Sample viewer

vx.netlux.org/Virus.DOS.Wit.540

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:20:04.677040261Z 26 PC: 12a71 | Set disk transfer address
2018-12-17T22:20:04.679267229Z 71 PC: 12a83 | Get current directory
2018-12-17T22:20:04.68244777Z 42 PC: 12a88 | Get date 0x12a88: cmp al, 0
0x12a8a: jne 0x12a9f
0x12a8c: mov word ptr [0x153], 0
0x12a92: mov cx, 1
0x12a95: jcxz 0x12a99
0x12a97: jmp 0x12a9f
0x12a99: mov dx, 0x2e1
0x12a9c: call 0x12ac7
0x12a9f: cmp dh, 4
0x12aa2: jne 0x12ab8
0x12aa4: cmp dl, 0xf
0x12aa7: jne 0x12ab8
0x12aa9: mov ax, 0x1010
0x12aac: out 0x70, ax
0x12aae: mov dx, 0x2c3
0x12ab1: call 0x12ac7
0x12ab4: mov al, 0xfe
0x12ab6: out 0x64, al
0x12ab8: mov ah, byte ptr [bp + 5]
0x12abb: mov cl, 7
2018-12-17T22:20:04.684812566Z 78 PC: 12ac2 | Find first file
2018-12-17T22:20:04.691580537Z 67 PC: 12adb | Get or set file attributes
2018-12-17T22:20:04.69735745Z 67 PC: 12ae9 | Get or set file attributes
2018-12-17T22:20:04.722807542Z 61 PC: 12af1 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:20:04.731973273Z 87 PC: 12afe | Get or set file date and time
2018-12-17T22:20:04.733459462Z 63 PC: 12b18 | Read file or device (Read 588 bytes on handle 5)
2018-12-17T22:20:04.740259303Z 66 PC: 12b35 | Move file pointer
2018-12-17T22:20:04.742539424Z 66 PC: 12b51 | Move file pointer
2018-12-17T22:20:04.746559966Z 64 PC: 12b5c | Write file or device (Write 588 bytes on handle 5)
2018-12-17T22:20:04.754985791Z 66 PC: 12b67 | Move file pointer
2018-12-17T22:20:04.756567341Z 64 PC: 12b81 | Write file or device (Write 407 bytes on handle 5)
2018-12-17T22:20:04.76023913Z 87 PC: 12b90 | Get or set file date and time
2018-12-17T22:20:04.762024045Z 62 PC: 12b95 | Close file
2018-12-17T22:20:04.769906045Z 67 PC: 12ba4 | Get or set file attributes
2018-12-17T22:20:04.780774279Z 79 PC: 12ac2 | Find next file
2018-12-17T22:20:04.783341185Z 67 PC: 12adb | Get or set file attributes
2018-12-17T22:20:04.788818141Z 67 PC: 12ae9 | Get or set file attributes
2018-12-17T22:20:04.799724944Z 61 PC: 12af1 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:20:04.8066389Z 87 PC: 12afe | Get or set file date and time
2018-12-17T22:20:04.80811022Z 63 PC: 12b18 | Read file or device (Read 588 bytes on handle 5)
2018-12-17T22:20:04.814895804Z 66 PC: 12b35 | Move file pointer
2018-12-17T22:20:04.816547378Z 66 PC: 12b51 | Move file pointer
2018-12-17T22:20:04.817957259Z 64 PC: 12b5c | Write file or device (Write 588 bytes on handle 5)
2018-12-17T22:20:04.826868137Z 66 PC: 12b67 | Move file pointer
2018-12-17T22:20:04.829353226Z 64 PC: 12b81 | Write file or device (Write 27 bytes on handle 5)
2018-12-17T22:20:04.832273474Z 87 PC: 12b90 | Get or set file date and time
2018-12-17T22:20:04.835512555Z 62 PC: 12b95 | Close file
2018-12-17T22:20:04.843148931Z 67 PC: 12ba4 | Get or set file attributes
2018-12-17T22:20:04.853090932Z 79 PC: 12ac2 | Find next file
2018-12-17T22:20:04.856205525Z 67 PC: 12adb | Get or set file attributes
2018-12-17T22:20:04.872186955Z 67 PC: 12ae9 | Get or set file attributes
2018-12-17T22:20:04.881760027Z 61 PC: 12af1 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:20:04.888060041Z 87 PC: 12afe | Get or set file date and time
2018-12-17T22:20:04.8902787Z 63 PC: 12b18 | Read file or device (Read 588 bytes on handle 5)
2018-12-17T22:20:04.897249141Z 66 PC: 12b35 | Move file pointer
2018-12-17T22:20:04.899169256Z 66 PC: 12b51 | Move file pointer
2018-12-17T22:20:04.901014631Z 64 PC: 12b5c | Write file or device (Write 588 bytes on handle 5)
2018-12-17T22:20:04.909144692Z 66 PC: 12b67 | Move file pointer
2018-12-17T22:20:04.910898205Z 64 PC: 12b81 | Write file or device (Write 92 bytes on handle 5)
2018-12-17T22:20:04.914670473Z 87 PC: 12b90 | Get or set file date and time
2018-12-17T22:20:04.916468301Z 62 PC: 12b95 | Close file
2018-12-17T22:20:04.92411423Z 67 PC: 12ba4 | Get or set file attributes
2018-12-17T22:20:04.936168094Z 79 PC: 12ac2 | Find next file
2018-12-17T22:20:04.939443273Z 67 PC: 12adb | Get or set file attributes
2018-12-17T22:20:04.944916456Z 67 PC: 12ae9 | Get or set file attributes
2018-12-17T22:20:04.955240385Z 61 PC: 12af1 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:20:04.961759651Z 87 PC: 12afe | Get or set file date and time
2018-12-17T22:20:04.963079863Z 63 PC: 12b18 | Read file or device (Read 588 bytes on handle 5)
2018-12-17T22:20:04.970884088Z 66 PC: 12b35 | Move file pointer
2018-12-17T22:20:04.97237898Z 66 PC: 12b51 | Move file pointer
2018-12-17T22:20:04.973731443Z 64 PC: 12b5c | Write file or device (Write 588 bytes on handle 5)
2018-12-17T22:20:04.982465109Z 66 PC: 12b67 | Move file pointer
2018-12-17T22:20:04.984476333Z 64 PC: 12b81 | Write file or device (Write 29 bytes on handle 5)
2018-12-17T22:20:04.987337774Z 87 PC: 12b90 | Get or set file date and time
2018-12-17T22:20:04.989268907Z 62 PC: 12b95 | Close file
2018-12-17T22:20:04.997510873Z 67 PC: 12ba4 | Get or set file attributes
2018-12-17T22:20:05.003561598Z 79 PC: 12ac2 | Find next file
2018-12-17T22:20:05.005253479Z 67 PC: 12adb | Get or set file attributes
2018-12-17T22:20:05.010461754Z 67 PC: 12ae9 | Get or set file attributes
2018-12-17T22:20:05.019722311Z 61 PC: 12af1 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:20:05.026228775Z 87 PC: 12afe | Get or set file date and time
2018-12-17T22:20:05.028758957Z 63 PC: 12b18 | Read file or device (Read 588 bytes on handle 5)
2018-12-17T22:20:05.034776039Z 66 PC: 12b35 | Move file pointer
2018-12-17T22:20:05.036023014Z 66 PC: 12b51 | Move file pointer
2018-12-17T22:20:05.03761505Z 64 PC: 12b5c | Write file or device (Write 588 bytes on handle 5)
2018-12-17T22:20:05.054715458Z 66 PC: 12b67 | Move file pointer
2018-12-17T22:20:05.056394926Z 64 PC: 12b81 | Write file or device (Write 29 bytes on handle 5)
2018-12-17T22:20:05.059512714Z 87 PC: 12b90 | Get or set file date and time
2018-12-17T22:20:05.061148382Z 62 PC: 12b95 | Close file
2018-12-17T22:20:05.068440624Z 67 PC: 12ba4 | Get or set file attributes
2018-12-17T22:20:05.0786252Z 79 PC: 12ac2 | Find next file
2018-12-17T22:20:05.081013071Z 67 PC: 12adb | Get or set file attributes
2018-12-17T22:20:05.086412775Z 67 PC: 12ae9 | Get or set file attributes
2018-12-17T22:20:05.096055681Z 61 PC: 12af1 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:20:05.102720991Z 87 PC: 12afe | Get or set file date and time
2018-12-17T22:20:05.104354976Z 63 PC: 12b18 | Read file or device (Read 588 bytes on handle 5)
2018-12-17T22:20:05.111000278Z 66 PC: 12b35 | Move file pointer
2018-12-17T22:20:05.112268101Z 66 PC: 12b51 | Move file pointer
2018-12-17T22:20:05.113456744Z 64 PC: 12b5c | Write file or device (Write 588 bytes on handle 5)
2018-12-17T22:20:05.121652372Z 66 PC: 12b67 | Move file pointer
2018-12-17T22:20:05.123203167Z 64 PC: 12b81 | Write file or device (Write 501 bytes on handle 5)
2018-12-17T22:20:05.130899359Z 87 PC: 12b90 | Get or set file date and time
2018-12-17T22:20:05.132458953Z 62 PC: 12b95 | Close file
2018-12-17T22:20:05.140449023Z 67 PC: 12ba4 | Get or set file attributes
2018-12-17T22:20:05.149724747Z 79 PC: 12ac2 | Find next file
2018-12-17T22:20:05.152668714Z 67 PC: 12adb | Get or set file attributes
2018-12-17T22:20:05.158260636Z 67 PC: 12ae9 | Get or set file attributes
2018-12-17T22:20:05.167576768Z 61 PC: 12af1 | Open file (Filename = 'PAH.COM')
2018-12-17T22:20:05.174804718Z 87 PC: 12afe | Get or set file date and time
2018-12-17T22:20:05.176237048Z 63 PC: 12b18 | Read file or device (Read 588 bytes on handle 5)
2018-12-17T22:20:05.18300173Z 66 PC: 12b35 | Move file pointer
2018-12-17T22:20:05.189525326Z 66 PC: 12b51 | Move file pointer
2018-12-17T22:20:05.193001569Z 64 PC: 12b5c | Write file or device (Write 588 bytes on handle 5)
2018-12-17T22:20:05.200739954Z 66 PC: 12b67 | Move file pointer
2018-12-17T22:20:05.203646449Z 64 PC: 12b81 | Write file or device (Write 29 bytes on handle 5)
2018-12-17T22:20:05.206945088Z 87 PC: 12b90 | Get or set file date and time
2018-12-17T22:20:05.208707865Z 62 PC: 12b95 | Close file
2018-12-17T22:20:05.216756786Z 67 PC: 12ba4 | Get or set file attributes
2018-12-17T22:20:05.226719532Z 79 PC: 12ac2 | Find next file
2018-12-17T22:20:05.229201285Z 67 PC: 12adb | Get or set file attributes
2018-12-17T22:20:05.235592816Z 67 PC: 12ae9 | Get or set file attributes
2018-12-17T22:20:05.245193295Z 61 PC: 12af1 | Open file (Filename = 'TEST.COM')
2018-12-17T22:20:05.251727435Z 87 PC: 12afe | Get or set file date and time
2018-12-17T22:20:05.253374308Z 63 PC: 12b18 | Read file or device (Read 588 bytes on handle 5)
2018-12-17T22:20:05.260090245Z 87 PC: 12b90 | Get or set file date and time
2018-12-17T22:20:05.26176956Z 62 PC: 12b95 | Close file
2018-12-17T22:20:05.272296421Z 67 PC: 12ba4 | Get or set file attributes
2018-12-17T22:20:05.282250176Z 79 PC: 12ac2 | Find next file
2018-12-17T22:20:05.284382923Z 59 PC: 12bbf | Change current directory
2018-12-17T22:20:05.287862514Z 26 PC: 12bdb | Set disk transfer address
2018-12-17T22:20:05.28905976Z 59 PC: 12be6 | Change current directory

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":3478,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:49:16.553307309Z 26 PC: 12a71 | Set disk transfer address
2018-12-25T11:49:16.55459333Z 71 PC: 12a83 | Get current directory
2018-12-25T11:49:16.557242531Z 42 PC: 12a88 | Get date 0x12a88: cmp al, 0
0x12a8a: jne 0x12a9f
0x12a8c: mov word ptr [0x153], 0
0x12a92: mov cx, 1
0x12a95: jcxz 0x12a99
0x12a97: jmp 0x12a9f
0x12a99: mov dx, 0x2e1
0x12a9c: call 0x12ac7
0x12a9f: cmp dh, 4
0x12aa2: jne 0x12ab8
0x12aa4: cmp dl, 0xf
0x12aa7: jne 0x12ab8
0x12aa9: mov ax, 0x1010
0x12aac: out 0x70, ax
0x12aae: mov dx, 0x2c3
0x12ab1: call 0x12ac7
0x12ab4: mov al, 0xfe
0x12ab6: out 0x64, al
0x12ab8: mov ah, byte ptr [bp + 5]
0x12abb: mov cl, 7
2018-12-25T11:49:16.559250202Z 78 PC: 12ac2 | Find first file
2018-12-25T11:49:16.565497753Z 67 PC: 12adb | Get or set file attributes
2018-12-25T11:49:16.570873441Z 67 PC: 12ae9 | Get or set file attributes
2018-12-25T11:49:17.506455203Z 61 PC: 12af1 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:49:17.551065938Z 87 PC: 12afe | Get or set file date and time
2018-12-25T11:49:17.553395226Z 63 PC: 12b18 | Read file or device (Read 588 bytes on handle 5)
2018-12-25T11:49:17.560492259Z 66 PC: 12b35 | Move file pointer
2018-12-25T11:49:17.563140338Z 66 PC: 12b51 | Move file pointer
2018-12-25T11:49:17.565286951Z 64 PC: 12b5c | Write file or device (Write 588 bytes on handle 5)
2018-12-25T11:49:17.706454997Z 66 PC: 12b67 | Move file pointer
2018-12-25T11:49:17.707956198Z 64 PC: 12b81 | Write file or device (Write 407 bytes on handle 5)
2018-12-25T11:49:17.710771323Z 87 PC: 12b90 | Get or set file date and time
2018-12-25T11:49:17.712270191Z 62 PC: 12b95 | Close file
2018-12-25T11:49:17.778170687Z 67 PC: 12ba4 | Get or set file attributes
2018-12-25T11:49:17.788774528Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T11:49:17.791371374Z 67 PC: 12adb | Get or set file attributes (See above)
2018-12-25T11:49:17.796872908Z 67 PC: 12ae9 | Get or set file attributes (See above)
2018-12-25T11:49:17.806726813Z 61 PC: 12af1 | Open file (See above)
2018-12-25T11:49:17.813671008Z 87 PC: 12afe | Get or set file date and time (See above)
2018-12-25T11:49:17.815205688Z 63 PC: 12b18 | Read file or device (See above)
2018-12-25T11:49:17.822148439Z 66 PC: 12b35 | Move file pointer (See above)
2018-12-25T11:49:17.823569326Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T11:49:17.825124715Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T11:49:17.833373129Z 66 PC: 12b67 | Move file pointer (See above)
2018-12-25T11:49:17.834775921Z 64 PC: 12b81 | Write file or device (See above)
2018-12-25T11:49:17.837431535Z 87 PC: 12b90 | Get or set file date and time (See above)
2018-12-25T11:49:17.83978025Z 62 PC: 12b95 | Close file (See above)
2018-12-25T11:49:17.844782157Z 67 PC: 12ba4 | Get or set file attributes (See above)
2018-12-25T11:49:17.856882737Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T11:49:17.859807613Z 67 PC: 12adb | Get or set file attributes (See above)
2018-12-25T11:49:17.865183088Z 67 PC: 12ae9 | Get or set file attributes (See above)
2018-12-25T11:49:17.874831185Z 61 PC: 12af1 | Open file (See above)
2018-12-25T11:49:17.882681094Z 87 PC: 12afe | Get or set file date and time (See above)
2018-12-25T11:49:17.884794163Z 63 PC: 12b18 | Read file or device (See above)
2018-12-25T11:49:17.891438594Z 66 PC: 12b35 | Move file pointer (See above)
2018-12-25T11:49:17.893506203Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T11:49:17.894907236Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T11:49:17.902735179Z 66 PC: 12b67 | Move file pointer (See above)
2018-12-25T11:49:17.90415056Z 64 PC: 12b81 | Write file or device (See above)
2018-12-25T11:49:17.907411402Z 87 PC: 12b90 | Get or set file date and time (See above)
2018-12-25T11:49:17.908842953Z 62 PC: 12b95 | Close file (See above)
2018-12-25T11:49:17.91698519Z 67 PC: 12ba4 | Get or set file attributes (See above)
2018-12-25T11:49:17.927020465Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T11:49:17.929785329Z 67 PC: 12adb | Get or set file attributes (See above)
2018-12-25T11:49:17.935258332Z 67 PC: 12ae9 | Get or set file attributes (See above)
2018-12-25T11:49:17.945118755Z 61 PC: 12af1 | Open file (See above)
2018-12-25T11:49:17.951601669Z 87 PC: 12afe | Get or set file date and time (See above)
2018-12-25T11:49:17.953086039Z 63 PC: 12b18 | Read file or device (See above)
2018-12-25T11:49:17.959901022Z 66 PC: 12b35 | Move file pointer (See above)
2018-12-25T11:49:17.96118719Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T11:49:17.962754474Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T11:49:17.971527214Z 66 PC: 12b67 | Move file pointer (See above)
2018-12-25T11:49:17.972848576Z 64 PC: 12b81 | Write file or device (See above)
2018-12-25T11:49:17.974623225Z 87 PC: 12b90 | Get or set file date and time (See above)
2018-12-25T11:49:17.976161507Z 62 PC: 12b95 | Close file (See above)
2018-12-25T11:49:17.981557067Z 67 PC: 12ba4 | Get or set file attributes (See above)
2018-12-25T11:49:17.991127177Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T11:49:17.994386421Z 67 PC: 12adb | Get or set file attributes (See above)
2018-12-25T11:49:17.999880405Z 67 PC: 12ae9 | Get or set file attributes (See above)
2018-12-25T11:49:18.009435559Z 61 PC: 12af1 | Open file (See above)
2018-12-25T11:49:18.020446655Z 87 PC: 12afe | Get or set file date and time (See above)
2018-12-25T11:49:18.021681001Z 63 PC: 12b18 | Read file or device (See above)
2018-12-25T11:49:18.027702517Z 66 PC: 12b35 | Move file pointer (See above)
2018-12-25T11:49:18.029679159Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T11:49:18.031652896Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T11:49:18.039489254Z 66 PC: 12b67 | Move file pointer (See above)
2018-12-25T11:49:18.041848491Z 64 PC: 12b81 | Write file or device (See above)
2018-12-25T11:49:18.044694028Z 87 PC: 12b90 | Get or set file date and time (See above)
2018-12-25T11:49:18.046439621Z 62 PC: 12b95 | Close file (See above)
2018-12-25T11:49:18.055317865Z 67 PC: 12ba4 | Get or set file attributes (See above)
2018-12-25T11:49:18.065128486Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T11:49:18.067543164Z 67 PC: 12adb | Get or set file attributes (See above)
2018-12-25T11:49:18.0730704Z 67 PC: 12ae9 | Get or set file attributes (See above)
2018-12-25T11:49:18.082739677Z 61 PC: 12af1 | Open file (See above)
2018-12-25T11:49:18.089010008Z 87 PC: 12afe | Get or set file date and time (See above)
2018-12-25T11:49:18.090177436Z 63 PC: 12b18 | Read file or device (See above)
2018-12-25T11:49:18.096370245Z 66 PC: 12b35 | Move file pointer (See above)
2018-12-25T11:49:18.098026616Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T11:49:18.099296081Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T11:49:18.107285738Z 66 PC: 12b67 | Move file pointer (See above)
2018-12-25T11:49:18.108827216Z 64 PC: 12b81 | Write file or device (See above)
2018-12-25T11:49:18.117164958Z 87 PC: 12b90 | Get or set file date and time (See above)
2018-12-25T11:49:18.119270398Z 62 PC: 12b95 | Close file (See above)
2018-12-25T11:49:18.126791329Z 67 PC: 12ba4 | Get or set file attributes (See above)
2018-12-25T11:49:18.13641651Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T11:49:18.139337096Z 67 PC: 12adb | Get or set file attributes (See above)
2018-12-25T11:49:18.142798593Z 67 PC: 12ae9 | Get or set file attributes (See above)
2018-12-25T11:49:18.148680263Z 61 PC: 12af1 | Open file (See above)
2018-12-25T11:49:18.155889275Z 87 PC: 12afe | Get or set file date and time (See above)
2018-12-25T11:49:18.156867807Z 63 PC: 12b18 | Read file or device (See above)
2018-12-25T11:49:18.160736406Z 66 PC: 12b35 | Move file pointer (See above)
2018-12-25T11:49:18.162179336Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T11:49:18.163040879Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T11:49:18.16788421Z 66 PC: 12b67 | Move file pointer (See above)
2018-12-25T11:49:18.169484908Z 64 PC: 12b81 | Write file or device (See above)
2018-12-25T11:49:18.171864503Z 87 PC: 12b90 | Get or set file date and time (See above)
2018-12-25T11:49:18.173020713Z 62 PC: 12b95 | Close file (See above)
2018-12-25T11:49:18.18063341Z 67 PC: 12ba4 | Get or set file attributes (See above)
2018-12-25T11:49:18.189921179Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T11:49:18.19216227Z 67 PC: 12adb | Get or set file attributes (See above)
2018-12-25T11:49:18.197897449Z 67 PC: 12ae9 | Get or set file attributes (See above)
2018-12-25T11:49:18.207349738Z 61 PC: 12af1 | Open file (See above)
2018-12-25T11:49:18.213566327Z 87 PC: 12afe | Get or set file date and time (See above)
2018-12-25T11:49:18.214930318Z 63 PC: 12b18 | Read file or device (See above)
2018-12-25T11:49:18.221667085Z 87 PC: 12b90 | Get or set file date and time (See above)
2018-12-25T11:49:18.223108206Z 62 PC: 12b95 | Close file (See above)
2018-12-25T11:49:18.233087867Z 67 PC: 12ba4 | Get or set file attributes (See above)
2018-12-25T11:49:18.245568906Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T11:49:18.248181655Z 59 PC: 12bbf | Change current directory
2018-12-25T11:49:18.253069533Z 26 PC: 12bdb | Set disk transfer address
2018-12-25T11:49:18.254164172Z 59 PC: 12be6 | Change current directory

{"DateBased":true,"Day":6,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":3478,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T13:06:51.6149046Z 26 PC: 12a71 | Set disk transfer address
2018-12-25T13:06:51.616932714Z 71 PC: 12a83 | Get current directory
2018-12-25T13:06:51.620099999Z 42 PC: 12a88 | Get date 0x12a88: cmp al, 0
0x12a8a: jne 0x12a9f
0x12a8c: mov word ptr [0x153], 0
0x12a92: mov cx, 1
0x12a95: jcxz 0x12a99
0x12a97: jmp 0x12a9f
0x12a99: mov dx, 0x2e1
0x12a9c: call 0x12ac7
0x12a9f: cmp dh, 4
0x12aa2: jne 0x12ab8
0x12aa4: cmp dl, 0xf
0x12aa7: jne 0x12ab8
0x12aa9: mov ax, 0x1010
0x12aac: out 0x70, ax
0x12aae: mov dx, 0x2c3
0x12ab1: call 0x12ac7
0x12ab4: mov al, 0xfe
0x12ab6: out 0x64, al
0x12ab8: mov ah, byte ptr [bp + 5]
0x12abb: mov cl, 7
2018-12-25T13:06:51.622575163Z 9 PC: 12acb | Display string (String= '����� ��ᥫ��� �� 98% - 㡨��� ���� ������. ')
2018-12-25T13:06:51.634571175Z 8 PC: 12acf | Console input without echo

{"DateBased":true,"Day":1,"Month":4,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":3478,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:49:17.005804313Z 26 PC: 12a71 | Set disk transfer address
2018-12-25T11:49:17.00778328Z 71 PC: 12a83 | Get current directory
2018-12-25T11:49:17.01061279Z 42 PC: 12a88 | Get date 0x12a88: cmp al, 0
0x12a8a: jne 0x12a9f
0x12a8c: mov word ptr [0x153], 0
0x12a92: mov cx, 1
0x12a95: jcxz 0x12a99
0x12a97: jmp 0x12a9f
0x12a99: mov dx, 0x2e1
0x12a9c: call 0x12ac7
0x12a9f: cmp dh, 4
0x12aa2: jne 0x12ab8
0x12aa4: cmp dl, 0xf
0x12aa7: jne 0x12ab8
0x12aa9: mov ax, 0x1010
0x12aac: out 0x70, ax
0x12aae: mov dx, 0x2c3
0x12ab1: call 0x12ac7
0x12ab4: mov al, 0xfe
0x12ab6: out 0x64, al
0x12ab8: mov ah, byte ptr [bp + 5]
0x12abb: mov cl, 7
2018-12-25T11:49:17.012633968Z 78 PC: 12ac2 | Find first file
2018-12-25T11:49:17.019215915Z 67 PC: 12adb | Get or set file attributes
2018-12-25T11:49:17.024571834Z 67 PC: 12ae9 | Get or set file attributes
2018-12-25T11:49:17.777453077Z 61 PC: 12af1 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:49:17.789013791Z 87 PC: 12afe | Get or set file date and time
2018-12-25T11:49:17.79082108Z 63 PC: 12b18 | Read file or device (Read 588 bytes on handle 5)
2018-12-25T11:49:17.796936987Z 66 PC: 12b35 | Move file pointer
2018-12-25T11:49:17.798179897Z 66 PC: 12b51 | Move file pointer
2018-12-25T11:49:17.800198945Z 64 PC: 12b5c | Write file or device (Write 588 bytes on handle 5)
2018-12-25T11:49:17.807935095Z 66 PC: 12b67 | Move file pointer
2018-12-25T11:49:17.80936324Z 64 PC: 12b81 | Write file or device (Write 407 bytes on handle 5)
2018-12-25T11:49:17.812354386Z 87 PC: 12b90 | Get or set file date and time
2018-12-25T11:49:17.813654453Z 62 PC: 12b95 | Close file
2018-12-25T11:49:17.820956774Z 67 PC: 12ba4 | Get or set file attributes
2018-12-25T11:49:17.831157672Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T11:49:17.833717349Z 67 PC: 12adb | Get or set file attributes (See above)
2018-12-25T11:49:17.839205968Z 67 PC: 12ae9 | Get or set file attributes (See above)
2018-12-25T11:49:17.849387077Z 61 PC: 12af1 | Open file (See above)
2018-12-25T11:49:17.860861728Z 87 PC: 12afe | Get or set file date and time (See above)
2018-12-25T11:49:17.86202942Z 63 PC: 12b18 | Read file or device (See above)
2018-12-25T11:49:17.869075038Z 66 PC: 12b35 | Move file pointer (See above)
2018-12-25T11:49:17.870866949Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T11:49:17.872331361Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T11:49:17.88101077Z 66 PC: 12b67 | Move file pointer (See above)
2018-12-25T11:49:17.882413727Z 64 PC: 12b81 | Write file or device (See above)
2018-12-25T11:49:17.884918012Z 87 PC: 12b90 | Get or set file date and time (See above)
2018-12-25T11:49:17.886422716Z 62 PC: 12b95 | Close file (See above)
2018-12-25T11:49:17.894021615Z 67 PC: 12ba4 | Get or set file attributes (See above)
2018-12-25T11:49:17.903604652Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T11:49:17.906392099Z 67 PC: 12adb | Get or set file attributes (See above)
2018-12-25T11:49:17.911835234Z 67 PC: 12ae9 | Get or set file attributes (See above)
2018-12-25T11:49:17.921421848Z 61 PC: 12af1 | Open file (See above)
2018-12-25T11:49:17.927773726Z 87 PC: 12afe | Get or set file date and time (See above)
2018-12-25T11:49:17.929558258Z 63 PC: 12b18 | Read file or device (See above)
2018-12-25T11:49:17.935699911Z 66 PC: 12b35 | Move file pointer (See above)
2018-12-25T11:49:17.937019299Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T11:49:17.939285019Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T11:49:17.947058561Z 66 PC: 12b67 | Move file pointer (See above)
2018-12-25T11:49:17.948398681Z 64 PC: 12b81 | Write file or device (See above)
2018-12-25T11:49:17.951890584Z 87 PC: 12b90 | Get or set file date and time (See above)
2018-12-25T11:49:17.953327397Z 62 PC: 12b95 | Close file (See above)
2018-12-25T11:49:17.96037166Z 67 PC: 12ba4 | Get or set file attributes (See above)
2018-12-25T11:49:17.969909976Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T11:49:17.972718825Z 67 PC: 12adb | Get or set file attributes (See above)
2018-12-25T11:49:17.978094743Z 67 PC: 12ae9 | Get or set file attributes (See above)
2018-12-25T11:49:17.990795988Z 61 PC: 12af1 | Open file (See above)
2018-12-25T11:49:17.997486083Z 87 PC: 12afe | Get or set file date and time (See above)
2018-12-25T11:49:17.998838908Z 63 PC: 12b18 | Read file or device (See above)
2018-12-25T11:49:18.005740072Z 66 PC: 12b35 | Move file pointer (See above)
2018-12-25T11:49:18.007174193Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T11:49:18.008722799Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T11:49:18.017486485Z 66 PC: 12b67 | Move file pointer (See above)
2018-12-25T11:49:18.018997943Z 64 PC: 12b81 | Write file or device (See above)
2018-12-25T11:49:18.02162693Z 87 PC: 12b90 | Get or set file date and time (See above)
2018-12-25T11:49:18.023681595Z 62 PC: 12b95 | Close file (See above)
2018-12-25T11:49:18.031468725Z 67 PC: 12ba4 | Get or set file attributes (See above)
2018-12-25T11:49:18.041275496Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T11:49:18.044695895Z 67 PC: 12adb | Get or set file attributes (See above)
2018-12-25T11:49:18.050179677Z 67 PC: 12ae9 | Get or set file attributes (See above)
2018-12-25T11:49:18.059983591Z 61 PC: 12af1 | Open file (See above)
2018-12-25T11:49:18.066762495Z 87 PC: 12afe | Get or set file date and time (See above)
2018-12-25T11:49:18.068110961Z 63 PC: 12b18 | Read file or device (See above)
2018-12-25T11:49:18.07415911Z 66 PC: 12b35 | Move file pointer (See above)
2018-12-25T11:49:18.076374322Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T11:49:18.077768611Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T11:49:18.085446717Z 66 PC: 12b67 | Move file pointer (See above)
2018-12-25T11:49:18.087364958Z 64 PC: 12b81 | Write file or device (See above)
2018-12-25T11:49:18.090130458Z 87 PC: 12b90 | Get or set file date and time (See above)
2018-12-25T11:49:18.091537429Z 62 PC: 12b95 | Close file (See above)
2018-12-25T11:49:18.100466875Z 67 PC: 12ba4 | Get or set file attributes (See above)
2018-12-25T11:49:18.110478945Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T11:49:18.113082615Z 67 PC: 12adb | Get or set file attributes (See above)
2018-12-25T11:49:18.119971969Z 67 PC: 12ae9 | Get or set file attributes (See above)
2018-12-25T11:49:18.129494124Z 61 PC: 12af1 | Open file (See above)
2018-12-25T11:49:18.135984489Z 87 PC: 12afe | Get or set file date and time (See above)
2018-12-25T11:49:18.137863177Z 63 PC: 12b18 | Read file or device (See above)
2018-12-25T11:49:18.144006124Z 66 PC: 12b35 | Move file pointer (See above)
2018-12-25T11:49:18.145308441Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T11:49:18.147099062Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T11:49:18.154844072Z 66 PC: 12b67 | Move file pointer (See above)
2018-12-25T11:49:18.156288499Z 64 PC: 12b81 | Write file or device (See above)
2018-12-25T11:49:18.164387074Z 87 PC: 12b90 | Get or set file date and time (See above)
2018-12-25T11:49:18.165858061Z 62 PC: 12b95 | Close file (See above)
2018-12-25T11:49:18.173210831Z 67 PC: 12ba4 | Get or set file attributes (See above)
2018-12-25T11:49:18.183587529Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T11:49:18.186040066Z 67 PC: 12adb | Get or set file attributes (See above)
2018-12-25T11:49:18.191532561Z 67 PC: 12ae9 | Get or set file attributes (See above)
2018-12-25T11:49:18.201436608Z 61 PC: 12af1 | Open file (See above)
2018-12-25T11:49:18.20783565Z 87 PC: 12afe | Get or set file date and time (See above)
2018-12-25T11:49:18.209145835Z 63 PC: 12b18 | Read file or device (See above)
2018-12-25T11:49:18.216261036Z 66 PC: 12b35 | Move file pointer (See above)
2018-12-25T11:49:18.217824105Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T11:49:18.21933615Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T11:49:18.22821326Z 66 PC: 12b67 | Move file pointer (See above)
2018-12-25T11:49:18.229854644Z 64 PC: 12b81 | Write file or device (See above)
2018-12-25T11:49:18.232646697Z 87 PC: 12b90 | Get or set file date and time (See above)
2018-12-25T11:49:18.235679628Z 62 PC: 12b95 | Close file (See above)
2018-12-25T11:49:18.24322739Z 67 PC: 12ba4 | Get or set file attributes (See above)
2018-12-25T11:49:18.255472822Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T11:49:18.259485176Z 67 PC: 12adb | Get or set file attributes (See above)
2018-12-25T11:49:18.264980505Z 67 PC: 12ae9 | Get or set file attributes (See above)
2018-12-25T11:49:18.274433105Z 61 PC: 12af1 | Open file (See above)
2018-12-25T11:49:18.282581463Z 87 PC: 12afe | Get or set file date and time (See above)
2018-12-25T11:49:18.284059052Z 63 PC: 12b18 | Read file or device (See above)
2018-12-25T11:49:18.29108508Z 87 PC: 12b90 | Get or set file date and time (See above)
2018-12-25T11:49:18.293307672Z 62 PC: 12b95 | Close file (See above)
2018-12-25T11:49:18.300784366Z 67 PC: 12ba4 | Get or set file attributes (See above)
2018-12-25T11:49:18.313456729Z 79 PC: 12ac2 | Find next file (See above)
2018-12-25T11:49:18.316408074Z 59 PC: 12bbf | Change current directory
2018-12-25T11:49:18.320641155Z 26 PC: 12bdb | Set disk transfer address
2018-12-25T11:49:18.321703065Z 59 PC: 12be6 | Change current directory

{"DateBased":true,"Day":15,"Month":4,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":3478,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:49:17.363710547Z 26 PC: 12a71 | Set disk transfer address
2018-12-25T11:49:17.365242686Z 71 PC: 12a83 | Get current directory
2018-12-25T11:49:17.369285431Z 42 PC: 12a88 | Get date 0x12a88: cmp al, 0
0x12a8a: jne 0x12a9f
0x12a8c: mov word ptr [0x153], 0
0x12a92: mov cx, 1
0x12a95: jcxz 0x12a99
0x12a97: jmp 0x12a9f
0x12a99: mov dx, 0x2e1
0x12a9c: call 0x12ac7
0x12a9f: cmp dh, 4
0x12aa2: jne 0x12ab8
0x12aa4: cmp dl, 0xf
0x12aa7: jne 0x12ab8
0x12aa9: mov ax, 0x1010
0x12aac: out 0x70, ax
0x12aae: mov dx, 0x2c3
0x12ab1: call 0x12ac7
0x12ab4: mov al, 0xfe
0x12ab6: out 0x64, al
0x12ab8: mov ah, byte ptr [bp + 5]
0x12abb: mov cl, 7
2018-12-25T11:49:17.37165239Z 9 PC: 12acb | Display string (String= '��ࠡ���� - rulez forever ! ')
2018-12-25T11:49:17.375809487Z 8 PC: 12acf | Console input without echo