Sample viewer

vx.netlux.org/Virus.DOS.Millenn.3616

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:15:51.608424267Z 42 PC: 13eaa | Get date 0x13eaa: cmp dl, 7
0x13ead: je 0x13eb0
0x13eaf: ret
0x13eb0: cmp al, 0
0x13eb2: je 0x13eb5
0x13eb4: ret
0x13eb5: cli
0x13eb6: in al, 0x21
0x13eb8: or al, 2
0x13eba: out 0x21, al
0x13ebc: mov ax, 3
0x13ebf: int 0x10
0x13ec1: call 0x140e8
0x13ec4: and byte ptr [bx + si], ah
0x13ec6: and byte ptr [bx + si], ah
0x13ec8: and byte ptr [bx + si], ah
0x13eca: and byte ptr [bx + si], ah
0x13ecc: and byte ptr [bx + si], ah
0x13ece: dec bp
0x13ecf: dec cx
2018-12-17T22:15:51.611504561Z 44 PC: 13e9c | Get time 0x13e9c: mov word ptr cs:[si + 0xf95], dx
0x13ea1: pop si
0x13ea2: pop cx
0x13ea3: pop dx
0x13ea4: pop ax
0x13ea5: ret
0x13ea6: mov ah, 0x2a
0x13ea8: int 0x21
0x13eaa: cmp dl, 7
0x13ead: je 0x13eb0
0x13eaf: ret
0x13eb0: cmp al, 0
0x13eb2: je 0x13eb5
0x13eb4: ret
0x13eb5: cli
0x13eb6: in al, 0x21
0x13eb8: or al, 2
0x13eba: out 0x21, al
0x13ebc: mov ax, 3
0x13ebf: int 0x10
2018-12-17T22:15:51.613644248Z 26 PC: 1346c | Set disk transfer address
2018-12-17T22:15:51.614702126Z 71 PC: 13511 | Get current directory
2018-12-17T22:15:51.617893468Z 53 PC: 141dd | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:15:51.619282914Z 37 PC: 141dd | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:15:51.620617587Z 78 PC: 141dd | Find first file
2018-12-17T22:15:51.627053077Z 61 PC: 141dd | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:15:51.634251324Z 63 PC: 141dd | Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:15:51.641949818Z 62 PC: 141dd | Close file
2018-12-17T22:15:51.644464718Z 67 PC: 141dd | Get or set file attributes
2018-12-17T22:15:51.65075022Z 67 PC: 141dd | Get or set file attributes
2018-12-17T22:15:51.666293725Z 61 PC: 141dd | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:15:51.673919429Z 87 PC: 141dd | Get or set file date and time
2018-12-17T22:15:51.675448645Z 66 PC: 141dd | Move file pointer
2018-12-17T22:15:51.676983311Z 87 PC: 141dd | Get or set file date and time
2018-12-17T22:15:51.681722771Z 62 PC: 141dd | Close file
2018-12-17T22:15:51.689583922Z 67 PC: 141dd | Get or set file attributes
2018-12-17T22:15:51.694273419Z 79 PC: 141dd | Find next file
2018-12-17T22:15:51.698124688Z 61 PC: 141dd | Open file (Filename = 'PRINT.COM')
2018-12-17T22:15:51.705062997Z 63 PC: 141dd | Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:15:51.711706654Z 62 PC: 141dd | Close file
2018-12-17T22:15:51.71377469Z 67 PC: 141dd | Get or set file attributes
2018-12-17T22:15:51.720776276Z 67 PC: 141dd | Get or set file attributes
2018-12-17T22:15:51.731275451Z 61 PC: 141dd | Open file (Filename = 'PRINT.COM')
2018-12-17T22:15:51.74274113Z 87 PC: 141dd | Get or set file date and time
2018-12-17T22:15:51.745286702Z 66 PC: 141dd | Move file pointer
2018-12-17T22:15:51.747035636Z 87 PC: 141dd | Get or set file date and time
2018-12-17T22:15:51.748750477Z 62 PC: 141dd | Close file
2018-12-17T22:15:51.756657751Z 67 PC: 141dd | Get or set file attributes
2018-12-17T22:15:51.761023518Z 79 PC: 141dd | Find next file
2018-12-17T22:15:51.763802035Z 61 PC: 141dd | Open file (Filename = 'HELLO.COM')
2018-12-17T22:15:51.77166806Z 63 PC: 141dd | Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:15:51.779389182Z 62 PC: 141dd | Close file
2018-12-17T22:15:51.781136133Z 67 PC: 141dd | Get or set file attributes
2018-12-17T22:15:51.787395831Z 67 PC: 141dd | Get or set file attributes
2018-12-17T22:15:51.801223856Z 61 PC: 141dd | Open file (Filename = 'HELLO.COM')
2018-12-17T22:15:51.813175431Z 87 PC: 141dd | Get or set file date and time
2018-12-17T22:15:51.815648795Z 66 PC: 141dd | Move file pointer
2018-12-17T22:15:51.817302208Z 87 PC: 141dd | Get or set file date and time
2018-12-17T22:15:51.818846794Z 62 PC: 141dd | Close file
2018-12-17T22:15:51.827280925Z 67 PC: 141dd | Get or set file attributes
2018-12-17T22:15:51.831649058Z 79 PC: 141dd | Find next file
2018-12-17T22:15:51.834781272Z 61 PC: 141dd | Open file (Filename = 'PHANG.COM')
2018-12-17T22:15:51.842443194Z 63 PC: 141dd | Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:15:51.848736507Z 62 PC: 141dd | Close file
2018-12-17T22:15:51.85058118Z 67 PC: 141dd | Get or set file attributes
2018-12-17T22:15:51.857125855Z 67 PC: 141dd | Get or set file attributes
2018-12-17T22:15:51.866963885Z 61 PC: 141dd | Open file (Filename = 'PHANG.COM')
2018-12-17T22:15:51.878288234Z 87 PC: 141dd | Get or set file date and time
2018-12-17T22:15:51.881796966Z 66 PC: 141dd | Move file pointer
2018-12-17T22:15:51.883291007Z 87 PC: 141dd | Get or set file date and time
2018-12-17T22:15:51.884821666Z 62 PC: 141dd | Close file
2018-12-17T22:15:51.891689448Z 67 PC: 141dd | Get or set file attributes
2018-12-17T22:15:51.896872755Z 79 PC: 141dd | Find next file
2018-12-17T22:15:51.89954194Z 61 PC: 141dd | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:15:51.905901048Z 63 PC: 141dd | Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:15:51.912965895Z 62 PC: 141dd | Close file
2018-12-17T22:15:51.914821806Z 67 PC: 141dd | Get or set file attributes
2018-12-17T22:15:51.922018909Z 67 PC: 141dd | Get or set file attributes
2018-12-17T22:15:51.932804406Z 61 PC: 141dd | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:15:51.948887058Z 87 PC: 141dd | Get or set file date and time
2018-12-17T22:15:51.950441405Z 66 PC: 141dd | Move file pointer
2018-12-17T22:15:51.952744375Z 87 PC: 141dd | Get or set file date and time
2018-12-17T22:15:51.954304264Z 62 PC: 141dd | Close file
2018-12-17T22:15:51.961030235Z 67 PC: 141dd | Get or set file attributes
2018-12-17T22:15:51.966361451Z 79 PC: 141dd | Find next file
2018-12-17T22:15:51.968957143Z 61 PC: 141dd | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:15:51.975641316Z 63 PC: 141dd | Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:15:51.98286086Z 62 PC: 141dd | Close file
2018-12-17T22:15:51.984590934Z 67 PC: 141dd | Get or set file attributes
2018-12-17T22:15:51.990328111Z 67 PC: 141dd | Get or set file attributes
2018-12-17T22:15:52.003516978Z 61 PC: 141dd | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:15:52.015520491Z 87 PC: 141dd | Get or set file date and time
2018-12-17T22:15:52.016814187Z 66 PC: 141dd | Move file pointer
2018-12-17T22:15:52.018211032Z 87 PC: 141dd | Get or set file date and time
2018-12-17T22:15:52.020430859Z 62 PC: 141dd | Close file
2018-12-17T22:15:52.027069376Z 67 PC: 141dd | Get or set file attributes
2018-12-17T22:15:52.031372431Z 79 PC: 141dd | Find next file
2018-12-17T22:15:52.034671824Z 61 PC: 141dd | Open file (Filename = 'PAH.COM')
2018-12-17T22:15:52.041351538Z 63 PC: 141dd | Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:15:52.047850302Z 62 PC: 141dd | Close file
2018-12-17T22:15:52.050233398Z 67 PC: 141dd | Get or set file attributes
2018-12-17T22:15:52.056183494Z 67 PC: 141dd | Get or set file attributes
2018-12-17T22:15:52.068385636Z 61 PC: 141dd | Open file (Filename = 'PAH.COM')
2018-12-17T22:15:52.080129536Z 87 PC: 141dd | Get or set file date and time
2018-12-17T22:15:52.081353595Z 66 PC: 141dd | Move file pointer
2018-12-17T22:15:52.082647912Z 87 PC: 141dd | Get or set file date and time
2018-12-17T22:15:52.084164659Z 62 PC: 141dd | Close file
2018-12-17T22:15:52.090757241Z 67 PC: 141dd | Get or set file attributes
2018-12-17T22:15:52.094982493Z 79 PC: 141dd | Find next file
2018-12-17T22:15:52.097676372Z 78 PC: 141dd | Find first file
2018-12-17T22:15:52.103337256Z 61 PC: 141dd | Open file (Filename = 'TEST.EXE')
2018-12-17T22:15:52.109362857Z 63 PC: 141dd | Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:15:52.115693435Z 62 PC: 141dd | Close file
2018-12-17T22:15:52.117391055Z 37 PC: 141dd | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:15:52.118472731Z 59 PC: 13537 | Change current directory
2018-12-17T22:15:52.12731577Z 26 PC: 134a0 | Set disk transfer address
2018-12-17T22:15:52.128374396Z 97 PC: 137ed | Reserved
2018-12-17T22:15:52.129445189Z 82 PC: 141dd | Get DOS internal pointers (SYSVARS)
2018-12-17T22:15:52.131200027Z 9 PC: 12a82 | Display string (String= 'Goat file (EXE). Size=000007D0h/0000002000d bytes. ')
2018-12-17T22:15:52.135323958Z 76 PC: 12a86 | Terminate with return code (Return code = '36')
2018-12-17T22:15:52.138599805Z 44 PC: 9f7f7 | Get time 0x9f7f7: mov word ptr cs:[si + 0xf95], dx
0x9f7fc: pop si
0x9f7fd: pop cx
0x9f7fe: pop dx
0x9f7ff: pop ax
0x9f800: ret
0x9f801: mov ah, 0x2a
0x9f803: int 0x21
0x9f805: cmp dl, 7
0x9f808: je 0x9f80b
0x9f80a: ret
0x9f80b: cmp al, 0
0x9f80d: je 0x9f810
0x9f80f: ret
0x9f810: cli
0x9f811: in al, 0x21
0x9f813: or al, 2
0x9f815: out 0x21, al
0x9f817: mov ax, 3
0x9f81a: int 0x10

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":2877,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:47:28.674909876Z 42 PC: 13eaa | Get date 0x13eaa: cmp dl, 7
0x13ead: je 0x13eb0
0x13eaf: ret
0x13eb0: cmp al, 0
0x13eb2: je 0x13eb5
0x13eb4: ret
0x13eb5: cli
0x13eb6: in al, 0x21
0x13eb8: or al, 2
0x13eba: out 0x21, al
0x13ebc: mov ax, 3
0x13ebf: int 0x10
0x13ec1: call 0x140e8
0x13ec4: and byte ptr [bx + si], ah
0x13ec6: and byte ptr [bx + si], ah
0x13ec8: and byte ptr [bx + si], ah
0x13eca: and byte ptr [bx + si], ah
0x13ecc: and byte ptr [bx + si], ah
0x13ece: dec bp
0x13ecf: dec cx
2018-12-25T11:47:28.678706086Z 44 PC: 13e9c | Get time 0x13e9c: mov word ptr cs:[si + 0xf95], dx
0x13ea1: pop si
0x13ea2: pop cx
0x13ea3: pop dx
0x13ea4: pop ax
0x13ea5: ret
0x13ea6: mov ah, 0x2a
0x13ea8: int 0x21
0x13eaa: cmp dl, 7
0x13ead: je 0x13eb0
0x13eaf: ret
0x13eb0: cmp al, 0
0x13eb2: je 0x13eb5
0x13eb4: ret
0x13eb5: cli
0x13eb6: in al, 0x21
0x13eb8: or al, 2
0x13eba: out 0x21, al
0x13ebc: mov ax, 3
0x13ebf: int 0x10
2018-12-25T11:47:28.680805411Z 26 PC: 1346c | Set disk transfer address
2018-12-25T11:47:28.681810595Z 71 PC: 13511 | Get current directory
2018-12-25T11:47:28.68522234Z 53 PC: 141dd | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:47:28.686306306Z 37 PC: 141dd | Set interrupt vector (See above)
2018-12-25T11:47:28.687777969Z 78 PC: 141dd | Find first file (See above)
2018-12-25T11:47:28.694242063Z 61 PC: 141dd | Open file (See above)
2018-12-25T11:47:28.700984991Z 63 PC: 141dd | Read file or device (See above)
2018-12-25T11:47:28.707644118Z 62 PC: 141dd | Close file (See above)
2018-12-25T11:47:28.710158491Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:28.716852157Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:29.86398786Z 61 PC: 141dd | Open file (See above)
2018-12-25T11:47:29.870999814Z 87 PC: 141dd | Get or set file date and time (See above)
2018-12-25T11:47:29.872376942Z 66 PC: 141dd | Move file pointer (See above)
2018-12-25T11:47:29.873802374Z 87 PC: 141dd | Get or set file date and time (See above)
2018-12-25T11:47:29.87592219Z 62 PC: 141dd | Close file (See above)
2018-12-25T11:47:30.11672465Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:30.121140071Z 79 PC: 141dd | Find next file (See above)
2018-12-25T11:47:30.124411633Z 61 PC: 141dd | Open file (See above)
2018-12-25T11:47:30.130790666Z 63 PC: 141dd | Read file or device (See above)
2018-12-25T11:47:30.137055994Z 62 PC: 141dd | Close file (See above)
2018-12-25T11:47:30.139420544Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:30.1456637Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:30.206711512Z 61 PC: 141dd | Open file (See above)
2018-12-25T11:47:30.213707041Z 87 PC: 141dd | Get or set file date and time (See above)
2018-12-25T11:47:30.215049819Z 66 PC: 141dd | Move file pointer (See above)
2018-12-25T11:47:30.21634233Z 87 PC: 141dd | Get or set file date and time (See above)
2018-12-25T11:47:30.218152835Z 62 PC: 141dd | Close file (See above)
2018-12-25T11:47:30.274002312Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:30.278246228Z 79 PC: 141dd | Find next file (See above)
2018-12-25T11:47:30.281363489Z 61 PC: 141dd | Open file (See above)
2018-12-25T11:47:30.287601909Z 63 PC: 141dd | Read file or device (See above)
2018-12-25T11:47:30.293705107Z 62 PC: 141dd | Close file (See above)
2018-12-25T11:47:30.296170686Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:30.306950251Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:30.384635222Z 61 PC: 141dd | Open file (See above)
2018-12-25T11:47:30.3916584Z 87 PC: 141dd | Get or set file date and time (See above)
2018-12-25T11:47:30.393038674Z 66 PC: 141dd | Move file pointer (See above)
2018-12-25T11:47:30.394358359Z 87 PC: 141dd | Get or set file date and time (See above)
2018-12-25T11:47:30.396362978Z 62 PC: 141dd | Close file (See above)
2018-12-25T11:47:30.482787751Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:30.487112745Z 79 PC: 141dd | Find next file (See above)
2018-12-25T11:47:30.490625054Z 61 PC: 141dd | Open file (See above)
2018-12-25T11:47:30.501835826Z 63 PC: 141dd | Read file or device (See above)
2018-12-25T11:47:30.508042006Z 62 PC: 141dd | Close file (See above)
2018-12-25T11:47:30.509661498Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:30.520578507Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:30.646714763Z 61 PC: 141dd | Open file (See above)
2018-12-25T11:47:30.653191845Z 87 PC: 141dd | Get or set file date and time (See above)
2018-12-25T11:47:30.654736826Z 66 PC: 141dd | Move file pointer (See above)
2018-12-25T11:47:30.656326448Z 87 PC: 141dd | Get or set file date and time (See above)
2018-12-25T11:47:30.658061333Z 62 PC: 141dd | Close file (See above)
2018-12-25T11:47:30.750512866Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:30.754828086Z 79 PC: 141dd | Find next file (See above)
2018-12-25T11:47:30.757355739Z 61 PC: 141dd | Open file (See above)
2018-12-25T11:47:30.769078673Z 63 PC: 141dd | Read file or device (See above)
2018-12-25T11:47:30.774786135Z 62 PC: 141dd | Close file (See above)
2018-12-25T11:47:30.776480018Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:30.783017969Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:30.896164412Z 61 PC: 141dd | Open file (See above)
2018-12-25T11:47:30.903598596Z 87 PC: 141dd | Get or set file date and time (See above)
2018-12-25T11:47:30.906847568Z 66 PC: 141dd | Move file pointer (See above)
2018-12-25T11:47:30.908620472Z 87 PC: 141dd | Get or set file date and time (See above)
2018-12-25T11:47:30.910164702Z 62 PC: 141dd | Close file (See above)
2018-12-25T11:47:31.062576301Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:31.065683241Z 79 PC: 141dd | Find next file (See above)
2018-12-25T11:47:31.067445091Z 61 PC: 141dd | Open file (See above)
2018-12-25T11:47:31.072974749Z 63 PC: 141dd | Read file or device (See above)
2018-12-25T11:47:31.077136269Z 62 PC: 141dd | Close file (See above)
2018-12-25T11:47:31.078375606Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:31.087068771Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:31.265010361Z 61 PC: 141dd | Open file (See above)
2018-12-25T11:47:31.271715327Z 87 PC: 141dd | Get or set file date and time (See above)
2018-12-25T11:47:31.273950064Z 66 PC: 141dd | Move file pointer (See above)
2018-12-25T11:47:31.275479196Z 87 PC: 141dd | Get or set file date and time (See above)
2018-12-25T11:47:31.276859474Z 62 PC: 141dd | Close file (See above)
2018-12-25T11:47:31.506582324Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:31.511437479Z 79 PC: 141dd | Find next file (See above)
2018-12-25T11:47:31.51442407Z 61 PC: 141dd | Open file (See above)
2018-12-25T11:47:31.521643822Z 63 PC: 141dd | Read file or device (See above)
2018-12-25T11:47:31.527818218Z 62 PC: 141dd | Close file (See above)
2018-12-25T11:47:31.529474848Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:31.540246705Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:31.804663778Z 61 PC: 141dd | Open file (See above)
2018-12-25T11:47:31.811872831Z 87 PC: 141dd | Get or set file date and time (See above)
2018-12-25T11:47:31.815026124Z 66 PC: 141dd | Move file pointer (See above)
2018-12-25T11:47:31.816571648Z 87 PC: 141dd | Get or set file date and time (See above)
2018-12-25T11:47:31.818072139Z 62 PC: 141dd | Close file (See above)
2018-12-25T11:47:31.968507497Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:31.974656856Z 79 PC: 141dd | Find next file (See above)
2018-12-25T11:47:31.977893177Z 78 PC: 141dd | Find first file (See above)
2018-12-25T11:47:31.984806771Z 61 PC: 141dd | Open file (See above)
2018-12-25T11:47:31.998105819Z 63 PC: 141dd | Read file or device (See above)
2018-12-25T11:47:32.005267842Z 62 PC: 141dd | Close file (See above)
2018-12-25T11:47:32.008821424Z 37 PC: 141dd | Set interrupt vector (See above)
2018-12-25T11:47:32.010690385Z 59 PC: 13537 | Change current directory
2018-12-25T11:47:32.01565098Z 26 PC: 134a0 | Set disk transfer address
2018-12-25T11:47:32.017254472Z 97 PC: 137ed | Reserved
2018-12-25T11:47:32.019223703Z 82 PC: 141dd | Get DOS internal pointers (SYSVARS) (See above)
2018-12-25T11:47:32.020600513Z 9 PC: 12a82 | Display string (String= 'Goat file (EXE). Size=000007D0h/0000002000d bytes. ')
2018-12-25T11:47:32.028154048Z 76 PC: 12a86 | Terminate with return code (Return code = '36')
2018-12-25T11:47:32.031740596Z 44 PC: 9f7f7 | Get time 0x9f7f7: mov word ptr cs:[si + 0xf95], dx
0x9f7fc: pop si
0x9f7fd: pop cx
0x9f7fe: pop dx
0x9f7ff: pop ax
0x9f800: ret
0x9f801: mov ah, 0x2a
0x9f803: int 0x21
0x9f805: cmp dl, 7
0x9f808: je 0x9f80b
0x9f80a: ret
0x9f80b: cmp al, 0
0x9f80d: je 0x9f810
0x9f80f: ret
0x9f810: cli
0x9f811: in al, 0x21
0x9f813: or al, 2
0x9f815: out 0x21, al
0x9f817: mov ax, 3
0x9f81a: int 0x10

{"DateBased":true,"Day":7,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":2877,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:47:28.805911122Z 42 PC: 13eaa | Get date 0x13eaa: cmp dl, 7
0x13ead: je 0x13eb0
0x13eaf: ret
0x13eb0: cmp al, 0
0x13eb2: je 0x13eb5
0x13eb4: ret
0x13eb5: cli
0x13eb6: in al, 0x21
0x13eb8: or al, 2
0x13eba: out 0x21, al
0x13ebc: mov ax, 3
0x13ebf: int 0x10
0x13ec1: call 0x140e8
0x13ec4: and byte ptr [bx + si], ah
0x13ec6: and byte ptr [bx + si], ah
0x13ec8: and byte ptr [bx + si], ah
0x13eca: and byte ptr [bx + si], ah
0x13ecc: and byte ptr [bx + si], ah
0x13ece: dec bp
0x13ecf: dec cx
2018-12-25T11:47:28.808469391Z 44 PC: 13e9c | Get time 0x13e9c: mov word ptr cs:[si + 0xf95], dx
0x13ea1: pop si
0x13ea2: pop cx
0x13ea3: pop dx
0x13ea4: pop ax
0x13ea5: ret
0x13ea6: mov ah, 0x2a
0x13ea8: int 0x21
0x13eaa: cmp dl, 7
0x13ead: je 0x13eb0
0x13eaf: ret
0x13eb0: cmp al, 0
0x13eb2: je 0x13eb5
0x13eb4: ret
0x13eb5: cli
0x13eb6: in al, 0x21
0x13eb8: or al, 2
0x13eba: out 0x21, al
0x13ebc: mov ax, 3
0x13ebf: int 0x10
2018-12-25T11:47:28.810876418Z 26 PC: 1346c | Set disk transfer address
2018-12-25T11:47:28.812384125Z 71 PC: 13511 | Get current directory
2018-12-25T11:47:28.8154918Z 53 PC: 141dd | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:47:28.817008579Z 37 PC: 141dd | Set interrupt vector (See above)
2018-12-25T11:47:28.818095382Z 78 PC: 141dd | Find first file (See above)
2018-12-25T11:47:28.824278625Z 61 PC: 141dd | Open file (See above)
2018-12-25T11:47:28.830867654Z 63 PC: 141dd | Read file or device (See above)
2018-12-25T11:47:28.836813099Z 62 PC: 141dd | Close file (See above)
2018-12-25T11:47:28.83838193Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:28.845901031Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:29.863922607Z 61 PC: 141dd | Open file (See above)
2018-12-25T11:47:29.868093627Z 87 PC: 141dd | Get or set file date and time (See above)
2018-12-25T11:47:29.869692535Z 66 PC: 141dd | Move file pointer (See above)
2018-12-25T11:47:29.871045952Z 87 PC: 141dd | Get or set file date and time (See above)
2018-12-25T11:47:29.872326247Z 62 PC: 141dd | Close file (See above)
2018-12-25T11:47:30.076695915Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:30.08121283Z 79 PC: 141dd | Find next file (See above)
2018-12-25T11:47:30.083791901Z 61 PC: 141dd | Open file (See above)
2018-12-25T11:47:30.090111448Z 63 PC: 141dd | Read file or device (See above)
2018-12-25T11:47:30.097217119Z 62 PC: 141dd | Close file (See above)
2018-12-25T11:47:30.098878078Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:30.105030627Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:30.165698463Z 61 PC: 141dd | Open file (See above)
2018-12-25T11:47:30.172306187Z 87 PC: 141dd | Get or set file date and time (See above)
2018-12-25T11:47:30.173553794Z 66 PC: 141dd | Move file pointer (See above)
2018-12-25T11:47:30.175898304Z 87 PC: 141dd | Get or set file date and time (See above)
2018-12-25T11:47:30.177315576Z 62 PC: 141dd | Close file (See above)
2018-12-25T11:47:30.238977128Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:30.243685972Z 79 PC: 141dd | Find next file (See above)
2018-12-25T11:47:30.246279057Z 61 PC: 141dd | Open file (See above)
2018-12-25T11:47:30.252501537Z 63 PC: 141dd | Read file or device (See above)
2018-12-25T11:47:30.259721594Z 62 PC: 141dd | Close file (See above)
2018-12-25T11:47:30.26232254Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:30.273559587Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:30.333107816Z 61 PC: 141dd | Open file (See above)
2018-12-25T11:47:30.339595032Z 87 PC: 141dd | Get or set file date and time (See above)
2018-12-25T11:47:30.340887558Z 66 PC: 141dd | Move file pointer (See above)
2018-12-25T11:47:30.342780982Z 87 PC: 141dd | Get or set file date and time (See above)
2018-12-25T11:47:30.344216342Z 62 PC: 141dd | Close file (See above)
2018-12-25T11:47:30.420382851Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:30.425621875Z 79 PC: 141dd | Find next file (See above)
2018-12-25T11:47:30.428371895Z 61 PC: 141dd | Open file (See above)
2018-12-25T11:47:30.439513211Z 63 PC: 141dd | Read file or device (See above)
2018-12-25T11:47:30.44611665Z 62 PC: 141dd | Close file (See above)
2018-12-25T11:47:30.448196822Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:30.458897627Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:30.595276777Z 61 PC: 141dd | Open file (See above)
2018-12-25T11:47:30.601997563Z 87 PC: 141dd | Get or set file date and time (See above)
2018-12-25T11:47:30.603378357Z 66 PC: 141dd | Move file pointer (See above)
2018-12-25T11:47:30.604786297Z 87 PC: 141dd | Get or set file date and time (See above)
2018-12-25T11:47:30.606708034Z 62 PC: 141dd | Close file (See above)
2018-12-25T11:47:30.681557579Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:30.685858585Z 79 PC: 141dd | Find next file (See above)
2018-12-25T11:47:30.688820766Z 61 PC: 141dd | Open file (See above)
2018-12-25T11:47:30.700282675Z 63 PC: 141dd | Read file or device (See above)
2018-12-25T11:47:30.706458004Z 62 PC: 141dd | Close file (See above)
2018-12-25T11:47:30.708396412Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:30.714614447Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:30.818761602Z 61 PC: 141dd | Open file (See above)
2018-12-25T11:47:30.827156218Z 87 PC: 141dd | Get or set file date and time (See above)
2018-12-25T11:47:30.828843122Z 66 PC: 141dd | Move file pointer (See above)
2018-12-25T11:47:30.83057356Z 87 PC: 141dd | Get or set file date and time (See above)
2018-12-25T11:47:30.8339546Z 62 PC: 141dd | Close file (See above)
2018-12-25T11:47:31.030484795Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:31.034984211Z 79 PC: 141dd | Find next file (See above)
2018-12-25T11:47:31.039359968Z 61 PC: 141dd | Open file (See above)
2018-12-25T11:47:31.046758415Z 63 PC: 141dd | Read file or device (See above)
2018-12-25T11:47:31.053381038Z 62 PC: 141dd | Close file (See above)
2018-12-25T11:47:31.05646232Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:31.068092519Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:31.170597784Z 61 PC: 141dd | Open file (See above)
2018-12-25T11:47:31.177850124Z 87 PC: 141dd | Get or set file date and time (See above)
2018-12-25T11:47:31.17928016Z 66 PC: 141dd | Move file pointer (See above)
2018-12-25T11:47:31.180699738Z 87 PC: 141dd | Get or set file date and time (See above)
2018-12-25T11:47:31.182984943Z 62 PC: 141dd | Close file (See above)
2018-12-25T11:47:31.377594275Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:31.382161231Z 79 PC: 141dd | Find next file (See above)
2018-12-25T11:47:31.385953306Z 61 PC: 141dd | Open file (See above)
2018-12-25T11:47:31.397396059Z 63 PC: 141dd | Read file or device (See above)
2018-12-25T11:47:31.403758289Z 62 PC: 141dd | Close file (See above)
2018-12-25T11:47:31.40680741Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:31.41345914Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:31.670124929Z 61 PC: 141dd | Open file (See above)
2018-12-25T11:47:31.677381344Z 87 PC: 141dd | Get or set file date and time (See above)
2018-12-25T11:47:31.679200901Z 66 PC: 141dd | Move file pointer (See above)
2018-12-25T11:47:31.680525191Z 87 PC: 141dd | Get or set file date and time (See above)
2018-12-25T11:47:31.682314971Z 62 PC: 141dd | Close file (See above)
2018-12-25T11:47:31.930960266Z 67 PC: 141dd | Get or set file attributes (See above)
2018-12-25T11:47:31.935473042Z 79 PC: 141dd | Find next file (See above)
2018-12-25T11:47:31.938694195Z 78 PC: 141dd | Find first file (See above)
2018-12-25T11:47:31.944983823Z 61 PC: 141dd | Open file (See above)
2018-12-25T11:47:31.956388478Z 63 PC: 141dd | Read file or device (See above)
2018-12-25T11:47:31.963427447Z 62 PC: 141dd | Close file (See above)
2018-12-25T11:47:31.966601502Z 37 PC: 141dd | Set interrupt vector (See above)
2018-12-25T11:47:31.968074101Z 59 PC: 13537 | Change current directory
2018-12-25T11:47:31.972168241Z 26 PC: 134a0 | Set disk transfer address
2018-12-25T11:47:31.974769647Z 97 PC: 137ed | Reserved
2018-12-25T11:47:31.975937054Z 82 PC: 141dd | Get DOS internal pointers (SYSVARS) (See above)
2018-12-25T11:47:31.977314157Z 9 PC: 12a82 | Display string (String= 'Goat file (EXE). Size=000007D0h/0000002000d bytes. ')
2018-12-25T11:47:31.984549476Z 76 PC: 12a86 | Terminate with return code (Return code = '36')
2018-12-25T11:47:31.987871079Z 44 PC: 9f7f7 | Get time 0x9f7f7: mov word ptr cs:[si + 0xf95], dx
0x9f7fc: pop si
0x9f7fd: pop cx
0x9f7fe: pop dx
0x9f7ff: pop ax
0x9f800: ret
0x9f801: mov ah, 0x2a
0x9f803: int 0x21
0x9f805: cmp dl, 7
0x9f808: je 0x9f80b
0x9f80a: ret
0x9f80b: cmp al, 0
0x9f80d: je 0x9f810
0x9f80f: ret
0x9f810: cli
0x9f811: in al, 0x21
0x9f813: or al, 2
0x9f815: out 0x21, al
0x9f817: mov ax, 3
0x9f81a: int 0x10

{"DateBased":true,"Day":7,"Month":9,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":2877,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:47:29.247185795Z 42 PC: 13eaa | Get date 0x13eaa: cmp dl, 7
0x13ead: je 0x13eb0
0x13eaf: ret
0x13eb0: cmp al, 0
0x13eb2: je 0x13eb5
0x13eb4: ret
0x13eb5: cli
0x13eb6: in al, 0x21
0x13eb8: or al, 2
0x13eba: out 0x21, al
0x13ebc: mov ax, 3
0x13ebf: int 0x10
0x13ec1: call 0x140e8
0x13ec4: and byte ptr [bx + si], ah
0x13ec6: and byte ptr [bx + si], ah
0x13ec8: and byte ptr [bx + si], ah
0x13eca: and byte ptr [bx + si], ah
0x13ecc: and byte ptr [bx + si], ah
0x13ece: dec bp
0x13ecf: dec cx
2018-12-25T11:47:29.258580554Z 9 PC: 140ef | Display string (Could not find end pointer)