Sample viewer

vx.netlux.org/Virus.DOS.Scorpion.2278

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:15:27.426765236Z 48 PC: 17375 | Get DOS version
2018-12-17T23:15:27.428257218Z 71 PC: 17375 | Get current directory
2018-12-17T23:15:27.430763304Z 26 PC: 17375 | Set disk transfer address
2018-12-17T23:15:27.432143534Z 42 PC: 17375 | Get date 0x17375: ret
0x17376: push es
0x17377: mov ax, 0xf000
0x1737a: mov es, ax
0x1737c: mov di, 0xffc0
0x1737f: mov cx, 0x20
0x17382: xor dx, dx
0x17384: xor ax, ax
0x17386: add ax, word ptr es:[di]
0x17389: adc dx, 0
0x1738c: inc di
0x1738d: inc di
0x1738e: loop 0x17386
0x17390: pop es
0x17391: cmp word ptr [0x8c4], ax
0x17395: jne 0x173b0
0x17397: cmp word ptr [0x8c6], dx
0x1739b: jne 0x173b0
0x1739d: mov ah, 0x2a
0x1739f: call 0x2736f
2018-12-17T23:15:27.434752515Z 67 PC: 17375 | Get or set file attributes
2018-12-17T23:15:27.438181074Z 67 PC: 17375 | Get or set file attributes
2018-12-17T23:15:28.615688249Z 61 PC: 17375 | Open file (Filename = 'XXXXXX�<')
2018-12-17T23:15:28.622990071Z 63 PC: 17375 | Read file or device (Read 27 bytes on handle 5)
2018-12-17T23:15:28.625531111Z 87 PC: 17375 | Get or set file date and time
2018-12-17T23:15:28.627094568Z 66 PC: 17375 | Move file pointer
2018-12-17T23:15:28.629364145Z 63 PC: 17375 | Read file or device (Read 2 bytes on handle 5)
2018-12-17T23:15:28.649539678Z 66 PC: 17375 | Move file pointer
2018-12-17T23:15:28.651937803Z 66 PC: 17375 | Move file pointer
2018-12-17T23:15:28.653868355Z 66 PC: 17375 | Move file pointer
2018-12-17T23:15:28.655648512Z 64 PC: 17375 | Write file or device (Write 1 bytes on handle 5)
2018-12-17T23:15:28.661655316Z 44 PC: 17375 | Get time 0x17375: ret
0x17376: push es
0x17377: mov ax, 0xf000
0x1737a: mov es, ax
0x1737c: mov di, 0xffc0
0x1737f: mov cx, 0x20
0x17382: xor dx, dx
0x17384: xor ax, ax
0x17386: add ax, word ptr es:[di]
0x17389: adc dx, 0
0x1738c: inc di
0x1738d: inc di
0x1738e: loop 0x17386
0x17390: pop es
0x17391: cmp word ptr [0x8c4], ax
0x17395: jne 0x173b0
0x17397: cmp word ptr [0x8c6], dx
0x1739b: jne 0x173b0
0x1739d: mov ah, 0x2a
0x1739f: call 0x2736f
2018-12-17T23:15:28.666642654Z 64 PC: 17375 | Write file or device (Write 2278 bytes on handle 5)
2018-12-17T23:15:28.678273074Z 66 PC: 17375 | Move file pointer
2018-12-17T23:15:28.679628081Z 64 PC: 17375 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:15:28.6825386Z 67 PC: 17375 | Get or set file attributes
2018-12-17T23:15:28.689142772Z 87 PC: 17375 | Get or set file date and time
2018-12-17T23:15:28.690612874Z 62 PC: 17375 | Close file
2018-12-17T23:15:28.708729936Z 67 PC: 17375 | Get or set file attributes
2018-12-17T23:15:28.737695889Z 26 PC: 17375 | Set disk transfer address
2018-12-17T23:15:28.739759988Z 25 PC: 17375 | Get default drive
2018-12-17T23:15:28.741746489Z 78 PC: 17375 | Find first file
2018-12-17T23:15:28.748949572Z 26 PC: 17375 | Set disk transfer address
2018-12-17T23:15:28.765690899Z 26 PC: 17375 | Set disk transfer address
2018-12-17T23:15:28.767901757Z 78 PC: 17375 | Find first file
2018-12-17T23:15:28.776164986Z 79 PC: 17375 | Find next file
2018-12-17T23:15:28.778325561Z 78 PC: 17375 | Find first file
2018-12-17T23:15:28.785576691Z 42 PC: 17375 | Get date 0x17375: ret
0x17376: push es
0x17377: mov ax, 0xf000
0x1737a: mov es, ax
0x1737c: mov di, 0xffc0
0x1737f: mov cx, 0x20
0x17382: xor dx, dx
0x17384: xor ax, ax
0x17386: add ax, word ptr es:[di]
0x17389: adc dx, 0
0x1738c: inc di
0x1738d: inc di
0x1738e: loop 0x17386
0x17390: pop es
0x17391: cmp word ptr [0x8c4], ax
0x17395: jne 0x173b0
0x17397: cmp word ptr [0x8c6], dx
0x1739b: jne 0x173b0
0x1739d: mov ah, 0x2a
0x1739f: call 0x2736f
2018-12-17T23:15:28.789651417Z 67 PC: 17375 | Get or set file attributes
2018-12-17T23:15:28.795931976Z 67 PC: 17375 | Get or set file attributes
2018-12-17T23:15:29.445800493Z 61 PC: 17375 | Open file
2018-12-17T23:15:29.453404911Z 63 PC: 17375 | Read file or device (Read 27 bytes on handle 5)
2018-12-17T23:15:29.47394084Z 87 PC: 17375 | Get or set file date and time
2018-12-17T23:15:29.476367216Z 66 PC: 17375 | Move file pointer
2018-12-17T23:15:29.478495419Z 64 PC: 17375 | Write file or device (Write 9 bytes on handle 5)
2018-12-17T23:15:29.482206398Z 44 PC: 17375 | Get time 0x17375: ret
0x17376: push es
0x17377: mov ax, 0xf000
0x1737a: mov es, ax
0x1737c: mov di, 0xffc0
0x1737f: mov cx, 0x20
0x17382: xor dx, dx
0x17384: xor ax, ax
0x17386: add ax, word ptr es:[di]
0x17389: adc dx, 0
0x1738c: inc di
0x1738d: inc di
0x1738e: loop 0x17386
0x17390: pop es
0x17391: cmp word ptr [0x8c4], ax
0x17395: jne 0x173b0
0x17397: cmp word ptr [0x8c6], dx
0x1739b: jne 0x173b0
0x1739d: mov ah, 0x2a
0x1739f: call 0x2736f
2018-12-17T23:15:29.487230184Z 64 PC: 17375 | Write file or device (Write 2278 bytes on handle 5)
2018-12-17T23:15:29.542367073Z 66 PC: 17375 | Move file pointer
2018-12-17T23:15:29.544180468Z 64 PC: 17375 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:15:29.551470871Z 67 PC: 17375 | Get or set file attributes
2018-12-17T23:15:29.558771428Z 87 PC: 17375 | Get or set file date and time
2018-12-17T23:15:29.563179201Z 62 PC: 17375 | Close file
2018-12-17T23:15:29.605822847Z 67 PC: 17375 | Get or set file attributes
2018-12-17T23:15:29.668578039Z 79 PC: 17375 | Find next file
2018-12-17T23:15:29.673416322Z 42 PC: 17375 | Get date 0x17375: ret
0x17376: push es
0x17377: mov ax, 0xf000
0x1737a: mov es, ax
0x1737c: mov di, 0xffc0
0x1737f: mov cx, 0x20
0x17382: xor dx, dx
0x17384: xor ax, ax
0x17386: add ax, word ptr es:[di]
0x17389: adc dx, 0
0x1738c: inc di
0x1738d: inc di
0x1738e: loop 0x17386
0x17390: pop es
0x17391: cmp word ptr [0x8c4], ax
0x17395: jne 0x173b0
0x17397: cmp word ptr [0x8c6], dx
0x1739b: jne 0x173b0
0x1739d: mov ah, 0x2a
0x1739f: call 0x2736f
2018-12-17T23:15:29.675864242Z 67 PC: 17375 | Get or set file attributes
2018-12-17T23:15:29.686974595Z 67 PC: 17375 | Get or set file attributes
2018-12-17T23:15:29.757381754Z 61 PC: 17375 | Open file
2018-12-17T23:15:29.776025134Z 63 PC: 17375 | Read file or device (Read 27 bytes on handle 5)
2018-12-17T23:15:29.783059492Z 87 PC: 17375 | Get or set file date and time
2018-12-17T23:15:29.785526569Z 66 PC: 17375 | Move file pointer
2018-12-17T23:15:29.787234745Z 64 PC: 17375 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T23:15:29.79029283Z 44 PC: 17375 | Get time 0x17375: ret
0x17376: push es
0x17377: mov ax, 0xf000
0x1737a: mov es, ax
0x1737c: mov di, 0xffc0
0x1737f: mov cx, 0x20
0x17382: xor dx, dx
0x17384: xor ax, ax
0x17386: add ax, word ptr es:[di]
0x17389: adc dx, 0
0x1738c: inc di
0x1738d: inc di
0x1738e: loop 0x17386
0x17390: pop es
0x17391: cmp word ptr [0x8c4], ax
0x17395: jne 0x173b0
0x17397: cmp word ptr [0x8c6], dx
0x1739b: jne 0x173b0
0x1739d: mov ah, 0x2a
0x1739f: call 0x2736f
2018-12-17T23:15:29.796083499Z 64 PC: 17375 | Write file or device (Write 2278 bytes on handle 5)
2018-12-17T23:15:29.857843092Z 66 PC: 17375 | Move file pointer
2018-12-17T23:15:29.859350914Z 64 PC: 17375 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:15:29.867392577Z 67 PC: 17375 | Get or set file attributes
2018-12-17T23:15:29.873511676Z 87 PC: 17375 | Get or set file date and time
2018-12-17T23:15:29.875361118Z 62 PC: 17375 | Close file
2018-12-17T23:15:29.925609246Z 67 PC: 17375 | Get or set file attributes
2018-12-17T23:15:29.986195481Z 79 PC: 17375 | Find next file
2018-12-17T23:15:29.993195975Z 42 PC: 17375 | Get date 0x17375: ret
0x17376: push es
0x17377: mov ax, 0xf000
0x1737a: mov es, ax
0x1737c: mov di, 0xffc0
0x1737f: mov cx, 0x20
0x17382: xor dx, dx
0x17384: xor ax, ax
0x17386: add ax, word ptr es:[di]
0x17389: adc dx, 0
0x1738c: inc di
0x1738d: inc di
0x1738e: loop 0x17386
0x17390: pop es
0x17391: cmp word ptr [0x8c4], ax
0x17395: jne 0x173b0
0x17397: cmp word ptr [0x8c6], dx
0x1739b: jne 0x173b0
0x1739d: mov ah, 0x2a
0x1739f: call 0x2736f
2018-12-17T23:15:29.998176109Z 67 PC: 17375 | Get or set file attributes
2018-12-17T23:15:30.006661087Z 67 PC: 17375 | Get or set file attributes
2018-12-17T23:15:30.068925454Z 61 PC: 17375 | Open file
2018-12-17T23:15:30.077927958Z 63 PC: 17375 | Read file or device (Read 27 bytes on handle 5)
2018-12-17T23:15:30.086443739Z 87 PC: 17375 | Get or set file date and time
2018-12-17T23:15:30.088431675Z 66 PC: 17375 | Move file pointer
2018-12-17T23:15:30.091232022Z 64 PC: 17375 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T23:15:30.09490735Z 44 PC: 17375 | Get time 0x17375: ret
0x17376: push es
0x17377: mov ax, 0xf000
0x1737a: mov es, ax
0x1737c: mov di, 0xffc0
0x1737f: mov cx, 0x20
0x17382: xor dx, dx
0x17384: xor ax, ax
0x17386: add ax, word ptr es:[di]
0x17389: adc dx, 0
0x1738c: inc di
0x1738d: inc di
0x1738e: loop 0x17386
0x17390: pop es
0x17391: cmp word ptr [0x8c4], ax
0x17395: jne 0x173b0
0x17397: cmp word ptr [0x8c6], dx
0x1739b: jne 0x173b0
0x1739d: mov ah, 0x2a
0x1739f: call 0x2736f
2018-12-17T23:15:30.100978879Z 64 PC: 17375 | Write file or device (Write 2278 bytes on handle 5)
2018-12-17T23:15:30.172498306Z 66 PC: 17375 | Move file pointer
2018-12-17T23:15:30.175705444Z 64 PC: 17375 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:15:30.182603906Z 67 PC: 17375 | Get or set file attributes
2018-12-17T23:15:30.189226305Z 87 PC: 17375 | Get or set file date and time
2018-12-17T23:15:30.192673167Z 62 PC: 17375 | Close file
2018-12-17T23:15:30.251814017Z 67 PC: 17375 | Get or set file attributes
2018-12-17T23:15:30.361356233Z 79 PC: 17375 | Find next file
2018-12-17T23:15:30.366263133Z 42 PC: 17375 | Get date 0x17375: ret
0x17376: push es
0x17377: mov ax, 0xf000
0x1737a: mov es, ax
0x1737c: mov di, 0xffc0
0x1737f: mov cx, 0x20
0x17382: xor dx, dx
0x17384: xor ax, ax
0x17386: add ax, word ptr es:[di]
0x17389: adc dx, 0
0x1738c: inc di
0x1738d: inc di
0x1738e: loop 0x17386
0x17390: pop es
0x17391: cmp word ptr [0x8c4], ax
0x17395: jne 0x173b0
0x17397: cmp word ptr [0x8c6], dx
0x1739b: jne 0x173b0
0x1739d: mov ah, 0x2a
0x1739f: call 0x2736f
2018-12-17T23:15:30.368807132Z 67 PC: 17375 | Get or set file attributes
2018-12-17T23:15:30.375252436Z 67 PC: 17375 | Get or set file attributes
2018-12-17T23:15:30.47545481Z 61 PC: 17375 | Open file
2018-12-17T23:15:30.482347286Z 63 PC: 17375 | Read file or device (Read 27 bytes on handle 5)
2018-12-17T23:15:30.488889224Z 87 PC: 17375 | Get or set file date and time
2018-12-17T23:15:30.491748322Z 66 PC: 17375 | Move file pointer
2018-12-17T23:15:30.49365044Z 64 PC: 17375 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:15:30.49667592Z 44 PC: 17375 | Get time 0x17375: ret
0x17376: push es
0x17377: mov ax, 0xf000
0x1737a: mov es, ax
0x1737c: mov di, 0xffc0
0x1737f: mov cx, 0x20
0x17382: xor dx, dx
0x17384: xor ax, ax
0x17386: add ax, word ptr es:[di]
0x17389: adc dx, 0
0x1738c: inc di
0x1738d: inc di
0x1738e: loop 0x17386
0x17390: pop es
0x17391: cmp word ptr [0x8c4], ax
0x17395: jne 0x173b0
0x17397: cmp word ptr [0x8c6], dx
0x1739b: jne 0x173b0
0x1739d: mov ah, 0x2a
0x1739f: call 0x2736f
2018-12-17T23:15:30.502520775Z 64 PC: 17375 | Write file or device (Write 2278 bytes on handle 5)
2018-12-17T23:15:30.610718453Z 66 PC: 17375 | Move file pointer
2018-12-17T23:15:30.612015592Z 64 PC: 17375 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:15:30.619047628Z 67 PC: 17375 | Get or set file attributes
2018-12-17T23:15:30.625538628Z 87 PC: 17375 | Get or set file date and time
2018-12-17T23:15:30.62870334Z 62 PC: 17375 | Close file
2018-12-17T23:15:30.754590609Z 67 PC: 17375 | Get or set file attributes
2018-12-17T23:15:30.880484858Z 79 PC: 17375 | Find next file
2018-12-17T23:15:30.884469573Z 42 PC: 17375 | Get date 0x17375: ret
0x17376: push es
0x17377: mov ax, 0xf000
0x1737a: mov es, ax
0x1737c: mov di, 0xffc0
0x1737f: mov cx, 0x20
0x17382: xor dx, dx
0x17384: xor ax, ax
0x17386: add ax, word ptr es:[di]
0x17389: adc dx, 0
0x1738c: inc di
0x1738d: inc di
0x1738e: loop 0x17386
0x17390: pop es
0x17391: cmp word ptr [0x8c4], ax
0x17395: jne 0x173b0
0x17397: cmp word ptr [0x8c6], dx
0x1739b: jne 0x173b0
0x1739d: mov ah, 0x2a
0x1739f: call 0x2736f
2018-12-17T23:15:30.888106336Z 67 PC: 17375 | Get or set file attributes
2018-12-17T23:15:30.894809511Z 67 PC: 17375 | Get or set file attributes
2018-12-17T23:15:31.03442835Z 61 PC: 17375 | Open file
2018-12-17T23:15:31.043572888Z 63 PC: 17375 | Read file or device (Read 27 bytes on handle 5)
2018-12-17T23:15:31.051037988Z 87 PC: 17375 | Get or set file date and time
2018-12-17T23:15:31.053173629Z 66 PC: 17375 | Move file pointer
2018-12-17T23:15:31.056387204Z 64 PC: 17375 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:15:31.059753968Z 44 PC: 17375 | Get time 0x17375: ret
0x17376: push es
0x17377: mov ax, 0xf000
0x1737a: mov es, ax
0x1737c: mov di, 0xffc0
0x1737f: mov cx, 0x20
0x17382: xor dx, dx
0x17384: xor ax, ax
0x17386: add ax, word ptr es:[di]
0x17389: adc dx, 0
0x1738c: inc di
0x1738d: inc di
0x1738e: loop 0x17386
0x17390: pop es
0x17391: cmp word ptr [0x8c4], ax
0x17395: jne 0x173b0
0x17397: cmp word ptr [0x8c6], dx
0x1739b: jne 0x173b0
0x1739d: mov ah, 0x2a
0x1739f: call 0x2736f
2018-12-17T23:15:31.065280495Z 64 PC: 17375 | Write file or device (Write 2278 bytes on handle 5)
2018-12-17T23:15:31.200230441Z 66 PC: 17375 | Move file pointer
2018-12-17T23:15:31.202523158Z 64 PC: 17375 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:15:31.209708197Z 67 PC: 17375 | Get or set file attributes
2018-12-17T23:15:31.227075514Z 87 PC: 17375 | Get or set file date and time
2018-12-17T23:15:31.229361129Z 62 PC: 17375 | Close file
2018-12-17T23:15:31.314140384Z 67 PC: 17375 | Get or set file attributes
2018-12-17T23:15:31.468628213Z 79 PC: 17375 | Find next file
2018-12-17T23:15:31.472890822Z 26 PC: 17375 | Set disk transfer address
2018-12-17T23:15:31.474527269Z 59 PC: 17375 | Change current directory
2018-12-17T23:15:31.476773716Z 26 PC: 17375 | Set disk transfer address
2018-12-17T23:15:31.479974149Z 26 PC: 16872 | Set disk transfer address
2018-12-17T23:15:31.48143017Z 42 PC: 16876 | Get date 0x16876: cmp cx, 0x7c8
0x1687a: jae 0x1687f
0x1687c: jmp 0x1690a
0x1687f: cmp dh, 9
0x16882: jae 0x16887
0x16884: jmp 0x1690a
0x16887: cmp dl, 1
0x1688a: je 0x1688e
0x1688c: jmp 0x1690a
0x1688e: nop
0x1688f: mov al, 2
0x16891: push ax
0x16892: mov cx, 0x80
0x16895: mov dx, word ptr [0x142]
0x16899: push ds
0x1689a: mov bx, 0
0x1689d: mov ds, bx
0x1689f: int 0x26
0x168a1: popf
0x168a2: pop ds
2018-12-17T23:15:31.484112427Z 53 PC: 16912 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:15:31.487196236Z 37 PC: 16928 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:15:31.493706751Z 78 PC: 1693b | Find first file
2018-12-17T23:15:31.500276244Z 67 PC: 16bf3 | Get or set file attributes
2018-12-17T23:15:31.507022617Z 67 PC: 16bf3 | Get or set file attributes
2018-12-17T23:15:31.681550161Z 61 PC: 16a94 | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:15:31.689100115Z 87 PC: 16bbb | Get or set file date and time
2018-12-17T23:15:31.691856292Z 63 PC: 16aa0 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:15:31.694713159Z 66 PC: 16bb1 | Move file pointer
2018-12-17T23:15:31.696464327Z 63 PC: 16aa0 | Read file or device (Read 10 bytes on handle 5)
2018-12-17T23:15:31.700443171Z 66 PC: 16bb1 | Move file pointer
2018-12-17T23:15:31.70216307Z 63 PC: 16aa0 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:15:31.704928433Z 66 PC: 16bb1 | Move file pointer
2018-12-17T23:15:31.707537397Z 62 PC: 16ab2 | Close file
2018-12-17T23:15:31.709980929Z 61 PC: 16a94 | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:15:31.71699802Z 63 PC: 16aa0 | Read file or device (Read 10 bytes on handle 5)
2018-12-17T23:15:31.720861455Z 62 PC: 16ab2 | Close file
2018-12-17T23:15:31.723134653Z 61 PC: 16a94 | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:15:31.730515428Z 64 PC: 16aa9 | Write file or device (Write 10 bytes on handle 5)
2018-12-17T23:15:31.734525902Z 66 PC: 16bb1 | Move file pointer
2018-12-17T23:15:31.736640302Z 64 PC: 16aa9 | Write file or device (Write 13 bytes on handle 5)
2018-12-17T23:15:31.741045015Z 64 PC: 16aa9 | Write file or device (Write 2204 bytes on handle 5)
2018-12-17T23:15:31.875807688Z 87 PC: 16bd5 | Get or set file date and time
2018-12-17T23:15:31.87836083Z 62 PC: 16ab2 | Close file
2018-12-17T23:15:32.057627719Z 67 PC: 16bf3 | Get or set file attributes
2018-12-17T23:15:32.253814508Z 37 PC: 16a76 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:15:32.255468245Z 26 PC: 16a8b | Set disk transfer address
2018-12-17T23:15:32.257077369Z 47 PC: 15bd1 | Get disk transfer address
2018-12-17T23:15:32.258780989Z 26 PC: 15be4 | Set disk transfer address
2018-12-17T23:15:32.261061502Z 78 PC: 15c70 | Find first file
2018-12-17T23:15:32.26735349Z 67 PC: 15cae | Get or set file attributes
2018-12-17T23:15:32.284630472Z 67 PC: 15cc0 | Get or set file attributes
2018-12-17T23:15:32.417035449Z 61 PC: 15ccb | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:15:32.424526034Z 87 PC: 15cd7 | Get or set file date and time
2018-12-17T23:15:32.427965349Z 63 PC: 15cec | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:15:32.431273088Z 66 PC: 15cfe | Move file pointer
2018-12-17T23:15:32.433202613Z 64 PC: 15d22 | Write file or device (Write 2437 bytes on handle 5)
2018-12-17T23:15:32.54191915Z 66 PC: 15d34 | Move file pointer
2018-12-17T23:15:32.543741294Z 64 PC: 15d43 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:15:32.547098905Z 87 PC: 15d56 | Get or set file date and time
2018-12-17T23:15:32.550320145Z 62 PC: 15d5a | Close file
2018-12-17T23:15:32.65302573Z 67 PC: 15d69 | Get or set file attributes
2018-12-17T23:15:32.836193751Z 42 PC: 15d6e | Get date 0x15d6e: cmp cx, 0x7c7
0x15d72: jne 0x15d79
0x15d74: cmp dh, 1
0x15d77: je 0x15d8b
0x15d79: cmp al, 0
0x15d7b: jne 0x15d8b
0x15d7d: mov dx, si
0x15d7f: mov ah, 9
0x15d81: add dx, 0x16
0x15d84: nop
0x15d85: int 0x21
0x15d87: mov ah, 8
0x15d89: int 0x21
0x15d8b: mov dx, word ptr [si]
0x15d8d: nop
0x15d8e: nop
0x15d8f: mov ds, word ptr [si + 2]
0x15d92: nop
0x15d93: mov ah, 0x1a
0x15d95: int 0x21
2018-12-17T23:15:32.839719646Z 26 PC: 15d97 | Set disk transfer address
2018-12-17T23:15:32.846575943Z 13 PC: 12ab4 | Disk reset
2018-12-17T23:15:32.84856157Z 26 PC: 12b69 | Set disk transfer address
2018-12-17T23:15:32.850729356Z 71 PC: 12b7b | Get current directory
2018-12-17T23:15:32.854191007Z 78 PC: 12b84 | Find first file
2018-12-17T23:15:32.863408663Z 67 PC: 12b9e | Get or set file attributes
2018-12-17T23:15:32.995304272Z 61 PC: 12bb0 | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:15:33.002188482Z 63 PC: 12bcf | Read file or device (Read 2660 bytes on handle 5)
2018-12-17T23:15:33.009840347Z 66 PC: 12bf5 | Move file pointer
2018-12-17T23:15:33.012417382Z 66 PC: 12c14 | Move file pointer
2018-12-17T23:15:33.01497598Z 64 PC: 12c30 | Write file or device (Write 2660 bytes on handle 5)
2018-12-17T23:15:33.114749212Z 64 PC: 12c3e | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:15:33.16330046Z 66 PC: 12cbd | Move file pointer
2018-12-17T23:15:33.165459363Z 64 PC: 12ccc | Write file or device (Write 2660 bytes on handle 5)
2018-12-17T23:15:33.265011737Z 87 PC: 12cdb | Get or set file date and time
2018-12-17T23:15:33.267445037Z 62 PC: 12cdf | Close file
2018-12-17T23:15:33.437764836Z 67 PC: 12cef | Get or set file attributes
2018-12-17T23:15:33.568907902Z 79 PC: 12b84 | Find next file
2018-12-17T23:15:33.572819522Z 67 PC: 12b9e | Get or set file attributes
2018-12-17T23:15:33.691461365Z 61 PC: 12bb0 | Open file (Filename = 'PRINT.COM')
2018-12-17T23:15:33.698537539Z 63 PC: 12bcf | Read file or device (Read 2660 bytes on handle 5)
2018-12-17T23:15:33.715935771Z 66 PC: 12bf5 | Move file pointer
2018-12-17T23:15:33.71740804Z 66 PC: 12c14 | Move file pointer
2018-12-17T23:15:33.719163141Z 64 PC: 12c30 | Write file or device (Write 2310 bytes on handle 5)
2018-12-17T23:15:33.82959031Z 64 PC: 12c3e | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:15:33.890252026Z 66 PC: 12cbd | Move file pointer
2018-12-17T23:15:33.892787576Z 64 PC: 12ccc | Write file or device (Write 2660 bytes on handle 5)
2018-12-17T23:15:34.032313662Z 87 PC: 12cdb | Get or set file date and time
2018-12-17T23:15:34.034721327Z 62 PC: 12cdf | Close file
2018-12-17T23:15:34.179825113Z 67 PC: 12cef | Get or set file attributes
2018-12-17T23:15:34.286298956Z 79 PC: 12b84 | Find next file
2018-12-17T23:15:34.289320451Z 67 PC: 12b9e | Get or set file attributes
2018-12-17T23:15:34.45975566Z 61 PC: 12bb0 | Open file (Filename = 'HELLO.COM')
2018-12-17T23:15:34.46694466Z 63 PC: 12bcf | Read file or device (Read 2660 bytes on handle 5)
2018-12-17T23:15:34.477079284Z 66 PC: 12bf5 | Move file pointer
2018-12-17T23:15:34.478806827Z 66 PC: 12c14 | Move file pointer
2018-12-17T23:15:34.481679328Z 64 PC: 12c30 | Write file or device (Write 2374 bytes on handle 5)
2018-12-17T23:15:34.783246344Z 64 PC: 12c3e | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:15:34.888881742Z 66 PC: 12cbd | Move file pointer
2018-12-17T23:15:34.892293267Z 64 PC: 12ccc | Write file or device (Write 2660 bytes on handle 5)
2018-12-17T23:15:35.053292307Z 87 PC: 12cdb | Get or set file date and time
2018-12-17T23:15:35.055236654Z 62 PC: 12cdf | Close file
2018-12-17T23:15:35.174425932Z 67 PC: 12cef | Get or set file attributes
2018-12-17T23:15:35.286235625Z 79 PC: 12b84 | Find next file
2018-12-17T23:15:35.289269414Z 67 PC: 12b9e | Get or set file attributes
2018-12-17T23:15:35.395242034Z 61 PC: 12bb0 | Open file (Filename = 'PHANG.COM')
2018-12-17T23:15:35.402422873Z 63 PC: 12bcf | Read file or device (Read 2660 bytes on handle 5)
2018-12-17T23:15:35.42309485Z 66 PC: 12bf5 | Move file pointer
2018-12-17T23:15:35.425761438Z 66 PC: 12c14 | Move file pointer
2018-12-17T23:15:35.428314854Z 64 PC: 12c30 | Write file or device (Write 2310 bytes on handle 5)
2018-12-17T23:15:35.629680133Z 64 PC: 12c3e | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:15:35.710657117Z 66 PC: 12cbd | Move file pointer
2018-12-17T23:15:35.714034255Z 64 PC: 12ccc | Write file or device (Write 2660 bytes on handle 5)
2018-12-17T23:15:35.909120973Z 87 PC: 12cdb | Get or set file date and time
2018-12-17T23:15:35.911017805Z 62 PC: 12cdf | Close file
2018-12-17T23:15:35.930144409Z 67 PC: 12cef | Get or set file attributes
2018-12-17T23:15:35.966458715Z 79 PC: 12b84 | Find next file
2018-12-17T23:15:35.970321879Z 67 PC: 12b9e | Get or set file attributes
2018-12-17T23:15:35.987122841Z 61 PC: 12bb0 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T23:15:35.994696399Z 63 PC: 12bcf | Read file or device (Read 2660 bytes on handle 5)
2018-12-17T23:15:36.00310555Z 66 PC: 12bf5 | Move file pointer
2018-12-17T23:15:36.00430957Z 66 PC: 12c14 | Move file pointer
2018-12-17T23:15:36.005716149Z 64 PC: 12c30 | Write file or device (Write 2310 bytes on handle 5)
2018-12-17T23:15:36.013892469Z 64 PC: 12c3e | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:15:36.082662664Z 66 PC: 12cbd | Move file pointer
2018-12-17T23:15:36.08426974Z 64 PC: 12ccc | Write file or device (Write 2660 bytes on handle 5)
2018-12-17T23:15:36.110977696Z 87 PC: 12cdb | Get or set file date and time
2018-12-17T23:15:36.114115803Z 62 PC: 12cdf | Close file
2018-12-17T23:15:36.146789791Z 67 PC: 12cef | Get or set file attributes
2018-12-17T23:15:36.173120286Z 78 PC: 12d16 | Find first file
2018-12-17T23:15:36.178875001Z 78 PC: 12d16 | Find first file
2018-12-17T23:15:36.184462206Z 78 PC: 12d16 | Find first file
2018-12-17T23:15:36.195330476Z 78 PC: 12d16 | Find first file
2018-12-17T23:15:36.206392406Z 78 PC: 12d16 | Find first file
2018-12-17T23:15:36.212098221Z 78 PC: 12d16 | Find first file
2018-12-17T23:15:36.218208508Z 78 PC: 12d16 | Find first file
2018-12-17T23:15:36.223679081Z 78 PC: 12d16 | Find first file
2018-12-17T23:15:36.229345272Z 78 PC: 12d16 | Find first file
2018-12-17T23:15:36.239552628Z 59 PC: 12d4b | Change current directory
2018-12-17T23:15:36.247775577Z 42 PC: 12da2 | Get date 0x12da2: cmp dh, 9
0x12da5: jne 0x12dd9
0x12da7: cmp dl, 0xe
0x12daa: jne 0x12dd9
0x12dac: mov al, 2
0x12dae: out 0x21, al
0x12db0: mov ah, 9
0x12db2: mov dx, 0xa4d
0x12db5: int 0x21
0x12db7: mov dx, 0x49a
0x12dba: mov cx, 7
0x12dbd: mov ah, 0x4e
0x12dbf: int 0x21
0x12dc1: jb 0x12dd7
0x12dc3: call 0x12dde
0x12dc6: jb 0x12dd3
0x12dc8: xchg ax, bx
0x12dc9: xor cx, cx
0x12dcb: mov ah, 0x40
0x12dcd: int 0x21
2018-12-17T23:15:36.250105456Z 26 PC: 12d69 | Set disk transfer address
2018-12-17T23:15:36.251469359Z 59 PC: 12d74 | Change current directory
2018-12-17T23:15:36.253662287Z 9 PC: 639 | Display string (String= 'This is a sample! (10.000 bytes)')
2018-12-17T23:15:36.256243644Z 76 PC: 12a56 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1791,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:44:19.403071561Z 48 PC: 17375 | Get DOS version
2018-12-25T11:44:19.40484888Z 71 PC: 17375 | Get current directory (See above)
2018-12-25T11:44:19.407467804Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:19.409078934Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:19.411581041Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:19.416639777Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:19.742110481Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:19.748216018Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:19.75084438Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:19.752327679Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:19.754662701Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:19.767332299Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:19.768715031Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:19.770871025Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:19.772347561Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:19.778428489Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:19.798371372Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:20.083408226Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:20.086169668Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:20.090177293Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.09736388Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:20.099752151Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:20.10637121Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.115980956Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:20.117349434Z 25 PC: 17375 | Get default drive (See above)
2018-12-25T11:44:20.118748218Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:20.124971188Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:20.126674019Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:20.128054482Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:20.137842885Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:20.140276864Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:20.147324921Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:20.150590652Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.156397788Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.172098375Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:20.179793891Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:20.186092942Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:20.187422893Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:20.189263198Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:20.192058166Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:20.196670043Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:20.205792472Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:20.207207859Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:20.213694863Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.219461142Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:20.22097766Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:20.229054907Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.239183565Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:20.242521625Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:20.244559983Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.250772474Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.260158942Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:20.266485064Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:20.273011059Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:20.274648475Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:20.276215727Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:20.279620493Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:20.284641375Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:20.293522746Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:20.295823261Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:20.302052365Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.308014035Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:20.310424752Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:20.317929955Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.327375883Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:20.332227155Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:20.334425137Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.340911014Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.353243975Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:20.365511892Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:20.371971542Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:20.373336715Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:20.374788854Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:20.377359788Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:20.381929716Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:20.390650376Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:20.392066712Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:20.398309631Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.404054044Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:20.405472511Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:20.412914504Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.423487219Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:20.426896004Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:20.429131802Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.435697852Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.445059941Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:20.451591083Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:20.458754973Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:20.460105904Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:20.461461417Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:20.464894864Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:20.469803465Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:20.478444669Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:20.480831942Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:20.487963029Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.493848026Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:20.496109142Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:20.503622216Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.513146135Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:20.516964717Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:20.519151785Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.524655344Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.53501043Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:20.541676323Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:20.547914518Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:20.55021416Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:20.551891405Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:20.554345422Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:20.557508255Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:20.565043101Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:20.566131856Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:20.570301995Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.574655492Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:20.575835551Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:20.580837779Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.587479642Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:20.590028285Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:20.591310025Z 59 PC: 17375 | Change current directory (See above)
2018-12-25T11:44:20.593470614Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:20.594888818Z 26 PC: 16872 | Set disk transfer address
2018-12-25T11:44:20.595828249Z 42 PC: 16876 | Get date 0x16876: cmp cx, 0x7c8
0x1687a: jae 0x1687f
0x1687c: jmp 0x1690a
0x1687f: cmp dh, 9
0x16882: jae 0x16887
0x16884: jmp 0x1690a
0x16887: cmp dl, 1
0x1688a: je 0x1688e
0x1688c: jmp 0x1690a
0x1688e: nop
0x1688f: mov al, 2
0x16891: push ax
0x16892: mov cx, 0x80
0x16895: mov dx, word ptr [0x142]
0x16899: push ds
0x1689a: mov bx, 0
0x1689d: mov ds, bx
0x1689f: int 0x26
0x168a1: popf
0x168a2: pop ds
2018-12-25T11:44:20.59858725Z 53 PC: 16912 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:20.599604519Z 37 PC: 16928 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:20.600595356Z 78 PC: 1693b | Find first file
2018-12-25T11:44:20.608166211Z 67 PC: 16bf3 | Get or set file attributes
2018-12-25T11:44:20.61840235Z 67 PC: 16bf3 | Get or set file attributes (See above)
2018-12-25T11:44:20.626314065Z 61 PC: 16a94 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:20.633392491Z 87 PC: 16bbb | Get or set file date and time
2018-12-25T11:44:20.634683567Z 63 PC: 16aa0 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:44:20.640801871Z 66 PC: 16bb1 | Move file pointer
2018-12-25T11:44:20.642533498Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:20.644878756Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:20.646077941Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:20.648806005Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:20.649977976Z 62 PC: 16ab2 | Close file
2018-12-25T11:44:20.651556381Z 61 PC: 16a94 | Open file (See above)
2018-12-25T11:44:20.658288178Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:20.660643052Z 62 PC: 16ab2 | Close file (See above)
2018-12-25T11:44:20.6624264Z 61 PC: 16a94 | Open file (See above)
2018-12-25T11:44:20.668797911Z 64 PC: 16aa9 | Write file or device (Write 10 bytes on handle 5)
2018-12-25T11:44:20.670754321Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:20.671928966Z 64 PC: 16aa9 | Write file or device (See above)
2018-12-25T11:44:20.67741909Z 64 PC: 16aa9 | Write file or device (See above)
2018-12-25T11:44:20.683156803Z 87 PC: 16bd5 | Get or set file date and time
2018-12-25T11:44:20.684736396Z 62 PC: 16ab2 | Close file (See above)
2018-12-25T11:44:20.69275343Z 67 PC: 16bf3 | Get or set file attributes (See above)
2018-12-25T11:44:20.70241392Z 37 PC: 16a76 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:20.704544353Z 26 PC: 16a8b | Set disk transfer address
2018-12-25T11:44:20.705737107Z 47 PC: 15bd1 | Get disk transfer address
2018-12-25T11:44:20.706752358Z 26 PC: 15be4 | Set disk transfer address
2018-12-25T11:44:20.708775272Z 78 PC: 15c70 | Find first file
2018-12-25T11:44:20.714605085Z 67 PC: 15cae | Get or set file attributes
2018-12-25T11:44:20.720190801Z 67 PC: 15cc0 | Get or set file attributes
2018-12-25T11:44:20.730381784Z 61 PC: 15ccb | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:20.741251532Z 87 PC: 15cd7 | Get or set file date and time
2018-12-25T11:44:20.74272398Z 63 PC: 15cec | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:44:20.749650297Z 66 PC: 15cfe | Move file pointer
2018-12-25T11:44:20.751038027Z 64 PC: 15d22 | Write file or device (Write 2437 bytes on handle 5)
2018-12-25T11:44:20.760800153Z 66 PC: 15d34 | Move file pointer
2018-12-25T11:44:20.763021414Z 64 PC: 15d43 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:44:20.765818833Z 87 PC: 15d56 | Get or set file date and time
2018-12-25T11:44:20.767416955Z 62 PC: 15d5a | Close file
2018-12-25T11:44:20.775629603Z 67 PC: 15d69 | Get or set file attributes
2018-12-25T11:44:20.784987788Z 42 PC: 15d6e | Get date 0x15d6e: cmp cx, 0x7c7
0x15d72: jne 0x15d79
0x15d74: cmp dh, 1
0x15d77: je 0x15d8b
0x15d79: cmp al, 0
0x15d7b: jne 0x15d8b
0x15d7d: mov dx, si
0x15d7f: mov ah, 9
0x15d81: add dx, 0x16
0x15d84: nop
0x15d85: int 0x21
0x15d87: mov ah, 8
0x15d89: int 0x21
0x15d8b: mov dx, word ptr [si]
0x15d8d: nop
0x15d8e: nop
0x15d8f: mov ds, word ptr [si + 2]
0x15d92: nop
0x15d93: mov ah, 0x1a
0x15d95: int 0x21
2018-12-25T11:44:20.787032162Z 26 PC: 15d97 | Set disk transfer address
2018-12-25T11:44:20.837043012Z 13 PC: 12ab4 | Disk reset
2018-12-25T11:44:20.839212961Z 26 PC: 12b69 | Set disk transfer address
2018-12-25T11:44:20.840808214Z 71 PC: 12b7b | Get current directory
2018-12-25T11:44:20.844982228Z 78 PC: 12b84 | Find first file
2018-12-25T11:44:20.854047887Z 67 PC: 12b9e | Get or set file attributes
2018-12-25T11:44:20.863485193Z 61 PC: 12bb0 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:20.870366684Z 63 PC: 12bcf | Read file or device (Read 2660 bytes on handle 5)
2018-12-25T11:44:20.87770894Z 66 PC: 12bf5 | Move file pointer
2018-12-25T11:44:20.879279445Z 66 PC: 12c14 | Move file pointer
2018-12-25T11:44:20.882216269Z 64 PC: 12c30 | Write file or device (Write 2660 bytes on handle 5)
2018-12-25T11:44:20.891601092Z 64 PC: 12c3e | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:44:20.937706624Z 66 PC: 12cbd | Move file pointer
2018-12-25T11:44:20.940338679Z 64 PC: 12ccc | Write file or device (Write 2660 bytes on handle 5)
2018-12-25T11:44:20.948454358Z 87 PC: 12cdb | Get or set file date and time
2018-12-25T11:44:20.950137566Z 62 PC: 12cdf | Close file
2018-12-25T11:44:20.958818851Z 67 PC: 12cef | Get or set file attributes
2018-12-25T11:44:20.968399969Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:20.971099762Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:20.981042642Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:20.987572969Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:20.99507054Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:20.997723454Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:20.99978135Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:21.008702456Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:21.06147304Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:21.063687531Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:21.07221054Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:21.074245962Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:21.081570211Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:21.091269573Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:21.094681056Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:21.104011529Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:21.11066532Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:21.118398463Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:21.119753132Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:21.12162449Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:21.130762035Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:21.179893139Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:21.182140989Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:21.194107961Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:21.195780034Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:21.204026246Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:21.214463937Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:21.217274451Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:21.227197624Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:21.234067442Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:21.241480514Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:21.243644669Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:21.245482508Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:21.254516034Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:21.304439311Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:21.306378793Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:21.315475459Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:21.317967021Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:21.326121567Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:21.335998624Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:21.339614163Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:21.35025548Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:21.357070091Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:21.365454908Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:21.367500697Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:21.369522759Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:21.379445953Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:21.446554924Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:21.44891631Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:21.456006487Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:21.45735319Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:21.462471936Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:21.46932379Z 78 PC: 12d16 | Find first file
2018-12-25T11:44:21.473179387Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:21.476818514Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:21.48397195Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:21.490449688Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:21.494661436Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:21.499038487Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:21.502775428Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:21.506358324Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:21.510505252Z 59 PC: 12d4b | Change current directory
2018-12-25T11:44:21.513305925Z 42 PC: 12da2 | Get date 0x12da2: cmp dh, 9
0x12da5: jne 0x12dd9
0x12da7: cmp dl, 0xe
0x12daa: jne 0x12dd9
0x12dac: mov al, 2
0x12dae: out 0x21, al
0x12db0: mov ah, 9
0x12db2: mov dx, 0xa4d
0x12db5: int 0x21
0x12db7: mov dx, 0x49a
0x12dba: mov cx, 7
0x12dbd: mov ah, 0x4e
0x12dbf: int 0x21
0x12dc1: jb 0x12dd7
0x12dc3: call 0x12dde
0x12dc6: jb 0x12dd3
0x12dc8: xchg ax, bx
0x12dc9: xor cx, cx
0x12dcb: mov ah, 0x40
0x12dcd: int 0x21
2018-12-25T11:44:21.51496117Z 26 PC: 12d69 | Set disk transfer address
2018-12-25T11:44:21.516798058Z 59 PC: 12d74 | Change current directory
2018-12-25T11:44:21.519016051Z 9 PC: 639 | Display string (String= 'This is a sample! (10.000 bytes)')
2018-12-25T11:44:21.521766269Z 76 PC: 12a56 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":2,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1791,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:44:19.734138958Z 48 PC: 17375 | Get DOS version
2018-12-25T11:44:19.736155735Z 71 PC: 17375 | Get current directory (See above)
2018-12-25T11:44:19.739002887Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:19.741034447Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:19.743698857Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:19.749459212Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.08724071Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:20.094261002Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:20.097744628Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:20.099727896Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:20.103850599Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:20.11005917Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:20.111363733Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:20.113551561Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:20.115011379Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:20.121123894Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:20.126161794Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:20.134201363Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:20.135984756Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:20.139362136Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.14570967Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:20.147516579Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:20.155915685Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.165504776Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:20.166761303Z 25 PC: 17375 | Get default drive (See above)
2018-12-25T11:44:20.168589303Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:20.174421054Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:20.175594378Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:20.176850624Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:20.183173056Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:20.185319615Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:20.192400804Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:20.195583626Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.201746034Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.216783566Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:20.223853794Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:20.229829758Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:20.23121451Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:20.233390761Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:20.23648073Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:20.241204415Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:20.25055144Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:20.252281091Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:20.25851216Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.266321256Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:20.269576076Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:20.277441608Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.287312208Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:20.290693273Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:20.292808277Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.299523902Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.308826943Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:20.317448088Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:20.324312097Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:20.325671095Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:20.32704127Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:20.330681883Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:20.335305005Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:20.344415936Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:20.347074224Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:20.353266893Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.358808653Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:20.36087244Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:20.368387614Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.377614122Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:20.382007653Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:20.384155132Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.389441977Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.402205163Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:20.40875135Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:20.414990475Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:20.417388585Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:20.418700766Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:20.421166306Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:20.426626596Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:20.435771748Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:20.43730129Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:20.4447942Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.451639014Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:20.453033459Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:20.461180042Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.471354317Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:20.474658364Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:20.477100043Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.483077335Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.492923982Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:20.49980243Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:20.506699705Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:20.508139436Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:20.509622929Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:20.513221119Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:20.518322954Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:20.526998272Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:20.52895201Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:20.53589683Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.541728981Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:20.543533666Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:20.551100223Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.560620304Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:20.564423439Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:20.566799096Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.572507345Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.584763544Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:20.596117093Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:20.60221581Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:20.60365243Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:20.605230614Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:20.608462125Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:20.614116015Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:20.622661573Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:20.623980996Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:20.63166825Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.637577305Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:20.639379972Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:20.647057382Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:20.65659452Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:20.659043154Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:20.660267776Z 59 PC: 17375 | Change current directory (See above)
2018-12-25T11:44:20.66265956Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:20.664214926Z 26 PC: 16872 | Set disk transfer address
2018-12-25T11:44:20.665867578Z 42 PC: 16876 | Get date 0x16876: cmp cx, 0x7c8
0x1687a: jae 0x1687f
0x1687c: jmp 0x1690a
0x1687f: cmp dh, 9
0x16882: jae 0x16887
0x16884: jmp 0x1690a
0x16887: cmp dl, 1
0x1688a: je 0x1688e
0x1688c: jmp 0x1690a
0x1688e: nop
0x1688f: mov al, 2
0x16891: push ax
0x16892: mov cx, 0x80
0x16895: mov dx, word ptr [0x142]
0x16899: push ds
0x1689a: mov bx, 0
0x1689d: mov ds, bx
0x1689f: int 0x26
0x168a1: popf
0x168a2: pop ds
2018-12-25T11:44:20.668038523Z 53 PC: 16912 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:20.669135956Z 37 PC: 16928 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:20.671015147Z 78 PC: 1693b | Find first file
2018-12-25T11:44:20.6767153Z 67 PC: 16bf3 | Get or set file attributes
2018-12-25T11:44:20.682487624Z 67 PC: 16bf3 | Get or set file attributes (See above)
2018-12-25T11:44:20.692414674Z 61 PC: 16a94 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:20.699191127Z 87 PC: 16bbb | Get or set file date and time
2018-12-25T11:44:20.700584334Z 63 PC: 16aa0 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:44:20.708220934Z 66 PC: 16bb1 | Move file pointer
2018-12-25T11:44:20.709449239Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:20.711944397Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:20.71501054Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:20.717433917Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:20.718735524Z 62 PC: 16ab2 | Close file
2018-12-25T11:44:20.721458889Z 61 PC: 16a94 | Open file (See above)
2018-12-25T11:44:20.727836377Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:20.730130967Z 62 PC: 16ab2 | Close file (See above)
2018-12-25T11:44:20.732850779Z 61 PC: 16a94 | Open file (See above)
2018-12-25T11:44:20.739473182Z 64 PC: 16aa9 | Write file or device (Write 10 bytes on handle 5)
2018-12-25T11:44:20.742344422Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:20.744297763Z 64 PC: 16aa9 | Write file or device (See above)
2018-12-25T11:44:20.751589726Z 64 PC: 16aa9 | Write file or device (See above)
2018-12-25T11:44:20.760206426Z 87 PC: 16bd5 | Get or set file date and time
2018-12-25T11:44:20.762088035Z 62 PC: 16ab2 | Close file (See above)
2018-12-25T11:44:20.769698539Z 67 PC: 16bf3 | Get or set file attributes (See above)
2018-12-25T11:44:20.779381989Z 37 PC: 16a76 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:20.781423838Z 26 PC: 16a8b | Set disk transfer address
2018-12-25T11:44:20.782605158Z 47 PC: 15bd1 | Get disk transfer address
2018-12-25T11:44:20.783850318Z 26 PC: 15be4 | Set disk transfer address
2018-12-25T11:44:20.785731531Z 78 PC: 15c70 | Find first file
2018-12-25T11:44:20.791655768Z 67 PC: 15cae | Get or set file attributes
2018-12-25T11:44:20.798021872Z 67 PC: 15cc0 | Get or set file attributes
2018-12-25T11:44:20.808117412Z 61 PC: 15ccb | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:20.814477611Z 87 PC: 15cd7 | Get or set file date and time
2018-12-25T11:44:20.816223184Z 63 PC: 15cec | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:44:20.818598935Z 66 PC: 15cfe | Move file pointer
2018-12-25T11:44:20.819828366Z 64 PC: 15d22 | Write file or device (Write 2437 bytes on handle 5)
2018-12-25T11:44:20.829468283Z 66 PC: 15d34 | Move file pointer
2018-12-25T11:44:20.830978464Z 64 PC: 15d43 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:44:20.833516151Z 87 PC: 15d56 | Get or set file date and time
2018-12-25T11:44:20.836452267Z 62 PC: 15d5a | Close file
2018-12-25T11:44:20.844086711Z 67 PC: 15d69 | Get or set file attributes
2018-12-25T11:44:20.854182884Z 42 PC: 15d6e | Get date 0x15d6e: cmp cx, 0x7c7
0x15d72: jne 0x15d79
0x15d74: cmp dh, 1
0x15d77: je 0x15d8b
0x15d79: cmp al, 0
0x15d7b: jne 0x15d8b
0x15d7d: mov dx, si
0x15d7f: mov ah, 9
0x15d81: add dx, 0x16
0x15d84: nop
0x15d85: int 0x21
0x15d87: mov ah, 8
0x15d89: int 0x21
0x15d8b: mov dx, word ptr [si]
0x15d8d: nop
0x15d8e: nop
0x15d8f: mov ds, word ptr [si + 2]
0x15d92: nop
0x15d93: mov ah, 0x1a
0x15d95: int 0x21
2018-12-25T11:44:20.857773754Z 26 PC: 15d97 | Set disk transfer address
2018-12-25T11:44:20.88152877Z 13 PC: 12ab4 | Disk reset
2018-12-25T11:44:20.883184378Z 26 PC: 12b69 | Set disk transfer address
2018-12-25T11:44:20.884680379Z 71 PC: 12b7b | Get current directory
2018-12-25T11:44:20.887603906Z 78 PC: 12b84 | Find first file
2018-12-25T11:44:20.896288004Z 67 PC: 12b9e | Get or set file attributes
2018-12-25T11:44:20.906232013Z 61 PC: 12bb0 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:20.913259966Z 63 PC: 12bcf | Read file or device (Read 2660 bytes on handle 5)
2018-12-25T11:44:20.921178047Z 66 PC: 12bf5 | Move file pointer
2018-12-25T11:44:20.923461212Z 66 PC: 12c14 | Move file pointer
2018-12-25T11:44:20.925320904Z 64 PC: 12c30 | Write file or device (Write 2660 bytes on handle 5)
2018-12-25T11:44:20.934908937Z 64 PC: 12c3e | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:44:20.98653611Z 66 PC: 12cbd | Move file pointer
2018-12-25T11:44:20.988936271Z 64 PC: 12ccc | Write file or device (Write 2660 bytes on handle 5)
2018-12-25T11:44:20.996832197Z 87 PC: 12cdb | Get or set file date and time
2018-12-25T11:44:20.998351881Z 62 PC: 12cdf | Close file
2018-12-25T11:44:21.003296336Z 67 PC: 12cef | Get or set file attributes
2018-12-25T11:44:21.009862677Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:21.012085587Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:21.01814782Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:21.022305779Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:21.027321003Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:21.028441079Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:21.029774217Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:21.035505162Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:21.067016711Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:21.068536718Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:21.075648954Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:21.07682721Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:21.082073716Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:21.08857915Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:21.090590909Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:21.097541014Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:21.102136802Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:21.107169927Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:21.108227162Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:21.110690057Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:21.116562845Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:21.14399475Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:21.145257095Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:21.150803469Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:21.152279653Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:21.157425706Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:21.16392142Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:21.167666564Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:21.177831026Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:21.184527095Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:21.192765692Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:21.194671229Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:21.196642195Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:21.205998835Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:21.277970177Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:21.280254456Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:21.289766696Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:21.292583976Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:21.300495826Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:21.311212818Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:21.314171846Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:21.324122656Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:21.3315847Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:21.339059447Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:21.340483193Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:21.343739432Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:21.352102293Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:21.447207495Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:21.4505546Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:21.459290509Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:21.461075763Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:21.469908435Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:21.48062405Z 78 PC: 12d16 | Find first file
2018-12-25T11:44:21.486429231Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:21.492665375Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:21.498534728Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:21.504477407Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:21.516342914Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:21.526969127Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:21.536777457Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:21.542382151Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:21.547945925Z 59 PC: 12d4b | Change current directory
2018-12-25T11:44:21.552013376Z 42 PC: 12da2 | Get date 0x12da2: cmp dh, 9
0x12da5: jne 0x12dd9
0x12da7: cmp dl, 0xe
0x12daa: jne 0x12dd9
0x12dac: mov al, 2
0x12dae: out 0x21, al
0x12db0: mov ah, 9
0x12db2: mov dx, 0xa4d
0x12db5: int 0x21
0x12db7: mov dx, 0x49a
0x12dba: mov cx, 7
0x12dbd: mov ah, 0x4e
0x12dbf: int 0x21
0x12dc1: jb 0x12dd7
0x12dc3: call 0x12dde
0x12dc6: jb 0x12dd3
0x12dc8: xchg ax, bx
0x12dc9: xor cx, cx
0x12dcb: mov ah, 0x40
0x12dcd: int 0x21
2018-12-25T11:44:21.55460607Z 26 PC: 12d69 | Set disk transfer address
2018-12-25T11:44:21.555545712Z 59 PC: 12d74 | Change current directory
2018-12-25T11:44:21.557715151Z 9 PC: 639 | Display string (String= 'This is a sample! (10.000 bytes)')
2018-12-25T11:44:21.560799309Z 76 PC: 12a56 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":10,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1791,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:44:22.182585316Z 48 PC: 17375 | Get DOS version
2018-12-25T11:44:22.184060069Z 71 PC: 17375 | Get current directory (See above)
2018-12-25T11:44:22.18718435Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:22.189121922Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:22.191494588Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:22.197425103Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:22.867921026Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:22.875500694Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:22.880477971Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:22.88270084Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:22.88477112Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:22.894332631Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:22.896023507Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:22.897682264Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:22.899855685Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:22.908147828Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:22.913926319Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:22.923003308Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:22.924681047Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:22.92830634Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:22.940040172Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:22.941722452Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:22.949140525Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:22.959309168Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:22.961072868Z 25 PC: 17375 | Get default drive (See above)
2018-12-25T11:44:22.962346169Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:22.968645791Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:22.97124094Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:22.972840146Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:22.980577331Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:22.984347902Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:22.992787296Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:22.995404882Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.002763128Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.016126151Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:23.020514927Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:23.026515498Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:23.027829035Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:23.029067658Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.031274015Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:23.034750437Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.040844826Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:23.047529456Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.057474085Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.064074901Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:23.066279544Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:23.075609244Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.086629624Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:23.090805047Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:23.094145739Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.100901764Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.115386576Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:23.124093234Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:23.131504502Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:23.133228007Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:23.135574348Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.138640125Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:23.144075731Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.153972555Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:23.155577113Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.162832616Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.170167063Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:23.172102697Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:23.187216593Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.198713203Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:23.203187457Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:23.206223599Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.2138899Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.226594451Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:23.233903678Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:23.241853357Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:23.244210662Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:23.246254911Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.249229865Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:23.255751233Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.275582204Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:23.276919072Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.282671945Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.286914797Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:23.288147274Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:23.293813971Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.519233882Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:23.5241019Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:23.526682265Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.533745482Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.616857857Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:23.624389991Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:23.632820755Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:23.634610987Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:23.636411124Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.640697834Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:23.646886403Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.657005681Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:23.659513323Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.66745804Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.674352303Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:23.676006877Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:23.684146749Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.69158976Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:23.695014211Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:23.697340064Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.701600957Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.710955578Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:23.721302795Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:23.728608809Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:23.730508151Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:23.732783335Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.736153273Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:23.742262866Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.754824256Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:23.756102211Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.760653972Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.765264945Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:23.766487212Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:23.773360467Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.788345721Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:23.791346836Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:23.79271464Z 59 PC: 17375 | Change current directory (See above)
2018-12-25T11:44:23.79646678Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:23.798293896Z 26 PC: 16872 | Set disk transfer address
2018-12-25T11:44:23.799484377Z 42 PC: 16876 | Get date 0x16876: cmp cx, 0x7c8
0x1687a: jae 0x1687f
0x1687c: jmp 0x1690a
0x1687f: cmp dh, 9
0x16882: jae 0x16887
0x16884: jmp 0x1690a
0x16887: cmp dl, 1
0x1688a: je 0x1688e
0x1688c: jmp 0x1690a
0x1688e: nop
0x1688f: mov al, 2
0x16891: push ax
0x16892: mov cx, 0x80
0x16895: mov dx, word ptr [0x142]
0x16899: push ds
0x1689a: mov bx, 0
0x1689d: mov ds, bx
0x1689f: int 0x26
0x168a1: popf
0x168a2: pop ds
2018-12-25T11:44:23.803534777Z 53 PC: 16912 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:23.80606291Z 37 PC: 16928 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:23.807654Z 78 PC: 1693b | Find first file
2018-12-25T11:44:23.815245987Z 67 PC: 16bf3 | Get or set file attributes
2018-12-25T11:44:23.821929041Z 67 PC: 16bf3 | Get or set file attributes (See above)
2018-12-25T11:44:23.8561012Z 61 PC: 16a94 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:23.864259156Z 87 PC: 16bbb | Get or set file date and time
2018-12-25T11:44:23.865932912Z 63 PC: 16aa0 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:44:23.873054431Z 66 PC: 16bb1 | Move file pointer
2018-12-25T11:44:23.875494982Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:23.878574957Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:23.880153232Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:23.883463664Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:23.885220199Z 62 PC: 16ab2 | Close file
2018-12-25T11:44:23.887339333Z 61 PC: 16a94 | Open file (See above)
2018-12-25T11:44:23.896596461Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:23.899707749Z 62 PC: 16ab2 | Close file (See above)
2018-12-25T11:44:23.901777296Z 61 PC: 16a94 | Open file (See above)
2018-12-25T11:44:23.910875773Z 64 PC: 16aa9 | Write file or device (Write 10 bytes on handle 5)
2018-12-25T11:44:23.914114238Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:23.91554049Z 64 PC: 16aa9 | Write file or device (See above)
2018-12-25T11:44:23.923421715Z 64 PC: 16aa9 | Write file or device (See above)
2018-12-25T11:44:23.98261065Z 87 PC: 16bd5 | Get or set file date and time
2018-12-25T11:44:23.984220134Z 62 PC: 16ab2 | Close file (See above)
2018-12-25T11:44:24.038904733Z 67 PC: 16bf3 | Get or set file attributes (See above)
2018-12-25T11:44:24.084249892Z 37 PC: 16a76 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:24.085582205Z 26 PC: 16a8b | Set disk transfer address
2018-12-25T11:44:24.088073411Z 47 PC: 15bd1 | Get disk transfer address
2018-12-25T11:44:24.089310951Z 26 PC: 15be4 | Set disk transfer address
2018-12-25T11:44:24.090636678Z 78 PC: 15c70 | Find first file
2018-12-25T11:44:24.098875309Z 67 PC: 15cae | Get or set file attributes
2018-12-25T11:44:24.105524122Z 67 PC: 15cc0 | Get or set file attributes
2018-12-25T11:44:24.121763613Z 61 PC: 15ccb | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:24.129855657Z 87 PC: 15cd7 | Get or set file date and time
2018-12-25T11:44:24.131899965Z 63 PC: 15cec | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:44:24.13524531Z 66 PC: 15cfe | Move file pointer
2018-12-25T11:44:24.137909237Z 64 PC: 15d22 | Write file or device (Write 2437 bytes on handle 5)
2018-12-25T11:44:24.147888496Z 66 PC: 15d34 | Move file pointer
2018-12-25T11:44:24.149848933Z 64 PC: 15d43 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:44:24.154475199Z 87 PC: 15d56 | Get or set file date and time
2018-12-25T11:44:24.157795864Z 62 PC: 15d5a | Close file
2018-12-25T11:44:24.167893271Z 67 PC: 15d69 | Get or set file attributes
2018-12-25T11:44:24.179914216Z 42 PC: 15d6e | Get date 0x15d6e: cmp cx, 0x7c7
0x15d72: jne 0x15d79
0x15d74: cmp dh, 1
0x15d77: je 0x15d8b
0x15d79: cmp al, 0
0x15d7b: jne 0x15d8b
0x15d7d: mov dx, si
0x15d7f: mov ah, 9
0x15d81: add dx, 0x16
0x15d84: nop
0x15d85: int 0x21
0x15d87: mov ah, 8
0x15d89: int 0x21
0x15d8b: mov dx, word ptr [si]
0x15d8d: nop
0x15d8e: nop
0x15d8f: mov ds, word ptr [si + 2]
0x15d92: nop
0x15d93: mov ah, 0x1a
0x15d95: int 0x21
2018-12-25T11:44:24.182679461Z 26 PC: 15d97 | Set disk transfer address
2018-12-25T11:44:24.232741031Z 13 PC: 12ab4 | Disk reset
2018-12-25T11:44:24.235152127Z 26 PC: 12b69 | Set disk transfer address
2018-12-25T11:44:24.237078837Z 71 PC: 12b7b | Get current directory
2018-12-25T11:44:24.240412467Z 78 PC: 12b84 | Find first file
2018-12-25T11:44:24.251534802Z 67 PC: 12b9e | Get or set file attributes
2018-12-25T11:44:24.263252391Z 61 PC: 12bb0 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:24.271318955Z 63 PC: 12bcf | Read file or device (Read 2660 bytes on handle 5)
2018-12-25T11:44:24.280583059Z 66 PC: 12bf5 | Move file pointer
2018-12-25T11:44:24.283507569Z 66 PC: 12c14 | Move file pointer
2018-12-25T11:44:24.286692847Z 64 PC: 12c30 | Write file or device (Write 2660 bytes on handle 5)
2018-12-25T11:44:24.297084215Z 64 PC: 12c3e | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:44:24.381628237Z 66 PC: 12cbd | Move file pointer
2018-12-25T11:44:24.383889027Z 64 PC: 12ccc | Write file or device (Write 2660 bytes on handle 5)
2018-12-25T11:44:24.598926721Z 87 PC: 12cdb | Get or set file date and time
2018-12-25T11:44:24.601161481Z 62 PC: 12cdf | Close file
2018-12-25T11:44:24.695814822Z 67 PC: 12cef | Get or set file attributes
2018-12-25T11:44:24.834611942Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:24.838279277Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:25.001935223Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:25.009512533Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:25.019217676Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:25.021256815Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:25.023661913Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:25.034987751Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:25.118413479Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:25.121333802Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:25.132030902Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:25.134518409Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:25.141580191Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:25.15366707Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:25.157324741Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:25.1681258Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:25.177234702Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:25.185658264Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:25.187280005Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:25.190315568Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:25.212376511Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:25.316894891Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:25.320159594Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:25.33078848Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:25.332437018Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:25.340530601Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:25.610411662Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:25.613355967Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:25.6795509Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:25.687566765Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:25.696254923Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:25.699171609Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:25.70197444Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:25.712838158Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:25.786844816Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:25.790216173Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:25.800471334Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:25.802462739Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:25.811616101Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:25.822513559Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:25.826266996Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:25.837178695Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:25.844512176Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:25.853196169Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:25.856467096Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:25.859276305Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:25.869714794Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:25.94657435Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:25.948261036Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:25.954363914Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:25.957158992Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:25.962647629Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:25.973869415Z 78 PC: 12d16 | Find first file
2018-12-25T11:44:25.981502532Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:25.987875647Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:25.994613488Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:26.002141136Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:26.009336789Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:26.018830517Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:26.032328554Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:26.038690283Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:26.045126784Z 59 PC: 12d4b | Change current directory
2018-12-25T11:44:26.050334688Z 42 PC: 12da2 | Get date 0x12da2: cmp dh, 9
0x12da5: jne 0x12dd9
0x12da7: cmp dl, 0xe
0x12daa: jne 0x12dd9
0x12dac: mov al, 2
0x12dae: out 0x21, al
0x12db0: mov ah, 9
0x12db2: mov dx, 0xa4d
0x12db5: int 0x21
0x12db7: mov dx, 0x49a
0x12dba: mov cx, 7
0x12dbd: mov ah, 0x4e
0x12dbf: int 0x21
0x12dc1: jb 0x12dd7
0x12dc3: call 0x12dde
0x12dc6: jb 0x12dd3
0x12dc8: xchg ax, bx
0x12dc9: xor cx, cx
0x12dcb: mov ah, 0x40
0x12dcd: int 0x21
2018-12-25T11:44:26.052990662Z 26 PC: 12d69 | Set disk transfer address
2018-12-25T11:44:26.054319472Z 59 PC: 12d74 | Change current directory
2018-12-25T11:44:26.057601813Z 9 PC: 639 | Display string (String= 'This is a sample! (10.000 bytes)')
2018-12-25T11:44:26.060077836Z 76 PC: 12a56 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1993,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1791,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:44:22.272130264Z 48 PC: 17375 | Get DOS version
2018-12-25T11:44:22.273819308Z 71 PC: 17375 | Get current directory (See above)
2018-12-25T11:44:22.277043665Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:22.279007374Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:22.282005976Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:22.288966196Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:22.874560145Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:22.883091562Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:22.886327938Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:22.888373948Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:22.892122271Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:22.901101459Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:22.903251323Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:22.905951855Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:22.908291602Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:22.920499062Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:22.92611454Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:22.935417914Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:22.937020174Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:22.940706256Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:22.948408755Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:22.950517805Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:22.958199877Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:22.970784739Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:22.972020861Z 25 PC: 17375 | Get default drive (See above)
2018-12-25T11:44:22.973167769Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:22.980167699Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:22.983166766Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:22.985986228Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:22.993074234Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:22.995376177Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:23.002937377Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:23.005553252Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.012445952Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.0308651Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:23.039365571Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:23.047720882Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:23.049316447Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:23.050901023Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.054578723Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:23.060174427Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.069650149Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:23.071552885Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.079065335Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.085662953Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:23.088002258Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:23.096698258Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.107967663Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:23.111994888Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:23.114468782Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.120670752Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.132165357Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:23.140270264Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:23.14750472Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:23.149181886Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:23.151112775Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.154412944Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:23.159968504Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.17086736Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:23.172611316Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.180202718Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.187477374Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:23.18932566Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:23.198098926Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.209460196Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:23.213288184Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:23.21597134Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.222719254Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.23843723Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:23.246598756Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:23.254537765Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:23.25646526Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:23.258400733Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.2624696Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:23.268415175Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.279001923Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:23.281016564Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.289293707Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.297423186Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:23.299584822Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:23.519725377Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.616663278Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:23.619387274Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:23.622459284Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.628908004Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.639719726Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:23.647755297Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:23.655360255Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:23.656994709Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:23.659437777Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.662886816Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:23.668422096Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.678422393Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:23.679974921Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.688277814Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.695464393Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:23.697293869Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:23.705951387Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.717613316Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:23.722503384Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:23.724929889Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.73193542Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.742725754Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:23.750389477Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:23.757719811Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:23.760103179Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:23.761839416Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.765254412Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:23.772468368Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.786089691Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:23.787607341Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.796639422Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.803531779Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:23.805514028Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:23.822394415Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.870068998Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:23.873231819Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:23.875479471Z 59 PC: 17375 | Change current directory (See above)
2018-12-25T11:44:23.877508022Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:23.879664606Z 26 PC: 16872 | Set disk transfer address
2018-12-25T11:44:23.882310004Z 42 PC: 16876 | Get date 0x16876: cmp cx, 0x7c8
0x1687a: jae 0x1687f
0x1687c: jmp 0x1690a
0x1687f: cmp dh, 9
0x16882: jae 0x16887
0x16884: jmp 0x1690a
0x16887: cmp dl, 1
0x1688a: je 0x1688e
0x1688c: jmp 0x1690a
0x1688e: nop
0x1688f: mov al, 2
0x16891: push ax
0x16892: mov cx, 0x80
0x16895: mov dx, word ptr [0x142]
0x16899: push ds
0x1689a: mov bx, 0
0x1689d: mov ds, bx
0x1689f: int 0x26
0x168a1: popf
0x168a2: pop ds
2018-12-25T11:44:23.885196986Z 53 PC: 16912 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:23.886873939Z 37 PC: 16928 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:23.889519624Z 78 PC: 1693b | Find first file
2018-12-25T11:44:23.896365537Z 67 PC: 16bf3 | Get or set file attributes
2018-12-25T11:44:23.909207133Z 67 PC: 16bf3 | Get or set file attributes (See above)
2018-12-25T11:44:23.930882681Z 61 PC: 16a94 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:23.938781134Z 87 PC: 16bbb | Get or set file date and time
2018-12-25T11:44:23.940431306Z 63 PC: 16aa0 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:44:23.948155734Z 66 PC: 16bb1 | Move file pointer
2018-12-25T11:44:23.950668934Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:23.953729965Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:23.95582134Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:23.959241223Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:23.960866259Z 62 PC: 16ab2 | Close file
2018-12-25T11:44:23.962723102Z 61 PC: 16a94 | Open file (See above)
2018-12-25T11:44:23.971368023Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:23.97413239Z 62 PC: 16ab2 | Close file (See above)
2018-12-25T11:44:23.976025908Z 61 PC: 16a94 | Open file (See above)
2018-12-25T11:44:23.990624397Z 64 PC: 16aa9 | Write file or device (Write 10 bytes on handle 5)
2018-12-25T11:44:23.993771758Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:23.995402668Z 64 PC: 16aa9 | Write file or device (See above)
2018-12-25T11:44:24.004191192Z 64 PC: 16aa9 | Write file or device (See above)
2018-12-25T11:44:24.038461211Z 87 PC: 16bd5 | Get or set file date and time
2018-12-25T11:44:24.040017854Z 62 PC: 16ab2 | Close file (See above)
2018-12-25T11:44:24.084322472Z 67 PC: 16bf3 | Get or set file attributes (See above)
2018-12-25T11:44:24.115109963Z 37 PC: 16a76 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:24.11692751Z 26 PC: 16a8b | Set disk transfer address
2018-12-25T11:44:24.119185322Z 47 PC: 15bd1 | Get disk transfer address
2018-12-25T11:44:24.120468783Z 26 PC: 15be4 | Set disk transfer address
2018-12-25T11:44:24.121777601Z 78 PC: 15c70 | Find first file
2018-12-25T11:44:24.129006301Z 67 PC: 15cae | Get or set file attributes
2018-12-25T11:44:24.13587724Z 67 PC: 15cc0 | Get or set file attributes
2018-12-25T11:44:24.146549081Z 61 PC: 15ccb | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:24.155046922Z 87 PC: 15cd7 | Get or set file date and time
2018-12-25T11:44:24.156905883Z 63 PC: 15cec | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:44:24.16005704Z 66 PC: 15cfe | Move file pointer
2018-12-25T11:44:24.162991679Z 64 PC: 15d22 | Write file or device (Write 2437 bytes on handle 5)
2018-12-25T11:44:24.173208396Z 66 PC: 15d34 | Move file pointer
2018-12-25T11:44:24.175074842Z 64 PC: 15d43 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:44:24.179475925Z 87 PC: 15d56 | Get or set file date and time
2018-12-25T11:44:24.181234366Z 62 PC: 15d5a | Close file
2018-12-25T11:44:24.196927816Z 67 PC: 15d69 | Get or set file attributes
2018-12-25T11:44:24.215598775Z 42 PC: 15d6e | Get date 0x15d6e: cmp cx, 0x7c7
0x15d72: jne 0x15d79
0x15d74: cmp dh, 1
0x15d77: je 0x15d8b
0x15d79: cmp al, 0
0x15d7b: jne 0x15d8b
0x15d7d: mov dx, si
0x15d7f: mov ah, 9
0x15d81: add dx, 0x16
0x15d84: nop
0x15d85: int 0x21
0x15d87: mov ah, 8
0x15d89: int 0x21
0x15d8b: mov dx, word ptr [si]
0x15d8d: nop
0x15d8e: nop
0x15d8f: mov ds, word ptr [si + 2]
0x15d92: nop
0x15d93: mov ah, 0x1a
0x15d95: int 0x21
2018-12-25T11:44:24.218310734Z 26 PC: 15d97 | Set disk transfer address
2018-12-25T11:44:24.225488668Z 13 PC: 12ab4 | Disk reset
2018-12-25T11:44:24.230702151Z 26 PC: 12b69 | Set disk transfer address
2018-12-25T11:44:24.232672279Z 71 PC: 12b7b | Get current directory
2018-12-25T11:44:24.236553545Z 78 PC: 12b84 | Find first file
2018-12-25T11:44:24.248184674Z 67 PC: 12b9e | Get or set file attributes
2018-12-25T11:44:24.258586122Z 61 PC: 12bb0 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:24.263404084Z 63 PC: 12bcf | Read file or device (Read 2660 bytes on handle 5)
2018-12-25T11:44:24.269238466Z 66 PC: 12bf5 | Move file pointer
2018-12-25T11:44:24.270537929Z 66 PC: 12c14 | Move file pointer
2018-12-25T11:44:24.272008962Z 64 PC: 12c30 | Write file or device (Write 2660 bytes on handle 5)
2018-12-25T11:44:24.279305259Z 64 PC: 12c3e | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:44:24.308129631Z 66 PC: 12cbd | Move file pointer
2018-12-25T11:44:24.309374978Z 64 PC: 12ccc | Write file or device (Write 2660 bytes on handle 5)
2018-12-25T11:44:24.31546335Z 87 PC: 12cdb | Get or set file date and time
2018-12-25T11:44:24.318868028Z 62 PC: 12cdf | Close file
2018-12-25T11:44:24.49713149Z 67 PC: 12cef | Get or set file attributes
2018-12-25T11:44:24.69666994Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:24.69916297Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:24.834632416Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:24.842954958Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:24.885915503Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:24.887409777Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:24.890076787Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:25.001967176Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:25.099023864Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:25.102773649Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:25.113345855Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:25.115460606Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:25.12451526Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:25.137208611Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:25.140562682Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:25.152492646Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:25.161436711Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:25.17027424Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:25.172242763Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:25.175328917Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:25.185129643Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:25.294146213Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:25.297654157Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:25.308231783Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:25.310346187Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:25.319850705Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:25.331345376Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:25.334730329Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:25.427517752Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:25.434986008Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:25.443212633Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:25.445094539Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:25.447006683Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:25.61036268Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:25.716199558Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:25.719246598Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:25.729599874Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:25.731571217Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:25.737271879Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:25.744265038Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:25.748471672Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:25.759171252Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:25.7666801Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:25.775411134Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:25.776883322Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:25.778844655Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:25.788725429Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:25.894456187Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:25.897293118Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:25.908586797Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:25.91126251Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:25.920724895Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:25.932651571Z 78 PC: 12d16 | Find first file
2018-12-25T11:44:25.939608844Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:25.946093269Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:25.953351287Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:25.965875755Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:25.979029537Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:25.986506637Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:25.993920814Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:26.001139351Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:26.007578979Z 59 PC: 12d4b | Change current directory
2018-12-25T11:44:26.01713451Z 42 PC: 12da2 | Get date 0x12da2: cmp dh, 9
0x12da5: jne 0x12dd9
0x12da7: cmp dl, 0xe
0x12daa: jne 0x12dd9
0x12dac: mov al, 2
0x12dae: out 0x21, al
0x12db0: mov ah, 9
0x12db2: mov dx, 0xa4d
0x12db5: int 0x21
0x12db7: mov dx, 0x49a
0x12dba: mov cx, 7
0x12dbd: mov ah, 0x4e
0x12dbf: int 0x21
0x12dc1: jb 0x12dd7
0x12dc3: call 0x12dde
0x12dc6: jb 0x12dd3
0x12dc8: xchg ax, bx
0x12dc9: xor cx, cx
0x12dcb: mov ah, 0x40
0x12dcd: int 0x21
2018-12-25T11:44:26.020199645Z 26 PC: 12d69 | Set disk transfer address
2018-12-25T11:44:26.021312657Z 59 PC: 12d74 | Change current directory
2018-12-25T11:44:26.024915717Z 9 PC: 639 | Display string (String= 'This is a sample! (10.000 bytes)')
2018-12-25T11:44:26.027887931Z 76 PC: 12a56 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":6,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1791,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:44:23.274780895Z 48 PC: 17375 | Get DOS version
2018-12-25T11:44:23.276539405Z 71 PC: 17375 | Get current directory (See above)
2018-12-25T11:44:23.278689404Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:23.280071267Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:23.282253437Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.285938557Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.623989779Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:23.630849264Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:23.6341172Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:23.635811942Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:23.637440312Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:23.645837517Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:23.647575924Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:23.649544504Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:23.651953389Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.659936302Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:23.66576789Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.67417561Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:23.67577234Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.678799375Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.685811378Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:23.687776302Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:23.69498361Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.705844106Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:23.707549103Z 25 PC: 17375 | Get default drive (See above)
2018-12-25T11:44:23.708841652Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:23.714771259Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:23.71651318Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:23.717746669Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:23.725323052Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:23.72765354Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:23.735593275Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:23.73802033Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.745013707Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:24.115695405Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:24.123762564Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:24.131669661Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:24.133221782Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:24.134708095Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:24.138207944Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:24.144191531Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:24.154035437Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:24.156454437Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:24.16350516Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:24.184445715Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:24.190448024Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:24.199454425Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:24.211035854Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:24.216277997Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:24.219693205Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:24.226399841Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:24.237596965Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:24.246514519Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:24.253825298Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:24.255491855Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:24.258445732Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:24.261499564Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:24.273934292Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:24.284154137Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:24.285757892Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:24.293182932Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:24.300738643Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:24.302774346Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:24.311512081Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:24.324669433Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:24.329196915Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:24.332056769Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:24.339279759Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:24.598805175Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:24.606129565Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:24.613272069Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:24.615482253Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:24.617153169Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:24.620021166Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:24.626553019Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:24.835099032Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:24.837200943Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:24.886440331Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:24.893609274Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:24.895397221Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:25.003267896Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.025020394Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:25.029858356Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:25.03316751Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.039837828Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.051738998Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:25.061198134Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:25.069919483Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.071949933Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.073212181Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.076312416Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:25.079216971Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.085399715Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.08731201Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.091848949Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.096447441Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.098373074Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:25.104576825Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.113737267Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:25.118855511Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:25.122097369Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.128620286Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.142461755Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:25.151837863Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:25.158806323Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.160264871Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.162714476Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.165820924Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:25.171332449Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.182327071Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.183973911Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.191749171Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.19965982Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.202237017Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:25.211737517Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.223109318Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:25.226449451Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:25.227619939Z 59 PC: 17375 | Change current directory (See above)
2018-12-25T11:44:25.229680228Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:25.232208104Z 26 PC: 16872 | Set disk transfer address
2018-12-25T11:44:25.234086405Z 42 PC: 16876 | Get date 0x16876: cmp cx, 0x7c8
0x1687a: jae 0x1687f
0x1687c: jmp 0x1690a
0x1687f: cmp dh, 9
0x16882: jae 0x16887
0x16884: jmp 0x1690a
0x16887: cmp dl, 1
0x1688a: je 0x1688e
0x1688c: jmp 0x1690a
0x1688e: nop
0x1688f: mov al, 2
0x16891: push ax
0x16892: mov cx, 0x80
0x16895: mov dx, word ptr [0x142]
0x16899: push ds
0x1689a: mov bx, 0
0x1689d: mov ds, bx
0x1689f: int 0x26
0x168a1: popf
0x168a2: pop ds
2018-12-25T11:44:25.236813942Z 53 PC: 16912 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:25.23956724Z 37 PC: 16928 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:25.241278281Z 78 PC: 1693b | Find first file
2018-12-25T11:44:25.248513773Z 67 PC: 16bf3 | Get or set file attributes
2018-12-25T11:44:25.255219885Z 67 PC: 16bf3 | Get or set file attributes (See above)
2018-12-25T11:44:25.266031094Z 61 PC: 16a94 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:25.279637629Z 87 PC: 16bbb | Get or set file date and time
2018-12-25T11:44:25.282601475Z 63 PC: 16aa0 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:44:25.290428491Z 66 PC: 16bb1 | Move file pointer
2018-12-25T11:44:25.292298203Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:25.295786185Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:25.297360403Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:25.300104199Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:25.30202526Z 62 PC: 16ab2 | Close file
2018-12-25T11:44:25.304132645Z 61 PC: 16a94 | Open file (See above)
2018-12-25T11:44:25.311447396Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:25.314982587Z 62 PC: 16ab2 | Close file (See above)
2018-12-25T11:44:25.316933119Z 61 PC: 16a94 | Open file (See above)
2018-12-25T11:44:25.324494789Z 64 PC: 16aa9 | Write file or device (Write 10 bytes on handle 5)
2018-12-25T11:44:25.328111264Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:25.329883886Z 64 PC: 16aa9 | Write file or device (See above)
2018-12-25T11:44:25.338893537Z 64 PC: 16aa9 | Write file or device (See above)
2018-12-25T11:44:25.427868029Z 87 PC: 16bd5 | Get or set file date and time
2018-12-25T11:44:25.429795789Z 62 PC: 16ab2 | Close file (See above)
2018-12-25T11:44:25.610428755Z 67 PC: 16bf3 | Get or set file attributes (See above)
2018-12-25T11:44:25.682408385Z 37 PC: 16a76 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:25.683813076Z 26 PC: 16a8b | Set disk transfer address
2018-12-25T11:44:25.685140299Z 47 PC: 15bd1 | Get disk transfer address
2018-12-25T11:44:25.68709879Z 26 PC: 15be4 | Set disk transfer address
2018-12-25T11:44:25.690621007Z 78 PC: 15c70 | Find first file
2018-12-25T11:44:25.69877794Z 67 PC: 15cae | Get or set file attributes
2018-12-25T11:44:25.706586572Z 67 PC: 15cc0 | Get or set file attributes
2018-12-25T11:44:25.737506218Z 61 PC: 15ccb | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:25.744025105Z 87 PC: 15cd7 | Get or set file date and time
2018-12-25T11:44:25.746038665Z 63 PC: 15cec | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:44:25.75245779Z 66 PC: 15cfe | Move file pointer
2018-12-25T11:44:25.754285883Z 64 PC: 15d22 | Write file or device (Write 2437 bytes on handle 5)
2018-12-25T11:44:25.763050851Z 66 PC: 15d34 | Move file pointer
2018-12-25T11:44:25.765062706Z 64 PC: 15d43 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:44:25.76791761Z 87 PC: 15d56 | Get or set file date and time
2018-12-25T11:44:25.772691308Z 62 PC: 15d5a | Close file
2018-12-25T11:44:25.782418903Z 67 PC: 15d69 | Get or set file attributes
2018-12-25T11:44:25.794756363Z 42 PC: 15d6e | Get date 0x15d6e: cmp cx, 0x7c7
0x15d72: jne 0x15d79
0x15d74: cmp dh, 1
0x15d77: je 0x15d8b
0x15d79: cmp al, 0
0x15d7b: jne 0x15d8b
0x15d7d: mov dx, si
0x15d7f: mov ah, 9
0x15d81: add dx, 0x16
0x15d84: nop
0x15d85: int 0x21
0x15d87: mov ah, 8
0x15d89: int 0x21
0x15d8b: mov dx, word ptr [si]
0x15d8d: nop
0x15d8e: nop
0x15d8f: mov ds, word ptr [si + 2]
0x15d92: nop
0x15d93: mov ah, 0x1a
0x15d95: int 0x21
2018-12-25T11:44:25.797657808Z 9 PC: 15d87 | Display string (Could not find end pointer)
2018-12-25T11:44:25.839846409Z 8 PC: 15d8b | Console input without echo

{"DateBased":true,"Day":1,"Month":1,"Year":1991,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1791,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:44:23.509608089Z 48 PC: 17375 | Get DOS version
2018-12-25T11:44:23.511333996Z 71 PC: 17375 | Get current directory (See above)
2018-12-25T11:44:23.514319044Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:23.516291104Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:23.519497238Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.525078866Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.876827918Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:23.884456383Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:23.887187112Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:23.889047388Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:23.893515523Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:23.899193485Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:23.900580068Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:23.90264642Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:23.903986485Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.9098618Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:23.914801876Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.921751054Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:23.922918648Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:23.931897694Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.937462966Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:23.938774869Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:23.945644383Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.951567176Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:23.952282182Z 25 PC: 17375 | Get default drive (See above)
2018-12-25T11:44:23.953236359Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:23.959459673Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:23.960551157Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:23.961698022Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:23.965441147Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:23.966806518Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:23.971041292Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:23.97303062Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.976627407Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:23.988789043Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:23.993030233Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:23.999196717Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:24.000852276Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:24.0024676Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:24.00501863Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:24.010147872Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:24.018512549Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:24.01969816Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:24.029714439Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:24.036047079Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:24.037324947Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:24.045247743Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:24.054861345Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:24.059035824Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:24.062280397Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:24.068228026Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:24.077959518Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:24.085111072Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:24.091402257Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:24.09280612Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:24.094913234Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:24.097564812Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:24.103404651Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:24.111908015Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:24.113551361Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:24.119795228Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:24.125505909Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:24.127183271Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:24.134611147Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:24.14469169Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:24.14856336Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:24.150834797Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:24.156240756Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:24.168255172Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:24.17237027Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:24.176347841Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:24.177600067Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:24.178646292Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:24.18041855Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:24.18347384Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:24.189105916Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:24.190132837Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:24.196836912Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:24.201619983Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:24.202940914Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:24.210276787Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:24.219578929Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:24.22264535Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:24.225342411Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:24.231341757Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:24.240714517Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:24.255964147Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:24.26190073Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:24.26316131Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:24.264512331Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:24.267045087Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:24.271655309Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:24.280055791Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:24.281250873Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:24.28738552Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:24.292948984Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:24.294211842Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:24.301917107Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:24.311518944Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:24.314779858Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:24.316882397Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:24.323185855Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:24.332901036Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:24.340058698Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:24.347051113Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:24.349219839Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:24.351043879Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:24.354412758Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:24.35909609Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:24.367895705Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:24.369794907Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:24.37606981Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:24.381630831Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:24.383488109Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:24.390939497Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:24.400455162Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:24.403266413Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:24.404199332Z 59 PC: 17375 | Change current directory (See above)
2018-12-25T11:44:24.405803289Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:24.407367486Z 26 PC: 16872 | Set disk transfer address
2018-12-25T11:44:24.408229756Z 42 PC: 16876 | Get date 0x16876: cmp cx, 0x7c8
0x1687a: jae 0x1687f
0x1687c: jmp 0x1690a
0x1687f: cmp dh, 9
0x16882: jae 0x16887
0x16884: jmp 0x1690a
0x16887: cmp dl, 1
0x1688a: je 0x1688e
0x1688c: jmp 0x1690a
0x1688e: nop
0x1688f: mov al, 2
0x16891: push ax
0x16892: mov cx, 0x80
0x16895: mov dx, word ptr [0x142]
0x16899: push ds
0x1689a: mov bx, 0
0x1689d: mov ds, bx
0x1689f: int 0x26
0x168a1: popf
0x168a2: pop ds
2018-12-25T11:44:24.410226052Z 53 PC: 16912 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:24.411354392Z 37 PC: 16928 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:24.412211527Z 78 PC: 1693b | Find first file
2018-12-25T11:44:24.418127355Z 67 PC: 16bf3 | Get or set file attributes
2018-12-25T11:44:24.429221147Z 67 PC: 16bf3 | Get or set file attributes (See above)
2018-12-25T11:44:24.439010912Z 61 PC: 16a94 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:24.445336153Z 87 PC: 16bbb | Get or set file date and time
2018-12-25T11:44:24.447040284Z 63 PC: 16aa0 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:44:24.453373514Z 66 PC: 16bb1 | Move file pointer
2018-12-25T11:44:24.454817447Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:24.45726565Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:24.458507902Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:24.461916721Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:24.463223788Z 62 PC: 16ab2 | Close file
2018-12-25T11:44:24.46477368Z 61 PC: 16a94 | Open file (See above)
2018-12-25T11:44:24.471339795Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:24.474388432Z 62 PC: 16ab2 | Close file (See above)
2018-12-25T11:44:24.475911306Z 61 PC: 16a94 | Open file (See above)
2018-12-25T11:44:24.482336149Z 64 PC: 16aa9 | Write file or device (Write 10 bytes on handle 5)
2018-12-25T11:44:24.48497892Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:24.486193916Z 64 PC: 16aa9 | Write file or device (See above)
2018-12-25T11:44:24.493886609Z 64 PC: 16aa9 | Write file or device (See above)
2018-12-25T11:44:24.502809679Z 87 PC: 16bd5 | Get or set file date and time
2018-12-25T11:44:24.504270271Z 62 PC: 16ab2 | Close file (See above)
2018-12-25T11:44:24.512052032Z 67 PC: 16bf3 | Get or set file attributes (See above)
2018-12-25T11:44:24.521697944Z 37 PC: 16a76 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:24.522726822Z 26 PC: 16a8b | Set disk transfer address
2018-12-25T11:44:24.5241356Z 47 PC: 15bd1 | Get disk transfer address
2018-12-25T11:44:24.52552921Z 26 PC: 15be4 | Set disk transfer address
2018-12-25T11:44:24.52656264Z 78 PC: 15c70 | Find first file
2018-12-25T11:44:24.532899099Z 67 PC: 15cae | Get or set file attributes
2018-12-25T11:44:24.538348558Z 67 PC: 15cc0 | Get or set file attributes
2018-12-25T11:44:24.550028372Z 61 PC: 15ccb | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:24.557580585Z 87 PC: 15cd7 | Get or set file date and time
2018-12-25T11:44:24.559008419Z 63 PC: 15cec | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:44:24.565147447Z 66 PC: 15cfe | Move file pointer
2018-12-25T11:44:24.566980589Z 64 PC: 15d22 | Write file or device (Write 2437 bytes on handle 5)
2018-12-25T11:44:24.576161415Z 66 PC: 15d34 | Move file pointer
2018-12-25T11:44:24.577370873Z 64 PC: 15d43 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:44:24.580059006Z 87 PC: 15d56 | Get or set file date and time
2018-12-25T11:44:24.581384337Z 62 PC: 15d5a | Close file
2018-12-25T11:44:24.588830382Z 67 PC: 15d69 | Get or set file attributes
2018-12-25T11:44:24.598362428Z 42 PC: 15d6e | Get date 0x15d6e: cmp cx, 0x7c7
0x15d72: jne 0x15d79
0x15d74: cmp dh, 1
0x15d77: je 0x15d8b
0x15d79: cmp al, 0
0x15d7b: jne 0x15d8b
0x15d7d: mov dx, si
0x15d7f: mov ah, 9
0x15d81: add dx, 0x16
0x15d84: nop
0x15d85: int 0x21
0x15d87: mov ah, 8
0x15d89: int 0x21
0x15d8b: mov dx, word ptr [si]
0x15d8d: nop
0x15d8e: nop
0x15d8f: mov ds, word ptr [si + 2]
0x15d92: nop
0x15d93: mov ah, 0x1a
0x15d95: int 0x21
2018-12-25T11:44:24.600296653Z 26 PC: 15d97 | Set disk transfer address
2018-12-25T11:44:24.63308645Z 13 PC: 12ab4 | Disk reset
2018-12-25T11:44:24.635320434Z 26 PC: 12b69 | Set disk transfer address
2018-12-25T11:44:24.636698253Z 71 PC: 12b7b | Get current directory
2018-12-25T11:44:24.64087062Z 78 PC: 12b84 | Find first file
2018-12-25T11:44:24.649926554Z 67 PC: 12b9e | Get or set file attributes
2018-12-25T11:44:24.664402827Z 61 PC: 12bb0 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:24.67210165Z 63 PC: 12bcf | Read file or device (Read 2660 bytes on handle 5)
2018-12-25T11:44:24.67986398Z 66 PC: 12bf5 | Move file pointer
2018-12-25T11:44:24.681512738Z 66 PC: 12c14 | Move file pointer
2018-12-25T11:44:24.684683396Z 64 PC: 12c30 | Write file or device (Write 2660 bytes on handle 5)
2018-12-25T11:44:24.693639404Z 64 PC: 12c3e | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:44:24.755818325Z 66 PC: 12cbd | Move file pointer
2018-12-25T11:44:24.759035167Z 64 PC: 12ccc | Write file or device (Write 2660 bytes on handle 5)
2018-12-25T11:44:24.768340244Z 87 PC: 12cdb | Get or set file date and time
2018-12-25T11:44:24.773801223Z 62 PC: 12cdf | Close file
2018-12-25T11:44:24.782437397Z 67 PC: 12cef | Get or set file attributes
2018-12-25T11:44:24.792306069Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:24.795174641Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:24.805836347Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:24.812435906Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:24.820059642Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:24.822457888Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:24.824498422Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:25.093251488Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:25.167746492Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:25.174345419Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:25.183768357Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:25.191988238Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:25.473557125Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:25.573338926Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:25.576142954Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:25.676895882Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:25.683827744Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:25.693316179Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:25.694717099Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:25.69611403Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:25.837593438Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:25.896245513Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:25.898637015Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:25.908295127Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:25.909968597Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:25.917569305Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:25.928707162Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:25.931648568Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:25.941698666Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:25.948872167Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:25.956808809Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:25.958723725Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:25.961747934Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:25.970423261Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:26.03633827Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:26.03873509Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:26.047471536Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:26.050158062Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:26.058645883Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:26.068458759Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:26.07255911Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:26.082058284Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:26.088555975Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:26.096165312Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:26.097471081Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:26.099054349Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:26.10852053Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:26.185303686Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:26.187731046Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:26.197401554Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:26.199666219Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:26.207419053Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:26.218171315Z 78 PC: 12d16 | Find first file
2018-12-25T11:44:26.224334449Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:26.22990508Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:26.241241424Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:26.252677694Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:26.258648658Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:26.265432393Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:26.271811345Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:26.277781186Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:26.293504032Z 59 PC: 12d4b | Change current directory
2018-12-25T11:44:26.302172102Z 42 PC: 12da2 | Get date 0x12da2: cmp dh, 9
0x12da5: jne 0x12dd9
0x12da7: cmp dl, 0xe
0x12daa: jne 0x12dd9
0x12dac: mov al, 2
0x12dae: out 0x21, al
0x12db0: mov ah, 9
0x12db2: mov dx, 0xa4d
0x12db5: int 0x21
0x12db7: mov dx, 0x49a
0x12dba: mov cx, 7
0x12dbd: mov ah, 0x4e
0x12dbf: int 0x21
0x12dc1: jb 0x12dd7
0x12dc3: call 0x12dde
0x12dc6: jb 0x12dd3
0x12dc8: xchg ax, bx
0x12dc9: xor cx, cx
0x12dcb: mov ah, 0x40
0x12dcd: int 0x21
2018-12-25T11:44:26.30449685Z 26 PC: 12d69 | Set disk transfer address
2018-12-25T11:44:26.306444593Z 59 PC: 12d74 | Change current directory
2018-12-25T11:44:26.308975544Z 9 PC: 639 | Display string (String= 'This is a sample! (10.000 bytes)')
2018-12-25T11:44:26.312124285Z 76 PC: 12a56 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":2,"Year":1991,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1791,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:44:24.296658463Z 48 PC: 17375 | Get DOS version
2018-12-25T11:44:24.298913041Z 71 PC: 17375 | Get current directory (See above)
2018-12-25T11:44:24.302486932Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:24.305550903Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:24.308044432Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:24.317954365Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.002063026Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:25.009478189Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:25.014250939Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.016079841Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.017450156Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:25.022598789Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.024782329Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.026890396Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.029214769Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.037113999Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:25.042962776Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.05237818Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.056760821Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.059838935Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.066729792Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.068768077Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:25.076270942Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.08687392Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:25.088693228Z 25 PC: 17375 | Get default drive (See above)
2018-12-25T11:44:25.090755042Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:25.096707785Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:25.098949722Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:25.101080272Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:25.108290591Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:25.111408924Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:25.119825394Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:25.12346276Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.130791797Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.150522996Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:25.159094267Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:25.165703104Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.167250065Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.16864677Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.180909529Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:25.185735262Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.193943927Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.196379995Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.203056047Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.208736541Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.210508516Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:25.218266894Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.227117177Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:25.230869389Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:25.235164229Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.241371268Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.252315324Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:25.261111766Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:25.268642548Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.27059039Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.273300733Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.277107034Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:25.283542198Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.293831363Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.29822252Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.306472536Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.314256164Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.31684523Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:25.32662199Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.33793989Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:25.3431143Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:25.345943515Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.352464331Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.610687512Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:25.618686983Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:25.626115975Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.628814009Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.630676622Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.634143602Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:25.640736817Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.679352264Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.680946832Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.690270292Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.697219798Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.699301003Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:25.708627966Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.72153544Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:25.725947533Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:25.728951853Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.737048291Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.748472119Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:25.756381613Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:25.765361021Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.767411441Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.768915731Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.771261046Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:25.774759591Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.781308083Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.784136066Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.791885794Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.798782499Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.801026677Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:25.810106471Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.82129819Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:25.825786941Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:25.829760389Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.837295519Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.848819501Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:25.857531902Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:25.864594111Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.866289365Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.868452308Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.871461949Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:25.876879895Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.886940738Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.888886993Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.896824778Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.904050108Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.905706074Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:25.914232115Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.926143363Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:25.929870392Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:25.931173026Z 59 PC: 17375 | Change current directory (See above)
2018-12-25T11:44:25.934052254Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:25.936220624Z 26 PC: 16872 | Set disk transfer address
2018-12-25T11:44:25.937806036Z 42 PC: 16876 | Get date 0x16876: cmp cx, 0x7c8
0x1687a: jae 0x1687f
0x1687c: jmp 0x1690a
0x1687f: cmp dh, 9
0x16882: jae 0x16887
0x16884: jmp 0x1690a
0x16887: cmp dl, 1
0x1688a: je 0x1688e
0x1688c: jmp 0x1690a
0x1688e: nop
0x1688f: mov al, 2
0x16891: push ax
0x16892: mov cx, 0x80
0x16895: mov dx, word ptr [0x142]
0x16899: push ds
0x1689a: mov bx, 0
0x1689d: mov ds, bx
0x1689f: int 0x26
0x168a1: popf
0x168a2: pop ds
2018-12-25T11:44:25.941186597Z 53 PC: 16912 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:25.942686257Z 37 PC: 16928 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:25.944063002Z 78 PC: 1693b | Find first file
2018-12-25T11:44:25.951347149Z 67 PC: 16bf3 | Get or set file attributes
2018-12-25T11:44:25.957806234Z 67 PC: 16bf3 | Get or set file attributes (See above)
2018-12-25T11:44:25.96897593Z 61 PC: 16a94 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:25.973779866Z 87 PC: 16bbb | Get or set file date and time
2018-12-25T11:44:25.975379324Z 63 PC: 16aa0 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:44:25.980264637Z 66 PC: 16bb1 | Move file pointer
2018-12-25T11:44:25.981938731Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:25.98429672Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:25.985645232Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:25.988061376Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:25.989196267Z 62 PC: 16ab2 | Close file
2018-12-25T11:44:25.990536106Z 61 PC: 16a94 | Open file (See above)
2018-12-25T11:44:25.995770345Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:25.998530246Z 62 PC: 16ab2 | Close file (See above)
2018-12-25T11:44:26.000398309Z 61 PC: 16a94 | Open file (See above)
2018-12-25T11:44:26.007868201Z 64 PC: 16aa9 | Write file or device (Write 10 bytes on handle 5)
2018-12-25T11:44:26.010971438Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:26.012248745Z 64 PC: 16aa9 | Write file or device (See above)
2018-12-25T11:44:26.025161971Z 64 PC: 16aa9 | Write file or device (See above)
2018-12-25T11:44:26.036108464Z 87 PC: 16bd5 | Get or set file date and time
2018-12-25T11:44:26.037679097Z 62 PC: 16ab2 | Close file (See above)
2018-12-25T11:44:26.046191823Z 67 PC: 16bf3 | Get or set file attributes (See above)
2018-12-25T11:44:26.058064195Z 37 PC: 16a76 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:26.059394288Z 26 PC: 16a8b | Set disk transfer address
2018-12-25T11:44:26.060674038Z 47 PC: 15bd1 | Get disk transfer address
2018-12-25T11:44:26.062158479Z 26 PC: 15be4 | Set disk transfer address
2018-12-25T11:44:26.063684759Z 78 PC: 15c70 | Find first file
2018-12-25T11:44:26.071103632Z 67 PC: 15cae | Get or set file attributes
2018-12-25T11:44:26.079718993Z 67 PC: 15cc0 | Get or set file attributes
2018-12-25T11:44:26.094290737Z 61 PC: 15ccb | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:26.103049321Z 87 PC: 15cd7 | Get or set file date and time
2018-12-25T11:44:26.105583848Z 63 PC: 15cec | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:44:26.113070723Z 66 PC: 15cfe | Move file pointer
2018-12-25T11:44:26.115102684Z 64 PC: 15d22 | Write file or device (Write 2437 bytes on handle 5)
2018-12-25T11:44:26.127264543Z 66 PC: 15d34 | Move file pointer
2018-12-25T11:44:26.12923455Z 64 PC: 15d43 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:44:26.132752492Z 87 PC: 15d56 | Get or set file date and time
2018-12-25T11:44:26.135881417Z 62 PC: 15d5a | Close file
2018-12-25T11:44:26.144944064Z 67 PC: 15d69 | Get or set file attributes
2018-12-25T11:44:26.156114067Z 42 PC: 15d6e | Get date 0x15d6e: cmp cx, 0x7c7
0x15d72: jne 0x15d79
0x15d74: cmp dh, 1
0x15d77: je 0x15d8b
0x15d79: cmp al, 0
0x15d7b: jne 0x15d8b
0x15d7d: mov dx, si
0x15d7f: mov ah, 9
0x15d81: add dx, 0x16
0x15d84: nop
0x15d85: int 0x21
0x15d87: mov ah, 8
0x15d89: int 0x21
0x15d8b: mov dx, word ptr [si]
0x15d8d: nop
0x15d8e: nop
0x15d8f: mov ds, word ptr [si + 2]
0x15d92: nop
0x15d93: mov ah, 0x1a
0x15d95: int 0x21
2018-12-25T11:44:26.159555938Z 26 PC: 15d97 | Set disk transfer address
2018-12-25T11:44:26.178334443Z 13 PC: 12ab4 | Disk reset
2018-12-25T11:44:26.180600978Z 26 PC: 12b69 | Set disk transfer address
2018-12-25T11:44:26.183029045Z 71 PC: 12b7b | Get current directory
2018-12-25T11:44:26.187028439Z 78 PC: 12b84 | Find first file
2018-12-25T11:44:26.197516596Z 67 PC: 12b9e | Get or set file attributes
2018-12-25T11:44:26.209700908Z 61 PC: 12bb0 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:26.217916283Z 63 PC: 12bcf | Read file or device (Read 2660 bytes on handle 5)
2018-12-25T11:44:26.227289288Z 66 PC: 12bf5 | Move file pointer
2018-12-25T11:44:26.230188866Z 66 PC: 12c14 | Move file pointer
2018-12-25T11:44:26.233055827Z 64 PC: 12c30 | Write file or device (Write 2660 bytes on handle 5)
2018-12-25T11:44:26.243336865Z 64 PC: 12c3e | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:44:26.331892423Z 66 PC: 12cbd | Move file pointer
2018-12-25T11:44:26.334327932Z 64 PC: 12ccc | Write file or device (Write 2660 bytes on handle 5)
2018-12-25T11:44:26.343805507Z 87 PC: 12cdb | Get or set file date and time
2018-12-25T11:44:26.346729837Z 62 PC: 12cdf | Close file
2018-12-25T11:44:26.355789686Z 67 PC: 12cef | Get or set file attributes
2018-12-25T11:44:26.366750867Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:26.369810615Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:26.381239058Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:26.388425169Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:26.396842986Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:26.398908685Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:26.400968601Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:26.411592806Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:26.486882023Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:26.488660847Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:26.49471118Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:26.496873559Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:26.505953164Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:26.515430352Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:26.518400911Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:26.526005695Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:26.530989628Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:26.53680715Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:26.537998951Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:26.539407625Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:26.548407166Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:26.574474692Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:26.575649565Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:26.582379983Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:26.583869682Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:26.58999585Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:26.60631056Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:26.609664646Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:26.620758109Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:26.629396315Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:26.636125139Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:26.637986539Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:26.640909263Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:26.652085975Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:26.720044076Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:26.723053355Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:26.733996099Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:26.735696942Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:26.744610658Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:26.756127061Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:26.758943888Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:26.768262693Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:26.773169088Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:26.778148499Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:26.779291717Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:26.781445513Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:26.78713958Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:26.814137351Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:26.816511276Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:26.822789712Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:26.824109744Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:26.830211497Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:26.836741736Z 78 PC: 12d16 | Find first file
2018-12-25T11:44:26.840816433Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:26.845788909Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:26.849883388Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:26.857322472Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:26.865224598Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:26.87243675Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:26.87979299Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:26.888091494Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:26.895734802Z 59 PC: 12d4b | Change current directory
2018-12-25T11:44:26.898932401Z 42 PC: 12da2 | Get date 0x12da2: cmp dh, 9
0x12da5: jne 0x12dd9
0x12da7: cmp dl, 0xe
0x12daa: jne 0x12dd9
0x12dac: mov al, 2
0x12dae: out 0x21, al
0x12db0: mov ah, 9
0x12db2: mov dx, 0xa4d
0x12db5: int 0x21
0x12db7: mov dx, 0x49a
0x12dba: mov cx, 7
0x12dbd: mov ah, 0x4e
0x12dbf: int 0x21
0x12dc1: jb 0x12dd7
0x12dc3: call 0x12dde
0x12dc6: jb 0x12dd3
0x12dc8: xchg ax, bx
0x12dc9: xor cx, cx
0x12dcb: mov ah, 0x40
0x12dcd: int 0x21
2018-12-25T11:44:26.901688859Z 26 PC: 12d69 | Set disk transfer address
2018-12-25T11:44:26.902799629Z 59 PC: 12d74 | Change current directory
2018-12-25T11:44:26.904651648Z 9 PC: 639 | Display string (String= 'This is a sample! (10.000 bytes)')
2018-12-25T11:44:26.907323848Z 76 PC: 12a56 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":3,"Month":2,"Year":1991,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1791,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:44:24.28703001Z 48 PC: 17375 | Get DOS version
2018-12-25T11:44:24.289904092Z 71 PC: 17375 | Get current directory (See above)
2018-12-25T11:44:24.293436564Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:24.295848161Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:24.298968121Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:24.309855667Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.008356772Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:25.015488767Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:25.01910201Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.020865664Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.022582382Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:25.030509986Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.032190156Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.033973247Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.044887208Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.05251634Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:25.058424195Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.067418552Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.069942687Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.073445542Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.082462525Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.084227153Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:25.091759802Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.101934721Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:25.103620045Z 25 PC: 17375 | Get default drive (See above)
2018-12-25T11:44:25.104955521Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:25.11192676Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:25.113813689Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:25.114941107Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:25.121609355Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:25.12573202Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:25.136572778Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:25.1389125Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.14607461Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.178098074Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:25.185919209Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:25.194155492Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.195744879Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.197709094Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.201597976Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:25.209378431Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.215682322Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.217809779Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.222922713Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.229918257Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.231685496Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:25.237319387Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.244020661Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:25.246406533Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:25.248828059Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.252511618Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.263802535Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:25.275757401Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:25.282786575Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.28457054Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.287099031Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.290361969Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:25.295453388Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.304668077Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.306762409Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.313099499Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.319795164Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.321688921Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:25.330563737Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.341654758Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:25.346370417Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:25.34921524Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.356521662Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.610746983Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:25.618148629Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:25.62570384Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.627957008Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.629722012Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.632013539Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:25.635842904Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.678567249Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.680217134Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.688866706Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.696958073Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.699216085Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:25.708451305Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.720889342Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:25.725288665Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:25.72785555Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.73509162Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.745944121Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:25.753441336Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:25.761769096Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.763638394Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.765590008Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.769570503Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:25.775537549Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.785649424Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.788269849Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.796800069Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.8058377Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.808544423Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:25.817896476Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.829850151Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:25.834254465Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:25.837015824Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.843685669Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.856044011Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:25.864537253Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:25.871886067Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.874014195Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.877226622Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.880764066Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:25.886115671Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.896862838Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.89857312Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.906093144Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.91328753Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.91504483Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:25.923494866Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.934981469Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:25.938271887Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:25.939895727Z 59 PC: 17375 | Change current directory (See above)
2018-12-25T11:44:25.942447008Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:25.944148796Z 26 PC: 16872 | Set disk transfer address
2018-12-25T11:44:25.945241751Z 42 PC: 16876 | Get date 0x16876: cmp cx, 0x7c8
0x1687a: jae 0x1687f
0x1687c: jmp 0x1690a
0x1687f: cmp dh, 9
0x16882: jae 0x16887
0x16884: jmp 0x1690a
0x16887: cmp dl, 1
0x1688a: je 0x1688e
0x1688c: jmp 0x1690a
0x1688e: nop
0x1688f: mov al, 2
0x16891: push ax
0x16892: mov cx, 0x80
0x16895: mov dx, word ptr [0x142]
0x16899: push ds
0x1689a: mov bx, 0
0x1689d: mov ds, bx
0x1689f: int 0x26
0x168a1: popf
0x168a2: pop ds
2018-12-25T11:44:25.948143194Z 53 PC: 16912 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:25.94926752Z 37 PC: 16928 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:25.950302027Z 78 PC: 1693b | Find first file
2018-12-25T11:44:25.957949634Z 67 PC: 16bf3 | Get or set file attributes
2018-12-25T11:44:25.964258081Z 67 PC: 16bf3 | Get or set file attributes (See above)
2018-12-25T11:44:25.975118679Z 61 PC: 16a94 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:25.983385948Z 87 PC: 16bbb | Get or set file date and time
2018-12-25T11:44:25.985079839Z 63 PC: 16aa0 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:44:25.992211233Z 66 PC: 16bb1 | Move file pointer
2018-12-25T11:44:25.994473517Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:25.997266069Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:25.998820677Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:26.002146912Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:26.004246773Z 62 PC: 16ab2 | Close file
2018-12-25T11:44:26.006262711Z 61 PC: 16a94 | Open file (See above)
2018-12-25T11:44:26.014335462Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:26.017020819Z 62 PC: 16ab2 | Close file (See above)
2018-12-25T11:44:26.018339544Z 61 PC: 16a94 | Open file (See above)
2018-12-25T11:44:26.024001413Z 64 PC: 16aa9 | Write file or device (Write 10 bytes on handle 5)
2018-12-25T11:44:26.026219789Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:26.027644583Z 64 PC: 16aa9 | Write file or device (See above)
2018-12-25T11:44:26.036314822Z 64 PC: 16aa9 | Write file or device (See above)
2018-12-25T11:44:26.046377136Z 87 PC: 16bd5 | Get or set file date and time
2018-12-25T11:44:26.048383943Z 62 PC: 16ab2 | Close file (See above)
2018-12-25T11:44:26.058341844Z 67 PC: 16bf3 | Get or set file attributes (See above)
2018-12-25T11:44:26.070056701Z 37 PC: 16a76 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:26.071847335Z 26 PC: 16a8b | Set disk transfer address
2018-12-25T11:44:26.074740225Z 47 PC: 15bd1 | Get disk transfer address
2018-12-25T11:44:26.076911773Z 26 PC: 15be4 | Set disk transfer address
2018-12-25T11:44:26.078745486Z 78 PC: 15c70 | Find first file
2018-12-25T11:44:26.087005822Z 67 PC: 15cae | Get or set file attributes
2018-12-25T11:44:26.095198837Z 67 PC: 15cc0 | Get or set file attributes
2018-12-25T11:44:26.106691925Z 61 PC: 15ccb | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:26.115546318Z 87 PC: 15cd7 | Get or set file date and time
2018-12-25T11:44:26.11759864Z 63 PC: 15cec | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:44:26.120574212Z 66 PC: 15cfe | Move file pointer
2018-12-25T11:44:26.123039185Z 64 PC: 15d22 | Write file or device (Write 2437 bytes on handle 5)
2018-12-25T11:44:26.132877595Z 66 PC: 15d34 | Move file pointer
2018-12-25T11:44:26.134284092Z 64 PC: 15d43 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:44:26.13743871Z 87 PC: 15d56 | Get or set file date and time
2018-12-25T11:44:26.139090925Z 62 PC: 15d5a | Close file
2018-12-25T11:44:26.147364367Z 67 PC: 15d69 | Get or set file attributes
2018-12-25T11:44:26.158622926Z 42 PC: 15d6e | Get date 0x15d6e: cmp cx, 0x7c7
0x15d72: jne 0x15d79
0x15d74: cmp dh, 1
0x15d77: je 0x15d8b
0x15d79: cmp al, 0
0x15d7b: jne 0x15d8b
0x15d7d: mov dx, si
0x15d7f: mov ah, 9
0x15d81: add dx, 0x16
0x15d84: nop
0x15d85: int 0x21
0x15d87: mov ah, 8
0x15d89: int 0x21
0x15d8b: mov dx, word ptr [si]
0x15d8d: nop
0x15d8e: nop
0x15d8f: mov ds, word ptr [si + 2]
0x15d92: nop
0x15d93: mov ah, 0x1a
0x15d95: int 0x21
2018-12-25T11:44:26.162242211Z 9 PC: 15d87 | Display string (Could not find end pointer)
2018-12-25T11:44:26.211775754Z 8 PC: 15d8b | Console input without echo

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1791,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:44:24.781950353Z 48 PC: 17375 | Get DOS version
2018-12-25T11:44:24.783767784Z 71 PC: 17375 | Get current directory (See above)
2018-12-25T11:44:24.786409363Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:24.788077515Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:24.790710938Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:24.79572963Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.124078066Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:25.130807675Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:25.133521911Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.134998749Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.136900342Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:25.142757275Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.14415001Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.146305787Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.147871714Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.155441149Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:25.160658962Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.167791084Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.169162047Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.172446225Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.183500097Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.185278534Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:25.199083116Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.612737107Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:25.613839204Z 25 PC: 17375 | Get default drive (See above)
2018-12-25T11:44:25.614931644Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:25.620366461Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:25.621537805Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:25.622695174Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:25.628949387Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:25.630657148Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:25.637027504Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:25.639672566Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.644945129Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.837848183Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:25.845901511Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:25.852729515Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.85458013Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.85777532Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.861170191Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:25.866658942Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.876522072Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.879119449Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.886030114Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.893073295Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.894943287Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:25.902490432Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.913100607Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:25.916563686Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:25.918218805Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.924568414Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.935167798Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:25.941735264Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:25.948690022Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.950084153Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.951485964Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.954819517Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:25.960321595Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.96918672Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.971170607Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.978575779Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.984375753Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.986496381Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:25.994496968Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.00431588Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:26.008332835Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:26.0109788Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.0171473Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.029380174Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:26.04171226Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:26.048291924Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:26.050028716Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:26.052614238Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.055459429Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:26.060270607Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.0696409Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:26.071135222Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.077539759Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.095602699Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:26.099394232Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:26.118325869Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.125071714Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:26.128192537Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:26.130436428Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.13770649Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.147559725Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:26.152163308Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:26.156910258Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:26.158306174Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:26.159559046Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.162156579Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:26.165998503Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.171530482Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:26.173193504Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.177457414Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.181215508Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:26.18288469Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:26.187862624Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.195802303Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:26.200092839Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:26.202129868Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.20618332Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.21804739Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:26.225029701Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:26.229161387Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:26.231473538Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:26.232628736Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.234538548Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:26.238065488Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.243433913Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:26.244483143Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.249052734Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.252728591Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:26.254088643Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:26.260222989Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.266822852Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:26.26870444Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:26.270145604Z 59 PC: 17375 | Change current directory (See above)
2018-12-25T11:44:26.271563181Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:26.272692245Z 26 PC: 16872 | Set disk transfer address
2018-12-25T11:44:26.274069048Z 42 PC: 16876 | Get date 0x16876: cmp cx, 0x7c8
0x1687a: jae 0x1687f
0x1687c: jmp 0x1690a
0x1687f: cmp dh, 9
0x16882: jae 0x16887
0x16884: jmp 0x1690a
0x16887: cmp dl, 1
0x1688a: je 0x1688e
0x1688c: jmp 0x1690a
0x1688e: nop
0x1688f: mov al, 2
0x16891: push ax
0x16892: mov cx, 0x80
0x16895: mov dx, word ptr [0x142]
0x16899: push ds
0x1689a: mov bx, 0
0x1689d: mov ds, bx
0x1689f: int 0x26
0x168a1: popf
0x168a2: pop ds
2018-12-25T11:44:26.275604086Z 53 PC: 16912 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:26.276482612Z 37 PC: 16928 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:26.27798703Z 78 PC: 1693b | Find first file
2018-12-25T11:44:26.281942878Z 67 PC: 16bf3 | Get or set file attributes
2018-12-25T11:44:26.289070841Z 67 PC: 16bf3 | Get or set file attributes (See above)
2018-12-25T11:44:26.300907389Z 61 PC: 16a94 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:26.306866835Z 87 PC: 16bbb | Get or set file date and time
2018-12-25T11:44:26.308494Z 63 PC: 16aa0 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:44:26.315838576Z 66 PC: 16bb1 | Move file pointer
2018-12-25T11:44:26.317852847Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:26.320612095Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:26.323221654Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:26.325920171Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:26.32771552Z 62 PC: 16ab2 | Close file
2018-12-25T11:44:26.330444254Z 61 PC: 16a94 | Open file (See above)
2018-12-25T11:44:26.337183859Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:26.34000659Z 62 PC: 16ab2 | Close file (See above)
2018-12-25T11:44:26.342876518Z 61 PC: 16a94 | Open file (See above)
2018-12-25T11:44:26.349970758Z 64 PC: 16aa9 | Write file or device (Write 10 bytes on handle 5)
2018-12-25T11:44:26.352967769Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:26.355974233Z 64 PC: 16aa9 | Write file or device (See above)
2018-12-25T11:44:26.363798341Z 64 PC: 16aa9 | Write file or device (See above)
2018-12-25T11:44:26.373604097Z 87 PC: 16bd5 | Get or set file date and time
2018-12-25T11:44:26.37629307Z 62 PC: 16ab2 | Close file (See above)
2018-12-25T11:44:26.384849515Z 67 PC: 16bf3 | Get or set file attributes (See above)
2018-12-25T11:44:26.395551614Z 37 PC: 16a76 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:26.397012281Z 26 PC: 16a8b | Set disk transfer address
2018-12-25T11:44:26.398930418Z 47 PC: 15bd1 | Get disk transfer address
2018-12-25T11:44:26.400093362Z 26 PC: 15be4 | Set disk transfer address
2018-12-25T11:44:26.401351791Z 78 PC: 15c70 | Find first file
2018-12-25T11:44:26.407505701Z 67 PC: 15cae | Get or set file attributes
2018-12-25T11:44:26.41327157Z 67 PC: 15cc0 | Get or set file attributes
2018-12-25T11:44:26.425338042Z 61 PC: 15ccb | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:26.438153077Z 87 PC: 15cd7 | Get or set file date and time
2018-12-25T11:44:26.439823638Z 63 PC: 15cec | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:44:26.446307658Z 66 PC: 15cfe | Move file pointer
2018-12-25T11:44:26.448880597Z 64 PC: 15d22 | Write file or device (Write 2437 bytes on handle 5)
2018-12-25T11:44:26.458150505Z 66 PC: 15d34 | Move file pointer
2018-12-25T11:44:26.459788015Z 64 PC: 15d43 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:44:26.46393538Z 87 PC: 15d56 | Get or set file date and time
2018-12-25T11:44:26.465649189Z 62 PC: 15d5a | Close file
2018-12-25T11:44:26.473364787Z 67 PC: 15d69 | Get or set file attributes
2018-12-25T11:44:26.483114768Z 42 PC: 15d6e | Get date 0x15d6e: cmp cx, 0x7c7
0x15d72: jne 0x15d79
0x15d74: cmp dh, 1
0x15d77: je 0x15d8b
0x15d79: cmp al, 0
0x15d7b: jne 0x15d8b
0x15d7d: mov dx, si
0x15d7f: mov ah, 9
0x15d81: add dx, 0x16
0x15d84: nop
0x15d85: int 0x21
0x15d87: mov ah, 8
0x15d89: int 0x21
0x15d8b: mov dx, word ptr [si]
0x15d8d: nop
0x15d8e: nop
0x15d8f: mov ds, word ptr [si + 2]
0x15d92: nop
0x15d93: mov ah, 0x1a
0x15d95: int 0x21
2018-12-25T11:44:26.48528558Z 26 PC: 15d97 | Set disk transfer address
2018-12-25T11:44:26.488289677Z 13 PC: 12ab4 | Disk reset
2018-12-25T11:44:26.490076962Z 26 PC: 12b69 | Set disk transfer address
2018-12-25T11:44:26.491346397Z 71 PC: 12b7b | Get current directory
2018-12-25T11:44:26.494088021Z 78 PC: 12b84 | Find first file
2018-12-25T11:44:26.504331741Z 67 PC: 12b9e | Get or set file attributes
2018-12-25T11:44:26.514106351Z 61 PC: 12bb0 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:26.521002163Z 63 PC: 12bcf | Read file or device (Read 2660 bytes on handle 5)
2018-12-25T11:44:26.530219905Z 66 PC: 12bf5 | Move file pointer
2018-12-25T11:44:26.531716332Z 66 PC: 12c14 | Move file pointer
2018-12-25T11:44:26.533497761Z 64 PC: 12c30 | Write file or device (Write 2660 bytes on handle 5)
2018-12-25T11:44:26.54264229Z 64 PC: 12c3e | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:44:26.608224889Z 66 PC: 12cbd | Move file pointer
2018-12-25T11:44:26.610643719Z 64 PC: 12ccc | Write file or device (Write 2660 bytes on handle 5)
2018-12-25T11:44:26.619653501Z 87 PC: 12cdb | Get or set file date and time
2018-12-25T11:44:26.622134131Z 62 PC: 12cdf | Close file
2018-12-25T11:44:26.63026322Z 67 PC: 12cef | Get or set file attributes
2018-12-25T11:44:26.640469527Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:26.64303628Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:26.65281337Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:26.659654203Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:26.666922942Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:26.669051038Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:26.670830257Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:26.679171403Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:26.776636244Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:26.778891522Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:26.787364944Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:26.789720371Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:26.797317096Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:26.807650945Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:26.811467038Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:26.821621418Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:26.828448304Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:26.837552839Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:26.839498511Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:26.841692934Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:26.851511878Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:26.937013651Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:26.939522927Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:26.950548552Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:26.95240476Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:26.960027698Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:26.970842266Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:26.973991041Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:26.984237217Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:26.991890062Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:26.999731512Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:27.001135111Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:27.003849811Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:27.012516738Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:27.08118553Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:27.084557408Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:27.093131734Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:27.094939265Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:27.103957449Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:27.114285552Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:27.117191844Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:27.125360155Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:27.129931999Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:27.134639524Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:27.136374706Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:27.137684218Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:27.143713903Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:27.168478163Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:27.169967489Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:27.175681145Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:27.177230127Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:27.182438463Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:27.188744332Z 78 PC: 12d16 | Find first file
2018-12-25T11:44:27.195014376Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:27.198846275Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:27.205335891Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:27.212678318Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:27.222150485Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:27.233103626Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:27.238932921Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:27.244539556Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:27.250014592Z 59 PC: 12d4b | Change current directory
2018-12-25T11:44:27.25443634Z 42 PC: 12da2 | Get date 0x12da2: cmp dh, 9
0x12da5: jne 0x12dd9
0x12da7: cmp dl, 0xe
0x12daa: jne 0x12dd9
0x12dac: mov al, 2
0x12dae: out 0x21, al
0x12db0: mov ah, 9
0x12db2: mov dx, 0xa4d
0x12db5: int 0x21
0x12db7: mov dx, 0x49a
0x12dba: mov cx, 7
0x12dbd: mov ah, 0x4e
0x12dbf: int 0x21
0x12dc1: jb 0x12dd7
0x12dc3: call 0x12dde
0x12dc6: jb 0x12dd3
0x12dc8: xchg ax, bx
0x12dc9: xor cx, cx
0x12dcb: mov ah, 0x40
0x12dcd: int 0x21
2018-12-25T11:44:27.256684597Z 26 PC: 12d69 | Set disk transfer address
2018-12-25T11:44:27.257725964Z 59 PC: 12d74 | Change current directory
2018-12-25T11:44:27.260209136Z 9 PC: 639 | Display string (String= 'This is a sample! (10.000 bytes)')
2018-12-25T11:44:27.262406555Z 76 PC: 12a56 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1791,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:44:25.154104764Z 48 PC: 17375 | Get DOS version
2018-12-25T11:44:25.156115328Z 71 PC: 17375 | Get current directory (See above)
2018-12-25T11:44:25.159101004Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:25.160708074Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:25.171375403Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.180337408Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.838104418Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:25.845081063Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:25.848075457Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.849930325Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.85204614Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:25.858679153Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.8603491Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.8624802Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.863902797Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.869906757Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:25.875198175Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.882018638Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.883237077Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.886462906Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.893060128Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.895115624Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:25.901742253Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.91046364Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:25.911399438Z 25 PC: 17375 | Get default drive (See above)
2018-12-25T11:44:25.913059576Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:25.918442673Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:25.920340124Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:25.92290219Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:25.929196027Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:25.931068549Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:25.938265672Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:25.940530251Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.94592414Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.961746877Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:25.968460295Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:25.97500148Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.977342928Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.979024758Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.982020478Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:25.987766229Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.997252725Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.998879184Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.006293269Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.012603853Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:26.01433905Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:26.022131631Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.031871356Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:26.040336629Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:26.04430366Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.050849041Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.065026746Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:26.071886658Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:26.079015438Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:26.080522572Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:26.082279399Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.085698012Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:26.090685927Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.09962348Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:26.102352824Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.109003981Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.114932841Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:26.117776762Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:26.130019164Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.140227158Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:26.144753738Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:26.147365281Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.153114768Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.163706095Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:26.170747486Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:26.177171431Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:26.179545023Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:26.181497694Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.184422825Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:26.190683059Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.199670856Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:26.202507365Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.210356476Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.216716691Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:26.21841995Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:26.226767382Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.23756453Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:26.241136884Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:26.244111351Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.249852686Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.260373575Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:26.267659198Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:26.274738651Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:26.276386758Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:26.278668426Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.281705161Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:26.286663299Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.296492171Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:26.298228311Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.304735985Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.311245181Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:26.31333374Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:26.3217555Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.331643649Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:26.336040029Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:26.338478533Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.344274541Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.354485197Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:26.361862887Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:26.368363982Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:26.371018989Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:26.372811158Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.375715005Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:26.382128439Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.390925748Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:26.392991776Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.400628623Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.406566299Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:26.40804376Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:26.416327118Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.426142991Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:26.428949183Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:26.43098697Z 59 PC: 17375 | Change current directory (See above)
2018-12-25T11:44:26.432811383Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:26.434459763Z 26 PC: 16872 | Set disk transfer address
2018-12-25T11:44:26.436465931Z 42 PC: 16876 | Get date 0x16876: cmp cx, 0x7c8
0x1687a: jae 0x1687f
0x1687c: jmp 0x1690a
0x1687f: cmp dh, 9
0x16882: jae 0x16887
0x16884: jmp 0x1690a
0x16887: cmp dl, 1
0x1688a: je 0x1688e
0x1688c: jmp 0x1690a
0x1688e: nop
0x1688f: mov al, 2
0x16891: push ax
0x16892: mov cx, 0x80
0x16895: mov dx, word ptr [0x142]
0x16899: push ds
0x1689a: mov bx, 0
0x1689d: mov ds, bx
0x1689f: int 0x26
0x168a1: popf
0x168a2: pop ds
2018-12-25T11:44:26.439106766Z 53 PC: 16912 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:26.440687324Z 37 PC: 16928 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:26.442531299Z 78 PC: 1693b | Find first file
2018-12-25T11:44:26.44824525Z 67 PC: 16bf3 | Get or set file attributes
2018-12-25T11:44:26.454391783Z 67 PC: 16bf3 | Get or set file attributes (See above)
2018-12-25T11:44:26.464671347Z 61 PC: 16a94 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:26.471152589Z 87 PC: 16bbb | Get or set file date and time
2018-12-25T11:44:26.472545542Z 63 PC: 16aa0 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:44:26.479633954Z 66 PC: 16bb1 | Move file pointer
2018-12-25T11:44:26.481867981Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:26.484408752Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:26.48675892Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:26.489198889Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:26.490671107Z 62 PC: 16ab2 | Close file
2018-12-25T11:44:26.49260222Z 61 PC: 16a94 | Open file (See above)
2018-12-25T11:44:26.499537931Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:26.501964903Z 62 PC: 16ab2 | Close file (See above)
2018-12-25T11:44:26.503675356Z 61 PC: 16a94 | Open file (See above)
2018-12-25T11:44:26.510458497Z 64 PC: 16aa9 | Write file or device (Write 10 bytes on handle 5)
2018-12-25T11:44:26.513241128Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:26.514488398Z 64 PC: 16aa9 | Write file or device (See above)
2018-12-25T11:44:26.522419822Z 64 PC: 16aa9 | Write file or device (See above)
2018-12-25T11:44:26.531179045Z 87 PC: 16bd5 | Get or set file date and time
2018-12-25T11:44:26.532595104Z 62 PC: 16ab2 | Close file (See above)
2018-12-25T11:44:26.540805514Z 67 PC: 16bf3 | Get or set file attributes (See above)
2018-12-25T11:44:26.550630664Z 37 PC: 16a76 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:26.551791299Z 26 PC: 16a8b | Set disk transfer address
2018-12-25T11:44:26.553863687Z 47 PC: 15bd1 | Get disk transfer address
2018-12-25T11:44:26.555030005Z 26 PC: 15be4 | Set disk transfer address
2018-12-25T11:44:26.556231679Z 78 PC: 15c70 | Find first file
2018-12-25T11:44:26.562972203Z 67 PC: 15cae | Get or set file attributes
2018-12-25T11:44:26.568715319Z 67 PC: 15cc0 | Get or set file attributes
2018-12-25T11:44:26.580999465Z 61 PC: 15ccb | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:26.589433983Z 87 PC: 15cd7 | Get or set file date and time
2018-12-25T11:44:26.591021399Z 63 PC: 15cec | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:44:26.59750186Z 66 PC: 15cfe | Move file pointer
2018-12-25T11:44:26.60010538Z 64 PC: 15d22 | Write file or device (Write 2437 bytes on handle 5)
2018-12-25T11:44:26.609544112Z 66 PC: 15d34 | Move file pointer
2018-12-25T11:44:26.611149487Z 64 PC: 15d43 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:44:26.615839347Z 87 PC: 15d56 | Get or set file date and time
2018-12-25T11:44:26.61753331Z 62 PC: 15d5a | Close file
2018-12-25T11:44:26.625744464Z 67 PC: 15d69 | Get or set file attributes
2018-12-25T11:44:26.635946776Z 42 PC: 15d6e | Get date 0x15d6e: cmp cx, 0x7c7
0x15d72: jne 0x15d79
0x15d74: cmp dh, 1
0x15d77: je 0x15d8b
0x15d79: cmp al, 0
0x15d7b: jne 0x15d8b
0x15d7d: mov dx, si
0x15d7f: mov ah, 9
0x15d81: add dx, 0x16
0x15d84: nop
0x15d85: int 0x21
0x15d87: mov ah, 8
0x15d89: int 0x21
0x15d8b: mov dx, word ptr [si]
0x15d8d: nop
0x15d8e: nop
0x15d8f: mov ds, word ptr [si + 2]
0x15d92: nop
0x15d93: mov ah, 0x1a
0x15d95: int 0x21
2018-12-25T11:44:26.63828534Z 26 PC: 15d97 | Set disk transfer address
2018-12-25T11:44:26.666764526Z 13 PC: 12ab4 | Disk reset
2018-12-25T11:44:26.669205207Z 26 PC: 12b69 | Set disk transfer address
2018-12-25T11:44:26.670462505Z 71 PC: 12b7b | Get current directory
2018-12-25T11:44:26.673598131Z 78 PC: 12b84 | Find first file
2018-12-25T11:44:26.681017942Z 67 PC: 12b9e | Get or set file attributes
2018-12-25T11:44:26.68986081Z 61 PC: 12bb0 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:26.697265917Z 63 PC: 12bcf | Read file or device (Read 2660 bytes on handle 5)
2018-12-25T11:44:26.705233452Z 66 PC: 12bf5 | Move file pointer
2018-12-25T11:44:26.706812445Z 66 PC: 12c14 | Move file pointer
2018-12-25T11:44:26.709290487Z 64 PC: 12c30 | Write file or device (Write 2660 bytes on handle 5)
2018-12-25T11:44:26.718610859Z 64 PC: 12c3e | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:44:26.768679726Z 66 PC: 12cbd | Move file pointer
2018-12-25T11:44:26.771750812Z 64 PC: 12ccc | Write file or device (Write 2660 bytes on handle 5)
2018-12-25T11:44:26.779572574Z 87 PC: 12cdb | Get or set file date and time
2018-12-25T11:44:26.781152999Z 62 PC: 12cdf | Close file
2018-12-25T11:44:26.78998313Z 67 PC: 12cef | Get or set file attributes
2018-12-25T11:44:26.800136903Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:26.80301059Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:26.813429754Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:26.820253272Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:26.8288224Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:26.831346494Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:26.833358329Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:26.842466591Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:26.896366251Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:26.899241906Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:26.907983091Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:26.910564589Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:26.918725546Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:26.928703081Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:26.932463842Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:26.942615675Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:26.94949367Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:26.958568588Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:26.960735356Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:26.962939874Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:26.973720895Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:27.03362531Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:27.035779783Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:27.063173295Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:27.064734455Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:27.078179573Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:27.100660276Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:27.111967844Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:27.122065013Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:27.129192282Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:27.136914188Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:27.138362476Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:27.140499678Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:27.149229747Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:27.19266726Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:27.196565335Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:27.205216382Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:27.206972889Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:27.215529134Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:27.225366216Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:27.228350688Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:27.238914485Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:27.245785136Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:27.253360115Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:27.255546552Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:27.257488927Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:27.266869011Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:27.326269315Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:27.328387677Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:27.337061829Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:27.339353421Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:27.346931549Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:27.356902948Z 78 PC: 12d16 | Find first file
2018-12-25T11:44:27.363489377Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:27.369150761Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:27.379785598Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:27.387566653Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:27.393298474Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:27.399205073Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:27.405687673Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:27.411363538Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:27.417251731Z 59 PC: 12d4b | Change current directory
2018-12-25T11:44:27.422691667Z 42 PC: 12da2 | Get date 0x12da2: cmp dh, 9
0x12da5: jne 0x12dd9
0x12da7: cmp dl, 0xe
0x12daa: jne 0x12dd9
0x12dac: mov al, 2
0x12dae: out 0x21, al
0x12db0: mov ah, 9
0x12db2: mov dx, 0xa4d
0x12db5: int 0x21
0x12db7: mov dx, 0x49a
0x12dba: mov cx, 7
0x12dbd: mov ah, 0x4e
0x12dbf: int 0x21
0x12dc1: jb 0x12dd7
0x12dc3: call 0x12dde
0x12dc6: jb 0x12dd3
0x12dc8: xchg ax, bx
0x12dc9: xor cx, cx
0x12dcb: mov ah, 0x40
0x12dcd: int 0x21
2018-12-25T11:44:27.425234396Z 26 PC: 12d69 | Set disk transfer address
2018-12-25T11:44:27.426751997Z 59 PC: 12d74 | Change current directory
2018-12-25T11:44:27.42996261Z 9 PC: 639 | Display string (String= 'This is a sample! (10.000 bytes)')
2018-12-25T11:44:27.432253378Z 76 PC: 12a56 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":9,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1791,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:44:25.171533613Z 48 PC: 17375 | Get DOS version
2018-12-25T11:44:25.173890613Z 71 PC: 17375 | Get current directory (See above)
2018-12-25T11:44:25.17712905Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:25.179135122Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:25.181890851Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.18740242Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.847208546Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:25.854103831Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:25.857406163Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.860622395Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.863782296Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:25.871270465Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.872710637Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.874371101Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.877512707Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.883725741Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:25.88869223Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.895575298Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.897188044Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.900518866Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.906385142Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.907886382Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:25.915082887Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.92687646Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:25.932311313Z 25 PC: 17375 | Get default drive (See above)
2018-12-25T11:44:25.933436917Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:25.939581519Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:25.940879235Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:25.942256707Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:25.950104891Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:25.951819165Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:25.958305618Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:25.961472272Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.96705059Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.982353789Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:25.990227131Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:26.004280137Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:26.005826819Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:26.008187141Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.01146804Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:26.016968305Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.026725936Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:26.02874108Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.035394459Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.041798113Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:26.043493349Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:26.051086865Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.061700394Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:26.064180571Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:26.066122909Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.074448485Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.087725482Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:26.0957185Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:26.102581719Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:26.105132302Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:26.106860216Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.110382157Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:26.116351156Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.125594714Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:26.127723583Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.135076599Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.140838973Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:26.142194259Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:26.151361806Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.161326806Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:26.165066027Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:26.168721062Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.175011976Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.203232796Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:26.212133346Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:26.21866781Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:26.220349588Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:26.222953604Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.22600462Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:26.231021363Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.24054312Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:26.242505146Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.249170244Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.255946354Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:26.257984898Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:26.265769137Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.276609115Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:26.280468398Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:26.282897005Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.28926696Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.299757309Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:26.306449143Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:26.31292446Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:26.315536892Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:26.31717045Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.320119617Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:26.3261051Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.334844587Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:26.336456125Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.344589192Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.350544534Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:26.352247073Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:26.360766701Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.371388444Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:26.374963108Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:26.37828055Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.384470142Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.396642877Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:26.409336944Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:26.416197262Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:26.417930312Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:26.420390366Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.423741023Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:26.428768089Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.43764757Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:26.440074557Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.446698707Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.453001254Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:26.455635686Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:26.463223351Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.47345396Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:26.477200801Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:26.478492951Z 59 PC: 17375 | Change current directory (See above)
2018-12-25T11:44:26.480415811Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:26.483137823Z 26 PC: 16872 | Set disk transfer address
2018-12-25T11:44:26.484362398Z 42 PC: 16876 | Get date 0x16876: cmp cx, 0x7c8
0x1687a: jae 0x1687f
0x1687c: jmp 0x1690a
0x1687f: cmp dh, 9
0x16882: jae 0x16887
0x16884: jmp 0x1690a
0x16887: cmp dl, 1
0x1688a: je 0x1688e
0x1688c: jmp 0x1690a
0x1688e: nop
0x1688f: mov al, 2
0x16891: push ax
0x16892: mov cx, 0x80
0x16895: mov dx, word ptr [0x142]
0x16899: push ds
0x1689a: mov bx, 0
0x1689d: mov ds, bx
0x1689f: int 0x26
0x168a1: popf
0x168a2: pop ds
2018-12-25T11:44:26.486728251Z 53 PC: 16912 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:26.488846453Z 37 PC: 16928 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:26.490316356Z 78 PC: 1693b | Find first file
2018-12-25T11:44:26.496530504Z 67 PC: 16bf3 | Get or set file attributes
2018-12-25T11:44:26.503693596Z 67 PC: 16bf3 | Get or set file attributes (See above)
2018-12-25T11:44:26.514326427Z 61 PC: 16a94 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:26.521188487Z 87 PC: 16bbb | Get or set file date and time
2018-12-25T11:44:26.523700618Z 63 PC: 16aa0 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:44:26.530360626Z 66 PC: 16bb1 | Move file pointer
2018-12-25T11:44:26.532044152Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:26.535574409Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:26.538140165Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:26.540865192Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:26.54305265Z 62 PC: 16ab2 | Close file
2018-12-25T11:44:26.545171357Z 61 PC: 16a94 | Open file (See above)
2018-12-25T11:44:26.551961216Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:26.555429833Z 62 PC: 16ab2 | Close file (See above)
2018-12-25T11:44:26.557447755Z 61 PC: 16a94 | Open file (See above)
2018-12-25T11:44:26.56427202Z 64 PC: 16aa9 | Write file or device (Write 10 bytes on handle 5)
2018-12-25T11:44:26.567968793Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:26.569638011Z 64 PC: 16aa9 | Write file or device (See above)
2018-12-25T11:44:26.577048895Z 64 PC: 16aa9 | Write file or device (See above)
2018-12-25T11:44:26.586774209Z 87 PC: 16bd5 | Get or set file date and time
2018-12-25T11:44:26.588373648Z 62 PC: 16ab2 | Close file (See above)
2018-12-25T11:44:26.596163263Z 67 PC: 16bf3 | Get or set file attributes (See above)
2018-12-25T11:44:26.607069985Z 37 PC: 16a76 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:26.608780602Z 26 PC: 16a8b | Set disk transfer address
2018-12-25T11:44:26.610200402Z 47 PC: 15bd1 | Get disk transfer address
2018-12-25T11:44:26.611852082Z 26 PC: 15be4 | Set disk transfer address
2018-12-25T11:44:26.613735238Z 78 PC: 15c70 | Find first file
2018-12-25T11:44:26.619688803Z 67 PC: 15cae | Get or set file attributes
2018-12-25T11:44:26.626812208Z 67 PC: 15cc0 | Get or set file attributes
2018-12-25T11:44:26.636914907Z 61 PC: 15ccb | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:26.644080635Z 87 PC: 15cd7 | Get or set file date and time
2018-12-25T11:44:26.645520795Z 63 PC: 15cec | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:44:26.648802811Z 66 PC: 15cfe | Move file pointer
2018-12-25T11:44:26.650257319Z 64 PC: 15d22 | Write file or device (Write 2437 bytes on handle 5)
2018-12-25T11:44:26.659025811Z 66 PC: 15d34 | Move file pointer
2018-12-25T11:44:26.660990762Z 64 PC: 15d43 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:44:26.663767644Z 87 PC: 15d56 | Get or set file date and time
2018-12-25T11:44:26.665914673Z 62 PC: 15d5a | Close file
2018-12-25T11:44:26.674756499Z 67 PC: 15d69 | Get or set file attributes
2018-12-25T11:44:26.685271298Z 42 PC: 15d6e | Get date 0x15d6e: cmp cx, 0x7c7
0x15d72: jne 0x15d79
0x15d74: cmp dh, 1
0x15d77: je 0x15d8b
0x15d79: cmp al, 0
0x15d7b: jne 0x15d8b
0x15d7d: mov dx, si
0x15d7f: mov ah, 9
0x15d81: add dx, 0x16
0x15d84: nop
0x15d85: int 0x21
0x15d87: mov ah, 8
0x15d89: int 0x21
0x15d8b: mov dx, word ptr [si]
0x15d8d: nop
0x15d8e: nop
0x15d8f: mov ds, word ptr [si + 2]
0x15d92: nop
0x15d93: mov ah, 0x1a
0x15d95: int 0x21
2018-12-25T11:44:26.687942654Z 26 PC: 15d97 | Set disk transfer address
2018-12-25T11:44:26.695396715Z 13 PC: 12ab4 | Disk reset
2018-12-25T11:44:26.697348646Z 26 PC: 12b69 | Set disk transfer address
2018-12-25T11:44:26.698905595Z 71 PC: 12b7b | Get current directory
2018-12-25T11:44:26.702690237Z 78 PC: 12b84 | Find first file
2018-12-25T11:44:26.711648432Z 67 PC: 12b9e | Get or set file attributes
2018-12-25T11:44:26.721557347Z 61 PC: 12bb0 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:26.728944428Z 63 PC: 12bcf | Read file or device (Read 2660 bytes on handle 5)
2018-12-25T11:44:26.736561119Z 66 PC: 12bf5 | Move file pointer
2018-12-25T11:44:26.738477027Z 66 PC: 12c14 | Move file pointer
2018-12-25T11:44:26.740853924Z 64 PC: 12c30 | Write file or device (Write 2660 bytes on handle 5)
2018-12-25T11:44:26.750343255Z 64 PC: 12c3e | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:44:26.816783869Z 66 PC: 12cbd | Move file pointer
2018-12-25T11:44:26.818990762Z 64 PC: 12ccc | Write file or device (Write 2660 bytes on handle 5)
2018-12-25T11:44:26.826905819Z 87 PC: 12cdb | Get or set file date and time
2018-12-25T11:44:26.82909298Z 62 PC: 12cdf | Close file
2018-12-25T11:44:26.837490317Z 67 PC: 12cef | Get or set file attributes
2018-12-25T11:44:26.847212749Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:26.850823337Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:26.861322435Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:26.866697882Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:26.871996018Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:26.873091969Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:26.874490883Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:26.880434895Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:26.918185978Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:26.920096832Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:26.928431118Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:26.929824609Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:26.938188087Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:26.949115021Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:26.951771499Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:26.962952045Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:26.970673164Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:26.978938579Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:26.980588752Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:26.983393764Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:26.992835463Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:27.041549974Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:27.044831344Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:27.054032275Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:27.055809221Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:27.062906804Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:27.069512026Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:27.071384776Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:27.079017419Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:27.083898888Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:27.088781076Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:27.091081242Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:27.09500045Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:27.100954833Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:27.17228069Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:27.17482534Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:27.183346076Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:27.185697448Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:27.19763025Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:27.207414078Z 79 PC: 12b84 | Find next file (See above)
2018-12-25T11:44:27.21054492Z 67 PC: 12b9e | Get or set file attributes (See above)
2018-12-25T11:44:27.220018743Z 61 PC: 12bb0 | Open file (See above)
2018-12-25T11:44:27.226726497Z 63 PC: 12bcf | Read file or device (See above)
2018-12-25T11:44:27.235628079Z 66 PC: 12bf5 | Move file pointer (See above)
2018-12-25T11:44:27.23699689Z 66 PC: 12c14 | Move file pointer (See above)
2018-12-25T11:44:27.2387246Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T11:44:27.245125418Z 64 PC: 12c3e | Write file or device (See above)
2018-12-25T11:44:27.276914903Z 66 PC: 12cbd | Move file pointer (See above)
2018-12-25T11:44:27.2780659Z 64 PC: 12ccc | Write file or device (See above)
2018-12-25T11:44:27.284445485Z 87 PC: 12cdb | Get or set file date and time (See above)
2018-12-25T11:44:27.285758843Z 62 PC: 12cdf | Close file (See above)
2018-12-25T11:44:27.29165279Z 67 PC: 12cef | Get or set file attributes (See above)
2018-12-25T11:44:27.298788722Z 78 PC: 12d16 | Find first file
2018-12-25T11:44:27.303167956Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:27.307147674Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:27.312088542Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:27.320281564Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:27.327841544Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:27.335667469Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:27.342999684Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:27.349925797Z 78 PC: 12d16 | Find first file (See above)
2018-12-25T11:44:27.357053663Z 59 PC: 12d4b | Change current directory
2018-12-25T11:44:27.360056117Z 42 PC: 12da2 | Get date 0x12da2: cmp dh, 9
0x12da5: jne 0x12dd9
0x12da7: cmp dl, 0xe
0x12daa: jne 0x12dd9
0x12dac: mov al, 2
0x12dae: out 0x21, al
0x12db0: mov ah, 9
0x12db2: mov dx, 0xa4d
0x12db5: int 0x21
0x12db7: mov dx, 0x49a
0x12dba: mov cx, 7
0x12dbd: mov ah, 0x4e
0x12dbf: int 0x21
0x12dc1: jb 0x12dd7
0x12dc3: call 0x12dde
0x12dc6: jb 0x12dd3
0x12dc8: xchg ax, bx
0x12dc9: xor cx, cx
0x12dcb: mov ah, 0x40
0x12dcd: int 0x21
2018-12-25T11:44:27.362987196Z 26 PC: 12d69 | Set disk transfer address
2018-12-25T11:44:27.364219911Z 59 PC: 12d74 | Change current directory
2018-12-25T11:44:27.366375298Z 9 PC: 639 | Display string (String= 'This is a sample! (10.000 bytes)')
2018-12-25T11:44:27.369083569Z 76 PC: 12a56 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":14,"Month":9,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1791,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:44:25.317075026Z 48 PC: 17375 | Get DOS version
2018-12-25T11:44:25.319188174Z 71 PC: 17375 | Get current directory (See above)
2018-12-25T11:44:25.322361289Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:25.324129571Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:25.326894868Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.333203706Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.704777258Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:25.715792254Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:25.719564233Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.721081103Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.722903548Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:25.729367201Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.730854617Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.732409177Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.734090954Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.740826935Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:25.746549173Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.755874567Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.757361224Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.76029366Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.76697539Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.768397754Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:25.777408647Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.78716003Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:25.788333029Z 25 PC: 17375 | Get default drive (See above)
2018-12-25T11:44:25.789417677Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:25.79579479Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:25.79735722Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:25.798902954Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:25.806996783Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:25.809722492Z 78 PC: 17375 | Find first file (See above)
2018-12-25T11:44:25.817581886Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:25.821426666Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.828055609Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.845143398Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:25.853421209Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:25.860618577Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.862258101Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.863715185Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.867062746Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:25.872681366Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.882860284Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.885836669Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.894147431Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.901123343Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.910235279Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:25.919787772Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.930938131Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:25.935626223Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:25.938380101Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.944648312Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:25.956378355Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:25.965064394Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:25.970199028Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:25.972779237Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.974672448Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.977832893Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:25.984694113Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:25.995032383Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:25.996934892Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.006003627Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.013507673Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:26.015078128Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:26.024174532Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.035701419Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:26.039457453Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:26.041870445Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.04910294Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.060056837Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:26.0675021Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:26.076158811Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:26.078280426Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:26.080374043Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.084748128Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:26.091148267Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.101416005Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:26.104194381Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.112511765Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.119525194Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:26.121903154Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:26.131932072Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.143278831Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:26.147573439Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:26.151717276Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.158477006Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.169721364Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:26.179182923Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:26.187199085Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:26.18924283Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:26.192131805Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.195953849Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:26.201898779Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.212087593Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:26.21491038Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.222705609Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.229800684Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:26.233071723Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:26.242195097Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.253993993Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:26.258771948Z 42 PC: 17375 | Get date (See above)
2018-12-25T11:44:26.26169151Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.268166663Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.285805622Z 61 PC: 17375 | Open file (See above)
2018-12-25T11:44:26.293681519Z 63 PC: 17375 | Read file or device (See above)
2018-12-25T11:44:26.301699758Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:26.304383642Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:26.306885014Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.31051229Z 44 PC: 17375 | Get time (See above)
2018-12-25T11:44:26.31802509Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.32815345Z 66 PC: 17375 | Move file pointer (See above)
2018-12-25T11:44:26.329736474Z 64 PC: 17375 | Write file or device (See above)
2018-12-25T11:44:26.337881837Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.344657317Z 87 PC: 17375 | Get or set file date and time (See above)
2018-12-25T11:44:26.346459662Z 62 PC: 17375 | Close file (See above)
2018-12-25T11:44:26.356337678Z 67 PC: 17375 | Get or set file attributes (See above)
2018-12-25T11:44:26.367496501Z 79 PC: 17375 | Find next file (See above)
2018-12-25T11:44:26.370692067Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:26.372444395Z 59 PC: 17375 | Change current directory (See above)
2018-12-25T11:44:26.375178861Z 26 PC: 17375 | Set disk transfer address (See above)
2018-12-25T11:44:26.377840438Z 26 PC: 16872 | Set disk transfer address
2018-12-25T11:44:26.379425793Z 42 PC: 16876 | Get date 0x16876: cmp cx, 0x7c8
0x1687a: jae 0x1687f
0x1687c: jmp 0x1690a
0x1687f: cmp dh, 9
0x16882: jae 0x16887
0x16884: jmp 0x1690a
0x16887: cmp dl, 1
0x1688a: je 0x1688e
0x1688c: jmp 0x1690a
0x1688e: nop
0x1688f: mov al, 2
0x16891: push ax
0x16892: mov cx, 0x80
0x16895: mov dx, word ptr [0x142]
0x16899: push ds
0x1689a: mov bx, 0
0x1689d: mov ds, bx
0x1689f: int 0x26
0x168a1: popf
0x168a2: pop ds
2018-12-25T11:44:26.383614005Z 53 PC: 16912 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:26.385036145Z 37 PC: 16928 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:26.386372564Z 78 PC: 1693b | Find first file
2018-12-25T11:44:26.394773917Z 67 PC: 16bf3 | Get or set file attributes
2018-12-25T11:44:26.401340254Z 67 PC: 16bf3 | Get or set file attributes (See above)
2018-12-25T11:44:26.412423254Z 61 PC: 16a94 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:26.421460577Z 87 PC: 16bbb | Get or set file date and time
2018-12-25T11:44:26.422976755Z 63 PC: 16aa0 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:44:26.425766006Z 66 PC: 16bb1 | Move file pointer
2018-12-25T11:44:26.428054229Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:26.430863972Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:26.432053136Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:26.434646825Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:26.435816932Z 62 PC: 16ab2 | Close file
2018-12-25T11:44:26.437255338Z 61 PC: 16a94 | Open file (See above)
2018-12-25T11:44:26.442100531Z 63 PC: 16aa0 | Read file or device (See above)
2018-12-25T11:44:26.444071807Z 62 PC: 16ab2 | Close file (See above)
2018-12-25T11:44:26.445454715Z 61 PC: 16a94 | Open file (See above)
2018-12-25T11:44:26.450371793Z 64 PC: 16aa9 | Write file or device (Write 10 bytes on handle 5)
2018-12-25T11:44:26.453024527Z 66 PC: 16bb1 | Move file pointer (See above)
2018-12-25T11:44:26.454172958Z 64 PC: 16aa9 | Write file or device (See above)
2018-12-25T11:44:26.457907051Z 64 PC: 16aa9 | Write file or device (See above)
2018-12-25T11:44:26.464086679Z 87 PC: 16bd5 | Get or set file date and time
2018-12-25T11:44:26.465346762Z 62 PC: 16ab2 | Close file (See above)
2018-12-25T11:44:26.471550273Z 67 PC: 16bf3 | Get or set file attributes (See above)
2018-12-25T11:44:26.478276036Z 37 PC: 16a76 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:26.479573808Z 26 PC: 16a8b | Set disk transfer address
2018-12-25T11:44:26.481274251Z 47 PC: 15bd1 | Get disk transfer address
2018-12-25T11:44:26.482221307Z 26 PC: 15be4 | Set disk transfer address
2018-12-25T11:44:26.483263057Z 78 PC: 15c70 | Find first file
2018-12-25T11:44:26.487773416Z 67 PC: 15cae | Get or set file attributes
2018-12-25T11:44:26.49147248Z 67 PC: 15cc0 | Get or set file attributes
2018-12-25T11:44:26.501458285Z 61 PC: 15ccb | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:26.511443454Z 87 PC: 15cd7 | Get or set file date and time
2018-12-25T11:44:26.513032058Z 63 PC: 15cec | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:44:26.521382472Z 66 PC: 15cfe | Move file pointer
2018-12-25T11:44:26.52584354Z 64 PC: 15d22 | Write file or device (Write 2437 bytes on handle 5)
2018-12-25T11:44:26.536753801Z 66 PC: 15d34 | Move file pointer
2018-12-25T11:44:26.538691916Z 64 PC: 15d43 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:44:26.543033736Z 87 PC: 15d56 | Get or set file date and time
2018-12-25T11:44:26.54505323Z 62 PC: 15d5a | Close file
2018-12-25T11:44:26.556040233Z 67 PC: 15d69 | Get or set file attributes
2018-12-25T11:44:26.5674584Z 42 PC: 15d6e | Get date 0x15d6e: cmp cx, 0x7c7
0x15d72: jne 0x15d79
0x15d74: cmp dh, 1
0x15d77: je 0x15d8b
0x15d79: cmp al, 0
0x15d7b: jne 0x15d8b
0x15d7d: mov dx, si
0x15d7f: mov ah, 9
0x15d81: add dx, 0x16
0x15d84: nop
0x15d85: int 0x21
0x15d87: mov ah, 8
0x15d89: int 0x21
0x15d8b: mov dx, word ptr [si]
0x15d8d: nop
0x15d8e: nop
0x15d8f: mov ds, word ptr [si + 2]
0x15d92: nop
0x15d93: mov ah, 0x1a
0x15d95: int 0x21
2018-12-25T11:44:26.569943901Z 9 PC: 15d87 | Display string (Could not find end pointer)
2018-12-25T11:44:26.615890776Z 8 PC: 15d8b | Console input without echo