Sample viewer

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":2219,"SideJobID":0}

.

GIF

Syscalls:

{"DateBased":true,"Day":1,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":2219,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:45:10.521624174Z	47	PC: 12e50 | Get disk transfer address
2018-12-25T11:45:10.523239166Z	26	PC: 12e5c | Set disk transfer address
2018-12-25T11:45:10.524797518Z	42	PC: 12e61 | Get date 0x12e61: cmp dh, 6 0x12e64: jl 0x12e78 0x12e66: mov ah, 0x19 0x12e68: int 0x21 0x12e6a: mov ch, 0 0x12e6c: inc al 0x12e6e: mov cl, al 0x12e70: pop ax 0x12e71: push cx 0x12e72: call 0x12e8e 0x12e75: pop cx 0x12e76: loop 0x12e71 0x12e78: pop dx 0x12e79: mov ah, 0x1a 0x12e7b: int 0x21 0x12e7d: mov sp, bp 0x12e7f: xor ax, ax 0x12e81: mov bx, ax 0x12e83: mov cx, ax 0x12e85: mov dx, ax
2018-12-25T11:45:10.527168691Z	25	PC: 12e6a | Get default drive
2018-12-25T11:45:10.528275413Z	71	PC: 12e9d | Get current directory
2018-12-25T11:45:10.531627175Z	59	PC: 12ea5 | Change current directory
2018-12-25T11:45:10.537088953Z	47	PC: 12eba | Get disk transfer address
2018-12-25T11:45:10.538073811Z	26	PC: 12ec8 | Set disk transfer address
2018-12-25T11:45:10.539752893Z	78	PC: 12ed3 | Find first file
2018-12-25T11:45:10.546787123Z	79	PC: 12efb | Find next file
2018-12-25T11:45:10.549571973Z	79	PC: 12efb | Find next file (See above)
2018-12-25T11:45:10.553395661Z	79	PC: 12efb | Find next file (See above)
2018-12-25T11:45:10.556182607Z	79	PC: 12efb | Find next file (See above)
2018-12-25T11:45:10.558928992Z	79	PC: 12efb | Find next file (See above)
2018-12-25T11:45:10.562420229Z	79	PC: 12efb | Find next file (See above)
2018-12-25T11:45:10.5653147Z	79	PC: 12efb | Find next file (See above)
2018-12-25T11:45:10.56792329Z	79	PC: 12efb | Find next file (See above)
2018-12-25T11:45:10.570426906Z	79	PC: 12efb | Find next file (See above)
2018-12-25T11:45:10.572926117Z	47	PC: 12f21 | Get disk transfer address
2018-12-25T11:45:10.574071364Z	26	PC: 12f32 | Set disk transfer address
2018-12-25T11:45:10.575143086Z	78	PC: 12f3c | Find first file
2018-12-25T11:45:10.582649336Z	47	PC: 12f54 | Get disk transfer address
2018-12-25T11:45:10.583978804Z	61	PC: 12f6d | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:45:10.591239098Z	63	PC: 12f7b | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:45:10.599064039Z	66	PC: 12f87 | Move file pointer
2018-12-25T11:45:10.600849174Z	62	PC: 12f8c | Close file
2018-12-25T11:45:10.602986841Z	67	PC: 12fb0 | Get or set file attributes
2018-12-25T11:45:10.621425017Z	61	PC: 12fb9 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:45:10.628796852Z	64	PC: 12fcb | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:45:10.631790824Z	66	PC: 12fd3 | Move file pointer
2018-12-25T11:45:10.634750733Z	64	PC: 13077 | Write file or device (Write 571 bytes on handle 5)
2018-12-25T11:45:10.644197374Z	87	PC: 12fe7 | Get or set file date and time
2018-12-25T11:45:10.645977972Z	62	PC: 12feb | Close file
2018-12-25T11:45:10.655317114Z	67	PC: 12ffc | Get or set file attributes
2018-12-25T11:45:10.666368235Z	26	PC: 12f4e | Set disk transfer address
2018-12-25T11:45:10.667769955Z	26	PC: 12f0d | Set disk transfer address
2018-12-25T11:45:10.669872727Z	59	PC: 12eaf | Change current directory
2018-12-25T11:45:10.672737261Z	26	PC: 12e7d | Set disk transfer address