Sample viewer

vx.netlux.org/Virus.DOS.Akuku.649

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:14:04.453140507Z 53 PC: 13244 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:14:04.455168299Z 37 PC: 1325c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:14:04.456443406Z 47 PC: 13260 | Get disk transfer address
2018-12-17T22:14:04.457640748Z 26 PC: 1326e | Set disk transfer address
2018-12-17T22:14:04.458851543Z 71 PC: 13280 | Get current directory
2018-12-17T22:14:04.462306417Z 59 PC: 132a5 | Change current directory
2018-12-17T22:14:04.466152292Z 78 PC: 132d7 | Find first file
2018-12-17T22:14:04.473869772Z 67 PC: 132f4 | Get or set file attributes
2018-12-17T22:14:04.491524585Z 61 PC: 132fc | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:14:04.502597118Z 63 PC: 1330a | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:14:04.509095317Z 87 PC: 133ba | Get or set file date and time
2018-12-17T22:14:04.511614939Z 62 PC: 133be | Close file
2018-12-17T22:14:04.521178936Z 67 PC: 133cb | Get or set file attributes
2018-12-17T22:14:04.525759457Z 79 PC: 132e6 | Find next file
2018-12-17T22:14:04.528918895Z 67 PC: 132f4 | Get or set file attributes
2018-12-17T22:14:04.539170642Z 61 PC: 132fc | Open file (Filename = 'PRINT.COM')
2018-12-17T22:14:04.545897041Z 63 PC: 1330a | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:14:04.552511983Z 87 PC: 133ba | Get or set file date and time
2018-12-17T22:14:04.553904611Z 62 PC: 133be | Close file
2018-12-17T22:14:04.560400234Z 67 PC: 133cb | Get or set file attributes
2018-12-17T22:14:04.570424039Z 79 PC: 132e6 | Find next file
2018-12-17T22:14:04.576446268Z 67 PC: 132f4 | Get or set file attributes
2018-12-17T22:14:04.589023322Z 61 PC: 132fc | Open file (Filename = 'HELLO.COM')
2018-12-17T22:14:04.59593577Z 63 PC: 1330a | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:14:04.600028834Z 87 PC: 133ba | Get or set file date and time
2018-12-17T22:14:04.601147697Z 62 PC: 133be | Close file
2018-12-17T22:14:04.606225502Z 67 PC: 133cb | Get or set file attributes
2018-12-17T22:14:04.610838202Z 79 PC: 132e6 | Find next file
2018-12-17T22:14:04.613344185Z 67 PC: 132f4 | Get or set file attributes
2018-12-17T22:14:04.623090669Z 61 PC: 132fc | Open file (Filename = 'PHANG.COM')
2018-12-17T22:14:04.633942401Z 63 PC: 1330a | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:14:04.640364318Z 87 PC: 133ba | Get or set file date and time
2018-12-17T22:14:04.642825691Z 62 PC: 133be | Close file
2018-12-17T22:14:04.652238603Z 67 PC: 133cb | Get or set file attributes
2018-12-17T22:14:04.656758672Z 79 PC: 132e6 | Find next file
2018-12-17T22:14:04.660158319Z 67 PC: 132f4 | Get or set file attributes
2018-12-17T22:14:04.670924399Z 61 PC: 132fc | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:14:04.677624387Z 63 PC: 1330a | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:14:04.682203015Z 87 PC: 133ba | Get or set file date and time
2018-12-17T22:14:04.684392761Z 62 PC: 133be | Close file
2018-12-17T22:14:04.690682092Z 67 PC: 133cb | Get or set file attributes
2018-12-17T22:14:04.698522081Z 79 PC: 132e6 | Find next file
2018-12-17T22:14:04.706190019Z 67 PC: 132f4 | Get or set file attributes
2018-12-17T22:14:04.714240629Z 61 PC: 132fc | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:14:04.718402878Z 63 PC: 1330a | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:14:04.723107557Z 87 PC: 133ba | Get or set file date and time
2018-12-17T22:14:04.724161902Z 62 PC: 133be | Close file
2018-12-17T22:14:04.728589153Z 67 PC: 133cb | Get or set file attributes
2018-12-17T22:14:04.733604356Z 79 PC: 132e6 | Find next file
2018-12-17T22:14:04.735943481Z 67 PC: 132f4 | Get or set file attributes
2018-12-17T22:14:04.745232028Z 61 PC: 132fc | Open file (Filename = 'PAH.COM')
2018-12-17T22:14:04.756883656Z 63 PC: 1330a | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:14:04.763118534Z 87 PC: 133ba | Get or set file date and time
2018-12-17T22:14:04.765495317Z 62 PC: 133be | Close file
2018-12-17T22:14:04.775262066Z 67 PC: 133cb | Get or set file attributes
2018-12-17T22:14:04.779767583Z 79 PC: 132e6 | Find next file
2018-12-17T22:14:04.782190088Z 67 PC: 132f4 | Get or set file attributes
2018-12-17T22:14:04.792270683Z 61 PC: 132fc | Open file (Filename = 'TEST.COM')
2018-12-17T22:14:04.79856574Z 63 PC: 1330a | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:14:04.8052383Z 87 PC: 133ba | Get or set file date and time
2018-12-17T22:14:04.807219888Z 62 PC: 133be | Close file
2018-12-17T22:14:04.814779837Z 67 PC: 133cb | Get or set file attributes
2018-12-17T22:14:04.824253658Z 79 PC: 132e6 | Find next file
2018-12-17T22:14:04.831486012Z 59 PC: 132a5 | Change current directory
2018-12-17T22:14:04.840520514Z 26 PC: 133d9 | Set disk transfer address
2018-12-17T22:14:04.841714261Z 37 PC: 133eb | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:14:04.843718596Z 42 PC: 133f0 | Get date 0x133f0: cmp cx, 0x7ca
0x133f4: jb 0x13430
0x133f6: cmp dl, 7
0x133f9: jb 0x13430
0x133fb: mov dh, 7
0x133fd: cmp dh, dl
0x133ff: jb 0x13430
0x13401: mov ah, 0x2c
0x13403: int 0x21
0x13405: cmp ch, 0xf
0x13408: jb 0x13430
0x1340a: mov dh, 0xf
0x1340c: cmp dh, ch
0x1340e: jb 0x13430
0x13410: cmp cl, 0xa
0x13413: jae 0x13430
0x13415: mov cx, 0x19
0x13418: mov bx, 0x322
0x1341b: add bx, cx
0x1341d: add bx, si

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":2687,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:46:15.577046769Z 53 PC: 13244 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:46:15.579448735Z 37 PC: 1325c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:46:15.580595635Z 47 PC: 13260 | Get disk transfer address
2018-12-25T11:46:15.581749003Z 26 PC: 1326e | Set disk transfer address
2018-12-25T11:46:15.584205892Z 71 PC: 13280 | Get current directory
2018-12-25T11:46:15.586983213Z 59 PC: 132a5 | Change current directory
2018-12-25T11:46:15.590918262Z 78 PC: 132d7 | Find first file
2018-12-25T11:46:15.601639247Z 67 PC: 132f4 | Get or set file attributes
2018-12-25T11:46:15.619397766Z 61 PC: 132fc | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:46:15.625959668Z 63 PC: 1330a | Read file or device (Read 5 bytes on handle 5)
2018-12-25T11:46:15.632774097Z 87 PC: 133ba | Get or set file date and time
2018-12-25T11:46:15.635333895Z 62 PC: 133be | Close file
2018-12-25T11:46:15.642381174Z 67 PC: 133cb | Get or set file attributes
2018-12-25T11:46:15.647739982Z 79 PC: 132e6 | Find next file
2018-12-25T11:46:15.651551095Z 67 PC: 132f4 | Get or set file attributes (See above)
2018-12-25T11:46:15.661582902Z 61 PC: 132fc | Open file (See above)
2018-12-25T11:46:15.673155241Z 63 PC: 1330a | Read file or device (See above)
2018-12-25T11:46:15.680494633Z 87 PC: 133ba | Get or set file date and time (See above)
2018-12-25T11:46:15.689990041Z 62 PC: 133be | Close file (See above)
2018-12-25T11:46:15.69705579Z 67 PC: 133cb | Get or set file attributes (See above)
2018-12-25T11:46:15.701930822Z 79 PC: 132e6 | Find next file (See above)
2018-12-25T11:46:15.708183558Z 67 PC: 132f4 | Get or set file attributes (See above)
2018-12-25T11:46:15.717973721Z 61 PC: 132fc | Open file (See above)
2018-12-25T11:46:15.724949472Z 63 PC: 1330a | Read file or device (See above)
2018-12-25T11:46:15.73291226Z 87 PC: 133ba | Get or set file date and time (See above)
2018-12-25T11:46:15.734905216Z 62 PC: 133be | Close file (See above)
2018-12-25T11:46:15.744386335Z 67 PC: 133cb | Get or set file attributes (See above)
2018-12-25T11:46:15.755756129Z 79 PC: 132e6 | Find next file (See above)
2018-12-25T11:46:15.762893243Z 67 PC: 132f4 | Get or set file attributes (See above)
2018-12-25T11:46:15.772726219Z 61 PC: 132fc | Open file (See above)
2018-12-25T11:46:15.780543806Z 63 PC: 1330a | Read file or device (See above)
2018-12-25T11:46:15.789185574Z 87 PC: 133ba | Get or set file date and time (See above)
2018-12-25T11:46:15.791149493Z 62 PC: 133be | Close file (See above)
2018-12-25T11:46:15.799404228Z 67 PC: 133cb | Get or set file attributes (See above)
2018-12-25T11:46:15.805363525Z 79 PC: 132e6 | Find next file (See above)
2018-12-25T11:46:15.808363209Z 67 PC: 132f4 | Get or set file attributes (See above)
2018-12-25T11:46:15.823092625Z 61 PC: 132fc | Open file (See above)
2018-12-25T11:46:15.830467532Z 63 PC: 1330a | Read file or device (See above)
2018-12-25T11:46:15.837145977Z 87 PC: 133ba | Get or set file date and time (See above)
2018-12-25T11:46:15.839214763Z 62 PC: 133be | Close file (See above)
2018-12-25T11:46:15.847361314Z 67 PC: 133cb | Get or set file attributes (See above)
2018-12-25T11:46:15.852301133Z 79 PC: 132e6 | Find next file (See above)
2018-12-25T11:46:15.855218476Z 67 PC: 132f4 | Get or set file attributes (See above)
2018-12-25T11:46:15.865474761Z 61 PC: 132fc | Open file (See above)
2018-12-25T11:46:15.87836738Z 63 PC: 1330a | Read file or device (See above)
2018-12-25T11:46:15.885065137Z 87 PC: 133ba | Get or set file date and time (See above)
2018-12-25T11:46:15.887766163Z 62 PC: 133be | Close file (See above)
2018-12-25T11:46:15.894894339Z 67 PC: 133cb | Get or set file attributes (See above)
2018-12-25T11:46:15.900273647Z 79 PC: 132e6 | Find next file (See above)
2018-12-25T11:46:15.903926033Z 67 PC: 132f4 | Get or set file attributes (See above)
2018-12-25T11:46:15.914140628Z 61 PC: 132fc | Open file (See above)
2018-12-25T11:46:15.920917382Z 63 PC: 1330a | Read file or device (See above)
2018-12-25T11:46:15.927968296Z 87 PC: 133ba | Get or set file date and time (See above)
2018-12-25T11:46:15.930246507Z 62 PC: 133be | Close file (See above)
2018-12-25T11:46:15.939762888Z 67 PC: 133cb | Get or set file attributes (See above)
2018-12-25T11:46:15.951038884Z 79 PC: 132e6 | Find next file (See above)
2018-12-25T11:46:15.957904312Z 67 PC: 132f4 | Get or set file attributes (See above)
2018-12-25T11:46:15.967472992Z 61 PC: 132fc | Open file (See above)
2018-12-25T11:46:15.974158812Z 63 PC: 1330a | Read file or device (See above)
2018-12-25T11:46:15.981038568Z 87 PC: 133ba | Get or set file date and time (See above)
2018-12-25T11:46:15.982656289Z 62 PC: 133be | Close file (See above)
2018-12-25T11:46:15.989905344Z 67 PC: 133cb | Get or set file attributes (See above)
2018-12-25T11:46:15.995556796Z 79 PC: 132e6 | Find next file (See above)
2018-12-25T11:46:15.998068771Z 59 PC: 132a5 | Change current directory (See above)
2018-12-25T11:46:16.006840313Z 26 PC: 133d9 | Set disk transfer address
2018-12-25T11:46:16.009048693Z 37 PC: 133eb | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:46:16.010366954Z 42 PC: 133f0 | Get date 0x133f0: cmp cx, 0x7ca
0x133f4: jb 0x13430
0x133f6: cmp dl, 7
0x133f9: jb 0x13430
0x133fb: mov dh, 7
0x133fd: cmp dh, dl
0x133ff: jb 0x13430
0x13401: mov ah, 0x2c
0x13403: int 0x21
0x13405: cmp ch, 0xf
0x13408: jb 0x13430
0x1340a: mov dh, 0xf
0x1340c: cmp dh, ch
0x1340e: jb 0x13430
0x13410: cmp cl, 0xa
0x13413: jae 0x13430
0x13415: mov cx, 0x19
0x13418: mov bx, 0x322
0x1341b: add bx, cx
0x1341d: add bx, si

{"DateBased":true,"Day":1,"Month":1,"Year":1994,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":2687,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:46:15.78754626Z 53 PC: 13244 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:46:15.789025127Z 37 PC: 1325c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:46:15.790260509Z 47 PC: 13260 | Get disk transfer address
2018-12-25T11:46:15.791310711Z 26 PC: 1326e | Set disk transfer address
2018-12-25T11:46:15.79276604Z 71 PC: 13280 | Get current directory
2018-12-25T11:46:15.795741512Z 59 PC: 132a5 | Change current directory
2018-12-25T11:46:15.799668935Z 78 PC: 132d7 | Find first file
2018-12-25T11:46:15.805544882Z 67 PC: 132f4 | Get or set file attributes
2018-12-25T11:46:15.822418489Z 61 PC: 132fc | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:46:15.834054802Z 63 PC: 1330a | Read file or device (Read 5 bytes on handle 5)
2018-12-25T11:46:15.840923164Z 87 PC: 133ba | Get or set file date and time
2018-12-25T11:46:15.842648271Z 62 PC: 133be | Close file
2018-12-25T11:46:15.849745608Z 67 PC: 133cb | Get or set file attributes
2018-12-25T11:46:15.85475188Z 79 PC: 132e6 | Find next file
2018-12-25T11:46:15.858326119Z 67 PC: 132f4 | Get or set file attributes (See above)
2018-12-25T11:46:15.867786957Z 61 PC: 132fc | Open file (See above)
2018-12-25T11:46:15.874188703Z 63 PC: 1330a | Read file or device (See above)
2018-12-25T11:46:15.882010379Z 87 PC: 133ba | Get or set file date and time (See above)
2018-12-25T11:46:15.891986463Z 62 PC: 133be | Close file (See above)
2018-12-25T11:46:15.90109063Z 67 PC: 133cb | Get or set file attributes (See above)
2018-12-25T11:46:15.910944461Z 79 PC: 132e6 | Find next file (See above)
2018-12-25T11:46:15.917327934Z 67 PC: 132f4 | Get or set file attributes (See above)
2018-12-25T11:46:15.928143862Z 61 PC: 132fc | Open file (See above)
2018-12-25T11:46:15.934697778Z 63 PC: 1330a | Read file or device (See above)
2018-12-25T11:46:15.941380598Z 87 PC: 133ba | Get or set file date and time (See above)
2018-12-25T11:46:15.942797512Z 62 PC: 133be | Close file (See above)
2018-12-25T11:46:15.949738109Z 67 PC: 133cb | Get or set file attributes (See above)
2018-12-25T11:46:15.954904132Z 79 PC: 132e6 | Find next file (See above)
2018-12-25T11:46:15.957358718Z 67 PC: 132f4 | Get or set file attributes (See above)
2018-12-25T11:46:15.969134416Z 61 PC: 132fc | Open file (See above)
2018-12-25T11:46:15.981383082Z 63 PC: 1330a | Read file or device (See above)
2018-12-25T11:46:15.987948745Z 87 PC: 133ba | Get or set file date and time (See above)
2018-12-25T11:46:15.989688977Z 62 PC: 133be | Close file (See above)
2018-12-25T11:46:15.997573259Z 67 PC: 133cb | Get or set file attributes (See above)
2018-12-25T11:46:16.002294388Z 79 PC: 132e6 | Find next file (See above)
2018-12-25T11:46:16.004986182Z 67 PC: 132f4 | Get or set file attributes (See above)
2018-12-25T11:46:16.017924041Z 61 PC: 132fc | Open file (See above)
2018-12-25T11:46:16.02434249Z 63 PC: 1330a | Read file or device (See above)
2018-12-25T11:46:16.030470383Z 87 PC: 133ba | Get or set file date and time (See above)
2018-12-25T11:46:16.032732293Z 62 PC: 133be | Close file (See above)
2018-12-25T11:46:16.042318901Z 67 PC: 133cb | Get or set file attributes (See above)
2018-12-25T11:46:16.047205494Z 79 PC: 132e6 | Find next file (See above)
2018-12-25T11:46:16.050545071Z 67 PC: 132f4 | Get or set file attributes (See above)
2018-12-25T11:46:16.060277627Z 61 PC: 132fc | Open file (See above)
2018-12-25T11:46:16.066984488Z 63 PC: 1330a | Read file or device (See above)
2018-12-25T11:46:16.073829Z 87 PC: 133ba | Get or set file date and time (See above)
2018-12-25T11:46:16.075418653Z 62 PC: 133be | Close file (See above)
2018-12-25T11:46:16.082230683Z 67 PC: 133cb | Get or set file attributes (See above)
2018-12-25T11:46:16.092129542Z 79 PC: 132e6 | Find next file (See above)
2018-12-25T11:46:16.098369989Z 67 PC: 132f4 | Get or set file attributes (See above)
2018-12-25T11:46:16.10830047Z 61 PC: 132fc | Open file (See above)
2018-12-25T11:46:16.115636719Z 63 PC: 1330a | Read file or device (See above)
2018-12-25T11:46:16.122422631Z 87 PC: 133ba | Get or set file date and time (See above)
2018-12-25T11:46:16.123904073Z 62 PC: 133be | Close file (See above)
2018-12-25T11:46:16.13091294Z 67 PC: 133cb | Get or set file attributes (See above)
2018-12-25T11:46:16.136089565Z 79 PC: 132e6 | Find next file (See above)
2018-12-25T11:46:16.138838228Z 67 PC: 132f4 | Get or set file attributes (See above)
2018-12-25T11:46:16.1484253Z 61 PC: 132fc | Open file (See above)
2018-12-25T11:46:16.16010791Z 63 PC: 1330a | Read file or device (See above)
2018-12-25T11:46:16.166795433Z 87 PC: 133ba | Get or set file date and time (See above)
2018-12-25T11:46:16.168305869Z 62 PC: 133be | Close file (See above)
2018-12-25T11:46:16.175958334Z 67 PC: 133cb | Get or set file attributes (See above)
2018-12-25T11:46:16.180564656Z 79 PC: 132e6 | Find next file (See above)
2018-12-25T11:46:16.18298965Z 59 PC: 132a5 | Change current directory (See above)
2018-12-25T11:46:16.187554071Z 26 PC: 133d9 | Set disk transfer address
2018-12-25T11:46:16.188854947Z 37 PC: 133eb | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:46:16.190325992Z 42 PC: 133f0 | Get date 0x133f0: cmp cx, 0x7ca
0x133f4: jb 0x13430
0x133f6: cmp dl, 7
0x133f9: jb 0x13430
0x133fb: mov dh, 7
0x133fd: cmp dh, dl
0x133ff: jb 0x13430
0x13401: mov ah, 0x2c
0x13403: int 0x21
0x13405: cmp ch, 0xf
0x13408: jb 0x13430
0x1340a: mov dh, 0xf
0x1340c: cmp dh, ch
0x1340e: jb 0x13430
0x13410: cmp cl, 0xa
0x13413: jae 0x13430
0x13415: mov cx, 0x19
0x13418: mov bx, 0x322
0x1341b: add bx, cx
0x1341d: add bx, si

{"DateBased":true,"Day":7,"Month":1,"Year":1994,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":2687,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:46:16.250211941Z 53 PC: 13244 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:46:16.252893222Z 37 PC: 1325c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:46:16.257719754Z 47 PC: 13260 | Get disk transfer address
2018-12-25T11:46:16.259187525Z 26 PC: 1326e | Set disk transfer address
2018-12-25T11:46:16.26079817Z 71 PC: 13280 | Get current directory
2018-12-25T11:46:16.265301253Z 59 PC: 132a5 | Change current directory
2018-12-25T11:46:16.270295034Z 78 PC: 132d7 | Find first file
2018-12-25T11:46:16.277468099Z 67 PC: 132f4 | Get or set file attributes
2018-12-25T11:46:16.312701723Z 61 PC: 132fc | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:46:16.32610774Z 63 PC: 1330a | Read file or device (Read 5 bytes on handle 5)
2018-12-25T11:46:16.33406176Z 87 PC: 133ba | Get or set file date and time
2018-12-25T11:46:16.337317287Z 62 PC: 133be | Close file
2018-12-25T11:46:16.345697803Z 67 PC: 133cb | Get or set file attributes
2018-12-25T11:46:16.350934046Z 79 PC: 132e6 | Find next file
2018-12-25T11:46:16.35450768Z 67 PC: 132f4 | Get or set file attributes (See above)
2018-12-25T11:46:16.365519104Z 61 PC: 132fc | Open file (See above)
2018-12-25T11:46:16.372869624Z 63 PC: 1330a | Read file or device (See above)
2018-12-25T11:46:16.380405757Z 87 PC: 133ba | Get or set file date and time (See above)
2018-12-25T11:46:16.38269683Z 62 PC: 133be | Close file (See above)
2018-12-25T11:46:16.393877468Z 67 PC: 133cb | Get or set file attributes (See above)
2018-12-25T11:46:16.399389326Z 79 PC: 132e6 | Find next file (See above)
2018-12-25T11:46:16.405015165Z 67 PC: 132f4 | Get or set file attributes (See above)
2018-12-25T11:46:16.415844095Z 61 PC: 132fc | Open file (See above)
2018-12-25T11:46:16.423306486Z 63 PC: 1330a | Read file or device (See above)
2018-12-25T11:46:16.432203326Z 87 PC: 133ba | Get or set file date and time (See above)
2018-12-25T11:46:16.434210872Z 62 PC: 133be | Close file (See above)
2018-12-25T11:46:16.442369667Z 67 PC: 133cb | Get or set file attributes (See above)
2018-12-25T11:46:16.448851136Z 79 PC: 132e6 | Find next file (See above)
2018-12-25T11:46:16.452114397Z 67 PC: 132f4 | Get or set file attributes (See above)
2018-12-25T11:46:16.46365552Z 61 PC: 132fc | Open file (See above)
2018-12-25T11:46:16.471816504Z 63 PC: 1330a | Read file or device (See above)
2018-12-25T11:46:16.479325711Z 87 PC: 133ba | Get or set file date and time (See above)
2018-12-25T11:46:16.485172007Z 62 PC: 133be | Close file (See above)
2018-12-25T11:46:16.493273232Z 67 PC: 133cb | Get or set file attributes (See above)
2018-12-25T11:46:16.498934718Z 79 PC: 132e6 | Find next file (See above)
2018-12-25T11:46:16.501769055Z 67 PC: 132f4 | Get or set file attributes (See above)
2018-12-25T11:46:16.512526464Z 61 PC: 132fc | Open file (See above)
2018-12-25T11:46:16.526617376Z 63 PC: 1330a | Read file or device (See above)
2018-12-25T11:46:16.533939546Z 87 PC: 133ba | Get or set file date and time (See above)
2018-12-25T11:46:16.535670733Z 62 PC: 133be | Close file (See above)
2018-12-25T11:46:16.544393965Z 67 PC: 133cb | Get or set file attributes (See above)
2018-12-25T11:46:16.550419173Z 79 PC: 132e6 | Find next file (See above)
2018-12-25T11:46:16.554032701Z 67 PC: 132f4 | Get or set file attributes (See above)
2018-12-25T11:46:16.565611951Z 61 PC: 132fc | Open file (See above)
2018-12-25T11:46:16.573013201Z 63 PC: 1330a | Read file or device (See above)
2018-12-25T11:46:16.58014924Z 87 PC: 133ba | Get or set file date and time (See above)
2018-12-25T11:46:16.58232356Z 62 PC: 133be | Close file (See above)
2018-12-25T11:46:16.588980729Z 67 PC: 133cb | Get or set file attributes (See above)
2018-12-25T11:46:16.592303575Z 79 PC: 132e6 | Find next file (See above)
2018-12-25T11:46:16.594250671Z 67 PC: 132f4 | Get or set file attributes (See above)
2018-12-25T11:46:16.604588852Z 61 PC: 132fc | Open file (See above)
2018-12-25T11:46:16.611995469Z 63 PC: 1330a | Read file or device (See above)
2018-12-25T11:46:16.619349148Z 87 PC: 133ba | Get or set file date and time (See above)
2018-12-25T11:46:16.622135982Z 62 PC: 133be | Close file (See above)
2018-12-25T11:46:16.630082927Z 67 PC: 133cb | Get or set file attributes (See above)
2018-12-25T11:46:16.64055402Z 79 PC: 132e6 | Find next file (See above)
2018-12-25T11:46:16.648061053Z 67 PC: 132f4 | Get or set file attributes (See above)
2018-12-25T11:46:16.659092284Z 61 PC: 132fc | Open file (See above)
2018-12-25T11:46:16.666156752Z 63 PC: 1330a | Read file or device (See above)
2018-12-25T11:46:16.673703957Z 87 PC: 133ba | Get or set file date and time (See above)
2018-12-25T11:46:16.675267332Z 62 PC: 133be | Close file (See above)
2018-12-25T11:46:16.682927911Z 67 PC: 133cb | Get or set file attributes (See above)
2018-12-25T11:46:16.688347407Z 79 PC: 132e6 | Find next file (See above)
2018-12-25T11:46:16.691183888Z 59 PC: 132a5 | Change current directory (See above)
2018-12-25T11:46:16.695550316Z 26 PC: 133d9 | Set disk transfer address
2018-12-25T11:46:16.696941735Z 37 PC: 133eb | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:46:16.698402588Z 42 PC: 133f0 | Get date 0x133f0: cmp cx, 0x7ca
0x133f4: jb 0x13430
0x133f6: cmp dl, 7
0x133f9: jb 0x13430
0x133fb: mov dh, 7
0x133fd: cmp dh, dl
0x133ff: jb 0x13430
0x13401: mov ah, 0x2c
0x13403: int 0x21
0x13405: cmp ch, 0xf
0x13408: jb 0x13430
0x1340a: mov dh, 0xf
0x1340c: cmp dh, ch
0x1340e: jb 0x13430
0x13410: cmp cl, 0xa
0x13413: jae 0x13430
0x13415: mov cx, 0x19
0x13418: mov bx, 0x322
0x1341b: add bx, cx
0x1341d: add bx, si
2018-12-25T11:46:16.700777115Z 44 PC: 13405 | Get time 0x13405: cmp ch, 0xf
0x13408: jb 0x13430
0x1340a: mov dh, 0xf
0x1340c: cmp dh, ch
0x1340e: jb 0x13430
0x13410: cmp cl, 0xa
0x13413: jae 0x13430
0x13415: mov cx, 0x19
0x13418: mov bx, 0x322
0x1341b: add bx, cx
0x1341d: add bx, si
0x1341f: mov al, byte ptr [bx]
0x13421: sub al, 0x14
0x13423: mov byte ptr [bx], al
0x13425: loop 0x13418
0x13427: mov dx, 0x323
0x1342a: add dx, si
0x1342c: mov ah, 9
0x1342e: int 0x21
0x13430: jmp 0x1344e

{"DateBased":true,"Day":8,"Month":1,"Year":1994,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":2687,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:46:17.888951235Z 53 PC: 13244 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:46:17.890868309Z 37 PC: 1325c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:46:17.891993602Z 47 PC: 13260 | Get disk transfer address
2018-12-25T11:46:17.8930117Z 26 PC: 1326e | Set disk transfer address
2018-12-25T11:46:17.894560312Z 71 PC: 13280 | Get current directory
2018-12-25T11:46:17.897665409Z 59 PC: 132a5 | Change current directory
2018-12-25T11:46:17.901565627Z 78 PC: 132d7 | Find first file
2018-12-25T11:46:17.907934193Z 67 PC: 132f4 | Get or set file attributes
2018-12-25T11:46:17.92396454Z 61 PC: 132fc | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:46:17.934896878Z 63 PC: 1330a | Read file or device (Read 5 bytes on handle 5)
2018-12-25T11:46:17.941508484Z 87 PC: 133ba | Get or set file date and time
2018-12-25T11:46:17.942966326Z 62 PC: 133be | Close file
2018-12-25T11:46:17.952309166Z 67 PC: 133cb | Get or set file attributes
2018-12-25T11:46:17.957813955Z 79 PC: 132e6 | Find next file
2018-12-25T11:46:17.960320231Z 67 PC: 132f4 | Get or set file attributes (See above)
2018-12-25T11:46:17.970309123Z 61 PC: 132fc | Open file (See above)
2018-12-25T11:46:17.977119423Z 63 PC: 1330a | Read file or device (See above)
2018-12-25T11:46:17.981235833Z 87 PC: 133ba | Get or set file date and time (See above)
2018-12-25T11:46:17.982522878Z 62 PC: 133be | Close file (See above)
2018-12-25T11:46:17.987506517Z 67 PC: 133cb | Get or set file attributes (See above)
2018-12-25T11:46:17.993968644Z 79 PC: 132e6 | Find next file (See above)
2018-12-25T11:46:18.000450134Z 67 PC: 132f4 | Get or set file attributes (See above)
2018-12-25T11:46:18.012208803Z 61 PC: 132fc | Open file (See above)
2018-12-25T11:46:18.02018712Z 63 PC: 1330a | Read file or device (See above)
2018-12-25T11:46:18.038866083Z 87 PC: 133ba | Get or set file date and time (See above)
2018-12-25T11:46:18.04029676Z 62 PC: 133be | Close file (See above)
2018-12-25T11:46:18.04773523Z 67 PC: 133cb | Get or set file attributes (See above)
2018-12-25T11:46:18.050774027Z 79 PC: 132e6 | Find next file (See above)
2018-12-25T11:46:18.052691934Z 67 PC: 132f4 | Get or set file attributes (See above)
2018-12-25T11:46:18.06107902Z 61 PC: 132fc | Open file (See above)
2018-12-25T11:46:18.068052539Z 63 PC: 1330a | Read file or device (See above)
2018-12-25T11:46:18.074774644Z 87 PC: 133ba | Get or set file date and time (See above)
2018-12-25T11:46:18.077304171Z 62 PC: 133be | Close file (See above)
2018-12-25T11:46:18.08524981Z 67 PC: 133cb | Get or set file attributes (See above)
2018-12-25T11:46:18.090209093Z 79 PC: 132e6 | Find next file (See above)
2018-12-25T11:46:18.094368237Z 67 PC: 132f4 | Get or set file attributes (See above)
2018-12-25T11:46:18.104248635Z 61 PC: 132fc | Open file (See above)
2018-12-25T11:46:18.110794859Z 63 PC: 1330a | Read file or device (See above)
2018-12-25T11:46:18.118532313Z 87 PC: 133ba | Get or set file date and time (See above)
2018-12-25T11:46:18.119917722Z 62 PC: 133be | Close file (See above)
2018-12-25T11:46:18.126936751Z 67 PC: 133cb | Get or set file attributes (See above)
2018-12-25T11:46:18.136851217Z 79 PC: 132e6 | Find next file (See above)
2018-12-25T11:46:18.143320127Z 67 PC: 132f4 | Get or set file attributes (See above)
2018-12-25T11:46:18.15349558Z 61 PC: 132fc | Open file (See above)
2018-12-25T11:46:18.161040843Z 63 PC: 1330a | Read file or device (See above)
2018-12-25T11:46:18.168187963Z 87 PC: 133ba | Get or set file date and time (See above)
2018-12-25T11:46:18.17002131Z 62 PC: 133be | Close file (See above)
2018-12-25T11:46:18.177146821Z 67 PC: 133cb | Get or set file attributes (See above)
2018-12-25T11:46:18.182961386Z 79 PC: 132e6 | Find next file (See above)
2018-12-25T11:46:18.185441746Z 67 PC: 132f4 | Get or set file attributes (See above)
2018-12-25T11:46:18.19525003Z 61 PC: 132fc | Open file (See above)
2018-12-25T11:46:18.208236536Z 63 PC: 1330a | Read file or device (See above)
2018-12-25T11:46:18.2154256Z 87 PC: 133ba | Get or set file date and time (See above)
2018-12-25T11:46:18.217620244Z 62 PC: 133be | Close file (See above)
2018-12-25T11:46:18.225242326Z 67 PC: 133cb | Get or set file attributes (See above)
2018-12-25T11:46:18.230122918Z 79 PC: 132e6 | Find next file (See above)
2018-12-25T11:46:18.233056779Z 67 PC: 132f4 | Get or set file attributes (See above)
2018-12-25T11:46:18.244055563Z 61 PC: 132fc | Open file (See above)
2018-12-25T11:46:18.251181022Z 63 PC: 1330a | Read file or device (See above)
2018-12-25T11:46:18.257797994Z 87 PC: 133ba | Get or set file date and time (See above)
2018-12-25T11:46:18.260441185Z 62 PC: 133be | Close file (See above)
2018-12-25T11:46:18.270093409Z 67 PC: 133cb | Get or set file attributes (See above)
2018-12-25T11:46:18.27550346Z 79 PC: 132e6 | Find next file (See above)
2018-12-25T11:46:18.278837909Z 59 PC: 132a5 | Change current directory (See above)
2018-12-25T11:46:18.283323716Z 26 PC: 133d9 | Set disk transfer address
2018-12-25T11:46:18.284644322Z 37 PC: 133eb | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:46:18.286702445Z 42 PC: 133f0 | Get date 0x133f0: cmp cx, 0x7ca
0x133f4: jb 0x13430
0x133f6: cmp dl, 7
0x133f9: jb 0x13430
0x133fb: mov dh, 7
0x133fd: cmp dh, dl
0x133ff: jb 0x13430
0x13401: mov ah, 0x2c
0x13403: int 0x21
0x13405: cmp ch, 0xf
0x13408: jb 0x13430
0x1340a: mov dh, 0xf
0x1340c: cmp dh, ch
0x1340e: jb 0x13430
0x13410: cmp cl, 0xa
0x13413: jae 0x13430
0x13415: mov cx, 0x19
0x13418: mov bx, 0x322
0x1341b: add bx, cx
0x1341d: add bx, si