Sample viewer

vx.netlux.org/Virus.DOS.Vesna.1000.b

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:10:01.691288682Z 48 PC: 133ef | Get DOS version
2018-12-17T23:10:01.693786687Z 47 PC: 133fb | Get disk transfer address
2018-12-17T23:10:01.696171228Z 26 PC: 13409 | Set disk transfer address
2018-12-17T23:10:01.698148961Z 78 PC: 134d7 | Find first file
2018-12-17T23:10:01.705312256Z 47 PC: 134e0 | Get disk transfer address
2018-12-17T23:10:01.707971095Z 67 PC: 13441 | Get or set file attributes
2018-12-17T23:10:01.71459735Z 67 PC: 1344d | Get or set file attributes
2018-12-17T23:10:01.733636269Z 61 PC: 13452 | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:10:01.742803768Z 87 PC: 13459 | Get or set file date and time
2018-12-17T23:10:01.744664894Z 63 PC: 1346d | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:10:01.751919205Z 66 PC: 13489 | Move file pointer
2018-12-17T23:10:01.753392859Z 64 PC: 13492 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:10:01.757058532Z 66 PC: 1349e | Move file pointer
2018-12-17T23:10:01.759089429Z 64 PC: 134aa | Write file or device (Write 1000 bytes on handle 5)
2018-12-17T23:10:01.769916728Z 87 PC: 134b7 | Get or set file date and time
2018-12-17T23:10:01.772560578Z 62 PC: 134bb | Close file
2018-12-17T23:10:01.781213804Z 67 PC: 134cb | Get or set file attributes
2018-12-17T23:10:01.792067857Z 79 PC: 134f6 | Find next file
2018-12-17T23:10:01.796118663Z 67 PC: 13441 | Get or set file attributes
2018-12-17T23:10:01.802384934Z 67 PC: 1344d | Get or set file attributes
2018-12-17T23:10:01.81399043Z 61 PC: 13452 | Open file (Filename = 'PRINT.COM')
2018-12-17T23:10:01.828257843Z 87 PC: 13459 | Get or set file date and time
2018-12-17T23:10:01.830716671Z 63 PC: 1346d | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:10:01.838752263Z 66 PC: 13489 | Move file pointer
2018-12-17T23:10:01.841040993Z 64 PC: 13492 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:10:01.845103514Z 66 PC: 1349e | Move file pointer
2018-12-17T23:10:01.847137934Z 64 PC: 134aa | Write file or device (Write 1000 bytes on handle 5)
2018-12-17T23:10:01.857000525Z 87 PC: 134b7 | Get or set file date and time
2018-12-17T23:10:01.860060281Z 62 PC: 134bb | Close file
2018-12-17T23:10:01.870696216Z 67 PC: 134cb | Get or set file attributes
2018-12-17T23:10:01.882790998Z 79 PC: 134f6 | Find next file
2018-12-17T23:10:01.886933193Z 67 PC: 13441 | Get or set file attributes
2018-12-17T23:10:01.89444635Z 67 PC: 1344d | Get or set file attributes
2018-12-17T23:10:01.906546064Z 61 PC: 13452 | Open file (Filename = 'HELLO.COM')
2018-12-17T23:10:01.91503881Z 87 PC: 13459 | Get or set file date and time
2018-12-17T23:10:01.917250404Z 63 PC: 1346d | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:10:01.924927264Z 66 PC: 13489 | Move file pointer
2018-12-17T23:10:01.930139929Z 64 PC: 13492 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:10:01.933663774Z 66 PC: 1349e | Move file pointer
2018-12-17T23:10:01.935773999Z 64 PC: 134aa | Write file or device (Write 1000 bytes on handle 5)
2018-12-17T23:10:01.946595204Z 87 PC: 134b7 | Get or set file date and time
2018-12-17T23:10:01.949199248Z 62 PC: 134bb | Close file
2018-12-17T23:10:01.959202726Z 67 PC: 134cb | Get or set file attributes
2018-12-17T23:10:01.972657689Z 79 PC: 134f6 | Find next file
2018-12-17T23:10:01.975936738Z 67 PC: 13441 | Get or set file attributes
2018-12-17T23:10:01.982693258Z 67 PC: 1344d | Get or set file attributes
2018-12-17T23:10:01.994060855Z 61 PC: 13452 | Open file (Filename = 'PHANG.COM')
2018-12-17T23:10:02.002715338Z 87 PC: 13459 | Get or set file date and time
2018-12-17T23:10:02.004771002Z 63 PC: 1346d | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:10:02.012460524Z 66 PC: 13489 | Move file pointer
2018-12-17T23:10:02.015204808Z 64 PC: 13492 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:10:02.018639286Z 66 PC: 1349e | Move file pointer
2018-12-17T23:10:02.020646725Z 64 PC: 134aa | Write file or device (Write 1000 bytes on handle 5)
2018-12-17T23:10:02.030832273Z 87 PC: 134b7 | Get or set file date and time
2018-12-17T23:10:02.032921071Z 62 PC: 134bb | Close file
2018-12-17T23:10:02.042607128Z 67 PC: 134cb | Get or set file attributes
2018-12-17T23:10:02.055689952Z 79 PC: 134f6 | Find next file
2018-12-17T23:10:02.058834284Z 67 PC: 13441 | Get or set file attributes
2018-12-17T23:10:02.06547648Z 67 PC: 1344d | Get or set file attributes
2018-12-17T23:10:02.077435992Z 61 PC: 13452 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T23:10:02.085937304Z 87 PC: 13459 | Get or set file date and time
2018-12-17T23:10:02.087919345Z 63 PC: 1346d | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:10:02.095765105Z 66 PC: 13489 | Move file pointer
2018-12-17T23:10:02.098041655Z 64 PC: 13492 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:10:02.102181663Z 66 PC: 1349e | Move file pointer
2018-12-17T23:10:02.104255397Z 64 PC: 134aa | Write file or device (Write 1000 bytes on handle 5)
2018-12-17T23:10:02.118737844Z 87 PC: 134b7 | Get or set file date and time
2018-12-17T23:10:02.1206161Z 62 PC: 134bb | Close file
2018-12-17T23:10:02.129602214Z 67 PC: 134cb | Get or set file attributes
2018-12-17T23:10:02.142377193Z 79 PC: 134f6 | Find next file
2018-12-17T23:10:02.14723902Z 67 PC: 13441 | Get or set file attributes
2018-12-17T23:10:02.165939468Z 67 PC: 1344d | Get or set file attributes
2018-12-17T23:10:02.178204238Z 61 PC: 13452 | Open file (Filename = 'MANDEL.COM')
2018-12-17T23:10:02.185652038Z 87 PC: 13459 | Get or set file date and time
2018-12-17T23:10:02.187312294Z 63 PC: 1346d | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:10:02.195310457Z 66 PC: 13489 | Move file pointer
2018-12-17T23:10:02.196998494Z 64 PC: 13492 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:10:02.200328047Z 66 PC: 1349e | Move file pointer
2018-12-17T23:10:02.203102796Z 64 PC: 134aa | Write file or device (Write 1000 bytes on handle 5)
2018-12-17T23:10:02.213369867Z 87 PC: 134b7 | Get or set file date and time
2018-12-17T23:10:02.214925869Z 62 PC: 134bb | Close file
2018-12-17T23:10:02.220389776Z 67 PC: 134cb | Get or set file attributes
2018-12-17T23:10:02.230201772Z 79 PC: 134f6 | Find next file
2018-12-17T23:10:02.233571626Z 67 PC: 13441 | Get or set file attributes
2018-12-17T23:10:02.241045744Z 67 PC: 1344d | Get or set file attributes
2018-12-17T23:10:02.25337206Z 61 PC: 13452 | Open file (Filename = 'PAH.COM')
2018-12-17T23:10:02.261166951Z 87 PC: 13459 | Get or set file date and time
2018-12-17T23:10:02.263198029Z 63 PC: 1346d | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:10:02.271732018Z 66 PC: 13489 | Move file pointer
2018-12-17T23:10:02.273822272Z 64 PC: 13492 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:10:02.277072794Z 66 PC: 1349e | Move file pointer
2018-12-17T23:10:02.279789923Z 64 PC: 134aa | Write file or device (Write 1000 bytes on handle 5)
2018-12-17T23:10:02.289798983Z 87 PC: 134b7 | Get or set file date and time
2018-12-17T23:10:02.291903638Z 62 PC: 134bb | Close file
2018-12-17T23:10:02.301760052Z 67 PC: 134cb | Get or set file attributes
2018-12-17T23:10:02.313892834Z 79 PC: 134f6 | Find next file
2018-12-17T23:10:02.317301754Z 67 PC: 13441 | Get or set file attributes
2018-12-17T23:10:02.324058936Z 67 PC: 1344d | Get or set file attributes
2018-12-17T23:10:02.336507035Z 61 PC: 13452 | Open file (Filename = 'TEST.COM')
2018-12-17T23:10:02.344271859Z 87 PC: 13459 | Get or set file date and time
2018-12-17T23:10:02.34631248Z 63 PC: 1346d | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:10:02.355105978Z 87 PC: 134b7 | Get or set file date and time
2018-12-17T23:10:02.357251391Z 62 PC: 134bb | Close file
2018-12-17T23:10:02.365597313Z 67 PC: 134cb | Get or set file attributes
2018-12-17T23:10:02.378308553Z 79 PC: 134f6 | Find next file
2018-12-17T23:10:02.381943357Z 78 PC: 1356b | Find first file
2018-12-17T23:10:02.388831475Z 78 PC: 1356b | Find first file
2018-12-17T23:10:02.396476853Z 42 PC: 13505 | Get date 0x13505: cmp dl, 0x16
0x13508: jne 0x13512
0x1350a: cmp dh, 6
0x1350d: jne 0x13512
0x1350f: call 0x135d5
0x13512: call 0x1351d
0x13515: pop bx
0x13516: jmp bx
0x13518: pop bx
0x13519: push di
0x1351a: push dx
0x1351b: jmp bx
0x1351d: pop bx
0x1351e: pop dx
0x1351f: pop di
0x13520: jmp bx
0x13522: push si
0x13523: push dx
0x13524: push cx
0x13525: mov si, di
2018-12-17T23:10:02.399759684Z 78 PC: 135b4 | Find first file
2018-12-17T23:10:02.406426556Z 26 PC: 13426 | Set disk transfer address
2018-12-17T23:10:02.408060739Z 61 PC: 12a72 | Open file (Filename = 'CATCHER.COM')
2018-12-17T23:10:02.416278832Z 63 PC: 12a7f | Read file or device (Read 256 bytes on handle 2)

{"DateBased":true,"Day":22,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16726,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:53:38.104648166Z 48 PC: 133ef | Get DOS version
2018-12-25T12:53:38.106033054Z 47 PC: 133fb | Get disk transfer address
2018-12-25T12:53:38.107118268Z 26 PC: 13409 | Set disk transfer address
2018-12-25T12:53:38.108406208Z 78 PC: 134d7 | Find first file
2018-12-25T12:53:38.115436632Z 47 PC: 134e0 | Get disk transfer address
2018-12-25T12:53:38.116963442Z 67 PC: 13441 | Get or set file attributes
2018-12-25T12:53:38.122331694Z 67 PC: 1344d | Get or set file attributes
2018-12-25T12:53:38.140226886Z 61 PC: 13452 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:53:38.152689352Z 87 PC: 13459 | Get or set file date and time
2018-12-25T12:53:38.154296553Z 63 PC: 1346d | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:53:38.160531894Z 66 PC: 13489 | Move file pointer
2018-12-25T12:53:38.162394815Z 64 PC: 13492 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:53:38.164887684Z 66 PC: 1349e | Move file pointer
2018-12-25T12:53:38.166125777Z 64 PC: 134aa | Write file or device (Write 1000 bytes on handle 5)
2018-12-25T12:53:38.175437897Z 87 PC: 134b7 | Get or set file date and time
2018-12-25T12:53:38.176822663Z 62 PC: 134bb | Close file
2018-12-25T12:53:38.184938263Z 67 PC: 134cb | Get or set file attributes
2018-12-25T12:53:38.195257182Z 79 PC: 134f6 | Find next file
2018-12-25T12:53:38.19775142Z 67 PC: 13441 | Get or set file attributes (See above)
2018-12-25T12:53:38.203014057Z 67 PC: 1344d | Get or set file attributes (See above)
2018-12-25T12:53:38.212768348Z 61 PC: 13452 | Open file (See above)
2018-12-25T12:53:38.224300378Z 87 PC: 13459 | Get or set file date and time (See above)
2018-12-25T12:53:38.225520925Z 63 PC: 1346d | Read file or device (See above)
2018-12-25T12:53:38.232229538Z 66 PC: 13489 | Move file pointer (See above)
2018-12-25T12:53:38.233572731Z 64 PC: 13492 | Write file or device (See above)
2018-12-25T12:53:38.236194546Z 66 PC: 1349e | Move file pointer (See above)
2018-12-25T12:53:38.23806357Z 64 PC: 134aa | Write file or device (See above)
2018-12-25T12:53:38.246438074Z 87 PC: 134b7 | Get or set file date and time (See above)
2018-12-25T12:53:38.248197231Z 62 PC: 134bb | Close file (See above)
2018-12-25T12:53:38.25628454Z 67 PC: 134cb | Get or set file attributes (See above)
2018-12-25T12:53:38.262683677Z 79 PC: 134f6 | Find next file (See above)
2018-12-25T12:53:38.264452819Z 67 PC: 13441 | Get or set file attributes (See above)
2018-12-25T12:53:38.268953995Z 67 PC: 1344d | Get or set file attributes (See above)
2018-12-25T12:53:38.279261227Z 61 PC: 13452 | Open file (See above)
2018-12-25T12:53:38.286954045Z 87 PC: 13459 | Get or set file date and time (See above)
2018-12-25T12:53:38.289055349Z 63 PC: 1346d | Read file or device (See above)
2018-12-25T12:53:38.295438246Z 66 PC: 13489 | Move file pointer (See above)
2018-12-25T12:53:38.29672915Z 64 PC: 13492 | Write file or device (See above)
2018-12-25T12:53:38.299791464Z 66 PC: 1349e | Move file pointer (See above)
2018-12-25T12:53:38.301170517Z 64 PC: 134aa | Write file or device (See above)
2018-12-25T12:53:38.308846714Z 87 PC: 134b7 | Get or set file date and time (See above)
2018-12-25T12:53:38.310764756Z 62 PC: 134bb | Close file (See above)
2018-12-25T12:53:38.318464612Z 67 PC: 134cb | Get or set file attributes (See above)
2018-12-25T12:53:38.328080877Z 79 PC: 134f6 | Find next file (See above)
2018-12-25T12:53:38.331575395Z 67 PC: 13441 | Get or set file attributes (See above)
2018-12-25T12:53:38.3371634Z 67 PC: 1344d | Get or set file attributes (See above)
2018-12-25T12:53:38.346826511Z 61 PC: 13452 | Open file (See above)
2018-12-25T12:53:38.354125071Z 87 PC: 13459 | Get or set file date and time (See above)
2018-12-25T12:53:38.355405918Z 63 PC: 1346d | Read file or device (See above)
2018-12-25T12:53:38.361986285Z 66 PC: 13489 | Move file pointer (See above)
2018-12-25T12:53:38.364311268Z 64 PC: 13492 | Write file or device (See above)
2018-12-25T12:53:38.367042613Z 66 PC: 1349e | Move file pointer (See above)
2018-12-25T12:53:38.368367295Z 64 PC: 134aa | Write file or device (See above)
2018-12-25T12:53:38.377105725Z 87 PC: 134b7 | Get or set file date and time (See above)
2018-12-25T12:53:38.378488404Z 62 PC: 134bb | Close file (See above)
2018-12-25T12:53:38.385922546Z 67 PC: 134cb | Get or set file attributes (See above)
2018-12-25T12:53:38.396243521Z 79 PC: 134f6 | Find next file (See above)
2018-12-25T12:53:38.398947476Z 67 PC: 13441 | Get or set file attributes (See above)
2018-12-25T12:53:38.404377302Z 67 PC: 1344d | Get or set file attributes (See above)
2018-12-25T12:53:38.414919353Z 61 PC: 13452 | Open file (See above)
2018-12-25T12:53:38.42182633Z 87 PC: 13459 | Get or set file date and time (See above)
2018-12-25T12:53:38.423136817Z 63 PC: 1346d | Read file or device (See above)
2018-12-25T12:53:38.429699259Z 66 PC: 13489 | Move file pointer (See above)
2018-12-25T12:53:38.430954057Z 64 PC: 13492 | Write file or device (See above)
2018-12-25T12:53:38.433373973Z 66 PC: 1349e | Move file pointer (See above)
2018-12-25T12:53:38.434776231Z 64 PC: 134aa | Write file or device (See above)
2018-12-25T12:53:38.443771762Z 87 PC: 134b7 | Get or set file date and time (See above)
2018-12-25T12:53:38.445621259Z 62 PC: 134bb | Close file (See above)
2018-12-25T12:53:38.453169178Z 67 PC: 134cb | Get or set file attributes (See above)
2018-12-25T12:53:38.46423119Z 79 PC: 134f6 | Find next file (See above)
2018-12-25T12:53:38.470998846Z 67 PC: 13441 | Get or set file attributes (See above)
2018-12-25T12:53:38.477101538Z 67 PC: 1344d | Get or set file attributes (See above)
2018-12-25T12:53:38.488303532Z 61 PC: 13452 | Open file (See above)
2018-12-25T12:53:38.495072568Z 87 PC: 13459 | Get or set file date and time (See above)
2018-12-25T12:53:38.496564191Z 63 PC: 1346d | Read file or device (See above)
2018-12-25T12:53:38.504199306Z 66 PC: 13489 | Move file pointer (See above)
2018-12-25T12:53:38.505513576Z 64 PC: 13492 | Write file or device (See above)
2018-12-25T12:53:38.508148535Z 66 PC: 1349e | Move file pointer (See above)
2018-12-25T12:53:38.510998386Z 64 PC: 134aa | Write file or device (See above)
2018-12-25T12:53:38.520071829Z 87 PC: 134b7 | Get or set file date and time (See above)
2018-12-25T12:53:38.521551118Z 62 PC: 134bb | Close file (See above)
2018-12-25T12:53:38.530065561Z 67 PC: 134cb | Get or set file attributes (See above)
2018-12-25T12:53:38.539690384Z 79 PC: 134f6 | Find next file (See above)
2018-12-25T12:53:38.54214155Z 67 PC: 13441 | Get or set file attributes (See above)
2018-12-25T12:53:38.549238248Z 67 PC: 1344d | Get or set file attributes (See above)
2018-12-25T12:53:38.558989594Z 61 PC: 13452 | Open file (See above)
2018-12-25T12:53:38.565347081Z 87 PC: 13459 | Get or set file date and time (See above)
2018-12-25T12:53:38.567697811Z 63 PC: 1346d | Read file or device (See above)
2018-12-25T12:53:38.573817668Z 66 PC: 13489 | Move file pointer (See above)
2018-12-25T12:53:38.575033428Z 64 PC: 13492 | Write file or device (See above)
2018-12-25T12:53:38.578116964Z 66 PC: 1349e | Move file pointer (See above)
2018-12-25T12:53:38.579928374Z 64 PC: 134aa | Write file or device (See above)
2018-12-25T12:53:38.588292716Z 87 PC: 134b7 | Get or set file date and time (See above)
2018-12-25T12:53:38.590230193Z 62 PC: 134bb | Close file (See above)
2018-12-25T12:53:38.597689238Z 67 PC: 134cb | Get or set file attributes (See above)
2018-12-25T12:53:38.607339214Z 79 PC: 134f6 | Find next file (See above)
2018-12-25T12:53:38.610847813Z 67 PC: 13441 | Get or set file attributes (See above)
2018-12-25T12:53:38.615037176Z 67 PC: 1344d | Get or set file attributes (See above)
2018-12-25T12:53:38.621379314Z 61 PC: 13452 | Open file (See above)
2018-12-25T12:53:38.627589046Z 87 PC: 13459 | Get or set file date and time (See above)
2018-12-25T12:53:38.629604235Z 63 PC: 1346d | Read file or device (See above)
2018-12-25T12:53:38.636616271Z 87 PC: 134b7 | Get or set file date and time (See above)
2018-12-25T12:53:38.638760266Z 62 PC: 134bb | Close file (See above)
2018-12-25T12:53:38.645806968Z 67 PC: 134cb | Get or set file attributes (See above)
2018-12-25T12:53:38.655954507Z 79 PC: 134f6 | Find next file (See above)
2018-12-25T12:53:38.659627298Z 78 PC: 1356b | Find first file
2018-12-25T12:53:38.665898877Z 78 PC: 1356b | Find first file (See above)
2018-12-25T12:53:38.676184007Z 42 PC: 13505 | Get date 0x13505: cmp dl, 0x16
0x13508: jne 0x13512
0x1350a: cmp dh, 6
0x1350d: jne 0x13512
0x1350f: call 0x135d5
0x13512: call 0x1351d
0x13515: pop bx
0x13516: jmp bx
0x13518: pop bx
0x13519: push di
0x1351a: push dx
0x1351b: jmp bx
0x1351d: pop bx
0x1351e: pop dx
0x1351f: pop di
0x13520: jmp bx
0x13522: push si
0x13523: push dx
0x13524: push cx
0x13525: mov si, di
2018-12-25T12:53:38.683917054Z 2 PC: 13744 | Character output (Char = '0d')
2018-12-25T12:53:38.685722174Z 2 PC: 13744 | Character output (See above)
2018-12-25T12:53:38.687675904Z 2 PC: 13744 | Character output (See above)
2018-12-25T12:53:38.690147974Z 2 PC: 13744 | Character output (See above)
2018-12-25T12:53:38.692254154Z 2 PC: 13744 | Character output (See above)
2018-12-25T12:53:38.694219977Z 2 PC: 13744 | Character output (See above)
2018-12-25T12:53:38.696531882Z 2 PC: 13744 | Character output (See above)
2018-12-25T12:53:38.698514812Z 2 PC: 13744 | Character output (See above)
2018-12-25T12:53:38.700543946Z 2 PC: 13744 | Character output (See above)
2018-12-25T12:53:38.702889098Z 2 PC: 13744 | Character output (See above)
2018-12-25T12:53:38.706373794Z 2 PC: 13744 | Character output (See above)
2018-12-25T12:53:38.708343003Z 78 PC: 135ed | Find first file
2018-12-25T12:53:38.714569999Z 78 PC: 135b4 | Find first file
2018-12-25T12:53:38.719974425Z 26 PC: 13426 | Set disk transfer address
2018-12-25T12:53:38.720926085Z 61 PC: 12a72 | Open file (Filename = 'CATCHER.COM')
2018-12-25T12:53:38.729849262Z 63 PC: 12a7f | Read file or device (Read 256 bytes on handle 2)

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16726,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:53:38.185984637Z 48 PC: 133ef | Get DOS version
2018-12-25T12:53:38.187140688Z 47 PC: 133fb | Get disk transfer address
2018-12-25T12:53:38.188740275Z 26 PC: 13409 | Set disk transfer address
2018-12-25T12:53:38.189731185Z 78 PC: 134d7 | Find first file
2018-12-25T12:53:38.195641266Z 47 PC: 134e0 | Get disk transfer address
2018-12-25T12:53:38.197054582Z 67 PC: 13441 | Get or set file attributes
2018-12-25T12:53:38.202279603Z 67 PC: 1344d | Get or set file attributes
2018-12-25T12:53:38.219240496Z 61 PC: 13452 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:53:38.225729021Z 87 PC: 13459 | Get or set file date and time
2018-12-25T12:53:38.237432539Z 63 PC: 1346d | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:53:38.2437798Z 66 PC: 13489 | Move file pointer
2018-12-25T12:53:38.245528695Z 64 PC: 13492 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:53:38.248043595Z 66 PC: 1349e | Move file pointer
2018-12-25T12:53:38.249412453Z 64 PC: 134aa | Write file or device (Write 1000 bytes on handle 5)
2018-12-25T12:53:38.258591023Z 87 PC: 134b7 | Get or set file date and time
2018-12-25T12:53:38.260015365Z 62 PC: 134bb | Close file
2018-12-25T12:53:38.267667208Z 67 PC: 134cb | Get or set file attributes
2018-12-25T12:53:38.278351779Z 79 PC: 134f6 | Find next file
2018-12-25T12:53:38.281937486Z 67 PC: 13441 | Get or set file attributes (See above)
2018-12-25T12:53:38.287720972Z 67 PC: 1344d | Get or set file attributes (See above)
2018-12-25T12:53:38.297304986Z 61 PC: 13452 | Open file (See above)
2018-12-25T12:53:38.304217013Z 87 PC: 13459 | Get or set file date and time (See above)
2018-12-25T12:53:38.30548643Z 63 PC: 1346d | Read file or device (See above)
2018-12-25T12:53:38.31171304Z 66 PC: 13489 | Move file pointer (See above)
2018-12-25T12:53:38.313485531Z 64 PC: 13492 | Write file or device (See above)
2018-12-25T12:53:38.316282036Z 66 PC: 1349e | Move file pointer (See above)
2018-12-25T12:53:38.317946167Z 64 PC: 134aa | Write file or device (See above)
2018-12-25T12:53:38.331954613Z 87 PC: 134b7 | Get or set file date and time (See above)
2018-12-25T12:53:38.333526997Z 62 PC: 134bb | Close file (See above)
2018-12-25T12:53:38.341110535Z 67 PC: 134cb | Get or set file attributes (See above)
2018-12-25T12:53:38.3480357Z 79 PC: 134f6 | Find next file (See above)
2018-12-25T12:53:38.3515291Z 67 PC: 13441 | Get or set file attributes (See above)
2018-12-25T12:53:38.357147445Z 67 PC: 1344d | Get or set file attributes (See above)
2018-12-25T12:53:38.367700803Z 61 PC: 13452 | Open file (See above)
2018-12-25T12:53:38.37459065Z 87 PC: 13459 | Get or set file date and time (See above)
2018-12-25T12:53:38.376231339Z 63 PC: 1346d | Read file or device (See above)
2018-12-25T12:53:38.38307492Z 66 PC: 13489 | Move file pointer (See above)
2018-12-25T12:53:38.384414269Z 64 PC: 13492 | Write file or device (See above)
2018-12-25T12:53:38.386988104Z 66 PC: 1349e | Move file pointer (See above)
2018-12-25T12:53:38.388890775Z 64 PC: 134aa | Write file or device (See above)
2018-12-25T12:53:38.397097604Z 87 PC: 134b7 | Get or set file date and time (See above)
2018-12-25T12:53:38.39856699Z 62 PC: 134bb | Close file (See above)
2018-12-25T12:53:38.406569918Z 67 PC: 134cb | Get or set file attributes (See above)
2018-12-25T12:53:38.416453107Z 79 PC: 134f6 | Find next file (See above)
2018-12-25T12:53:38.419033964Z 67 PC: 13441 | Get or set file attributes (See above)
2018-12-25T12:53:38.425080662Z 67 PC: 1344d | Get or set file attributes (See above)
2018-12-25T12:53:38.434556608Z 61 PC: 13452 | Open file (See above)
2018-12-25T12:53:38.440903813Z 87 PC: 13459 | Get or set file date and time (See above)
2018-12-25T12:53:38.442903511Z 63 PC: 1346d | Read file or device (See above)
2018-12-25T12:53:38.447381528Z 66 PC: 13489 | Move file pointer (See above)
2018-12-25T12:53:38.448847308Z 64 PC: 13492 | Write file or device (See above)
2018-12-25T12:53:38.451875308Z 66 PC: 1349e | Move file pointer (See above)
2018-12-25T12:53:38.453152384Z 64 PC: 134aa | Write file or device (See above)
2018-12-25T12:53:38.461319718Z 87 PC: 134b7 | Get or set file date and time (See above)
2018-12-25T12:53:38.46329708Z 62 PC: 134bb | Close file (See above)
2018-12-25T12:53:38.47076744Z 67 PC: 134cb | Get or set file attributes (See above)
2018-12-25T12:53:38.483131331Z 79 PC: 134f6 | Find next file (See above)
2018-12-25T12:53:38.486465975Z 67 PC: 13441 | Get or set file attributes (See above)
2018-12-25T12:53:38.492222226Z 67 PC: 1344d | Get or set file attributes (See above)
2018-12-25T12:53:38.501997443Z 61 PC: 13452 | Open file (See above)
2018-12-25T12:53:38.509462637Z 87 PC: 13459 | Get or set file date and time (See above)
2018-12-25T12:53:38.51089838Z 63 PC: 1346d | Read file or device (See above)
2018-12-25T12:53:38.516957996Z 66 PC: 13489 | Move file pointer (See above)
2018-12-25T12:53:38.518877387Z 64 PC: 13492 | Write file or device (See above)
2018-12-25T12:53:38.521268841Z 66 PC: 1349e | Move file pointer (See above)
2018-12-25T12:53:38.522509753Z 64 PC: 134aa | Write file or device (See above)
2018-12-25T12:53:38.531289486Z 87 PC: 134b7 | Get or set file date and time (See above)
2018-12-25T12:53:38.532746688Z 62 PC: 134bb | Close file (See above)
2018-12-25T12:53:38.539959052Z 67 PC: 134cb | Get or set file attributes (See above)
2018-12-25T12:53:38.553324318Z 79 PC: 134f6 | Find next file (See above)
2018-12-25T12:53:38.556185032Z 67 PC: 13441 | Get or set file attributes (See above)
2018-12-25T12:53:38.562052151Z 67 PC: 1344d | Get or set file attributes (See above)
2018-12-25T12:53:38.572060084Z 61 PC: 13452 | Open file (See above)
2018-12-25T12:53:38.579128634Z 87 PC: 13459 | Get or set file date and time (See above)
2018-12-25T12:53:38.580757381Z 63 PC: 1346d | Read file or device (See above)
2018-12-25T12:53:38.587327597Z 66 PC: 13489 | Move file pointer (See above)
2018-12-25T12:53:38.588797135Z 64 PC: 13492 | Write file or device (See above)
2018-12-25T12:53:38.5910593Z 66 PC: 1349e | Move file pointer (See above)
2018-12-25T12:53:38.592310053Z 64 PC: 134aa | Write file or device (See above)
2018-12-25T12:53:38.598389248Z 87 PC: 134b7 | Get or set file date and time (See above)
2018-12-25T12:53:38.599874279Z 62 PC: 134bb | Close file (See above)
2018-12-25T12:53:38.60524704Z 67 PC: 134cb | Get or set file attributes (See above)
2018-12-25T12:53:38.623212295Z 79 PC: 134f6 | Find next file (See above)
2018-12-25T12:53:38.626173829Z 67 PC: 13441 | Get or set file attributes (See above)
2018-12-25T12:53:38.631803832Z 67 PC: 1344d | Get or set file attributes (See above)
2018-12-25T12:53:38.641720033Z 61 PC: 13452 | Open file (See above)
2018-12-25T12:53:38.6484768Z 87 PC: 13459 | Get or set file date and time (See above)
2018-12-25T12:53:38.650013142Z 63 PC: 1346d | Read file or device (See above)
2018-12-25T12:53:38.657390317Z 66 PC: 13489 | Move file pointer (See above)
2018-12-25T12:53:38.658981114Z 64 PC: 13492 | Write file or device (See above)
2018-12-25T12:53:38.66174681Z 66 PC: 1349e | Move file pointer (See above)
2018-12-25T12:53:38.663259679Z 64 PC: 134aa | Write file or device (See above)
2018-12-25T12:53:38.671080765Z 87 PC: 134b7 | Get or set file date and time (See above)
2018-12-25T12:53:38.672538516Z 62 PC: 134bb | Close file (See above)
2018-12-25T12:53:38.680664451Z 67 PC: 134cb | Get or set file attributes (See above)
2018-12-25T12:53:38.689229523Z 79 PC: 134f6 | Find next file (See above)
2018-12-25T12:53:38.691399178Z 67 PC: 13441 | Get or set file attributes (See above)
2018-12-25T12:53:38.695684462Z 67 PC: 1344d | Get or set file attributes (See above)
2018-12-25T12:53:38.703092989Z 61 PC: 13452 | Open file (See above)
2018-12-25T12:53:38.707791696Z 87 PC: 13459 | Get or set file date and time (See above)
2018-12-25T12:53:38.709444881Z 63 PC: 1346d | Read file or device (See above)
2018-12-25T12:53:38.713759095Z 87 PC: 134b7 | Get or set file date and time (See above)
2018-12-25T12:53:38.714912407Z 62 PC: 134bb | Close file (See above)
2018-12-25T12:53:38.723097614Z 67 PC: 134cb | Get or set file attributes (See above)
2018-12-25T12:53:38.731052408Z 79 PC: 134f6 | Find next file (See above)
2018-12-25T12:53:38.733259616Z 78 PC: 1356b | Find first file
2018-12-25T12:53:38.74451669Z 78 PC: 1356b | Find first file (See above)
2018-12-25T12:53:38.749985971Z 42 PC: 13505 | Get date 0x13505: cmp dl, 0x16
0x13508: jne 0x13512
0x1350a: cmp dh, 6
0x1350d: jne 0x13512
0x1350f: call 0x135d5
0x13512: call 0x1351d
0x13515: pop bx
0x13516: jmp bx
0x13518: pop bx
0x13519: push di
0x1351a: push dx
0x1351b: jmp bx
0x1351d: pop bx
0x1351e: pop dx
0x1351f: pop di
0x13520: jmp bx
0x13522: push si
0x13523: push dx
0x13524: push cx
0x13525: mov si, di
2018-12-25T12:53:38.752060689Z 78 PC: 135b4 | Find first file
2018-12-25T12:53:38.757885731Z 26 PC: 13426 | Set disk transfer address
2018-12-25T12:53:38.758675355Z 61 PC: 12a72 | Open file (Filename = 'CATCHER.COM')
2018-12-25T12:53:38.762782672Z 63 PC: 12a7f | Read file or device (Read 256 bytes on handle 2)

{"DateBased":true,"Day":22,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16726,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:53:38.205332093Z 48 PC: 133ef | Get DOS version
2018-12-25T12:53:38.206921355Z 47 PC: 133fb | Get disk transfer address
2018-12-25T12:53:38.207948497Z 26 PC: 13409 | Set disk transfer address
2018-12-25T12:53:38.208911963Z 78 PC: 134d7 | Find first file
2018-12-25T12:53:38.212979279Z 47 PC: 134e0 | Get disk transfer address
2018-12-25T12:53:38.225142531Z 67 PC: 13441 | Get or set file attributes
2018-12-25T12:53:38.231632273Z 67 PC: 1344d | Get or set file attributes
2018-12-25T12:53:38.2495685Z 61 PC: 13452 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:53:38.257654023Z 87 PC: 13459 | Get or set file date and time
2018-12-25T12:53:38.259405744Z 63 PC: 1346d | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:53:38.267228559Z 66 PC: 13489 | Move file pointer
2018-12-25T12:53:38.270209234Z 64 PC: 13492 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:53:38.273184756Z 66 PC: 1349e | Move file pointer
2018-12-25T12:53:38.274906419Z 64 PC: 134aa | Write file or device (Write 1000 bytes on handle 5)
2018-12-25T12:53:38.288303375Z 87 PC: 134b7 | Get or set file date and time
2018-12-25T12:53:38.290111211Z 62 PC: 134bb | Close file
2018-12-25T12:53:38.29912304Z 67 PC: 134cb | Get or set file attributes
2018-12-25T12:53:38.310869398Z 79 PC: 134f6 | Find next file
2018-12-25T12:53:38.314089269Z 67 PC: 13441 | Get or set file attributes (See above)
2018-12-25T12:53:38.321291319Z 67 PC: 1344d | Get or set file attributes (See above)
2018-12-25T12:53:38.333236463Z 61 PC: 13452 | Open file (See above)
2018-12-25T12:53:38.347474597Z 87 PC: 13459 | Get or set file date and time (See above)
2018-12-25T12:53:38.349655117Z 63 PC: 1346d | Read file or device (See above)
2018-12-25T12:53:38.357296288Z 66 PC: 13489 | Move file pointer (See above)
2018-12-25T12:53:38.360473491Z 64 PC: 13492 | Write file or device (See above)
2018-12-25T12:53:38.363826755Z 66 PC: 1349e | Move file pointer (See above)
2018-12-25T12:53:38.36579652Z 64 PC: 134aa | Write file or device (See above)
2018-12-25T12:53:38.382467794Z 87 PC: 134b7 | Get or set file date and time (See above)
2018-12-25T12:53:38.384131469Z 62 PC: 134bb | Close file (See above)
2018-12-25T12:53:38.392904169Z 67 PC: 134cb | Get or set file attributes (See above)
2018-12-25T12:53:38.400278432Z 79 PC: 134f6 | Find next file (See above)
2018-12-25T12:53:38.402476117Z 67 PC: 13441 | Get or set file attributes (See above)
2018-12-25T12:53:38.40624138Z 67 PC: 1344d | Get or set file attributes (See above)
2018-12-25T12:53:38.415184069Z 61 PC: 13452 | Open file (See above)
2018-12-25T12:53:38.424355942Z 87 PC: 13459 | Get or set file date and time (See above)
2018-12-25T12:53:38.426419992Z 63 PC: 1346d | Read file or device (See above)
2018-12-25T12:53:38.43403671Z 66 PC: 13489 | Move file pointer (See above)
2018-12-25T12:53:38.444120489Z 64 PC: 13492 | Write file or device (See above)
2018-12-25T12:53:38.446295228Z 66 PC: 1349e | Move file pointer (See above)
2018-12-25T12:53:38.447646721Z 64 PC: 134aa | Write file or device (See above)
2018-12-25T12:53:38.453850069Z 87 PC: 134b7 | Get or set file date and time (See above)
2018-12-25T12:53:38.455088816Z 62 PC: 134bb | Close file (See above)
2018-12-25T12:53:38.460541852Z 67 PC: 134cb | Get or set file attributes (See above)
2018-12-25T12:53:38.467530634Z 79 PC: 134f6 | Find next file (See above)
2018-12-25T12:53:38.469576688Z 67 PC: 13441 | Get or set file attributes (See above)
2018-12-25T12:53:38.473469491Z 67 PC: 1344d | Get or set file attributes (See above)
2018-12-25T12:53:38.481680258Z 61 PC: 13452 | Open file (See above)
2018-12-25T12:53:38.489765783Z 87 PC: 13459 | Get or set file date and time (See above)
2018-12-25T12:53:38.491382496Z 63 PC: 1346d | Read file or device (See above)
2018-12-25T12:53:38.499357913Z 66 PC: 13489 | Move file pointer (See above)
2018-12-25T12:53:38.501411486Z 64 PC: 13492 | Write file or device (See above)
2018-12-25T12:53:38.504231056Z 66 PC: 1349e | Move file pointer (See above)
2018-12-25T12:53:38.50625167Z 64 PC: 134aa | Write file or device (See above)
2018-12-25T12:53:38.515477904Z 87 PC: 134b7 | Get or set file date and time (See above)
2018-12-25T12:53:38.517006662Z 62 PC: 134bb | Close file (See above)
2018-12-25T12:53:38.526523577Z 67 PC: 134cb | Get or set file attributes (See above)
2018-12-25T12:53:38.544899383Z 79 PC: 134f6 | Find next file (See above)
2018-12-25T12:53:38.548462597Z 67 PC: 13441 | Get or set file attributes (See above)
2018-12-25T12:53:38.556835986Z 67 PC: 1344d | Get or set file attributes (See above)
2018-12-25T12:53:38.56848102Z 61 PC: 13452 | Open file (See above)
2018-12-25T12:53:38.576349562Z 87 PC: 13459 | Get or set file date and time (See above)
2018-12-25T12:53:38.578330074Z 63 PC: 1346d | Read file or device (See above)
2018-12-25T12:53:38.585506645Z 66 PC: 13489 | Move file pointer (See above)
2018-12-25T12:53:38.586717983Z 64 PC: 13492 | Write file or device (See above)
2018-12-25T12:53:38.588743068Z 66 PC: 1349e | Move file pointer (See above)
2018-12-25T12:53:38.590728654Z 64 PC: 134aa | Write file or device (See above)
2018-12-25T12:53:38.596605067Z 87 PC: 134b7 | Get or set file date and time (See above)
2018-12-25T12:53:38.597887352Z 62 PC: 134bb | Close file (See above)
2018-12-25T12:53:38.606045981Z 67 PC: 134cb | Get or set file attributes (See above)
2018-12-25T12:53:38.620212661Z 79 PC: 134f6 | Find next file (See above)
2018-12-25T12:53:38.623778152Z 67 PC: 13441 | Get or set file attributes (See above)
2018-12-25T12:53:38.631600786Z 67 PC: 1344d | Get or set file attributes (See above)
2018-12-25T12:53:38.643446351Z 61 PC: 13452 | Open file (See above)
2018-12-25T12:53:38.651535409Z 87 PC: 13459 | Get or set file date and time (See above)
2018-12-25T12:53:38.653808799Z 63 PC: 1346d | Read file or device (See above)
2018-12-25T12:53:38.66221263Z 66 PC: 13489 | Move file pointer (See above)
2018-12-25T12:53:38.664785637Z 64 PC: 13492 | Write file or device (See above)
2018-12-25T12:53:38.668332543Z 66 PC: 1349e | Move file pointer (See above)
2018-12-25T12:53:38.671765959Z 64 PC: 134aa | Write file or device (See above)
2018-12-25T12:53:38.681594303Z 87 PC: 134b7 | Get or set file date and time (See above)
2018-12-25T12:53:38.683729847Z 62 PC: 134bb | Close file (See above)
2018-12-25T12:53:38.693740551Z 67 PC: 134cb | Get or set file attributes (See above)
2018-12-25T12:53:38.705241987Z 79 PC: 134f6 | Find next file (See above)
2018-12-25T12:53:38.70855341Z 67 PC: 13441 | Get or set file attributes (See above)
2018-12-25T12:53:38.716462257Z 67 PC: 1344d | Get or set file attributes (See above)
2018-12-25T12:53:38.73222145Z 61 PC: 13452 | Open file (See above)
2018-12-25T12:53:38.74128317Z 87 PC: 13459 | Get or set file date and time (See above)
2018-12-25T12:53:38.743302674Z 63 PC: 1346d | Read file or device (See above)
2018-12-25T12:53:38.752680099Z 66 PC: 13489 | Move file pointer (See above)
2018-12-25T12:53:38.754671816Z 64 PC: 13492 | Write file or device (See above)
2018-12-25T12:53:38.758080369Z 66 PC: 1349e | Move file pointer (See above)
2018-12-25T12:53:38.761292175Z 64 PC: 134aa | Write file or device (See above)
2018-12-25T12:53:38.770829245Z 87 PC: 134b7 | Get or set file date and time (See above)
2018-12-25T12:53:38.773100637Z 62 PC: 134bb | Close file (See above)
2018-12-25T12:53:38.783954756Z 67 PC: 134cb | Get or set file attributes (See above)
2018-12-25T12:53:38.794777855Z 79 PC: 134f6 | Find next file (See above)
2018-12-25T12:53:38.801013788Z 67 PC: 13441 | Get or set file attributes (See above)
2018-12-25T12:53:38.808283261Z 67 PC: 1344d | Get or set file attributes (See above)
2018-12-25T12:53:38.820099975Z 61 PC: 13452 | Open file (See above)
2018-12-25T12:53:38.826585451Z 87 PC: 13459 | Get or set file date and time (See above)
2018-12-25T12:53:38.829435844Z 63 PC: 1346d | Read file or device (See above)
2018-12-25T12:53:38.835756225Z 87 PC: 134b7 | Get or set file date and time (See above)
2018-12-25T12:53:38.841357784Z 62 PC: 134bb | Close file (See above)
2018-12-25T12:53:38.854099094Z 67 PC: 134cb | Get or set file attributes (See above)
2018-12-25T12:53:38.870743891Z 79 PC: 134f6 | Find next file (See above)
2018-12-25T12:53:38.874491785Z 78 PC: 1356b | Find first file
2018-12-25T12:53:38.882167695Z 78 PC: 1356b | Find first file (See above)
2018-12-25T12:53:38.889243021Z 42 PC: 13505 | Get date 0x13505: cmp dl, 0x16
0x13508: jne 0x13512
0x1350a: cmp dh, 6
0x1350d: jne 0x13512
0x1350f: call 0x135d5
0x13512: call 0x1351d
0x13515: pop bx
0x13516: jmp bx
0x13518: pop bx
0x13519: push di
0x1351a: push dx
0x1351b: jmp bx
0x1351d: pop bx
0x1351e: pop dx
0x1351f: pop di
0x13520: jmp bx
0x13522: push si
0x13523: push dx
0x13524: push cx
0x13525: mov si, di
2018-12-25T12:53:38.891828113Z 78 PC: 135b4 | Find first file
2018-12-25T12:53:38.899169024Z 26 PC: 13426 | Set disk transfer address
2018-12-25T12:53:38.90155142Z 61 PC: 12a72 | Open file (Filename = 'CATCHER.COM')
2018-12-25T12:53:38.90988938Z 63 PC: 12a7f | Read file or device (Read 256 bytes on handle 2)