Sample viewer

vx.netlux.org/Virus.DOS.Mcmahon.1307

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:09:28.815536817Z 26 PC: 12a8d | Set disk transfer address
2018-12-17T23:09:28.817173388Z 53 PC: 12a92 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:09:28.820141058Z 37 PC: 12aa3 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:09:28.822368024Z 71 PC: 12aac | Get current directory
2018-12-17T23:09:28.825838397Z 78 PC: 12ab7 | Find first file
2018-12-17T23:09:28.833116919Z 78 PC: 12b38 | Find first file
2018-12-17T23:09:28.839779527Z 78 PC: 12baa | Find first file
2018-12-17T23:09:28.846289361Z 61 PC: 12bc5 | Open file (Filename = '&')
2018-12-17T23:09:28.863523323Z 87 PC: 12caf | Get or set file date and time
2018-12-17T23:09:28.865075177Z 63 PC: 12be6 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T23:09:28.872024861Z 66 PC: 12cce | Move file pointer
2018-12-17T23:09:28.878022662Z 64 PC: 12c07 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T23:09:28.880877594Z 66 PC: 12cd7 | Move file pointer
2018-12-17T23:09:28.882388606Z 64 PC: 12c1a | Write file or device (Write 1307 bytes on handle 5)
2018-12-17T23:09:28.901745253Z 87 PC: 12cc5 | Get or set file date and time
2018-12-17T23:09:28.903504328Z 62 PC: 12c21 | Close file
2018-12-17T23:09:28.911673536Z 79 PC: 12c25 | Find next file
2018-12-17T23:09:28.914440381Z 61 PC: 12bc5 | Open file (Filename = '&')
2018-12-17T23:09:28.922047062Z 87 PC: 12caf | Get or set file date and time
2018-12-17T23:09:28.923106827Z 63 PC: 12be6 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T23:09:28.927339395Z 66 PC: 12cce | Move file pointer
2018-12-17T23:09:28.935502078Z 64 PC: 12c07 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T23:09:28.937574811Z 66 PC: 12cd7 | Move file pointer
2018-12-17T23:09:28.939039621Z 64 PC: 12c1a | Write file or device (Write 1307 bytes on handle 5)
2018-12-17T23:09:28.949746984Z 87 PC: 12cc5 | Get or set file date and time
2018-12-17T23:09:28.951479083Z 62 PC: 12c21 | Close file
2018-12-17T23:09:28.959603351Z 79 PC: 12c25 | Find next file
2018-12-17T23:09:28.963608697Z 61 PC: 12bc5 | Open file (Filename = '&')
2018-12-17T23:09:28.971170342Z 87 PC: 12caf | Get or set file date and time
2018-12-17T23:09:28.972956539Z 63 PC: 12be6 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T23:09:28.980613499Z 66 PC: 12cce | Move file pointer
2018-12-17T23:09:28.982360345Z 64 PC: 12c07 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T23:09:28.985470573Z 66 PC: 12cd7 | Move file pointer
2018-12-17T23:09:28.988021128Z 64 PC: 12c1a | Write file or device (Write 1307 bytes on handle 5)
2018-12-17T23:09:28.998937242Z 87 PC: 12cc5 | Get or set file date and time
2018-12-17T23:09:29.001268137Z 62 PC: 12c21 | Close file
2018-12-17T23:09:29.013039586Z 79 PC: 12c25 | Find next file
2018-12-17T23:09:29.015293795Z 61 PC: 12bc5 | Open file (Filename = '&')
2018-12-17T23:09:29.020021248Z 87 PC: 12caf | Get or set file date and time
2018-12-17T23:09:29.021899447Z 63 PC: 12be6 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T23:09:29.030841279Z 66 PC: 12cce | Move file pointer
2018-12-17T23:09:29.032521366Z 64 PC: 12c07 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T23:09:29.035557281Z 66 PC: 12cd7 | Move file pointer
2018-12-17T23:09:29.037493892Z 64 PC: 12c1a | Write file or device (Write 1307 bytes on handle 5)
2018-12-17T23:09:29.0472453Z 87 PC: 12cc5 | Get or set file date and time
2018-12-17T23:09:29.049208808Z 62 PC: 12c21 | Close file
2018-12-17T23:09:29.058234675Z 79 PC: 12c25 | Find next file
2018-12-17T23:09:29.061712926Z 61 PC: 12bc5 | Open file (Filename = '&')
2018-12-17T23:09:29.069483258Z 87 PC: 12caf | Get or set file date and time
2018-12-17T23:09:29.071843371Z 63 PC: 12be6 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T23:09:29.079428389Z 66 PC: 12cce | Move file pointer
2018-12-17T23:09:29.081503026Z 64 PC: 12c07 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T23:09:29.085905073Z 66 PC: 12cd7 | Move file pointer
2018-12-17T23:09:29.088124988Z 64 PC: 12c1a | Write file or device (Write 1307 bytes on handle 5)
2018-12-17T23:09:29.098803836Z 87 PC: 12cc5 | Get or set file date and time
2018-12-17T23:09:29.101439528Z 62 PC: 12c21 | Close file
2018-12-17T23:09:29.110525343Z 79 PC: 12c25 | Find next file
2018-12-17T23:09:29.113578922Z 61 PC: 12bc5 | Open file (Filename = '&')
2018-12-17T23:09:29.121148407Z 87 PC: 12caf | Get or set file date and time
2018-12-17T23:09:29.123650302Z 63 PC: 12be6 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T23:09:29.130640412Z 66 PC: 12cce | Move file pointer
2018-12-17T23:09:29.13605353Z 64 PC: 12c07 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T23:09:29.140540294Z 66 PC: 12cd7 | Move file pointer
2018-12-17T23:09:29.142136878Z 64 PC: 12c1a | Write file or device (Write 1307 bytes on handle 5)
2018-12-17T23:09:29.151846581Z 87 PC: 12cc5 | Get or set file date and time
2018-12-17T23:09:29.154166542Z 62 PC: 12c21 | Close file
2018-12-17T23:09:29.162712084Z 79 PC: 12c25 | Find next file
2018-12-17T23:09:29.166076939Z 61 PC: 12bc5 | Open file (Filename = '&')
2018-12-17T23:09:29.175249744Z 87 PC: 12caf | Get or set file date and time
2018-12-17T23:09:29.17725244Z 63 PC: 12be6 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T23:09:29.184241198Z 66 PC: 12cce | Move file pointer
2018-12-17T23:09:29.186914241Z 64 PC: 12c07 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T23:09:29.190203082Z 66 PC: 12cd7 | Move file pointer
2018-12-17T23:09:29.191990452Z 64 PC: 12c1a | Write file or device (Write 1307 bytes on handle 5)
2018-12-17T23:09:29.201830433Z 87 PC: 12cc5 | Get or set file date and time
2018-12-17T23:09:29.203376825Z 62 PC: 12c21 | Close file
2018-12-17T23:09:29.211428313Z 79 PC: 12c25 | Find next file
2018-12-17T23:09:29.215359707Z 61 PC: 12bc5 | Open file (Filename = '&')
2018-12-17T23:09:29.222546551Z 87 PC: 12caf | Get or set file date and time
2018-12-17T23:09:29.224407802Z 63 PC: 12be6 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T23:09:29.231681805Z 87 PC: 12cc5 | Get or set file date and time
2018-12-17T23:09:29.234386053Z 62 PC: 12c21 | Close file
2018-12-17T23:09:29.242555689Z 79 PC: 12c25 | Find next file
2018-12-17T23:09:29.245409708Z 59 PC: 12bb7 | Change current directory
2018-12-17T23:09:29.251072646Z 42 PC: 12c2d | Get date 0x12c2d: cmp dh, 0xa
0x12c30: jne 0x12c57
0x12c32: cmp dl, 0x12
0x12c35: jne 0x12c57
0x12c37: mov ah, 9
0x12c39: lea dx, word ptr [bp + 0x3fe]
0x12c3d: int 0x21
0x12c3f: xor ax, ax
0x12c41: int 0x16
0x12c43: mov ah, 3
0x12c45: mov al, 0xf
0x12c47: mov ch, 0
0x12c49: mov cl, 1
0x12c4b: mov dh, 0
0x12c4d: mov dl, 2
0x12c4f: lea bx, word ptr [bp + 0x597]
0x12c53: push cs
0x12c54: pop es
0x12c55: int 0x13
0x12c57: mov ax, 0x2524
2018-12-17T23:09:29.25373322Z 37 PC: 12c60 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:09:29.255308388Z 59 PC: 12c68 | Change current directory
2018-12-17T23:09:29.258288589Z 26 PC: 12ca5 | Set disk transfer address

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16541,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:53:16.278580424Z 26 PC: 12a8d | Set disk transfer address
2018-12-25T12:53:16.280034234Z 53 PC: 12a92 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:53:16.28111366Z 37 PC: 12aa3 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:53:16.282120538Z 71 PC: 12aac | Get current directory
2018-12-25T12:53:16.285428527Z 78 PC: 12ab7 | Find first file
2018-12-25T12:53:16.291146833Z 78 PC: 12b38 | Find first file
2018-12-25T12:53:16.30211204Z 78 PC: 12baa | Find first file
2018-12-25T12:53:16.308390875Z 61 PC: 12bc5 | Open file (Filename = '&')
2018-12-25T12:53:16.314852952Z 87 PC: 12caf | Get or set file date and time
2018-12-25T12:53:16.316301756Z 63 PC: 12be6 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T12:53:16.323957927Z 66 PC: 12cce | Move file pointer
2018-12-25T12:53:16.325321007Z 64 PC: 12c07 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:53:16.327848753Z 66 PC: 12cd7 | Move file pointer
2018-12-25T12:53:16.329607545Z 64 PC: 12c1a | Write file or device (Write 1307 bytes on handle 5)
2018-12-25T12:53:16.344209873Z 87 PC: 12cc5 | Get or set file date and time
2018-12-25T12:53:16.345470906Z 62 PC: 12c21 | Close file
2018-12-25T12:53:16.352902509Z 79 PC: 12c25 | Find next file
2018-12-25T12:53:16.355673544Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:16.362323959Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:16.364184566Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:16.371187556Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:16.372415812Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:16.375389675Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:16.376912955Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:16.385194768Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:16.3867988Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:16.394369159Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:16.396782539Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:16.403179116Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:16.404492812Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:16.410550323Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:16.411744633Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:16.41431665Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:16.415518718Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:16.423413983Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:16.42518141Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:16.432735972Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:16.435075966Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:16.441627971Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:16.442715399Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:16.448568791Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:16.450209274Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:16.452580743Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:16.453600917Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:16.461972008Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:16.463239066Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:16.470438181Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:16.473555709Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:16.479781833Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:16.480945252Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:16.48842151Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:16.490218812Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:16.493221201Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:16.495809326Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:16.504739198Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:16.506129728Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:16.514693934Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:16.51716476Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:16.523400495Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:16.525304949Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:16.531492641Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:16.532720598Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:16.535714221Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:16.537008099Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:16.545377036Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:16.54722267Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:16.554533762Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:16.557017906Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:16.564250709Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:16.566219243Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:16.572385356Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:16.574105208Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:16.57707352Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:16.578349926Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:16.587222053Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:16.588564528Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:16.595912529Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:16.598816534Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:16.605049836Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:16.606323Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:16.613259898Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:16.614634788Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:16.621501265Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:16.624338099Z 59 PC: 12bb7 | Change current directory
2018-12-25T12:53:16.628209357Z 42 PC: 12c2d | Get date 0x12c2d: cmp dh, 0xa
0x12c30: jne 0x12c57
0x12c32: cmp dl, 0x12
0x12c35: jne 0x12c57
0x12c37: mov ah, 9
0x12c39: lea dx, word ptr [bp + 0x3fe]
0x12c3d: int 0x21
0x12c3f: xor ax, ax
0x12c41: int 0x16
0x12c43: mov ah, 3
0x12c45: mov al, 0xf
0x12c47: mov ch, 0
0x12c49: mov cl, 1
0x12c4b: mov dh, 0
0x12c4d: mov dl, 2
0x12c4f: lea bx, word ptr [bp + 0x597]
0x12c53: push cs
0x12c54: pop es
0x12c55: int 0x13
0x12c57: mov ax, 0x2524
2018-12-25T12:53:16.630135358Z 37 PC: 12c60 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:53:16.63280635Z 59 PC: 12c68 | Change current directory
2018-12-25T12:53:16.63470112Z 26 PC: 12ca5 | Set disk transfer address

{"DateBased":true,"Day":1,"Month":10,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16541,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:53:16.622399156Z 26 PC: 12a8d | Set disk transfer address
2018-12-25T12:53:16.623773142Z 53 PC: 12a92 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:53:16.624756219Z 37 PC: 12aa3 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:53:16.625656288Z 71 PC: 12aac | Get current directory
2018-12-25T12:53:16.629170975Z 78 PC: 12ab7 | Find first file
2018-12-25T12:53:16.634766008Z 78 PC: 12b38 | Find first file
2018-12-25T12:53:16.640201942Z 78 PC: 12baa | Find first file
2018-12-25T12:53:16.646243136Z 61 PC: 12bc5 | Open file (Filename = '&')
2018-12-25T12:53:16.652458938Z 87 PC: 12caf | Get or set file date and time
2018-12-25T12:53:16.653658706Z 63 PC: 12be6 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T12:53:16.659994152Z 66 PC: 12cce | Move file pointer
2018-12-25T12:53:16.661135472Z 64 PC: 12c07 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:53:16.663480641Z 66 PC: 12cd7 | Move file pointer
2018-12-25T12:53:16.665157615Z 64 PC: 12c1a | Write file or device (Write 1307 bytes on handle 5)
2018-12-25T12:53:16.679195726Z 87 PC: 12cc5 | Get or set file date and time
2018-12-25T12:53:16.680530685Z 62 PC: 12c21 | Close file
2018-12-25T12:53:16.688417835Z 79 PC: 12c25 | Find next file
2018-12-25T12:53:16.691297002Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:16.698269768Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:16.69954104Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:16.706030221Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:16.707191636Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:16.709576451Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:16.714970831Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:16.723071462Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:16.724343743Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:16.73215683Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:16.73483799Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:16.741228893Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:16.745394731Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:16.751511861Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:16.7527504Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:16.75579901Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:16.756809262Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:16.76208953Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:16.76376165Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:16.769012829Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:16.770786181Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:16.775361543Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:16.77657591Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:16.780688552Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:16.782107982Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:16.783982629Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:16.784967387Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:16.790732442Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:16.791718972Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:16.79637226Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:16.798514326Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:16.80480565Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:16.805845149Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:16.812343113Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:16.813480947Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:16.815922003Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:16.817423622Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:16.826054669Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:16.827421441Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:16.834905469Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:16.838019221Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:16.84413433Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:16.845734797Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:16.851814636Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:16.852963617Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:16.85564762Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:16.856838684Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:16.865150392Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:16.866758593Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:16.874016754Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:16.876251292Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:16.882651971Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:16.883871843Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:16.88987761Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:16.891258228Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:16.893793399Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:16.894966737Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:16.90409124Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:16.905448753Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:16.91266072Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:16.915058733Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:16.936396559Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:16.937455752Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:16.939316101Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:16.940498951Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:16.944836081Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:16.946385549Z 59 PC: 12bb7 | Change current directory
2018-12-25T12:53:16.948962333Z 42 PC: 12c2d | Get date 0x12c2d: cmp dh, 0xa
0x12c30: jne 0x12c57
0x12c32: cmp dl, 0x12
0x12c35: jne 0x12c57
0x12c37: mov ah, 9
0x12c39: lea dx, word ptr [bp + 0x3fe]
0x12c3d: int 0x21
0x12c3f: xor ax, ax
0x12c41: int 0x16
0x12c43: mov ah, 3
0x12c45: mov al, 0xf
0x12c47: mov ch, 0
0x12c49: mov cl, 1
0x12c4b: mov dh, 0
0x12c4d: mov dl, 2
0x12c4f: lea bx, word ptr [bp + 0x597]
0x12c53: push cs
0x12c54: pop es
0x12c55: int 0x13
0x12c57: mov ax, 0x2524
2018-12-25T12:53:16.950240507Z 37 PC: 12c60 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:53:16.950922294Z 59 PC: 12c68 | Change current directory
2018-12-25T12:53:16.953035518Z 26 PC: 12ca5 | Set disk transfer address

{"DateBased":true,"Day":18,"Month":10,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16541,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:53:17.139010346Z 26 PC: 12a8d | Set disk transfer address
2018-12-25T12:53:17.140404871Z 53 PC: 12a92 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:53:17.141367679Z 37 PC: 12aa3 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:53:17.142536298Z 71 PC: 12aac | Get current directory
2018-12-25T12:53:17.145873065Z 78 PC: 12ab7 | Find first file
2018-12-25T12:53:17.152163238Z 78 PC: 12b38 | Find first file
2018-12-25T12:53:17.157577506Z 78 PC: 12baa | Find first file
2018-12-25T12:53:17.163640434Z 61 PC: 12bc5 | Open file (Filename = '&')
2018-12-25T12:53:17.169824368Z 87 PC: 12caf | Get or set file date and time
2018-12-25T12:53:17.170916832Z 63 PC: 12be6 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T12:53:17.177162627Z 66 PC: 12cce | Move file pointer
2018-12-25T12:53:17.178355766Z 64 PC: 12c07 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:53:17.180707838Z 66 PC: 12cd7 | Move file pointer
2018-12-25T12:53:17.182938725Z 64 PC: 12c1a | Write file or device (Write 1307 bytes on handle 5)
2018-12-25T12:53:17.196243203Z 87 PC: 12cc5 | Get or set file date and time
2018-12-25T12:53:17.197514639Z 62 PC: 12c21 | Close file
2018-12-25T12:53:17.204812693Z 79 PC: 12c25 | Find next file
2018-12-25T12:53:17.207354676Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:17.213540673Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:17.215249856Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:17.225123663Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:17.226376124Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:17.229498084Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:17.243551342Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:17.251743864Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:17.253062648Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:17.261091897Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:17.263704257Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:17.269966621Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:17.271833221Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:17.278342807Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:17.279518658Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:17.282651137Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:17.284012391Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:17.293045044Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:17.295057703Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:17.303182576Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:17.305492952Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:17.312735247Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:17.314254649Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:17.320679718Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:17.322633523Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:17.325372538Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:17.327060041Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:17.33583519Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:17.337008029Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:17.344730339Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:17.348108636Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:17.354713667Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:17.356396804Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:17.363401745Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:17.364849769Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:17.367660943Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:17.370068239Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:17.378399681Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:17.379719503Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:17.387565164Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:17.390091028Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:17.396695449Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:17.398800435Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:17.405167993Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:17.406793278Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:17.410562192Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:17.412139704Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:17.421223811Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:17.42394722Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:17.431966139Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:17.434787968Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:17.442389149Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:17.444099496Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:17.450581601Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:17.453200163Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:17.456024054Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:17.457477523Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:17.466219226Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:17.467586358Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:17.474850223Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:17.477841021Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:17.484078553Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:17.485161449Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:17.487646106Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:17.489325437Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:17.496477321Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:17.498735975Z 59 PC: 12bb7 | Change current directory
2018-12-25T12:53:17.503247993Z 42 PC: 12c2d | Get date 0x12c2d: cmp dh, 0xa
0x12c30: jne 0x12c57
0x12c32: cmp dl, 0x12
0x12c35: jne 0x12c57
0x12c37: mov ah, 9
0x12c39: lea dx, word ptr [bp + 0x3fe]
0x12c3d: int 0x21
0x12c3f: xor ax, ax
0x12c41: int 0x16
0x12c43: mov ah, 3
0x12c45: mov al, 0xf
0x12c47: mov ch, 0
0x12c49: mov cl, 1
0x12c4b: mov dh, 0
0x12c4d: mov dl, 2
0x12c4f: lea bx, word ptr [bp + 0x597]
0x12c53: push cs
0x12c54: pop es
0x12c55: int 0x13
0x12c57: mov ax, 0x2524
2018-12-25T12:53:17.50515641Z 9 PC: 12c3f | Display string (Could not find end pointer)

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16541,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:53:17.642920484Z 26 PC: 12a8d | Set disk transfer address
2018-12-25T12:53:17.644344246Z 53 PC: 12a92 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:53:17.645358529Z 37 PC: 12aa3 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:53:17.64637207Z 71 PC: 12aac | Get current directory
2018-12-25T12:53:17.650365662Z 78 PC: 12ab7 | Find first file
2018-12-25T12:53:17.655947506Z 78 PC: 12b38 | Find first file
2018-12-25T12:53:17.661409936Z 78 PC: 12baa | Find first file
2018-12-25T12:53:17.667658545Z 61 PC: 12bc5 | Open file (Filename = '&')
2018-12-25T12:53:17.686807691Z 87 PC: 12caf | Get or set file date and time
2018-12-25T12:53:17.688068794Z 63 PC: 12be6 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T12:53:17.698051762Z 66 PC: 12cce | Move file pointer
2018-12-25T12:53:17.699518675Z 64 PC: 12c07 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:53:17.702985619Z 66 PC: 12cd7 | Move file pointer
2018-12-25T12:53:17.704679484Z 64 PC: 12c1a | Write file or device (Write 1307 bytes on handle 5)
2018-12-25T12:53:17.718671969Z 87 PC: 12cc5 | Get or set file date and time
2018-12-25T12:53:17.720095655Z 62 PC: 12c21 | Close file
2018-12-25T12:53:17.727726567Z 79 PC: 12c25 | Find next file
2018-12-25T12:53:17.731808699Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:17.738491392Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:17.74015657Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:17.747020163Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:17.748267234Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:17.750570209Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:17.752415207Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:17.76071923Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:17.762044163Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:17.782371987Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:17.785696581Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:17.789838227Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:17.791283352Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:17.795500299Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:17.796419Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:17.798465873Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:17.799627992Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:17.805104264Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:17.807042629Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:17.812113411Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:17.813790481Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:17.818002091Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:17.819256792Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:17.823295021Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:17.824579242Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:17.827814935Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:17.829058115Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:17.837231685Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:17.839190837Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:17.846483801Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:17.848859526Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:17.856411592Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:17.857764339Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:17.863852904Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:17.86567215Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:17.868359895Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:17.869985341Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:17.880209348Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:17.881725381Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:17.88923429Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:17.892863679Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:17.899561791Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:17.901199614Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:17.908070415Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:17.909486768Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:17.912111077Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:17.914485938Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:17.923040778Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:17.925279818Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:17.933143694Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:17.935749394Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:17.942035133Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:17.943905254Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:17.9499895Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:17.951394748Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:17.95436569Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:17.95558391Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:17.963717283Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:17.965538319Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:17.972959405Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:17.975709941Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:17.983211213Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:17.984488942Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:17.990908931Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:17.993012401Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:17.999773172Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:18.002098727Z 59 PC: 12bb7 | Change current directory
2018-12-25T12:53:18.006027829Z 42 PC: 12c2d | Get date 0x12c2d: cmp dh, 0xa
0x12c30: jne 0x12c57
0x12c32: cmp dl, 0x12
0x12c35: jne 0x12c57
0x12c37: mov ah, 9
0x12c39: lea dx, word ptr [bp + 0x3fe]
0x12c3d: int 0x21
0x12c3f: xor ax, ax
0x12c41: int 0x16
0x12c43: mov ah, 3
0x12c45: mov al, 0xf
0x12c47: mov ch, 0
0x12c49: mov cl, 1
0x12c4b: mov dh, 0
0x12c4d: mov dl, 2
0x12c4f: lea bx, word ptr [bp + 0x597]
0x12c53: push cs
0x12c54: pop es
0x12c55: int 0x13
0x12c57: mov ax, 0x2524
2018-12-25T12:53:18.008209076Z 37 PC: 12c60 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:53:18.00928598Z 59 PC: 12c68 | Change current directory
2018-12-25T12:53:18.011190124Z 26 PC: 12ca5 | Set disk transfer address

{"DateBased":true,"Day":1,"Month":10,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16541,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:53:17.761750836Z 26 PC: 12a8d | Set disk transfer address
2018-12-25T12:53:17.763508148Z 53 PC: 12a92 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:53:17.764510484Z 37 PC: 12aa3 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:53:17.76538492Z 71 PC: 12aac | Get current directory
2018-12-25T12:53:17.767891083Z 78 PC: 12ab7 | Find first file
2018-12-25T12:53:17.771728561Z 78 PC: 12b38 | Find first file
2018-12-25T12:53:17.778082239Z 78 PC: 12baa | Find first file
2018-12-25T12:53:17.790280068Z 61 PC: 12bc5 | Open file (Filename = '&')
2018-12-25T12:53:17.799712846Z 87 PC: 12caf | Get or set file date and time
2018-12-25T12:53:17.800783346Z 63 PC: 12be6 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T12:53:17.805685715Z 66 PC: 12cce | Move file pointer
2018-12-25T12:53:17.806909261Z 64 PC: 12c07 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:53:17.808950693Z 66 PC: 12cd7 | Move file pointer
2018-12-25T12:53:17.810045434Z 64 PC: 12c1a | Write file or device (Write 1307 bytes on handle 5)
2018-12-25T12:53:17.823202132Z 87 PC: 12cc5 | Get or set file date and time
2018-12-25T12:53:17.824313754Z 62 PC: 12c21 | Close file
2018-12-25T12:53:17.829029631Z 79 PC: 12c25 | Find next file
2018-12-25T12:53:17.831246365Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:17.835170519Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:17.836066982Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:17.840753717Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:17.841674959Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:17.844687384Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:17.846156945Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:17.851448723Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:17.852446623Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:17.858589514Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:17.861076254Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:17.867897365Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:17.869814414Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:17.876542516Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:17.877903546Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:17.892753274Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:17.89593299Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:17.904135368Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:17.906045182Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:17.913822225Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:17.9164345Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:17.923148043Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:17.924518003Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:17.941035535Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:17.942701028Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:17.9451408Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:17.946406819Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:17.955442126Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:17.956767495Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:17.963990233Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:17.96695817Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:17.973468736Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:17.97481887Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:17.981605527Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:17.982868833Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:17.985326268Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:17.987063067Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:17.995523027Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:17.99690324Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:18.005205942Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:18.007579115Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:18.014503846Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:18.016119008Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:18.022530897Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:18.023953366Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:18.027085456Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:18.028341888Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:18.03670798Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:18.038803783Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:18.045487677Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:18.048178638Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:18.053823212Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:18.055909271Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:18.061190568Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:18.062849489Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:18.06708684Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:18.068378351Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:18.076631198Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:18.079163763Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:18.086957295Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:18.089369693Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:18.096749681Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:18.098198795Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:18.103641543Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:18.10563275Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:18.112511581Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:18.114654707Z 59 PC: 12bb7 | Change current directory
2018-12-25T12:53:18.119307409Z 42 PC: 12c2d | Get date 0x12c2d: cmp dh, 0xa
0x12c30: jne 0x12c57
0x12c32: cmp dl, 0x12
0x12c35: jne 0x12c57
0x12c37: mov ah, 9
0x12c39: lea dx, word ptr [bp + 0x3fe]
0x12c3d: int 0x21
0x12c3f: xor ax, ax
0x12c41: int 0x16
0x12c43: mov ah, 3
0x12c45: mov al, 0xf
0x12c47: mov ch, 0
0x12c49: mov cl, 1
0x12c4b: mov dh, 0
0x12c4d: mov dl, 2
0x12c4f: lea bx, word ptr [bp + 0x597]
0x12c53: push cs
0x12c54: pop es
0x12c55: int 0x13
0x12c57: mov ax, 0x2524
2018-12-25T12:53:18.121279387Z 37 PC: 12c60 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:53:18.122249501Z 59 PC: 12c68 | Change current directory
2018-12-25T12:53:18.12464615Z 26 PC: 12ca5 | Set disk transfer address

{"DateBased":true,"Day":18,"Month":10,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16541,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:53:17.969777531Z 26 PC: 12a8d | Set disk transfer address
2018-12-25T12:53:17.971445567Z 53 PC: 12a92 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:53:17.972997859Z 37 PC: 12aa3 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:53:17.975388278Z 71 PC: 12aac | Get current directory
2018-12-25T12:53:17.97875749Z 78 PC: 12ab7 | Find first file
2018-12-25T12:53:17.982958452Z 78 PC: 12b38 | Find first file
2018-12-25T12:53:17.989363368Z 78 PC: 12baa | Find first file
2018-12-25T12:53:17.994969609Z 61 PC: 12bc5 | Open file (Filename = '&')
2018-12-25T12:53:18.001790016Z 87 PC: 12caf | Get or set file date and time
2018-12-25T12:53:18.00303226Z 63 PC: 12be6 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T12:53:18.009082822Z 66 PC: 12cce | Move file pointer
2018-12-25T12:53:18.010470052Z 64 PC: 12c07 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:53:18.013108635Z 66 PC: 12cd7 | Move file pointer
2018-12-25T12:53:18.014352938Z 64 PC: 12c1a | Write file or device (Write 1307 bytes on handle 5)
2018-12-25T12:53:18.027786482Z 87 PC: 12cc5 | Get or set file date and time
2018-12-25T12:53:18.029291392Z 62 PC: 12c21 | Close file
2018-12-25T12:53:18.03506443Z 79 PC: 12c25 | Find next file
2018-12-25T12:53:18.037464815Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:18.044133322Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:18.045546591Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:18.051724919Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:18.053526354Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:18.056734801Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:18.057971619Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:18.06662892Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:18.06807681Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:18.075385825Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:18.078567461Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:18.084827478Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:18.086044697Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:18.093082106Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:18.094316521Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:18.096740239Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:18.098294322Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:18.10656568Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:18.107878035Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:18.115438286Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:18.117884922Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:18.124697548Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:18.126260013Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:18.132349403Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:18.13348417Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:18.136216633Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:18.14889973Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:18.156979611Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:18.158294914Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:18.165561033Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:18.167907898Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:18.173961163Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:18.17563225Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:18.181629415Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:18.182771627Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:18.185590258Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:18.18707909Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:18.195557175Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:18.198413257Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:18.206201178Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:18.208843355Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:18.21541766Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:18.216621466Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:18.22259311Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:18.2240551Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:18.226456832Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:18.227645523Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:18.23606674Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:18.237637322Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:18.245071433Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:18.248243736Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:18.254663917Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:18.256134149Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:18.263480578Z 66 PC: 12cce | Move file pointer (See above)
2018-12-25T12:53:18.264648445Z 64 PC: 12c07 | Write file or device (See above)
2018-12-25T12:53:18.266950624Z 66 PC: 12cd7 | Move file pointer (See above)
2018-12-25T12:53:18.268740419Z 64 PC: 12c1a | Write file or device (See above)
2018-12-25T12:53:18.276882827Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:18.278260952Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:18.285777864Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:18.288034367Z 61 PC: 12bc5 | Open file (See above)
2018-12-25T12:53:18.294047413Z 87 PC: 12caf | Get or set file date and time (See above)
2018-12-25T12:53:18.295622326Z 63 PC: 12be6 | Read file or device (See above)
2018-12-25T12:53:18.298363525Z 87 PC: 12cc5 | Get or set file date and time (See above)
2018-12-25T12:53:18.299926548Z 62 PC: 12c21 | Close file (See above)
2018-12-25T12:53:18.307284967Z 79 PC: 12c25 | Find next file (See above)
2018-12-25T12:53:18.30970619Z 59 PC: 12bb7 | Change current directory
2018-12-25T12:53:18.313828804Z 42 PC: 12c2d | Get date 0x12c2d: cmp dh, 0xa
0x12c30: jne 0x12c57
0x12c32: cmp dl, 0x12
0x12c35: jne 0x12c57
0x12c37: mov ah, 9
0x12c39: lea dx, word ptr [bp + 0x3fe]
0x12c3d: int 0x21
0x12c3f: xor ax, ax
0x12c41: int 0x16
0x12c43: mov ah, 3
0x12c45: mov al, 0xf
0x12c47: mov ch, 0
0x12c49: mov cl, 1
0x12c4b: mov dh, 0
0x12c4d: mov dl, 2
0x12c4f: lea bx, word ptr [bp + 0x597]
0x12c53: push cs
0x12c54: pop es
0x12c55: int 0x13
0x12c57: mov ax, 0x2524
2018-12-25T12:53:18.316846498Z 9 PC: 12c3f | Display string (Could not find end pointer)