jne 0x12d0a 0x12cab: cmp word ptr [si + 0xa], 0x5a4d 0x12cb0: nop 0x12cb1: je 0x12d0a 0x12cb3: mov ax, 0x4202 0x12cb6: mov cx, 0 0x12cb9: mov dx, 0 0x12cbc: int 0x21 0x12cbe: nop 0x12cbf: jb 0x12d0a 0x12cc1: mov cx, ax 0x12cc3: sub ax, 3 |
| 2018-12-25T12:53:00.595029475Z | 63 | PC: 12ca4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:53:00.603175655Z | 66 | PC: 12cbe | Move file pointer |
| 2018-12-25T12:53:00.605783294Z | 64 | PC: 13303 | Write file or device (Write 2278 bytes on handle 5) |
| 2018-12-25T12:53:00.616209056Z | 66 | PC: 12cfb | Move file pointer |
| 2018-12-25T12:53:00.618618602Z | 64 | PC: 12d0a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:53:00.626640578Z | 87 | PC: 12d1d | Get or set file date and time |
| 2018-12-25T12:53:00.628922109Z | 62 | PC: 12d21 | Close file |
| 2018-12-25T12:53:00.638966746Z | 67 | PC: 12d30 | Get or set file attributes |
| 2018-12-25T12:53:00.650761666Z | 26 | PC: 12d3d | Set disk transfer address |
| 2018-12-25T12:53:00.652264842Z | 42 | PC: 12a9e | Get date 0x12a9e: cmp cx, 0x7cb 0x12aa2: jge 0x12aa7 0x12aa4: jmp 0x12b03 0x12aa6: nop 0x12aa7: cmp dh, 5 0x12aaa: jge 0x12aaf 0x12aac: jmp 0x12b03 0x12aae: nop 0x12aaf: cmp dl, 5 0x12ab2: jge 0x12abb 0x12ab4: jmp 0x12b03 0x12ab6: nop 0x12ab7: cmp al, 5 0x12ab9: je 0x12af6 0x12abb: mov ah, 0x2c 0x12abd: int 0x21 0x12abf: cmp ch, 0xf 0x12ac2: jb 0x12b03 0x12ac4: cmp ch, 0x13 0x12ac7: jge 0x12b03 |
| 2018-12-25T12:53:00.655490254Z | 47 | PC: 12b77 | Get disk transfer address (See above) |
| 2018-12-25T12:53:00.656961209Z | 26 | PC: 12b8a | Set disk transfer address (See above) |
| 2018-12-25T12:53:00.658469605Z | 78 | PC: 12c19 | Find first file (See above) |
| 2018-12-25T12:53:00.665975558Z | 79 | PC: 12c1f | Find next file |
| 2018-12-25T12:53:00.669081463Z | 67 | PC: 12c60 | Get or set file attributes (See above) |
| 2018-12-25T12:53:00.676327788Z | 67 | PC: 12c72 | Get or set file attributes (See above) |
| 2018-12-25T12:53:00.688402377Z | 61 | PC: 12c7e | Open file (See above) |
| 2018-12-25T12:53:00.695908963Z | 87 | PC: 12c8a | Get or set file date and time (See above) |
| 2018-12-25T12:53:00.697600672Z | 44 | PC: 12c97 | Get time (See above) |
| 2018-12-25T12:53:00.700660936Z | 63 | PC: 12ca4 | Read file or device (See above) |
| 2018-12-25T12:53:00.707925592Z | 66 | PC: 12cbe | Move file pointer (See above) |
| 2018-12-25T12:53:00.710493889Z | 64 | PC: 13303 | Write file or device (See above) |
| 2018-12-25T12:53:00.721996827Z | 66 | PC: 12cfb | Move file pointer (See above) |
| 2018-12-25T12:53:00.724156292Z | 64 | PC: 12d0a | Write file or device (See above) |
| 2018-12-25T12:53:00.736442911Z | 87 | PC: 12d1d | Get or set file date and time (See above) |
| 2018-12-25T12:53:00.74487534Z | 62 | PC: 12d21 | Close file (See above) |
| 2018-12-25T12:53:00.754375808Z | 67 | PC: 12d30 | Get or set file attributes (See above) |
| 2018-12-25T12:53:00.765732705Z | 26 | PC: 12d3d | Set disk transfer address (See above) |
| 2018-12-25T12:53:00.767644775Z | 9 | PC: 12a68 | Display string (String= 'Small COM program (42 bytes) ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:02.200982028Z | 47 | PC: 12b77 | Get disk transfer address |
| 2018-12-25T12:53:02.202953138Z | 26 | PC: 12b8a | Set disk transfer address |
| 2018-12-25T12:53:02.20420911Z | 78 | PC: 12c19 | Find first file |
| 2018-12-25T12:53:02.210746396Z | 67 | PC: 12c60 | Get or set file attributes |
| 2018-12-25T12:53:02.217215511Z | 67 | PC: 12c72 | Get or set file attributes |
| 2018-12-25T12:53:02.237011807Z | 61 | PC: 12c7e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:53:02.244538977Z | 87 | PC: 12c8a | Get or set file date and time |
| 2018-12-25T12:53:02.246085314Z | 44 | PC: 12c97 | Get time 0x12c97: mov ah, 0x3f 0x12c99: mov cx, 3 0x12c9c: mov dx, 0xa 0x12c9f: nop 0x12ca0: add dx, si 0x12ca2: int 0x21 0x12ca4: jb 0x12d0a 0x12ca6: cmp ax, 3 0x12ca9: jne 0x12d0a 0x12cab: cmp word ptr [si + 0xa], 0x5a4d 0x12cb0: nop 0x12cb1: je 0x12d0a 0x12cb3: mov ax, 0x4202 0x12cb6: mov cx, 0 0x12cb9: mov dx, 0 0x12cbc: int 0x21 0x12cbe: nop 0x12cbf: jb 0x12d0a 0x12cc1: mov cx, ax 0x12cc3: sub ax, 3 |
| 2018-12-25T12:53:02.249370507Z | 63 | PC: 12ca4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:53:02.25713251Z | 66 | PC: 12cbe | Move file pointer |
| 2018-12-25T12:53:02.260290396Z | 64 | PC: 13303 | Write file or device (Write 2278 bytes on handle 5) |
| 2018-12-25T12:53:02.275004349Z | 66 | PC: 12cfb | Move file pointer |
| 2018-12-25T12:53:02.27647109Z | 64 | PC: 12d0a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:53:02.283425015Z | 87 | PC: 12d1d | Get or set file date and time |
| 2018-12-25T12:53:02.288340421Z | 62 | PC: 12d21 | Close file |
| 2018-12-25T12:53:02.296644169Z | 67 | PC: 12d30 | Get or set file attributes |
| 2018-12-25T12:53:02.307062603Z | 26 | PC: 12d3d | Set disk transfer address |
| 2018-12-25T12:53:02.30836747Z | 42 | PC: 12a9e | Get date 0x12a9e: cmp cx, 0x7cb 0x12aa2: jge 0x12aa7 0x12aa4: jmp 0x12b03 0x12aa6: nop 0x12aa7: cmp dh, 5 0x12aaa: jge 0x12aaf 0x12aac: jmp 0x12b03 0x12aae: nop 0x12aaf: cmp dl, 5 0x12ab2: jge 0x12abb 0x12ab4: jmp 0x12b03 0x12ab6: nop 0x12ab7: cmp al, 5 0x12ab9: je 0x12af6 0x12abb: mov ah, 0x2c 0x12abd: int 0x21 0x12abf: cmp ch, 0xf 0x12ac2: jb 0x12b03 0x12ac4: cmp ch, 0x13 0x12ac7: jge 0x12b03 |
| 2018-12-25T12:53:02.310748229Z | 47 | PC: 12b77 | Get disk transfer address (See above) |
| 2018-12-25T12:53:02.311858528Z | 26 | PC: 12b8a | Set disk transfer address (See above) |
| 2018-12-25T12:53:02.313234118Z | 78 | PC: 12c19 | Find first file (See above) |
| 2018-12-25T12:53:02.319996833Z | 79 | PC: 12c1f | Find next file |
| 2018-12-25T12:53:02.323897991Z | 67 | PC: 12c60 | Get or set file attributes (See above) |
| 2018-12-25T12:53:02.330263624Z | 67 | PC: 12c72 | Get or set file attributes (See above) |
| 2018-12-25T12:53:02.341698025Z | 61 | PC: 12c7e | Open file (See above) |
| 2018-12-25T12:53:02.351631537Z | 87 | PC: 12c8a | Get or set file date and time (See above) |
| 2018-12-25T12:53:02.353305766Z | 44 | PC: 12c97 | Get time (See above) |
| 2018-12-25T12:53:02.356152199Z | 63 | PC: 12ca4 | Read file or device (See above) |
| 2018-12-25T12:53:02.364028676Z | 66 | PC: 12cbe | Move file pointer (See above) |
| 2018-12-25T12:53:02.367173859Z | 64 | PC: 13303 | Write file or device (See above) |
| 2018-12-25T12:53:02.379033392Z | 66 | PC: 12cfb | Move file pointer (See above) |
| 2018-12-25T12:53:02.381390592Z | 64 | PC: 12d0a | Write file or device (See above) |
| 2018-12-25T12:53:02.394138995Z | 87 | PC: 12d1d | Get or set file date and time (See above) |
| 2018-12-25T12:53:02.397437705Z | 62 | PC: 12d21 | Close file (See above) |
| 2018-12-25T12:53:02.406278017Z | 67 | PC: 12d30 | Get or set file attributes (See above) |
| 2018-12-25T12:53:02.413109493Z | 26 | PC: 12d3d | Set disk transfer address (See above) |
| 2018-12-25T12:53:02.414319478Z | 9 | PC: 12a68 | Display string (String= 'Small COM program (42 bytes) ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:02.238733355Z | 47 | PC: 12b77 | Get disk transfer address |
| 2018-12-25T12:53:02.240427718Z | 26 | PC: 12b8a | Set disk transfer address |
| 2018-12-25T12:53:02.2417872Z | 78 | PC: 12c19 | Find first file |
| 2018-12-25T12:53:02.248376754Z | 67 | PC: 12c60 | Get or set file attributes |
| 2018-12-25T12:53:02.255216567Z | 67 | PC: 12c72 | Get or set file attributes |
| 2018-12-25T12:53:02.274790133Z | 61 | PC: 12c7e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:53:02.288495204Z | 87 | PC: 12c8a | Get or set file date and time |
| 2018-12-25T12:53:02.293499469Z | 44 | PC: 12c97 | Get time 0x12c97: mov ah, 0x3f 0x12c99: mov cx, 3 0x12c9c: mov dx, 0xa 0x12c9f: nop 0x12ca0: add dx, si 0x12ca2: int 0x21 0x12ca4: jb 0x12d0a 0x12ca6: cmp ax, 3 0x12ca9: jne 0x12d0a 0x12cab: cmp word ptr [si + 0xa], 0x5a4d 0x12cb0: nop 0x12cb1: je 0x12d0a 0x12cb3: mov ax, 0x4202 0x12cb6: mov cx, 0 0x12cb9: mov dx, 0 0x12cbc: int 0x21 0x12cbe: nop 0x12cbf: jb 0x12d0a 0x12cc1: mov cx, ax 0x12cc3: sub ax, 3 |
| 2018-12-25T12:53:02.298134831Z | 63 | PC: 12ca4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:53:02.305645998Z | 66 | PC: 12cbe | Move file pointer |
| 2018-12-25T12:53:02.310670535Z | 64 | PC: 13303 | Write file or device (Write 2278 bytes on handle 5) |
| 2018-12-25T12:53:02.328812525Z | 66 | PC: 12cfb | Move file pointer |
| 2018-12-25T12:53:02.330857977Z | 64 | PC: 12d0a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:53:02.3386405Z | 87 | PC: 12d1d | Get or set file date and time |
| 2018-12-25T12:53:02.341174445Z | 62 | PC: 12d21 | Close file |
| 2018-12-25T12:53:02.350666315Z | 67 | PC: 12d30 | Get or set file attributes |
| 2018-12-25T12:53:02.362156751Z | 26 | PC: 12d3d | Set disk transfer address |
| 2018-12-25T12:53:02.364053237Z | 42 | PC: 12a9e | Get date 0x12a9e: cmp cx, 0x7cb 0x12aa2: jge 0x12aa7 0x12aa4: jmp 0x12b03 0x12aa6: nop 0x12aa7: cmp dh, 5 0x12aaa: jge 0x12aaf 0x12aac: jmp 0x12b03 0x12aae: nop 0x12aaf: cmp dl, 5 0x12ab2: jge 0x12abb 0x12ab4: jmp 0x12b03 0x12ab6: nop 0x12ab7: cmp al, 5 0x12ab9: je 0x12af6 0x12abb: mov ah, 0x2c 0x12abd: int 0x21 0x12abf: cmp ch, 0xf 0x12ac2: jb 0x12b03 0x12ac4: cmp ch, 0x13 0x12ac7: jge 0x12b03 |
| 2018-12-25T12:53:02.366536946Z | 47 | PC: 12b77 | Get disk transfer address (See above) |
| 2018-12-25T12:53:02.367849378Z | 26 | PC: 12b8a | Set disk transfer address (See above) |
| 2018-12-25T12:53:02.370015808Z | 78 | PC: 12c19 | Find first file (See above) |
| 2018-12-25T12:53:02.377130515Z | 79 | PC: 12c1f | Find next file |
| 2018-12-25T12:53:02.380511296Z | 67 | PC: 12c60 | Get or set file attributes (See above) |
| 2018-12-25T12:53:02.388357648Z | 67 | PC: 12c72 | Get or set file attributes (See above) |
| 2018-12-25T12:53:02.400871722Z | 61 | PC: 12c7e | Open file (See above) |
| 2018-12-25T12:53:02.408156019Z | 87 | PC: 12c8a | Get or set file date and time (See above) |
| 2018-12-25T12:53:02.409858286Z | 44 | PC: 12c97 | Get time (See above) |
| 2018-12-25T12:53:02.412664309Z | 63 | PC: 12ca4 | Read file or device (See above) |
| 2018-12-25T12:53:02.419828151Z | 66 | PC: 12cbe | Move file pointer (See above) |
| 2018-12-25T12:53:02.423058202Z | 64 | PC: 13303 | Write file or device (See above) |
| 2018-12-25T12:53:02.434624607Z | 66 | PC: 12cfb | Move file pointer (See above) |
| 2018-12-25T12:53:02.436342482Z | 64 | PC: 12d0a | Write file or device (See above) |
| 2018-12-25T12:53:02.443465321Z | 87 | PC: 12d1d | Get or set file date and time (See above) |
| 2018-12-25T12:53:02.445633745Z | 62 | PC: 12d21 | Close file (See above) |
| 2018-12-25T12:53:02.454437512Z | 67 | PC: 12d30 | Get or set file attributes (See above) |
| 2018-12-25T12:53:02.465628795Z | 26 | PC: 12d3d | Set disk transfer address (See above) |
| 2018-12-25T12:53:02.468153923Z | 9 | PC: 12a68 | Display string (String= 'Small COM program (42 bytes) ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:02.299793195Z | 47 | PC: 12b77 | Get disk transfer address |
| 2018-12-25T12:53:02.30146399Z | 26 | PC: 12b8a | Set disk transfer address |
| 2018-12-25T12:53:02.302771475Z | 78 | PC: 12c19 | Find first file |
| 2018-12-25T12:53:02.309599927Z | 67 | PC: 12c60 | Get or set file attributes |
| 2018-12-25T12:53:02.31636881Z | 67 | PC: 12c72 | Get or set file attributes |
| 2018-12-25T12:53:02.336409786Z | 61 | PC: 12c7e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:53:02.344904Z | 87 | PC: 12c8a | Get or set file date and time |
| 2018-12-25T12:53:02.346761586Z | 44 | PC: 12c97 | Get time 0x12c97: mov ah, 0x3f 0x12c99: mov cx, 3 0x12c9c: mov dx, 0xa 0x12c9f: nop 0x12ca0: add dx, si 0x12ca2: int 0x21 0x12ca4: jb 0x12d0a 0x12ca6: cmp ax, 3 0x12ca9: jne 0x12d0a 0x12cab: cmp word ptr [si + 0xa], 0x5a4d 0x12cb0: nop 0x12cb1: je 0x12d0a 0x12cb3: mov ax, 0x4202 0x12cb6: mov cx, 0 0x12cb9: mov dx, 0 0x12cbc: int 0x21 0x12cbe: nop 0x12cbf: jb 0x12d0a 0x12cc1: mov cx, ax 0x12cc3: sub ax, 3 |
| 2018-12-25T12:53:02.350595883Z | 63 | PC: 12ca4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:53:02.358235171Z | 66 | PC: 12cbe | Move file pointer |
| 2018-12-25T12:53:02.361209069Z | 64 | PC: 13303 | Write file or device (Write 2278 bytes on handle 5) |
| 2018-12-25T12:53:02.373002483Z | 66 | PC: 12cfb | Move file pointer |
| 2018-12-25T12:53:02.374945347Z | 64 | PC: 12d0a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:53:02.382661641Z | 87 | PC: 12d1d | Get or set file date and time |
| 2018-12-25T12:53:02.385588752Z | 62 | PC: 12d21 | Close file |
| 2018-12-25T12:53:02.394675809Z | 67 | PC: 12d30 | Get or set file attributes |
| 2018-12-25T12:53:02.406501654Z | 26 | PC: 12d3d | Set disk transfer address |
| 2018-12-25T12:53:02.408769079Z | 42 | PC: 12a9e | Get date 0x12a9e: cmp cx, 0x7cb 0x12aa2: jge 0x12aa7 0x12aa4: jmp 0x12b03 0x12aa6: nop 0x12aa7: cmp dh, 5 0x12aaa: jge 0x12aaf 0x12aac: jmp 0x12b03 0x12aae: nop 0x12aaf: cmp dl, 5 0x12ab2: jge 0x12abb 0x12ab4: jmp 0x12b03 0x12ab6: nop 0x12ab7: cmp al, 5 0x12ab9: je 0x12af6 0x12abb: mov ah, 0x2c 0x12abd: int 0x21 0x12abf: cmp ch, 0xf 0x12ac2: jb 0x12b03 0x12ac4: cmp ch, 0x13 0x12ac7: jge 0x12b03 |
| 2018-12-25T12:53:02.411310896Z | 47 | PC: 12b77 | Get disk transfer address (See above) |
| 2018-12-25T12:53:02.412415239Z | 26 | PC: 12b8a | Set disk transfer address (See above) |
| 2018-12-25T12:53:02.414697715Z | 78 | PC: 12c19 | Find first file (See above) |
| 2018-12-25T12:53:02.422154784Z | 79 | PC: 12c1f | Find next file |
| 2018-12-25T12:53:02.424371739Z | 67 | PC: 12c60 | Get or set file attributes (See above) |
| 2018-12-25T12:53:02.430051534Z | 67 | PC: 12c72 | Get or set file attributes (See above) |
| 2018-12-25T12:53:02.441746385Z | 61 | PC: 12c7e | Open file (See above) |
| 2018-12-25T12:53:02.448347403Z | 87 | PC: 12c8a | Get or set file date and time (See above) |
| 2018-12-25T12:53:02.450442671Z | 44 | PC: 12c97 | Get time (See above) |
| 2018-12-25T12:53:02.453368105Z | 63 | PC: 12ca4 | Read file or device (See above) |
| 2018-12-25T12:53:02.458347906Z | 66 | PC: 12cbe | Move file pointer (See above) |
| 2018-12-25T12:53:02.459907491Z | 64 | PC: 13303 | Write file or device (See above) |
| 2018-12-25T12:53:02.466777543Z | 66 | PC: 12cfb | Move file pointer (See above) |
| 2018-12-25T12:53:02.467898384Z | 64 | PC: 12d0a | Write file or device (See above) |
| 2018-12-25T12:53:02.472344859Z | 87 | PC: 12d1d | Get or set file date and time (See above) |
| 2018-12-25T12:53:02.474420353Z | 62 | PC: 12d21 | Close file (See above) |
| 2018-12-25T12:53:02.48087341Z | 67 | PC: 12d30 | Get or set file attributes (See above) |
| 2018-12-25T12:53:02.488754525Z | 26 | PC: 12d3d | Set disk transfer address (See above) |
| 2018-12-25T12:53:02.496775119Z | 9 | PC: 12a68 | Display string (String= 'Small COM program (42 bytes) ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:02.362429549Z | 47 | PC: 12b77 | Get disk transfer address |
| 2018-12-25T12:53:02.36382887Z | 26 | PC: 12b8a | Set disk transfer address |
| 2018-12-25T12:53:02.366836692Z | 78 | PC: 12c19 | Find first file |
| 2018-12-25T12:53:02.374166843Z | 67 | PC: 12c60 | Get or set file attributes |
| 2018-12-25T12:53:02.380908457Z | 67 | PC: 12c72 | Get or set file attributes |
| 2018-12-25T12:53:02.402732918Z | 61 | PC: 12c7e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:53:02.412439517Z | 87 | PC: 12c8a | Get or set file date and time |
| 2018-12-25T12:53:02.413997235Z | 44 | PC: 12c97 | Get time 0x12c97: mov ah, 0x3f 0x12c99: mov cx, 3 0x12c9c: mov dx, 0xa 0x12c9f: nop 0x12ca0: add dx, si 0x12ca2: int 0x21 0x12ca4: jb 0x12d0a 0x12ca6: cmp ax, 3 0x12ca9: jne 0x12d0a 0x12cab: cmp word ptr [si + 0xa], 0x5a4d 0x12cb0: nop 0x12cb1: je 0x12d0a 0x12cb3: mov ax, 0x4202 0x12cb6: mov cx, 0 0x12cb9: mov dx, 0 0x12cbc: int 0x21 0x12cbe: nop 0x12cbf: jb 0x12d0a 0x12cc1: mov cx, ax 0x12cc3: sub ax, 3 |
| 2018-12-25T12:53:02.417673624Z | 63 | PC: 12ca4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:53:02.425409691Z | 66 | PC: 12cbe | Move file pointer |
| 2018-12-25T12:53:02.428334672Z | 64 | PC: 13303 | Write file or device (Write 2278 bytes on handle 5) |
| 2018-12-25T12:53:02.439173447Z | 66 | PC: 12cfb | Move file pointer |
| 2018-12-25T12:53:02.44193759Z | 64 | PC: 12d0a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:53:02.449321076Z | 87 | PC: 12d1d | Get or set file date and time |
| 2018-12-25T12:53:02.45136004Z | 62 | PC: 12d21 | Close file |
| 2018-12-25T12:53:02.464679978Z | 67 | PC: 12d30 | Get or set file attributes |
| 2018-12-25T12:53:02.476681572Z | 26 | PC: 12d3d | Set disk transfer address |
| 2018-12-25T12:53:02.478078676Z | 42 | PC: 12a9e | Get date 0x12a9e: cmp cx, 0x7cb 0x12aa2: jge 0x12aa7 0x12aa4: jmp 0x12b03 0x12aa6: nop 0x12aa7: cmp dh, 5 0x12aaa: jge 0x12aaf 0x12aac: jmp 0x12b03 0x12aae: nop 0x12aaf: cmp dl, 5 0x12ab2: jge 0x12abb 0x12ab4: jmp 0x12b03 0x12ab6: nop 0x12ab7: cmp al, 5 0x12ab9: je 0x12af6 0x12abb: mov ah, 0x2c 0x12abd: int 0x21 0x12abf: cmp ch, 0xf 0x12ac2: jb 0x12b03 0x12ac4: cmp ch, 0x13 0x12ac7: jge 0x12b03 |
| 2018-12-25T12:53:02.481846343Z | 47 | PC: 12b77 | Get disk transfer address (See above) |
| 2018-12-25T12:53:02.483484766Z | 26 | PC: 12b8a | Set disk transfer address (See above) |
| 2018-12-25T12:53:02.485344619Z | 78 | PC: 12c19 | Find first file (See above) |
| 2018-12-25T12:53:02.498653697Z | 79 | PC: 12c1f | Find next file |
| 2018-12-25T12:53:02.50227364Z | 67 | PC: 12c60 | Get or set file attributes (See above) |
| 2018-12-25T12:53:02.509547975Z | 67 | PC: 12c72 | Get or set file attributes (See above) |
| 2018-12-25T12:53:02.521363778Z | 61 | PC: 12c7e | Open file (See above) |
| 2018-12-25T12:53:02.52978905Z | 87 | PC: 12c8a | Get or set file date and time (See above) |
| 2018-12-25T12:53:02.53128962Z | 44 | PC: 12c97 | Get time (See above) |
| 2018-12-25T12:53:02.533619069Z | 63 | PC: 12ca4 | Read file or device (See above) |
| 2018-12-25T12:53:02.54902676Z | 66 | PC: 12cbe | Move file pointer (See above) |
| 2018-12-25T12:53:02.5520548Z | 64 | PC: 13303 | Write file or device (See above) |
| 2018-12-25T12:53:02.56337798Z | 66 | PC: 12cfb | Move file pointer (See above) |
| 2018-12-25T12:53:02.566707189Z | 64 | PC: 12d0a | Write file or device (See above) |
| 2018-12-25T12:53:02.57451749Z | 87 | PC: 12d1d | Get or set file date and time (See above) |
| 2018-12-25T12:53:02.576699873Z | 62 | PC: 12d21 | Close file (See above) |
| 2018-12-25T12:53:02.586967051Z | 67 | PC: 12d30 | Get or set file attributes (See above) |
| 2018-12-25T12:53:02.598728605Z | 26 | PC: 12d3d | Set disk transfer address (See above) |
| 2018-12-25T12:53:02.600516202Z | 9 | PC: 12a68 | Display string (String= 'Small COM program (42 bytes) ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:02.43185926Z | 47 | PC: 12b77 | Get disk transfer address |
| 2018-12-25T12:53:02.433533545Z | 26 | PC: 12b8a | Set disk transfer address |
| 2018-12-25T12:53:02.435359127Z | 78 | PC: 12c19 | Find first file |
| 2018-12-25T12:53:02.442037145Z | 67 | PC: 12c60 | Get or set file attributes |
| 2018-12-25T12:53:02.448768996Z | 67 | PC: 12c72 | Get or set file attributes |
| 2018-12-25T12:53:02.465200318Z | 61 | PC: 12c7e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:53:02.473178436Z | 87 | PC: 12c8a | Get or set file date and time |
| 2018-12-25T12:53:02.474830013Z | 44 | PC: 12c97 | Get time 0x12c97: mov ah, 0x3f 0x12c99: mov cx, 3 0x12c9c: mov dx, 0xa 0x12c9f: nop 0x12ca0: add dx, si 0x12ca2: int 0x21 0x12ca4: jb 0x12d0a 0x12ca6: cmp ax, 3 0x12ca9: jne 0x12d0a 0x12cab: cmp word ptr [si + 0xa], 0x5a4d 0x12cb0: nop 0x12cb1: je 0x12d0a 0x12cb3: mov ax, 0x4202 0x12cb6: mov cx, 0 0x12cb9: mov dx, 0 0x12cbc: int 0x21 0x12cbe: nop 0x12cbf: jb 0x12d0a 0x12cc1: mov cx, ax 0x12cc3: sub ax, 3 |
| 2018-12-25T12:53:02.479012771Z | 63 | PC: 12ca4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:53:02.487156201Z | 66 | PC: 12cbe | Move file pointer |
| 2018-12-25T12:53:02.490001461Z | 64 | PC: 13303 | Write file or device (Write 2278 bytes on handle 5) |
| 2018-12-25T12:53:02.501277418Z | 66 | PC: 12cfb | Move file pointer |
| 2018-12-25T12:53:02.503133429Z | 64 | PC: 12d0a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:53:02.510693973Z | 87 | PC: 12d1d | Get or set file date and time |
| 2018-12-25T12:53:02.513666729Z | 62 | PC: 12d21 | Close file |
| 2018-12-25T12:53:02.523048558Z | 67 | PC: 12d30 | Get or set file attributes |
| 2018-12-25T12:53:02.536210746Z | 26 | PC: 12d3d | Set disk transfer address |
| 2018-12-25T12:53:02.537476373Z | 42 | PC: 12a9e | Get date 0x12a9e: cmp cx, 0x7cb 0x12aa2: jge 0x12aa7 0x12aa4: jmp 0x12b03 0x12aa6: nop 0x12aa7: cmp dh, 5 0x12aaa: jge 0x12aaf 0x12aac: jmp 0x12b03 0x12aae: nop 0x12aaf: cmp dl, 5 0x12ab2: jge 0x12abb 0x12ab4: jmp 0x12b03 0x12ab6: nop 0x12ab7: cmp al, 5 0x12ab9: je 0x12af6 0x12abb: mov ah, 0x2c 0x12abd: int 0x21 0x12abf: cmp ch, 0xf 0x12ac2: jb 0x12b03 0x12ac4: cmp ch, 0x13 0x12ac7: jge 0x12b03 |
| 2018-12-25T12:53:02.541004483Z | 47 | PC: 12b77 | Get disk transfer address (See above) |
| 2018-12-25T12:53:02.54258809Z | 26 | PC: 12b8a | Set disk transfer address (See above) |
| 2018-12-25T12:53:02.544277736Z | 78 | PC: 12c19 | Find first file (See above) |
| 2018-12-25T12:53:02.553519764Z | 79 | PC: 12c1f | Find next file |
| 2018-12-25T12:53:02.556578811Z | 67 | PC: 12c60 | Get or set file attributes (See above) |
| 2018-12-25T12:53:02.563149276Z | 67 | PC: 12c72 | Get or set file attributes (See above) |
| 2018-12-25T12:53:02.575567919Z | 61 | PC: 12c7e | Open file (See above) |
| 2018-12-25T12:53:02.583909564Z | 87 | PC: 12c8a | Get or set file date and time (See above) |
| 2018-12-25T12:53:02.585961709Z | 44 | PC: 12c97 | Get time (See above) |
| 2018-12-25T12:53:02.589672949Z | 63 | PC: 12ca4 | Read file or device (See above) |
| 2018-12-25T12:53:02.59775776Z | 66 | PC: 12cbe | Move file pointer (See above) |
| 2018-12-25T12:53:02.600718217Z | 64 | PC: 13303 | Write file or device (See above) |
| 2018-12-25T12:53:02.614259761Z | 66 | PC: 12cfb | Move file pointer (See above) |
| 2018-12-25T12:53:02.615983795Z | 64 | PC: 12d0a | Write file or device (See above) |
| 2018-12-25T12:53:02.624170716Z | 87 | PC: 12d1d | Get or set file date and time (See above) |
| 2018-12-25T12:53:02.626017584Z | 62 | PC: 12d21 | Close file (See above) |
| 2018-12-25T12:53:02.635885896Z | 67 | PC: 12d30 | Get or set file attributes (See above) |
| 2018-12-25T12:53:02.649683458Z | 26 | PC: 12d3d | Set disk transfer address (See above) |
| 2018-12-25T12:53:02.652058335Z | 9 | PC: 12a68 | Display string (String= 'Small COM program (42 bytes) ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":15,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:02.596142298Z | 47 | PC: 12b77 | Get disk transfer address |
| 2018-12-25T12:53:02.597527959Z | 26 | PC: 12b8a | Set disk transfer address |
| 2018-12-25T12:53:02.599718082Z | 78 | PC: 12c19 | Find first file |
| 2018-12-25T12:53:02.607802018Z | 67 | PC: 12c60 | Get or set file attributes |
| 2018-12-25T12:53:02.615202379Z | 67 | PC: 12c72 | Get or set file attributes |
| 2018-12-25T12:53:02.634846788Z | 61 | PC: 12c7e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:53:02.644081225Z | 87 | PC: 12c8a | Get or set file date and time |
| 2018-12-25T12:53:02.646415342Z | 44 | PC: 12c97 | Get time 0x12c97: mov ah, 0x3f 0x12c99: mov cx, 3 0x12c9c: mov dx, 0xa 0x12c9f: nop 0x12ca0: add dx, si 0x12ca2: int 0x21 0x12ca4: jb 0x12d0a 0x12ca6: cmp ax, 3 0x12ca9: jne 0x12d0a 0x12cab: cmp word ptr [si + 0xa], 0x5a4d 0x12cb0: nop 0x12cb1: je 0x12d0a 0x12cb3: mov ax, 0x4202 0x12cb6: mov cx, 0 0x12cb9: mov dx, 0 0x12cbc: int 0x21 0x12cbe: nop 0x12cbf: jb 0x12d0a 0x12cc1: mov cx, ax 0x12cc3: sub ax, 3 |
| 2018-12-25T12:53:02.653281312Z | 63 | PC: 12ca4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:53:02.660931612Z | 66 | PC: 12cbe | Move file pointer |
| 2018-12-25T12:53:02.663297976Z | 64 | PC: 13303 | Write file or device (Write 2278 bytes on handle 5) |
| 2018-12-25T12:53:02.673993053Z | 66 | PC: 12cfb | Move file pointer |
| 2018-12-25T12:53:02.67547359Z | 64 | PC: 12d0a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:53:02.682062889Z | 87 | PC: 12d1d | Get or set file date and time |
| 2018-12-25T12:53:02.684030346Z | 62 | PC: 12d21 | Close file |
| 2018-12-25T12:53:02.69343613Z | 67 | PC: 12d30 | Get or set file attributes |
| 2018-12-25T12:53:02.704781624Z | 26 | PC: 12d3d | Set disk transfer address |
| 2018-12-25T12:53:02.706860473Z | 42 | PC: 12a9e | Get date 0x12a9e: cmp cx, 0x7cb 0x12aa2: jge 0x12aa7 0x12aa4: jmp 0x12b03 0x12aa6: nop 0x12aa7: cmp dh, 5 0x12aaa: jge 0x12aaf 0x12aac: jmp 0x12b03 0x12aae: nop 0x12aaf: cmp dl, 5 0x12ab2: jge 0x12abb 0x12ab4: jmp 0x12b03 0x12ab6: nop 0x12ab7: cmp al, 5 0x12ab9: je 0x12af6 0x12abb: mov ah, 0x2c 0x12abd: int 0x21 0x12abf: cmp ch, 0xf 0x12ac2: jb 0x12b03 0x12ac4: cmp ch, 0x13 0x12ac7: jge 0x12b03 |
| 2018-12-25T12:53:02.71052658Z | 47 | PC: 12b77 | Get disk transfer address (See above) |
| 2018-12-25T12:53:02.711808452Z | 26 | PC: 12b8a | Set disk transfer address (See above) |
| 2018-12-25T12:53:02.713255606Z | 78 | PC: 12c19 | Find first file (See above) |
| 2018-12-25T12:53:02.720369036Z | 79 | PC: 12c1f | Find next file |
| 2018-12-25T12:53:02.723331635Z | 67 | PC: 12c60 | Get or set file attributes (See above) |
| 2018-12-25T12:53:02.730303626Z | 67 | PC: 12c72 | Get or set file attributes (See above) |
| 2018-12-25T12:53:02.742046407Z | 61 | PC: 12c7e | Open file (See above) |
| 2018-12-25T12:53:02.749492225Z | 87 | PC: 12c8a | Get or set file date and time (See above) |
| 2018-12-25T12:53:02.751106271Z | 44 | PC: 12c97 | Get time (See above) |
| 2018-12-25T12:53:02.758400264Z | 63 | PC: 12ca4 | Read file or device (See above) |
| 2018-12-25T12:53:02.766830813Z | 66 | PC: 12cbe | Move file pointer (See above) |
| 2018-12-25T12:53:02.769697469Z | 64 | PC: 13303 | Write file or device (See above) |
| 2018-12-25T12:53:02.780367206Z | 66 | PC: 12cfb | Move file pointer (See above) |
| 2018-12-25T12:53:02.782001625Z | 64 | PC: 12d0a | Write file or device (See above) |
| 2018-12-25T12:53:02.789379081Z | 87 | PC: 12d1d | Get or set file date and time (See above) |
| 2018-12-25T12:53:02.791324273Z | 62 | PC: 12d21 | Close file (See above) |
| 2018-12-25T12:53:02.800658789Z | 67 | PC: 12d30 | Get or set file attributes (See above) |
| 2018-12-25T12:53:02.811896678Z | 26 | PC: 12d3d | Set disk transfer address (See above) |
| 2018-12-25T12:53:02.813773456Z | 9 | PC: 12a68 | Display string (String= 'Small COM program (42 bytes) ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":15,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:02.522026527Z | 64 | PC: 0 | Write file or device (Write 2 bytes on handle 1) |
| 2018-12-25T12:53:02.538762979Z | 41 | PC: 94fae | Parse filename |
| 2018-12-25T12:53:02.548538353Z | 41 | PC: 9502f | Parse filename |
| 2018-12-25T12:53:02.551136534Z | 41 | PC: 9504c | Parse filename |
| 2018-12-25T12:53:02.553913939Z | 26 | PC: 984f7 | Set disk transfer address |
| 2018-12-25T12:53:02.557124984Z | 71 | PC: 986f3 | Get current directory |
| 2018-12-25T12:53:02.560633927Z | 78 | PC: 986fe | Find first file |
| 2018-12-25T12:53:02.572709629Z | 71 | PC: 986f3 | Get current directory (See above) |
| 2018-12-25T12:53:02.577575827Z | 78 | PC: 986fe | Find first file (See above) |
| 2018-12-25T12:53:02.588750531Z | 64 | PC: 9a848 | Write file or device (Write 26 bytes on handle 2) |
| 2018-12-25T12:53:02.594004479Z | 37 | PC: 123c4 | Set interrupt vector (Interrupt = '34' AKA 'Random write') |
| 2018-12-25T12:53:02.596725895Z | 37 | PC: 123cb | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-25T12:53:02.600055671Z | 37 | PC: 123d2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:53:02.601250258Z | 62 | PC: 122ab | Close file |
| 2018-12-25T12:53:02.60321904Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:53:02.605604928Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:53:02.607354936Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:53:02.608816695Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:53:02.610285837Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:53:02.611490807Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:53:02.612964273Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:53:02.614605406Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:53:02.616193466Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:53:02.620727914Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:53:02.623331624Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:53:02.625321577Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:53:02.62735219Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:53:02.629907894Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:53:02.632583756Z | 99 | PC: 9a5d7 | Get DBCS lead byte table pointer |
| 2018-12-25T12:53:02.634489083Z | 56 | PC: 94df9 | Get or set country info |
| 2018-12-25T12:53:02.637296522Z | 64 | PC: 9a848 | Write file or device (See above) |
| 2018-12-25T12:53:02.645117131Z | 25 | PC: 94e62 | Get default drive |
| 2018-12-25T12:53:02.647749311Z | 71 | PC: 970dd | Get current directory |
| 2018-12-25T12:53:02.653714123Z | 64 | PC: 9a848 | Write file or device (See above) |
| 2018-12-25T12:53:02.657815257Z | 2 | PC: 970b2 | Character output (Char = '3e') |
| 2018-12-25T12:53:02.660475938Z | 93 | PC: 94f20 | File sharing functions |
| 2018-12-25T12:53:02.663414938Z | 93 | PC: 94f27 | File sharing functions |
| 2018-12-25T12:53:02.665749956Z | 10 | PC: 94f39 | Buffered keyboard input |
| 2018-12-25T12:53:17.56766143Z | 0 | PC: 0 | Program terminate (See above) |
| 2018-12-25T12:53:18.922819776Z | 0 | PC: 0 | Program terminate (See above) |
| 2018-12-25T12:53:19.025586435Z | 64 | PC: 9a848 | Write file or device (See above) |
| 2018-12-25T12:53:19.032249995Z | 41 | PC: 94fae | Parse filename (See above) |
| 2018-12-25T12:53:19.035663431Z | 41 | PC: 9502f | Parse filename (See above) |
| 2018-12-25T12:53:19.038858196Z | 41 | PC: 9504c | Parse filename (See above) |
| 2018-12-25T12:53:19.041411436Z | 26 | PC: 984f7 | Set disk transfer address (See above) |
| 2018-12-25T12:53:19.044509744Z | 71 | PC: 986f3 | Get current directory (See above) |
| 2018-12-25T12:53:19.053022305Z | 78 | PC: 986fe | Find first file (See above) |
| 2018-12-25T12:53:19.063524048Z | 71 | PC: 9856c | Get current directory |
| 2018-12-25T12:53:19.068142335Z | 73 | PC: 97c09 | Release memory |
| 2018-12-25T12:53:19.070176841Z | 75 | PC: 11821 | Execute program |
| 2018-12-25T12:53:19.085576659Z | 9 | PC: 12a47 | Display string (String= 'Hello, World! ') |
| 2018-12-25T12:53:19.094089664Z | 76 | PC: 12a4b | Terminate with return code (Return code = '36') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":15,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:02.634079Z | 47 | PC: 12b77 | Get disk transfer address |
| 2018-12-25T12:53:02.641450636Z | 26 | PC: 12b8a | Set disk transfer address |
| 2018-12-25T12:53:02.643574602Z | 78 | PC: 12c19 | Find first file |
| 2018-12-25T12:53:02.650890684Z | 67 | PC: 12c60 | Get or set file attributes |
| 2018-12-25T12:53:02.655640231Z | 67 | PC: 12c72 | Get or set file attributes |
| 2018-12-25T12:53:02.670322928Z | 61 | PC: 12c7e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:53:02.680348259Z | 87 | PC: 12c8a | Get or set file date and time |
| 2018-12-25T12:53:02.682478436Z | 44 | PC: 12c97 | Get time 0x12c97: mov ah, 0x3f 0x12c99: mov cx, 3 0x12c9c: mov dx, 0xa 0x12c9f: nop 0x12ca0: add dx, si 0x12ca2: int 0x21 0x12ca4: jb 0x12d0a 0x12ca6: cmp ax, 3 0x12ca9: jne 0x12d0a 0x12cab: cmp word ptr [si + 0xa], 0x5a4d 0x12cb0: nop 0x12cb1: je 0x12d0a 0x12cb3: mov ax, 0x4202 0x12cb6: mov cx, 0 0x12cb9: mov dx, 0 0x12cbc: int 0x21 0x12cbe: nop 0x12cbf: jb 0x12d0a 0x12cc1: mov cx, ax 0x12cc3: sub ax, 3 |
| 2018-12-25T12:53:02.685992352Z | 63 | PC: 12ca4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:53:02.693637994Z | 66 | PC: 12cbe | Move file pointer |
| 2018-12-25T12:53:02.696505283Z | 64 | PC: 13303 | Write file or device (Write 2278 bytes on handle 5) |
| 2018-12-25T12:53:02.707875547Z | 66 | PC: 12cfb | Move file pointer |
| 2018-12-25T12:53:02.710906877Z | 64 | PC: 12d0a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:53:02.718611804Z | 87 | PC: 12d1d | Get or set file date and time |
| 2018-12-25T12:53:02.720732264Z | 62 | PC: 12d21 | Close file |
| 2018-12-25T12:53:02.731071311Z | 67 | PC: 12d30 | Get or set file attributes |
| 2018-12-25T12:53:02.745766063Z | 26 | PC: 12d3d | Set disk transfer address |
| 2018-12-25T12:53:02.747061998Z | 42 | PC: 12a9e | Get date 0x12a9e: cmp cx, 0x7cb 0x12aa2: jge 0x12aa7 0x12aa4: jmp 0x12b03 0x12aa6: nop 0x12aa7: cmp dh, 5 0x12aaa: jge 0x12aaf 0x12aac: jmp 0x12b03 0x12aae: nop 0x12aaf: cmp dl, 5 0x12ab2: jge 0x12abb 0x12ab4: jmp 0x12b03 0x12ab6: nop 0x12ab7: cmp al, 5 0x12ab9: je 0x12af6 0x12abb: mov ah, 0x2c 0x12abd: int 0x21 0x12abf: cmp ch, 0xf 0x12ac2: jb 0x12b03 0x12ac4: cmp ch, 0x13 0x12ac7: jge 0x12b03 |
| 2018-12-25T12:53:02.75052508Z | 47 | PC: 12b77 | Get disk transfer address (See above) |
| 2018-12-25T12:53:02.752071783Z | 26 | PC: 12b8a | Set disk transfer address (See above) |
| 2018-12-25T12:53:02.753758985Z | 78 | PC: 12c19 | Find first file (See above) |
| 2018-12-25T12:53:02.761922147Z | 79 | PC: 12c1f | Find next file |
| 2018-12-25T12:53:02.766775955Z | 67 | PC: 12c60 | Get or set file attributes (See above) |
| 2018-12-25T12:53:02.773566152Z | 67 | PC: 12c72 | Get or set file attributes (See above) |
| 2018-12-25T12:53:02.785439269Z | 61 | PC: 12c7e | Open file (See above) |
| 2018-12-25T12:53:02.794073233Z | 87 | PC: 12c8a | Get or set file date and time (See above) |
| 2018-12-25T12:53:02.795684174Z | 44 | PC: 12c97 | Get time (See above) |
| 2018-12-25T12:53:02.798055726Z | 63 | PC: 12ca4 | Read file or device (See above) |
| 2018-12-25T12:53:02.805894499Z | 66 | PC: 12cbe | Move file pointer (See above) |
| 2018-12-25T12:53:02.807437788Z | 64 | PC: 13303 | Write file or device (See above) |
| 2018-12-25T12:53:02.818438222Z | 66 | PC: 12cfb | Move file pointer (See above) |
| 2018-12-25T12:53:02.821049018Z | 64 | PC: 12d0a | Write file or device (See above) |
| 2018-12-25T12:53:02.82908749Z | 87 | PC: 12d1d | Get or set file date and time (See above) |
| 2018-12-25T12:53:02.831299931Z | 62 | PC: 12d21 | Close file (See above) |
| 2018-12-25T12:53:02.84151257Z | 67 | PC: 12d30 | Get or set file attributes (See above) |
| 2018-12-25T12:53:02.853062006Z | 26 | PC: 12d3d | Set disk transfer address (See above) |
| 2018-12-25T12:53:02.85480327Z | 9 | PC: 12a68 | Display string (String= 'Small COM program (42 bytes) ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":15,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:02.707037009Z | 47 | PC: 12b77 | Get disk transfer address |
| 2018-12-25T12:53:02.710121353Z | 26 | PC: 12b8a | Set disk transfer address |
| 2018-12-25T12:53:02.716747098Z | 78 | PC: 12c19 | Find first file |
| 2018-12-25T12:53:02.72477705Z | 67 | PC: 12c60 | Get or set file attributes |
| 2018-12-25T12:53:02.732318615Z | 67 | PC: 12c72 | Get or set file attributes |
| 2018-12-25T12:53:02.751730664Z | 61 | PC: 12c7e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:53:02.758592176Z | 87 | PC: 12c8a | Get or set file date and time |
| 2018-12-25T12:53:02.759785646Z | 44 | PC: 12c97 | Get time 0x12c97: mov ah, 0x3f 0x12c99: mov cx, 3 0x12c9c: mov dx, 0xa 0x12c9f: nop 0x12ca0: add dx, si 0x12ca2: int 0x21 0x12ca4: jb 0x12d0a 0x12ca6: cmp ax, 3 0x12ca9: jne 0x12d0a 0x12cab: cmp word ptr [si + 0xa], 0x5a4d 0x12cb0: nop 0x12cb1: je 0x12d0a 0x12cb3: mov ax, 0x4202 0x12cb6: mov cx, 0 0x12cb9: mov dx, 0 0x12cbc: int 0x21 0x12cbe: nop 0x12cbf: jb 0x12d0a 0x12cc1: mov cx, ax 0x12cc3: sub ax, 3 |
| 2018-12-25T12:53:02.762330911Z | 63 | PC: 12ca4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:53:02.766931709Z | 66 | PC: 12cbe | Move file pointer |
| 2018-12-25T12:53:02.768651429Z | 64 | PC: 13303 | Write file or device (Write 2278 bytes on handle 5) |
| 2018-12-25T12:53:02.776776565Z | 66 | PC: 12cfb | Move file pointer |
| 2018-12-25T12:53:02.778141095Z | 64 | PC: 12d0a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:53:02.7882619Z | 87 | PC: 12d1d | Get or set file date and time |
| 2018-12-25T12:53:02.796681754Z | 62 | PC: 12d21 | Close file |
| 2018-12-25T12:53:02.806266084Z | 67 | PC: 12d30 | Get or set file attributes |
| 2018-12-25T12:53:02.819059803Z | 26 | PC: 12d3d | Set disk transfer address |
| 2018-12-25T12:53:02.821925964Z | 42 | PC: 12a9e | Get date 0x12a9e: cmp cx, 0x7cb 0x12aa2: jge 0x12aa7 0x12aa4: jmp 0x12b03 0x12aa6: nop 0x12aa7: cmp dh, 5 0x12aaa: jge 0x12aaf 0x12aac: jmp 0x12b03 0x12aae: nop 0x12aaf: cmp dl, 5 0x12ab2: jge 0x12abb 0x12ab4: jmp 0x12b03 0x12ab6: nop 0x12ab7: cmp al, 5 0x12ab9: je 0x12af6 0x12abb: mov ah, 0x2c 0x12abd: int 0x21 0x12abf: cmp ch, 0xf 0x12ac2: jb 0x12b03 0x12ac4: cmp ch, 0x13 0x12ac7: jge 0x12b03 |
| 2018-12-25T12:53:02.824599984Z | 47 | PC: 12b77 | Get disk transfer address (See above) |
| 2018-12-25T12:53:02.826270936Z | 26 | PC: 12b8a | Set disk transfer address (See above) |
| 2018-12-25T12:53:02.828903364Z | 78 | PC: 12c19 | Find first file (See above) |
| 2018-12-25T12:53:02.835505131Z | 79 | PC: 12c1f | Find next file |
| 2018-12-25T12:53:02.83839127Z | 67 | PC: 12c60 | Get or set file attributes (See above) |
| 2018-12-25T12:53:02.844876076Z | 67 | PC: 12c72 | Get or set file attributes (See above) |
| 2018-12-25T12:53:02.859045849Z | 61 | PC: 12c7e | Open file (See above) |
| 2018-12-25T12:53:02.866300212Z | 87 | PC: 12c8a | Get or set file date and time (See above) |
| 2018-12-25T12:53:02.8678508Z | 44 | PC: 12c97 | Get time (See above) |
| 2018-12-25T12:53:02.871615492Z | 63 | PC: 12ca4 | Read file or device (See above) |
| 2018-12-25T12:53:02.878933185Z | 66 | PC: 12cbe | Move file pointer (See above) |
| 2018-12-25T12:53:02.881509501Z | 64 | PC: 13303 | Write file or device (See above) |
| 2018-12-25T12:53:02.892736503Z | 66 | PC: 12cfb | Move file pointer (See above) |
| 2018-12-25T12:53:02.894683564Z | 64 | PC: 12d0a | Write file or device (See above) |
| 2018-12-25T12:53:02.902233076Z | 87 | PC: 12d1d | Get or set file date and time (See above) |
| 2018-12-25T12:53:02.905038365Z | 62 | PC: 12d21 | Close file (See above) |
| 2018-12-25T12:53:02.914135582Z | 67 | PC: 12d30 | Get or set file attributes (See above) |
| 2018-12-25T12:53:02.925775597Z | 26 | PC: 12d3d | Set disk transfer address (See above) |
| 2018-12-25T12:53:02.927740026Z | 9 | PC: 12a68 | Display string (String= 'Small COM program (42 bytes) ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":15,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:02.703862052Z | 47 | PC: 12b77 | Get disk transfer address |
| 2018-12-25T12:53:02.70526949Z | 26 | PC: 12b8a | Set disk transfer address |
| 2018-12-25T12:53:02.706269162Z | 78 | PC: 12c19 | Find first file |
| 2018-12-25T12:53:02.711864577Z | 67 | PC: 12c60 | Get or set file attributes |
| 2018-12-25T12:53:02.717501687Z | 67 | PC: 12c72 | Get or set file attributes |
| 2018-12-25T12:53:04.53093506Z | 61 | PC: 12c7e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:53:04.537645654Z | 87 | PC: 12c8a | Get or set file date and time |
| 2018-12-25T12:53:04.539431456Z | 44 | PC: 12c97 | Get time 0x12c97: mov ah, 0x3f 0x12c99: mov cx, 3 0x12c9c: mov dx, 0xa 0x12c9f: nop 0x12ca0: add dx, si 0x12ca2: int 0x21 0x12ca4: jb 0x12d0a 0x12ca6: cmp ax, 3 0x12ca9: jne 0x12d0a 0x12cab: cmp word ptr [si + 0xa], 0x5a4d 0x12cb0: nop 0x12cb1: je 0x12d0a 0x12cb3: mov ax, 0x4202 0x12cb6: mov cx, 0 0x12cb9: mov dx, 0 0x12cbc: int 0x21 0x12cbe: nop 0x12cbf: jb 0x12d0a 0x12cc1: mov cx, ax 0x12cc3: sub ax, 3 |
| 2018-12-25T12:53:04.54140873Z | 63 | PC: 12ca4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:53:04.606017812Z | 66 | PC: 12cbe | Move file pointer |
| 2018-12-25T12:53:04.60838688Z | 64 | PC: 13303 | Write file or device (Write 2278 bytes on handle 5) |
| 2018-12-25T12:53:04.770686726Z | 66 | PC: 12cfb | Move file pointer |
| 2018-12-25T12:53:04.771627644Z | 64 | PC: 12d0a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:53:04.775891233Z | 87 | PC: 12d1d | Get or set file date and time |
| 2018-12-25T12:53:04.77697757Z | 62 | PC: 12d21 | Close file |
| 2018-12-25T12:53:04.985882954Z | 67 | PC: 12d30 | Get or set file attributes |
| 2018-12-25T12:53:05.000610057Z | 26 | PC: 12d3d | Set disk transfer address |
| 2018-12-25T12:53:05.004327312Z | 42 | PC: 12a9e | Get date 0x12a9e: cmp cx, 0x7cb 0x12aa2: jge 0x12aa7 0x12aa4: jmp 0x12b03 0x12aa6: nop 0x12aa7: cmp dh, 5 0x12aaa: jge 0x12aaf 0x12aac: jmp 0x12b03 0x12aae: nop 0x12aaf: cmp dl, 5 0x12ab2: jge 0x12abb 0x12ab4: jmp 0x12b03 0x12ab6: nop 0x12ab7: cmp al, 5 0x12ab9: je 0x12af6 0x12abb: mov ah, 0x2c 0x12abd: int 0x21 0x12abf: cmp ch, 0xf 0x12ac2: jb 0x12b03 0x12ac4: cmp ch, 0x13 0x12ac7: jge 0x12b03 |
| 2018-12-25T12:53:05.006406554Z | 47 | PC: 12b77 | Get disk transfer address (See above) |
| 2018-12-25T12:53:05.00737304Z | 26 | PC: 12b8a | Set disk transfer address (See above) |
| 2018-12-25T12:53:05.008649849Z | 78 | PC: 12c19 | Find first file (See above) |
| 2018-12-25T12:53:05.015418359Z | 79 | PC: 12c1f | Find next file |
| 2018-12-25T12:53:05.018155502Z | 67 | PC: 12c60 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.024447243Z | 67 | PC: 12c72 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.034132896Z | 61 | PC: 12c7e | Open file (See above) |
| 2018-12-25T12:53:05.045179206Z | 87 | PC: 12c8a | Get or set file date and time (See above) |
| 2018-12-25T12:53:05.046932288Z | 44 | PC: 12c97 | Get time (See above) |
| 2018-12-25T12:53:05.048903984Z | 63 | PC: 12ca4 | Read file or device (See above) |
| 2018-12-25T12:53:05.056931625Z | 66 | PC: 12cbe | Move file pointer (See above) |
| 2018-12-25T12:53:05.05999152Z | 64 | PC: 13303 | Write file or device (See above) |
| 2018-12-25T12:53:05.069312702Z | 66 | PC: 12cfb | Move file pointer (See above) |
| 2018-12-25T12:53:05.070527015Z | 64 | PC: 12d0a | Write file or device (See above) |
| 2018-12-25T12:53:05.076042641Z | 87 | PC: 12d1d | Get or set file date and time (See above) |
| 2018-12-25T12:53:05.078195798Z | 62 | PC: 12d21 | Close file (See above) |
| 2018-12-25T12:53:05.085969881Z | 67 | PC: 12d30 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.096149573Z | 26 | PC: 12d3d | Set disk transfer address (See above) |
| 2018-12-25T12:53:05.097181896Z | 9 | PC: 12a68 | Display string (String= 'Small COM program (42 bytes) ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":15,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:02.926523027Z | 47 | PC: 12b77 | Get disk transfer address |
| 2018-12-25T12:53:02.92840237Z | 26 | PC: 12b8a | Set disk transfer address |
| 2018-12-25T12:53:02.930721994Z | 78 | PC: 12c19 | Find first file |
| 2018-12-25T12:53:02.937824538Z | 67 | PC: 12c60 | Get or set file attributes |
| 2018-12-25T12:53:02.944494142Z | 67 | PC: 12c72 | Get or set file attributes |
| 2018-12-25T12:53:02.962368632Z | 61 | PC: 12c7e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:53:02.969598028Z | 87 | PC: 12c8a | Get or set file date and time |
| 2018-12-25T12:53:02.970947379Z | 44 | PC: 12c97 | Get time 0x12c97: mov ah, 0x3f 0x12c99: mov cx, 3 0x12c9c: mov dx, 0xa 0x12c9f: nop 0x12ca0: add dx, si 0x12ca2: int 0x21 0x12ca4: jb 0x12d0a 0x12ca6: cmp ax, 3 0x12ca9: jne 0x12d0a 0x12cab: cmp word ptr [si + 0xa], 0x5a4d 0x12cb0: nop 0x12cb1: je 0x12d0a 0x12cb3: mov ax, 0x4202 0x12cb6: mov cx, 0 0x12cb9: mov dx, 0 0x12cbc: int 0x21 0x12cbe: nop 0x12cbf: jb 0x12d0a 0x12cc1: mov cx, ax 0x12cc3: sub ax, 3 |
| 2018-12-25T12:53:02.973624874Z | 63 | PC: 12ca4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:53:02.980954583Z | 66 | PC: 12cbe | Move file pointer |
| 2018-12-25T12:53:02.98310041Z | 64 | PC: 13303 | Write file or device (Write 2278 bytes on handle 5) |
| 2018-12-25T12:53:02.993778299Z | 66 | PC: 12cfb | Move file pointer |
| 2018-12-25T12:53:02.995200193Z | 64 | PC: 12d0a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:53:03.00240431Z | 87 | PC: 12d1d | Get or set file date and time |
| 2018-12-25T12:53:03.007390296Z | 62 | PC: 12d21 | Close file |
| 2018-12-25T12:53:03.01593582Z | 67 | PC: 12d30 | Get or set file attributes |
| 2018-12-25T12:53:03.026629534Z | 26 | PC: 12d3d | Set disk transfer address |
| 2018-12-25T12:53:03.028304962Z | 42 | PC: 12a9e | Get date 0x12a9e: cmp cx, 0x7cb 0x12aa2: jge 0x12aa7 0x12aa4: jmp 0x12b03 0x12aa6: nop 0x12aa7: cmp dh, 5 0x12aaa: jge 0x12aaf 0x12aac: jmp 0x12b03 0x12aae: nop 0x12aaf: cmp dl, 5 0x12ab2: jge 0x12abb 0x12ab4: jmp 0x12b03 0x12ab6: nop 0x12ab7: cmp al, 5 0x12ab9: je 0x12af6 0x12abb: mov ah, 0x2c 0x12abd: int 0x21 0x12abf: cmp ch, 0xf 0x12ac2: jb 0x12b03 0x12ac4: cmp ch, 0x13 0x12ac7: jge 0x12b03 |
| 2018-12-25T12:53:03.030655142Z | 47 | PC: 12b77 | Get disk transfer address (See above) |
| 2018-12-25T12:53:03.031731572Z | 26 | PC: 12b8a | Set disk transfer address (See above) |
| 2018-12-25T12:53:03.032767192Z | 78 | PC: 12c19 | Find first file (See above) |
| 2018-12-25T12:53:03.039625742Z | 79 | PC: 12c1f | Find next file |
| 2018-12-25T12:53:03.042634033Z | 67 | PC: 12c60 | Get or set file attributes (See above) |
| 2018-12-25T12:53:03.049561285Z | 67 | PC: 12c72 | Get or set file attributes (See above) |
| 2018-12-25T12:53:03.060678148Z | 61 | PC: 12c7e | Open file (See above) |
| 2018-12-25T12:53:03.065029791Z | 87 | PC: 12c8a | Get or set file date and time (See above) |
| 2018-12-25T12:53:03.066287347Z | 44 | PC: 12c97 | Get time (See above) |
| 2018-12-25T12:53:03.069048652Z | 63 | PC: 12ca4 | Read file or device (See above) |
| 2018-12-25T12:53:03.076046693Z | 66 | PC: 12cbe | Move file pointer (See above) |
| 2018-12-25T12:53:03.078298789Z | 64 | PC: 13303 | Write file or device (See above) |
| 2018-12-25T12:53:03.088817Z | 66 | PC: 12cfb | Move file pointer (See above) |
| 2018-12-25T12:53:03.090254927Z | 64 | PC: 12d0a | Write file or device (See above) |
| 2018-12-25T12:53:03.097315719Z | 87 | PC: 12d1d | Get or set file date and time (See above) |
| 2018-12-25T12:53:03.099817469Z | 62 | PC: 12d21 | Close file (See above) |
| 2018-12-25T12:53:03.108344346Z | 67 | PC: 12d30 | Get or set file attributes (See above) |
| 2018-12-25T12:53:03.119527762Z | 26 | PC: 12d3d | Set disk transfer address (See above) |
| 2018-12-25T12:53:03.121374371Z | 9 | PC: 12a68 | Display string (String= 'Small COM program (42 bytes) ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":19,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:03.102174639Z | 47 | PC: 12b77 | Get disk transfer address |
| 2018-12-25T12:53:03.11177935Z | 26 | PC: 12b8a | Set disk transfer address |
| 2018-12-25T12:53:03.11391166Z | 78 | PC: 12c19 | Find first file |
| 2018-12-25T12:53:03.122110848Z | 67 | PC: 12c60 | Get or set file attributes |
| 2018-12-25T12:53:03.129709042Z | 67 | PC: 12c72 | Get or set file attributes |
| 2018-12-25T12:53:03.14668606Z | 61 | PC: 12c7e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:53:03.15427258Z | 87 | PC: 12c8a | Get or set file date and time |
| 2018-12-25T12:53:03.156145263Z | 44 | PC: 12c97 | Get time 0x12c97: mov ah, 0x3f 0x12c99: mov cx, 3 0x12c9c: mov dx, 0xa 0x12c9f: nop 0x12ca0: add dx, si 0x12ca2: int 0x21 0x12ca4: jb 0x12d0a 0x12ca6: cmp ax, 3 0x12ca9: jne 0x12d0a 0x12cab: cmp word ptr [si + 0xa], 0x5a4d 0x12cb0: nop 0x12cb1: je 0x12d0a 0x12cb3: mov ax, 0x4202 0x12cb6: mov cx, 0 0x12cb9: mov dx, 0 0x12cbc: int 0x21 0x12cbe: nop 0x12cbf: jb 0x12d0a 0x12cc1: mov cx, ax 0x12cc3: sub ax, 3 |
| 2018-12-25T12:53:03.159568893Z | 63 | PC: 12ca4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:53:03.167188572Z | 66 | PC: 12cbe | Move file pointer |
| 2018-12-25T12:53:03.169449733Z | 64 | PC: 13303 | Write file or device (Write 2278 bytes on handle 5) |
| 2018-12-25T12:53:03.179688468Z | 66 | PC: 12cfb | Move file pointer |
| 2018-12-25T12:53:03.181390918Z | 64 | PC: 12d0a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:53:03.188766851Z | 87 | PC: 12d1d | Get or set file date and time |
| 2018-12-25T12:53:03.19067117Z | 62 | PC: 12d21 | Close file |
| 2018-12-25T12:53:03.200451161Z | 67 | PC: 12d30 | Get or set file attributes |
| 2018-12-25T12:53:03.211378295Z | 26 | PC: 12d3d | Set disk transfer address |
| 2018-12-25T12:53:03.212567372Z | 42 | PC: 12a9e | Get date 0x12a9e: cmp cx, 0x7cb 0x12aa2: jge 0x12aa7 0x12aa4: jmp 0x12b03 0x12aa6: nop 0x12aa7: cmp dh, 5 0x12aaa: jge 0x12aaf 0x12aac: jmp 0x12b03 0x12aae: nop 0x12aaf: cmp dl, 5 0x12ab2: jge 0x12abb 0x12ab4: jmp 0x12b03 0x12ab6: nop 0x12ab7: cmp al, 5 0x12ab9: je 0x12af6 0x12abb: mov ah, 0x2c 0x12abd: int 0x21 0x12abf: cmp ch, 0xf 0x12ac2: jb 0x12b03 0x12ac4: cmp ch, 0x13 0x12ac7: jge 0x12b03 |
| 2018-12-25T12:53:03.215586678Z | 47 | PC: 12b77 | Get disk transfer address (See above) |
| 2018-12-25T12:53:03.216745728Z | 26 | PC: 12b8a | Set disk transfer address (See above) |
| 2018-12-25T12:53:03.217975175Z | 78 | PC: 12c19 | Find first file (See above) |
| 2018-12-25T12:53:03.224900346Z | 79 | PC: 12c1f | Find next file |
| 2018-12-25T12:53:03.227850835Z | 67 | PC: 12c60 | Get or set file attributes (See above) |
| 2018-12-25T12:53:03.234064169Z | 67 | PC: 12c72 | Get or set file attributes (See above) |
| 2018-12-25T12:53:03.245210464Z | 61 | PC: 12c7e | Open file (See above) |
| 2018-12-25T12:53:03.257790975Z | 87 | PC: 12c8a | Get or set file date and time (See above) |
| 2018-12-25T12:53:03.259203723Z | 44 | PC: 12c97 | Get time (See above) |
| 2018-12-25T12:53:03.262609814Z | 63 | PC: 12ca4 | Read file or device (See above) |
| 2018-12-25T12:53:03.269732337Z | 66 | PC: 12cbe | Move file pointer (See above) |
| 2018-12-25T12:53:03.272103736Z | 64 | PC: 13303 | Write file or device (See above) |
| 2018-12-25T12:53:03.282546671Z | 66 | PC: 12cfb | Move file pointer (See above) |
| 2018-12-25T12:53:03.284280279Z | 64 | PC: 12d0a | Write file or device (See above) |
| 2018-12-25T12:53:03.291615076Z | 87 | PC: 12d1d | Get or set file date and time (See above) |
| 2018-12-25T12:53:03.293795384Z | 62 | PC: 12d21 | Close file (See above) |
| 2018-12-25T12:53:03.302768679Z | 67 | PC: 12d30 | Get or set file attributes (See above) |
| 2018-12-25T12:53:03.313707492Z | 26 | PC: 12d3d | Set disk transfer address (See above) |
| 2018-12-25T12:53:03.315026938Z | 9 | PC: 12a68 | Display string (String= 'Small COM program (42 bytes) ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":19,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:03.351141863Z | 47 | PC: 12b77 | Get disk transfer address |
| 2018-12-25T12:53:03.352426064Z | 26 | PC: 12b8a | Set disk transfer address |
| 2018-12-25T12:53:03.353212951Z | 78 | PC: 12c19 | Find first file |
| 2018-12-25T12:53:03.357111189Z | 67 | PC: 12c60 | Get or set file attributes |
| 2018-12-25T12:53:03.360933907Z | 67 | PC: 12c72 | Get or set file attributes |
| 2018-12-25T12:53:04.530654905Z | 61 | PC: 12c7e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:53:04.534609775Z | 87 | PC: 12c8a | Get or set file date and time |
| 2018-12-25T12:53:04.53594161Z | 44 | PC: 12c97 | Get time 0x12c97: mov ah, 0x3f 0x12c99: mov cx, 3 0x12c9c: mov dx, 0xa 0x12c9f: nop 0x12ca0: add dx, si 0x12ca2: int 0x21 0x12ca4: jb 0x12d0a 0x12ca6: cmp ax, 3 0x12ca9: jne 0x12d0a 0x12cab: cmp word ptr [si + 0xa], 0x5a4d 0x12cb0: nop 0x12cb1: je 0x12d0a 0x12cb3: mov ax, 0x4202 0x12cb6: mov cx, 0 0x12cb9: mov dx, 0 0x12cbc: int 0x21 0x12cbe: nop 0x12cbf: jb 0x12d0a 0x12cc1: mov cx, ax 0x12cc3: sub ax, 3 |
| 2018-12-25T12:53:04.537893663Z | 63 | PC: 12ca4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:53:04.605900894Z | 66 | PC: 12cbe | Move file pointer |
| 2018-12-25T12:53:04.60838165Z | 64 | PC: 13303 | Write file or device (Write 2278 bytes on handle 5) |
| 2018-12-25T12:53:04.791396663Z | 66 | PC: 12cfb | Move file pointer |
| 2018-12-25T12:53:04.792381618Z | 64 | PC: 12d0a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:53:04.797060987Z | 87 | PC: 12d1d | Get or set file date and time |
| 2018-12-25T12:53:04.79801259Z | 62 | PC: 12d21 | Close file |
| 2018-12-25T12:53:04.957926852Z | 67 | PC: 12d30 | Get or set file attributes |
| 2018-12-25T12:53:05.000965984Z | 26 | PC: 12d3d | Set disk transfer address |
| 2018-12-25T12:53:05.001963663Z | 42 | PC: 12a9e | Get date 0x12a9e: cmp cx, 0x7cb 0x12aa2: jge 0x12aa7 0x12aa4: jmp 0x12b03 0x12aa6: nop 0x12aa7: cmp dh, 5 0x12aaa: jge 0x12aaf 0x12aac: jmp 0x12b03 0x12aae: nop 0x12aaf: cmp dl, 5 0x12ab2: jge 0x12abb 0x12ab4: jmp 0x12b03 0x12ab6: nop 0x12ab7: cmp al, 5 0x12ab9: je 0x12af6 0x12abb: mov ah, 0x2c 0x12abd: int 0x21 0x12abf: cmp ch, 0xf 0x12ac2: jb 0x12b03 0x12ac4: cmp ch, 0x13 0x12ac7: jge 0x12b03 |
| 2018-12-25T12:53:05.003462464Z | 47 | PC: 12b77 | Get disk transfer address (See above) |
| 2018-12-25T12:53:05.004748632Z | 26 | PC: 12b8a | Set disk transfer address (See above) |
| 2018-12-25T12:53:05.00798347Z | 78 | PC: 12c19 | Find first file (See above) |
| 2018-12-25T12:53:05.014162197Z | 79 | PC: 12c1f | Find next file |
| 2018-12-25T12:53:05.018190401Z | 67 | PC: 12c60 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.023898756Z | 67 | PC: 12c72 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.035836908Z | 61 | PC: 12c7e | Open file (See above) |
| 2018-12-25T12:53:05.047279034Z | 87 | PC: 12c8a | Get or set file date and time (See above) |
| 2018-12-25T12:53:05.048959254Z | 44 | PC: 12c97 | Get time (See above) |
| 2018-12-25T12:53:05.050944987Z | 63 | PC: 12ca4 | Read file or device (See above) |
| 2018-12-25T12:53:05.057810389Z | 66 | PC: 12cbe | Move file pointer (See above) |
| 2018-12-25T12:53:05.060119343Z | 64 | PC: 13303 | Write file or device (See above) |
| 2018-12-25T12:53:05.06893423Z | 66 | PC: 12cfb | Move file pointer (See above) |
| 2018-12-25T12:53:05.070372446Z | 64 | PC: 12d0a | Write file or device (See above) |
| 2018-12-25T12:53:05.07735032Z | 87 | PC: 12d1d | Get or set file date and time (See above) |
| 2018-12-25T12:53:05.078900578Z | 62 | PC: 12d21 | Close file (See above) |
| 2018-12-25T12:53:05.086562068Z | 67 | PC: 12d30 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.096301033Z | 26 | PC: 12d3d | Set disk transfer address (See above) |
| 2018-12-25T12:53:05.097355768Z | 9 | PC: 12a68 | Display string (String= 'Small COM program (42 bytes) ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":19,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:03.405572827Z | 47 | PC: 12b77 | Get disk transfer address |
| 2018-12-25T12:53:03.407072338Z | 26 | PC: 12b8a | Set disk transfer address |
| 2018-12-25T12:53:03.408458115Z | 78 | PC: 12c19 | Find first file |
| 2018-12-25T12:53:03.41512873Z | 67 | PC: 12c60 | Get or set file attributes |
| 2018-12-25T12:53:03.421434316Z | 67 | PC: 12c72 | Get or set file attributes |
| 2018-12-25T12:53:03.438204395Z | 61 | PC: 12c7e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:53:03.445403321Z | 87 | PC: 12c8a | Get or set file date and time |
| 2018-12-25T12:53:03.446793234Z | 44 | PC: 12c97 | Get time 0x12c97: mov ah, 0x3f 0x12c99: mov cx, 3 0x12c9c: mov dx, 0xa 0x12c9f: nop 0x12ca0: add dx, si 0x12ca2: int 0x21 0x12ca4: jb 0x12d0a 0x12ca6: cmp ax, 3 0x12ca9: jne 0x12d0a 0x12cab: cmp word ptr [si + 0xa], 0x5a4d 0x12cb0: nop 0x12cb1: je 0x12d0a 0x12cb3: mov ax, 0x4202 0x12cb6: mov cx, 0 0x12cb9: mov dx, 0 0x12cbc: int 0x21 0x12cbe: nop 0x12cbf: jb 0x12d0a 0x12cc1: mov cx, ax 0x12cc3: sub ax, 3 |
| 2018-12-25T12:53:03.449129391Z | 63 | PC: 12ca4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:53:03.457071757Z | 66 | PC: 12cbe | Move file pointer |
| 2018-12-25T12:53:03.459340146Z | 64 | PC: 13303 | Write file or device (Write 2278 bytes on handle 5) |
| 2018-12-25T12:53:03.470697912Z | 66 | PC: 12cfb | Move file pointer |
| 2018-12-25T12:53:03.472187463Z | 64 | PC: 12d0a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:53:03.479213552Z | 87 | PC: 12d1d | Get or set file date and time |
| 2018-12-25T12:53:03.481248232Z | 62 | PC: 12d21 | Close file |
| 2018-12-25T12:53:03.490040819Z | 67 | PC: 12d30 | Get or set file attributes |
| 2018-12-25T12:53:03.500697633Z | 26 | PC: 12d3d | Set disk transfer address |
| 2018-12-25T12:53:03.502268436Z | 42 | PC: 12a9e | Get date 0x12a9e: cmp cx, 0x7cb 0x12aa2: jge 0x12aa7 0x12aa4: jmp 0x12b03 0x12aa6: nop 0x12aa7: cmp dh, 5 0x12aaa: jge 0x12aaf 0x12aac: jmp 0x12b03 0x12aae: nop 0x12aaf: cmp dl, 5 0x12ab2: jge 0x12abb 0x12ab4: jmp 0x12b03 0x12ab6: nop 0x12ab7: cmp al, 5 0x12ab9: je 0x12af6 0x12abb: mov ah, 0x2c 0x12abd: int 0x21 0x12abf: cmp ch, 0xf 0x12ac2: jb 0x12b03 0x12ac4: cmp ch, 0x13 0x12ac7: jge 0x12b03 |
| 2018-12-25T12:53:03.504658846Z | 47 | PC: 12b77 | Get disk transfer address (See above) |
| 2018-12-25T12:53:03.505862773Z | 26 | PC: 12b8a | Set disk transfer address (See above) |
| 2018-12-25T12:53:03.507640287Z | 78 | PC: 12c19 | Find first file (See above) |
| 2018-12-25T12:53:03.514127313Z | 79 | PC: 12c1f | Find next file |
| 2018-12-25T12:53:03.516823196Z | 67 | PC: 12c60 | Get or set file attributes (See above) |
| 2018-12-25T12:53:03.524129261Z | 67 | PC: 12c72 | Get or set file attributes (See above) |
| 2018-12-25T12:53:03.534870675Z | 61 | PC: 12c7e | Open file (See above) |
| 2018-12-25T12:53:03.542167687Z | 87 | PC: 12c8a | Get or set file date and time (See above) |
| 2018-12-25T12:53:03.543797335Z | 44 | PC: 12c97 | Get time (See above) |
| 2018-12-25T12:53:03.546280283Z | 63 | PC: 12ca4 | Read file or device (See above) |
| 2018-12-25T12:53:03.553261306Z | 66 | PC: 12cbe | Move file pointer (See above) |
| 2018-12-25T12:53:03.555544676Z | 64 | PC: 13303 | Write file or device (See above) |
| 2018-12-25T12:53:03.565717029Z | 66 | PC: 12cfb | Move file pointer (See above) |
| 2018-12-25T12:53:03.567137926Z | 64 | PC: 12d0a | Write file or device (See above) |
| 2018-12-25T12:53:03.574136835Z | 87 | PC: 12d1d | Get or set file date and time (See above) |
| 2018-12-25T12:53:03.576334039Z | 62 | PC: 12d21 | Close file (See above) |
| 2018-12-25T12:53:03.585634717Z | 67 | PC: 12d30 | Get or set file attributes (See above) |
| 2018-12-25T12:53:03.596421646Z | 26 | PC: 12d3d | Set disk transfer address (See above) |
| 2018-12-25T12:53:03.598013534Z | 9 | PC: 12a68 | Display string (String= 'Small COM program (42 bytes) ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":19,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:03.62930946Z | 47 | PC: 12b77 | Get disk transfer address |
| 2018-12-25T12:53:03.630470529Z | 26 | PC: 12b8a | Set disk transfer address |
| 2018-12-25T12:53:03.631353007Z | 78 | PC: 12c19 | Find first file |
| 2018-12-25T12:53:03.634936375Z | 67 | PC: 12c60 | Get or set file attributes |
| 2018-12-25T12:53:03.638781516Z | 67 | PC: 12c72 | Get or set file attributes |
| 2018-12-25T12:53:04.531412188Z | 61 | PC: 12c7e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:53:04.538030376Z | 87 | PC: 12c8a | Get or set file date and time |
| 2018-12-25T12:53:04.539812175Z | 44 | PC: 12c97 | Get time 0x12c97: mov ah, 0x3f 0x12c99: mov cx, 3 0x12c9c: mov dx, 0xa 0x12c9f: nop 0x12ca0: add dx, si 0x12ca2: int 0x21 0x12ca4: jb 0x12d0a 0x12ca6: cmp ax, 3 0x12ca9: jne 0x12d0a 0x12cab: cmp word ptr [si + 0xa], 0x5a4d 0x12cb0: nop 0x12cb1: je 0x12d0a 0x12cb3: mov ax, 0x4202 0x12cb6: mov cx, 0 0x12cb9: mov dx, 0 0x12cbc: int 0x21 0x12cbe: nop 0x12cbf: jb 0x12d0a 0x12cc1: mov cx, ax 0x12cc3: sub ax, 3 |
| 2018-12-25T12:53:04.541832604Z | 63 | PC: 12ca4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:53:04.606023168Z | 66 | PC: 12cbe | Move file pointer |
| 2018-12-25T12:53:04.608681972Z | 64 | PC: 13303 | Write file or device (Write 2278 bytes on handle 5) |
| 2018-12-25T12:53:04.791444616Z | 66 | PC: 12cfb | Move file pointer |
| 2018-12-25T12:53:04.79242732Z | 64 | PC: 12d0a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:53:04.797044697Z | 87 | PC: 12d1d | Get or set file date and time |
| 2018-12-25T12:53:04.798166426Z | 62 | PC: 12d21 | Close file |
| 2018-12-25T12:53:04.985973047Z | 67 | PC: 12d30 | Get or set file attributes |
| 2018-12-25T12:53:05.002158807Z | 26 | PC: 12d3d | Set disk transfer address |
| 2018-12-25T12:53:05.009579884Z | 42 | PC: 12a9e | Get date 0x12a9e: cmp cx, 0x7cb 0x12aa2: jge 0x12aa7 0x12aa4: jmp 0x12b03 0x12aa6: nop 0x12aa7: cmp dh, 5 0x12aaa: jge 0x12aaf 0x12aac: jmp 0x12b03 0x12aae: nop 0x12aaf: cmp dl, 5 0x12ab2: jge 0x12abb 0x12ab4: jmp 0x12b03 0x12ab6: nop 0x12ab7: cmp al, 5 0x12ab9: je 0x12af6 0x12abb: mov ah, 0x2c 0x12abd: int 0x21 0x12abf: cmp ch, 0xf 0x12ac2: jb 0x12b03 0x12ac4: cmp ch, 0x13 0x12ac7: jge 0x12b03 |
| 2018-12-25T12:53:05.011316292Z | 47 | PC: 12b77 | Get disk transfer address (See above) |
| 2018-12-25T12:53:05.012240552Z | 26 | PC: 12b8a | Set disk transfer address (See above) |
| 2018-12-25T12:53:05.01400156Z | 78 | PC: 12c19 | Find first file (See above) |
| 2018-12-25T12:53:05.018566925Z | 79 | PC: 12c1f | Find next file |
| 2018-12-25T12:53:05.021287488Z | 67 | PC: 12c60 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.027168126Z | 67 | PC: 12c72 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.036986613Z | 61 | PC: 12c7e | Open file (See above) |
| 2018-12-25T12:53:05.043880434Z | 87 | PC: 12c8a | Get or set file date and time (See above) |
| 2018-12-25T12:53:05.045960917Z | 44 | PC: 12c97 | Get time (See above) |
| 2018-12-25T12:53:05.047771328Z | 63 | PC: 12ca4 | Read file or device (See above) |
| 2018-12-25T12:53:05.054048852Z | 66 | PC: 12cbe | Move file pointer (See above) |
| 2018-12-25T12:53:05.05666779Z | 64 | PC: 13303 | Write file or device (See above) |
| 2018-12-25T12:53:05.06568783Z | 66 | PC: 12cfb | Move file pointer (See above) |
| 2018-12-25T12:53:05.071824423Z | 64 | PC: 12d0a | Write file or device (See above) |
| 2018-12-25T12:53:05.076624354Z | 87 | PC: 12d1d | Get or set file date and time (See above) |
| 2018-12-25T12:53:05.077782076Z | 62 | PC: 12d21 | Close file (See above) |
| 2018-12-25T12:53:05.083221447Z | 67 | PC: 12d30 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.093412288Z | 26 | PC: 12d3d | Set disk transfer address (See above) |
| 2018-12-25T12:53:05.094556755Z | 9 | PC: 12a68 | Display string (String= 'Small COM program (42 bytes) ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":19,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:03.67057966Z | 47 | PC: 12b77 | Get disk transfer address |
| 2018-12-25T12:53:03.672112935Z | 26 | PC: 12b8a | Set disk transfer address |
| 2018-12-25T12:53:03.673508977Z | 78 | PC: 12c19 | Find first file |
| 2018-12-25T12:53:03.680341048Z | 67 | PC: 12c60 | Get or set file attributes |
| 2018-12-25T12:53:03.68721305Z | 67 | PC: 12c72 | Get or set file attributes |
| 2018-12-25T12:53:03.704822419Z | 61 | PC: 12c7e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:53:03.712198093Z | 87 | PC: 12c8a | Get or set file date and time |
| 2018-12-25T12:53:03.713645346Z | 44 | PC: 12c97 | Get time 0x12c97: mov ah, 0x3f 0x12c99: mov cx, 3 0x12c9c: mov dx, 0xa 0x12c9f: nop 0x12ca0: add dx, si 0x12ca2: int 0x21 0x12ca4: jb 0x12d0a 0x12ca6: cmp ax, 3 0x12ca9: jne 0x12d0a 0x12cab: cmp word ptr [si + 0xa], 0x5a4d 0x12cb0: nop 0x12cb1: je 0x12d0a 0x12cb3: mov ax, 0x4202 0x12cb6: mov cx, 0 0x12cb9: mov dx, 0 0x12cbc: int 0x21 0x12cbe: nop 0x12cbf: jb 0x12d0a 0x12cc1: mov cx, ax 0x12cc3: sub ax, 3 |
| 2018-12-25T12:53:03.724617375Z | 63 | PC: 12ca4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:53:03.732343569Z | 66 | PC: 12cbe | Move file pointer |
| 2018-12-25T12:53:03.734690416Z | 64 | PC: 13303 | Write file or device (Write 2278 bytes on handle 5) |
| 2018-12-25T12:53:03.745427295Z | 66 | PC: 12cfb | Move file pointer |
| 2018-12-25T12:53:03.746909259Z | 64 | PC: 12d0a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:53:03.754027433Z | 87 | PC: 12d1d | Get or set file date and time |
| 2018-12-25T12:53:03.755914428Z | 62 | PC: 12d21 | Close file |
| 2018-12-25T12:53:03.764647225Z | 67 | PC: 12d30 | Get or set file attributes |
| 2018-12-25T12:53:03.775633642Z | 26 | PC: 12d3d | Set disk transfer address |
| 2018-12-25T12:53:03.777139997Z | 42 | PC: 12a9e | Get date 0x12a9e: cmp cx, 0x7cb 0x12aa2: jge 0x12aa7 0x12aa4: jmp 0x12b03 0x12aa6: nop 0x12aa7: cmp dh, 5 0x12aaa: jge 0x12aaf 0x12aac: jmp 0x12b03 0x12aae: nop 0x12aaf: cmp dl, 5 0x12ab2: jge 0x12abb 0x12ab4: jmp 0x12b03 0x12ab6: nop 0x12ab7: cmp al, 5 0x12ab9: je 0x12af6 0x12abb: mov ah, 0x2c 0x12abd: int 0x21 0x12abf: cmp ch, 0xf 0x12ac2: jb 0x12b03 0x12ac4: cmp ch, 0x13 0x12ac7: jge 0x12b03 |
| 2018-12-25T12:53:03.779705813Z | 47 | PC: 12b77 | Get disk transfer address (See above) |
| 2018-12-25T12:53:03.781117688Z | 26 | PC: 12b8a | Set disk transfer address (See above) |
| 2018-12-25T12:53:03.783006852Z | 78 | PC: 12c19 | Find first file (See above) |
| 2018-12-25T12:53:03.786969796Z | 79 | PC: 12c1f | Find next file |
| 2018-12-25T12:53:03.788784449Z | 67 | PC: 12c60 | Get or set file attributes (See above) |
| 2018-12-25T12:53:03.803353729Z | 67 | PC: 12c72 | Get or set file attributes (See above) |
| 2018-12-25T12:53:04.135953164Z | 61 | PC: 12c7e | Open file (See above) |
| 2018-12-25T12:53:04.143399619Z | 87 | PC: 12c8a | Get or set file date and time (See above) |
| 2018-12-25T12:53:04.145116327Z | 44 | PC: 12c97 | Get time (See above) |
| 2018-12-25T12:53:04.156760443Z | 63 | PC: 12ca4 | Read file or device (See above) |
| 2018-12-25T12:53:04.164187291Z | 66 | PC: 12cbe | Move file pointer (See above) |
| 2018-12-25T12:53:04.166502075Z | 64 | PC: 13303 | Write file or device (See above) |
| 2018-12-25T12:53:04.178300688Z | 66 | PC: 12cfb | Move file pointer (See above) |
| 2018-12-25T12:53:04.18003399Z | 64 | PC: 12d0a | Write file or device (See above) |
| 2018-12-25T12:53:04.187418252Z | 87 | PC: 12d1d | Get or set file date and time (See above) |
| 2018-12-25T12:53:04.189887299Z | 62 | PC: 12d21 | Close file (See above) |
| 2018-12-25T12:53:04.199136977Z | 67 | PC: 12d30 | Get or set file attributes (See above) |
| 2018-12-25T12:53:04.211300582Z | 26 | PC: 12d3d | Set disk transfer address (See above) |
| 2018-12-25T12:53:04.213752949Z | 9 | PC: 12a68 | Display string (String= 'Small COM program (42 bytes) ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":19,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:03.900720455Z | 47 | PC: 12b77 | Get disk transfer address |
| 2018-12-25T12:53:03.902203314Z | 26 | PC: 12b8a | Set disk transfer address |
| 2018-12-25T12:53:03.90377021Z | 78 | PC: 12c19 | Find first file |
| 2018-12-25T12:53:03.910016071Z | 67 | PC: 12c60 | Get or set file attributes |
| 2018-12-25T12:53:03.915382033Z | 67 | PC: 12c72 | Get or set file attributes |
| 2018-12-25T12:53:05.002424311Z | 61 | PC: 12c7e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:53:05.009634352Z | 87 | PC: 12c8a | Get or set file date and time |
| 2018-12-25T12:53:05.011371996Z | 44 | PC: 12c97 | Get time 0x12c97: mov ah, 0x3f 0x12c99: mov cx, 3 0x12c9c: mov dx, 0xa 0x12c9f: nop 0x12ca0: add dx, si 0x12ca2: int 0x21 0x12ca4: jb 0x12d0a 0x12ca6: cmp ax, 3 0x12ca9: jne 0x12d0a 0x12cab: cmp word ptr [si + 0xa], 0x5a4d 0x12cb0: nop 0x12cb1: je 0x12d0a 0x12cb3: mov ax, 0x4202 0x12cb6: mov cx, 0 0x12cb9: mov dx, 0 0x12cbc: int 0x21 0x12cbe: nop 0x12cbf: jb 0x12d0a 0x12cc1: mov cx, ax 0x12cc3: sub ax, 3 |
| 2018-12-25T12:53:05.013865542Z | 63 | PC: 12ca4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:53:05.020143679Z | 66 | PC: 12cbe | Move file pointer |
| 2018-12-25T12:53:05.022254849Z | 64 | PC: 13303 | Write file or device (Write 2278 bytes on handle 5) |
| 2018-12-25T12:53:05.029155904Z | 66 | PC: 12cfb | Move file pointer |
| 2018-12-25T12:53:05.030366589Z | 64 | PC: 12d0a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:53:05.034822042Z | 87 | PC: 12d1d | Get or set file date and time |
| 2018-12-25T12:53:05.03750508Z | 62 | PC: 12d21 | Close file |
| 2018-12-25T12:53:05.045572997Z | 67 | PC: 12d30 | Get or set file attributes |
| 2018-12-25T12:53:05.057623919Z | 26 | PC: 12d3d | Set disk transfer address |
| 2018-12-25T12:53:05.05869681Z | 42 | PC: 12a9e | Get date 0x12a9e: cmp cx, 0x7cb 0x12aa2: jge 0x12aa7 0x12aa4: jmp 0x12b03 0x12aa6: nop 0x12aa7: cmp dh, 5 0x12aaa: jge 0x12aaf 0x12aac: jmp 0x12b03 0x12aae: nop 0x12aaf: cmp dl, 5 0x12ab2: jge 0x12abb 0x12ab4: jmp 0x12b03 0x12ab6: nop 0x12ab7: cmp al, 5 0x12ab9: je 0x12af6 0x12abb: mov ah, 0x2c 0x12abd: int 0x21 0x12abf: cmp ch, 0xf 0x12ac2: jb 0x12b03 0x12ac4: cmp ch, 0x13 0x12ac7: jge 0x12b03 |
| 2018-12-25T12:53:05.060319658Z | 47 | PC: 12b77 | Get disk transfer address (See above) |
| 2018-12-25T12:53:05.061051655Z | 26 | PC: 12b8a | Set disk transfer address (See above) |
| 2018-12-25T12:53:05.061812129Z | 78 | PC: 12c19 | Find first file (See above) |
| 2018-12-25T12:53:05.066071614Z | 79 | PC: 12c1f | Find next file |
| 2018-12-25T12:53:05.067729424Z | 67 | PC: 12c60 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.073265074Z | 67 | PC: 12c72 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.083745864Z | 61 | PC: 12c7e | Open file (See above) |
| 2018-12-25T12:53:05.091026262Z | 87 | PC: 12c8a | Get or set file date and time (See above) |
| 2018-12-25T12:53:05.09218337Z | 44 | PC: 12c97 | Get time (See above) |
| 2018-12-25T12:53:05.094231705Z | 63 | PC: 12ca4 | Read file or device (See above) |
| 2018-12-25T12:53:05.098866274Z | 66 | PC: 12cbe | Move file pointer (See above) |
| 2018-12-25T12:53:05.101672453Z | 64 | PC: 13303 | Write file or device (See above) |
| 2018-12-25T12:53:05.112838338Z | 66 | PC: 12cfb | Move file pointer (See above) |
| 2018-12-25T12:53:05.114203207Z | 64 | PC: 12d0a | Write file or device (See above) |
| 2018-12-25T12:53:05.121274558Z | 87 | PC: 12d1d | Get or set file date and time (See above) |
| 2018-12-25T12:53:05.123538236Z | 62 | PC: 12d21 | Close file (See above) |
| 2018-12-25T12:53:05.131312643Z | 67 | PC: 12d30 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.156487063Z | 26 | PC: 12d3d | Set disk transfer address (See above) |
| 2018-12-25T12:53:05.157896986Z | 9 | PC: 12a68 | Display string (String= 'Small COM program (42 bytes) ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:04.00103104Z | 47 | PC: 12b77 | Get disk transfer address |
| 2018-12-25T12:53:04.002620854Z | 26 | PC: 12b8a | Set disk transfer address |
| 2018-12-25T12:53:04.003662645Z | 78 | PC: 12c19 | Find first file |
| 2018-12-25T12:53:04.009468074Z | 67 | PC: 12c60 | Get or set file attributes |
| 2018-12-25T12:53:04.015567422Z | 67 | PC: 12c72 | Get or set file attributes |
| 2018-12-25T12:53:05.000908085Z | 61 | PC: 12c7e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:53:05.012927779Z | 87 | PC: 12c8a | Get or set file date and time |
| 2018-12-25T12:53:05.014713195Z | 44 | PC: 12c97 | Get time 0x12c97: mov ah, 0x3f 0x12c99: mov cx, 3 0x12c9c: mov dx, 0xa 0x12c9f: nop 0x12ca0: add dx, si 0x12ca2: int 0x21 0x12ca4: jb 0x12d0a 0x12ca6: cmp ax, 3 0x12ca9: jne 0x12d0a 0x12cab: cmp word ptr [si + 0xa], 0x5a4d 0x12cb0: nop 0x12cb1: je 0x12d0a 0x12cb3: mov ax, 0x4202 0x12cb6: mov cx, 0 0x12cb9: mov dx, 0 0x12cbc: int 0x21 0x12cbe: nop 0x12cbf: jb 0x12d0a 0x12cc1: mov cx, ax 0x12cc3: sub ax, 3 |
| 2018-12-25T12:53:05.016667413Z | 63 | PC: 12ca4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:53:05.022897982Z | 66 | PC: 12cbe | Move file pointer |
| 2018-12-25T12:53:05.025298229Z | 64 | PC: 13303 | Write file or device (Write 2278 bytes on handle 5) |
| 2018-12-25T12:53:05.03115147Z | 66 | PC: 12cfb | Move file pointer |
| 2018-12-25T12:53:05.032068843Z | 64 | PC: 12d0a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:53:05.036409663Z | 87 | PC: 12d1d | Get or set file date and time |
| 2018-12-25T12:53:05.037420632Z | 62 | PC: 12d21 | Close file |
| 2018-12-25T12:53:05.042746779Z | 67 | PC: 12d30 | Get or set file attributes |
| 2018-12-25T12:53:05.052554601Z | 26 | PC: 12d3d | Set disk transfer address |
| 2018-12-25T12:53:05.053391612Z | 42 | PC: 12a9e | Get date 0x12a9e: cmp cx, 0x7cb 0x12aa2: jge 0x12aa7 0x12aa4: jmp 0x12b03 0x12aa6: nop 0x12aa7: cmp dh, 5 0x12aaa: jge 0x12aaf 0x12aac: jmp 0x12b03 0x12aae: nop 0x12aaf: cmp dl, 5 0x12ab2: jge 0x12abb 0x12ab4: jmp 0x12b03 0x12ab6: nop 0x12ab7: cmp al, 5 0x12ab9: je 0x12af6 0x12abb: mov ah, 0x2c 0x12abd: int 0x21 0x12abf: cmp ch, 0xf 0x12ac2: jb 0x12b03 0x12ac4: cmp ch, 0x13 0x12ac7: jge 0x12b03 |
| 2018-12-25T12:53:05.054791418Z | 47 | PC: 12b77 | Get disk transfer address (See above) |
| 2018-12-25T12:53:05.05599289Z | 26 | PC: 12b8a | Set disk transfer address (See above) |
| 2018-12-25T12:53:05.056970314Z | 78 | PC: 12c19 | Find first file (See above) |
| 2018-12-25T12:53:05.061143312Z | 79 | PC: 12c1f | Find next file |
| 2018-12-25T12:53:05.062958068Z | 67 | PC: 12c60 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.068604626Z | 67 | PC: 12c72 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.080730602Z | 61 | PC: 12c7e | Open file (See above) |
| 2018-12-25T12:53:05.086952243Z | 87 | PC: 12c8a | Get or set file date and time (See above) |
| 2018-12-25T12:53:05.09017656Z | 44 | PC: 12c97 | Get time (See above) |
| 2018-12-25T12:53:05.092259032Z | 63 | PC: 12ca4 | Read file or device (See above) |
| 2018-12-25T12:53:05.098584762Z | 66 | PC: 12cbe | Move file pointer (See above) |
| 2018-12-25T12:53:05.100326625Z | 64 | PC: 13303 | Write file or device (See above) |
| 2018-12-25T12:53:05.109427128Z | 66 | PC: 12cfb | Move file pointer (See above) |
| 2018-12-25T12:53:05.110769996Z | 64 | PC: 12d0a | Write file or device (See above) |
| 2018-12-25T12:53:05.117345023Z | 87 | PC: 12d1d | Get or set file date and time (See above) |
| 2018-12-25T12:53:05.118674042Z | 62 | PC: 12d21 | Close file (See above) |
| 2018-12-25T12:53:05.12618429Z | 67 | PC: 12d30 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.140124228Z | 26 | PC: 12d3d | Set disk transfer address (See above) |
| 2018-12-25T12:53:05.140999047Z | 9 | PC: 12a68 | Display string (String= 'Small COM program (42 bytes) ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:04.226374402Z | 47 | PC: 12b77 | Get disk transfer address |
| 2018-12-25T12:53:04.227427381Z | 26 | PC: 12b8a | Set disk transfer address |
| 2018-12-25T12:53:04.229252184Z | 78 | PC: 12c19 | Find first file |
| 2018-12-25T12:53:04.233961318Z | 67 | PC: 12c60 | Get or set file attributes |
| 2018-12-25T12:53:04.238489123Z | 67 | PC: 12c72 | Get or set file attributes |
| 2018-12-25T12:53:04.25725998Z | 61 | PC: 12c7e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:53:04.264534401Z | 87 | PC: 12c8a | Get or set file date and time |
| 2018-12-25T12:53:04.266054113Z | 44 | PC: 12c97 | Get time 0x12c97: mov ah, 0x3f 0x12c99: mov cx, 3 0x12c9c: mov dx, 0xa 0x12c9f: nop 0x12ca0: add dx, si 0x12ca2: int 0x21 0x12ca4: jb 0x12d0a 0x12ca6: cmp ax, 3 0x12ca9: jne 0x12d0a 0x12cab: cmp word ptr [si + 0xa], 0x5a4d 0x12cb0: nop 0x12cb1: je 0x12d0a 0x12cb3: mov ax, 0x4202 0x12cb6: mov cx, 0 0x12cb9: mov dx, 0 0x12cbc: int 0x21 0x12cbe: nop 0x12cbf: jb 0x12d0a 0x12cc1: mov cx, ax 0x12cc3: sub ax, 3 |
| 2018-12-25T12:53:04.268851555Z | 63 | PC: 12ca4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:53:04.275871386Z | 66 | PC: 12cbe | Move file pointer |
| 2018-12-25T12:53:04.278366343Z | 64 | PC: 13303 | Write file or device (Write 2278 bytes on handle 5) |
| 2018-12-25T12:53:04.293277577Z | 66 | PC: 12cfb | Move file pointer |
| 2018-12-25T12:53:04.295228504Z | 64 | PC: 12d0a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:53:04.302784345Z | 87 | PC: 12d1d | Get or set file date and time |
| 2018-12-25T12:53:04.304474285Z | 62 | PC: 12d21 | Close file |
| 2018-12-25T12:53:04.314961105Z | 67 | PC: 12d30 | Get or set file attributes |
| 2018-12-25T12:53:04.324155932Z | 26 | PC: 12d3d | Set disk transfer address |
| 2018-12-25T12:53:04.326473441Z | 42 | PC: 12a9e | Get date 0x12a9e: cmp cx, 0x7cb 0x12aa2: jge 0x12aa7 0x12aa4: jmp 0x12b03 0x12aa6: nop 0x12aa7: cmp dh, 5 0x12aaa: jge 0x12aaf 0x12aac: jmp 0x12b03 0x12aae: nop 0x12aaf: cmp dl, 5 0x12ab2: jge 0x12abb 0x12ab4: jmp 0x12b03 0x12ab6: nop 0x12ab7: cmp al, 5 0x12ab9: je 0x12af6 0x12abb: mov ah, 0x2c 0x12abd: int 0x21 0x12abf: cmp ch, 0xf 0x12ac2: jb 0x12b03 0x12ac4: cmp ch, 0x13 0x12ac7: jge 0x12b03 |
| 2018-12-25T12:53:04.330769138Z | 47 | PC: 12b77 | Get disk transfer address (See above) |
| 2018-12-25T12:53:04.332499898Z | 26 | PC: 12b8a | Set disk transfer address (See above) |
| 2018-12-25T12:53:04.334268901Z | 78 | PC: 12c19 | Find first file (See above) |
| 2018-12-25T12:53:04.348349929Z | 79 | PC: 12c1f | Find next file |
| 2018-12-25T12:53:04.354096777Z | 67 | PC: 12c60 | Get or set file attributes (See above) |
| 2018-12-25T12:53:04.362049831Z | 67 | PC: 12c72 | Get or set file attributes (See above) |
| 2018-12-25T12:53:04.37469489Z | 61 | PC: 12c7e | Open file (See above) |
| 2018-12-25T12:53:04.382469203Z | 87 | PC: 12c8a | Get or set file date and time (See above) |
| 2018-12-25T12:53:04.384514602Z | 44 | PC: 12c97 | Get time (See above) |
| 2018-12-25T12:53:04.387956494Z | 63 | PC: 12ca4 | Read file or device (See above) |
| 2018-12-25T12:53:04.395774034Z | 66 | PC: 12cbe | Move file pointer (See above) |
| 2018-12-25T12:53:04.398812707Z | 64 | PC: 13303 | Write file or device (See above) |
| 2018-12-25T12:53:04.411168791Z | 66 | PC: 12cfb | Move file pointer (See above) |
| 2018-12-25T12:53:04.425051075Z | 64 | PC: 12d0a | Write file or device (See above) |
| 2018-12-25T12:53:04.432976022Z | 87 | PC: 12d1d | Get or set file date and time (See above) |
| 2018-12-25T12:53:04.435154137Z | 62 | PC: 12d21 | Close file (See above) |
| 2018-12-25T12:53:04.444365476Z | 67 | PC: 12d30 | Get or set file attributes (See above) |
| 2018-12-25T12:53:04.455556077Z | 26 | PC: 12d3d | Set disk transfer address (See above) |
| 2018-12-25T12:53:04.456774392Z | 9 | PC: 12a68 | Display string (String= 'Small COM program (42 bytes) ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:04.198723721Z | 47 | PC: 12b77 | Get disk transfer address |
| 2018-12-25T12:53:04.200030139Z | 26 | PC: 12b8a | Set disk transfer address |
| 2018-12-25T12:53:04.200978439Z | 78 | PC: 12c19 | Find first file |
| 2018-12-25T12:53:04.204640794Z | 67 | PC: 12c60 | Get or set file attributes |
| 2018-12-25T12:53:04.208463688Z | 67 | PC: 12c72 | Get or set file attributes |
| 2018-12-25T12:53:05.001257443Z | 61 | PC: 12c7e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:53:05.00626354Z | 87 | PC: 12c8a | Get or set file date and time |
| 2018-12-25T12:53:05.007633181Z | 44 | PC: 12c97 | Get time 0x12c97: mov ah, 0x3f 0x12c99: mov cx, 3 0x12c9c: mov dx, 0xa 0x12c9f: nop 0x12ca0: add dx, si 0x12ca2: int 0x21 0x12ca4: jb 0x12d0a 0x12ca6: cmp ax, 3 0x12ca9: jne 0x12d0a 0x12cab: cmp word ptr [si + 0xa], 0x5a4d 0x12cb0: nop 0x12cb1: je 0x12d0a 0x12cb3: mov ax, 0x4202 0x12cb6: mov cx, 0 0x12cb9: mov dx, 0 0x12cbc: int 0x21 0x12cbe: nop 0x12cbf: jb 0x12d0a 0x12cc1: mov cx, ax 0x12cc3: sub ax, 3 |
| 2018-12-25T12:53:05.011171756Z | 63 | PC: 12ca4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:53:05.015207829Z | 66 | PC: 12cbe | Move file pointer |
| 2018-12-25T12:53:05.017041713Z | 64 | PC: 13303 | Write file or device (Write 2278 bytes on handle 5) |
| 2018-12-25T12:53:05.022928314Z | 66 | PC: 12cfb | Move file pointer |
| 2018-12-25T12:53:05.024508641Z | 64 | PC: 12d0a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:53:05.029121584Z | 87 | PC: 12d1d | Get or set file date and time |
| 2018-12-25T12:53:05.030703175Z | 62 | PC: 12d21 | Close file |
| 2018-12-25T12:53:05.036919713Z | 67 | PC: 12d30 | Get or set file attributes |
| 2018-12-25T12:53:05.047697076Z | 26 | PC: 12d3d | Set disk transfer address |
| 2018-12-25T12:53:05.049486662Z | 42 | PC: 12a9e | Get date 0x12a9e: cmp cx, 0x7cb 0x12aa2: jge 0x12aa7 0x12aa4: jmp 0x12b03 0x12aa6: nop 0x12aa7: cmp dh, 5 0x12aaa: jge 0x12aaf 0x12aac: jmp 0x12b03 0x12aae: nop 0x12aaf: cmp dl, 5 0x12ab2: jge 0x12abb 0x12ab4: jmp 0x12b03 0x12ab6: nop 0x12ab7: cmp al, 5 0x12ab9: je 0x12af6 0x12abb: mov ah, 0x2c 0x12abd: int 0x21 0x12abf: cmp ch, 0xf 0x12ac2: jb 0x12b03 0x12ac4: cmp ch, 0x13 0x12ac7: jge 0x12b03 |
| 2018-12-25T12:53:05.051121906Z | 47 | PC: 12b77 | Get disk transfer address (See above) |
| 2018-12-25T12:53:05.056521729Z | 26 | PC: 12b8a | Set disk transfer address (See above) |
| 2018-12-25T12:53:05.06275752Z | 78 | PC: 12c19 | Find first file (See above) |
| 2018-12-25T12:53:05.066870961Z | 79 | PC: 12c1f | Find next file |
| 2018-12-25T12:53:05.068708816Z | 67 | PC: 12c60 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.07387257Z | 67 | PC: 12c72 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.084335526Z | 61 | PC: 12c7e | Open file (See above) |
| 2018-12-25T12:53:05.096210516Z | 87 | PC: 12c8a | Get or set file date and time (See above) |
| 2018-12-25T12:53:05.098228952Z | 44 | PC: 12c97 | Get time (See above) |
| 2018-12-25T12:53:05.100268684Z | 63 | PC: 12ca4 | Read file or device (See above) |
| 2018-12-25T12:53:05.107033865Z | 66 | PC: 12cbe | Move file pointer (See above) |
| 2018-12-25T12:53:05.110046851Z | 64 | PC: 13303 | Write file or device (See above) |
| 2018-12-25T12:53:05.119866298Z | 66 | PC: 12cfb | Move file pointer (See above) |
| 2018-12-25T12:53:05.121425884Z | 64 | PC: 12d0a | Write file or device (See above) |
| 2018-12-25T12:53:05.129440117Z | 87 | PC: 12d1d | Get or set file date and time (See above) |
| 2018-12-25T12:53:05.130951781Z | 62 | PC: 12d21 | Close file (See above) |
| 2018-12-25T12:53:05.138812844Z | 67 | PC: 12d30 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.148767958Z | 26 | PC: 12d3d | Set disk transfer address (See above) |
| 2018-12-25T12:53:05.150090444Z | 9 | PC: 12a68 | Display string (String= 'Small COM program (42 bytes) ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:04.2684883Z | 47 | PC: 12b77 | Get disk transfer address |
| 2018-12-25T12:53:04.270936067Z | 26 | PC: 12b8a | Set disk transfer address |
| 2018-12-25T12:53:04.272652636Z | 78 | PC: 12c19 | Find first file |
| 2018-12-25T12:53:04.279714129Z | 67 | PC: 12c60 | Get or set file attributes |
| 2018-12-25T12:53:04.288017615Z | 67 | PC: 12c72 | Get or set file attributes |
| 2018-12-25T12:53:04.309059741Z | 61 | PC: 12c7e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:53:04.317769394Z | 87 | PC: 12c8a | Get or set file date and time |
| 2018-12-25T12:53:04.320085137Z | 44 | PC: 12c97 | Get time 0x12c97: mov ah, 0x3f 0x12c99: mov cx, 3 0x12c9c: mov dx, 0xa 0x12c9f: nop 0x12ca0: add dx, si 0x12ca2: int 0x21 0x12ca4: jb 0x12d0a 0x12ca6: cmp ax, 3 0x12ca9: jne 0x12d0a 0x12cab: cmp word ptr [si + 0xa], 0x5a4d 0x12cb0: nop 0x12cb1: je 0x12d0a 0x12cb3: mov ax, 0x4202 0x12cb6: mov cx, 0 0x12cb9: mov dx, 0 0x12cbc: int 0x21 0x12cbe: nop 0x12cbf: jb 0x12d0a 0x12cc1: mov cx, ax 0x12cc3: sub ax, 3 |
| 2018-12-25T12:53:04.325295537Z | 63 | PC: 12ca4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:53:04.33284152Z | 66 | PC: 12cbe | Move file pointer |
| 2018-12-25T12:53:04.335688642Z | 64 | PC: 13303 | Write file or device (Write 2278 bytes on handle 5) |
| 2018-12-25T12:53:04.347449652Z | 66 | PC: 12cfb | Move file pointer |
| 2018-12-25T12:53:04.34940308Z | 64 | PC: 12d0a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:53:04.357068577Z | 87 | PC: 12d1d | Get or set file date and time |
| 2018-12-25T12:53:04.359847269Z | 62 | PC: 12d21 | Close file |
| 2018-12-25T12:53:04.382239271Z | 67 | PC: 12d30 | Get or set file attributes |
| 2018-12-25T12:53:04.402792881Z | 26 | PC: 12d3d | Set disk transfer address |
| 2018-12-25T12:53:04.405268766Z | 42 | PC: 12a9e | Get date 0x12a9e: cmp cx, 0x7cb 0x12aa2: jge 0x12aa7 0x12aa4: jmp 0x12b03 0x12aa6: nop 0x12aa7: cmp dh, 5 0x12aaa: jge 0x12aaf 0x12aac: jmp 0x12b03 0x12aae: nop 0x12aaf: cmp dl, 5 0x12ab2: jge 0x12abb 0x12ab4: jmp 0x12b03 0x12ab6: nop 0x12ab7: cmp al, 5 0x12ab9: je 0x12af6 0x12abb: mov ah, 0x2c 0x12abd: int 0x21 0x12abf: cmp ch, 0xf 0x12ac2: jb 0x12b03 0x12ac4: cmp ch, 0x13 0x12ac7: jge 0x12b03 |
| 2018-12-25T12:53:04.409608981Z | 47 | PC: 12b77 | Get disk transfer address (See above) |
| 2018-12-25T12:53:04.413278857Z | 26 | PC: 12b8a | Set disk transfer address (See above) |
| 2018-12-25T12:53:04.415197518Z | 78 | PC: 12c19 | Find first file (See above) |
| 2018-12-25T12:53:04.422088254Z | 79 | PC: 12c1f | Find next file |
| 2018-12-25T12:53:04.425126007Z | 67 | PC: 12c60 | Get or set file attributes (See above) |
| 2018-12-25T12:53:04.431918751Z | 67 | PC: 12c72 | Get or set file attributes (See above) |
| 2018-12-25T12:53:04.44339923Z | 61 | PC: 12c7e | Open file (See above) |
| 2018-12-25T12:53:04.451084674Z | 87 | PC: 12c8a | Get or set file date and time (See above) |
| 2018-12-25T12:53:04.453671564Z | 44 | PC: 12c97 | Get time (See above) |
| 2018-12-25T12:53:04.456458659Z | 63 | PC: 12ca4 | Read file or device (See above) |
| 2018-12-25T12:53:04.463870619Z | 66 | PC: 12cbe | Move file pointer (See above) |
| 2018-12-25T12:53:04.467108616Z | 64 | PC: 13303 | Write file or device (See above) |
| 2018-12-25T12:53:04.478988165Z | 66 | PC: 12cfb | Move file pointer (See above) |
| 2018-12-25T12:53:04.480616509Z | 64 | PC: 12d0a | Write file or device (See above) |
| 2018-12-25T12:53:04.488480927Z | 87 | PC: 12d1d | Get or set file date and time (See above) |
| 2018-12-25T12:53:04.492106111Z | 62 | PC: 12d21 | Close file (See above) |
| 2018-12-25T12:53:04.501555841Z | 67 | PC: 12d30 | Get or set file attributes (See above) |
| 2018-12-25T12:53:04.513631212Z | 26 | PC: 12d3d | Set disk transfer address (See above) |
| 2018-12-25T12:53:04.516256842Z | 9 | PC: 12a68 | Display string (String= 'Small COM program (42 bytes) ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:04.384811767Z | 47 | PC: 12b77 | Get disk transfer address |
| 2018-12-25T12:53:04.386919996Z | 26 | PC: 12b8a | Set disk transfer address |
| 2018-12-25T12:53:04.388974781Z | 78 | PC: 12c19 | Find first file |
| 2018-12-25T12:53:04.396023069Z | 67 | PC: 12c60 | Get or set file attributes |
| 2018-12-25T12:53:04.402953466Z | 67 | PC: 12c72 | Get or set file attributes |
| 2018-12-25T12:53:04.420842147Z | 61 | PC: 12c7e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:53:04.427850712Z | 87 | PC: 12c8a | Get or set file date and time |
| 2018-12-25T12:53:04.433603719Z | 44 | PC: 12c97 | Get time 0x12c97: mov ah, 0x3f 0x12c99: mov cx, 3 0x12c9c: mov dx, 0xa 0x12c9f: nop 0x12ca0: add dx, si 0x12ca2: int 0x21 0x12ca4: jb 0x12d0a 0x12ca6: cmp ax, 3 0x12ca9: jne 0x12d0a 0x12cab: cmp word ptr [si + 0xa], 0x5a4d 0x12cb0: nop 0x12cb1: je 0x12d0a 0x12cb3: mov ax, 0x4202 0x12cb6: mov cx, 0 0x12cb9: mov dx, 0 0x12cbc: int 0x21 0x12cbe: nop 0x12cbf: jb 0x12d0a 0x12cc1: mov cx, ax 0x12cc3: sub ax, 3 |
| 2018-12-25T12:53:04.436996991Z | 63 | PC: 12ca4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:53:04.448801706Z | 66 | PC: 12cbe | Move file pointer |
| 2018-12-25T12:53:04.451283984Z | 64 | PC: 13303 | Write file or device (Write 2278 bytes on handle 5) |
| 2018-12-25T12:53:04.465663702Z | 66 | PC: 12cfb | Move file pointer |
| 2018-12-25T12:53:04.467652682Z | 64 | PC: 12d0a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:53:04.482728988Z | 87 | PC: 12d1d | Get or set file date and time |
| 2018-12-25T12:53:04.485559288Z | 62 | PC: 12d21 | Close file |
| 2018-12-25T12:53:04.495423901Z | 67 | PC: 12d30 | Get or set file attributes |
| 2018-12-25T12:53:04.508391087Z | 26 | PC: 12d3d | Set disk transfer address |
| 2018-12-25T12:53:04.511216652Z | 42 | PC: 12a9e | Get date 0x12a9e: cmp cx, 0x7cb 0x12aa2: jge 0x12aa7 0x12aa4: jmp 0x12b03 0x12aa6: nop 0x12aa7: cmp dh, 5 0x12aaa: jge 0x12aaf 0x12aac: jmp 0x12b03 0x12aae: nop 0x12aaf: cmp dl, 5 0x12ab2: jge 0x12abb 0x12ab4: jmp 0x12b03 0x12ab6: nop 0x12ab7: cmp al, 5 0x12ab9: je 0x12af6 0x12abb: mov ah, 0x2c 0x12abd: int 0x21 0x12abf: cmp ch, 0xf 0x12ac2: jb 0x12b03 0x12ac4: cmp ch, 0x13 0x12ac7: jge 0x12b03 |
| 2018-12-25T12:53:04.514079736Z | 47 | PC: 12b77 | Get disk transfer address (See above) |
| 2018-12-25T12:53:04.51578166Z | 26 | PC: 12b8a | Set disk transfer address (See above) |
| 2018-12-25T12:53:04.51853368Z | 78 | PC: 12c19 | Find first file (See above) |
| 2018-12-25T12:53:04.525776245Z | 79 | PC: 12c1f | Find next file |
| 2018-12-25T12:53:04.529093185Z | 67 | PC: 12c60 | Get or set file attributes (See above) |
| 2018-12-25T12:53:04.535875976Z | 67 | PC: 12c72 | Get or set file attributes (See above) |
| 2018-12-25T12:53:04.548218966Z | 61 | PC: 12c7e | Open file (See above) |
| 2018-12-25T12:53:04.556128403Z | 87 | PC: 12c8a | Get or set file date and time (See above) |
| 2018-12-25T12:53:04.558120009Z | 44 | PC: 12c97 | Get time (See above) |
| 2018-12-25T12:53:04.562236586Z | 63 | PC: 12ca4 | Read file or device (See above) |
| 2018-12-25T12:53:04.570642531Z | 66 | PC: 12cbe | Move file pointer (See above) |
| 2018-12-25T12:53:04.573520013Z | 64 | PC: 13303 | Write file or device (See above) |
| 2018-12-25T12:53:04.584963318Z | 66 | PC: 12cfb | Move file pointer (See above) |
| 2018-12-25T12:53:04.587326771Z | 64 | PC: 12d0a | Write file or device (See above) |
| 2018-12-25T12:53:04.595153146Z | 87 | PC: 12d1d | Get or set file date and time (See above) |
| 2018-12-25T12:53:04.598460711Z | 62 | PC: 12d21 | Close file (See above) |
| 2018-12-25T12:53:04.607492874Z | 67 | PC: 12d30 | Get or set file attributes (See above) |
| 2018-12-25T12:53:04.619258993Z | 26 | PC: 12d3d | Set disk transfer address (See above) |
| 2018-12-25T12:53:04.620976207Z | 9 | PC: 12a68 | Display string (String= 'Small COM program (42 bytes) ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:04.428774229Z | 47 | PC: 12b77 | Get disk transfer address |
| 2018-12-25T12:53:04.431791656Z | 26 | PC: 12b8a | Set disk transfer address |
| 2018-12-25T12:53:04.43355138Z | 78 | PC: 12c19 | Find first file |
| 2018-12-25T12:53:04.440406672Z | 67 | PC: 12c60 | Get or set file attributes |
| 2018-12-25T12:53:04.447187471Z | 67 | PC: 12c72 | Get or set file attributes |
| 2018-12-25T12:53:04.465420782Z | 61 | PC: 12c7e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:53:04.47404706Z | 87 | PC: 12c8a | Get or set file date and time |
| 2018-12-25T12:53:04.476053601Z | 44 | PC: 12c97 | Get time 0x12c97: mov ah, 0x3f 0x12c99: mov cx, 3 0x12c9c: mov dx, 0xa 0x12c9f: nop 0x12ca0: add dx, si 0x12ca2: int 0x21 0x12ca4: jb 0x12d0a 0x12ca6: cmp ax, 3 0x12ca9: jne 0x12d0a 0x12cab: cmp word ptr [si + 0xa], 0x5a4d 0x12cb0: nop 0x12cb1: je 0x12d0a 0x12cb3: mov ax, 0x4202 0x12cb6: mov cx, 0 0x12cb9: mov dx, 0 0x12cbc: int 0x21 0x12cbe: nop 0x12cbf: jb 0x12d0a 0x12cc1: mov cx, ax 0x12cc3: sub ax, 3 |
| 2018-12-25T12:53:04.479681712Z | 63 | PC: 12ca4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:53:04.487241014Z | 66 | PC: 12cbe | Move file pointer |
| 2018-12-25T12:53:04.490141101Z | 64 | PC: 13303 | Write file or device (Write 2278 bytes on handle 5) |
| 2018-12-25T12:53:04.50141394Z | 66 | PC: 12cfb | Move file pointer |
| 2018-12-25T12:53:04.503385868Z | 64 | PC: 12d0a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:53:04.511084368Z | 87 | PC: 12d1d | Get or set file date and time |
| 2018-12-25T12:53:04.514544135Z | 62 | PC: 12d21 | Close file |
| 2018-12-25T12:53:04.523322079Z | 67 | PC: 12d30 | Get or set file attributes |
| 2018-12-25T12:53:04.534221835Z | 26 | PC: 12d3d | Set disk transfer address |
| 2018-12-25T12:53:04.536072083Z | 42 | PC: 12a9e | Get date 0x12a9e: cmp cx, 0x7cb 0x12aa2: jge 0x12aa7 0x12aa4: jmp 0x12b03 0x12aa6: nop 0x12aa7: cmp dh, 5 0x12aaa: jge 0x12aaf 0x12aac: jmp 0x12b03 0x12aae: nop 0x12aaf: cmp dl, 5 0x12ab2: jge 0x12abb 0x12ab4: jmp 0x12b03 0x12ab6: nop 0x12ab7: cmp al, 5 0x12ab9: je 0x12af6 0x12abb: mov ah, 0x2c 0x12abd: int 0x21 0x12abf: cmp ch, 0xf 0x12ac2: jb 0x12b03 0x12ac4: cmp ch, 0x13 0x12ac7: jge 0x12b03 |
| 2018-12-25T12:53:04.539541545Z | 47 | PC: 12b77 | Get disk transfer address (See above) |
| 2018-12-25T12:53:04.541189363Z | 26 | PC: 12b8a | Set disk transfer address (See above) |
| 2018-12-25T12:53:04.543376423Z | 78 | PC: 12c19 | Find first file (See above) |
| 2018-12-25T12:53:04.550808025Z | 79 | PC: 12c1f | Find next file |
| 2018-12-25T12:53:04.554121833Z | 67 | PC: 12c60 | Get or set file attributes (See above) |
| 2018-12-25T12:53:04.562454312Z | 67 | PC: 12c72 | Get or set file attributes (See above) |
| 2018-12-25T12:53:04.57923894Z | 61 | PC: 12c7e | Open file (See above) |
| 2018-12-25T12:53:04.589375854Z | 87 | PC: 12c8a | Get or set file date and time (See above) |
| 2018-12-25T12:53:04.591345718Z | 44 | PC: 12c97 | Get time (See above) |
| 2018-12-25T12:53:04.595692682Z | 63 | PC: 12ca4 | Read file or device (See above) |
| 2018-12-25T12:53:04.603135642Z | 66 | PC: 12cbe | Move file pointer (See above) |
| 2018-12-25T12:53:04.605760088Z | 64 | PC: 13303 | Write file or device (See above) |
| 2018-12-25T12:53:04.61722695Z | 66 | PC: 12cfb | Move file pointer (See above) |
| 2018-12-25T12:53:04.618811197Z | 64 | PC: 12d0a | Write file or device (See above) |
| 2018-12-25T12:53:04.626602789Z | 87 | PC: 12d1d | Get or set file date and time (See above) |
| 2018-12-25T12:53:04.629390309Z | 62 | PC: 12d21 | Close file (See above) |
| 2018-12-25T12:53:04.638604523Z | 67 | PC: 12d30 | Get or set file attributes (See above) |
| 2018-12-25T12:53:04.650376692Z | 26 | PC: 12d3d | Set disk transfer address (See above) |
| 2018-12-25T12:53:04.652893327Z | 9 | PC: 12a68 | Display string (String= 'Small COM program (42 bytes) ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":15,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:04.452230122Z | 47 | PC: 12b77 | Get disk transfer address |
| 2018-12-25T12:53:04.453976031Z | 26 | PC: 12b8a | Set disk transfer address |
| 2018-12-25T12:53:04.455308734Z | 78 | PC: 12c19 | Find first file |
| 2018-12-25T12:53:04.461908552Z | 67 | PC: 12c60 | Get or set file attributes |
| 2018-12-25T12:53:04.469197041Z | 67 | PC: 12c72 | Get or set file attributes |
| 2018-12-25T12:53:04.489294074Z | 61 | PC: 12c7e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:53:04.497965821Z | 87 | PC: 12c8a | Get or set file date and time |
| 2018-12-25T12:53:04.500008625Z | 44 | PC: 12c97 | Get time 0x12c97: mov ah, 0x3f 0x12c99: mov cx, 3 0x12c9c: mov dx, 0xa 0x12c9f: nop 0x12ca0: add dx, si 0x12ca2: int 0x21 0x12ca4: jb 0x12d0a 0x12ca6: cmp ax, 3 0x12ca9: jne 0x12d0a 0x12cab: cmp word ptr [si + 0xa], 0x5a4d 0x12cb0: nop 0x12cb1: je 0x12d0a 0x12cb3: mov ax, 0x4202 0x12cb6: mov cx, 0 0x12cb9: mov dx, 0 0x12cbc: int 0x21 0x12cbe: nop 0x12cbf: jb 0x12d0a 0x12cc1: mov cx, ax 0x12cc3: sub ax, 3 |
| 2018-12-25T12:53:04.504919345Z | 63 | PC: 12ca4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:53:04.512657232Z | 66 | PC: 12cbe | Move file pointer |
| 2018-12-25T12:53:04.515666238Z | 64 | PC: 13303 | Write file or device (Write 2278 bytes on handle 5) |
| 2018-12-25T12:53:04.535569888Z | 66 | PC: 12cfb | Move file pointer |
| 2018-12-25T12:53:04.538580982Z | 64 | PC: 12d0a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:53:04.547052071Z | 87 | PC: 12d1d | Get or set file date and time |
| 2018-12-25T12:53:04.550894762Z | 62 | PC: 12d21 | Close file |
| 2018-12-25T12:53:04.560860957Z | 67 | PC: 12d30 | Get or set file attributes |
| 2018-12-25T12:53:04.572371249Z | 26 | PC: 12d3d | Set disk transfer address |
| 2018-12-25T12:53:04.57503475Z | 42 | PC: 12a9e | Get date 0x12a9e: cmp cx, 0x7cb 0x12aa2: jge 0x12aa7 0x12aa4: jmp 0x12b03 0x12aa6: nop 0x12aa7: cmp dh, 5 0x12aaa: jge 0x12aaf 0x12aac: jmp 0x12b03 0x12aae: nop 0x12aaf: cmp dl, 5 0x12ab2: jge 0x12abb 0x12ab4: jmp 0x12b03 0x12ab6: nop 0x12ab7: cmp al, 5 0x12ab9: je 0x12af6 0x12abb: mov ah, 0x2c 0x12abd: int 0x21 0x12abf: cmp ch, 0xf 0x12ac2: jb 0x12b03 0x12ac4: cmp ch, 0x13 0x12ac7: jge 0x12b03 |
| 2018-12-25T12:53:04.577613926Z | 47 | PC: 12b77 | Get disk transfer address (See above) |
| 2018-12-25T12:53:04.579367235Z | 26 | PC: 12b8a | Set disk transfer address (See above) |
| 2018-12-25T12:53:04.581937833Z | 78 | PC: 12c19 | Find first file (See above) |
| 2018-12-25T12:53:04.589033046Z | 79 | PC: 12c1f | Find next file |
| 2018-12-25T12:53:04.592405153Z | 67 | PC: 12c60 | Get or set file attributes (See above) |
| 2018-12-25T12:53:04.597997856Z | 67 | PC: 12c72 | Get or set file attributes (See above) |
| 2018-12-25T12:53:04.60515431Z | 61 | PC: 12c7e | Open file (See above) |
| 2018-12-25T12:53:04.612962556Z | 87 | PC: 12c8a | Get or set file date and time (See above) |
| 2018-12-25T12:53:04.614261564Z | 44 | PC: 12c97 | Get time (See above) |
| 2018-12-25T12:53:04.616444258Z | 63 | PC: 12ca4 | Read file or device (See above) |
| 2018-12-25T12:53:04.621213573Z | 66 | PC: 12cbe | Move file pointer (See above) |
| 2018-12-25T12:53:04.622995797Z | 64 | PC: 13303 | Write file or device (See above) |
| 2018-12-25T12:53:04.634672309Z | 66 | PC: 12cfb | Move file pointer (See above) |
| 2018-12-25T12:53:04.641957836Z | 64 | PC: 12d0a | Write file or device (See above) |
| 2018-12-25T12:53:04.659956681Z | 87 | PC: 12d1d | Get or set file date and time (See above) |
| 2018-12-25T12:53:04.663347977Z | 62 | PC: 12d21 | Close file (See above) |
| 2018-12-25T12:53:04.676525569Z | 67 | PC: 12d30 | Get or set file attributes (See above) |
| 2018-12-25T12:53:04.687765237Z | 26 | PC: 12d3d | Set disk transfer address (See above) |
| 2018-12-25T12:53:04.689604406Z | 9 | PC: 12a68 | Display string (String= 'Small COM program (42 bytes) ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":15,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:04.539934297Z | 47 | PC: 12b77 | Get disk transfer address |
| 2018-12-25T12:53:04.542624018Z | 26 | PC: 12b8a | Set disk transfer address |
| 2018-12-25T12:53:04.544563488Z | 78 | PC: 12c19 | Find first file |
| 2018-12-25T12:53:04.552323113Z | 67 | PC: 12c60 | Get or set file attributes |
| 2018-12-25T12:53:04.559122396Z | 67 | PC: 12c72 | Get or set file attributes |
| 2018-12-25T12:53:04.579805564Z | 61 | PC: 12c7e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:53:04.587219055Z | 87 | PC: 12c8a | Get or set file date and time |
| 2018-12-25T12:53:04.588949368Z | 44 | PC: 12c97 | Get time 0x12c97: mov ah, 0x3f 0x12c99: mov cx, 3 0x12c9c: mov dx, 0xa 0x12c9f: nop 0x12ca0: add dx, si 0x12ca2: int 0x21 0x12ca4: jb 0x12d0a 0x12ca6: cmp ax, 3 0x12ca9: jne 0x12d0a 0x12cab: cmp word ptr [si + 0xa], 0x5a4d 0x12cb0: nop 0x12cb1: je 0x12d0a 0x12cb3: mov ax, 0x4202 0x12cb6: mov cx, 0 0x12cb9: mov dx, 0 0x12cbc: int 0x21 0x12cbe: nop 0x12cbf: jb 0x12d0a 0x12cc1: mov cx, ax 0x12cc3: sub ax, 3 |
| 2018-12-25T12:53:04.596241343Z | 63 | PC: 12ca4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:53:04.603316004Z | 66 | PC: 12cbe | Move file pointer |
| 2018-12-25T12:53:04.606062784Z | 64 | PC: 13303 | Write file or device (Write 2278 bytes on handle 5) |
| 2018-12-25T12:53:04.616902877Z | 66 | PC: 12cfb | Move file pointer |
| 2018-12-25T12:53:04.618813347Z | 64 | PC: 12d0a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:53:04.62649121Z | 87 | PC: 12d1d | Get or set file date and time |
| 2018-12-25T12:53:04.629051635Z | 62 | PC: 12d21 | Close file |
| 2018-12-25T12:53:04.638630159Z | 67 | PC: 12d30 | Get or set file attributes |
| 2018-12-25T12:53:04.650510321Z | 26 | PC: 12d3d | Set disk transfer address |
| 2018-12-25T12:53:04.653138707Z | 42 | PC: 12a9e | Get date 0x12a9e: cmp cx, 0x7cb 0x12aa2: jge 0x12aa7 0x12aa4: jmp 0x12b03 0x12aa6: nop 0x12aa7: cmp dh, 5 0x12aaa: jge 0x12aaf 0x12aac: jmp 0x12b03 0x12aae: nop 0x12aaf: cmp dl, 5 0x12ab2: jge 0x12abb 0x12ab4: jmp 0x12b03 0x12ab6: nop 0x12ab7: cmp al, 5 0x12ab9: je 0x12af6 0x12abb: mov ah, 0x2c 0x12abd: int 0x21 0x12abf: cmp ch, 0xf 0x12ac2: jb 0x12b03 0x12ac4: cmp ch, 0x13 0x12ac7: jge 0x12b03 |
| 2018-12-25T12:53:04.66455895Z | 47 | PC: 12b77 | Get disk transfer address (See above) |
| 2018-12-25T12:53:04.666061942Z | 26 | PC: 12b8a | Set disk transfer address (See above) |
| 2018-12-25T12:53:04.667897724Z | 78 | PC: 12c19 | Find first file (See above) |
| 2018-12-25T12:53:04.675326455Z | 79 | PC: 12c1f | Find next file |
| 2018-12-25T12:53:04.678723993Z | 67 | PC: 12c60 | Get or set file attributes (See above) |
| 2018-12-25T12:53:04.685149031Z | 67 | PC: 12c72 | Get or set file attributes (See above) |
| 2018-12-25T12:53:04.700612396Z | 61 | PC: 12c7e | Open file (See above) |
| 2018-12-25T12:53:04.711030313Z | 87 | PC: 12c8a | Get or set file date and time (See above) |
| 2018-12-25T12:53:04.712699833Z | 44 | PC: 12c97 | Get time (See above) |
| 2018-12-25T12:53:04.716035406Z | 63 | PC: 12ca4 | Read file or device (See above) |
| 2018-12-25T12:53:04.723638987Z | 66 | PC: 12cbe | Move file pointer (See above) |
| 2018-12-25T12:53:04.726171793Z | 64 | PC: 13303 | Write file or device (See above) |
| 2018-12-25T12:53:04.738430803Z | 66 | PC: 12cfb | Move file pointer (See above) |
| 2018-12-25T12:53:04.740144066Z | 64 | PC: 12d0a | Write file or device (See above) |
| 2018-12-25T12:53:04.747898058Z | 87 | PC: 12d1d | Get or set file date and time (See above) |
| 2018-12-25T12:53:04.750030609Z | 62 | PC: 12d21 | Close file (See above) |
| 2018-12-25T12:53:04.758666047Z | 67 | PC: 12d30 | Get or set file attributes (See above) |
| 2018-12-25T12:53:04.770178344Z | 26 | PC: 12d3d | Set disk transfer address (See above) |
| 2018-12-25T12:53:04.771930362Z | 9 | PC: 12a68 | Display string (String= 'Small COM program (42 bytes) ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":15,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:04.744274179Z | 47 | PC: 12b77 | Get disk transfer address |
| 2018-12-25T12:53:04.745636626Z | 26 | PC: 12b8a | Set disk transfer address |
| 2018-12-25T12:53:04.747093062Z | 78 | PC: 12c19 | Find first file |
| 2018-12-25T12:53:04.752711211Z | 67 | PC: 12c60 | Get or set file attributes |
| 2018-12-25T12:53:04.758368889Z | 67 | PC: 12c72 | Get or set file attributes |
| 2018-12-25T12:53:05.001964864Z | 61 | PC: 12c7e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:53:05.008843043Z | 87 | PC: 12c8a | Get or set file date and time |
| 2018-12-25T12:53:05.0105755Z | 44 | PC: 12c97 | Get time 0x12c97: mov ah, 0x3f 0x12c99: mov cx, 3 0x12c9c: mov dx, 0xa 0x12c9f: nop 0x12ca0: add dx, si 0x12ca2: int 0x21 0x12ca4: jb 0x12d0a 0x12ca6: cmp ax, 3 0x12ca9: jne 0x12d0a 0x12cab: cmp word ptr [si + 0xa], 0x5a4d 0x12cb0: nop 0x12cb1: je 0x12d0a 0x12cb3: mov ax, 0x4202 0x12cb6: mov cx, 0 0x12cb9: mov dx, 0 0x12cbc: int 0x21 0x12cbe: nop 0x12cbf: jb 0x12d0a 0x12cc1: mov cx, ax 0x12cc3: sub ax, 3 |
| 2018-12-25T12:53:05.012020754Z | 63 | PC: 12ca4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:53:05.016063703Z | 66 | PC: 12cbe | Move file pointer |
| 2018-12-25T12:53:05.017706427Z | 64 | PC: 13303 | Write file or device (Write 2278 bytes on handle 5) |
| 2018-12-25T12:53:05.023224968Z | 66 | PC: 12cfb | Move file pointer |
| 2018-12-25T12:53:05.02415817Z | 64 | PC: 12d0a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:53:05.028614104Z | 87 | PC: 12d1d | Get or set file date and time |
| 2018-12-25T12:53:05.02968379Z | 62 | PC: 12d21 | Close file |
| 2018-12-25T12:53:05.035058849Z | 67 | PC: 12d30 | Get or set file attributes |
| 2018-12-25T12:53:05.048477978Z | 26 | PC: 12d3d | Set disk transfer address |
| 2018-12-25T12:53:05.049497956Z | 42 | PC: 12a9e | Get date 0x12a9e: cmp cx, 0x7cb 0x12aa2: jge 0x12aa7 0x12aa4: jmp 0x12b03 0x12aa6: nop 0x12aa7: cmp dh, 5 0x12aaa: jge 0x12aaf 0x12aac: jmp 0x12b03 0x12aae: nop 0x12aaf: cmp dl, 5 0x12ab2: jge 0x12abb 0x12ab4: jmp 0x12b03 0x12ab6: nop 0x12ab7: cmp al, 5 0x12ab9: je 0x12af6 0x12abb: mov ah, 0x2c 0x12abd: int 0x21 0x12abf: cmp ch, 0xf 0x12ac2: jb 0x12b03 0x12ac4: cmp ch, 0x13 0x12ac7: jge 0x12b03 |
| 2018-12-25T12:53:05.051498813Z | 47 | PC: 12b77 | Get disk transfer address (See above) |
| 2018-12-25T12:53:05.05311124Z | 26 | PC: 12b8a | Set disk transfer address (See above) |
| 2018-12-25T12:53:05.054248125Z | 78 | PC: 12c19 | Find first file (See above) |
| 2018-12-25T12:53:05.059939119Z | 79 | PC: 12c1f | Find next file |
| 2018-12-25T12:53:05.062643989Z | 67 | PC: 12c60 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.068771859Z | 67 | PC: 12c72 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.078451599Z | 61 | PC: 12c7e | Open file (See above) |
| 2018-12-25T12:53:05.085079512Z | 87 | PC: 12c8a | Get or set file date and time (See above) |
| 2018-12-25T12:53:05.09135189Z | 44 | PC: 12c97 | Get time (See above) |
| 2018-12-25T12:53:05.093339701Z | 63 | PC: 12ca4 | Read file or device (See above) |
| 2018-12-25T12:53:05.099421551Z | 66 | PC: 12cbe | Move file pointer (See above) |
| 2018-12-25T12:53:05.102145495Z | 64 | PC: 13303 | Write file or device (See above) |
| 2018-12-25T12:53:05.112202388Z | 66 | PC: 12cfb | Move file pointer (See above) |
| 2018-12-25T12:53:05.113591109Z | 64 | PC: 12d0a | Write file or device (See above) |
| 2018-12-25T12:53:05.120824631Z | 87 | PC: 12d1d | Get or set file date and time (See above) |
| 2018-12-25T12:53:05.12237089Z | 62 | PC: 12d21 | Close file (See above) |
| 2018-12-25T12:53:05.12972336Z | 67 | PC: 12d30 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.137499665Z | 26 | PC: 12d3d | Set disk transfer address (See above) |
| 2018-12-25T12:53:05.13858181Z | 9 | PC: 12a68 | Display string (String= 'Small COM program (42 bytes) ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":15,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:04.78216999Z | 47 | PC: 12b77 | Get disk transfer address |
| 2018-12-25T12:53:04.784494376Z | 26 | PC: 12b8a | Set disk transfer address |
| 2018-12-25T12:53:04.786649242Z | 78 | PC: 12c19 | Find first file |
| 2018-12-25T12:53:04.793301415Z | 67 | PC: 12c60 | Get or set file attributes |
| 2018-12-25T12:53:04.799437344Z | 67 | PC: 12c72 | Get or set file attributes |
| 2018-12-25T12:53:04.817449931Z | 61 | PC: 12c7e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:53:04.82492563Z | 87 | PC: 12c8a | Get or set file date and time |
| 2018-12-25T12:53:04.826539279Z | 44 | PC: 12c97 | Get time 0x12c97: mov ah, 0x3f 0x12c99: mov cx, 3 0x12c9c: mov dx, 0xa 0x12c9f: nop 0x12ca0: add dx, si 0x12ca2: int 0x21 0x12ca4: jb 0x12d0a 0x12ca6: cmp ax, 3 0x12ca9: jne 0x12d0a 0x12cab: cmp word ptr [si + 0xa], 0x5a4d 0x12cb0: nop 0x12cb1: je 0x12d0a 0x12cb3: mov ax, 0x4202 0x12cb6: mov cx, 0 0x12cb9: mov dx, 0 0x12cbc: int 0x21 0x12cbe: nop 0x12cbf: jb 0x12d0a 0x12cc1: mov cx, ax 0x12cc3: sub ax, 3 |
| 2018-12-25T12:53:04.830116143Z | 63 | PC: 12ca4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:53:04.837734588Z | 66 | PC: 12cbe | Move file pointer |
| 2018-12-25T12:53:04.840235074Z | 64 | PC: 13303 | Write file or device (Write 2278 bytes on handle 5) |
| 2018-12-25T12:53:04.850676343Z | 66 | PC: 12cfb | Move file pointer |
| 2018-12-25T12:53:04.852217348Z | 64 | PC: 12d0a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:53:04.859533795Z | 87 | PC: 12d1d | Get or set file date and time |
| 2018-12-25T12:53:04.8616726Z | 62 | PC: 12d21 | Close file |
| 2018-12-25T12:53:04.870856085Z | 67 | PC: 12d30 | Get or set file attributes |
| 2018-12-25T12:53:04.881703315Z | 26 | PC: 12d3d | Set disk transfer address |
| 2018-12-25T12:53:04.883747065Z | 42 | PC: 12a9e | Get date 0x12a9e: cmp cx, 0x7cb 0x12aa2: jge 0x12aa7 0x12aa4: jmp 0x12b03 0x12aa6: nop 0x12aa7: cmp dh, 5 0x12aaa: jge 0x12aaf 0x12aac: jmp 0x12b03 0x12aae: nop 0x12aaf: cmp dl, 5 0x12ab2: jge 0x12abb 0x12ab4: jmp 0x12b03 0x12ab6: nop 0x12ab7: cmp al, 5 0x12ab9: je 0x12af6 0x12abb: mov ah, 0x2c 0x12abd: int 0x21 0x12abf: cmp ch, 0xf 0x12ac2: jb 0x12b03 0x12ac4: cmp ch, 0x13 0x12ac7: jge 0x12b03 |
| 2018-12-25T12:53:04.889366692Z | 47 | PC: 12b77 | Get disk transfer address (See above) |
| 2018-12-25T12:53:04.891209878Z | 26 | PC: 12b8a | Set disk transfer address (See above) |
| 2018-12-25T12:53:04.893589198Z | 78 | PC: 12c19 | Find first file (See above) |
| 2018-12-25T12:53:04.89791078Z | 79 | PC: 12c1f | Find next file |
| 2018-12-25T12:53:04.899859158Z | 67 | PC: 12c60 | Get or set file attributes (See above) |
| 2018-12-25T12:53:04.904111357Z | 67 | PC: 12c72 | Get or set file attributes (See above) |
| 2018-12-25T12:53:04.92221037Z | 61 | PC: 12c7e | Open file (See above) |
| 2018-12-25T12:53:04.926692571Z | 87 | PC: 12c8a | Get or set file date and time (See above) |
| 2018-12-25T12:53:04.927896017Z | 44 | PC: 12c97 | Get time (See above) |
| 2018-12-25T12:53:04.930170247Z | 63 | PC: 12ca4 | Read file or device (See above) |
| 2018-12-25T12:53:04.934742278Z | 66 | PC: 12cbe | Move file pointer (See above) |
| 2018-12-25T12:53:04.936442564Z | 64 | PC: 13303 | Write file or device (See above) |
| 2018-12-25T12:53:04.943115024Z | 66 | PC: 12cfb | Move file pointer (See above) |
| 2018-12-25T12:53:04.944462901Z | 64 | PC: 12d0a | Write file or device (See above) |
| 2018-12-25T12:53:04.950201542Z | 87 | PC: 12d1d | Get or set file date and time (See above) |
| 2018-12-25T12:53:04.953188355Z | 62 | PC: 12d21 | Close file (See above) |
| 2018-12-25T12:53:04.963065665Z | 67 | PC: 12d30 | Get or set file attributes (See above) |
| 2018-12-25T12:53:04.974842366Z | 26 | PC: 12d3d | Set disk transfer address (See above) |
| 2018-12-25T12:53:04.977153436Z | 9 | PC: 12a68 | Display string (String= 'Small COM program (42 bytes) ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":15,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:04.939071449Z | 47 | PC: 12b77 | Get disk transfer address |
| 2018-12-25T12:53:04.940199364Z | 26 | PC: 12b8a | Set disk transfer address |
| 2018-12-25T12:53:04.940930036Z | 78 | PC: 12c19 | Find first file |
| 2018-12-25T12:53:04.944517054Z | 67 | PC: 12c60 | Get or set file attributes |
| 2018-12-25T12:53:04.948197915Z | 67 | PC: 12c72 | Get or set file attributes |
| 2018-12-25T12:53:05.001239393Z | 61 | PC: 12c7e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:53:05.008272181Z | 87 | PC: 12c8a | Get or set file date and time |
| 2018-12-25T12:53:05.012764128Z | 44 | PC: 12c97 | Get time 0x12c97: mov ah, 0x3f 0x12c99: mov cx, 3 0x12c9c: mov dx, 0xa 0x12c9f: nop 0x12ca0: add dx, si 0x12ca2: int 0x21 0x12ca4: jb 0x12d0a 0x12ca6: cmp ax, 3 0x12ca9: jne 0x12d0a 0x12cab: cmp word ptr [si + 0xa], 0x5a4d 0x12cb0: nop 0x12cb1: je 0x12d0a 0x12cb3: mov ax, 0x4202 0x12cb6: mov cx, 0 0x12cb9: mov dx, 0 0x12cbc: int 0x21 0x12cbe: nop 0x12cbf: jb 0x12d0a 0x12cc1: mov cx, ax 0x12cc3: sub ax, 3 |
| 2018-12-25T12:53:05.014810622Z | 63 | PC: 12ca4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:53:05.026105489Z | 66 | PC: 12cbe | Move file pointer |
| 2018-12-25T12:53:05.027993109Z | 64 | PC: 13303 | Write file or device (Write 2278 bytes on handle 5) |
| 2018-12-25T12:53:05.037575508Z | 66 | PC: 12cfb | Move file pointer |
| 2018-12-25T12:53:05.038851481Z | 64 | PC: 12d0a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:53:05.050231867Z | 87 | PC: 12d1d | Get or set file date and time |
| 2018-12-25T12:53:05.05229121Z | 62 | PC: 12d21 | Close file |
| 2018-12-25T12:53:05.059861529Z | 67 | PC: 12d30 | Get or set file attributes |
| 2018-12-25T12:53:05.069765674Z | 26 | PC: 12d3d | Set disk transfer address |
| 2018-12-25T12:53:05.071535294Z | 42 | PC: 12a9e | Get date 0x12a9e: cmp cx, 0x7cb 0x12aa2: jge 0x12aa7 0x12aa4: jmp 0x12b03 0x12aa6: nop 0x12aa7: cmp dh, 5 0x12aaa: jge 0x12aaf 0x12aac: jmp 0x12b03 0x12aae: nop 0x12aaf: cmp dl, 5 0x12ab2: jge 0x12abb 0x12ab4: jmp 0x12b03 0x12ab6: nop 0x12ab7: cmp al, 5 0x12ab9: je 0x12af6 0x12abb: mov ah, 0x2c 0x12abd: int 0x21 0x12abf: cmp ch, 0xf 0x12ac2: jb 0x12b03 0x12ac4: cmp ch, 0x13 0x12ac7: jge 0x12b03 |
| 2018-12-25T12:53:05.073458863Z | 47 | PC: 12b77 | Get disk transfer address (See above) |
| 2018-12-25T12:53:05.074383995Z | 26 | PC: 12b8a | Set disk transfer address (See above) |
| 2018-12-25T12:53:05.080279574Z | 78 | PC: 12c19 | Find first file (See above) |
| 2018-12-25T12:53:05.086190607Z | 79 | PC: 12c1f | Find next file |
| 2018-12-25T12:53:05.088827467Z | 67 | PC: 12c60 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.092937783Z | 67 | PC: 12c72 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.100214259Z | 61 | PC: 12c7e | Open file (See above) |
| 2018-12-25T12:53:05.109163198Z | 87 | PC: 12c8a | Get or set file date and time (See above) |
| 2018-12-25T12:53:05.115541167Z | 44 | PC: 12c97 | Get time (See above) |
| 2018-12-25T12:53:05.118022266Z | 63 | PC: 12ca4 | Read file or device (See above) |
| 2018-12-25T12:53:05.124465782Z | 66 | PC: 12cbe | Move file pointer (See above) |
| 2018-12-25T12:53:05.126973885Z | 64 | PC: 13303 | Write file or device (See above) |
| 2018-12-25T12:53:05.13334839Z | 66 | PC: 12cfb | Move file pointer (See above) |
| 2018-12-25T12:53:05.1407727Z | 64 | PC: 12d0a | Write file or device (See above) |
| 2018-12-25T12:53:05.147883518Z | 87 | PC: 12d1d | Get or set file date and time (See above) |
| 2018-12-25T12:53:05.14944283Z | 62 | PC: 12d21 | Close file (See above) |
| 2018-12-25T12:53:05.1569192Z | 67 | PC: 12d30 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.164882682Z | 26 | PC: 12d3d | Set disk transfer address (See above) |
| 2018-12-25T12:53:05.166048415Z | 9 | PC: 12a68 | Display string (String= 'Small COM program (42 bytes) ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":15,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:04.9950951Z | 47 | PC: 12b77 | Get disk transfer address |
| 2018-12-25T12:53:04.996313164Z | 26 | PC: 12b8a | Set disk transfer address |
| 2018-12-25T12:53:04.997424819Z | 78 | PC: 12c19 | Find first file |
| 2018-12-25T12:53:05.001563996Z | 67 | PC: 12c60 | Get or set file attributes |
| 2018-12-25T12:53:05.005680811Z | 67 | PC: 12c72 | Get or set file attributes |
| 2018-12-25T12:53:05.018224072Z | 61 | PC: 12c7e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:53:05.029240444Z | 87 | PC: 12c8a | Get or set file date and time |
| 2018-12-25T12:53:05.033129002Z | 44 | PC: 12c97 | Get time 0x12c97: mov ah, 0x3f 0x12c99: mov cx, 3 0x12c9c: mov dx, 0xa 0x12c9f: nop 0x12ca0: add dx, si 0x12ca2: int 0x21 0x12ca4: jb 0x12d0a 0x12ca6: cmp ax, 3 0x12ca9: jne 0x12d0a 0x12cab: cmp word ptr [si + 0xa], 0x5a4d 0x12cb0: nop 0x12cb1: je 0x12d0a 0x12cb3: mov ax, 0x4202 0x12cb6: mov cx, 0 0x12cb9: mov dx, 0 0x12cbc: int 0x21 0x12cbe: nop 0x12cbf: jb 0x12d0a 0x12cc1: mov cx, ax 0x12cc3: sub ax, 3 |
| 2018-12-25T12:53:05.035130436Z | 63 | PC: 12ca4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:53:05.041577876Z | 66 | PC: 12cbe | Move file pointer |
| 2018-12-25T12:53:05.049956693Z | 64 | PC: 13303 | Write file or device (Write 2278 bytes on handle 5) |
| 2018-12-25T12:53:05.0587527Z | 66 | PC: 12cfb | Move file pointer |
| 2018-12-25T12:53:05.060166021Z | 64 | PC: 12d0a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:53:05.066655834Z | 87 | PC: 12d1d | Get or set file date and time |
| 2018-12-25T12:53:05.068201298Z | 62 | PC: 12d21 | Close file |
| 2018-12-25T12:53:05.075693808Z | 67 | PC: 12d30 | Get or set file attributes |
| 2018-12-25T12:53:05.085314636Z | 26 | PC: 12d3d | Set disk transfer address |
| 2018-12-25T12:53:05.087565387Z | 42 | PC: 12a9e | Get date 0x12a9e: cmp cx, 0x7cb 0x12aa2: jge 0x12aa7 0x12aa4: jmp 0x12b03 0x12aa6: nop 0x12aa7: cmp dh, 5 0x12aaa: jge 0x12aaf 0x12aac: jmp 0x12b03 0x12aae: nop 0x12aaf: cmp dl, 5 0x12ab2: jge 0x12abb 0x12ab4: jmp 0x12b03 0x12ab6: nop 0x12ab7: cmp al, 5 0x12ab9: je 0x12af6 0x12abb: mov ah, 0x2c 0x12abd: int 0x21 0x12abf: cmp ch, 0xf 0x12ac2: jb 0x12b03 0x12ac4: cmp ch, 0x13 0x12ac7: jge 0x12b03 |
| 2018-12-25T12:53:05.089713389Z | 47 | PC: 12b77 | Get disk transfer address (See above) |
| 2018-12-25T12:53:05.090748548Z | 26 | PC: 12b8a | Set disk transfer address (See above) |
| 2018-12-25T12:53:05.092360805Z | 78 | PC: 12c19 | Find first file (See above) |
| 2018-12-25T12:53:05.098175754Z | 79 | PC: 12c1f | Find next file |
| 2018-12-25T12:53:05.101022758Z | 67 | PC: 12c60 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.106914296Z | 67 | PC: 12c72 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.117730221Z | 61 | PC: 12c7e | Open file (See above) |
| 2018-12-25T12:53:05.122700011Z | 87 | PC: 12c8a | Get or set file date and time (See above) |
| 2018-12-25T12:53:05.124583865Z | 44 | PC: 12c97 | Get time (See above) |
| 2018-12-25T12:53:05.126578785Z | 63 | PC: 12ca4 | Read file or device (See above) |
| 2018-12-25T12:53:05.132895054Z | 66 | PC: 12cbe | Move file pointer (See above) |
| 2018-12-25T12:53:05.136011681Z | 64 | PC: 13303 | Write file or device (See above) |
| 2018-12-25T12:53:05.145595667Z | 66 | PC: 12cfb | Move file pointer (See above) |
| 2018-12-25T12:53:05.147037271Z | 64 | PC: 12d0a | Write file or device (See above) |
| 2018-12-25T12:53:05.154131292Z | 87 | PC: 12d1d | Get or set file date and time (See above) |
| 2018-12-25T12:53:05.155642279Z | 62 | PC: 12d21 | Close file (See above) |
| 2018-12-25T12:53:05.163109935Z | 67 | PC: 12d30 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.173505197Z | 26 | PC: 12d3d | Set disk transfer address (See above) |
| 2018-12-25T12:53:05.174631092Z | 9 | PC: 12a68 | Display string (String= 'Small COM program (42 bytes) ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":19,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:05.044107452Z | 47 | PC: 12b77 | Get disk transfer address |
| 2018-12-25T12:53:05.046451423Z | 26 | PC: 12b8a | Set disk transfer address |
| 2018-12-25T12:53:05.04798049Z | 78 | PC: 12c19 | Find first file |
| 2018-12-25T12:53:05.056319456Z | 67 | PC: 12c60 | Get or set file attributes |
| 2018-12-25T12:53:05.063342924Z | 67 | PC: 12c72 | Get or set file attributes |
| 2018-12-25T12:53:05.08113246Z | 61 | PC: 12c7e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:53:05.088911358Z | 87 | PC: 12c8a | Get or set file date and time |
| 2018-12-25T12:53:05.090706045Z | 44 | PC: 12c97 | Get time 0x12c97: mov ah, 0x3f 0x12c99: mov cx, 3 0x12c9c: mov dx, 0xa 0x12c9f: nop 0x12ca0: add dx, si 0x12ca2: int 0x21 0x12ca4: jb 0x12d0a 0x12ca6: cmp ax, 3 0x12ca9: jne 0x12d0a 0x12cab: cmp word ptr [si + 0xa], 0x5a4d 0x12cb0: nop 0x12cb1: je 0x12d0a 0x12cb3: mov ax, 0x4202 0x12cb6: mov cx, 0 0x12cb9: mov dx, 0 0x12cbc: int 0x21 0x12cbe: nop 0x12cbf: jb 0x12d0a 0x12cc1: mov cx, ax 0x12cc3: sub ax, 3 |
| 2018-12-25T12:53:05.094582881Z | 63 | PC: 12ca4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:53:05.102721762Z | 66 | PC: 12cbe | Move file pointer |
| 2018-12-25T12:53:05.105672824Z | 64 | PC: 13303 | Write file or device (Write 2278 bytes on handle 5) |
| 2018-12-25T12:53:05.116940172Z | 66 | PC: 12cfb | Move file pointer |
| 2018-12-25T12:53:05.118672365Z | 64 | PC: 12d0a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:53:05.126112635Z | 87 | PC: 12d1d | Get or set file date and time |
| 2018-12-25T12:53:05.139044769Z | 62 | PC: 12d21 | Close file |
| 2018-12-25T12:53:05.153340368Z | 67 | PC: 12d30 | Get or set file attributes |
| 2018-12-25T12:53:05.16449929Z | 26 | PC: 12d3d | Set disk transfer address |
| 2018-12-25T12:53:05.167211753Z | 42 | PC: 12a9e | Get date 0x12a9e: cmp cx, 0x7cb 0x12aa2: jge 0x12aa7 0x12aa4: jmp 0x12b03 0x12aa6: nop 0x12aa7: cmp dh, 5 0x12aaa: jge 0x12aaf 0x12aac: jmp 0x12b03 0x12aae: nop 0x12aaf: cmp dl, 5 0x12ab2: jge 0x12abb 0x12ab4: jmp 0x12b03 0x12ab6: nop 0x12ab7: cmp al, 5 0x12ab9: je 0x12af6 0x12abb: mov ah, 0x2c 0x12abd: int 0x21 0x12abf: cmp ch, 0xf 0x12ac2: jb 0x12b03 0x12ac4: cmp ch, 0x13 0x12ac7: jge 0x12b03 |
| 2018-12-25T12:53:05.171083455Z | 47 | PC: 12b77 | Get disk transfer address (See above) |
| 2018-12-25T12:53:05.174660218Z | 26 | PC: 12b8a | Set disk transfer address (See above) |
| 2018-12-25T12:53:05.177065515Z | 78 | PC: 12c19 | Find first file (See above) |
| 2018-12-25T12:53:05.184869475Z | 79 | PC: 12c1f | Find next file |
| 2018-12-25T12:53:05.188098645Z | 67 | PC: 12c60 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.194638231Z | 67 | PC: 12c72 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.207109897Z | 61 | PC: 12c7e | Open file (See above) |
| 2018-12-25T12:53:05.21496305Z | 87 | PC: 12c8a | Get or set file date and time (See above) |
| 2018-12-25T12:53:05.216691229Z | 44 | PC: 12c97 | Get time (See above) |
| 2018-12-25T12:53:05.220086975Z | 63 | PC: 12ca4 | Read file or device (See above) |
| 2018-12-25T12:53:05.227999201Z | 66 | PC: 12cbe | Move file pointer (See above) |
| 2018-12-25T12:53:05.230919549Z | 64 | PC: 13303 | Write file or device (See above) |
| 2018-12-25T12:53:05.242949544Z | 66 | PC: 12cfb | Move file pointer (See above) |
| 2018-12-25T12:53:05.244939922Z | 64 | PC: 12d0a | Write file or device (See above) |
| 2018-12-25T12:53:05.252771358Z | 87 | PC: 12d1d | Get or set file date and time (See above) |
| 2018-12-25T12:53:05.25526665Z | 62 | PC: 12d21 | Close file (See above) |
| 2018-12-25T12:53:05.265092627Z | 67 | PC: 12d30 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.291844619Z | 26 | PC: 12d3d | Set disk transfer address (See above) |
| 2018-12-25T12:53:05.29382468Z | 9 | PC: 12a68 | Display string (String= 'Small COM program (42 bytes) ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":19,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:05.191821518Z | 47 | PC: 12b77 | Get disk transfer address |
| 2018-12-25T12:53:05.193888109Z | 26 | PC: 12b8a | Set disk transfer address |
| 2018-12-25T12:53:05.196722024Z | 78 | PC: 12c19 | Find first file |
| 2018-12-25T12:53:05.204861305Z | 67 | PC: 12c60 | Get or set file attributes |
| 2018-12-25T12:53:05.211669513Z | 67 | PC: 12c72 | Get or set file attributes |
| 2018-12-25T12:53:05.232063369Z | 61 | PC: 12c7e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:53:05.240772047Z | 87 | PC: 12c8a | Get or set file date and time |
| 2018-12-25T12:53:05.24298928Z | 44 | PC: 12c97 | Get time 0x12c97: mov ah, 0x3f 0x12c99: mov cx, 3 0x12c9c: mov dx, 0xa 0x12c9f: nop 0x12ca0: add dx, si 0x12ca2: int 0x21 0x12ca4: jb 0x12d0a 0x12ca6: cmp ax, 3 0x12ca9: jne 0x12d0a 0x12cab: cmp word ptr [si + 0xa], 0x5a4d 0x12cb0: nop 0x12cb1: je 0x12d0a 0x12cb3: mov ax, 0x4202 0x12cb6: mov cx, 0 0x12cb9: mov dx, 0 0x12cbc: int 0x21 0x12cbe: nop 0x12cbf: jb 0x12d0a 0x12cc1: mov cx, ax 0x12cc3: sub ax, 3 |
| 2018-12-25T12:53:05.246408836Z | 63 | PC: 12ca4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:53:05.253779425Z | 66 | PC: 12cbe | Move file pointer |
| 2018-12-25T12:53:05.256558828Z | 64 | PC: 13303 | Write file or device (Write 2278 bytes on handle 5) |
| 2018-12-25T12:53:05.267564779Z | 66 | PC: 12cfb | Move file pointer |
| 2018-12-25T12:53:05.269163593Z | 64 | PC: 12d0a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:53:05.276544112Z | 87 | PC: 12d1d | Get or set file date and time |
| 2018-12-25T12:53:05.279293951Z | 62 | PC: 12d21 | Close file |
| 2018-12-25T12:53:05.30069185Z | 67 | PC: 12d30 | Get or set file attributes |
| 2018-12-25T12:53:05.312001158Z | 26 | PC: 12d3d | Set disk transfer address |
| 2018-12-25T12:53:05.314915846Z | 42 | PC: 12a9e | Get date 0x12a9e: cmp cx, 0x7cb 0x12aa2: jge 0x12aa7 0x12aa4: jmp 0x12b03 0x12aa6: nop 0x12aa7: cmp dh, 5 0x12aaa: jge 0x12aaf 0x12aac: jmp 0x12b03 0x12aae: nop 0x12aaf: cmp dl, 5 0x12ab2: jge 0x12abb 0x12ab4: jmp 0x12b03 0x12ab6: nop 0x12ab7: cmp al, 5 0x12ab9: je 0x12af6 0x12abb: mov ah, 0x2c 0x12abd: int 0x21 0x12abf: cmp ch, 0xf 0x12ac2: jb 0x12b03 0x12ac4: cmp ch, 0x13 0x12ac7: jge 0x12b03 |
| 2018-12-25T12:53:05.31791813Z | 47 | PC: 12b77 | Get disk transfer address (See above) |
| 2018-12-25T12:53:05.31943563Z | 26 | PC: 12b8a | Set disk transfer address (See above) |
| 2018-12-25T12:53:05.321276699Z | 78 | PC: 12c19 | Find first file (See above) |
| 2018-12-25T12:53:05.328699107Z | 79 | PC: 12c1f | Find next file |
| 2018-12-25T12:53:05.331627116Z | 67 | PC: 12c60 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.338109654Z | 67 | PC: 12c72 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.349439344Z | 61 | PC: 12c7e | Open file (See above) |
| 2018-12-25T12:53:05.357350972Z | 87 | PC: 12c8a | Get or set file date and time (See above) |
| 2018-12-25T12:53:05.358962695Z | 44 | PC: 12c97 | Get time (See above) |
| 2018-12-25T12:53:05.362229078Z | 63 | PC: 12ca4 | Read file or device (See above) |
| 2018-12-25T12:53:05.369969948Z | 66 | PC: 12cbe | Move file pointer (See above) |
| 2018-12-25T12:53:05.373057176Z | 64 | PC: 13303 | Write file or device (See above) |
| 2018-12-25T12:53:05.385323809Z | 66 | PC: 12cfb | Move file pointer (See above) |
| 2018-12-25T12:53:05.386845908Z | 64 | PC: 12d0a | Write file or device (See above) |
| 2018-12-25T12:53:05.394473022Z | 87 | PC: 12d1d | Get or set file date and time (See above) |
| 2018-12-25T12:53:05.397568866Z | 62 | PC: 12d21 | Close file (See above) |
| 2018-12-25T12:53:05.406544947Z | 67 | PC: 12d30 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.417997604Z | 26 | PC: 12d3d | Set disk transfer address (See above) |
| 2018-12-25T12:53:05.419990433Z | 9 | PC: 12a68 | Display string (String= 'Small COM program (42 bytes) ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":19,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:05.207168875Z | 47 | PC: 12b77 | Get disk transfer address |
| 2018-12-25T12:53:05.210568407Z | 26 | PC: 12b8a | Set disk transfer address |
| 2018-12-25T12:53:05.211975094Z | 78 | PC: 12c19 | Find first file |
| 2018-12-25T12:53:05.217709305Z | 67 | PC: 12c60 | Get or set file attributes |
| 2018-12-25T12:53:05.22352214Z | 67 | PC: 12c72 | Get or set file attributes |
| 2018-12-25T12:53:05.242016936Z | 61 | PC: 12c7e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:53:05.248920685Z | 87 | PC: 12c8a | Get or set file date and time |
| 2018-12-25T12:53:05.250296224Z | 44 | PC: 12c97 | Get time 0x12c97: mov ah, 0x3f 0x12c99: mov cx, 3 0x12c9c: mov dx, 0xa 0x12c9f: nop 0x12ca0: add dx, si 0x12ca2: int 0x21 0x12ca4: jb 0x12d0a 0x12ca6: cmp ax, 3 0x12ca9: jne 0x12d0a 0x12cab: cmp word ptr [si + 0xa], 0x5a4d 0x12cb0: nop 0x12cb1: je 0x12d0a 0x12cb3: mov ax, 0x4202 0x12cb6: mov cx, 0 0x12cb9: mov dx, 0 0x12cbc: int 0x21 0x12cbe: nop 0x12cbf: jb 0x12d0a 0x12cc1: mov cx, ax 0x12cc3: sub ax, 3 |
| 2018-12-25T12:53:05.251680242Z | 63 | PC: 12ca4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:53:05.255562652Z | 66 | PC: 12cbe | Move file pointer |
| 2018-12-25T12:53:05.257227368Z | 64 | PC: 13303 | Write file or device (Write 2278 bytes on handle 5) |
| 2018-12-25T12:53:05.263461055Z | 66 | PC: 12cfb | Move file pointer |
| 2018-12-25T12:53:05.265261402Z | 64 | PC: 12d0a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:53:05.273039442Z | 87 | PC: 12d1d | Get or set file date and time |
| 2018-12-25T12:53:05.275323911Z | 62 | PC: 12d21 | Close file |
| 2018-12-25T12:53:05.283301515Z | 67 | PC: 12d30 | Get or set file attributes |
| 2018-12-25T12:53:05.293618683Z | 26 | PC: 12d3d | Set disk transfer address |
| 2018-12-25T12:53:05.295740445Z | 42 | PC: 12a9e | Get date 0x12a9e: cmp cx, 0x7cb 0x12aa2: jge 0x12aa7 0x12aa4: jmp 0x12b03 0x12aa6: nop 0x12aa7: cmp dh, 5 0x12aaa: jge 0x12aaf 0x12aac: jmp 0x12b03 0x12aae: nop 0x12aaf: cmp dl, 5 0x12ab2: jge 0x12abb 0x12ab4: jmp 0x12b03 0x12ab6: nop 0x12ab7: cmp al, 5 0x12ab9: je 0x12af6 0x12abb: mov ah, 0x2c 0x12abd: int 0x21 0x12abf: cmp ch, 0xf 0x12ac2: jb 0x12b03 0x12ac4: cmp ch, 0x13 0x12ac7: jge 0x12b03 |
| 2018-12-25T12:53:05.298166147Z | 47 | PC: 12b77 | Get disk transfer address (See above) |
| 2018-12-25T12:53:05.299587282Z | 26 | PC: 12b8a | Set disk transfer address (See above) |
| 2018-12-25T12:53:05.301247091Z | 78 | PC: 12c19 | Find first file (See above) |
| 2018-12-25T12:53:05.306975026Z | 79 | PC: 12c1f | Find next file |
| 2018-12-25T12:53:05.3093802Z | 67 | PC: 12c60 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.315390998Z | 67 | PC: 12c72 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.327530643Z | 61 | PC: 12c7e | Open file (See above) |
| 2018-12-25T12:53:05.334623257Z | 87 | PC: 12c8a | Get or set file date and time (See above) |
| 2018-12-25T12:53:05.337145466Z | 44 | PC: 12c97 | Get time (See above) |
| 2018-12-25T12:53:05.339214463Z | 63 | PC: 12ca4 | Read file or device (See above) |
| 2018-12-25T12:53:05.3453692Z | 66 | PC: 12cbe | Move file pointer (See above) |
| 2018-12-25T12:53:05.347707852Z | 64 | PC: 13303 | Write file or device (See above) |
| 2018-12-25T12:53:05.35654393Z | 66 | PC: 12cfb | Move file pointer (See above) |
| 2018-12-25T12:53:05.357776196Z | 64 | PC: 12d0a | Write file or device (See above) |
| 2018-12-25T12:53:05.363740763Z | 87 | PC: 12d1d | Get or set file date and time (See above) |
| 2018-12-25T12:53:05.364768483Z | 62 | PC: 12d21 | Close file (See above) |
| 2018-12-25T12:53:05.369601349Z | 67 | PC: 12d30 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.375821486Z | 26 | PC: 12d3d | Set disk transfer address (See above) |
| 2018-12-25T12:53:05.376586158Z | 9 | PC: 12a68 | Display string (String= 'Small COM program (42 bytes) ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":19,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:05.552943889Z | 47 | PC: 12b77 | Get disk transfer address |
| 2018-12-25T12:53:05.554195089Z | 26 | PC: 12b8a | Set disk transfer address |
| 2018-12-25T12:53:05.555222719Z | 78 | PC: 12c19 | Find first file |
| 2018-12-25T12:53:05.560982627Z | 67 | PC: 12c60 | Get or set file attributes |
| 2018-12-25T12:53:05.566665845Z | 67 | PC: 12c72 | Get or set file attributes |
| 2018-12-25T12:53:05.58385798Z | 61 | PC: 12c7e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:53:05.594719285Z | 87 | PC: 12c8a | Get or set file date and time |
| 2018-12-25T12:53:05.596998086Z | 44 | PC: 12c97 | Get time 0x12c97: mov ah, 0x3f 0x12c99: mov cx, 3 0x12c9c: mov dx, 0xa 0x12c9f: nop 0x12ca0: add dx, si 0x12ca2: int 0x21 0x12ca4: jb 0x12d0a 0x12ca6: cmp ax, 3 0x12ca9: jne 0x12d0a 0x12cab: cmp word ptr [si + 0xa], 0x5a4d 0x12cb0: nop 0x12cb1: je 0x12d0a 0x12cb3: mov ax, 0x4202 0x12cb6: mov cx, 0 0x12cb9: mov dx, 0 0x12cbc: int 0x21 0x12cbe: nop 0x12cbf: jb 0x12d0a 0x12cc1: mov cx, ax 0x12cc3: sub ax, 3 |
| 2018-12-25T12:53:05.598871873Z | 63 | PC: 12ca4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:53:05.604776418Z | 66 | PC: 12cbe | Move file pointer |
| 2018-12-25T12:53:05.607297503Z | 64 | PC: 13303 | Write file or device (Write 2278 bytes on handle 5) |
| 2018-12-25T12:53:05.615972182Z | 66 | PC: 12cfb | Move file pointer |
| 2018-12-25T12:53:05.617277965Z | 64 | PC: 12d0a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:53:05.62484789Z | 87 | PC: 12d1d | Get or set file date and time |
| 2018-12-25T12:53:05.626364992Z | 62 | PC: 12d21 | Close file |
| 2018-12-25T12:53:05.633809677Z | 67 | PC: 12d30 | Get or set file attributes |
| 2018-12-25T12:53:05.640879978Z | 26 | PC: 12d3d | Set disk transfer address |
| 2018-12-25T12:53:05.641912013Z | 42 | PC: 12a9e | Get date 0x12a9e: cmp cx, 0x7cb 0x12aa2: jge 0x12aa7 0x12aa4: jmp 0x12b03 0x12aa6: nop 0x12aa7: cmp dh, 5 0x12aaa: jge 0x12aaf 0x12aac: jmp 0x12b03 0x12aae: nop 0x12aaf: cmp dl, 5 0x12ab2: jge 0x12abb 0x12ab4: jmp 0x12b03 0x12ab6: nop 0x12ab7: cmp al, 5 0x12ab9: je 0x12af6 0x12abb: mov ah, 0x2c 0x12abd: int 0x21 0x12abf: cmp ch, 0xf 0x12ac2: jb 0x12b03 0x12ac4: cmp ch, 0x13 0x12ac7: jge 0x12b03 |
| 2018-12-25T12:53:05.643948852Z | 47 | PC: 12b77 | Get disk transfer address (See above) |
| 2018-12-25T12:53:05.645279005Z | 26 | PC: 12b8a | Set disk transfer address (See above) |
| 2018-12-25T12:53:05.646443126Z | 78 | PC: 12c19 | Find first file (See above) |
| 2018-12-25T12:53:05.652122343Z | 79 | PC: 12c1f | Find next file |
| 2018-12-25T12:53:05.654464316Z | 67 | PC: 12c60 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.657911971Z | 67 | PC: 12c72 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.665696365Z | 61 | PC: 12c7e | Open file (See above) |
| 2018-12-25T12:53:05.673864889Z | 87 | PC: 12c8a | Get or set file date and time (See above) |
| 2018-12-25T12:53:05.674888747Z | 44 | PC: 12c97 | Get time (See above) |
| 2018-12-25T12:53:05.676477363Z | 63 | PC: 12ca4 | Read file or device (See above) |
| 2018-12-25T12:53:05.682752145Z | 66 | PC: 12cbe | Move file pointer (See above) |
| 2018-12-25T12:53:05.684756496Z | 64 | PC: 13303 | Write file or device (See above) |
| 2018-12-25T12:53:05.693431314Z | 66 | PC: 12cfb | Move file pointer (See above) |
| 2018-12-25T12:53:05.694617012Z | 64 | PC: 12d0a | Write file or device (See above) |
| 2018-12-25T12:53:05.701049167Z | 87 | PC: 12d1d | Get or set file date and time (See above) |
| 2018-12-25T12:53:05.702382063Z | 62 | PC: 12d21 | Close file (See above) |
| 2018-12-25T12:53:05.709759259Z | 67 | PC: 12d30 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.716062483Z | 26 | PC: 12d3d | Set disk transfer address (See above) |
| 2018-12-25T12:53:05.716830992Z | 9 | PC: 12a68 | Display string (String= 'Small COM program (42 bytes) ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":19,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:05.718840848Z | 47 | PC: 12b77 | Get disk transfer address |
| 2018-12-25T12:53:05.721374093Z | 26 | PC: 12b8a | Set disk transfer address |
| 2018-12-25T12:53:05.724710884Z | 78 | PC: 12c19 | Find first file |
| 2018-12-25T12:53:05.732301501Z | 67 | PC: 12c60 | Get or set file attributes |
| 2018-12-25T12:53:05.739211264Z | 67 | PC: 12c72 | Get or set file attributes |
| 2018-12-25T12:53:05.763071455Z | 61 | PC: 12c7e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:53:05.771321333Z | 87 | PC: 12c8a | Get or set file date and time |
| 2018-12-25T12:53:05.772889237Z | 44 | PC: 12c97 | Get time 0x12c97: mov ah, 0x3f 0x12c99: mov cx, 3 0x12c9c: mov dx, 0xa 0x12c9f: nop 0x12ca0: add dx, si 0x12ca2: int 0x21 0x12ca4: jb 0x12d0a 0x12ca6: cmp ax, 3 0x12ca9: jne 0x12d0a 0x12cab: cmp word ptr [si + 0xa], 0x5a4d 0x12cb0: nop 0x12cb1: je 0x12d0a 0x12cb3: mov ax, 0x4202 0x12cb6: mov cx, 0 0x12cb9: mov dx, 0 0x12cbc: int 0x21 0x12cbe: nop 0x12cbf: jb 0x12d0a 0x12cc1: mov cx, ax 0x12cc3: sub ax, 3 |
| 2018-12-25T12:53:05.776613869Z | 63 | PC: 12ca4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:53:05.783813614Z | 66 | PC: 12cbe | Move file pointer |
| 2018-12-25T12:53:05.786297946Z | 64 | PC: 13303 | Write file or device (Write 2278 bytes on handle 5) |
| 2018-12-25T12:53:05.796795566Z | 66 | PC: 12cfb | Move file pointer |
| 2018-12-25T12:53:05.799084842Z | 64 | PC: 12d0a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:53:05.807309196Z | 87 | PC: 12d1d | Get or set file date and time |
| 2018-12-25T12:53:05.810035906Z | 62 | PC: 12d21 | Close file |
| 2018-12-25T12:53:05.818645297Z | 67 | PC: 12d30 | Get or set file attributes |
| 2018-12-25T12:53:05.82953957Z | 26 | PC: 12d3d | Set disk transfer address |
| 2018-12-25T12:53:05.831017892Z | 42 | PC: 12a9e | Get date 0x12a9e: cmp cx, 0x7cb 0x12aa2: jge 0x12aa7 0x12aa4: jmp 0x12b03 0x12aa6: nop 0x12aa7: cmp dh, 5 0x12aaa: jge 0x12aaf 0x12aac: jmp 0x12b03 0x12aae: nop 0x12aaf: cmp dl, 5 0x12ab2: jge 0x12abb 0x12ab4: jmp 0x12b03 0x12ab6: nop 0x12ab7: cmp al, 5 0x12ab9: je 0x12af6 0x12abb: mov ah, 0x2c 0x12abd: int 0x21 0x12abf: cmp ch, 0xf 0x12ac2: jb 0x12b03 0x12ac4: cmp ch, 0x13 0x12ac7: jge 0x12b03 |
| 2018-12-25T12:53:05.834301985Z | 47 | PC: 12b77 | Get disk transfer address (See above) |
| 2018-12-25T12:53:05.835671563Z | 26 | PC: 12b8a | Set disk transfer address (See above) |
| 2018-12-25T12:53:05.837909134Z | 78 | PC: 12c19 | Find first file (See above) |
| 2018-12-25T12:53:05.845573081Z | 79 | PC: 12c1f | Find next file |
| 2018-12-25T12:53:05.848966882Z | 67 | PC: 12c60 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.855628296Z | 67 | PC: 12c72 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.867667659Z | 61 | PC: 12c7e | Open file (See above) |
| 2018-12-25T12:53:05.875480853Z | 87 | PC: 12c8a | Get or set file date and time (See above) |
| 2018-12-25T12:53:05.877530678Z | 44 | PC: 12c97 | Get time (See above) |
| 2018-12-25T12:53:05.881225335Z | 63 | PC: 12ca4 | Read file or device (See above) |
| 2018-12-25T12:53:05.888799573Z | 66 | PC: 12cbe | Move file pointer (See above) |
| 2018-12-25T12:53:05.891673918Z | 64 | PC: 13303 | Write file or device (See above) |
| 2018-12-25T12:53:05.902752254Z | 66 | PC: 12cfb | Move file pointer (See above) |
| 2018-12-25T12:53:05.905613803Z | 64 | PC: 12d0a | Write file or device (See above) |
| 2018-12-25T12:53:05.913416744Z | 87 | PC: 12d1d | Get or set file date and time (See above) |
| 2018-12-25T12:53:05.915873422Z | 62 | PC: 12d21 | Close file (See above) |
| 2018-12-25T12:53:05.925656911Z | 67 | PC: 12d30 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.937037492Z | 26 | PC: 12d3d | Set disk transfer address (See above) |
| 2018-12-25T12:53:05.938743325Z | 9 | PC: 12a68 | Display string (String= 'Small COM program (42 bytes) ') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":19,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16467,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:53:05.753957692Z | 47 | PC: 12b77 | Get disk transfer address |
| 2018-12-25T12:53:05.755428076Z | 26 | PC: 12b8a | Set disk transfer address |
| 2018-12-25T12:53:05.756893735Z | 78 | PC: 12c19 | Find first file |
| 2018-12-25T12:53:05.764168105Z | 67 | PC: 12c60 | Get or set file attributes |
| 2018-12-25T12:53:05.771608018Z | 67 | PC: 12c72 | Get or set file attributes |
| 2018-12-25T12:53:05.786502354Z | 61 | PC: 12c7e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:53:05.792792862Z | 87 | PC: 12c8a | Get or set file date and time |
| 2018-12-25T12:53:05.79435654Z | 44 | PC: 12c97 | Get time 0x12c97: mov ah, 0x3f 0x12c99: mov cx, 3 0x12c9c: mov dx, 0xa 0x12c9f: nop 0x12ca0: add dx, si 0x12ca2: int 0x21 0x12ca4: jb 0x12d0a 0x12ca6: cmp ax, 3 0x12ca9: jne 0x12d0a 0x12cab: cmp word ptr [si + 0xa], 0x5a4d 0x12cb0: nop 0x12cb1: je 0x12d0a 0x12cb3: mov ax, 0x4202 0x12cb6: mov cx, 0 0x12cb9: mov dx, 0 0x12cbc: int 0x21 0x12cbe: nop 0x12cbf: jb 0x12d0a 0x12cc1: mov cx, ax 0x12cc3: sub ax, 3 |
| 2018-12-25T12:53:05.796838753Z | 63 | PC: 12ca4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:53:05.803106411Z | 66 | PC: 12cbe | Move file pointer |
| 2018-12-25T12:53:05.805412682Z | 64 | PC: 13303 | Write file or device (Write 2278 bytes on handle 5) |
| 2018-12-25T12:53:05.815460507Z | 66 | PC: 12cfb | Move file pointer |
| 2018-12-25T12:53:05.817098911Z | 64 | PC: 12d0a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:53:05.823510351Z | 87 | PC: 12d1d | Get or set file date and time |
| 2018-12-25T12:53:05.834011005Z | 62 | PC: 12d21 | Close file |
| 2018-12-25T12:53:05.842891399Z | 67 | PC: 12d30 | Get or set file attributes |
| 2018-12-25T12:53:05.852534606Z | 26 | PC: 12d3d | Set disk transfer address |
| 2018-12-25T12:53:05.854462094Z | 42 | PC: 12a9e | Get date 0x12a9e: cmp cx, 0x7cb 0x12aa2: jge 0x12aa7 0x12aa4: jmp 0x12b03 0x12aa6: nop 0x12aa7: cmp dh, 5 0x12aaa: jge 0x12aaf 0x12aac: jmp 0x12b03 0x12aae: nop 0x12aaf: cmp dl, 5 0x12ab2: jge 0x12abb 0x12ab4: jmp 0x12b03 0x12ab6: nop 0x12ab7: cmp al, 5 0x12ab9: je 0x12af6 0x12abb: mov ah, 0x2c 0x12abd: int 0x21 0x12abf: cmp ch, 0xf 0x12ac2: jb 0x12b03 0x12ac4: cmp ch, 0x13 0x12ac7: jge 0x12b03 |
| 2018-12-25T12:53:05.856605417Z | 47 | PC: 12b77 | Get disk transfer address (See above) |
| 2018-12-25T12:53:05.857974393Z | 26 | PC: 12b8a | Set disk transfer address (See above) |
| 2018-12-25T12:53:05.860678064Z | 78 | PC: 12c19 | Find first file (See above) |
| 2018-12-25T12:53:05.866778047Z | 79 | PC: 12c1f | Find next file |
| 2018-12-25T12:53:05.869630531Z | 67 | PC: 12c60 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.875695076Z | 67 | PC: 12c72 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.886349016Z | 61 | PC: 12c7e | Open file (See above) |
| 2018-12-25T12:53:05.897542174Z | 87 | PC: 12c8a | Get or set file date and time (See above) |
| 2018-12-25T12:53:05.898755643Z | 44 | PC: 12c97 | Get time (See above) |
| 2018-12-25T12:53:05.901272766Z | 63 | PC: 12ca4 | Read file or device (See above) |
| 2018-12-25T12:53:05.907771328Z | 66 | PC: 12cbe | Move file pointer (See above) |
| 2018-12-25T12:53:05.909755154Z | 64 | PC: 13303 | Write file or device (See above) |
| 2018-12-25T12:53:05.918981998Z | 66 | PC: 12cfb | Move file pointer (See above) |
| 2018-12-25T12:53:05.920173079Z | 64 | PC: 12d0a | Write file or device (See above) |
| 2018-12-25T12:53:05.926378252Z | 87 | PC: 12d1d | Get or set file date and time (See above) |
| 2018-12-25T12:53:05.928152102Z | 62 | PC: 12d21 | Close file (See above) |
| 2018-12-25T12:53:05.935632918Z | 67 | PC: 12d30 | Get or set file attributes (See above) |
| 2018-12-25T12:53:05.945182248Z | 26 | PC: 12d3d | Set disk transfer address (See above) |
| 2018-12-25T12:53:05.946765312Z | 9 | PC: 12a68 | Display string (String= 'Small COM program (42 bytes) ') |