Sample viewer

vx.netlux.org/Virus.DOS.ARCV.664

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T21:52:55.162816195Z 26 PC: 12ad5 | Set disk transfer address
2018-12-17T21:52:55.165091087Z 78 PC: 12b36 | Find first file
2018-12-17T21:52:55.171355194Z 78 PC: 12b36 | Find first file
2018-12-17T21:52:55.177171918Z 61 PC: 12ccd | Open file (Filename = 'SLEEP.COM')
2018-12-17T21:52:55.184224869Z 63 PC: 12b48 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T21:52:55.190400246Z 62 PC: 12b4c | Close file
2018-12-17T21:52:55.19215184Z 67 PC: 12cd8 | Get or set file attributes
2018-12-17T21:52:55.22703122Z 61 PC: 12ccd | Open file (Filename = 'SLEEP.COM')
2018-12-17T21:52:55.238599984Z 64 PC: 12cc4 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T21:52:55.245405662Z 66 PC: 12c8f | Move file pointer
2018-12-17T21:52:55.246701063Z 64 PC: 12cc4 | Write file or device (Write 664 bytes on handle 5)
2018-12-17T21:52:55.256144371Z 87 PC: 12c9f | Get or set file date and time
2018-12-17T21:52:55.257696302Z 62 PC: 12ca3 | Close file
2018-12-17T21:52:55.265219261Z 67 PC: 12cd8 | Get or set file attributes
2018-12-17T21:52:55.275452954Z 79 PC: 12b36 | Find next file
2018-12-17T21:52:55.278082625Z 61 PC: 12ccd | Open file (Filename = 'PRINT.COM')
2018-12-17T21:52:55.28442719Z 63 PC: 12b48 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T21:52:55.291615219Z 62 PC: 12b4c | Close file
2018-12-17T21:52:55.293918993Z 67 PC: 12cd8 | Get or set file attributes
2018-12-17T21:52:55.303998312Z 61 PC: 12ccd | Open file (Filename = 'PRINT.COM')
2018-12-17T21:52:55.312139154Z 64 PC: 12cc4 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T21:52:55.314794464Z 66 PC: 12c8f | Move file pointer
2018-12-17T21:52:55.31609728Z 64 PC: 12cc4 | Write file or device (Write 664 bytes on handle 5)
2018-12-17T21:52:55.32499575Z 87 PC: 12c9f | Get or set file date and time
2018-12-17T21:52:55.326647234Z 62 PC: 12ca3 | Close file
2018-12-17T21:52:55.334210597Z 67 PC: 12cd8 | Get or set file attributes
2018-12-17T21:52:55.34387628Z 79 PC: 12b36 | Find next file
2018-12-17T21:52:55.346596537Z 61 PC: 12ccd | Open file (Filename = 'HELLO.COM')
2018-12-17T21:52:55.352798609Z 63 PC: 12b48 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T21:52:55.358843818Z 62 PC: 12b4c | Close file
2018-12-17T21:52:55.361269433Z 67 PC: 12cd8 | Get or set file attributes
2018-12-17T21:52:55.37150775Z 61 PC: 12ccd | Open file (Filename = 'HELLO.COM')
2018-12-17T21:52:55.378031861Z 64 PC: 12cc4 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T21:52:55.381590108Z 66 PC: 12c8f | Move file pointer
2018-12-17T21:52:55.383317971Z 64 PC: 12cc4 | Write file or device (Write 664 bytes on handle 5)
2018-12-17T21:52:55.391683677Z 87 PC: 12c9f | Get or set file date and time
2018-12-17T21:52:55.394069287Z 62 PC: 12ca3 | Close file
2018-12-17T21:52:55.40194979Z 67 PC: 12cd8 | Get or set file attributes
2018-12-17T21:52:55.411872766Z 42 PC: 12a88 | Get date 0x12a88: cmp dh, 5
0x12a8b: je 0x12ad6
0x12a8d: cmp dl, 9
0x12a90: je 0x12ad6
0x12a92: mov dx, 0x80
0x12a95: cmp sp, 0x504b
0x12a99: je 0x12a9f
0x12a9b: call 0x12ad1
0x12a9e: ret
0x12a9f: pop es
0x12aa0: pop ds
0x12aa1: call 0x12ad1
0x12aa4: mov ax, es
0x12aa6: add ax, 0x10
0x12aa9: add word ptr cs:[bp + 0x17f], ax
0x12aae: add ax, word ptr cs:[bp + 0x183]
0x12ab3: cli
0x12ab4: mov sp, word ptr cs:[bp + 0x181]
0x12ab9: mov ss, ax
0x12abb: sti
2018-12-17T21:52:55.41491676Z 26 PC: 12ad5 | Set disk transfer address

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":302,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:40:25.510091373Z 26 PC: 12ad5 | Set disk transfer address
2018-12-25T11:40:25.511806988Z 78 PC: 12b36 | Find first file
2018-12-25T11:40:25.515439152Z 78 PC: 12b36 | Find first file (See above)
2018-12-25T11:40:25.518864828Z 61 PC: 12ccd | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:40:25.526099018Z 63 PC: 12b48 | Read file or device (Read 26 bytes on handle 5)
2018-12-25T11:40:25.530064241Z 62 PC: 12b4c | Close file
2018-12-25T11:40:25.531182371Z 67 PC: 12cd8 | Get or set file attributes
2018-12-25T11:40:25.545817266Z 61 PC: 12ccd | Open file (See above)
2018-12-25T11:40:25.557918907Z 64 PC: 12cc4 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:40:25.564537452Z 66 PC: 12c8f | Move file pointer
2018-12-25T11:40:25.56613704Z 64 PC: 12cc4 | Write file or device (See above)
2018-12-25T11:40:25.574523053Z 87 PC: 12c9f | Get or set file date and time
2018-12-25T11:40:25.575929626Z 62 PC: 12ca3 | Close file
2018-12-25T11:40:25.583605049Z 67 PC: 12cd8 | Get or set file attributes (See above)
2018-12-25T11:40:25.594117267Z 79 PC: 12b36 | Find next file (See above)
2018-12-25T11:40:25.596499169Z 61 PC: 12ccd | Open file (See above)
2018-12-25T11:40:25.602640171Z 63 PC: 12b48 | Read file or device (See above)
2018-12-25T11:40:25.609126241Z 62 PC: 12b4c | Close file (See above)
2018-12-25T11:40:25.610762279Z 67 PC: 12cd8 | Get or set file attributes (See above)
2018-12-25T11:40:25.924192199Z 61 PC: 12ccd | Open file (See above)
2018-12-25T11:40:25.931172227Z 64 PC: 12cc4 | Write file or device (See above)
2018-12-25T11:40:25.933928999Z 66 PC: 12c8f | Move file pointer (See above)
2018-12-25T11:40:25.93564471Z 64 PC: 12cc4 | Write file or device (See above)
2018-12-25T11:40:25.944239266Z 87 PC: 12c9f | Get or set file date and time (See above)
2018-12-25T11:40:25.94621465Z 62 PC: 12ca3 | Close file (See above)
2018-12-25T11:40:25.954206374Z 67 PC: 12cd8 | Get or set file attributes (See above)
2018-12-25T11:40:25.964224077Z 79 PC: 12b36 | Find next file (See above)
2018-12-25T11:40:25.967165512Z 61 PC: 12ccd | Open file (See above)
2018-12-25T11:40:25.973390508Z 63 PC: 12b48 | Read file or device (See above)
2018-12-25T11:40:25.988751043Z 62 PC: 12b4c | Close file (See above)
2018-12-25T11:40:25.998826505Z 67 PC: 12cd8 | Get or set file attributes (See above)
2018-12-25T11:40:26.008998625Z 61 PC: 12ccd | Open file (See above)
2018-12-25T11:40:26.015955295Z 64 PC: 12cc4 | Write file or device (See above)
2018-12-25T11:40:26.023159057Z 66 PC: 12c8f | Move file pointer (See above)
2018-12-25T11:40:26.024666546Z 64 PC: 12cc4 | Write file or device (See above)
2018-12-25T11:40:26.033941023Z 87 PC: 12c9f | Get or set file date and time (See above)
2018-12-25T11:40:26.035102245Z 62 PC: 12ca3 | Close file (See above)
2018-12-25T11:40:26.040020538Z 67 PC: 12cd8 | Get or set file attributes (See above)
2018-12-25T11:40:26.366092548Z 42 PC: 12a88 | Get date 0x12a88: cmp dh, 5
0x12a8b: je 0x12ad6
0x12a8d: cmp dl, 9
0x12a90: je 0x12ad6
0x12a92: mov dx, 0x80
0x12a95: cmp sp, 0x504b
0x12a99: je 0x12a9f
0x12a9b: call 0x12ad1
0x12a9e: ret
0x12a9f: pop es
0x12aa0: pop ds
0x12aa1: call 0x12ad1
0x12aa4: mov ax, es
0x12aa6: add ax, 0x10
0x12aa9: add word ptr cs:[bp + 0x17f], ax
0x12aae: add ax, word ptr cs:[bp + 0x183]
0x12ab3: cli
0x12ab4: mov sp, word ptr cs:[bp + 0x181]
0x12ab9: mov ss, ax
0x12abb: sti
2018-12-25T11:40:26.368177469Z 26 PC: 12ad5 | Set disk transfer address (See above)

{"DateBased":true,"Day":9,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":302,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:40:25.623841569Z 26 PC: 12ad5 | Set disk transfer address
2018-12-25T11:40:25.625654335Z 78 PC: 12b36 | Find first file
2018-12-25T11:40:25.635710834Z 78 PC: 12b36 | Find first file (See above)
2018-12-25T11:40:25.642660393Z 61 PC: 12ccd | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:40:25.650282334Z 63 PC: 12b48 | Read file or device (Read 26 bytes on handle 5)
2018-12-25T11:40:25.657798253Z 62 PC: 12b4c | Close file
2018-12-25T11:40:25.659769423Z 67 PC: 12cd8 | Get or set file attributes
2018-12-25T11:40:25.677113793Z 61 PC: 12ccd | Open file (See above)
2018-12-25T11:40:25.691139785Z 64 PC: 12cc4 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:40:25.698671594Z 66 PC: 12c8f | Move file pointer
2018-12-25T11:40:25.700308492Z 64 PC: 12cc4 | Write file or device (See above)
2018-12-25T11:40:25.711099021Z 87 PC: 12c9f | Get or set file date and time
2018-12-25T11:40:25.712938286Z 62 PC: 12ca3 | Close file
2018-12-25T11:40:25.723794759Z 67 PC: 12cd8 | Get or set file attributes (See above)
2018-12-25T11:40:25.736232793Z 79 PC: 12b36 | Find next file (See above)
2018-12-25T11:40:25.739567778Z 61 PC: 12ccd | Open file (See above)
2018-12-25T11:40:25.747683113Z 63 PC: 12b48 | Read file or device (See above)
2018-12-25T11:40:25.755350187Z 62 PC: 12b4c | Close file (See above)
2018-12-25T11:40:25.758152101Z 67 PC: 12cd8 | Get or set file attributes (See above)
2018-12-25T11:40:25.770412487Z 61 PC: 12ccd | Open file (See above)
2018-12-25T11:40:25.778239035Z 64 PC: 12cc4 | Write file or device (See above)
2018-12-25T11:40:25.782489982Z 66 PC: 12c8f | Move file pointer (See above)
2018-12-25T11:40:25.784501562Z 64 PC: 12cc4 | Write file or device (See above)
2018-12-25T11:40:25.794247534Z 87 PC: 12c9f | Get or set file date and time (See above)
2018-12-25T11:40:25.797415269Z 62 PC: 12ca3 | Close file (See above)
2018-12-25T11:40:25.806147458Z 67 PC: 12cd8 | Get or set file attributes (See above)
2018-12-25T11:40:25.818229856Z 79 PC: 12b36 | Find next file (See above)
2018-12-25T11:40:25.822429892Z 61 PC: 12ccd | Open file (See above)
2018-12-25T11:40:25.829697701Z 63 PC: 12b48 | Read file or device (See above)
2018-12-25T11:40:25.837896368Z 62 PC: 12b4c | Close file (See above)
2018-12-25T11:40:25.841112325Z 67 PC: 12cd8 | Get or set file attributes (See above)
2018-12-25T11:40:25.85294834Z 61 PC: 12ccd | Open file (See above)
2018-12-25T11:40:25.860652662Z 64 PC: 12cc4 | Write file or device (See above)
2018-12-25T11:40:25.864402988Z 66 PC: 12c8f | Move file pointer (See above)
2018-12-25T11:40:25.867256355Z 64 PC: 12cc4 | Write file or device (See above)
2018-12-25T11:40:25.876732329Z 87 PC: 12c9f | Get or set file date and time (See above)
2018-12-25T11:40:25.88478475Z 62 PC: 12ca3 | Close file (See above)
2018-12-25T11:40:26.167894586Z 67 PC: 12cd8 | Get or set file attributes (See above)
2018-12-25T11:40:26.220353672Z 42 PC: 12a88 | Get date 0x12a88: cmp dh, 5
0x12a8b: je 0x12ad6
0x12a8d: cmp dl, 9
0x12a90: je 0x12ad6
0x12a92: mov dx, 0x80
0x12a95: cmp sp, 0x504b
0x12a99: je 0x12a9f
0x12a9b: call 0x12ad1
0x12a9e: ret
0x12a9f: pop es
0x12aa0: pop ds
0x12aa1: call 0x12ad1
0x12aa4: mov ax, es
0x12aa6: add ax, 0x10
0x12aa9: add word ptr cs:[bp + 0x17f], ax
0x12aae: add ax, word ptr cs:[bp + 0x183]
0x12ab3: cli
0x12ab4: mov sp, word ptr cs:[bp + 0x181]
0x12ab9: mov ss, ax
0x12abb: sti
2018-12-25T11:40:26.223281844Z 9 PC: 12ade | Display string (String= ' So Who`s the Best Then? ')
2018-12-25T11:40:26.229793862Z 10 PC: 12ae6 | Buffered keyboard input

{"DateBased":true,"Day":1,"Month":5,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":302,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:40:25.697316854Z 26 PC: 12ad5 | Set disk transfer address
2018-12-25T11:40:25.698599714Z 78 PC: 12b36 | Find first file
2018-12-25T11:40:25.70418311Z 78 PC: 12b36 | Find first file (See above)
2018-12-25T11:40:25.709483549Z 61 PC: 12ccd | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:40:25.720855408Z 63 PC: 12b48 | Read file or device (Read 26 bytes on handle 5)
2018-12-25T11:40:25.724639809Z 62 PC: 12b4c | Close file
2018-12-25T11:40:25.725771681Z 67 PC: 12cd8 | Get or set file attributes
2018-12-25T11:40:25.925932527Z 61 PC: 12ccd | Open file (See above)
2018-12-25T11:40:25.932587244Z 64 PC: 12cc4 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:40:25.935165204Z 66 PC: 12c8f | Move file pointer
2018-12-25T11:40:25.936857017Z 64 PC: 12cc4 | Write file or device (See above)
2018-12-25T11:40:25.945186519Z 87 PC: 12c9f | Get or set file date and time
2018-12-25T11:40:25.94652397Z 62 PC: 12ca3 | Close file
2018-12-25T11:40:25.95452199Z 67 PC: 12cd8 | Get or set file attributes (See above)
2018-12-25T11:40:25.965032212Z 79 PC: 12b36 | Find next file (See above)
2018-12-25T11:40:25.967905333Z 61 PC: 12ccd | Open file (See above)
2018-12-25T11:40:25.980526502Z 63 PC: 12b48 | Read file or device (See above)
2018-12-25T11:40:25.986964065Z 62 PC: 12b4c | Close file (See above)
2018-12-25T11:40:25.99069858Z 67 PC: 12cd8 | Get or set file attributes (See above)
2018-12-25T11:40:26.002053588Z 61 PC: 12ccd | Open file (See above)
2018-12-25T11:40:26.008785363Z 64 PC: 12cc4 | Write file or device (See above)
2018-12-25T11:40:26.011217531Z 66 PC: 12c8f | Move file pointer (See above)
2018-12-25T11:40:26.013014834Z 64 PC: 12cc4 | Write file or device (See above)
2018-12-25T11:40:26.021440492Z 87 PC: 12c9f | Get or set file date and time (See above)
2018-12-25T11:40:26.023055331Z 62 PC: 12ca3 | Close file (See above)
2018-12-25T11:40:26.03295835Z 67 PC: 12cd8 | Get or set file attributes (See above)
2018-12-25T11:40:26.043459304Z 79 PC: 12b36 | Find next file (See above)
2018-12-25T11:40:26.046100606Z 61 PC: 12ccd | Open file (See above)
2018-12-25T11:40:26.052900969Z 63 PC: 12b48 | Read file or device (See above)
2018-12-25T11:40:26.059108341Z 62 PC: 12b4c | Close file (See above)
2018-12-25T11:40:26.060834034Z 67 PC: 12cd8 | Get or set file attributes (See above)
2018-12-25T11:40:26.366740198Z 61 PC: 12ccd | Open file (See above)
2018-12-25T11:40:26.373496218Z 64 PC: 12cc4 | Write file or device (See above)
2018-12-25T11:40:26.376285401Z 66 PC: 12c8f | Move file pointer (See above)
2018-12-25T11:40:26.378180848Z 64 PC: 12cc4 | Write file or device (See above)
2018-12-25T11:40:26.386733461Z 87 PC: 12c9f | Get or set file date and time (See above)
2018-12-25T11:40:26.388379583Z 62 PC: 12ca3 | Close file (See above)
2018-12-25T11:40:26.396667451Z 67 PC: 12cd8 | Get or set file attributes (See above)
2018-12-25T11:40:26.406803879Z 42 PC: 12a88 | Get date 0x12a88: cmp dh, 5
0x12a8b: je 0x12ad6
0x12a8d: cmp dl, 9
0x12a90: je 0x12ad6
0x12a92: mov dx, 0x80
0x12a95: cmp sp, 0x504b
0x12a99: je 0x12a9f
0x12a9b: call 0x12ad1
0x12a9e: ret
0x12a9f: pop es
0x12aa0: pop ds
0x12aa1: call 0x12ad1
0x12aa4: mov ax, es
0x12aa6: add ax, 0x10
0x12aa9: add word ptr cs:[bp + 0x17f], ax
0x12aae: add ax, word ptr cs:[bp + 0x183]
0x12ab3: cli
0x12ab4: mov sp, word ptr cs:[bp + 0x181]
0x12ab9: mov ss, ax
0x12abb: sti
2018-12-25T11:40:26.408816374Z 9 PC: 12ade | Display string (String= ' So Who`s the Best Then? ')
2018-12-25T11:40:26.414541646Z 10 PC: 12ae6 | Buffered keyboard input

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":302,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:40:25.921685808Z 26 PC: 12ad5 | Set disk transfer address
2018-12-25T11:40:25.922981493Z 78 PC: 12b36 | Find first file
2018-12-25T11:40:25.928541586Z 78 PC: 12b36 | Find first file (See above)
2018-12-25T11:40:25.934027114Z 61 PC: 12ccd | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:40:25.940512891Z 63 PC: 12b48 | Read file or device (Read 26 bytes on handle 5)
2018-12-25T11:40:25.94657428Z 62 PC: 12b4c | Close file
2018-12-25T11:40:25.948173918Z 67 PC: 12cd8 | Get or set file attributes
2018-12-25T11:40:25.963727337Z 61 PC: 12ccd | Open file (See above)
2018-12-25T11:40:25.974714624Z 64 PC: 12cc4 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:40:25.980889608Z 66 PC: 12c8f | Move file pointer
2018-12-25T11:40:25.983191255Z 64 PC: 12cc4 | Write file or device (See above)
2018-12-25T11:40:25.992130205Z 87 PC: 12c9f | Get or set file date and time
2018-12-25T11:40:25.995497005Z 62 PC: 12ca3 | Close file
2018-12-25T11:40:26.003870121Z 67 PC: 12cd8 | Get or set file attributes (See above)
2018-12-25T11:40:26.013437195Z 79 PC: 12b36 | Find next file (See above)
2018-12-25T11:40:26.015868298Z 61 PC: 12ccd | Open file (See above)
2018-12-25T11:40:26.022926541Z 63 PC: 12b48 | Read file or device (See above)
2018-12-25T11:40:26.029058998Z 62 PC: 12b4c | Close file (See above)
2018-12-25T11:40:26.030709062Z 67 PC: 12cd8 | Get or set file attributes (See above)
2018-12-25T11:40:26.040872837Z 61 PC: 12ccd | Open file (See above)
2018-12-25T11:40:26.051214726Z 64 PC: 12cc4 | Write file or device (See above)
2018-12-25T11:40:26.057605042Z 66 PC: 12c8f | Move file pointer (See above)
2018-12-25T11:40:26.059093892Z 64 PC: 12cc4 | Write file or device (See above)
2018-12-25T11:40:26.36585432Z 87 PC: 12c9f | Get or set file date and time (See above)
2018-12-25T11:40:26.367508011Z 62 PC: 12ca3 | Close file (See above)
2018-12-25T11:40:26.375482152Z 67 PC: 12cd8 | Get or set file attributes (See above)
2018-12-25T11:40:26.385884694Z 79 PC: 12b36 | Find next file (See above)
2018-12-25T11:40:26.388788355Z 61 PC: 12ccd | Open file (See above)
2018-12-25T11:40:26.395775856Z 63 PC: 12b48 | Read file or device (See above)
2018-12-25T11:40:26.403511548Z 62 PC: 12b4c | Close file (See above)
2018-12-25T11:40:26.405328404Z 67 PC: 12cd8 | Get or set file attributes (See above)
2018-12-25T11:40:26.415219663Z 61 PC: 12ccd | Open file (See above)
2018-12-25T11:40:26.421809028Z 64 PC: 12cc4 | Write file or device (See above)
2018-12-25T11:40:26.423630143Z 66 PC: 12c8f | Move file pointer (See above)
2018-12-25T11:40:26.424597886Z 64 PC: 12cc4 | Write file or device (See above)
2018-12-25T11:40:26.43047649Z 87 PC: 12c9f | Get or set file date and time (See above)
2018-12-25T11:40:26.431840686Z 62 PC: 12ca3 | Close file (See above)
2018-12-25T11:40:26.439316632Z 67 PC: 12cd8 | Get or set file attributes (See above)
2018-12-25T11:40:26.44599624Z 42 PC: 12a88 | Get date 0x12a88: cmp dh, 5
0x12a8b: je 0x12ad6
0x12a8d: cmp dl, 9
0x12a90: je 0x12ad6
0x12a92: mov dx, 0x80
0x12a95: cmp sp, 0x504b
0x12a99: je 0x12a9f
0x12a9b: call 0x12ad1
0x12a9e: ret
0x12a9f: pop es
0x12aa0: pop ds
0x12aa1: call 0x12ad1
0x12aa4: mov ax, es
0x12aa6: add ax, 0x10
0x12aa9: add word ptr cs:[bp + 0x17f], ax
0x12aae: add ax, word ptr cs:[bp + 0x183]
0x12ab3: cli
0x12ab4: mov sp, word ptr cs:[bp + 0x181]
0x12ab9: mov ss, ax
0x12abb: sti
2018-12-25T11:40:26.448021541Z 26 PC: 12ad5 | Set disk transfer address (See above)

{"DateBased":true,"Day":9,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":302,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:40:25.949078399Z 26 PC: 12ad5 | Set disk transfer address
2018-12-25T11:40:25.950633064Z 78 PC: 12b36 | Find first file
2018-12-25T11:40:25.978553424Z 78 PC: 12b36 | Find first file (See above)
2018-12-25T11:40:25.985468539Z 61 PC: 12ccd | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:40:25.993123911Z 63 PC: 12b48 | Read file or device (Read 26 bytes on handle 5)
2018-12-25T11:40:26.000946664Z 62 PC: 12b4c | Close file
2018-12-25T11:40:26.003654419Z 67 PC: 12cd8 | Get or set file attributes
2018-12-25T11:40:26.220875221Z 61 PC: 12ccd | Open file (See above)
2018-12-25T11:40:26.236932629Z 64 PC: 12cc4 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:40:26.245173558Z 66 PC: 12c8f | Move file pointer
2018-12-25T11:40:26.246826986Z 64 PC: 12cc4 | Write file or device (See above)
2018-12-25T11:40:26.25787423Z 87 PC: 12c9f | Get or set file date and time
2018-12-25T11:40:26.259969668Z 62 PC: 12ca3 | Close file
2018-12-25T11:40:26.269788824Z 67 PC: 12cd8 | Get or set file attributes (See above)
2018-12-25T11:40:26.294149158Z 79 PC: 12b36 | Find next file (See above)
2018-12-25T11:40:26.297526022Z 61 PC: 12ccd | Open file (See above)
2018-12-25T11:40:26.305446844Z 63 PC: 12b48 | Read file or device (See above)
2018-12-25T11:40:26.313833144Z 62 PC: 12b4c | Close file (See above)
2018-12-25T11:40:26.316753169Z 67 PC: 12cd8 | Get or set file attributes (See above)
2018-12-25T11:40:26.329305624Z 61 PC: 12ccd | Open file (See above)
2018-12-25T11:40:26.345478701Z 64 PC: 12cc4 | Write file or device (See above)
2018-12-25T11:40:26.350882531Z 66 PC: 12c8f | Move file pointer (See above)
2018-12-25T11:40:26.352786004Z 64 PC: 12cc4 | Write file or device (See above)
2018-12-25T11:40:26.363044771Z 87 PC: 12c9f | Get or set file date and time (See above)
2018-12-25T11:40:26.365434486Z 62 PC: 12ca3 | Close file (See above)
2018-12-25T11:40:26.374362181Z 67 PC: 12cd8 | Get or set file attributes (See above)
2018-12-25T11:40:26.385610614Z 79 PC: 12b36 | Find next file (See above)
2018-12-25T11:40:26.397731869Z 61 PC: 12ccd | Open file (See above)
2018-12-25T11:40:26.405791124Z 63 PC: 12b48 | Read file or device (See above)
2018-12-25T11:40:26.41310875Z 62 PC: 12b4c | Close file (See above)
2018-12-25T11:40:26.416228084Z 67 PC: 12cd8 | Get or set file attributes (See above)
2018-12-25T11:40:26.428422534Z 61 PC: 12ccd | Open file (See above)
2018-12-25T11:40:26.436875213Z 64 PC: 12cc4 | Write file or device (See above)
2018-12-25T11:40:26.441179889Z 66 PC: 12c8f | Move file pointer (See above)
2018-12-25T11:40:26.442863706Z 64 PC: 12cc4 | Write file or device (See above)
2018-12-25T11:40:26.452100984Z 87 PC: 12c9f | Get or set file date and time (See above)
2018-12-25T11:40:26.454225529Z 62 PC: 12ca3 | Close file (See above)
2018-12-25T11:40:26.464154035Z 67 PC: 12cd8 | Get or set file attributes (See above)
2018-12-25T11:40:26.475486786Z 42 PC: 12a88 | Get date 0x12a88: cmp dh, 5
0x12a8b: je 0x12ad6
0x12a8d: cmp dl, 9
0x12a90: je 0x12ad6
0x12a92: mov dx, 0x80
0x12a95: cmp sp, 0x504b
0x12a99: je 0x12a9f
0x12a9b: call 0x12ad1
0x12a9e: ret
0x12a9f: pop es
0x12aa0: pop ds
0x12aa1: call 0x12ad1
0x12aa4: mov ax, es
0x12aa6: add ax, 0x10
0x12aa9: add word ptr cs:[bp + 0x17f], ax
0x12aae: add ax, word ptr cs:[bp + 0x183]
0x12ab3: cli
0x12ab4: mov sp, word ptr cs:[bp + 0x181]
0x12ab9: mov ss, ax
0x12abb: sti
2018-12-25T11:40:26.478335631Z 9 PC: 12ade | Display string (String= ' So Who`s the Best Then? ')
2018-12-25T11:40:26.483792721Z 10 PC: 12ae6 | Buffered keyboard input

{"DateBased":true,"Day":1,"Month":5,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":302,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:40:26.124037414Z 26 PC: 12ad5 | Set disk transfer address
2018-12-25T11:40:26.125665145Z 78 PC: 12b36 | Find first file
2018-12-25T11:40:26.131740112Z 78 PC: 12b36 | Find first file (See above)
2018-12-25T11:40:26.137696727Z 61 PC: 12ccd | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:40:26.149312166Z 63 PC: 12b48 | Read file or device (Read 26 bytes on handle 5)
2018-12-25T11:40:26.155365034Z 62 PC: 12b4c | Close file
2018-12-25T11:40:26.157506086Z 67 PC: 12cd8 | Get or set file attributes
2018-12-25T11:40:26.366468868Z 61 PC: 12ccd | Open file (See above)
2018-12-25T11:40:26.37283255Z 64 PC: 12cc4 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:40:26.376929542Z 66 PC: 12c8f | Move file pointer
2018-12-25T11:40:26.378418673Z 64 PC: 12cc4 | Write file or device (See above)
2018-12-25T11:40:26.387991147Z 87 PC: 12c9f | Get or set file date and time
2018-12-25T11:40:26.390994055Z 62 PC: 12ca3 | Close file
2018-12-25T11:40:26.398702441Z 67 PC: 12cd8 | Get or set file attributes (See above)
2018-12-25T11:40:26.409358113Z 79 PC: 12b36 | Find next file (See above)
2018-12-25T11:40:26.412103391Z 61 PC: 12ccd | Open file (See above)
2018-12-25T11:40:26.426285756Z 63 PC: 12b48 | Read file or device (See above)
2018-12-25T11:40:26.432829209Z 62 PC: 12b4c | Close file (See above)
2018-12-25T11:40:26.434975953Z 67 PC: 12cd8 | Get or set file attributes (See above)
2018-12-25T11:40:26.445872703Z 61 PC: 12ccd | Open file (See above)
2018-12-25T11:40:26.452625714Z 64 PC: 12cc4 | Write file or device (See above)
2018-12-25T11:40:26.455616721Z 66 PC: 12c8f | Move file pointer (See above)
2018-12-25T11:40:26.458319762Z 64 PC: 12cc4 | Write file or device (See above)
2018-12-25T11:40:26.466207658Z 87 PC: 12c9f | Get or set file date and time (See above)
2018-12-25T11:40:26.467623793Z 62 PC: 12ca3 | Close file (See above)
2018-12-25T11:40:26.476334596Z 67 PC: 12cd8 | Get or set file attributes (See above)
2018-12-25T11:40:26.486173859Z 79 PC: 12b36 | Find next file (See above)
2018-12-25T11:40:26.488669595Z 61 PC: 12ccd | Open file (See above)
2018-12-25T11:40:26.495540323Z 63 PC: 12b48 | Read file or device (See above)
2018-12-25T11:40:26.501712308Z 62 PC: 12b4c | Close file (See above)
2018-12-25T11:40:26.503561241Z 67 PC: 12cd8 | Get or set file attributes (See above)
2018-12-25T11:40:26.954832854Z 61 PC: 12ccd | Open file (See above)
2018-12-25T11:40:26.961406354Z 64 PC: 12cc4 | Write file or device (See above)
2018-12-25T11:40:26.964068684Z 66 PC: 12c8f | Move file pointer (See above)
2018-12-25T11:40:26.966070377Z 64 PC: 12cc4 | Write file or device (See above)
2018-12-25T11:40:27.293020333Z 87 PC: 12c9f | Get or set file date and time (See above)
2018-12-25T11:40:27.294453593Z 62 PC: 12ca3 | Close file (See above)
2018-12-25T11:40:27.467116795Z 67 PC: 12cd8 | Get or set file attributes (See above)
2018-12-25T11:40:27.478983001Z 42 PC: 12a88 | Get date 0x12a88: cmp dh, 5
0x12a8b: je 0x12ad6
0x12a8d: cmp dl, 9
0x12a90: je 0x12ad6
0x12a92: mov dx, 0x80
0x12a95: cmp sp, 0x504b
0x12a99: je 0x12a9f
0x12a9b: call 0x12ad1
0x12a9e: ret
0x12a9f: pop es
0x12aa0: pop ds
0x12aa1: call 0x12ad1
0x12aa4: mov ax, es
0x12aa6: add ax, 0x10
0x12aa9: add word ptr cs:[bp + 0x17f], ax
0x12aae: add ax, word ptr cs:[bp + 0x183]
0x12ab3: cli
0x12ab4: mov sp, word ptr cs:[bp + 0x181]
0x12ab9: mov ss, ax
0x12abb: sti
2018-12-25T11:40:27.481030235Z 9 PC: 12ade | Display string (String= ' So Who`s the Best Then? ')
2018-12-25T11:40:27.485542259Z 10 PC: 12ae6 | Buffered keyboard input