{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":3992,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:50:39.153970252Z | 78 | PC: 12aa3 | Find first file |
| 2018-12-25T11:50:39.16002911Z | 67 | PC: 12ab1 | Get or set file attributes |
| 2018-12-25T11:50:39.165282091Z | 67 | PC: 12abb | Get or set file attributes |
| 2018-12-25T11:50:40.618957203Z | 61 | PC: 12ac3 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T11:50:40.627781142Z | 87 | PC: 12ad0 | Get or set file date and time |
| 2018-12-25T11:50:40.629176067Z | 66 | PC: 12adb | Move file pointer |
| 2018-12-25T11:50:40.630617733Z | 63 | PC: 12ae7 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T11:50:40.636157124Z | 66 | PC: 12af0 | Move file pointer |
| 2018-12-25T11:50:40.637685145Z | 66 | PC: 12b16 | Move file pointer |
| 2018-12-25T11:50:40.638855052Z | 64 | PC: 12b22 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T11:50:40.641445348Z | 66 | PC: 12b2b | Move file pointer |
| 2018-12-25T11:50:40.642949406Z | 64 | PC: 12b53 | Write file or device (Write 398 bytes on handle 5) |
| 2018-12-25T11:50:40.6886353Z | 87 | PC: 12b77 | Get or set file date and time |
| 2018-12-25T11:50:40.690004584Z | 62 | PC: 12b7b | Close file |
| 2018-12-25T11:50:40.739763513Z | 79 | PC: 12b7f | Find next file |
| 2018-12-25T11:50:40.74305671Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:40.748477499Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:40.799891012Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:40.806516988Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:40.807995594Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:40.810315555Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:40.817152676Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:40.818453737Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:40.820851625Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:40.823796434Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:40.825552842Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:40.832969463Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:40.834434865Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:40.899359619Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:40.901601582Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:40.907472069Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:40.975889034Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:40.982692511Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:40.984033644Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:40.985850732Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:40.992743039Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:40.994038318Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:40.995251328Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:41.014487396Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:41.01583801Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:41.018376315Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:41.02028601Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:41.101380809Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:41.103885123Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:41.109889248Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:41.208588595Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:41.220639719Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:41.222323373Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:41.223589402Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:41.229691581Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:41.23128819Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:41.232653772Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:41.235067236Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:41.236729509Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:41.2392688Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:41.240579049Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:41.34565078Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:41.349148873Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:41.355485266Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:41.479453398Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:41.486183754Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:41.487444225Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:41.489955583Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:41.496410878Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:41.497710788Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:41.499095763Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:41.501964624Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:41.503301839Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:41.50609073Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:41.507990795Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:41.601225185Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:41.604483598Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:41.610315718Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:41.698918337Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:41.70631028Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:41.707922887Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:41.709224028Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:41.715453228Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:41.716887009Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:41.718563776Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:41.721152871Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:41.722881608Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:41.838086381Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:41.840049486Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:41.94175809Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:41.944341547Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:41.950127513Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:42.123145691Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:42.129872961Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:42.13186611Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:42.134594237Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:42.141186439Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:42.142911612Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:42.144972993Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:42.14758763Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:42.149348905Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:42.153369156Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:42.155150121Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:42.359002353Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:42.362408835Z | 42 | PC: 12b88 | Get date 0x12b88: cmp cx, 0x7c8 0x12b8c: jl 0x12b9d 0x12b8e: cmp dx, 0x90a 0x12b92: jl 0x12b9d 0x12b94: mov ah, 9 0x12b96: mov dx, 0x269 0x12b99: add dx, si 0x12b9b: int 0x21 0x12b9d: mov bp, 0x100 0x12ba0: jmp bp 0x12ba2: add byte ptr [bp + si], ch 0x12ba4: arpl word ptr cs:[bx + 0x6d], bp 0x12ba8: add byte ptr [bx + si], ah 0x12baa: sub ax, 0x2b3d 0x12bad: and byte ptr [bp + di + 0x6f], cl 0x12bb0: xor al, 0x20 0x12bb4: sub di, word ptr [di] 0x12bb6: sub ax, 0x202c 0x12bb9: push sp 0x12bba: push 0x2065 |
{"DateBased":true,"Day":1,"Month":1,"Year":1992,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":3992,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:50:43.055350619Z | 78 | PC: 12aa3 | Find first file |
| 2018-12-25T11:50:43.0623493Z | 67 | PC: 12ab1 | Get or set file attributes |
| 2018-12-25T11:50:43.069005956Z | 67 | PC: 12abb | Get or set file attributes |
| 2018-12-25T11:50:43.625270993Z | 61 | PC: 12ac3 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T11:50:43.633279249Z | 87 | PC: 12ad0 | Get or set file date and time |
| 2018-12-25T11:50:43.63555421Z | 66 | PC: 12adb | Move file pointer |
| 2018-12-25T11:50:43.637216729Z | 63 | PC: 12ae7 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T11:50:43.644333747Z | 66 | PC: 12af0 | Move file pointer |
| 2018-12-25T11:50:43.646894363Z | 66 | PC: 12b16 | Move file pointer |
| 2018-12-25T11:50:43.648332733Z | 64 | PC: 12b22 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T11:50:43.65196075Z | 66 | PC: 12b2b | Move file pointer |
| 2018-12-25T11:50:43.654021863Z | 64 | PC: 12b53 | Write file or device (Write 398 bytes on handle 5) |
| 2018-12-25T11:50:43.663050196Z | 87 | PC: 12b77 | Get or set file date and time |
| 2018-12-25T11:50:43.66470148Z | 62 | PC: 12b7b | Close file |
| 2018-12-25T11:50:43.672923726Z | 79 | PC: 12b7f | Find next file |
| 2018-12-25T11:50:43.676325925Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:43.682324859Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:43.692681977Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:43.700387164Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:43.702038928Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:43.70363342Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:43.711216172Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:43.712651147Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:43.713885972Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:43.726501699Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:43.72829956Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:43.731291933Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:43.733607213Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:43.741791357Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:43.744527807Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:43.751408003Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:43.762335719Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:43.776701682Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:43.778437297Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:43.780488863Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:43.787812162Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:43.79059795Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:43.792971792Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:43.795863797Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:43.79749917Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:43.80116021Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:43.80308414Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:43.811680704Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:43.816091983Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:43.822824934Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:43.831599997Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:43.839354422Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:43.840890538Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:43.842284285Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:43.849094735Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:43.850810659Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:43.864442505Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:43.86813161Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:43.869984544Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:43.873019418Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:43.874752313Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:43.883672595Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:43.886757112Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:43.892981504Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:43.90445089Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:43.911894977Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:43.91329337Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:43.915556389Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:43.923029805Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:43.924599112Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:43.926950211Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:43.930186947Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:43.932183786Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:43.936517912Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:43.938566108Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:43.947322102Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:43.950496313Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:43.958325301Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:43.969485092Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:43.977268452Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:43.980424034Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:43.982261111Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:43.989895784Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:43.992682689Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:43.994352614Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:43.997565621Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:44.000306876Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:44.009808302Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:44.01165028Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:44.020133202Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:44.023707374Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:44.029902522Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:44.04055125Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:44.048555585Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:44.050553124Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:44.05246938Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:44.061039156Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:44.063279371Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:44.065231398Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:44.06892925Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:44.070645532Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:44.073670863Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:44.075525692Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:44.084378586Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:44.087142131Z | 42 | PC: 12b88 | Get date 0x12b88: cmp cx, 0x7c8 0x12b8c: jl 0x12b9d 0x12b8e: cmp dx, 0x90a 0x12b92: jl 0x12b9d 0x12b94: mov ah, 9 0x12b96: mov dx, 0x269 0x12b99: add dx, si 0x12b9b: int 0x21 0x12b9d: mov bp, 0x100 0x12ba0: jmp bp 0x12ba2: add byte ptr [bp + si], ch 0x12ba4: arpl word ptr cs:[bx + 0x6d], bp 0x12ba8: add byte ptr [bx + si], ah 0x12baa: sub ax, 0x2b3d 0x12bad: and byte ptr [bp + di + 0x6f], cl 0x12bb0: xor al, 0x20 0x12bb4: sub di, word ptr [di] 0x12bb6: sub ax, 0x202c 0x12bb9: push sp 0x12bba: push 0x2065 |
{"DateBased":true,"Day":10,"Month":9,"Year":1992,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":3992,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:50:45.48770052Z | 78 | PC: 12aa3 | Find first file |
| 2018-12-25T11:50:45.498510805Z | 67 | PC: 12ab1 | Get or set file attributes |
| 2018-12-25T11:50:45.518310451Z | 67 | PC: 12abb | Get or set file attributes |
| 2018-12-25T11:50:45.536986154Z | 61 | PC: 12ac3 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T11:50:45.54492593Z | 87 | PC: 12ad0 | Get or set file date and time |
| 2018-12-25T11:50:45.547208492Z | 66 | PC: 12adb | Move file pointer |
| 2018-12-25T11:50:45.549026703Z | 63 | PC: 12ae7 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T11:50:45.556174281Z | 66 | PC: 12af0 | Move file pointer |
| 2018-12-25T11:50:45.558850228Z | 66 | PC: 12b16 | Move file pointer |
| 2018-12-25T11:50:45.560326396Z | 64 | PC: 12b22 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T11:50:45.563030507Z | 66 | PC: 12b2b | Move file pointer |
| 2018-12-25T11:50:45.564897557Z | 64 | PC: 12b53 | Write file or device (Write 398 bytes on handle 5) |
| 2018-12-25T11:50:45.574101804Z | 87 | PC: 12b77 | Get or set file date and time |
| 2018-12-25T11:50:45.575713098Z | 62 | PC: 12b7b | Close file |
| 2018-12-25T11:50:45.584360152Z | 79 | PC: 12b7f | Find next file |
| 2018-12-25T11:50:45.587513392Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:45.593929223Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:45.605047987Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:45.612164659Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:45.613645291Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:45.615628947Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:45.623766683Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:45.626281942Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:45.630191679Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:45.633432675Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:45.634709179Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:45.637594592Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:45.64077574Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:45.649505113Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:45.653216561Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:45.672682446Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:45.683601199Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:45.690888081Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:45.693425686Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:45.694837903Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:45.701700074Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:45.703903028Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:45.705725561Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:45.7089866Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:45.713092477Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:45.71642935Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:45.718415657Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:45.727711668Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:45.731028078Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:45.737532279Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:45.748643082Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:45.756387717Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:45.75855254Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:45.760099668Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:45.767869831Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:45.769616907Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:45.77120944Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:45.775192441Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:45.780432911Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:45.784781201Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:45.787394063Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:45.796115576Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:45.799073646Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:45.805671409Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:45.817254282Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:45.825003653Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:45.827087838Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:45.829148415Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:45.836571078Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:45.838256456Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:45.84230543Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:45.84531636Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:45.846760068Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:45.850206204Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:45.851734055Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:45.859631295Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:45.862857863Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:45.86966113Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:45.880315198Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:45.888126979Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:45.889938499Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:45.891670392Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:45.899647173Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:45.90139619Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:45.903060988Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:45.907105634Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:45.90882519Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:45.917952254Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:45.920541513Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:45.930730422Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:45.934637421Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:45.941394529Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:45.95225398Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:45.96033511Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:45.962639211Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:45.964363047Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:45.971689169Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:45.973890843Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:45.976531429Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:45.979722953Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:45.981659829Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:45.985912514Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:45.987887964Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:45.99619489Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:45.999378641Z | 42 | PC: 12b88 | Get date 0x12b88: cmp cx, 0x7c8 0x12b8c: jl 0x12b9d 0x12b8e: cmp dx, 0x90a 0x12b92: jl 0x12b9d 0x12b94: mov ah, 9 0x12b96: mov dx, 0x269 0x12b99: add dx, si 0x12b9b: int 0x21 0x12b9d: mov bp, 0x100 0x12ba0: jmp bp 0x12ba2: add byte ptr [bp + si], ch 0x12ba4: arpl word ptr cs:[bx + 0x6d], bp 0x12ba8: add byte ptr [bx + si], ah 0x12baa: sub ax, 0x2b3d 0x12bad: and byte ptr [bp + di + 0x6f], cl 0x12bb0: xor al, 0x20 0x12bb4: sub di, word ptr [di] 0x12bb6: sub ax, 0x202c 0x12bb9: push sp 0x12bba: push 0x2065 |
| 2018-12-25T11:50:46.001823843Z | 9 | PC: 12b9d | Display string (String= ' -=+ Kode4 +=-, The one and ONLY!') |
{"DateBased":true,"Day":1,"Month":1,"Year":1992,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":3992,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:50:45.731981956Z | 78 | PC: 12aa3 | Find first file |
| 2018-12-25T11:50:45.736270495Z | 67 | PC: 12ab1 | Get or set file attributes |
| 2018-12-25T11:50:45.739943532Z | 67 | PC: 12abb | Get or set file attributes |
| 2018-12-25T11:50:45.754202372Z | 61 | PC: 12ac3 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T11:50:45.761316457Z | 87 | PC: 12ad0 | Get or set file date and time |
| 2018-12-25T11:50:45.762703039Z | 66 | PC: 12adb | Move file pointer |
| 2018-12-25T11:50:45.763732268Z | 63 | PC: 12ae7 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T11:50:45.767671472Z | 66 | PC: 12af0 | Move file pointer |
| 2018-12-25T11:50:45.769151014Z | 66 | PC: 12b16 | Move file pointer |
| 2018-12-25T11:50:45.770150329Z | 64 | PC: 12b22 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T11:50:45.77200421Z | 66 | PC: 12b2b | Move file pointer |
| 2018-12-25T11:50:45.773737117Z | 64 | PC: 12b53 | Write file or device (Write 398 bytes on handle 5) |
| 2018-12-25T11:50:45.782425976Z | 87 | PC: 12b77 | Get or set file date and time |
| 2018-12-25T11:50:45.78399322Z | 62 | PC: 12b7b | Close file |
| 2018-12-25T11:50:45.805034162Z | 79 | PC: 12b7f | Find next file |
| 2018-12-25T11:50:45.807524862Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:45.812982534Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:45.823343569Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:45.829837752Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:45.83113457Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:45.832948198Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:45.839506636Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:45.840702441Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:45.842449128Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:45.844904998Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:45.846146056Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:45.849092177Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:45.851383657Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:45.85884051Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:45.861946522Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:45.868118786Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:45.877943014Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:45.884825326Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:45.887331731Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:45.888657853Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:45.894842338Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:45.89723222Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:45.898605108Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:45.901097262Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:45.902980846Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:45.905566056Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:45.906937142Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:45.915110305Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:45.917832077Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:45.923582538Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:45.935734024Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:45.944158271Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:45.945466768Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:45.947303591Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:45.953446552Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:45.954715624Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:45.956322547Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:45.959039192Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:45.960315546Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:45.96418639Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:45.965693621Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:45.973348097Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:45.976064012Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:45.987526894Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:45.997334458Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:46.004161405Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:46.00618083Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:46.007767277Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:46.01421565Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:46.016178085Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:46.017367034Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:46.020030074Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:46.022164225Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:46.025086179Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:46.026780242Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:46.035122247Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:46.037938814Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:46.044226426Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:46.055770333Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:46.062209971Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:46.063504562Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:46.065572577Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:46.07183812Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:46.073389927Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:46.075858975Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:46.078914888Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:46.080550705Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:46.088967481Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:46.09040119Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:46.097808755Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:46.10076801Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:46.114986032Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:46.125109879Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:46.132893876Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:46.134491399Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:46.136011674Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:46.14308398Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:46.144419751Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:46.145654633Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:46.148918848Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:46.150366908Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:46.153269195Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:46.155451561Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:46.162598016Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:46.165022206Z | 42 | PC: 12b88 | Get date 0x12b88: cmp cx, 0x7c8 0x12b8c: jl 0x12b9d 0x12b8e: cmp dx, 0x90a 0x12b92: jl 0x12b9d 0x12b94: mov ah, 9 0x12b96: mov dx, 0x269 0x12b99: add dx, si 0x12b9b: int 0x21 0x12b9d: mov bp, 0x100 0x12ba0: jmp bp 0x12ba2: add byte ptr [bp + si], ch 0x12ba4: arpl word ptr cs:[bx + 0x6d], bp 0x12ba8: add byte ptr [bx + si], ah 0x12baa: sub ax, 0x2b3d 0x12bad: and byte ptr [bp + di + 0x6f], cl 0x12bb0: xor al, 0x20 0x12bb4: sub di, word ptr [di] 0x12bb6: sub ax, 0x202c 0x12bb9: push sp 0x12bba: push 0x2065 |
{"DateBased":true,"Day":10,"Month":9,"Year":1992,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":3992,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:50:46.084293906Z | 78 | PC: 12aa3 | Find first file |
| 2018-12-25T11:50:46.091346144Z | 67 | PC: 12ab1 | Get or set file attributes |
| 2018-12-25T11:50:46.09708371Z | 67 | PC: 12abb | Get or set file attributes |
| 2018-12-25T11:50:46.1125363Z | 61 | PC: 12ac3 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T11:50:46.119691727Z | 87 | PC: 12ad0 | Get or set file date and time |
| 2018-12-25T11:50:46.12149115Z | 66 | PC: 12adb | Move file pointer |
| 2018-12-25T11:50:46.122800988Z | 63 | PC: 12ae7 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T11:50:46.129806973Z | 66 | PC: 12af0 | Move file pointer |
| 2018-12-25T11:50:46.13199067Z | 66 | PC: 12b16 | Move file pointer |
| 2018-12-25T11:50:46.133363317Z | 64 | PC: 12b22 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T11:50:46.136008508Z | 66 | PC: 12b2b | Move file pointer |
| 2018-12-25T11:50:46.138672506Z | 64 | PC: 12b53 | Write file or device (Write 398 bytes on handle 5) |
| 2018-12-25T11:50:46.147018352Z | 87 | PC: 12b77 | Get or set file date and time |
| 2018-12-25T11:50:46.148530693Z | 62 | PC: 12b7b | Close file |
| 2018-12-25T11:50:46.163204787Z | 79 | PC: 12b7f | Find next file |
| 2018-12-25T11:50:46.165926486Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:46.171611183Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:46.181904742Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:46.188332732Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:46.190655522Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:46.194694853Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:46.200956748Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:46.202331777Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:46.204588112Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:46.207774005Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:46.209170398Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:46.212076618Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:46.214173482Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:46.222692441Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:46.238379074Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:46.24395163Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:46.253468048Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:46.260831626Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:46.262287252Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:46.263791612Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:46.270184071Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:46.27253417Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:46.273957824Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:46.276637701Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:46.278792751Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:46.281769603Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:46.283500162Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:46.291715378Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:46.294554264Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:46.305442072Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:46.315495206Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:46.322823595Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:46.324334522Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:46.32617906Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:46.332357962Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:46.333680627Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:46.335467447Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:46.338106251Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:46.339647514Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:46.343569746Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:46.345033384Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:46.352356098Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:46.355788418Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:46.361264736Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:46.373551517Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:46.380844189Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:46.382493775Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:46.384011187Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:46.390770301Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:46.392217116Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:46.393505107Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:46.396811853Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:46.398898794Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:46.401887719Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:46.403870223Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:46.412004785Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:46.414929174Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:46.420780472Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:46.431929388Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:46.43939153Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:46.441077284Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:46.443722805Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:46.450264581Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:46.451966505Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:46.454552656Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:46.457502439Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:46.459005241Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:46.467455535Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:46.468937599Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:46.4765622Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:46.480084475Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:46.485590873Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:46.495226399Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:46.502798496Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:46.504137735Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:46.505423745Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:46.512120533Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:46.513476377Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:46.514800042Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:46.517984891Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:46.519391729Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:46.52210914Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:46.524476387Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:46.531591288Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:46.533891368Z | 42 | PC: 12b88 | Get date 0x12b88: cmp cx, 0x7c8 0x12b8c: jl 0x12b9d 0x12b8e: cmp dx, 0x90a 0x12b92: jl 0x12b9d 0x12b94: mov ah, 9 0x12b96: mov dx, 0x269 0x12b99: add dx, si 0x12b9b: int 0x21 0x12b9d: mov bp, 0x100 0x12ba0: jmp bp 0x12ba2: add byte ptr [bp + si], ch 0x12ba4: arpl word ptr cs:[bx + 0x6d], bp 0x12ba8: add byte ptr [bx + si], ah 0x12baa: sub ax, 0x2b3d 0x12bad: and byte ptr [bp + di + 0x6f], cl 0x12bb0: xor al, 0x20 0x12bb4: sub di, word ptr [di] 0x12bb6: sub ax, 0x202c 0x12bb9: push sp 0x12bba: push 0x2065 |
| 2018-12-25T11:50:46.536347627Z | 9 | PC: 12b9d | Display string (String= ' -=+ Kode4 +=-, The one and ONLY!') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":3992,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:50:46.097970253Z | 78 | PC: 12aa3 | Find first file |
| 2018-12-25T11:50:46.105595251Z | 67 | PC: 12ab1 | Get or set file attributes |
| 2018-12-25T11:50:46.112200956Z | 67 | PC: 12abb | Get or set file attributes |
| 2018-12-25T11:50:46.13277799Z | 61 | PC: 12ac3 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T11:50:46.148996426Z | 87 | PC: 12ad0 | Get or set file date and time |
| 2018-12-25T11:50:46.150485041Z | 66 | PC: 12adb | Move file pointer |
| 2018-12-25T11:50:46.151925841Z | 63 | PC: 12ae7 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T11:50:46.158886923Z | 66 | PC: 12af0 | Move file pointer |
| 2018-12-25T11:50:46.161658409Z | 66 | PC: 12b16 | Move file pointer |
| 2018-12-25T11:50:46.164022579Z | 64 | PC: 12b22 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T11:50:46.166979758Z | 66 | PC: 12b2b | Move file pointer |
| 2018-12-25T11:50:46.169578238Z | 64 | PC: 12b53 | Write file or device (Write 398 bytes on handle 5) |
| 2018-12-25T11:50:46.17867926Z | 87 | PC: 12b77 | Get or set file date and time |
| 2018-12-25T11:50:46.180480066Z | 62 | PC: 12b7b | Close file |
| 2018-12-25T11:50:46.190573748Z | 79 | PC: 12b7f | Find next file |
| 2018-12-25T11:50:46.193931177Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:46.200817761Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:46.212338701Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:46.220771073Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:46.222736294Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:46.224666786Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:46.23340015Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:46.244819186Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:46.246279547Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:46.24968231Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:46.251427866Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:46.254471291Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:46.256692352Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:46.265014456Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:46.26801329Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:46.276143877Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:46.287625768Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:46.296414917Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:46.299411747Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:46.301637194Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:46.308943518Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:46.310665832Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:46.313266435Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:46.316388308Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:46.31813609Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:46.329120555Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:46.331127593Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:46.339634783Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:46.343631255Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:46.350096321Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:46.361248605Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:46.369836026Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:46.372157014Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:46.374982831Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:46.382734319Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:46.3856686Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:46.387614764Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:46.390499418Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:46.393170152Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:46.39625959Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:46.397967466Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:46.406913017Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:46.410152723Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:46.416908722Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:46.428692017Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:46.436553181Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:46.438518004Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:46.440642144Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:46.449329222Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:46.450984307Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:46.452799506Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:46.456984068Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:46.460588117Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:46.46367472Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:46.466199843Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:46.474893259Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:46.479412065Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:46.487686154Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:46.499539642Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:46.512376768Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:46.514850478Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:46.517711104Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:46.527083084Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:46.529005227Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:46.531105214Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:46.534512369Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:46.536551361Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:46.554299911Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:46.557186713Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:46.566323488Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:46.57038748Z | 67 | PC: 12ab1 | Get or set file attributes (See above) |
| 2018-12-25T11:50:46.576750784Z | 67 | PC: 12abb | Get or set file attributes (See above) |
| 2018-12-25T11:50:46.587920999Z | 61 | PC: 12ac3 | Open file (See above) |
| 2018-12-25T11:50:46.608707132Z | 87 | PC: 12ad0 | Get or set file date and time (See above) |
| 2018-12-25T11:50:46.610357465Z | 66 | PC: 12adb | Move file pointer (See above) |
| 2018-12-25T11:50:46.611952546Z | 63 | PC: 12ae7 | Read file or device (See above) |
| 2018-12-25T11:50:46.619845919Z | 66 | PC: 12af0 | Move file pointer (See above) |
| 2018-12-25T11:50:46.621478907Z | 66 | PC: 12b16 | Move file pointer (See above) |
| 2018-12-25T11:50:46.623026877Z | 64 | PC: 12b22 | Write file or device (See above) |
| 2018-12-25T11:50:46.62674408Z | 66 | PC: 12b2b | Move file pointer (See above) |
| 2018-12-25T11:50:46.628405353Z | 64 | PC: 12b53 | Write file or device (See above) |
| 2018-12-25T11:50:46.63142053Z | 87 | PC: 12b77 | Get or set file date and time (See above) |
| 2018-12-25T11:50:46.633060654Z | 62 | PC: 12b7b | Close file (See above) |
| 2018-12-25T11:50:46.64306562Z | 79 | PC: 12b7f | Find next file (See above) |
| 2018-12-25T11:50:46.64628815Z | 42 | PC: 12b88 | Get date 0x12b88: cmp cx, 0x7c8 0x12b8c: jl 0x12b9d 0x12b8e: cmp dx, 0x90a 0x12b92: jl 0x12b9d 0x12b94: mov ah, 9 0x12b96: mov dx, 0x269 0x12b99: add dx, si 0x12b9b: int 0x21 0x12b9d: mov bp, 0x100 0x12ba0: jmp bp 0x12ba2: add byte ptr [bp + si], ch 0x12ba4: arpl word ptr cs:[bx + 0x6d], bp 0x12ba8: add byte ptr [bx + si], ah 0x12baa: sub ax, 0x2b3d 0x12bad: and byte ptr [bp + di + 0x6f], cl 0x12bb0: xor al, 0x20 0x12bb4: sub di, word ptr [di] 0x12bb6: sub ax, 0x202c 0x12bb9: push sp 0x12bba: push 0x2065 |