Sample viewer

vx.netlux.org/Virus.DOS.Sisoruen.453

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T21:53:54.234526611Z 26 PC: 15538 | Set disk transfer address
2018-12-17T21:53:54.237059044Z 78 PC: 15543 | Find first file
2018-12-17T21:53:54.243032022Z 67 PC: 155b9 | Get or set file attributes
2018-12-17T21:53:54.258424256Z 61 PC: 155bf | Open file (Filename = 'SLEEP.COM')
2018-12-17T21:53:54.277442435Z 87 PC: 155c5 | Get or set file date and time
2018-12-17T21:53:54.278996915Z 63 PC: 155d2 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T21:53:54.285267246Z 87 PC: 1563b | Get or set file date and time
2018-12-17T21:53:54.287182803Z 62 PC: 1563f | Close file
2018-12-17T21:53:54.299412987Z 79 PC: 15543 | Find next file
2018-12-17T21:53:54.302479968Z 67 PC: 155b9 | Get or set file attributes
2018-12-17T21:53:54.312926657Z 61 PC: 155bf | Open file (Filename = 'PRINT.COM')
2018-12-17T21:53:54.320558084Z 87 PC: 155c5 | Get or set file date and time
2018-12-17T21:53:54.322312134Z 63 PC: 155d2 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T21:53:54.328939562Z 87 PC: 1563b | Get or set file date and time
2018-12-17T21:53:54.341118234Z 62 PC: 1563f | Close file
2018-12-17T21:53:54.3484281Z 79 PC: 15543 | Find next file
2018-12-17T21:53:54.351407669Z 67 PC: 155b9 | Get or set file attributes
2018-12-17T21:53:54.362192609Z 61 PC: 155bf | Open file (Filename = 'HELLO.COM')
2018-12-17T21:53:54.369219992Z 87 PC: 155c5 | Get or set file date and time
2018-12-17T21:53:54.370899217Z 63 PC: 155d2 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T21:53:54.379044418Z 87 PC: 1563b | Get or set file date and time
2018-12-17T21:53:54.38084594Z 62 PC: 1563f | Close file
2018-12-17T21:53:54.388157427Z 79 PC: 15543 | Find next file
2018-12-17T21:53:54.39183508Z 67 PC: 155b9 | Get or set file attributes
2018-12-17T21:53:54.401777505Z 61 PC: 155bf | Open file (Filename = 'PHANG.COM')
2018-12-17T21:53:54.408489613Z 87 PC: 155c5 | Get or set file date and time
2018-12-17T21:53:54.410343117Z 63 PC: 155d2 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T21:53:54.417722477Z 87 PC: 1563b | Get or set file date and time
2018-12-17T21:53:54.420163959Z 62 PC: 1563f | Close file
2018-12-17T21:53:54.427411116Z 79 PC: 15543 | Find next file
2018-12-17T21:53:54.430898584Z 67 PC: 155b9 | Get or set file attributes
2018-12-17T21:53:54.440521773Z 61 PC: 155bf | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T21:53:54.447681923Z 87 PC: 155c5 | Get or set file date and time
2018-12-17T21:53:54.449344469Z 63 PC: 155d2 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T21:53:54.455512163Z 87 PC: 1563b | Get or set file date and time
2018-12-17T21:53:54.456830228Z 62 PC: 1563f | Close file
2018-12-17T21:53:54.463921975Z 79 PC: 15543 | Find next file
2018-12-17T21:53:54.466475926Z 67 PC: 155b9 | Get or set file attributes
2018-12-17T21:53:54.47579762Z 61 PC: 155bf | Open file (Filename = 'MANDEL.COM')
2018-12-17T21:53:54.487516058Z 87 PC: 155c5 | Get or set file date and time
2018-12-17T21:53:54.488721751Z 63 PC: 155d2 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T21:53:54.494786298Z 87 PC: 1563b | Get or set file date and time
2018-12-17T21:53:54.496500381Z 62 PC: 1563f | Close file
2018-12-17T21:53:54.503173346Z 79 PC: 15543 | Find next file
2018-12-17T21:53:54.506166147Z 67 PC: 155b9 | Get or set file attributes
2018-12-17T21:53:54.515493772Z 61 PC: 155bf | Open file (Filename = 'PAH.COM')
2018-12-17T21:53:54.521873159Z 87 PC: 155c5 | Get or set file date and time
2018-12-17T21:53:54.523287622Z 63 PC: 155d2 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T21:53:54.530096021Z 87 PC: 1563b | Get or set file date and time
2018-12-17T21:53:54.531448149Z 62 PC: 1563f | Close file
2018-12-17T21:53:54.538176206Z 79 PC: 15543 | Find next file
2018-12-17T21:53:54.541195915Z 67 PC: 155b9 | Get or set file attributes
2018-12-17T21:53:54.553563224Z 61 PC: 155bf | Open file (Filename = 'TEST.COM')
2018-12-17T21:53:54.560123507Z 87 PC: 155c5 | Get or set file date and time
2018-12-17T21:53:54.561892363Z 63 PC: 155d2 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T21:53:54.567901878Z 87 PC: 1563b | Get or set file date and time
2018-12-17T21:53:54.56922302Z 62 PC: 1563f | Close file
2018-12-17T21:53:54.576076751Z 79 PC: 15543 | Find next file
2018-12-17T21:53:54.578255863Z 59 PC: 1554d | Change current directory
2018-12-17T21:53:54.582044218Z 42 PC: 15553 | Get date 0x15553: cmp al, 6
0x15555: je 0x15563
0x15557: cmp al, 0
0x15559: je 0x15563
0x1555b: mov dx, 0x80
0x1555e: mov ah, 0x1a
0x15560: int 0x21
0x15562: ret
0x15563: mov ah, 0xe
0x15565: mov dl, 2
0x15567: int 0x21
0x15569: mov ah, 0x3b
0x1556b: lea dx, word ptr [bp + 0x285]
0x1556f: int 0x21
0x15571: mov ah, 0x4e
0x15573: lea dx, word ptr [bp + 0x287]
0x15577: mov cx, 3
0x1557a: int 0x21
0x1557c: jb 0x1555b
0x1557e: lea dx, word ptr [bp + 0x2bc]
2018-12-17T21:53:54.584515995Z 26 PC: 15562 | Set disk transfer address
2018-12-17T21:53:54.58536136Z 26 PC: 1533e | Set disk transfer address
2018-12-17T21:53:54.586122935Z 71 PC: 15348 | Get current directory
2018-12-17T21:53:54.589245491Z 53 PC: 1534d | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:53:54.590221769Z 37 PC: 1535d | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:53:54.591126054Z 78 PC: 15403 | Find first file
2018-12-17T21:53:54.601890133Z 67 PC: 1541c | Get or set file attributes
2018-12-17T21:53:54.6104931Z 67 PC: 154b4 | Get or set file attributes
2018-12-17T21:53:54.618187276Z 61 PC: 1542a | Open file (Filename = 'SLEEP.COM')
2018-12-17T21:53:54.624061738Z 63 PC: 15436 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T21:53:54.629384318Z 87 PC: 15453 | Get or set file date and time
2018-12-17T21:53:54.631742977Z 66 PC: 154be | Move file pointer
2018-12-17T21:53:54.634223043Z 64 PC: 154c5 | Write file or device (Write 456 bytes on handle 5)
2018-12-17T21:53:54.642048766Z 66 PC: 154be | Move file pointer
2018-12-17T21:53:54.64347642Z 64 PC: 154c5 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T21:53:54.650309971Z 87 PC: 1546b | Get or set file date and time
2018-12-17T21:53:54.651854594Z 62 PC: 1546f | Close file
2018-12-17T21:53:54.65936723Z 67 PC: 154b4 | Get or set file attributes
2018-12-17T21:53:54.669380954Z 79 PC: 15403 | Find next file
2018-12-17T21:53:54.672013234Z 67 PC: 1541c | Get or set file attributes
2018-12-17T21:53:54.682238014Z 67 PC: 154b4 | Get or set file attributes
2018-12-17T21:53:54.691957478Z 61 PC: 1542a | Open file (Filename = 'PRINT.COM')
2018-12-17T21:53:54.698112411Z 63 PC: 15436 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T21:53:54.70395994Z 87 PC: 15453 | Get or set file date and time
2018-12-17T21:53:54.706304784Z 66 PC: 154be | Move file pointer
2018-12-17T21:53:54.707941672Z 64 PC: 154c5 | Write file or device (Write 456 bytes on handle 5)
2018-12-17T21:53:54.710719421Z 66 PC: 154be | Move file pointer
2018-12-17T21:53:54.712763237Z 64 PC: 154c5 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T21:53:54.71552447Z 87 PC: 1546b | Get or set file date and time
2018-12-17T21:53:54.717241901Z 62 PC: 1546f | Close file
2018-12-17T21:53:54.72595035Z 67 PC: 154b4 | Get or set file attributes
2018-12-17T21:53:54.735494443Z 79 PC: 15403 | Find next file
2018-12-17T21:53:54.7381978Z 67 PC: 1541c | Get or set file attributes
2018-12-17T21:53:54.749657448Z 67 PC: 154b4 | Get or set file attributes
2018-12-17T21:53:54.755989443Z 61 PC: 1542a | Open file (Filename = 'HELLO.COM')
2018-12-17T21:53:54.760163412Z 63 PC: 15436 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T21:53:54.764884543Z 87 PC: 15453 | Get or set file date and time
2018-12-17T21:53:54.766240381Z 66 PC: 154be | Move file pointer
2018-12-17T21:53:54.767456451Z 64 PC: 154c5 | Write file or device (Write 456 bytes on handle 5)
2018-12-17T21:53:54.7758899Z 66 PC: 154be | Move file pointer
2018-12-17T21:53:54.777367398Z 64 PC: 154c5 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T21:53:54.783624968Z 87 PC: 1546b | Get or set file date and time
2018-12-17T21:53:54.785569524Z 62 PC: 1546f | Close file
2018-12-17T21:53:54.793195977Z 67 PC: 154b4 | Get or set file attributes
2018-12-17T21:53:54.803371261Z 79 PC: 15403 | Find next file
2018-12-17T21:53:54.807099302Z 67 PC: 1541c | Get or set file attributes
2018-12-17T21:53:54.813521925Z 67 PC: 154b4 | Get or set file attributes
2018-12-17T21:53:54.82302781Z 61 PC: 1542a | Open file (Filename = 'PHANG.COM')
2018-12-17T21:53:54.831147094Z 63 PC: 15436 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T21:53:54.837701218Z 87 PC: 15453 | Get or set file date and time
2018-12-17T21:53:54.839283032Z 66 PC: 154be | Move file pointer
2018-12-17T21:53:54.841037684Z 64 PC: 154c5 | Write file or device (Write 456 bytes on handle 5)
2018-12-17T21:53:54.844587411Z 66 PC: 154be | Move file pointer
2018-12-17T21:53:54.846137768Z 64 PC: 154c5 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T21:53:54.848913328Z 87 PC: 1546b | Get or set file date and time
2018-12-17T21:53:54.851173453Z 62 PC: 1546f | Close file
2018-12-17T21:53:54.858415037Z 67 PC: 154b4 | Get or set file attributes
2018-12-17T21:53:54.868268797Z 79 PC: 15403 | Find next file
2018-12-17T21:53:54.872379687Z 67 PC: 1541c | Get or set file attributes
2018-12-17T21:53:54.878762937Z 67 PC: 154b4 | Get or set file attributes
2018-12-17T21:53:54.888669657Z 61 PC: 1542a | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T21:53:54.896550016Z 63 PC: 15436 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T21:53:54.903025314Z 87 PC: 15453 | Get or set file date and time
2018-12-17T21:53:54.904767983Z 66 PC: 154be | Move file pointer
2018-12-17T21:53:54.907650354Z 64 PC: 154c5 | Write file or device (Write 456 bytes on handle 5)
2018-12-17T21:53:54.910484706Z 66 PC: 154be | Move file pointer
2018-12-17T21:53:54.912208306Z 64 PC: 154c5 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T21:53:54.915893868Z 87 PC: 1546b | Get or set file date and time
2018-12-17T21:53:54.917406707Z 62 PC: 1546f | Close file
2018-12-17T21:53:54.924624687Z 67 PC: 154b4 | Get or set file attributes
2018-12-17T21:53:54.935141783Z 79 PC: 15403 | Find next file
2018-12-17T21:53:54.937651884Z 67 PC: 1541c | Get or set file attributes
2018-12-17T21:53:54.943068188Z 67 PC: 154b4 | Get or set file attributes
2018-12-17T21:53:54.96191487Z 61 PC: 1542a | Open file (Filename = 'MANDEL.COM')
2018-12-17T21:53:54.968590448Z 63 PC: 15436 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T21:53:54.974732211Z 87 PC: 15453 | Get or set file date and time
2018-12-17T21:53:54.97667254Z 66 PC: 154be | Move file pointer
2018-12-17T21:53:54.978183299Z 64 PC: 154c5 | Write file or device (Write 456 bytes on handle 5)
2018-12-17T21:53:54.986111771Z 66 PC: 154be | Move file pointer
2018-12-17T21:53:54.987827081Z 64 PC: 154c5 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T21:53:54.994257868Z 87 PC: 1546b | Get or set file date and time
2018-12-17T21:53:54.995915618Z 62 PC: 1546f | Close file
2018-12-17T21:53:55.004260001Z 67 PC: 154b4 | Get or set file attributes
2018-12-17T21:53:55.013853896Z 79 PC: 15403 | Find next file
2018-12-17T21:53:55.016353122Z 67 PC: 1541c | Get or set file attributes
2018-12-17T21:53:55.023750548Z 67 PC: 154b4 | Get or set file attributes
2018-12-17T21:53:55.034006258Z 61 PC: 1542a | Open file (Filename = 'PAH.COM')
2018-12-17T21:53:55.040484272Z 63 PC: 15436 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T21:53:55.048160788Z 87 PC: 15453 | Get or set file date and time
2018-12-17T21:53:55.049554475Z 66 PC: 154be | Move file pointer
2018-12-17T21:53:55.051133841Z 64 PC: 154c5 | Write file or device (Write 456 bytes on handle 5)
2018-12-17T21:53:55.054479335Z 66 PC: 154be | Move file pointer
2018-12-17T21:53:55.055818363Z 64 PC: 154c5 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T21:53:55.058368173Z 87 PC: 1546b | Get or set file date and time
2018-12-17T21:53:55.060862885Z 62 PC: 1546f | Close file
2018-12-17T21:53:55.068301591Z 67 PC: 154b4 | Get or set file attributes
2018-12-17T21:53:55.078153543Z 79 PC: 15403 | Find next file
2018-12-17T21:53:55.081511423Z 67 PC: 1541c | Get or set file attributes
2018-12-17T21:53:55.085458398Z 67 PC: 154b4 | Get or set file attributes
2018-12-17T21:53:55.09539467Z 61 PC: 1542a | Open file (Filename = 'TEST.COM')
2018-12-17T21:53:55.102122903Z 63 PC: 15436 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T21:53:55.106472929Z 87 PC: 15453 | Get or set file date and time
2018-12-17T21:53:55.108237342Z 66 PC: 154be | Move file pointer
2018-12-17T21:53:55.110010819Z 64 PC: 154c5 | Write file or device (Write 456 bytes on handle 5)
2018-12-17T21:53:55.119018849Z 66 PC: 154be | Move file pointer
2018-12-17T21:53:55.120611766Z 64 PC: 154c5 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T21:53:55.123950681Z 87 PC: 1546b | Get or set file date and time
2018-12-17T21:53:55.125700523Z 62 PC: 1546f | Close file
2018-12-17T21:53:55.131254554Z 67 PC: 154b4 | Get or set file attributes
2018-12-17T21:53:55.137852297Z 79 PC: 15403 | Find next file
2018-12-17T21:53:55.139531173Z 87 PC: 1546b | Get or set file date and time
2018-12-17T21:53:55.141064143Z 62 PC: 1546f | Close file
2018-12-17T21:53:55.142231689Z 67 PC: 154b4 | Get or set file attributes
2018-12-17T21:53:55.149082649Z 79 PC: 15403 | Find next file
2018-12-17T21:53:55.151136545Z 87 PC: 1546b | Get or set file date and time
2018-12-17T21:53:55.152344406Z 62 PC: 1546f | Close file
2018-12-17T21:53:55.153344581Z 67 PC: 154b4 | Get or set file attributes
2018-12-17T21:53:55.161909979Z 79 PC: 15403 | Find next file
2018-12-17T21:53:55.163493519Z 87 PC: 1546b | Get or set file date and time
2018-12-17T21:53:55.164503534Z 62 PC: 1546f | Close file
2018-12-17T21:53:55.166228303Z 67 PC: 154b4 | Get or set file attributes
2018-12-17T21:53:55.172357868Z 79 PC: 15403 | Find next file
2018-12-17T21:53:55.173941247Z 87 PC: 1546b | Get or set file date and time
2018-12-17T21:53:55.175547313Z 62 PC: 1546f | Close file
2018-12-17T21:53:55.176693088Z 67 PC: 154b4 | Get or set file attributes
2018-12-17T21:53:55.183989441Z 79 PC: 15403 | Find next file
2018-12-17T21:53:55.186331064Z 87 PC: 1546b | Get or set file date and time
2018-12-17T21:53:55.187801653Z 62 PC: 1546f | Close file
2018-12-17T21:53:55.188977631Z 67 PC: 154b4 | Get or set file attributes
2018-12-17T21:53:55.195267283Z 79 PC: 15403 | Find next file
2018-12-17T21:53:55.196903915Z 87 PC: 1546b | Get or set file date and time
2018-12-17T21:53:55.198462376Z 62 PC: 1546f | Close file
2018-12-17T21:53:55.199705639Z 67 PC: 154b4 | Get or set file attributes
2018-12-17T21:53:55.205846318Z 79 PC: 15403 | Find next file
2018-12-17T21:53:55.208924931Z 87 PC: 1546b | Get or set file date and time
2018-12-17T21:53:55.210901632Z 62 PC: 1546f | Close file
2018-12-17T21:53:55.212844124Z 67 PC: 154b4 | Get or set file attributes
2018-12-17T21:53:55.225660348Z 79 PC: 15403 | Find next file
2018-12-17T21:53:55.228028949Z 87 PC: 1546b | Get or set file date and time
2018-12-17T21:53:55.230206796Z 62 PC: 1546f | Close file
2018-12-17T21:53:55.233043064Z 67 PC: 154b4 | Get or set file attributes
2018-12-17T21:53:55.243375437Z 79 PC: 15403 | Find next file
2018-12-17T21:53:55.246307269Z 59 PC: 154cc | Change current directory
2018-12-17T21:53:55.248523777Z 78 PC: 153e4 | Find first file
2018-12-17T21:53:55.2543705Z 59 PC: 154cc | Change current directory
2018-12-17T21:53:55.255938044Z 78 PC: 153e4 | Find first file
2018-12-17T21:53:55.262209849Z 59 PC: 154cc | Change current directory
2018-12-17T21:53:55.263841996Z 78 PC: 153e4 | Find first file
2018-12-17T21:53:55.269492681Z 59 PC: 154cc | Change current directory
2018-12-17T21:53:55.274493432Z 37 PC: 153a2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:53:55.275693702Z 59 PC: 154cc | Change current directory
2018-12-17T21:53:55.277258354Z 26 PC: 153b2 | Set disk transfer address
2018-12-17T21:53:55.302951478Z 37 PC: 1526b | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T21:53:55.304040575Z 250 PC: 15274 | UNKNOWN!
2018-12-17T21:53:55.304801477Z 26 PC: 151c7 | Set disk transfer address
2018-12-17T21:53:55.306045214Z 71 PC: 151a6 | Get current directory
2018-12-17T21:53:55.30967011Z 78 PC: 151b7 | Find first file
2018-12-17T21:53:55.315444547Z 61 PC: 1527d | Open file (Filename = 'SLEEP.COM')
2018-12-17T21:53:55.322076626Z 63 PC: 151d9 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T21:53:55.328569122Z 62 PC: 151dd | Close file
2018-12-17T21:53:55.331330781Z 67 PC: 15288 | Get or set file attributes
2018-12-17T21:53:55.349696589Z 61 PC: 1527d | Open file (Filename = 'SLEEP.COM')
2018-12-17T21:53:55.356220747Z 64 PC: 15226 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T21:53:55.360482898Z 66 PC: 15232 | Move file pointer
2018-12-17T21:53:55.361966869Z 44 PC: 15236 | Get time 0x15236: mov word ptr ds:[bp + 0x118], dx
0x1523b: call 0x25165
0x1523e: mov ax, 0x5701
0x15241: mov cx, word ptr ds:[bp + 0x2aa]
0x15246: mov dx, word ptr ds:[bp + 0x2ac]
0x1524b: int 0x21
0x1524d: mov ah, 0x3e
0x1524f: int 0x21
0x15251: xor cx, cx
0x15253: mov cl, byte ptr ds:[bp + 0x2a9]
0x15258: call 0x1527f
0x1525b: ret
0x1525c: mov cx, 0x9eb
0x1525f: mov ax, 0xfe05
0x15262: jmp 0x15260
0x15264: add ah, 0x3b
0x15267: jmp 0x1525d
0x15269: int 0x21
0x1526b: ret
0x1526c: mov ax, 0xfa01
2018-12-17T21:53:55.36424956Z 64 PC: 15173 | Write file or device (Write 467 bytes on handle 5)
2018-12-17T21:53:55.374668306Z 87 PC: 1524d | Get or set file date and time
2018-12-17T21:53:55.376183708Z 62 PC: 15251 | Close file
2018-12-17T21:53:55.383897491Z 67 PC: 15288 | Get or set file attributes
2018-12-17T21:53:55.39460169Z 42 PC: 152a7 | Get date 0x152a7: cmp al, 4
0x152a9: je 0x152ac
0x152ab: ret
0x152ac: jmp 0x152ae
0x152ae: cli
0x152af: cdq
0x152b0: mov al, 2
0x152b2: mov cx, 0xff
0x152b5: int 0x26
0x152b7: sti
0x152b8: jb 0x152ba
0x152ba: ret
0x152bb: sub ch, byte ptr [0x4f43]
0x152bf: dec bp
0x152c0: add byte ptr [0x2e], ch
0x152c4: add byte ptr [bp + di + 0x32], dl
0x152c7: push di
0x152c8: push si
0x152c9: jle 0x152ff
0x152cb: inc bx
2018-12-17T21:53:55.397025154Z 79 PC: 151b7 | Find next file
2018-12-17T21:53:55.399784617Z 61 PC: 1527d | Open file (Filename = 'PRINT.COM')
2018-12-17T21:53:55.407625694Z 63 PC: 151d9 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T21:53:55.415128021Z 62 PC: 151dd | Close file
2018-12-17T21:53:55.416979649Z 67 PC: 15288 | Get or set file attributes
2018-12-17T21:53:55.42914724Z 61 PC: 1527d | Open file (Filename = 'PRINT.COM')
2018-12-17T21:53:55.435760503Z 64 PC: 15226 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T21:53:55.438587615Z 66 PC: 15232 | Move file pointer
2018-12-17T21:53:55.441319939Z 44 PC: 15236 | Get time 0x15236: mov word ptr ds:[bp + 0x118], dx
0x1523b: call 0x25165
0x1523e: mov ax, 0x5701
0x15241: mov cx, word ptr ds:[bp + 0x2aa]
0x15246: mov dx, word ptr ds:[bp + 0x2ac]
0x1524b: int 0x21
0x1524d: mov ah, 0x3e
0x1524f: int 0x21
0x15251: xor cx, cx
0x15253: mov cl, byte ptr ds:[bp + 0x2a9]
0x15258: call 0x1527f
0x1525b: ret
0x1525c: mov cx, 0x9eb
0x1525f: mov ax, 0xfe05
0x15262: jmp 0x15260
0x15264: add ah, 0x3b
0x15267: jmp 0x1525d
0x15269: int 0x21
0x1526b: ret
0x1526c: mov ax, 0xfa01
2018-12-17T21:53:55.443649971Z 64 PC: 15173 | Write file or device (Write 467 bytes on handle 5)
2018-12-17T21:53:55.452239102Z 87 PC: 1524d | Get or set file date and time
2018-12-17T21:53:55.454809374Z 62 PC: 15251 | Close file
2018-12-17T21:53:55.463135987Z 67 PC: 15288 | Get or set file attributes
2018-12-17T21:53:55.473574729Z 42 PC: 152a7 | Get date 0x152a7: cmp al, 4
0x152a9: je 0x152ac
0x152ab: ret
0x152ac: jmp 0x152ae
0x152ae: cli
0x152af: cdq
0x152b0: mov al, 2
0x152b2: mov cx, 0xff
0x152b5: int 0x26
0x152b7: sti
0x152b8: jb 0x152ba
0x152ba: ret
0x152bb: sub ch, byte ptr [0x4f43]
0x152bf: dec bp
0x152c0: add byte ptr [0x2e], ch
0x152c4: add byte ptr [bp + di + 0x32], dl
0x152c7: push di
0x152c8: push si
0x152c9: jle 0x152ff
0x152cb: inc bx
2018-12-17T21:53:55.476813625Z 79 PC: 151b7 | Find next file
2018-12-17T21:53:55.479920409Z 61 PC: 1527d | Open file (Filename = 'HELLO.COM')
2018-12-17T21:53:55.486543604Z 63 PC: 151d9 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T21:53:55.494235254Z 62 PC: 151dd | Close file
2018-12-17T21:53:55.495582777Z 67 PC: 15288 | Get or set file attributes
2018-12-17T21:53:55.501815139Z 61 PC: 1527d | Open file (Filename = 'HELLO.COM')
2018-12-17T21:53:55.50658215Z 64 PC: 15226 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T21:53:55.50967456Z 66 PC: 15232 | Move file pointer
2018-12-17T21:53:55.511017135Z 44 PC: 15236 | Get time 0x15236: mov word ptr ds:[bp + 0x118], dx
0x1523b: call 0x25165
0x1523e: mov ax, 0x5701
0x15241: mov cx, word ptr ds:[bp + 0x2aa]
0x15246: mov dx, word ptr ds:[bp + 0x2ac]
0x1524b: int 0x21
0x1524d: mov ah, 0x3e
0x1524f: int 0x21
0x15251: xor cx, cx
0x15253: mov cl, byte ptr ds:[bp + 0x2a9]
0x15258: call 0x1527f
0x1525b: ret
0x1525c: mov cx, 0x9eb
0x1525f: mov ax, 0xfe05
0x15262: jmp 0x15260
0x15264: add ah, 0x3b
0x15267: jmp 0x1525d
0x15269: int 0x21
0x1526b: ret
0x1526c: mov ax, 0xfa01
2018-12-17T21:53:55.513809549Z 64 PC: 15173 | Write file or device (Write 467 bytes on handle 5)
2018-12-17T21:53:55.519673828Z 87 PC: 1524d | Get or set file date and time
2018-12-17T21:53:55.520774092Z 62 PC: 15251 | Close file
2018-12-17T21:53:55.526040446Z 67 PC: 15288 | Get or set file attributes
2018-12-17T21:53:55.532299405Z 42 PC: 152a7 | Get date 0x152a7: cmp al, 4
0x152a9: je 0x152ac
0x152ab: ret
0x152ac: jmp 0x152ae
0x152ae: cli
0x152af: cdq
0x152b0: mov al, 2
0x152b2: mov cx, 0xff
0x152b5: int 0x26
0x152b7: sti
0x152b8: jb 0x152ba
0x152ba: ret
0x152bb: sub ch, byte ptr [0x4f43]
0x152bf: dec bp
0x152c0: add byte ptr [0x2e], ch
0x152c4: add byte ptr [bp + di + 0x32], dl
0x152c7: push di
0x152c8: push si
0x152c9: jle 0x152ff
0x152cb: inc bx
2018-12-17T21:53:55.533842139Z 79 PC: 151b7 | Find next file
2018-12-17T21:53:55.536386299Z 61 PC: 1527d | Open file (Filename = 'PHANG.COM')
2018-12-17T21:53:55.540411183Z 63 PC: 151d9 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T21:53:55.544552143Z 62 PC: 151dd | Close file
2018-12-17T21:53:55.545903824Z 67 PC: 15288 | Get or set file attributes
2018-12-17T21:53:55.558640467Z 61 PC: 1527d | Open file (Filename = 'PHANG.COM')
2018-12-17T21:53:55.566643547Z 64 PC: 15226 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T21:53:55.570798544Z 66 PC: 15232 | Move file pointer
2018-12-17T21:53:55.572193981Z 44 PC: 15236 | Get time 0x15236: mov word ptr ds:[bp + 0x118], dx
0x1523b: call 0x25165
0x1523e: mov ax, 0x5701
0x15241: mov cx, word ptr ds:[bp + 0x2aa]
0x15246: mov dx, word ptr ds:[bp + 0x2ac]
0x1524b: int 0x21
0x1524d: mov ah, 0x3e
0x1524f: int 0x21
0x15251: xor cx, cx
0x15253: mov cl, byte ptr ds:[bp + 0x2a9]
0x15258: call 0x1527f
0x1525b: ret
0x1525c: mov cx, 0x9eb
0x1525f: mov ax, 0xfe05
0x15262: jmp 0x15260
0x15264: add ah, 0x3b
0x15267: jmp 0x1525d
0x15269: int 0x21
0x1526b: ret
0x1526c: mov ax, 0xfa01
2018-12-17T21:53:55.574858076Z 64 PC: 15173 | Write file or device (Write 467 bytes on handle 5)
2018-12-17T21:53:55.582788751Z 87 PC: 1524d | Get or set file date and time
2018-12-17T21:53:55.58415618Z 62 PC: 15251 | Close file
2018-12-17T21:53:55.592706903Z 67 PC: 15288 | Get or set file attributes
2018-12-17T21:53:55.602784546Z 42 PC: 152a7 | Get date 0x152a7: cmp al, 4
0x152a9: je 0x152ac
0x152ab: ret
0x152ac: jmp 0x152ae
0x152ae: cli
0x152af: cdq
0x152b0: mov al, 2
0x152b2: mov cx, 0xff
0x152b5: int 0x26
0x152b7: sti
0x152b8: jb 0x152ba
0x152ba: ret
0x152bb: sub ch, byte ptr [0x4f43]
0x152bf: dec bp
0x152c0: add byte ptr [0x2e], ch
0x152c4: add byte ptr [bp + di + 0x32], dl
0x152c7: push di
0x152c8: push si
0x152c9: jle 0x152ff
0x152cb: inc bx
2018-12-17T21:53:55.604900781Z 79 PC: 151b7 | Find next file
2018-12-17T21:53:55.60827399Z 61 PC: 1527d | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T21:53:55.615005453Z 63 PC: 151d9 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T21:53:55.621704564Z 62 PC: 151dd | Close file
2018-12-17T21:53:55.625083861Z 67 PC: 15288 | Get or set file attributes
2018-12-17T21:53:55.629445543Z 61 PC: 1527d | Open file (Filename = 'PRINTA~1.COM��TN�!���L�!Hello, World!�')
2018-12-17T21:53:55.634814495Z 64 PC: 15226 | Write file or device (Write 5 bytes on handle 2)
2018-12-17T21:53:55.639054584Z 66 PC: 15232 | Move file pointer
2018-12-17T21:53:55.640757776Z 44 PC: 15236 | Get time 0x15236: mov word ptr ds:[bp + 0x118], dx
0x1523b: call 0x25165
0x1523e: mov ax, 0x5701
0x15241: mov cx, word ptr ds:[bp + 0x2aa]
0x15246: mov dx, word ptr ds:[bp + 0x2ac]
0x1524b: int 0x21
0x1524d: mov ah, 0x3e
0x1524f: int 0x21
0x15251: xor cx, cx
0x15253: mov cl, byte ptr ds:[bp + 0x2a9]
0x15258: call 0x1527f
0x1525b: ret
0x1525c: mov cx, 0x9eb
0x1525f: mov ax, 0xfe05
0x15262: jmp 0x15260
0x15264: add ah, 0x3b
0x15267: jmp 0x1525d
0x15269: int 0x21
0x1526b: ret
0x1526c: mov ax, 0xfa01
2018-12-17T21:53:55.643317396Z 64 PC: 15173 | Write file or device (Write 467 bytes on handle 2)
2018-12-17T21:53:55.658403962Z 87 PC: 1524d | Get or set file date and time
2018-12-17T21:53:55.660221944Z 62 PC: 15251 | Close file
2018-12-17T21:53:55.662309121Z 67 PC: 15288 | Get or set file attributes
2018-12-17T21:53:55.668905541Z 42 PC: 152a7 | Get date 0x152a7: cmp al, 4
0x152a9: je 0x152ac
0x152ab: ret
0x152ac: jmp 0x152ae
0x152ae: cli
0x152af: cdq
0x152b0: mov al, 2
0x152b2: mov cx, 0xff
0x152b5: int 0x26
0x152b7: sti
0x152b8: jb 0x152ba
0x152ba: ret
0x152bb: sub ch, byte ptr [0x4f43]
0x152bf: dec bp
0x152c0: add byte ptr [0x2e], ch
0x152c4: add byte ptr [bp + di + 0x32], dl
0x152c7: push di
0x152c8: push si
0x152c9: jle 0x152ff
0x152cb: inc bx
2018-12-17T21:53:55.671353498Z 79 PC: 151b7 | Find next file
2018-12-17T21:53:55.674538039Z 61 PC: 1527d | Open file (Filename = 'MANDEL.COM')
2018-12-17T21:53:55.682225318Z 63 PC: 151d9 | Read file or device (Read 26 bytes on handle 2)
2018-12-17T21:53:55.689891864Z 62 PC: 151dd | Close file
2018-12-17T21:53:55.692996644Z 67 PC: 15288 | Get or set file attributes
2018-12-17T21:53:55.703460717Z 61 PC: 1527d | Open file (Filename = 'MANDEL.COM')
2018-12-17T21:53:55.71040579Z 64 PC: 15226 | Write file or device (Write 5 bytes on handle 2)
2018-12-17T21:53:55.714324667Z 66 PC: 15232 | Move file pointer
2018-12-17T21:53:55.71642938Z 44 PC: 15236 | Get time 0x15236: mov word ptr ds:[bp + 0x118], dx
0x1523b: call 0x25165
0x1523e: mov ax, 0x5701
0x15241: mov cx, word ptr ds:[bp + 0x2aa]
0x15246: mov dx, word ptr ds:[bp + 0x2ac]
0x1524b: int 0x21
0x1524d: mov ah, 0x3e
0x1524f: int 0x21
0x15251: xor cx, cx
0x15253: mov cl, byte ptr ds:[bp + 0x2a9]
0x15258: call 0x1527f
0x1525b: ret
0x1525c: mov cx, 0x9eb
0x1525f: mov ax, 0xfe05
0x15262: jmp 0x15260
0x15264: add ah, 0x3b
0x15267: jmp 0x1525d
0x15269: int 0x21
0x1526b: ret
0x1526c: mov ax, 0xfa01
2018-12-17T21:53:55.718988898Z 64 PC: 15173 | Write file or device (Write 467 bytes on handle 2)
2018-12-17T21:53:55.728789819Z 87 PC: 1524d | Get or set file date and time
2018-12-17T21:53:55.731082606Z 62 PC: 15251 | Close file
2018-12-17T21:53:55.739029839Z 67 PC: 15288 | Get or set file attributes
2018-12-17T21:53:55.750560863Z 42 PC: 152a7 | Get date 0x152a7: cmp al, 4
0x152a9: je 0x152ac
0x152ab: ret
0x152ac: jmp 0x152ae
0x152ae: cli
0x152af: cdq
0x152b0: mov al, 2
0x152b2: mov cx, 0xff
0x152b5: int 0x26
0x152b7: sti
0x152b8: jb 0x152ba
0x152ba: ret
0x152bb: sub ch, byte ptr [0x4f43]
0x152bf: dec bp
0x152c0: add byte ptr [0x2e], ch
0x152c4: add byte ptr [bp + di + 0x32], dl
0x152c7: push di
0x152c8: push si
0x152c9: jle 0x152ff
0x152cb: inc bx
2018-12-17T21:53:55.75291042Z 79 PC: 151b7 | Find next file
2018-12-17T21:53:55.75544624Z 61 PC: 1527d | Open file (Filename = 'PAH.COM')
2018-12-17T21:53:55.763240542Z 63 PC: 151d9 | Read file or device (Read 26 bytes on handle 2)
2018-12-17T21:53:55.769929853Z 62 PC: 151dd | Close file
2018-12-17T21:53:55.772138595Z 67 PC: 15288 | Get or set file attributes
2018-12-17T21:53:55.794693141Z 61 PC: 1527d | Open file (Filename = 'PAH.COM')
2018-12-17T21:53:55.801587723Z 64 PC: 15226 | Write file or device (Write 5 bytes on handle 2)
2018-12-17T21:53:55.80498848Z 66 PC: 15232 | Move file pointer
2018-12-17T21:53:55.806712525Z 44 PC: 15236 | Get time 0x15236: mov word ptr ds:[bp + 0x118], dx
0x1523b: call 0x25165
0x1523e: mov ax, 0x5701
0x15241: mov cx, word ptr ds:[bp + 0x2aa]
0x15246: mov dx, word ptr ds:[bp + 0x2ac]
0x1524b: int 0x21
0x1524d: mov ah, 0x3e
0x1524f: int 0x21
0x15251: xor cx, cx
0x15253: mov cl, byte ptr ds:[bp + 0x2a9]
0x15258: call 0x1527f
0x1525b: ret
0x1525c: mov cx, 0x9eb
0x1525f: mov ax, 0xfe05
0x15262: jmp 0x15260
0x15264: add ah, 0x3b
0x15267: jmp 0x1525d
0x15269: int 0x21
0x1526b: ret
0x1526c: mov ax, 0xfa01
2018-12-17T21:53:55.809013139Z 64 PC: 15173 | Write file or device (Write 467 bytes on handle 2)
2018-12-17T21:53:55.818026096Z 87 PC: 1524d | Get or set file date and time
2018-12-17T21:53:55.820029456Z 62 PC: 15251 | Close file
2018-12-17T21:53:55.828593343Z 67 PC: 15288 | Get or set file attributes
2018-12-17T21:53:55.839496499Z 42 PC: 152a7 | Get date 0x152a7: cmp al, 4
0x152a9: je 0x152ac
0x152ab: ret
0x152ac: jmp 0x152ae
0x152ae: cli
0x152af: cdq
0x152b0: mov al, 2
0x152b2: mov cx, 0xff
0x152b5: int 0x26
0x152b7: sti
0x152b8: jb 0x152ba
0x152ba: ret
0x152bb: sub ch, byte ptr [0x4f43]
0x152bf: dec bp
0x152c0: add byte ptr [0x2e], ch
0x152c4: add byte ptr [bp + di + 0x32], dl
0x152c7: push di
0x152c8: push si
0x152c9: jle 0x152ff
0x152cb: inc bx
2018-12-17T21:53:55.841959712Z 79 PC: 151b7 | Find next file
2018-12-17T21:53:55.844503515Z 61 PC: 1527d | Open file (Filename = 'TEST.COM')
2018-12-17T21:53:55.851540838Z 63 PC: 151d9 | Read file or device (Read 26 bytes on handle 2)
2018-12-17T21:53:55.858062206Z 62 PC: 151dd | Close file
2018-12-17T21:53:55.859946033Z 42 PC: 152a7 | Get date 0x152a7: cmp al, 4
0x152a9: je 0x152ac
0x152ab: ret
0x152ac: jmp 0x152ae
0x152ae: cli
0x152af: cdq
0x152b0: mov al, 2
0x152b2: mov cx, 0xff
0x152b5: int 0x26
0x152b7: sti
0x152b8: jb 0x152ba
0x152ba: ret
0x152bb: sub ch, byte ptr [0x4f43]
0x152bf: dec bp
0x152c0: add byte ptr [0x2e], ch
0x152c4: add byte ptr [bp + di + 0x32], dl
0x152c7: push di
0x152c8: push si
0x152c9: jle 0x152ff
0x152cb: inc bx
2018-12-17T21:53:55.863258583Z 79 PC: 151b7 | Find next file
2018-12-17T21:53:55.865244605Z 59 PC: 15298 | Change current directory
2018-12-17T21:53:55.869679771Z 59 PC: 152a2 | Change current directory
2018-12-17T21:53:55.872784961Z 26 PC: 151c7 | Set disk transfer address
2018-12-17T21:53:55.873926593Z 9 PC: 12a51 | Display string (String= 'This is a sample! (10.000 bytes)')
2018-12-17T21:53:55.878226698Z 76 PC: 12a56 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":416,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:40:52.905559081Z 26 PC: 15538 | Set disk transfer address
2018-12-25T11:40:52.912726352Z 78 PC: 15543 | Find first file
2018-12-25T11:40:52.91921756Z 67 PC: 155b9 | Get or set file attributes
2018-12-25T11:40:52.934824574Z 61 PC: 155bf | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:40:52.94913844Z 87 PC: 155c5 | Get or set file date and time
2018-12-25T11:40:52.950633685Z 63 PC: 155d2 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:40:52.957469421Z 87 PC: 1563b | Get or set file date and time
2018-12-25T11:40:52.959852257Z 62 PC: 1563f | Close file
2018-12-25T11:40:52.966745464Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:52.969546373Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:52.979943522Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:52.986258659Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:52.987565981Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:52.995211507Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:52.999138648Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.006246979Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.008853446Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.021691263Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.028476938Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.030159273Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.036929492Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.038258297Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.0452413Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.048783252Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.05849693Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.064977883Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.06732005Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.073632154Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.075109038Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.094438299Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.097603882Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.106763756Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.113644931Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.116717218Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.122628572Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.124738914Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.13151854Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.133911086Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.144496781Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.15083262Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.152123722Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.165936939Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.167513532Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.171939571Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.176038484Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.18614709Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.193049875Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.195322776Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.201659046Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.20298171Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.210215117Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.216747249Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.222811732Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.229925287Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.231005728Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.237586362Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.239712143Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.246574489Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.248883551Z 59 PC: 1554d | Change current directory
2018-12-25T11:40:53.252977129Z 42 PC: 15553 | Get date 0x15553: cmp al, 6
0x15555: je 0x15563
0x15557: cmp al, 0
0x15559: je 0x15563
0x1555b: mov dx, 0x80
0x1555e: mov ah, 0x1a
0x15560: int 0x21
0x15562: ret
0x15563: mov ah, 0xe
0x15565: mov dl, 2
0x15567: int 0x21
0x15569: mov ah, 0x3b
0x1556b: lea dx, word ptr [bp + 0x285]
0x1556f: int 0x21
0x15571: mov ah, 0x4e
0x15573: lea dx, word ptr [bp + 0x287]
0x15577: mov cx, 3
0x1557a: int 0x21
0x1557c: jb 0x1555b
0x1557e: lea dx, word ptr [bp + 0x2bc]
2018-12-25T11:40:53.255348023Z 26 PC: 15562 | Set disk transfer address
2018-12-25T11:40:53.256371572Z 26 PC: 1533e | Set disk transfer address
2018-12-25T11:40:53.257332572Z 71 PC: 15348 | Get current directory
2018-12-25T11:40:53.260437521Z 53 PC: 1534d | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:53.261451143Z 37 PC: 1535d | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:53.26244488Z 78 PC: 15403 | Find first file
2018-12-25T11:40:53.268419679Z 67 PC: 1541c | Get or set file attributes
2018-12-25T11:40:53.278308751Z 67 PC: 154b4 | Get or set file attributes
2018-12-25T11:40:53.290266741Z 61 PC: 1542a | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:40:53.303097475Z 63 PC: 15436 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:40:53.309088027Z 87 PC: 15453 | Get or set file date and time
2018-12-25T11:40:53.31035618Z 66 PC: 154be | Move file pointer
2018-12-25T11:40:53.313387345Z 64 PC: 154c5 | Write file or device (Write 456 bytes on handle 5)
2018-12-25T11:40:53.321086042Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:53.322418914Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:53.32978852Z 87 PC: 1546b | Get or set file date and time
2018-12-25T11:40:53.331634576Z 62 PC: 1546f | Close file
2018-12-25T11:40:53.339401753Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:53.349482232Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:53.352042968Z 67 PC: 1541c | Get or set file attributes (See above)
2018-12-25T11:40:53.35742908Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:53.367573924Z 61 PC: 1542a | Open file (See above)
2018-12-25T11:40:53.373876471Z 63 PC: 15436 | Read file or device (See above)
2018-12-25T11:40:53.380005077Z 87 PC: 15453 | Get or set file date and time (See above)
2018-12-25T11:40:53.382099153Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:53.383377553Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:53.385840334Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:53.388112332Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:53.391252047Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:53.392778191Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:53.400198305Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:53.409492691Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:53.412146915Z 67 PC: 1541c | Get or set file attributes (See above)
2018-12-25T11:40:53.417929203Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:53.430205489Z 61 PC: 1542a | Open file (See above)
2018-12-25T11:40:53.434478187Z 63 PC: 15436 | Read file or device (See above)
2018-12-25T11:40:53.439197404Z 87 PC: 15453 | Get or set file date and time (See above)
2018-12-25T11:40:53.440247809Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:53.441326669Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:53.449651945Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:53.450888331Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:53.457046557Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:53.458906183Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:53.466379768Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:53.475800604Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:53.478952062Z 67 PC: 1541c | Get or set file attributes (See above)
2018-12-25T11:40:53.484760359Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:53.497237699Z 61 PC: 1542a | Open file (See above)
2018-12-25T11:40:53.504074899Z 63 PC: 15436 | Read file or device (See above)
2018-12-25T11:40:53.509978007Z 87 PC: 15453 | Get or set file date and time (See above)
2018-12-25T11:40:53.511207814Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:53.513021835Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:53.515461174Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:53.516630883Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:53.51992065Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:53.521784525Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:53.528605332Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:53.538490984Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:53.540913945Z 67 PC: 1541c | Get or set file attributes (See above)
2018-12-25T11:40:53.54635612Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:53.558459377Z 61 PC: 1542a | Open file (See above)
2018-12-25T11:40:53.562662575Z 63 PC: 15436 | Read file or device (See above)
2018-12-25T11:40:53.566682806Z 87 PC: 15453 | Get or set file date and time (See above)
2018-12-25T11:40:53.568285771Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:53.569378822Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:53.571176608Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:53.582159464Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:53.58385147Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:53.584813812Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:53.883141944Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:53.893159716Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:53.902251282Z 67 PC: 1541c | Get or set file attributes (See above)
2018-12-25T11:40:53.908229247Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:53.921297004Z 61 PC: 1542a | Open file (See above)
2018-12-25T11:40:53.928732441Z 63 PC: 15436 | Read file or device (See above)
2018-12-25T11:40:53.935210102Z 87 PC: 15453 | Get or set file date and time (See above)
2018-12-25T11:40:53.937120764Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:53.938523697Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:53.946469647Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:53.949173917Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:53.955863085Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:53.957634802Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:53.966143502Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:53.976797643Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:53.979835858Z 67 PC: 1541c | Get or set file attributes (See above)
2018-12-25T11:40:53.98587146Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:53.996345567Z 61 PC: 1542a | Open file (See above)
2018-12-25T11:40:54.003386798Z 63 PC: 15436 | Read file or device (See above)
2018-12-25T11:40:54.012633087Z 87 PC: 15453 | Get or set file date and time (See above)
2018-12-25T11:40:54.014241428Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.016855655Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.021049782Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.022787499Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.025222482Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.02758869Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.033748895Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.041382464Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.043724518Z 67 PC: 1541c | Get or set file attributes (See above)
2018-12-25T11:40:54.049496389Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.060953216Z 61 PC: 1542a | Open file (See above)
2018-12-25T11:40:54.068541762Z 63 PC: 15436 | Read file or device (See above)
2018-12-25T11:40:54.074705067Z 87 PC: 15453 | Get or set file date and time (See above)
2018-12-25T11:40:54.076143809Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.078194292Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.086659364Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.088358555Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.093188272Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.094932151Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.102562503Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.112420758Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.114746481Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.116505361Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.118583472Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.14291735Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.145525967Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.148062216Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.149816248Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.159400136Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.161340724Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.162873501Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.164986857Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.175433805Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.177962901Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.180508028Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.193284244Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.213330508Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.216640221Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.218500106Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.220265222Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.23899166Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.241309779Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.242859734Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.244800951Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.254658171Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.256940646Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.258961336Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.260408564Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.270144076Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.272925889Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.274282441Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.27582842Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.286292701Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.288758794Z 59 PC: 154cc | Change current directory
2018-12-25T11:40:54.290772543Z 78 PC: 153e4 | Find first file
2018-12-25T11:40:54.297456695Z 59 PC: 154cc | Change current directory (See above)
2018-12-25T11:40:54.299101483Z 78 PC: 153e4 | Find first file (See above)
2018-12-25T11:40:54.304731376Z 59 PC: 154cc | Change current directory (See above)
2018-12-25T11:40:54.306906842Z 78 PC: 153e4 | Find first file (See above)
2018-12-25T11:40:54.31787612Z 59 PC: 154cc | Change current directory (See above)
2018-12-25T11:40:54.322538054Z 37 PC: 153a2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:54.329252956Z 59 PC: 154cc | Change current directory (See above)
2018-12-25T11:40:54.330973609Z 26 PC: 153b2 | Set disk transfer address
2018-12-25T11:40:54.376570058Z 37 PC: 1526b | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T11:40:54.378440226Z 250 PC: 15274 | UNKNOWN!
2018-12-25T11:40:54.379498972Z 26 PC: 151c7 | Set disk transfer address
2018-12-25T11:40:54.38145483Z 71 PC: 151a6 | Get current directory
2018-12-25T11:40:54.384639393Z 78 PC: 151b7 | Find first file
2018-12-25T11:40:54.390404618Z 61 PC: 1527d | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:40:54.397721625Z 63 PC: 151d9 | Read file or device (Read 26 bytes on handle 5)
2018-12-25T11:40:54.403696057Z 62 PC: 151dd | Close file
2018-12-25T11:40:54.405342449Z 67 PC: 15288 | Get or set file attributes
2018-12-25T11:40:54.415845069Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:54.422135159Z 64 PC: 15226 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T11:40:54.42481526Z 66 PC: 15232 | Move file pointer
2018-12-25T11:40:54.427032131Z 44 PC: 15236 | Get time 0x15236: mov word ptr ds:[bp + 0x118], dx
0x1523b: call 0x25165
0x1523e: mov ax, 0x5701
0x15241: mov cx, word ptr ds:[bp + 0x2aa]
0x15246: mov dx, word ptr ds:[bp + 0x2ac]
0x1524b: int 0x21
0x1524d: mov ah, 0x3e
0x1524f: int 0x21
0x15251: xor cx, cx
0x15253: mov cl, byte ptr ds:[bp + 0x2a9]
0x15258: call 0x1527f
0x1525b: ret
0x1525c: mov cx, 0x9eb
0x1525f: mov ax, 0xfe05
0x15262: jmp 0x15260
0x15264: add ah, 0x3b
0x15267: jmp 0x1525d
0x15269: int 0x21
0x1526b: ret
0x1526c: mov ax, 0xfa01
2018-12-25T11:40:54.429357063Z 64 PC: 15173 | Write file or device (Write 467 bytes on handle 5)
2018-12-25T11:40:54.43759093Z 87 PC: 1524d | Get or set file date and time
2018-12-25T11:40:54.439513753Z 62 PC: 15251 | Close file
2018-12-25T11:40:54.447581437Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:54.457035575Z 42 PC: 152a7 | Get date 0x152a7: cmp al, 4
0x152a9: je 0x152ac
0x152ab: ret
0x152ac: jmp 0x152ae
0x152ae: cli
0x152af: cdq
0x152b0: mov al, 2
0x152b2: mov cx, 0xff
0x152b5: int 0x26
0x152b7: sti
0x152b8: jb 0x152ba
0x152ba: ret
0x152bb: sub ch, byte ptr [0x4f43]
0x152bf: dec bp
0x152c0: add byte ptr [0x2e], ch
0x152c4: add byte ptr [bp + di + 0x32], dl
0x152c7: push di
0x152c8: push si
0x152c9: jle 0x152ff
0x152cb: inc bx
2018-12-25T11:40:54.460042032Z 79 PC: 151b7 | Find next file (See above)
2018-12-25T11:40:54.463218576Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:54.470024224Z 63 PC: 151d9 | Read file or device (See above)
2018-12-25T11:40:54.477040946Z 62 PC: 151dd | Close file (See above)
2018-12-25T11:40:54.478735565Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:54.488467532Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:54.495843596Z 64 PC: 15226 | Write file or device (See above)
2018-12-25T11:40:54.498903841Z 66 PC: 15232 | Move file pointer (See above)
2018-12-25T11:40:54.500541162Z 44 PC: 15236 | Get time (See above)
2018-12-25T11:40:54.504280407Z 64 PC: 15173 | Write file or device (See above)
2018-12-25T11:40:54.513031433Z 87 PC: 1524d | Get or set file date and time (See above)
2018-12-25T11:40:54.51479526Z 62 PC: 15251 | Close file (See above)
2018-12-25T11:40:54.52296509Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:54.535659669Z 42 PC: 152a7 | Get date (See above)
2018-12-25T11:40:54.538183018Z 79 PC: 151b7 | Find next file (See above)
2018-12-25T11:40:54.542895236Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:54.549972898Z 63 PC: 151d9 | Read file or device (See above)
2018-12-25T11:40:54.556361471Z 62 PC: 151dd | Close file (See above)
2018-12-25T11:40:54.558837706Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:54.568754119Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:54.58037538Z 64 PC: 15226 | Write file or device (See above)
2018-12-25T11:40:54.587834453Z 66 PC: 15232 | Move file pointer (See above)
2018-12-25T11:40:54.589522561Z 44 PC: 15236 | Get time (See above)
2018-12-25T11:40:54.592062062Z 64 PC: 15173 | Write file or device (See above)
2018-12-25T11:40:54.600445835Z 87 PC: 1524d | Get or set file date and time (See above)
2018-12-25T11:40:54.601900218Z 62 PC: 15251 | Close file (See above)
2018-12-25T11:40:54.609937616Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:54.621188365Z 42 PC: 152a7 | Get date (See above)
2018-12-25T11:40:54.623236186Z 79 PC: 151b7 | Find next file (See above)
2018-12-25T11:40:54.625988829Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:54.633277021Z 63 PC: 151d9 | Read file or device (See above)
2018-12-25T11:40:54.639759081Z 62 PC: 151dd | Close file (See above)
2018-12-25T11:40:54.643164124Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:54.653364197Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:54.660063403Z 64 PC: 15226 | Write file or device (See above)
2018-12-25T11:40:54.663779127Z 66 PC: 15232 | Move file pointer (See above)
2018-12-25T11:40:54.665469735Z 44 PC: 15236 | Get time (See above)
2018-12-25T11:40:54.667562778Z 64 PC: 15173 | Write file or device (See above)
2018-12-25T11:40:54.676783655Z 87 PC: 1524d | Get or set file date and time (See above)
2018-12-25T11:40:54.678418524Z 62 PC: 15251 | Close file (See above)
2018-12-25T11:40:54.685713984Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:54.696146019Z 42 PC: 152a7 | Get date (See above)
2018-12-25T11:40:54.698273855Z 79 PC: 151b7 | Find next file (See above)
2018-12-25T11:40:54.700814701Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:54.707875852Z 63 PC: 151d9 | Read file or device (See above)
2018-12-25T11:40:54.714252312Z 62 PC: 151dd | Close file (See above)
2018-12-25T11:40:54.716024347Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:54.720846738Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:54.72544744Z 64 PC: 15226 | Write file or device (See above)
2018-12-25T11:40:54.728134537Z 66 PC: 15232 | Move file pointer (See above)
2018-12-25T11:40:54.730460236Z 44 PC: 15236 | Get time (See above)
2018-12-25T11:40:54.732596376Z 64 PC: 15173 | Write file or device (See above)
2018-12-25T11:40:54.750052453Z 87 PC: 1524d | Get or set file date and time (See above)
2018-12-25T11:40:54.751571972Z 62 PC: 15251 | Close file (See above)
2018-12-25T11:40:54.753167459Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:54.758075703Z 42 PC: 152a7 | Get date (See above)
2018-12-25T11:40:54.760027791Z 79 PC: 151b7 | Find next file (See above)
2018-12-25T11:40:54.762449849Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:54.76903189Z 63 PC: 151d9 | Read file or device (See above)
2018-12-25T11:40:54.773792762Z 62 PC: 151dd | Close file (See above)
2018-12-25T11:40:54.775971478Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:54.785752779Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:54.79211857Z 64 PC: 15226 | Write file or device (See above)
2018-12-25T11:40:54.795790717Z 66 PC: 15232 | Move file pointer (See above)
2018-12-25T11:40:54.797567017Z 44 PC: 15236 | Get time (See above)
2018-12-25T11:40:54.799773829Z 64 PC: 15173 | Write file or device (See above)
2018-12-25T11:40:54.809343224Z 87 PC: 1524d | Get or set file date and time (See above)
2018-12-25T11:40:54.810913311Z 62 PC: 15251 | Close file (See above)
2018-12-25T11:40:54.818532771Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:54.829073935Z 42 PC: 152a7 | Get date (See above)
2018-12-25T11:40:54.831195227Z 79 PC: 151b7 | Find next file (See above)
2018-12-25T11:40:54.833700874Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:54.846098769Z 63 PC: 151d9 | Read file or device (See above)
2018-12-25T11:40:54.852288896Z 62 PC: 151dd | Close file (See above)
2018-12-25T11:40:54.853973072Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:54.864510321Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:54.870973546Z 64 PC: 15226 | Write file or device (See above)
2018-12-25T11:40:54.873559376Z 66 PC: 15232 | Move file pointer (See above)
2018-12-25T11:40:54.875585745Z 44 PC: 15236 | Get time (See above)
2018-12-25T11:40:54.877924093Z 64 PC: 15173 | Write file or device (See above)
2018-12-25T11:40:54.886082532Z 87 PC: 1524d | Get or set file date and time (See above)
2018-12-25T11:40:54.892826409Z 62 PC: 15251 | Close file (See above)
2018-12-25T11:40:54.900125156Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:54.91108549Z 42 PC: 152a7 | Get date (See above)
2018-12-25T11:40:54.913439889Z 79 PC: 151b7 | Find next file (See above)
2018-12-25T11:40:54.916045319Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:54.922853486Z 63 PC: 151d9 | Read file or device (See above)
2018-12-25T11:40:54.929029453Z 62 PC: 151dd | Close file (See above)
2018-12-25T11:40:54.930704186Z 42 PC: 152a7 | Get date (See above)
2018-12-25T11:40:54.933703787Z 79 PC: 151b7 | Find next file (See above)
2018-12-25T11:40:54.936012866Z 59 PC: 15298 | Change current directory
2018-12-25T11:40:54.940058727Z 59 PC: 152a2 | Change current directory
2018-12-25T11:40:54.941831588Z 26 PC: 151c7 | Set disk transfer address (See above)
2018-12-25T11:40:54.942809393Z 9 PC: 12a51 | Display string (String= 'This is a sample! (10.000 bytes)')
2018-12-25T11:40:54.945570265Z 76 PC: 12a56 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":5,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":416,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:40:53.105433395Z 26 PC: 15538 | Set disk transfer address
2018-12-25T11:40:53.107506173Z 78 PC: 15543 | Find first file
2018-12-25T11:40:53.114200172Z 67 PC: 155b9 | Get or set file attributes
2018-12-25T11:40:53.131719933Z 61 PC: 155bf | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:40:53.145088125Z 87 PC: 155c5 | Get or set file date and time
2018-12-25T11:40:53.146761135Z 63 PC: 155d2 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:40:53.153774072Z 87 PC: 1563b | Get or set file date and time
2018-12-25T11:40:53.155324778Z 62 PC: 1563f | Close file
2018-12-25T11:40:53.161833058Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.163596019Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.170034923Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.174645845Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.175701041Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.1801846Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.181826015Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.186664881Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.188583669Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.196911167Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.204257609Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.205361282Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.210275754Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.211532299Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.216314405Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.218663738Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.229506622Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.23675357Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.23837239Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.243458247Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.245138697Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.252998376Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.256179791Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.269624294Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.277375256Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.279226792Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.28607675Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.28759901Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.29564153Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.298309169Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.304477623Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.309149005Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.310203562Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.314209493Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.316069726Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.323873218Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.326667036Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.341075229Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.348390633Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.349836161Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.357352024Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.359428049Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.368427518Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.371881843Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.383050992Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.390420536Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.39268439Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.400123171Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.401604881Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.410053281Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.412820136Z 59 PC: 1554d | Change current directory
2018-12-25T11:40:53.417407793Z 42 PC: 15553 | Get date 0x15553: cmp al, 6
0x15555: je 0x15563
0x15557: cmp al, 0
0x15559: je 0x15563
0x1555b: mov dx, 0x80
0x1555e: mov ah, 0x1a
0x15560: int 0x21
0x15562: ret
0x15563: mov ah, 0xe
0x15565: mov dl, 2
0x15567: int 0x21
0x15569: mov ah, 0x3b
0x1556b: lea dx, word ptr [bp + 0x285]
0x1556f: int 0x21
0x15571: mov ah, 0x4e
0x15573: lea dx, word ptr [bp + 0x287]
0x15577: mov cx, 3
0x1557a: int 0x21
0x1557c: jb 0x1555b
0x1557e: lea dx, word ptr [bp + 0x2bc]
2018-12-25T11:40:53.419894401Z 14 PC: 15569 | Set default drive (Drive = 'C')
2018-12-25T11:40:53.421852001Z 59 PC: 15571 | Change current directory
2018-12-25T11:40:53.425602488Z 78 PC: 1557c | Find first file
2018-12-25T11:40:53.431772868Z 67 PC: 1558a | Get or set file attributes
2018-12-25T11:40:53.803259508Z 61 PC: 1558f | Open file (Filename = 'AUTOEXEC.BAT')
2018-12-25T11:40:53.814927268Z 66 PC: 1564c | Move file pointer
2018-12-25T11:40:53.816881624Z 64 PC: 1559e | Write file or device (Write 29 bytes on handle 5)
2018-12-25T11:40:53.822941472Z 67 PC: 155a7 | Get or set file attributes
2018-12-25T11:40:53.834614473Z 62 PC: 155ab | Close file
2018-12-25T11:40:53.842709975Z 26 PC: 15562 | Set disk transfer address
2018-12-25T11:40:53.845237427Z 26 PC: 1533e | Set disk transfer address
2018-12-25T11:40:53.84695269Z 71 PC: 15348 | Get current directory
2018-12-25T11:40:53.850642685Z 53 PC: 1534d | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:53.85272545Z 37 PC: 1535d | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:53.854437501Z 78 PC: 15403 | Find first file
2018-12-25T11:40:53.861055313Z 67 PC: 1541c | Get or set file attributes
2018-12-25T11:40:53.869422728Z 67 PC: 154b4 | Get or set file attributes
2018-12-25T11:40:53.882809908Z 61 PC: 1542a | Open file (Filename = 'COMMAND.COM')
2018-12-25T11:40:53.890337379Z 63 PC: 15436 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:40:53.894082859Z 87 PC: 15453 | Get or set file date and time
2018-12-25T11:40:53.896203821Z 66 PC: 154be | Move file pointer
2018-12-25T11:40:53.899130337Z 64 PC: 154c5 | Write file or device (Write 456 bytes on handle 5)
2018-12-25T11:40:53.904577693Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:53.905817314Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:53.907977074Z 87 PC: 1546b | Get or set file date and time
2018-12-25T11:40:53.909793628Z 62 PC: 1546f | Close file
2018-12-25T11:40:53.914717763Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:53.927178361Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:53.92988756Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:53.931298388Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:53.932644895Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:53.940492944Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:53.944112229Z 59 PC: 154cc | Change current directory
2018-12-25T11:40:53.945961981Z 78 PC: 153e4 | Find first file
2018-12-25T11:40:53.952232785Z 59 PC: 154cc | Change current directory (See above)
2018-12-25T11:40:53.953878239Z 78 PC: 153e4 | Find first file (See above)
2018-12-25T11:40:53.957592546Z 59 PC: 154cc | Change current directory (See above)
2018-12-25T11:40:53.959467826Z 78 PC: 153e4 | Find first file (See above)
2018-12-25T11:40:53.963150163Z 59 PC: 154cc | Change current directory (See above)
2018-12-25T11:40:53.96880184Z 37 PC: 153a2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:53.970491808Z 59 PC: 154cc | Change current directory (See above)
2018-12-25T11:40:53.972736332Z 26 PC: 153b2 | Set disk transfer address
2018-12-25T11:40:53.977289308Z 37 PC: 1526b | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T11:40:53.978924682Z 250 PC: 15274 | UNKNOWN!
2018-12-25T11:40:53.980462005Z 26 PC: 151c7 | Set disk transfer address
2018-12-25T11:40:53.981885813Z 71 PC: 151a6 | Get current directory
2018-12-25T11:40:53.984927501Z 78 PC: 151b7 | Find first file
2018-12-25T11:40:53.989273667Z 61 PC: 1527d | Open file (Filename = 'COMMAND.COM')
2018-12-25T11:40:53.993369942Z 63 PC: 151d9 | Read file or device (Read 26 bytes on handle 5)
2018-12-25T11:40:53.995335527Z 62 PC: 151dd | Close file
2018-12-25T11:40:53.99742142Z 67 PC: 15288 | Get or set file attributes
2018-12-25T11:40:54.006875156Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:54.028548178Z 64 PC: 15226 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T11:40:54.031573282Z 66 PC: 15232 | Move file pointer
2018-12-25T11:40:54.033308002Z 44 PC: 15236 | Get time 0x15236: mov word ptr ds:[bp + 0x118], dx
0x1523b: call 0x25165
0x1523e: mov ax, 0x5701
0x15241: mov cx, word ptr ds:[bp + 0x2aa]
0x15246: mov dx, word ptr ds:[bp + 0x2ac]
0x1524b: int 0x21
0x1524d: mov ah, 0x3e
0x1524f: int 0x21
0x15251: xor cx, cx
0x15253: mov cl, byte ptr ds:[bp + 0x2a9]
0x15258: call 0x1527f
0x1525b: ret
0x1525c: mov cx, 0x9eb
0x1525f: mov ax, 0xfe05
0x15262: jmp 0x15260
0x15264: add ah, 0x3b
0x15267: jmp 0x1525d
0x15269: int 0x21
0x1526b: ret
0x1526c: mov ax, 0xfa01
2018-12-25T11:40:54.036043222Z 64 PC: 15173 | Write file or device (Write 467 bytes on handle 5)
2018-12-25T11:40:54.05005036Z 87 PC: 1524d | Get or set file date and time
2018-12-25T11:40:54.051758513Z 62 PC: 15251 | Close file
2018-12-25T11:40:54.059242362Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:54.069428641Z 42 PC: 152a7 | Get date 0x152a7: cmp al, 4
0x152a9: je 0x152ac
0x152ab: ret
0x152ac: jmp 0x152ae
0x152ae: cli
0x152af: cdq
0x152b0: mov al, 2
0x152b2: mov cx, 0xff
0x152b5: int 0x26
0x152b7: sti
0x152b8: jb 0x152ba
0x152ba: ret
0x152bb: sub ch, byte ptr [0x4f43]
0x152bf: dec bp
0x152c0: add byte ptr [0x2e], ch
0x152c4: add byte ptr [bp + di + 0x32], dl
0x152c7: push di
0x152c8: push si
0x152c9: jle 0x152ff
0x152cb: inc bx
2018-12-25T11:40:54.071971579Z 79 PC: 151b7 | Find next file (See above)
2018-12-25T11:40:54.075408871Z 59 PC: 15298 | Change current directory
2018-12-25T11:40:54.07991999Z 59 PC: 152a2 | Change current directory
2018-12-25T11:40:54.08230295Z 26 PC: 151c7 | Set disk transfer address (See above)
2018-12-25T11:40:54.083440427Z 9 PC: 12a51 | Display string (String= 'This is a sample! (10.000 bytes)')
2018-12-25T11:40:54.086394739Z 76 PC: 12a56 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":6,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":416,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:40:53.223390463Z 26 PC: 15538 | Set disk transfer address
2018-12-25T11:40:53.224695282Z 78 PC: 15543 | Find first file
2018-12-25T11:40:53.230384763Z 67 PC: 155b9 | Get or set file attributes
2018-12-25T11:40:53.254785567Z 61 PC: 155bf | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:40:53.26660188Z 87 PC: 155c5 | Get or set file date and time
2018-12-25T11:40:53.267874617Z 63 PC: 155d2 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:40:53.273908587Z 87 PC: 1563b | Get or set file date and time
2018-12-25T11:40:53.275661443Z 62 PC: 1563f | Close file
2018-12-25T11:40:53.282385905Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.284816973Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.294678457Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.301276572Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.302817276Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.314376791Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.315762534Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.322572444Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.325182434Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.337776305Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.344128099Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.353174094Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.360251121Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.361553114Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.368730257Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.371166016Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.380502261Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.387034657Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.388775992Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.392736636Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.393909308Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.401853856Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.404132655Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.411903831Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.41628885Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.417268949Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.423411941Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.424868892Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.431602341Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.434030157Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.442586035Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.446548347Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.447661655Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.453284475Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.454307307Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.462971477Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.465906755Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.477433002Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.484037323Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.48585774Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.491985987Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.493730767Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.5010682Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.503560159Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.518227207Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.524929176Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.526172575Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.532304928Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.534255189Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.544512363Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.54674394Z 59 PC: 1554d | Change current directory
2018-12-25T11:40:53.551188381Z 42 PC: 15553 | Get date 0x15553: cmp al, 6
0x15555: je 0x15563
0x15557: cmp al, 0
0x15559: je 0x15563
0x1555b: mov dx, 0x80
0x1555e: mov ah, 0x1a
0x15560: int 0x21
0x15562: ret
0x15563: mov ah, 0xe
0x15565: mov dl, 2
0x15567: int 0x21
0x15569: mov ah, 0x3b
0x1556b: lea dx, word ptr [bp + 0x285]
0x1556f: int 0x21
0x15571: mov ah, 0x4e
0x15573: lea dx, word ptr [bp + 0x287]
0x15577: mov cx, 3
0x1557a: int 0x21
0x1557c: jb 0x1555b
0x1557e: lea dx, word ptr [bp + 0x2bc]
2018-12-25T11:40:53.553276544Z 14 PC: 15569 | Set default drive (Drive = 'C')
2018-12-25T11:40:53.554403709Z 59 PC: 15571 | Change current directory
2018-12-25T11:40:53.557970976Z 78 PC: 1557c | Find first file
2018-12-25T11:40:53.563278374Z 67 PC: 1558a | Get or set file attributes
2018-12-25T11:40:53.884140964Z 61 PC: 1558f | Open file (Filename = 'AUTOEXEC.BAT')
2018-12-25T11:40:53.89156711Z 66 PC: 1564c | Move file pointer
2018-12-25T11:40:53.893669335Z 64 PC: 1559e | Write file or device (Write 29 bytes on handle 5)
2018-12-25T11:40:53.895815351Z 67 PC: 155a7 | Get or set file attributes
2018-12-25T11:40:53.90552415Z 62 PC: 155ab | Close file
2018-12-25T11:40:53.913330108Z 26 PC: 15562 | Set disk transfer address
2018-12-25T11:40:53.914790648Z 26 PC: 1533e | Set disk transfer address
2018-12-25T11:40:53.916825179Z 71 PC: 15348 | Get current directory
2018-12-25T11:40:53.920136891Z 53 PC: 1534d | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:53.921611641Z 37 PC: 1535d | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:53.923762935Z 78 PC: 15403 | Find first file
2018-12-25T11:40:53.929212818Z 67 PC: 1541c | Get or set file attributes
2018-12-25T11:40:53.93423093Z 67 PC: 154b4 | Get or set file attributes
2018-12-25T11:40:53.944047902Z 61 PC: 1542a | Open file (Filename = 'COMMAND.COM')
2018-12-25T11:40:53.952621189Z 63 PC: 15436 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:40:53.955818367Z 87 PC: 15453 | Get or set file date and time
2018-12-25T11:40:53.958922038Z 66 PC: 154be | Move file pointer
2018-12-25T11:40:53.961266849Z 64 PC: 154c5 | Write file or device (Write 456 bytes on handle 5)
2018-12-25T11:40:53.96865368Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:53.971131358Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:53.974488912Z 87 PC: 1546b | Get or set file date and time
2018-12-25T11:40:53.976514269Z 62 PC: 1546f | Close file
2018-12-25T11:40:53.983439305Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:53.992869563Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:53.995297054Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:53.998536158Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:53.99995652Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.008709718Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.011500526Z 59 PC: 154cc | Change current directory
2018-12-25T11:40:54.013214283Z 78 PC: 153e4 | Find first file
2018-12-25T11:40:54.020894975Z 59 PC: 154cc | Change current directory (See above)
2018-12-25T11:40:54.023427591Z 78 PC: 153e4 | Find first file (See above)
2018-12-25T11:40:54.029546621Z 59 PC: 154cc | Change current directory (See above)
2018-12-25T11:40:54.032069053Z 78 PC: 153e4 | Find first file (See above)
2018-12-25T11:40:54.038360488Z 59 PC: 154cc | Change current directory (See above)
2018-12-25T11:40:54.042530244Z 37 PC: 153a2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:54.043550222Z 59 PC: 154cc | Change current directory (See above)
2018-12-25T11:40:54.045578685Z 26 PC: 153b2 | Set disk transfer address
2018-12-25T11:40:54.053469091Z 37 PC: 1526b | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T11:40:54.054818246Z 250 PC: 15274 | UNKNOWN!
2018-12-25T11:40:54.055833294Z 26 PC: 151c7 | Set disk transfer address
2018-12-25T11:40:54.058188308Z 71 PC: 151a6 | Get current directory
2018-12-25T11:40:54.060886931Z 78 PC: 151b7 | Find first file
2018-12-25T11:40:54.0662604Z 61 PC: 1527d | Open file (Filename = 'COMMAND.COM')
2018-12-25T11:40:54.073034579Z 63 PC: 151d9 | Read file or device (Read 26 bytes on handle 5)
2018-12-25T11:40:54.075643668Z 62 PC: 151dd | Close file
2018-12-25T11:40:54.077299035Z 67 PC: 15288 | Get or set file attributes
2018-12-25T11:40:54.086115199Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:54.092668584Z 64 PC: 15226 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T11:40:54.095645978Z 66 PC: 15232 | Move file pointer
2018-12-25T11:40:54.097774534Z 44 PC: 15236 | Get time 0x15236: mov word ptr ds:[bp + 0x118], dx
0x1523b: call 0x25165
0x1523e: mov ax, 0x5701
0x15241: mov cx, word ptr ds:[bp + 0x2aa]
0x15246: mov dx, word ptr ds:[bp + 0x2ac]
0x1524b: int 0x21
0x1524d: mov ah, 0x3e
0x1524f: int 0x21
0x15251: xor cx, cx
0x15253: mov cl, byte ptr ds:[bp + 0x2a9]
0x15258: call 0x1527f
0x1525b: ret
0x1525c: mov cx, 0x9eb
0x1525f: mov ax, 0xfe05
0x15262: jmp 0x15260
0x15264: add ah, 0x3b
0x15267: jmp 0x1525d
0x15269: int 0x21
0x1526b: ret
0x1526c: mov ax, 0xfa01
2018-12-25T11:40:54.099945338Z 64 PC: 15173 | Write file or device (Write 467 bytes on handle 5)
2018-12-25T11:40:54.108767167Z 87 PC: 1524d | Get or set file date and time
2018-12-25T11:40:54.111032933Z 62 PC: 15251 | Close file
2018-12-25T11:40:54.117935451Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:54.127723895Z 42 PC: 152a7 | Get date 0x152a7: cmp al, 4
0x152a9: je 0x152ac
0x152ab: ret
0x152ac: jmp 0x152ae
0x152ae: cli
0x152af: cdq
0x152b0: mov al, 2
0x152b2: mov cx, 0xff
0x152b5: int 0x26
0x152b7: sti
0x152b8: jb 0x152ba
0x152ba: ret
0x152bb: sub ch, byte ptr [0x4f43]
0x152bf: dec bp
0x152c0: add byte ptr [0x2e], ch
0x152c4: add byte ptr [bp + di + 0x32], dl
0x152c7: push di
0x152c8: push si
0x152c9: jle 0x152ff
0x152cb: inc bx
2018-12-25T11:40:54.130486025Z 79 PC: 151b7 | Find next file (See above)
2018-12-25T11:40:54.132853469Z 59 PC: 15298 | Change current directory
2018-12-25T11:40:54.136368706Z 59 PC: 152a2 | Change current directory
2018-12-25T11:40:54.139279302Z 26 PC: 151c7 | Set disk transfer address (See above)
2018-12-25T11:40:54.140414822Z 9 PC: 12a51 | Display string (String= 'This is a sample! (10.000 bytes)')
2018-12-25T11:40:54.14288696Z 76 PC: 12a56 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":416,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:40:53.355975447Z 26 PC: 15538 | Set disk transfer address
2018-12-25T11:40:53.357533298Z 78 PC: 15543 | Find first file
2018-12-25T11:40:53.363295058Z 67 PC: 155b9 | Get or set file attributes
2018-12-25T11:40:53.377940018Z 61 PC: 155bf | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:40:53.384766925Z 87 PC: 155c5 | Get or set file date and time
2018-12-25T11:40:53.386116429Z 63 PC: 155d2 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:40:53.39226753Z 87 PC: 1563b | Get or set file date and time
2018-12-25T11:40:53.394059859Z 62 PC: 1563f | Close file
2018-12-25T11:40:53.401420612Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.403737097Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.413295989Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.420434419Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.422079069Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.428902263Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.430617988Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.438622413Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.441070855Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.450954036Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.459541794Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.460731813Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.467642264Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.468930888Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.475589784Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.478428885Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.488047993Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.494749937Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.496516309Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.50040015Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.501327859Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.518186492Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.520675397Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.532308115Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.543893621Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.545203508Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.55164872Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.553388979Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.567659596Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.570525124Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.883653988Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.890554149Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.893166862Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.900740446Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.903448459Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.912479371Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.916275899Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.924415438Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.929995404Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.932446106Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.93780563Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.939106342Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.945784915Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.94845464Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.956589533Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.966829298Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.968604826Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.974370007Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.976373954Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.9833654Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.985765217Z 59 PC: 1554d | Change current directory
2018-12-25T11:40:53.989980396Z 42 PC: 15553 | Get date 0x15553: cmp al, 6
0x15555: je 0x15563
0x15557: cmp al, 0
0x15559: je 0x15563
0x1555b: mov dx, 0x80
0x1555e: mov ah, 0x1a
0x15560: int 0x21
0x15562: ret
0x15563: mov ah, 0xe
0x15565: mov dl, 2
0x15567: int 0x21
0x15569: mov ah, 0x3b
0x1556b: lea dx, word ptr [bp + 0x285]
0x1556f: int 0x21
0x15571: mov ah, 0x4e
0x15573: lea dx, word ptr [bp + 0x287]
0x15577: mov cx, 3
0x1557a: int 0x21
0x1557c: jb 0x1555b
0x1557e: lea dx, word ptr [bp + 0x2bc]
2018-12-25T11:40:53.992374581Z 26 PC: 15562 | Set disk transfer address
2018-12-25T11:40:53.993416612Z 26 PC: 1533e | Set disk transfer address
2018-12-25T11:40:53.994574321Z 71 PC: 15348 | Get current directory
2018-12-25T11:40:53.997456137Z 53 PC: 1534d | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:53.998449505Z 37 PC: 1535d | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:53.999650392Z 78 PC: 15403 | Find first file
2018-12-25T11:40:54.005234843Z 67 PC: 1541c | Get or set file attributes
2018-12-25T11:40:54.013849596Z 67 PC: 154b4 | Get or set file attributes
2018-12-25T11:40:54.023841894Z 61 PC: 1542a | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:40:54.03416475Z 63 PC: 15436 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:40:54.039898114Z 87 PC: 15453 | Get or set file date and time
2018-12-25T11:40:54.041314454Z 66 PC: 154be | Move file pointer
2018-12-25T11:40:54.043569308Z 64 PC: 154c5 | Write file or device (Write 456 bytes on handle 5)
2018-12-25T11:40:54.051156412Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.052559508Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.058223619Z 87 PC: 1546b | Get or set file date and time
2018-12-25T11:40:54.059884107Z 62 PC: 1546f | Close file
2018-12-25T11:40:54.065951668Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.074569033Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.076780133Z 67 PC: 1541c | Get or set file attributes (See above)
2018-12-25T11:40:54.081496371Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.089923529Z 61 PC: 1542a | Open file (See above)
2018-12-25T11:40:54.098948747Z 63 PC: 15436 | Read file or device (See above)
2018-12-25T11:40:54.104330148Z 87 PC: 15453 | Get or set file date and time (See above)
2018-12-25T11:40:54.106160487Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.107296419Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.109513965Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.111573667Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.113924734Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.115382035Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.122312935Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.13327854Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.136467232Z 67 PC: 1541c | Get or set file attributes (See above)
2018-12-25T11:40:54.14181135Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.150418181Z 61 PC: 1542a | Open file (See above)
2018-12-25T11:40:54.158395597Z 63 PC: 15436 | Read file or device (See above)
2018-12-25T11:40:54.16550236Z 87 PC: 15453 | Get or set file date and time (See above)
2018-12-25T11:40:54.166771219Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.167932275Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.188714983Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.190045715Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.209047969Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.210975817Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.217270079Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.226555976Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.236802927Z 67 PC: 1541c | Get or set file attributes (See above)
2018-12-25T11:40:54.247790169Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.257979349Z 61 PC: 1542a | Open file (See above)
2018-12-25T11:40:54.264732228Z 63 PC: 15436 | Read file or device (See above)
2018-12-25T11:40:54.27195225Z 87 PC: 15453 | Get or set file date and time (See above)
2018-12-25T11:40:54.273566591Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.275248966Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.279268514Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.280637917Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.283296317Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.285719046Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.293392861Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.304185199Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.308791527Z 67 PC: 1541c | Get or set file attributes (See above)
2018-12-25T11:40:54.31426559Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.323659266Z 61 PC: 1542a | Open file (See above)
2018-12-25T11:40:54.33058077Z 63 PC: 15436 | Read file or device (See above)
2018-12-25T11:40:54.336928058Z 87 PC: 15453 | Get or set file date and time (See above)
2018-12-25T11:40:54.338257139Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.340724622Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.344801534Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.34608192Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.34922245Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.350786126Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.357832551Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.368561054Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.371125454Z 67 PC: 1541c | Get or set file attributes (See above)
2018-12-25T11:40:54.377183201Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.3876157Z 61 PC: 1542a | Open file (See above)
2018-12-25T11:40:54.394689869Z 63 PC: 15436 | Read file or device (See above)
2018-12-25T11:40:54.401149525Z 87 PC: 15453 | Get or set file date and time (See above)
2018-12-25T11:40:54.403623175Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.405642712Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.413702904Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.416129307Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.422834122Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.423967075Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.429793665Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.439561424Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.443064629Z 67 PC: 1541c | Get or set file attributes (See above)
2018-12-25T11:40:54.448788854Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.458631255Z 61 PC: 1542a | Open file (See above)
2018-12-25T11:40:54.464985728Z 63 PC: 15436 | Read file or device (See above)
2018-12-25T11:40:54.4717281Z 87 PC: 15453 | Get or set file date and time (See above)
2018-12-25T11:40:54.473052793Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.474381869Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.477662358Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.479218598Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.481802036Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.484002148Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.491284389Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.500991316Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.5046529Z 67 PC: 1541c | Get or set file attributes (See above)
2018-12-25T11:40:54.51142858Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.521057606Z 61 PC: 1542a | Open file (See above)
2018-12-25T11:40:54.528491923Z 63 PC: 15436 | Read file or device (See above)
2018-12-25T11:40:54.534825622Z 87 PC: 15453 | Get or set file date and time (See above)
2018-12-25T11:40:54.536200794Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.538331678Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.546568195Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.547771405Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.551032053Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.552451315Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.560251Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.570986678Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.573636219Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.576122254Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.578444412Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.588206941Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.590829083Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.593033027Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.594678954Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.604433415Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.607865578Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.609707187Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.611218681Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.621323792Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.62411148Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.626061243Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.62819461Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.638477342Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.641257181Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.643619705Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.64626577Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.656384554Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.659126395Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.660880016Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.663364027Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.673112891Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.67570179Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.677766159Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.679370123Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.688998772Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.692080876Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.693774134Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.69527443Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.705388927Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.707785036Z 59 PC: 154cc | Change current directory
2018-12-25T11:40:54.709548746Z 78 PC: 153e4 | Find first file
2018-12-25T11:40:54.716509739Z 59 PC: 154cc | Change current directory (See above)
2018-12-25T11:40:54.718075767Z 78 PC: 153e4 | Find first file (See above)
2018-12-25T11:40:54.723548104Z 59 PC: 154cc | Change current directory (See above)
2018-12-25T11:40:54.725588074Z 78 PC: 153e4 | Find first file (See above)
2018-12-25T11:40:54.731040378Z 59 PC: 154cc | Change current directory (See above)
2018-12-25T11:40:54.734945042Z 37 PC: 153a2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:54.736431056Z 59 PC: 154cc | Change current directory (See above)
2018-12-25T11:40:54.737943117Z 26 PC: 153b2 | Set disk transfer address
2018-12-25T11:40:54.772262697Z 37 PC: 1526b | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T11:40:54.773797476Z 250 PC: 15274 | UNKNOWN!
2018-12-25T11:40:54.774886997Z 26 PC: 151c7 | Set disk transfer address
2018-12-25T11:40:54.77621135Z 71 PC: 151a6 | Get current directory
2018-12-25T11:40:54.77886469Z 78 PC: 151b7 | Find first file
2018-12-25T11:40:54.782335062Z 61 PC: 1527d | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:40:54.78655686Z 63 PC: 151d9 | Read file or device (Read 26 bytes on handle 5)
2018-12-25T11:40:54.790853012Z 62 PC: 151dd | Close file
2018-12-25T11:40:54.792177612Z 67 PC: 15288 | Get or set file attributes
2018-12-25T11:40:54.799064986Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:54.803775833Z 64 PC: 15226 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T11:40:54.806369474Z 66 PC: 15232 | Move file pointer
2018-12-25T11:40:54.80885136Z 44 PC: 15236 | Get time 0x15236: mov word ptr ds:[bp + 0x118], dx
0x1523b: call 0x25165
0x1523e: mov ax, 0x5701
0x15241: mov cx, word ptr ds:[bp + 0x2aa]
0x15246: mov dx, word ptr ds:[bp + 0x2ac]
0x1524b: int 0x21
0x1524d: mov ah, 0x3e
0x1524f: int 0x21
0x15251: xor cx, cx
0x15253: mov cl, byte ptr ds:[bp + 0x2a9]
0x15258: call 0x1527f
0x1525b: ret
0x1525c: mov cx, 0x9eb
0x1525f: mov ax, 0xfe05
0x15262: jmp 0x15260
0x15264: add ah, 0x3b
0x15267: jmp 0x1525d
0x15269: int 0x21
0x1526b: ret
0x1526c: mov ax, 0xfa01
2018-12-25T11:40:54.811537358Z 64 PC: 15173 | Write file or device (Write 467 bytes on handle 5)
2018-12-25T11:40:54.820071123Z 87 PC: 1524d | Get or set file date and time
2018-12-25T11:40:54.821635035Z 62 PC: 15251 | Close file
2018-12-25T11:40:54.829029176Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:54.838325588Z 42 PC: 152a7 | Get date 0x152a7: cmp al, 4
0x152a9: je 0x152ac
0x152ab: ret
0x152ac: jmp 0x152ae
0x152ae: cli
0x152af: cdq
0x152b0: mov al, 2
0x152b2: mov cx, 0xff
0x152b5: int 0x26
0x152b7: sti
0x152b8: jb 0x152ba
0x152ba: ret
0x152bb: sub ch, byte ptr [0x4f43]
0x152bf: dec bp
0x152c0: add byte ptr [0x2e], ch
0x152c4: add byte ptr [bp + di + 0x32], dl
0x152c7: push di
0x152c8: push si
0x152c9: jle 0x152ff
0x152cb: inc bx
2018-12-25T11:40:54.841125824Z 79 PC: 151b7 | Find next file (See above)
2018-12-25T11:40:54.843571063Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:54.849779198Z 63 PC: 151d9 | Read file or device (See above)
2018-12-25T11:40:54.856204484Z 62 PC: 151dd | Close file (See above)
2018-12-25T11:40:54.857830963Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:54.867287691Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:54.874009462Z 64 PC: 15226 | Write file or device (See above)
2018-12-25T11:40:54.876560277Z 66 PC: 15232 | Move file pointer (See above)
2018-12-25T11:40:54.877855941Z 44 PC: 15236 | Get time (See above)
2018-12-25T11:40:54.880442675Z 64 PC: 15173 | Write file or device (See above)
2018-12-25T11:40:54.88825088Z 87 PC: 1524d | Get or set file date and time (See above)
2018-12-25T11:40:54.889567814Z 62 PC: 15251 | Close file (See above)
2018-12-25T11:40:54.896949964Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:54.906785493Z 42 PC: 152a7 | Get date (See above)
2018-12-25T11:40:54.908545958Z 79 PC: 151b7 | Find next file (See above)
2018-12-25T11:40:54.911678917Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:54.916546184Z 63 PC: 151d9 | Read file or device (See above)
2018-12-25T11:40:54.918839826Z 62 PC: 151dd | Close file (See above)
2018-12-25T11:40:54.920341091Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:54.928528207Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:54.935739367Z 64 PC: 15226 | Write file or device (See above)
2018-12-25T11:40:54.938471436Z 66 PC: 15232 | Move file pointer (See above)
2018-12-25T11:40:54.93986828Z 44 PC: 15236 | Get time (See above)
2018-12-25T11:40:54.942875869Z 64 PC: 15173 | Write file or device (See above)
2018-12-25T11:40:54.94616701Z 87 PC: 1524d | Get or set file date and time (See above)
2018-12-25T11:40:54.94750373Z 62 PC: 15251 | Close file (See above)
2018-12-25T11:40:54.955510003Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:54.967417335Z 42 PC: 152a7 | Get date (See above)
2018-12-25T11:40:54.970042572Z 79 PC: 151b7 | Find next file (See above)
2018-12-25T11:40:54.973306333Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:54.977930445Z 63 PC: 151d9 | Read file or device (See above)
2018-12-25T11:40:54.981885977Z 62 PC: 151dd | Close file (See above)
2018-12-25T11:40:54.983369355Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:54.998854258Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:55.005892438Z 64 PC: 15226 | Write file or device (See above)
2018-12-25T11:40:55.009858974Z 66 PC: 15232 | Move file pointer (See above)
2018-12-25T11:40:55.011511235Z 44 PC: 15236 | Get time (See above)
2018-12-25T11:40:55.014211108Z 64 PC: 15173 | Write file or device (See above)
2018-12-25T11:40:55.023456272Z 87 PC: 1524d | Get or set file date and time (See above)
2018-12-25T11:40:55.024963203Z 62 PC: 15251 | Close file (See above)
2018-12-25T11:40:55.033565986Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:55.043561989Z 42 PC: 152a7 | Get date (See above)
2018-12-25T11:40:55.045628729Z 79 PC: 151b7 | Find next file (See above)
2018-12-25T11:40:55.048866467Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:55.055542528Z 63 PC: 151d9 | Read file or device (See above)
2018-12-25T11:40:55.06193729Z 62 PC: 151dd | Close file (See above)
2018-12-25T11:40:55.064157943Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:55.068446325Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:55.07317841Z 64 PC: 15226 | Write file or device (See above)
2018-12-25T11:40:55.076520243Z 66 PC: 15232 | Move file pointer (See above)
2018-12-25T11:40:55.078512364Z 44 PC: 15236 | Get time (See above)
2018-12-25T11:40:55.080713975Z 64 PC: 15173 | Write file or device (See above)
2018-12-25T11:40:55.098323711Z 87 PC: 1524d | Get or set file date and time (See above)
2018-12-25T11:40:55.100010868Z 62 PC: 15251 | Close file (See above)
2018-12-25T11:40:55.102335485Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:55.107860277Z 42 PC: 152a7 | Get date (See above)
2018-12-25T11:40:55.109991921Z 79 PC: 151b7 | Find next file (See above)
2018-12-25T11:40:55.112992273Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:55.119253959Z 63 PC: 151d9 | Read file or device (See above)
2018-12-25T11:40:55.125421467Z 62 PC: 151dd | Close file (See above)
2018-12-25T11:40:55.127586761Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:55.137071057Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:55.14342891Z 64 PC: 15226 | Write file or device (See above)
2018-12-25T11:40:55.146902579Z 66 PC: 15232 | Move file pointer (See above)
2018-12-25T11:40:55.148085911Z 44 PC: 15236 | Get time (See above)
2018-12-25T11:40:55.150260886Z 64 PC: 15173 | Write file or device (See above)
2018-12-25T11:40:55.166126665Z 87 PC: 1524d | Get or set file date and time (See above)
2018-12-25T11:40:55.167125755Z 62 PC: 15251 | Close file (See above)
2018-12-25T11:40:55.172659701Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:55.17884836Z 42 PC: 152a7 | Get date (See above)
2018-12-25T11:40:55.180228747Z 79 PC: 151b7 | Find next file (See above)
2018-12-25T11:40:55.182395072Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:55.186271819Z 63 PC: 151d9 | Read file or device (See above)
2018-12-25T11:40:55.19004692Z 62 PC: 151dd | Close file (See above)
2018-12-25T11:40:55.191908976Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:55.198683496Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:55.202772278Z 64 PC: 15226 | Write file or device (See above)
2018-12-25T11:40:55.204949209Z 66 PC: 15232 | Move file pointer (See above)
2018-12-25T11:40:55.206314133Z 44 PC: 15236 | Get time (See above)
2018-12-25T11:40:55.209270543Z 64 PC: 15173 | Write file or device (See above)
2018-12-25T11:40:55.217173085Z 87 PC: 1524d | Get or set file date and time (See above)
2018-12-25T11:40:55.218513811Z 62 PC: 15251 | Close file (See above)
2018-12-25T11:40:55.226957738Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:55.239579533Z 42 PC: 152a7 | Get date (See above)
2018-12-25T11:40:55.241905861Z 79 PC: 151b7 | Find next file (See above)
2018-12-25T11:40:55.244854783Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:55.251379965Z 63 PC: 151d9 | Read file or device (See above)
2018-12-25T11:40:55.257466006Z 62 PC: 151dd | Close file (See above)
2018-12-25T11:40:55.259760016Z 42 PC: 152a7 | Get date (See above)
2018-12-25T11:40:55.261691298Z 79 PC: 151b7 | Find next file (See above)
2018-12-25T11:40:55.264072168Z 59 PC: 15298 | Change current directory
2018-12-25T11:40:55.268243268Z 59 PC: 152a2 | Change current directory
2018-12-25T11:40:55.26977804Z 26 PC: 151c7 | Set disk transfer address (See above)
2018-12-25T11:40:55.271447056Z 9 PC: 12a51 | Display string (String= 'This is a sample! (10.000 bytes)')
2018-12-25T11:40:55.273515824Z 76 PC: 12a56 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":3,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":416,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:40:53.492169895Z 26 PC: 15538 | Set disk transfer address
2018-12-25T11:40:53.493536613Z 78 PC: 15543 | Find first file
2018-12-25T11:40:53.497321975Z 67 PC: 155b9 | Get or set file attributes
2018-12-25T11:40:53.518485784Z 61 PC: 155bf | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:40:53.527167969Z 87 PC: 155c5 | Get or set file date and time
2018-12-25T11:40:53.528507299Z 63 PC: 155d2 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:40:53.532518503Z 87 PC: 1563b | Get or set file date and time
2018-12-25T11:40:53.534071075Z 62 PC: 1563f | Close file
2018-12-25T11:40:53.54400471Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.546482289Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.558667849Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.565756885Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.567518395Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.57435543Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.575815556Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.816560978Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.819718831Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.883491477Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.897236984Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.899890141Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.906635919Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.907889181Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.912556198Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.914663737Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.921367203Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.925579799Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.927137117Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.933212397Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.934856381Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.94215554Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.944584423Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.9568379Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.964546131Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.966404493Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.97312387Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.974985535Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.981774105Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.984330029Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.995170947Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:54.001976403Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:54.003493824Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:54.010788629Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:54.012907048Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:54.019867701Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:54.023482929Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:54.031397558Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:54.037857714Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:54.039852144Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:54.044271773Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:54.045362624Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:54.051919426Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:54.053995622Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:54.060610979Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:54.066623128Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:54.068373598Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:54.074772231Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:54.082345563Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:54.092576142Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:54.095090496Z 59 PC: 1554d | Change current directory
2018-12-25T11:40:54.099428491Z 42 PC: 15553 | Get date 0x15553: cmp al, 6
0x15555: je 0x15563
0x15557: cmp al, 0
0x15559: je 0x15563
0x1555b: mov dx, 0x80
0x1555e: mov ah, 0x1a
0x15560: int 0x21
0x15562: ret
0x15563: mov ah, 0xe
0x15565: mov dl, 2
0x15567: int 0x21
0x15569: mov ah, 0x3b
0x1556b: lea dx, word ptr [bp + 0x285]
0x1556f: int 0x21
0x15571: mov ah, 0x4e
0x15573: lea dx, word ptr [bp + 0x287]
0x15577: mov cx, 3
0x1557a: int 0x21
0x1557c: jb 0x1555b
0x1557e: lea dx, word ptr [bp + 0x2bc]
2018-12-25T11:40:54.102359721Z 26 PC: 15562 | Set disk transfer address
2018-12-25T11:40:54.10355368Z 26 PC: 1533e | Set disk transfer address
2018-12-25T11:40:54.105004063Z 71 PC: 15348 | Get current directory
2018-12-25T11:40:54.108456802Z 53 PC: 1534d | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:54.109704152Z 37 PC: 1535d | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:54.111253432Z 78 PC: 15403 | Find first file
2018-12-25T11:40:54.117559444Z 67 PC: 1541c | Get or set file attributes
2018-12-25T11:40:54.123333063Z 67 PC: 154b4 | Get or set file attributes
2018-12-25T11:40:54.13576568Z 61 PC: 1542a | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:40:54.1470476Z 63 PC: 15436 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:40:54.153174479Z 87 PC: 15453 | Get or set file date and time
2018-12-25T11:40:54.155133689Z 66 PC: 154be | Move file pointer
2018-12-25T11:40:54.162039555Z 64 PC: 154c5 | Write file or device (Write 456 bytes on handle 5)
2018-12-25T11:40:54.170034711Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.171698711Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.178157147Z 87 PC: 1546b | Get or set file date and time
2018-12-25T11:40:54.179462109Z 62 PC: 1546f | Close file
2018-12-25T11:40:54.187002784Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.193877577Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.196120224Z 67 PC: 1541c | Get or set file attributes (See above)
2018-12-25T11:40:54.201771385Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.211536054Z 61 PC: 1542a | Open file (See above)
2018-12-25T11:40:54.223422501Z 63 PC: 15436 | Read file or device (See above)
2018-12-25T11:40:54.229841798Z 87 PC: 15453 | Get or set file date and time (See above)
2018-12-25T11:40:54.231428843Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.233154907Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.23593361Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.238016721Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.240832998Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.242544937Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.249693195Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.259426204Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.26200458Z 67 PC: 1541c | Get or set file attributes (See above)
2018-12-25T11:40:54.268275239Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.277683663Z 61 PC: 1542a | Open file (See above)
2018-12-25T11:40:54.289459165Z 63 PC: 15436 | Read file or device (See above)
2018-12-25T11:40:54.296750898Z 87 PC: 15453 | Get or set file date and time (See above)
2018-12-25T11:40:54.298299394Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.299923586Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.308840331Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.310529115Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.317244759Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.319433024Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.326901661Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.336447494Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.34032522Z 67 PC: 1541c | Get or set file attributes (See above)
2018-12-25T11:40:54.346042946Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.356248885Z 61 PC: 1542a | Open file (See above)
2018-12-25T11:40:54.363544585Z 63 PC: 15436 | Read file or device (See above)
2018-12-25T11:40:54.37006822Z 87 PC: 15453 | Get or set file date and time (See above)
2018-12-25T11:40:54.371745684Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.374194755Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.376876523Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.378285266Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.381341814Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.382871069Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.39026584Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.40272189Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.405221389Z 67 PC: 1541c | Get or set file attributes (See above)
2018-12-25T11:40:54.410806731Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.424265607Z 61 PC: 1542a | Open file (See above)
2018-12-25T11:40:54.430757956Z 63 PC: 15436 | Read file or device (See above)
2018-12-25T11:40:54.436831234Z 87 PC: 15453 | Get or set file date and time (See above)
2018-12-25T11:40:54.43917162Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.440825562Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.443417233Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.446179347Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.449084978Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.451408084Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.459883983Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.469831071Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.472481294Z 67 PC: 1541c | Get or set file attributes (See above)
2018-12-25T11:40:54.479178607Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.492339776Z 61 PC: 1542a | Open file (See above)
2018-12-25T11:40:54.498892894Z 63 PC: 15436 | Read file or device (See above)
2018-12-25T11:40:54.503267134Z 87 PC: 15453 | Get or set file date and time (See above)
2018-12-25T11:40:54.504888975Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.506120614Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.514663912Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.516118367Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.522398747Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.524196563Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.531890207Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.543121902Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.547142799Z 67 PC: 1541c | Get or set file attributes (See above)
2018-12-25T11:40:54.553092542Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.564587457Z 61 PC: 1542a | Open file (See above)
2018-12-25T11:40:54.572286901Z 63 PC: 15436 | Read file or device (See above)
2018-12-25T11:40:54.578750974Z 87 PC: 15453 | Get or set file date and time (See above)
2018-12-25T11:40:54.580540582Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.583129763Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.586231853Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.587319377Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.589365771Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.590959141Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.595798177Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.606582676Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.609202071Z 67 PC: 1541c | Get or set file attributes (See above)
2018-12-25T11:40:54.614494824Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.624024256Z 61 PC: 1542a | Open file (See above)
2018-12-25T11:40:54.629140633Z 63 PC: 15436 | Read file or device (See above)
2018-12-25T11:40:54.633321052Z 87 PC: 15453 | Get or set file date and time (See above)
2018-12-25T11:40:54.634899233Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.636026757Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.641606848Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.643824671Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.645872062Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.646989549Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.652458755Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.659035767Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.660846861Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.662386775Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.663662678Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.67348686Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.67726617Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.678939722Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.68026089Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.692884241Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.696474515Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.697914314Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.700201802Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.709631545Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.712035276Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.713520217Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.714868433Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.724460143Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.727047078Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.728889509Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.730829892Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.740177154Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.74232085Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.743996815Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.74526204Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.754573436Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.757185317Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.759202437Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.760456112Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.770330824Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.773127697Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.774735113Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.777099917Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.786949921Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.789135647Z 59 PC: 154cc | Change current directory
2018-12-25T11:40:54.79116838Z 78 PC: 153e4 | Find first file
2018-12-25T11:40:54.796754521Z 59 PC: 154cc | Change current directory (See above)
2018-12-25T11:40:54.798320976Z 78 PC: 153e4 | Find first file (See above)
2018-12-25T11:40:54.80434743Z 59 PC: 154cc | Change current directory (See above)
2018-12-25T11:40:54.806001125Z 78 PC: 153e4 | Find first file (See above)
2018-12-25T11:40:54.811430444Z 59 PC: 154cc | Change current directory (See above)
2018-12-25T11:40:54.820780748Z 37 PC: 153a2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:54.821766949Z 59 PC: 154cc | Change current directory (See above)
2018-12-25T11:40:54.823296Z 26 PC: 153b2 | Set disk transfer address
2018-12-25T11:40:54.87926733Z 37 PC: 1526b | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T11:40:54.880780576Z 250 PC: 15274 | UNKNOWN!
2018-12-25T11:40:54.881985609Z 26 PC: 151c7 | Set disk transfer address
2018-12-25T11:40:54.883327765Z 71 PC: 151a6 | Get current directory
2018-12-25T11:40:54.886124614Z 78 PC: 151b7 | Find first file
2018-12-25T11:40:54.894435827Z 61 PC: 1527d | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:40:54.900973746Z 63 PC: 151d9 | Read file or device (Read 26 bytes on handle 5)
2018-12-25T11:40:54.907269366Z 62 PC: 151dd | Close file
2018-12-25T11:40:54.909622486Z 67 PC: 15288 | Get or set file attributes
2018-12-25T11:40:54.919352078Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:54.925670045Z 64 PC: 15226 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T11:40:54.928053766Z 66 PC: 15232 | Move file pointer
2018-12-25T11:40:54.929195624Z 44 PC: 15236 | Get time 0x15236: mov word ptr ds:[bp + 0x118], dx
0x1523b: call 0x25165
0x1523e: mov ax, 0x5701
0x15241: mov cx, word ptr ds:[bp + 0x2aa]
0x15246: mov dx, word ptr ds:[bp + 0x2ac]
0x1524b: int 0x21
0x1524d: mov ah, 0x3e
0x1524f: int 0x21
0x15251: xor cx, cx
0x15253: mov cl, byte ptr ds:[bp + 0x2a9]
0x15258: call 0x1527f
0x1525b: ret
0x1525c: mov cx, 0x9eb
0x1525f: mov ax, 0xfe05
0x15262: jmp 0x15260
0x15264: add ah, 0x3b
0x15267: jmp 0x1525d
0x15269: int 0x21
0x1526b: ret
0x1526c: mov ax, 0xfa01
2018-12-25T11:40:54.930757665Z 64 PC: 15173 | Write file or device (Write 467 bytes on handle 5)
2018-12-25T11:40:54.937168429Z 87 PC: 1524d | Get or set file date and time
2018-12-25T11:40:54.938638398Z 62 PC: 15251 | Close file
2018-12-25T11:40:54.946803297Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:54.957232791Z 42 PC: 152a7 | Get date 0x152a7: cmp al, 4
0x152a9: je 0x152ac
0x152ab: ret
0x152ac: jmp 0x152ae
0x152ae: cli
0x152af: cdq
0x152b0: mov al, 2
0x152b2: mov cx, 0xff
0x152b5: int 0x26
0x152b7: sti
0x152b8: jb 0x152ba
0x152ba: ret
0x152bb: sub ch, byte ptr [0x4f43]
0x152bf: dec bp
0x152c0: add byte ptr [0x2e], ch
0x152c4: add byte ptr [bp + di + 0x32], dl
0x152c7: push di
0x152c8: push si
0x152c9: jle 0x152ff
0x152cb: inc bx
2018-12-25T11:40:54.960129622Z 2 PC: 12992 | Character output (Char = '00')

{"DateBased":true,"Day":3,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":416,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:40:53.634010962Z 26 PC: 15538 | Set disk transfer address
2018-12-25T11:40:53.635296429Z 78 PC: 15543 | Find first file
2018-12-25T11:40:53.641870225Z 67 PC: 155b9 | Get or set file attributes
2018-12-25T11:40:53.802964521Z 61 PC: 155bf | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:40:53.81119311Z 87 PC: 155c5 | Get or set file date and time
2018-12-25T11:40:53.813864837Z 63 PC: 155d2 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:40:53.82194925Z 87 PC: 1563b | Get or set file date and time
2018-12-25T11:40:53.82421837Z 62 PC: 1563f | Close file
2018-12-25T11:40:53.833570357Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.842089076Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.853242201Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.862780174Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.865444732Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.874033285Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.877610791Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.886453858Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.88990715Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.901788724Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.910985055Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.913030512Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.920686336Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.923784701Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.932192443Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.935179681Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.946389006Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.954287049Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.956256895Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.964754169Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.969823654Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.977884088Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.98110915Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.992990867Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:54.00056375Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:54.002228042Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:54.010684426Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:54.012239191Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:54.020243036Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:54.024555559Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:54.035872111Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:54.043411082Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:54.046286996Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:54.054175099Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:54.056233683Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:54.065142413Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:54.068616475Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:54.079318932Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:54.086782812Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:54.088716867Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:54.096266555Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:54.097780732Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:54.105909025Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:54.108731942Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:54.119492602Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:54.127373677Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:54.129032986Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:54.131847822Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:54.133957391Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:54.141624971Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:54.144173098Z 59 PC: 1554d | Change current directory
2018-12-25T11:40:54.155009513Z 42 PC: 15553 | Get date 0x15553: cmp al, 6
0x15555: je 0x15563
0x15557: cmp al, 0
0x15559: je 0x15563
0x1555b: mov dx, 0x80
0x1555e: mov ah, 0x1a
0x15560: int 0x21
0x15562: ret
0x15563: mov ah, 0xe
0x15565: mov dl, 2
0x15567: int 0x21
0x15569: mov ah, 0x3b
0x1556b: lea dx, word ptr [bp + 0x285]
0x1556f: int 0x21
0x15571: mov ah, 0x4e
0x15573: lea dx, word ptr [bp + 0x287]
0x15577: mov cx, 3
0x1557a: int 0x21
0x1557c: jb 0x1555b
0x1557e: lea dx, word ptr [bp + 0x2bc]
2018-12-25T11:40:54.157661412Z 26 PC: 15562 | Set disk transfer address
2018-12-25T11:40:54.159019578Z 26 PC: 1533e | Set disk transfer address
2018-12-25T11:40:54.160735784Z 71 PC: 15348 | Get current directory
2018-12-25T11:40:54.163843335Z 53 PC: 1534d | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:54.165010937Z 37 PC: 1535d | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:54.166529561Z 78 PC: 15403 | Find first file
2018-12-25T11:40:54.176444672Z 67 PC: 1541c | Get or set file attributes
2018-12-25T11:40:54.18282378Z 67 PC: 154b4 | Get or set file attributes
2018-12-25T11:40:54.194403839Z 61 PC: 1542a | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:40:54.202019522Z 63 PC: 15436 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:40:54.209422779Z 87 PC: 15453 | Get or set file date and time
2018-12-25T11:40:54.211088394Z 66 PC: 154be | Move file pointer
2018-12-25T11:40:54.213149713Z 64 PC: 154c5 | Write file or device (Write 456 bytes on handle 5)
2018-12-25T11:40:54.222380786Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.2239802Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.231792189Z 87 PC: 1546b | Get or set file date and time
2018-12-25T11:40:54.233454649Z 62 PC: 1546f | Close file
2018-12-25T11:40:54.242222319Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.252879021Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.255639401Z 67 PC: 1541c | Get or set file attributes (See above)
2018-12-25T11:40:54.262070961Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.278154792Z 61 PC: 1542a | Open file (See above)
2018-12-25T11:40:54.286102322Z 63 PC: 15436 | Read file or device (See above)
2018-12-25T11:40:54.293611159Z 87 PC: 15453 | Get or set file date and time (See above)
2018-12-25T11:40:54.297949394Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.299929821Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.303362522Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.306211584Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.309424605Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.311440038Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.321291957Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.3329387Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.336333508Z 67 PC: 1541c | Get or set file attributes (See above)
2018-12-25T11:40:54.343073361Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.355448843Z 61 PC: 1542a | Open file (See above)
2018-12-25T11:40:54.362744666Z 63 PC: 15436 | Read file or device (See above)
2018-12-25T11:40:54.370045395Z 87 PC: 15453 | Get or set file date and time (See above)
2018-12-25T11:40:54.373050061Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.374705499Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.383471299Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.385336151Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.393098354Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.394925156Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.404377973Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.416058866Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.419362282Z 67 PC: 1541c | Get or set file attributes (See above)
2018-12-25T11:40:54.426822784Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.438275995Z 61 PC: 1542a | Open file (See above)
2018-12-25T11:40:54.446519435Z 63 PC: 15436 | Read file or device (See above)
2018-12-25T11:40:54.454255287Z 87 PC: 15453 | Get or set file date and time (See above)
2018-12-25T11:40:54.456707645Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.458326707Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.461343293Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.464192634Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.467525599Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.469593277Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.478804816Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.490640285Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.494000388Z 67 PC: 1541c | Get or set file attributes (See above)
2018-12-25T11:40:54.501056442Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.509639689Z 61 PC: 1542a | Open file (See above)
2018-12-25T11:40:54.518169899Z 63 PC: 15436 | Read file or device (See above)
2018-12-25T11:40:54.52376448Z 87 PC: 15453 | Get or set file date and time (See above)
2018-12-25T11:40:54.524903532Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.526076442Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.528640211Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.530449924Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.532740506Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.534768343Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.542479946Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.553611554Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.556580248Z 67 PC: 1541c | Get or set file attributes (See above)
2018-12-25T11:40:54.560576865Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.568309124Z 61 PC: 1542a | Open file (See above)
2018-12-25T11:40:54.576279232Z 63 PC: 15436 | Read file or device (See above)
2018-12-25T11:40:54.58372944Z 87 PC: 15453 | Get or set file date and time (See above)
2018-12-25T11:40:54.585465928Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.587560393Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.596540165Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.598353937Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.605963202Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.607455223Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.616896632Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.629322602Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.632718107Z 67 PC: 1541c | Get or set file attributes (See above)
2018-12-25T11:40:54.639428851Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.651445829Z 61 PC: 1542a | Open file (See above)
2018-12-25T11:40:54.65939583Z 63 PC: 15436 | Read file or device (See above)
2018-12-25T11:40:54.666890218Z 87 PC: 15453 | Get or set file date and time (See above)
2018-12-25T11:40:54.669230608Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.670901063Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.674347507Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.678168003Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.681758293Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.683863954Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.693718426Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.705228052Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.708657893Z 67 PC: 1541c | Get or set file attributes (See above)
2018-12-25T11:40:54.715858655Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.727125822Z 61 PC: 1542a | Open file (See above)
2018-12-25T11:40:54.734460136Z 63 PC: 15436 | Read file or device (See above)
2018-12-25T11:40:54.742818489Z 87 PC: 15453 | Get or set file date and time (See above)
2018-12-25T11:40:54.744962225Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.746874965Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.756857547Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.759695857Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.762911979Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.764177949Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.770320641Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.77812563Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.779964538Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.782019509Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.78329748Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.789762488Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.792130143Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.793600492Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.794909718Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.8017816Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.804397364Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.805849955Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.807930279Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.819460254Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.822462506Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.825188713Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.827028967Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.837789166Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.840289855Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.841730498Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.843087903Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.850371791Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.85244164Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.853721343Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.8555117Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.86284106Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.864701929Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.86646927Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.867723685Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.874108782Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.876467054Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.877880495Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.879900465Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.890828284Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.892622725Z 59 PC: 154cc | Change current directory
2018-12-25T11:40:54.894040164Z 78 PC: 153e4 | Find first file
2018-12-25T11:40:54.89857622Z 59 PC: 154cc | Change current directory (See above)
2018-12-25T11:40:54.899984074Z 78 PC: 153e4 | Find first file (See above)
2018-12-25T11:40:54.903860552Z 59 PC: 154cc | Change current directory (See above)
2018-12-25T11:40:54.905800946Z 78 PC: 153e4 | Find first file (See above)
2018-12-25T11:40:54.909609053Z 59 PC: 154cc | Change current directory (See above)
2018-12-25T11:40:54.91403091Z 37 PC: 153a2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:54.920197209Z 59 PC: 154cc | Change current directory (See above)
2018-12-25T11:40:54.922990973Z 26 PC: 153b2 | Set disk transfer address
2018-12-25T11:40:54.949065337Z 37 PC: 1526b | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T11:40:54.950731915Z 250 PC: 15274 | UNKNOWN!
2018-12-25T11:40:54.951592991Z 26 PC: 151c7 | Set disk transfer address
2018-12-25T11:40:54.952983507Z 71 PC: 151a6 | Get current directory
2018-12-25T11:40:54.957390862Z 78 PC: 151b7 | Find first file
2018-12-25T11:40:54.964148597Z 61 PC: 1527d | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:40:54.972340268Z 63 PC: 151d9 | Read file or device (Read 26 bytes on handle 5)
2018-12-25T11:40:54.980279144Z 62 PC: 151dd | Close file
2018-12-25T11:40:54.981983682Z 67 PC: 15288 | Get or set file attributes
2018-12-25T11:40:54.988827525Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:54.993782585Z 64 PC: 15226 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T11:40:54.995819568Z 66 PC: 15232 | Move file pointer
2018-12-25T11:40:54.997083109Z 44 PC: 15236 | Get time 0x15236: mov word ptr ds:[bp + 0x118], dx
0x1523b: call 0x25165
0x1523e: mov ax, 0x5701
0x15241: mov cx, word ptr ds:[bp + 0x2aa]
0x15246: mov dx, word ptr ds:[bp + 0x2ac]
0x1524b: int 0x21
0x1524d: mov ah, 0x3e
0x1524f: int 0x21
0x15251: xor cx, cx
0x15253: mov cl, byte ptr ds:[bp + 0x2a9]
0x15258: call 0x1527f
0x1525b: ret
0x1525c: mov cx, 0x9eb
0x1525f: mov ax, 0xfe05
0x15262: jmp 0x15260
0x15264: add ah, 0x3b
0x15267: jmp 0x1525d
0x15269: int 0x21
0x1526b: ret
0x1526c: mov ax, 0xfa01
2018-12-25T11:40:54.999568519Z 64 PC: 15173 | Write file or device (Write 467 bytes on handle 5)
2018-12-25T11:40:55.005481745Z 87 PC: 1524d | Get or set file date and time
2018-12-25T11:40:55.007121229Z 62 PC: 15251 | Close file
2018-12-25T11:40:55.014773875Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:55.022258176Z 42 PC: 152a7 | Get date 0x152a7: cmp al, 4
0x152a9: je 0x152ac
0x152ab: ret
0x152ac: jmp 0x152ae
0x152ae: cli
0x152af: cdq
0x152b0: mov al, 2
0x152b2: mov cx, 0xff
0x152b5: int 0x26
0x152b7: sti
0x152b8: jb 0x152ba
0x152ba: ret
0x152bb: sub ch, byte ptr [0x4f43]
0x152bf: dec bp
0x152c0: add byte ptr [0x2e], ch
0x152c4: add byte ptr [bp + di + 0x32], dl
0x152c7: push di
0x152c8: push si
0x152c9: jle 0x152ff
0x152cb: inc bx
2018-12-25T11:40:55.024275941Z 2 PC: 12992 | Character output (Char = '00')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":416,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:40:53.646964496Z 26 PC: 15538 | Set disk transfer address
2018-12-25T11:40:53.649372452Z 78 PC: 15543 | Find first file
2018-12-25T11:40:53.65622349Z 67 PC: 155b9 | Get or set file attributes
2018-12-25T11:40:53.803206499Z 61 PC: 155bf | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:40:53.817726696Z 87 PC: 155c5 | Get or set file date and time
2018-12-25T11:40:53.820175155Z 63 PC: 155d2 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:40:53.827688447Z 87 PC: 1563b | Get or set file date and time
2018-12-25T11:40:53.830302595Z 62 PC: 1563f | Close file
2018-12-25T11:40:53.84120092Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.845323989Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.857365992Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.866412617Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.868679267Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.876830399Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.880264423Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.893122405Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.89732829Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.909825596Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.919411934Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.92140038Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.926114066Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.93027254Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.942112031Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.946416049Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:53.959428983Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:53.967766332Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:53.969628764Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:53.977503428Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:53.97959359Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:53.988309019Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:53.992489067Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:54.006930182Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:54.015036416Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:54.016690813Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:54.024041433Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:54.026289601Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:54.034676378Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:54.038072601Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:54.048841418Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:54.056648286Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:54.058230843Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:54.065297326Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:54.066938509Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:54.075115588Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:54.077649666Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:54.088359674Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:54.096387299Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:54.098247064Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:54.105575041Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:54.107659125Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:54.11584708Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:54.119143986Z 67 PC: 155b9 | Get or set file attributes (See above)
2018-12-25T11:40:54.131129855Z 61 PC: 155bf | Open file (See above)
2018-12-25T11:40:54.140081157Z 87 PC: 155c5 | Get or set file date and time (See above)
2018-12-25T11:40:54.142067448Z 63 PC: 155d2 | Read file or device (See above)
2018-12-25T11:40:54.149846863Z 87 PC: 1563b | Get or set file date and time (See above)
2018-12-25T11:40:54.15254904Z 62 PC: 1563f | Close file (See above)
2018-12-25T11:40:54.160765916Z 79 PC: 15543 | Find next file (See above)
2018-12-25T11:40:54.163852722Z 59 PC: 1554d | Change current directory
2018-12-25T11:40:54.170177782Z 42 PC: 15553 | Get date 0x15553: cmp al, 6
0x15555: je 0x15563
0x15557: cmp al, 0
0x15559: je 0x15563
0x1555b: mov dx, 0x80
0x1555e: mov ah, 0x1a
0x15560: int 0x21
0x15562: ret
0x15563: mov ah, 0xe
0x15565: mov dl, 2
0x15567: int 0x21
0x15569: mov ah, 0x3b
0x1556b: lea dx, word ptr [bp + 0x285]
0x1556f: int 0x21
0x15571: mov ah, 0x4e
0x15573: lea dx, word ptr [bp + 0x287]
0x15577: mov cx, 3
0x1557a: int 0x21
0x1557c: jb 0x1555b
0x1557e: lea dx, word ptr [bp + 0x2bc]
2018-12-25T11:40:54.17268047Z 26 PC: 15562 | Set disk transfer address
2018-12-25T11:40:54.174080401Z 26 PC: 1533e | Set disk transfer address
2018-12-25T11:40:54.176261158Z 71 PC: 15348 | Get current directory
2018-12-25T11:40:54.180565279Z 53 PC: 1534d | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:54.182324147Z 37 PC: 1535d | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:54.184465729Z 78 PC: 15403 | Find first file
2018-12-25T11:40:54.191430141Z 67 PC: 1541c | Get or set file attributes
2018-12-25T11:40:54.203751827Z 67 PC: 154b4 | Get or set file attributes
2018-12-25T11:40:54.219037101Z 61 PC: 1542a | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:40:54.227234791Z 63 PC: 15436 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:40:54.234774881Z 87 PC: 15453 | Get or set file date and time
2018-12-25T11:40:54.236814101Z 66 PC: 154be | Move file pointer
2018-12-25T11:40:54.239874664Z 64 PC: 154c5 | Write file or device (Write 456 bytes on handle 5)
2018-12-25T11:40:54.249086064Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.251043332Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.260255309Z 87 PC: 1546b | Get or set file date and time
2018-12-25T11:40:54.262329515Z 62 PC: 1546f | Close file
2018-12-25T11:40:54.271294526Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.283931429Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.287700516Z 67 PC: 1541c | Get or set file attributes (See above)
2018-12-25T11:40:54.296956051Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.309324756Z 61 PC: 1542a | Open file (See above)
2018-12-25T11:40:54.317821403Z 63 PC: 15436 | Read file or device (See above)
2018-12-25T11:40:54.325497892Z 87 PC: 15453 | Get or set file date and time (See above)
2018-12-25T11:40:54.327634437Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.330729522Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.334099753Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.336501269Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.341045917Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.34344645Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.351724924Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.363882232Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.366892268Z 67 PC: 1541c | Get or set file attributes (See above)
2018-12-25T11:40:54.373258348Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.385496693Z 61 PC: 1542a | Open file (See above)
2018-12-25T11:40:54.393021434Z 63 PC: 15436 | Read file or device (See above)
2018-12-25T11:40:54.400464441Z 87 PC: 15453 | Get or set file date and time (See above)
2018-12-25T11:40:54.40210246Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.404504299Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.415296826Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.417311874Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.425561528Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.427356296Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.436097784Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.448730684Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.451723301Z 67 PC: 1541c | Get or set file attributes (See above)
2018-12-25T11:40:54.461481795Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.476256327Z 61 PC: 1542a | Open file (See above)
2018-12-25T11:40:54.485134686Z 63 PC: 15436 | Read file or device (See above)
2018-12-25T11:40:54.492844793Z 87 PC: 15453 | Get or set file date and time (See above)
2018-12-25T11:40:54.495688697Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.498044723Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.50214676Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.504335159Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.508531625Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.510416029Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.518891063Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.530973442Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.5346215Z 67 PC: 1541c | Get or set file attributes (See above)
2018-12-25T11:40:54.541655834Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.555072257Z 61 PC: 1542a | Open file (See above)
2018-12-25T11:40:54.563042574Z 63 PC: 15436 | Read file or device (See above)
2018-12-25T11:40:54.570400494Z 87 PC: 15453 | Get or set file date and time (See above)
2018-12-25T11:40:54.573214205Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.574807639Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.578042734Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.58024719Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.583382747Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.585085259Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.598218862Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.609850661Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.613207586Z 67 PC: 1541c | Get or set file attributes (See above)
2018-12-25T11:40:54.621523972Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.633084138Z 61 PC: 1542a | Open file (See above)
2018-12-25T11:40:54.640909906Z 63 PC: 15436 | Read file or device (See above)
2018-12-25T11:40:54.649191463Z 87 PC: 15453 | Get or set file date and time (See above)
2018-12-25T11:40:54.65098818Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.652891266Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.662734702Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.664598744Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.6726113Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.6754745Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.683067087Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.690937414Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.693668948Z 67 PC: 1541c | Get or set file attributes (See above)
2018-12-25T11:40:54.697655716Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.704114771Z 61 PC: 1542a | Open file (See above)
2018-12-25T11:40:54.712226056Z 63 PC: 15436 | Read file or device (See above)
2018-12-25T11:40:54.719411201Z 87 PC: 15453 | Get or set file date and time (See above)
2018-12-25T11:40:54.720969329Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.722844017Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.725915317Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.727402307Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.730711464Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.732267054Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.740678901Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.752750857Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.755753356Z 67 PC: 1541c | Get or set file attributes (See above)
2018-12-25T11:40:54.762186837Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.774563964Z 61 PC: 1542a | Open file (See above)
2018-12-25T11:40:54.782576499Z 63 PC: 15436 | Read file or device (See above)
2018-12-25T11:40:54.790372645Z 87 PC: 15453 | Get or set file date and time (See above)
2018-12-25T11:40:54.792645299Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.794818566Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.805571839Z 66 PC: 154be | Move file pointer (See above)
2018-12-25T11:40:54.807924338Z 64 PC: 154c5 | Write file or device (See above)
2018-12-25T11:40:54.812545678Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.814659237Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.824143648Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.837149515Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.839954307Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.841800044Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.844891115Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.856080631Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.859272426Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.861898901Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.864237727Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.875487309Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.878800529Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.880538241Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.882224385Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.894334425Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.897435578Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.899555527Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.902469692Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.914008532Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.91707309Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.919951132Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.922291808Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.933327902Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.937788275Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.940955495Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.94252662Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.959788995Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.963658907Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.96637597Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.96913853Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.980025207Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:54.983030617Z 87 PC: 1546b | Get or set file date and time (See above)
2018-12-25T11:40:54.985303115Z 62 PC: 1546f | Close file (See above)
2018-12-25T11:40:54.988361046Z 67 PC: 154b4 | Get or set file attributes (See above)
2018-12-25T11:40:54.999592173Z 79 PC: 15403 | Find next file (See above)
2018-12-25T11:40:55.003639945Z 59 PC: 154cc | Change current directory
2018-12-25T11:40:55.005930239Z 78 PC: 153e4 | Find first file
2018-12-25T11:40:55.012819221Z 59 PC: 154cc | Change current directory (See above)
2018-12-25T11:40:55.015085099Z 78 PC: 153e4 | Find first file (See above)
2018-12-25T11:40:55.02232333Z 59 PC: 154cc | Change current directory (See above)
2018-12-25T11:40:55.024390981Z 78 PC: 153e4 | Find first file (See above)
2018-12-25T11:40:55.030862119Z 59 PC: 154cc | Change current directory (See above)
2018-12-25T11:40:55.036144847Z 37 PC: 153a2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:55.037580111Z 59 PC: 154cc | Change current directory (See above)
2018-12-25T11:40:55.039674239Z 26 PC: 153b2 | Set disk transfer address
2018-12-25T11:40:55.063912944Z 37 PC: 1526b | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T11:40:55.065340568Z 250 PC: 15274 | UNKNOWN!
2018-12-25T11:40:55.066473356Z 26 PC: 151c7 | Set disk transfer address
2018-12-25T11:40:55.067778548Z 71 PC: 151a6 | Get current directory
2018-12-25T11:40:55.070862343Z 78 PC: 151b7 | Find first file
2018-12-25T11:40:55.077417756Z 61 PC: 1527d | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:40:55.08527936Z 63 PC: 151d9 | Read file or device (Read 26 bytes on handle 5)
2018-12-25T11:40:55.092457234Z 62 PC: 151dd | Close file
2018-12-25T11:40:55.094627083Z 67 PC: 15288 | Get or set file attributes
2018-12-25T11:40:55.106346824Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:55.113881886Z 64 PC: 15226 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T11:40:55.117195909Z 66 PC: 15232 | Move file pointer
2018-12-25T11:40:55.119425263Z 44 PC: 15236 | Get time 0x15236: mov word ptr ds:[bp + 0x118], dx
0x1523b: call 0x25165
0x1523e: mov ax, 0x5701
0x15241: mov cx, word ptr ds:[bp + 0x2aa]
0x15246: mov dx, word ptr ds:[bp + 0x2ac]
0x1524b: int 0x21
0x1524d: mov ah, 0x3e
0x1524f: int 0x21
0x15251: xor cx, cx
0x15253: mov cl, byte ptr ds:[bp + 0x2a9]
0x15258: call 0x1527f
0x1525b: ret
0x1525c: mov cx, 0x9eb
0x1525f: mov ax, 0xfe05
0x15262: jmp 0x15260
0x15264: add ah, 0x3b
0x15267: jmp 0x1525d
0x15269: int 0x21
0x1526b: ret
0x1526c: mov ax, 0xfa01
2018-12-25T11:40:55.121977478Z 64 PC: 15173 | Write file or device (Write 467 bytes on handle 5)
2018-12-25T11:40:55.132585004Z 87 PC: 1524d | Get or set file date and time
2018-12-25T11:40:55.136553542Z 62 PC: 15251 | Close file
2018-12-25T11:40:55.14455891Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:55.157960552Z 42 PC: 152a7 | Get date 0x152a7: cmp al, 4
0x152a9: je 0x152ac
0x152ab: ret
0x152ac: jmp 0x152ae
0x152ae: cli
0x152af: cdq
0x152b0: mov al, 2
0x152b2: mov cx, 0xff
0x152b5: int 0x26
0x152b7: sti
0x152b8: jb 0x152ba
0x152ba: ret
0x152bb: sub ch, byte ptr [0x4f43]
0x152bf: dec bp
0x152c0: add byte ptr [0x2e], ch
0x152c4: add byte ptr [bp + di + 0x32], dl
0x152c7: push di
0x152c8: push si
0x152c9: jle 0x152ff
0x152cb: inc bx
2018-12-25T11:40:55.160931454Z 79 PC: 151b7 | Find next file (See above)
2018-12-25T11:40:55.164351282Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:55.173718203Z 63 PC: 151d9 | Read file or device (See above)
2018-12-25T11:40:55.181495119Z 62 PC: 151dd | Close file (See above)
2018-12-25T11:40:55.183992832Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:55.198447138Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:55.205888739Z 64 PC: 15226 | Write file or device (See above)
2018-12-25T11:40:55.209018839Z 66 PC: 15232 | Move file pointer (See above)
2018-12-25T11:40:55.211171755Z 44 PC: 15236 | Get time (See above)
2018-12-25T11:40:55.213835403Z 64 PC: 15173 | Write file or device (See above)
2018-12-25T11:40:55.223156663Z 87 PC: 1524d | Get or set file date and time (See above)
2018-12-25T11:40:55.225326523Z 62 PC: 15251 | Close file (See above)
2018-12-25T11:40:55.233982626Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:55.244976627Z 42 PC: 152a7 | Get date (See above)
2018-12-25T11:40:55.248095928Z 79 PC: 151b7 | Find next file (See above)
2018-12-25T11:40:55.251097134Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:55.258324615Z 63 PC: 151d9 | Read file or device (See above)
2018-12-25T11:40:55.266743314Z 62 PC: 151dd | Close file (See above)
2018-12-25T11:40:55.269161083Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:55.280685489Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:55.289645493Z 64 PC: 15226 | Write file or device (See above)
2018-12-25T11:40:55.293197037Z 66 PC: 15232 | Move file pointer (See above)
2018-12-25T11:40:55.29554134Z 44 PC: 15236 | Get time (See above)
2018-12-25T11:40:55.29918553Z 64 PC: 15173 | Write file or device (See above)
2018-12-25T11:40:55.307112104Z 87 PC: 1524d | Get or set file date and time (See above)
2018-12-25T11:40:55.308683452Z 62 PC: 15251 | Close file (See above)
2018-12-25T11:40:55.317474438Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:55.329167573Z 42 PC: 152a7 | Get date (See above)
2018-12-25T11:40:55.332019344Z 79 PC: 151b7 | Find next file (See above)
2018-12-25T11:40:55.336557008Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:55.343993281Z 63 PC: 151d9 | Read file or device (See above)
2018-12-25T11:40:55.351360059Z 62 PC: 151dd | Close file (See above)
2018-12-25T11:40:55.35387057Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:55.365164784Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:55.372716648Z 64 PC: 15226 | Write file or device (See above)
2018-12-25T11:40:55.376315685Z 66 PC: 15232 | Move file pointer (See above)
2018-12-25T11:40:55.378056065Z 44 PC: 15236 | Get time (See above)
2018-12-25T11:40:55.380846784Z 64 PC: 15173 | Write file or device (See above)
2018-12-25T11:40:55.390436535Z 87 PC: 1524d | Get or set file date and time (See above)
2018-12-25T11:40:55.393434663Z 62 PC: 15251 | Close file (See above)
2018-12-25T11:40:55.402894211Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:55.41506942Z 42 PC: 152a7 | Get date (See above)
2018-12-25T11:40:55.417685502Z 79 PC: 151b7 | Find next file (See above)
2018-12-25T11:40:55.421410804Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:55.429841076Z 63 PC: 151d9 | Read file or device (See above)
2018-12-25T11:40:55.437129636Z 62 PC: 151dd | Close file (See above)
2018-12-25T11:40:55.439661144Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:55.445925614Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:55.451133507Z 64 PC: 15226 | Write file or device (See above)
2018-12-25T11:40:55.45442884Z 66 PC: 15232 | Move file pointer (See above)
2018-12-25T11:40:55.45644811Z 44 PC: 15236 | Get time (See above)
2018-12-25T11:40:55.4589934Z 64 PC: 15173 | Write file or device (See above)
2018-12-25T11:40:55.48596726Z 87 PC: 1524d | Get or set file date and time (See above)
2018-12-25T11:40:55.487709061Z 62 PC: 15251 | Close file (See above)
2018-12-25T11:40:55.489792986Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:55.495447819Z 42 PC: 152a7 | Get date (See above)
2018-12-25T11:40:55.497891316Z 79 PC: 151b7 | Find next file (See above)
2018-12-25T11:40:55.500781147Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:55.524116163Z 63 PC: 151d9 | Read file or device (See above)
2018-12-25T11:40:55.53163194Z 62 PC: 151dd | Close file (See above)
2018-12-25T11:40:55.533488468Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:55.545551524Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:55.553022923Z 64 PC: 15226 | Write file or device (See above)
2018-12-25T11:40:55.556230076Z 66 PC: 15232 | Move file pointer (See above)
2018-12-25T11:40:55.558805543Z 44 PC: 15236 | Get time (See above)
2018-12-25T11:40:55.561406071Z 64 PC: 15173 | Write file or device (See above)
2018-12-25T11:40:55.571239561Z 87 PC: 1524d | Get or set file date and time (See above)
2018-12-25T11:40:55.574078675Z 62 PC: 15251 | Close file (See above)
2018-12-25T11:40:55.582877539Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:55.593631319Z 42 PC: 152a7 | Get date (See above)
2018-12-25T11:40:55.597162498Z 79 PC: 151b7 | Find next file (See above)
2018-12-25T11:40:55.599922641Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:55.608555428Z 63 PC: 151d9 | Read file or device (See above)
2018-12-25T11:40:55.612517312Z 62 PC: 151dd | Close file (See above)
2018-12-25T11:40:55.614455392Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:55.625318592Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:55.632987305Z 64 PC: 15226 | Write file or device (See above)
2018-12-25T11:40:55.636236953Z 66 PC: 15232 | Move file pointer (See above)
2018-12-25T11:40:55.637833527Z 44 PC: 15236 | Get time (See above)
2018-12-25T11:40:55.641425729Z 64 PC: 15173 | Write file or device (See above)
2018-12-25T11:40:55.650554371Z 87 PC: 1524d | Get or set file date and time (See above)
2018-12-25T11:40:55.652013687Z 62 PC: 15251 | Close file (See above)
2018-12-25T11:40:55.660864209Z 67 PC: 15288 | Get or set file attributes (See above)
2018-12-25T11:40:55.680827655Z 42 PC: 152a7 | Get date (See above)
2018-12-25T11:40:55.683183796Z 79 PC: 151b7 | Find next file (See above)
2018-12-25T11:40:55.686443263Z 61 PC: 1527d | Open file (See above)
2018-12-25T11:40:55.694155531Z 63 PC: 151d9 | Read file or device (See above)
2018-12-25T11:40:55.69683348Z 62 PC: 151dd | Close file (See above)
2018-12-25T11:40:55.698763455Z 42 PC: 152a7 | Get date (See above)
2018-12-25T11:40:55.701037773Z 79 PC: 151b7 | Find next file (See above)
2018-12-25T11:40:55.703435112Z 59 PC: 15298 | Change current directory
2018-12-25T11:40:55.70788923Z 59 PC: 152a2 | Change current directory
2018-12-25T11:40:55.709543977Z 26 PC: 151c7 | Set disk transfer address (See above)
2018-12-25T11:40:55.710521014Z 9 PC: 12a51 | Display string (String= 'This is a sample! (10.000 bytes)')
2018-12-25T11:40:55.716321358Z 76 PC: 12a56 | Terminate with return code (Return code = '0')