Sample viewer

vx.netlux.org/Virus.DOS.IVP.Birgit.435

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:22:52.95574521Z	26	PC: 12b71 \| Set disk transfer address
2018-12-17T22:22:52.956828299Z	53	PC: 12a70 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:22:52.958477134Z	37	PC: 12a82 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:22:52.95955197Z	71	PC: 12a8e \| Get current directory
2018-12-17T22:22:52.962335357Z	78	PC: 12ac9 \| Find first file
2018-12-17T22:22:52.96912677Z	61	PC: 12b7a \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:22:52.975854596Z	63	PC: 12ae4 \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:22:52.982410753Z	62	PC: 12ae8 \| Close file
2018-12-17T22:22:52.987637726Z	67	PC: 12b85 \| Get or set file attributes
2018-12-17T22:22:53.003297152Z	61	PC: 12b7a \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:22:53.012209559Z	64	PC: 12b2e \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:22:53.016079904Z	66	PC: 12b6c \| Move file pointer
2018-12-17T22:22:53.017797446Z	44	PC: 12b39 \| Get time 0x12b39: cmp dh, 0 0x12b3c: je 0x12b35 0x12b3e: mov byte ptr cs:[bp + 0x2b5], dh 0x12b43: call 0x12bac 0x12b46: mov ax, 0x5701 0x12b49: mov cx, word ptr cs:[bp + 0x328] 0x12b4e: mov dx, word ptr cs:[bp + 0x32a] 0x12b53: int 0x21 0x12b55: mov ah, 0x3e 0x12b57: int 0x21 0x12b59: xor cx, cx 0x12b5b: mov cl, byte ptr cs:[bp + 0x327] 0x12b60: call 0x12b7c 0x12b63: ret 0x12b64: mov ah, 0x42 0x12b66: xor cx, cx 0x12b68: xor dx, dx 0x12b6a: int 0x21 0x12b6c: ret 0x12b6d: mov ah, 0x1a
2018-12-17T22:22:53.020484314Z	64	PC: 12c09 \| Write file or device (Write 435 bytes on handle 5)
2018-12-17T22:22:53.046644996Z	87	PC: 12b55 \| Get or set file date and time
2018-12-17T22:22:53.048248025Z	62	PC: 12b59 \| Close file
2018-12-17T22:22:53.055713191Z	67	PC: 12b85 \| Get or set file attributes
2018-12-17T22:22:53.066351339Z	79	PC: 12ac9 \| Find next file
2018-12-17T22:22:53.069208967Z	61	PC: 12b7a \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:22:53.076508925Z	63	PC: 12ae4 \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:22:53.080990547Z	62	PC: 12ae8 \| Close file
2018-12-17T22:22:53.082870947Z	67	PC: 12b85 \| Get or set file attributes
2018-12-17T22:22:53.090467218Z	61	PC: 12b7a \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:22:53.094796742Z	64	PC: 12b2e \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:22:53.0975668Z	66	PC: 12b6c \| Move file pointer
2018-12-17T22:22:53.098641569Z	44	PC: 12b39 \| Get time 0x12b39: cmp dh, 0 0x12b3c: je 0x12b35 0x12b3e: mov byte ptr cs:[bp + 0x2b5], dh 0x12b43: call 0x12bac 0x12b46: mov ax, 0x5701 0x12b49: mov cx, word ptr cs:[bp + 0x328] 0x12b4e: mov dx, word ptr cs:[bp + 0x32a] 0x12b53: int 0x21 0x12b55: mov ah, 0x3e 0x12b57: int 0x21 0x12b59: xor cx, cx 0x12b5b: mov cl, byte ptr cs:[bp + 0x327] 0x12b60: call 0x12b7c 0x12b63: ret 0x12b64: mov ah, 0x42 0x12b66: xor cx, cx 0x12b68: xor dx, dx 0x12b6a: int 0x21 0x12b6c: ret 0x12b6d: mov ah, 0x1a
2018-12-17T22:22:53.100998971Z	64	PC: 12c09 \| Write file or device (Write 435 bytes on handle 5)
2018-12-17T22:22:53.104067149Z	87	PC: 12b55 \| Get or set file date and time
2018-12-17T22:22:53.105501841Z	62	PC: 12b59 \| Close file
2018-12-17T22:22:53.114023321Z	67	PC: 12b85 \| Get or set file attributes
2018-12-17T22:22:53.124183532Z	79	PC: 12ac9 \| Find next file
2018-12-17T22:22:53.127079731Z	61	PC: 12b7a \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:22:53.138737311Z	63	PC: 12ae4 \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:22:53.14589456Z	62	PC: 12ae8 \| Close file
2018-12-17T22:22:53.147892464Z	67	PC: 12b85 \| Get or set file attributes
2018-12-17T22:22:53.158001823Z	61	PC: 12b7a \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:22:53.165252404Z	64	PC: 12b2e \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:22:53.168268669Z	66	PC: 12b6c \| Move file pointer
2018-12-17T22:22:53.169901599Z	44	PC: 12b39 \| Get time 0x12b39: cmp dh, 0 0x12b3c: je 0x12b35 0x12b3e: mov byte ptr cs:[bp + 0x2b5], dh 0x12b43: call 0x12bac 0x12b46: mov ax, 0x5701 0x12b49: mov cx, word ptr cs:[bp + 0x328] 0x12b4e: mov dx, word ptr cs:[bp + 0x32a] 0x12b53: int 0x21 0x12b55: mov ah, 0x3e 0x12b57: int 0x21 0x12b59: xor cx, cx 0x12b5b: mov cl, byte ptr cs:[bp + 0x327] 0x12b60: call 0x12b7c 0x12b63: ret 0x12b64: mov ah, 0x42 0x12b66: xor cx, cx 0x12b68: xor dx, dx 0x12b6a: int 0x21 0x12b6c: ret 0x12b6d: mov ah, 0x1a
2018-12-17T22:22:53.173333537Z	64	PC: 12c09 \| Write file or device (Write 435 bytes on handle 5)
2018-12-17T22:22:53.182139307Z	87	PC: 12b55 \| Get or set file date and time
2018-12-17T22:22:53.183556983Z	62	PC: 12b59 \| Close file
2018-12-17T22:22:53.191158081Z	67	PC: 12b85 \| Get or set file attributes
2018-12-17T22:22:53.202536033Z	79	PC: 12ac9 \| Find next file
2018-12-17T22:22:53.205434269Z	61	PC: 12b7a \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:22:53.211856377Z	63	PC: 12ae4 \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:22:53.218581511Z	62	PC: 12ae8 \| Close file
2018-12-17T22:22:53.220322425Z	67	PC: 12b85 \| Get or set file attributes
2018-12-17T22:22:53.230003056Z	61	PC: 12b7a \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:22:53.234483678Z	64	PC: 12b2e \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:22:53.236411414Z	66	PC: 12b6c \| Move file pointer
2018-12-17T22:22:53.237543806Z	44	PC: 12b39 \| Get time 0x12b39: cmp dh, 0 0x12b3c: je 0x12b35 0x12b3e: mov byte ptr cs:[bp + 0x2b5], dh 0x12b43: call 0x12bac 0x12b46: mov ax, 0x5701 0x12b49: mov cx, word ptr cs:[bp + 0x328] 0x12b4e: mov dx, word ptr cs:[bp + 0x32a] 0x12b53: int 0x21 0x12b55: mov ah, 0x3e 0x12b57: int 0x21 0x12b59: xor cx, cx 0x12b5b: mov cl, byte ptr cs:[bp + 0x327] 0x12b60: call 0x12b7c 0x12b63: ret 0x12b64: mov ah, 0x42 0x12b66: xor cx, cx 0x12b68: xor dx, dx 0x12b6a: int 0x21 0x12b6c: ret 0x12b6d: mov ah, 0x1a
2018-12-17T22:22:53.239694188Z	64	PC: 12c09 \| Write file or device (Write 435 bytes on handle 5)
2018-12-17T22:22:53.241712845Z	87	PC: 12b55 \| Get or set file date and time
2018-12-17T22:22:53.242869221Z	62	PC: 12b59 \| Close file
2018-12-17T22:22:53.24779934Z	67	PC: 12b85 \| Get or set file attributes
2018-12-17T22:22:53.256410752Z	79	PC: 12ac9 \| Find next file
2018-12-17T22:22:53.258815231Z	61	PC: 12b7a \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:22:53.269894799Z	63	PC: 12ae4 \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:22:53.274604746Z	62	PC: 12ae8 \| Close file
2018-12-17T22:22:53.276244099Z	67	PC: 12b85 \| Get or set file attributes
2018-12-17T22:22:53.280932419Z	61	PC: 12b7a \| Open file (Filename = 'PRINTA~1.COM�')
2018-12-17T22:22:53.285343725Z	64	PC: 12b2e \| Write file or device (Write 3 bytes on handle 2)
2018-12-17T22:22:53.287936069Z	66	PC: 12b6c \| Move file pointer
2018-12-17T22:22:53.28974893Z	44	PC: 12b39 \| Get time 0x12b39: cmp dh, 0 0x12b3c: je 0x12b35 0x12b3e: mov byte ptr cs:[bp + 0x2b5], dh 0x12b43: call 0x12bac 0x12b46: mov ax, 0x5701 0x12b49: mov cx, word ptr cs:[bp + 0x328] 0x12b4e: mov dx, word ptr cs:[bp + 0x32a] 0x12b53: int 0x21 0x12b55: mov ah, 0x3e 0x12b57: int 0x21 0x12b59: xor cx, cx 0x12b5b: mov cl, byte ptr cs:[bp + 0x327] 0x12b60: call 0x12b7c 0x12b63: ret 0x12b64: mov ah, 0x42 0x12b66: xor cx, cx 0x12b68: xor dx, dx 0x12b6a: int 0x21 0x12b6c: ret 0x12b6d: mov ah, 0x1a
2018-12-17T22:22:53.291916437Z	64	PC: 12c09 \| Write file or device (Write 435 bytes on handle 2)
2018-12-17T22:22:53.304659998Z	87	PC: 12b55 \| Get or set file date and time
2018-12-17T22:22:53.306372228Z	62	PC: 12b59 \| Close file
2018-12-17T22:22:53.30804459Z	67	PC: 12b85 \| Get or set file attributes
2018-12-17T22:22:53.312094853Z	79	PC: 12ac9 \| Find next file
2018-12-17T22:22:53.315010825Z	61	PC: 12b7a \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:22:53.321566286Z	63	PC: 12ae4 \| Read file or device (Read 26 bytes on handle 2)
2018-12-17T22:22:53.327537094Z	62	PC: 12ae8 \| Close file
2018-12-17T22:22:53.330310749Z	67	PC: 12b85 \| Get or set file attributes
2018-12-17T22:22:53.339695927Z	61	PC: 12b7a \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:22:53.345904605Z	64	PC: 12b2e \| Write file or device (Write 3 bytes on handle 2)
2018-12-17T22:22:53.349341567Z	66	PC: 12b6c \| Move file pointer
2018-12-17T22:22:53.350782741Z	44	PC: 12b39 \| Get time 0x12b39: cmp dh, 0 0x12b3c: je 0x12b35 0x12b3e: mov byte ptr cs:[bp + 0x2b5], dh 0x12b43: call 0x12bac 0x12b46: mov ax, 0x5701 0x12b49: mov cx, word ptr cs:[bp + 0x328] 0x12b4e: mov dx, word ptr cs:[bp + 0x32a] 0x12b53: int 0x21 0x12b55: mov ah, 0x3e 0x12b57: int 0x21 0x12b59: xor cx, cx 0x12b5b: mov cl, byte ptr cs:[bp + 0x327] 0x12b60: call 0x12b7c 0x12b63: ret 0x12b64: mov ah, 0x42 0x12b66: xor cx, cx 0x12b68: xor dx, dx 0x12b6a: int 0x21 0x12b6c: ret 0x12b6d: mov ah, 0x1a
2018-12-17T22:22:53.353266396Z	64	PC: 12c09 \| Write file or device (Write 435 bytes on handle 2)
2018-12-17T22:22:53.362977672Z	87	PC: 12b55 \| Get or set file date and time
2018-12-17T22:22:53.364582834Z	62	PC: 12b59 \| Close file
2018-12-17T22:22:53.37205612Z	67	PC: 12b85 \| Get or set file attributes
2018-12-17T22:22:53.382212767Z	79	PC: 12ac9 \| Find next file
2018-12-17T22:22:53.385119531Z	61	PC: 12b7a \| Open file (Filename = 'PAH.COM')
2018-12-17T22:22:53.391298499Z	63	PC: 12ae4 \| Read file or device (Read 26 bytes on handle 2)
2018-12-17T22:22:53.3984844Z	62	PC: 12ae8 \| Close file
2018-12-17T22:22:53.400159234Z	67	PC: 12b85 \| Get or set file attributes
2018-12-17T22:22:53.409732182Z	61	PC: 12b7a \| Open file (Filename = 'PAH.COM')
2018-12-17T22:22:53.4168119Z	64	PC: 12b2e \| Write file or device (Write 3 bytes on handle 2)
2018-12-17T22:22:53.41947507Z	66	PC: 12b6c \| Move file pointer
2018-12-17T22:22:53.420654714Z	44	PC: 12b39 \| Get time 0x12b39: cmp dh, 0 0x12b3c: je 0x12b35 0x12b3e: mov byte ptr cs:[bp + 0x2b5], dh 0x12b43: call 0x12bac 0x12b46: mov ax, 0x5701 0x12b49: mov cx, word ptr cs:[bp + 0x328] 0x12b4e: mov dx, word ptr cs:[bp + 0x32a] 0x12b53: int 0x21 0x12b55: mov ah, 0x3e 0x12b57: int 0x21 0x12b59: xor cx, cx 0x12b5b: mov cl, byte ptr cs:[bp + 0x327] 0x12b60: call 0x12b7c 0x12b63: ret 0x12b64: mov ah, 0x42 0x12b66: xor cx, cx 0x12b68: xor dx, dx 0x12b6a: int 0x21 0x12b6c: ret 0x12b6d: mov ah, 0x1a
2018-12-17T22:22:53.423014846Z	64	PC: 12c09 \| Write file or device (Write 435 bytes on handle 2)
2018-12-17T22:22:53.42655597Z	87	PC: 12b55 \| Get or set file date and time
2018-12-17T22:22:53.428150233Z	62	PC: 12b59 \| Close file
2018-12-17T22:22:53.435827656Z	67	PC: 12b85 \| Get or set file attributes
2018-12-17T22:22:53.446557831Z	79	PC: 12ac9 \| Find next file
2018-12-17T22:22:53.449233571Z	61	PC: 12b7a \| Open file (Filename = 'TEST.COM')
2018-12-17T22:22:53.460528669Z	63	PC: 12ae4 \| Read file or device (Read 26 bytes on handle 2)
2018-12-17T22:22:53.467258805Z	62	PC: 12ae8 \| Close file
2018-12-17T22:22:53.469012995Z	79	PC: 12ac9 \| Find next file
2018-12-17T22:22:53.47124456Z	59	PC: 12a9d \| Change current directory
2018-12-17T22:22:53.475803729Z	9	PC: 12aa7 \| Display string (String= 'Birgit Quake [IVP] ')
2018-12-17T22:22:53.481795547Z	37	PC: 12ab1 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:22:53.482802536Z	59	PC: 12abb \| Change current directory
2018-12-17T22:22:53.485663992Z	26	PC: 12b71 \| Set disk transfer address

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":4015,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:50:48.548409021Z	26	PC: 12b71 \| Set disk transfer address
2018-12-25T11:50:48.550461555Z	53	PC: 12a70 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:50:48.551604566Z	37	PC: 12a82 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:50:48.552733651Z	71	PC: 12a8e \| Get current directory
2018-12-25T11:50:48.55599731Z	78	PC: 12ac9 \| Find first file
2018-12-25T11:50:48.561895523Z	61	PC: 12b7a \| Open file (Filename = 'SLEEP.COM')
2018-12-25T11:50:48.574115702Z	63	PC: 12ae4 \| Read file or device (Read 26 bytes on handle 5)
2018-12-25T11:50:48.581254905Z	62	PC: 12ae8 \| Close file
2018-12-25T11:50:48.583201552Z	67	PC: 12b85 \| Get or set file attributes
2018-12-25T11:50:48.601545438Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:48.608659912Z	64	PC: 12b2e \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:50:48.616449325Z	66	PC: 12b6c \| Move file pointer
2018-12-25T11:50:48.618053596Z	44	PC: 12b39 \| Get time 0x12b39: cmp dh, 0 0x12b3c: je 0x12b35 0x12b3e: mov byte ptr cs:[bp + 0x2b5], dh 0x12b43: call 0x12bac 0x12b46: mov ax, 0x5701 0x12b49: mov cx, word ptr cs:[bp + 0x328] 0x12b4e: mov dx, word ptr cs:[bp + 0x32a] 0x12b53: int 0x21 0x12b55: mov ah, 0x3e 0x12b57: int 0x21 0x12b59: xor cx, cx 0x12b5b: mov cl, byte ptr cs:[bp + 0x327] 0x12b60: call 0x12b7c 0x12b63: ret 0x12b64: mov ah, 0x42 0x12b66: xor cx, cx 0x12b68: xor dx, dx 0x12b6a: int 0x21 0x12b6c: ret 0x12b6d: mov ah, 0x1a
2018-12-25T11:50:48.620688008Z	64	PC: 12c09 \| Write file or device (Write 435 bytes on handle 5)
2018-12-25T11:50:48.631515238Z	87	PC: 12b55 \| Get or set file date and time
2018-12-25T11:50:48.632908904Z	62	PC: 12b59 \| Close file
2018-12-25T11:50:48.640334945Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:48.65067161Z	79	PC: 12ac9 \| Find next file (See above)
2018-12-25T11:50:48.653611925Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:48.661070755Z	63	PC: 12ae4 \| Read file or device (See above)
2018-12-25T11:50:48.667773432Z	62	PC: 12ae8 \| Close file (See above)
2018-12-25T11:50:48.669558008Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:48.679292348Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:48.686343626Z	64	PC: 12b2e \| Write file or device (See above)
2018-12-25T11:50:48.689227649Z	66	PC: 12b6c \| Move file pointer (See above)
2018-12-25T11:50:48.690495458Z	44	PC: 12b39 \| Get time (See above)
2018-12-25T11:50:48.693458977Z	64	PC: 12c09 \| Write file or device (See above)
2018-12-25T11:50:48.696318607Z	87	PC: 12b55 \| Get or set file date and time (See above)
2018-12-25T11:50:48.697750692Z	62	PC: 12b59 \| Close file (See above)
2018-12-25T11:50:48.705696003Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:48.716004888Z	79	PC: 12ac9 \| Find next file (See above)
2018-12-25T11:50:48.718534111Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:48.743690201Z	63	PC: 12ae4 \| Read file or device (See above)
2018-12-25T11:50:48.749835377Z	62	PC: 12ae8 \| Close file (See above)
2018-12-25T11:50:48.751503102Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:48.762191165Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:48.766369934Z	64	PC: 12b2e \| Write file or device (See above)
2018-12-25T11:50:48.768180555Z	66	PC: 12b6c \| Move file pointer (See above)
2018-12-25T11:50:48.773669896Z	44	PC: 12b39 \| Get time (See above)
2018-12-25T11:50:48.775426362Z	64	PC: 12c09 \| Write file or device (See above)
2018-12-25T11:50:48.780624246Z	87	PC: 12b55 \| Get or set file date and time (See above)
2018-12-25T11:50:48.782245476Z	62	PC: 12b59 \| Close file (See above)
2018-12-25T11:50:48.790772192Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:48.80086307Z	79	PC: 12ac9 \| Find next file (See above)
2018-12-25T11:50:48.803939321Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:48.810284608Z	63	PC: 12ae4 \| Read file or device (See above)
2018-12-25T11:50:48.816504346Z	62	PC: 12ae8 \| Close file (See above)
2018-12-25T11:50:48.818410693Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:48.828871129Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:48.835283667Z	64	PC: 12b2e \| Write file or device (See above)
2018-12-25T11:50:48.838381066Z	66	PC: 12b6c \| Move file pointer (See above)
2018-12-25T11:50:48.840642307Z	44	PC: 12b39 \| Get time (See above)
2018-12-25T11:50:48.8432129Z	64	PC: 12c09 \| Write file or device (See above)
2018-12-25T11:50:48.846214652Z	87	PC: 12b55 \| Get or set file date and time (See above)
2018-12-25T11:50:48.848396158Z	62	PC: 12b59 \| Close file (See above)
2018-12-25T11:50:48.855598392Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:48.873309867Z	79	PC: 12ac9 \| Find next file (See above)
2018-12-25T11:50:48.876520765Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:48.882978561Z	63	PC: 12ae4 \| Read file or device (See above)
2018-12-25T11:50:48.889162465Z	62	PC: 12ae8 \| Close file (See above)
2018-12-25T11:50:48.891638279Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:48.896162534Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:48.900900603Z	64	PC: 12b2e \| Write file or device (See above)
2018-12-25T11:50:48.904231484Z	66	PC: 12b6c \| Move file pointer (See above)
2018-12-25T11:50:48.90547659Z	44	PC: 12b39 \| Get time (See above)
2018-12-25T11:50:48.907683668Z	64	PC: 12c09 \| Write file or device (See above)
2018-12-25T11:50:48.920618046Z	87	PC: 12b55 \| Get or set file date and time (See above)
2018-12-25T11:50:48.9219945Z	62	PC: 12b59 \| Close file (See above)
2018-12-25T11:50:48.924369861Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:48.929859794Z	79	PC: 12ac9 \| Find next file (See above)
2018-12-25T11:50:48.932364366Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:48.938609054Z	63	PC: 12ae4 \| Read file or device (See above)
2018-12-25T11:50:48.945551014Z	62	PC: 12ae8 \| Close file (See above)
2018-12-25T11:50:48.947248288Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:48.956700365Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:48.964042313Z	64	PC: 12b2e \| Write file or device (See above)
2018-12-25T11:50:48.967916007Z	66	PC: 12b6c \| Move file pointer (See above)
2018-12-25T11:50:48.969399424Z	44	PC: 12b39 \| Get time (See above)
2018-12-25T11:50:48.974693491Z	64	PC: 12c09 \| Write file or device (See above)
2018-12-25T11:50:48.982769227Z	87	PC: 12b55 \| Get or set file date and time (See above)
2018-12-25T11:50:48.984082017Z	62	PC: 12b59 \| Close file (See above)
2018-12-25T11:50:48.992489478Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:48.999331703Z	79	PC: 12ac9 \| Find next file (See above)
2018-12-25T11:50:49.001891815Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:49.006483397Z	63	PC: 12ae4 \| Read file or device (See above)
2018-12-25T11:50:49.012539119Z	62	PC: 12ae8 \| Close file (See above)
2018-12-25T11:50:49.014061232Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:49.024184243Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:49.030547795Z	64	PC: 12b2e \| Write file or device (See above)
2018-12-25T11:50:49.033490895Z	66	PC: 12b6c \| Move file pointer (See above)
2018-12-25T11:50:49.036052751Z	44	PC: 12b39 \| Get time (See above)
2018-12-25T11:50:49.038619031Z	64	PC: 12c09 \| Write file or device (See above)
2018-12-25T11:50:49.041427561Z	87	PC: 12b55 \| Get or set file date and time (See above)
2018-12-25T11:50:49.04320964Z	62	PC: 12b59 \| Close file (See above)
2018-12-25T11:50:49.050570721Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:49.062659792Z	79	PC: 12ac9 \| Find next file (See above)
2018-12-25T11:50:49.065354601Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:49.072078177Z	63	PC: 12ae4 \| Read file or device (See above)
2018-12-25T11:50:49.078251257Z	62	PC: 12ae8 \| Close file (See above)
2018-12-25T11:50:49.08094408Z	79	PC: 12ac9 \| Find next file (See above)
2018-12-25T11:50:49.083326828Z	59	PC: 12a9d \| Change current directory
2018-12-25T11:50:49.087300121Z	9	PC: 12aa7 \| Display string (String= 'Birgit Quake [IVP] ')
2018-12-25T11:50:49.095409025Z	37	PC: 12ab1 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:50:49.09671455Z	59	PC: 12abb \| Change current directory
2018-12-25T11:50:49.098618871Z	26	PC: 12b71 \| Set disk transfer address (See above)

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":1,"TimeBased":true,"OriginalID":4015,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:50:48.720844249Z	26	PC: 12b71 \| Set disk transfer address
2018-12-25T11:50:48.722436098Z	53	PC: 12a70 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:50:48.723421926Z	37	PC: 12a82 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:50:48.724314769Z	71	PC: 12a8e \| Get current directory
2018-12-25T11:50:48.727057971Z	78	PC: 12ac9 \| Find first file
2018-12-25T11:50:48.731088633Z	61	PC: 12b7a \| Open file (Filename = 'SLEEP.COM')
2018-12-25T11:50:48.735291439Z	63	PC: 12ae4 \| Read file or device (Read 26 bytes on handle 5)
2018-12-25T11:50:48.739567574Z	62	PC: 12ae8 \| Close file
2018-12-25T11:50:48.741203471Z	67	PC: 12b85 \| Get or set file attributes
2018-12-25T11:50:55.233093131Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:55.240484419Z	64	PC: 12b2e \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:50:55.243555728Z	66	PC: 12b6c \| Move file pointer
2018-12-25T11:50:55.244982197Z	44	PC: 12b39 \| Get time 0x12b39: cmp dh, 0 0x12b3c: je 0x12b35 0x12b3e: mov byte ptr cs:[bp + 0x2b5], dh 0x12b43: call 0x12bac 0x12b46: mov ax, 0x5701 0x12b49: mov cx, word ptr cs:[bp + 0x328] 0x12b4e: mov dx, word ptr cs:[bp + 0x32a] 0x12b53: int 0x21 0x12b55: mov ah, 0x3e 0x12b57: int 0x21 0x12b59: xor cx, cx 0x12b5b: mov cl, byte ptr cs:[bp + 0x327] 0x12b60: call 0x12b7c 0x12b63: ret 0x12b64: mov ah, 0x42 0x12b66: xor cx, cx 0x12b68: xor dx, dx 0x12b6a: int 0x21 0x12b6c: ret 0x12b6d: mov ah, 0x1a
2018-12-25T11:50:55.247497445Z	64	PC: 12c09 \| Write file or device (Write 435 bytes on handle 5)
2018-12-25T11:50:55.277497563Z	87	PC: 12b55 \| Get or set file date and time
2018-12-25T11:50:55.279778473Z	62	PC: 12b59 \| Close file
2018-12-25T11:50:55.300844917Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:55.314920008Z	79	PC: 12ac9 \| Find next file (See above)
2018-12-25T11:50:55.318555646Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:55.334509546Z	63	PC: 12ae4 \| Read file or device (See above)
2018-12-25T11:50:55.343946499Z	62	PC: 12ae8 \| Close file (See above)
2018-12-25T11:50:55.345917617Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:55.397437225Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:55.405349686Z	64	PC: 12b2e \| Write file or device (See above)
2018-12-25T11:50:55.408430388Z	66	PC: 12b6c \| Move file pointer (See above)
2018-12-25T11:50:55.409971661Z	44	PC: 12b39 \| Get time (See above)
2018-12-25T11:50:55.412811349Z	64	PC: 12c09 \| Write file or device (See above)
2018-12-25T11:50:55.41602706Z	87	PC: 12b55 \| Get or set file date and time (See above)
2018-12-25T11:50:55.417574801Z	62	PC: 12b59 \| Close file (See above)
2018-12-25T11:50:55.442645996Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:56.115184456Z	79	PC: 12ac9 \| Find next file (See above)
2018-12-25T11:50:56.119566759Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:56.127325743Z	63	PC: 12ae4 \| Read file or device (See above)
2018-12-25T11:50:56.136338477Z	62	PC: 12ae8 \| Close file (See above)
2018-12-25T11:50:56.13877838Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:56.150637629Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:56.159306551Z	64	PC: 12b2e \| Write file or device (See above)
2018-12-25T11:50:56.16287183Z	66	PC: 12b6c \| Move file pointer (See above)
2018-12-25T11:50:56.164933019Z	44	PC: 12b39 \| Get time (See above)
2018-12-25T11:50:56.168981596Z	64	PC: 12c09 \| Write file or device (See above)
2018-12-25T11:50:56.180132235Z	87	PC: 12b55 \| Get or set file date and time (See above)
2018-12-25T11:50:56.181960071Z	62	PC: 12b59 \| Close file (See above)
2018-12-25T11:50:56.191469849Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:56.205546206Z	79	PC: 12ac9 \| Find next file (See above)
2018-12-25T11:50:56.211158712Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:56.218857823Z	63	PC: 12ae4 \| Read file or device (See above)
2018-12-25T11:50:56.228092038Z	62	PC: 12ae8 \| Close file (See above)
2018-12-25T11:50:56.230341619Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:56.242490305Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:56.252324869Z	64	PC: 12b2e \| Write file or device (See above)
2018-12-25T11:50:56.255839478Z	66	PC: 12b6c \| Move file pointer (See above)
2018-12-25T11:50:56.257685408Z	44	PC: 12b39 \| Get time (See above)
2018-12-25T11:50:56.262030374Z	64	PC: 12c09 \| Write file or device (See above)
2018-12-25T11:50:56.265602108Z	87	PC: 12b55 \| Get or set file date and time (See above)
2018-12-25T11:50:56.267689316Z	62	PC: 12b59 \| Close file (See above)
2018-12-25T11:50:56.277026231Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:56.28863837Z	79	PC: 12ac9 \| Find next file (See above)
2018-12-25T11:50:56.292043871Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:56.301102695Z	63	PC: 12ae4 \| Read file or device (See above)
2018-12-25T11:50:56.308899282Z	62	PC: 12ae8 \| Close file (See above)
2018-12-25T11:50:56.311190819Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:56.317355769Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:56.32436515Z	64	PC: 12b2e \| Write file or device (See above)
2018-12-25T11:50:56.327631335Z	66	PC: 12b6c \| Move file pointer (See above)
2018-12-25T11:50:56.329657112Z	44	PC: 12b39 \| Get time (See above)
2018-12-25T11:50:56.333634905Z	64	PC: 12c09 \| Write file or device (See above)
2018-12-25T11:50:56.346151357Z	87	PC: 12b55 \| Get or set file date and time (See above)
2018-12-25T11:50:56.350866489Z	62	PC: 12b59 \| Close file (See above)
2018-12-25T11:50:56.355647815Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:56.366606882Z	79	PC: 12ac9 \| Find next file (See above)
2018-12-25T11:50:56.371855768Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:56.387691257Z	63	PC: 12ae4 \| Read file or device (See above)
2018-12-25T11:50:56.402907744Z	62	PC: 12ae8 \| Close file (See above)
2018-12-25T11:50:56.404771312Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:56.416631808Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:56.430623582Z	64	PC: 12b2e \| Write file or device (See above)
2018-12-25T11:50:56.434207993Z	66	PC: 12b6c \| Move file pointer (See above)
2018-12-25T11:50:56.437237673Z	44	PC: 12b39 \| Get time (See above)
2018-12-25T11:50:56.440431068Z	64	PC: 12c09 \| Write file or device (See above)
2018-12-25T11:50:56.45117486Z	87	PC: 12b55 \| Get or set file date and time (See above)
2018-12-25T11:50:56.453357543Z	62	PC: 12b59 \| Close file (See above)
2018-12-25T11:50:56.462895138Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:56.47443126Z	79	PC: 12ac9 \| Find next file (See above)
2018-12-25T11:50:56.477778739Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:56.486693198Z	63	PC: 12ae4 \| Read file or device (See above)
2018-12-25T11:50:56.494331107Z	62	PC: 12ae8 \| Close file (See above)
2018-12-25T11:50:56.496656154Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:56.509856662Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:56.51764986Z	64	PC: 12b2e \| Write file or device (See above)
2018-12-25T11:50:56.521114565Z	66	PC: 12b6c \| Move file pointer (See above)
2018-12-25T11:50:56.523555111Z	44	PC: 12b39 \| Get time (See above)
2018-12-25T11:50:56.526455192Z	64	PC: 12c09 \| Write file or device (See above)
2018-12-25T11:50:56.530032351Z	87	PC: 12b55 \| Get or set file date and time (See above)
2018-12-25T11:50:56.532855377Z	62	PC: 12b59 \| Close file (See above)
2018-12-25T11:50:56.541869366Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:56.553418287Z	79	PC: 12ac9 \| Find next file (See above)
2018-12-25T11:50:56.557052993Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:56.56586206Z	63	PC: 12ae4 \| Read file or device (See above)
2018-12-25T11:50:56.569189448Z	62	PC: 12ae8 \| Close file (See above)
2018-12-25T11:50:56.571653612Z	79	PC: 12ac9 \| Find next file (See above)
2018-12-25T11:50:56.576115808Z	59	PC: 12a9d \| Change current directory
2018-12-25T11:50:56.581852634Z	9	PC: 12aa7 \| Display string (String= 'Birgit Quake [IVP] ')
2018-12-25T11:50:56.591016567Z	37	PC: 12ab1 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:50:56.593752189Z	59	PC: 12abb \| Change current directory
2018-12-25T11:50:56.596672443Z	26	PC: 12b71 \| Set disk transfer address (See above)

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":4015,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:50:48.819170823Z	26	PC: 12b71 \| Set disk transfer address
2018-12-25T11:50:48.820823949Z	53	PC: 12a70 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:50:48.82171327Z	37	PC: 12a82 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:50:48.823357418Z	71	PC: 12a8e \| Get current directory
2018-12-25T11:50:48.827317719Z	78	PC: 12ac9 \| Find first file
2018-12-25T11:50:48.83314843Z	61	PC: 12b7a \| Open file (Filename = 'SLEEP.COM')
2018-12-25T11:50:48.839327555Z	63	PC: 12ae4 \| Read file or device (Read 26 bytes on handle 5)
2018-12-25T11:50:48.845607599Z	62	PC: 12ae8 \| Close file
2018-12-25T11:50:48.847290671Z	67	PC: 12b85 \| Get or set file attributes
2018-12-25T11:50:48.862086495Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:48.873417064Z	64	PC: 12b2e \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:50:48.879766215Z	66	PC: 12b6c \| Move file pointer
2018-12-25T11:50:48.880930773Z	44	PC: 12b39 \| Get time 0x12b39: cmp dh, 0 0x12b3c: je 0x12b35 0x12b3e: mov byte ptr cs:[bp + 0x2b5], dh 0x12b43: call 0x12bac 0x12b46: mov ax, 0x5701 0x12b49: mov cx, word ptr cs:[bp + 0x328] 0x12b4e: mov dx, word ptr cs:[bp + 0x32a] 0x12b53: int 0x21 0x12b55: mov ah, 0x3e 0x12b57: int 0x21 0x12b59: xor cx, cx 0x12b5b: mov cl, byte ptr cs:[bp + 0x327] 0x12b60: call 0x12b7c 0x12b63: ret 0x12b64: mov ah, 0x42 0x12b66: xor cx, cx 0x12b68: xor dx, dx 0x12b6a: int 0x21 0x12b6c: ret 0x12b6d: mov ah, 0x1a
2018-12-25T11:50:48.883548491Z	64	PC: 12c09 \| Write file or device (Write 435 bytes on handle 5)
2018-12-25T11:50:48.891793939Z	87	PC: 12b55 \| Get or set file date and time
2018-12-25T11:50:48.892969843Z	62	PC: 12b59 \| Close file
2018-12-25T11:50:48.900441814Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:48.909900845Z	79	PC: 12ac9 \| Find next file (See above)
2018-12-25T11:50:48.91228048Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:48.919196909Z	63	PC: 12ae4 \| Read file or device (See above)
2018-12-25T11:50:48.925343732Z	62	PC: 12ae8 \| Close file (See above)
2018-12-25T11:50:48.926997665Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:48.93689236Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:48.954841464Z	64	PC: 12b2e \| Write file or device (See above)
2018-12-25T11:50:48.961081791Z	66	PC: 12b6c \| Move file pointer (See above)
2018-12-25T11:50:48.962568743Z	44	PC: 12b39 \| Get time (See above)
2018-12-25T11:50:48.965168266Z	64	PC: 12c09 \| Write file or device (See above)
2018-12-25T11:50:48.968070962Z	87	PC: 12b55 \| Get or set file date and time (See above)
2018-12-25T11:50:48.96938467Z	62	PC: 12b59 \| Close file (See above)
2018-12-25T11:50:48.979210812Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:48.988677334Z	79	PC: 12ac9 \| Find next file (See above)
2018-12-25T11:50:48.991152876Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:48.997721Z	63	PC: 12ae4 \| Read file or device (See above)
2018-12-25T11:50:49.003930033Z	62	PC: 12ae8 \| Close file (See above)
2018-12-25T11:50:49.005697687Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:49.016326261Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:49.022705158Z	64	PC: 12b2e \| Write file or device (See above)
2018-12-25T11:50:49.025238608Z	66	PC: 12b6c \| Move file pointer (See above)
2018-12-25T11:50:49.026904537Z	44	PC: 12b39 \| Get time (See above)
2018-12-25T11:50:49.028603677Z	64	PC: 12c09 \| Write file or device (See above)
2018-12-25T11:50:49.03399451Z	87	PC: 12b55 \| Get or set file date and time (See above)
2018-12-25T11:50:49.03595802Z	62	PC: 12b59 \| Close file (See above)
2018-12-25T11:50:49.04324083Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:49.052266303Z	79	PC: 12ac9 \| Find next file (See above)
2018-12-25T11:50:49.055503647Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:49.061409783Z	63	PC: 12ae4 \| Read file or device (See above)
2018-12-25T11:50:49.067316504Z	62	PC: 12ae8 \| Close file (See above)
2018-12-25T11:50:49.069278184Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:49.081500632Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:49.087922945Z	64	PC: 12b2e \| Write file or device (See above)
2018-12-25T11:50:49.095120932Z	66	PC: 12b6c \| Move file pointer (See above)
2018-12-25T11:50:49.096470093Z	44	PC: 12b39 \| Get time (See above)
2018-12-25T11:50:49.098888911Z	64	PC: 12c09 \| Write file or device (See above)
2018-12-25T11:50:49.102695184Z	87	PC: 12b55 \| Get or set file date and time (See above)
2018-12-25T11:50:49.104220392Z	62	PC: 12b59 \| Close file (See above)
2018-12-25T11:50:49.1114151Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:49.121454156Z	79	PC: 12ac9 \| Find next file (See above)
2018-12-25T11:50:49.123887168Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:49.130019956Z	63	PC: 12ae4 \| Read file or device (See above)
2018-12-25T11:50:49.142386906Z	62	PC: 12ae8 \| Close file (See above)
2018-12-25T11:50:49.144134165Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:49.153272819Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:49.15835269Z	64	PC: 12b2e \| Write file or device (See above)
2018-12-25T11:50:49.160930553Z	66	PC: 12b6c \| Move file pointer (See above)
2018-12-25T11:50:49.162383741Z	44	PC: 12b39 \| Get time (See above)
2018-12-25T11:50:49.164818187Z	64	PC: 12c09 \| Write file or device (See above)
2018-12-25T11:50:49.177296435Z	87	PC: 12b55 \| Get or set file date and time (See above)
2018-12-25T11:50:49.178954909Z	62	PC: 12b59 \| Close file (See above)
2018-12-25T11:50:49.180858324Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:49.185245277Z	79	PC: 12ac9 \| Find next file (See above)
2018-12-25T11:50:49.191465098Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:49.198750055Z	63	PC: 12ae4 \| Read file or device (See above)
2018-12-25T11:50:49.205595858Z	62	PC: 12ae8 \| Close file (See above)
2018-12-25T11:50:49.207322062Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:49.217341489Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:49.224578754Z	64	PC: 12b2e \| Write file or device (See above)
2018-12-25T11:50:49.227120723Z	66	PC: 12b6c \| Move file pointer (See above)
2018-12-25T11:50:49.228339946Z	44	PC: 12b39 \| Get time (See above)
2018-12-25T11:50:49.230990227Z	64	PC: 12c09 \| Write file or device (See above)
2018-12-25T11:50:49.240175676Z	87	PC: 12b55 \| Get or set file date and time (See above)
2018-12-25T11:50:49.241512349Z	62	PC: 12b59 \| Close file (See above)
2018-12-25T11:50:49.249123409Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:49.258460488Z	79	PC: 12ac9 \| Find next file (See above)
2018-12-25T11:50:49.260806353Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:49.267557935Z	63	PC: 12ae4 \| Read file or device (See above)
2018-12-25T11:50:49.273460025Z	62	PC: 12ae8 \| Close file (See above)
2018-12-25T11:50:49.275778067Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:49.285527812Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:49.291791894Z	64	PC: 12b2e \| Write file or device (See above)
2018-12-25T11:50:49.294542363Z	66	PC: 12b6c \| Move file pointer (See above)
2018-12-25T11:50:49.296423433Z	44	PC: 12b39 \| Get time (See above)
2018-12-25T11:50:49.298801468Z	64	PC: 12c09 \| Write file or device (See above)
2018-12-25T11:50:49.301726083Z	87	PC: 12b55 \| Get or set file date and time (See above)
2018-12-25T11:50:49.303862125Z	62	PC: 12b59 \| Close file (See above)
2018-12-25T11:50:49.311208841Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:49.320872212Z	79	PC: 12ac9 \| Find next file (See above)
2018-12-25T11:50:49.323890074Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:49.3304526Z	63	PC: 12ae4 \| Read file or device (See above)
2018-12-25T11:50:49.336948571Z	62	PC: 12ae8 \| Close file (See above)
2018-12-25T11:50:49.340611573Z	79	PC: 12ac9 \| Find next file (See above)
2018-12-25T11:50:49.343218223Z	59	PC: 12a9d \| Change current directory
2018-12-25T11:50:49.347428669Z	9	PC: 12aa7 \| Display string (String= 'Birgit Quake [IVP] ')
2018-12-25T11:50:49.355937408Z	37	PC: 12ab1 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:50:49.357623527Z	59	PC: 12abb \| Change current directory
2018-12-25T11:50:49.359558035Z	26	PC: 12b71 \| Set disk transfer address (See above)

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":1,"TimeBased":true,"OriginalID":4015,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:50:49.230225731Z	26	PC: 12b71 \| Set disk transfer address
2018-12-25T11:50:49.232181203Z	53	PC: 12a70 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:50:49.233341656Z	37	PC: 12a82 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:50:49.23445771Z	71	PC: 12a8e \| Get current directory
2018-12-25T11:50:49.237543624Z	78	PC: 12ac9 \| Find first file
2018-12-25T11:50:49.244054761Z	61	PC: 12b7a \| Open file (Filename = 'SLEEP.COM')
2018-12-25T11:50:49.250220347Z	63	PC: 12ae4 \| Read file or device (Read 26 bytes on handle 5)
2018-12-25T11:50:49.256257303Z	62	PC: 12ae8 \| Close file
2018-12-25T11:50:49.25882508Z	67	PC: 12b85 \| Get or set file attributes
2018-12-25T11:50:49.273989589Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:49.280522748Z	64	PC: 12b2e \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:50:49.284609705Z	66	PC: 12b6c \| Move file pointer
2018-12-25T11:50:49.286195808Z	44	PC: 12b39 \| Get time 0x12b39: cmp dh, 0 0x12b3c: je 0x12b35 0x12b3e: mov byte ptr cs:[bp + 0x2b5], dh 0x12b43: call 0x12bac 0x12b46: mov ax, 0x5701 0x12b49: mov cx, word ptr cs:[bp + 0x328] 0x12b4e: mov dx, word ptr cs:[bp + 0x32a] 0x12b53: int 0x21 0x12b55: mov ah, 0x3e 0x12b57: int 0x21 0x12b59: xor cx, cx 0x12b5b: mov cl, byte ptr cs:[bp + 0x327] 0x12b60: call 0x12b7c 0x12b63: ret 0x12b64: mov ah, 0x42 0x12b66: xor cx, cx 0x12b68: xor dx, dx 0x12b6a: int 0x21 0x12b6c: ret 0x12b6d: mov ah, 0x1a
2018-12-25T11:50:49.288946917Z	64	PC: 12c09 \| Write file or device (Write 435 bytes on handle 5)
2018-12-25T11:50:49.301227786Z	87	PC: 12b55 \| Get or set file date and time
2018-12-25T11:50:49.302927894Z	62	PC: 12b59 \| Close file
2018-12-25T11:50:49.314635818Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:49.322309413Z	79	PC: 12ac9 \| Find next file (See above)
2018-12-25T11:50:49.324204773Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:49.330127521Z	63	PC: 12ae4 \| Read file or device (See above)
2018-12-25T11:50:49.335857594Z	62	PC: 12ae8 \| Close file (See above)
2018-12-25T11:50:49.337234038Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:49.34684725Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:49.35439084Z	64	PC: 12b2e \| Write file or device (See above)
2018-12-25T11:50:49.358914356Z	66	PC: 12b6c \| Move file pointer (See above)
2018-12-25T11:50:49.360204065Z	44	PC: 12b39 \| Get time (See above)
2018-12-25T11:50:49.363311893Z	64	PC: 12c09 \| Write file or device (See above)
2018-12-25T11:50:49.366507091Z	87	PC: 12b55 \| Get or set file date and time (See above)
2018-12-25T11:50:49.367989422Z	62	PC: 12b59 \| Close file (See above)
2018-12-25T11:50:49.375830259Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:49.38829456Z	79	PC: 12ac9 \| Find next file (See above)
2018-12-25T11:50:49.390894793Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:49.397167149Z	63	PC: 12ae4 \| Read file or device (See above)
2018-12-25T11:50:49.404006715Z	62	PC: 12ae8 \| Close file (See above)
2018-12-25T11:50:49.405916612Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:49.415789654Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:49.42338898Z	64	PC: 12b2e \| Write file or device (See above)
2018-12-25T11:50:49.426347292Z	66	PC: 12b6c \| Move file pointer (See above)
2018-12-25T11:50:49.427954049Z	44	PC: 12b39 \| Get time (See above)
2018-12-25T11:50:49.43095617Z	64	PC: 12c09 \| Write file or device (See above)
2018-12-25T11:50:49.439180496Z	87	PC: 12b55 \| Get or set file date and time (See above)
2018-12-25T11:50:49.440573497Z	62	PC: 12b59 \| Close file (See above)
2018-12-25T11:50:49.449695075Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:49.459589201Z	79	PC: 12ac9 \| Find next file (See above)
2018-12-25T11:50:49.462194714Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:49.471024162Z	63	PC: 12ae4 \| Read file or device (See above)
2018-12-25T11:50:49.477338687Z	62	PC: 12ae8 \| Close file (See above)
2018-12-25T11:50:49.479199745Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:49.48956655Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:49.493912972Z	64	PC: 12b2e \| Write file or device (See above)
2018-12-25T11:50:49.495958497Z	66	PC: 12b6c \| Move file pointer (See above)
2018-12-25T11:50:49.498972482Z	44	PC: 12b39 \| Get time (See above)
2018-12-25T11:50:49.50085356Z	64	PC: 12c09 \| Write file or device (See above)
2018-12-25T11:50:49.504168094Z	87	PC: 12b55 \| Get or set file date and time (See above)
2018-12-25T11:50:49.506990542Z	62	PC: 12b59 \| Close file (See above)
2018-12-25T11:50:49.514187582Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:49.524140207Z	79	PC: 12ac9 \| Find next file (See above)
2018-12-25T11:50:49.527247159Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:49.534451249Z	63	PC: 12ae4 \| Read file or device (See above)
2018-12-25T11:50:49.54058378Z	62	PC: 12ae8 \| Close file (See above)
2018-12-25T11:50:49.543271127Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:49.547146756Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:49.551384315Z	64	PC: 12b2e \| Write file or device (See above)
2018-12-25T11:50:49.556601395Z	66	PC: 12b6c \| Move file pointer (See above)
2018-12-25T11:50:49.557928779Z	44	PC: 12b39 \| Get time (See above)
2018-12-25T11:50:49.559995232Z	64	PC: 12c09 \| Write file or device (See above)
2018-12-25T11:50:49.568402955Z	87	PC: 12b55 \| Get or set file date and time (See above)
2018-12-25T11:50:49.57036223Z	62	PC: 12b59 \| Close file (See above)
2018-12-25T11:50:49.571846425Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:49.575871287Z	79	PC: 12ac9 \| Find next file (See above)
2018-12-25T11:50:49.578621693Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:49.589425168Z	63	PC: 12ae4 \| Read file or device (See above)
2018-12-25T11:50:49.595177328Z	62	PC: 12ae8 \| Close file (See above)
2018-12-25T11:50:49.597116751Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:49.605842636Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:49.611858284Z	64	PC: 12b2e \| Write file or device (See above)
2018-12-25T11:50:49.614952419Z	66	PC: 12b6c \| Move file pointer (See above)
2018-12-25T11:50:49.616154716Z	44	PC: 12b39 \| Get time (See above)
2018-12-25T11:50:49.618232087Z	64	PC: 12c09 \| Write file or device (See above)
2018-12-25T11:50:49.626390266Z	87	PC: 12b55 \| Get or set file date and time (See above)
2018-12-25T11:50:49.627760444Z	62	PC: 12b59 \| Close file (See above)
2018-12-25T11:50:49.634688563Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:49.650757284Z	79	PC: 12ac9 \| Find next file (See above)
2018-12-25T11:50:49.658189229Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:49.663969286Z	63	PC: 12ae4 \| Read file or device (See above)
2018-12-25T11:50:49.668313554Z	62	PC: 12ae8 \| Close file (See above)
2018-12-25T11:50:49.669777637Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:49.678553961Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:49.685055357Z	64	PC: 12b2e \| Write file or device (See above)
2018-12-25T11:50:49.687425161Z	66	PC: 12b6c \| Move file pointer (See above)
2018-12-25T11:50:49.688541555Z	44	PC: 12b39 \| Get time (See above)
2018-12-25T11:50:49.691242987Z	64	PC: 12c09 \| Write file or device (See above)
2018-12-25T11:50:49.693847423Z	87	PC: 12b55 \| Get or set file date and time (See above)
2018-12-25T11:50:49.69513208Z	62	PC: 12b59 \| Close file (See above)
2018-12-25T11:50:49.702399104Z	67	PC: 12b85 \| Get or set file attributes (See above)
2018-12-25T11:50:49.712538307Z	79	PC: 12ac9 \| Find next file (See above)
2018-12-25T11:50:49.716415834Z	61	PC: 12b7a \| Open file (See above)
2018-12-25T11:50:49.723595369Z	63	PC: 12ae4 \| Read file or device (See above)
2018-12-25T11:50:49.737119691Z	62	PC: 12ae8 \| Close file (See above)
2018-12-25T11:50:49.743314481Z	79	PC: 12ac9 \| Find next file (See above)
2018-12-25T11:50:49.748002136Z	59	PC: 12a9d \| Change current directory
2018-12-25T11:50:49.753035385Z	9	PC: 12aa7 \| Display string (String= 'Birgit Quake [IVP] ')
2018-12-25T11:50:49.761112322Z	37	PC: 12ab1 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:50:49.763189338Z	59	PC: 12abb \| Change current directory
2018-12-25T11:50:49.765079672Z	26	PC: 12b71 \| Set disk transfer address (See above)