{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4209,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:51:17.671642436Z | 26 | PC: 12a6d | Set disk transfer address |
| 2018-12-25T11:51:17.67355051Z | 78 | PC: 12a78 | Find first file |
| 2018-12-25T11:51:17.680468341Z | 61 | PC: 12ac0 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T11:51:17.688678348Z | 63 | PC: 12ad4 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T11:51:17.696334349Z | 62 | PC: 12b35 | Close file |
| 2018-12-25T11:51:17.698385056Z | 79 | PC: 12a78 | Find next file (See above) |
| 2018-12-25T11:51:17.701302947Z | 61 | PC: 12ac0 | Open file (See above) |
| 2018-12-25T11:51:17.70965774Z | 63 | PC: 12ad4 | Read file or device (See above) |
| 2018-12-25T11:51:17.716766296Z | 62 | PC: 12b35 | Close file (See above) |
| 2018-12-25T11:51:17.718893509Z | 79 | PC: 12a78 | Find next file (See above) |
| 2018-12-25T11:51:17.7221415Z | 61 | PC: 12ac0 | Open file (See above) |
| 2018-12-25T11:51:17.730268449Z | 63 | PC: 12ad4 | Read file or device (See above) |
| 2018-12-25T11:51:17.737086884Z | 62 | PC: 12b35 | Close file (See above) |
| 2018-12-25T11:51:17.738938808Z | 79 | PC: 12a78 | Find next file (See above) |
| 2018-12-25T11:51:17.74222705Z | 61 | PC: 12ac0 | Open file (See above) |
| 2018-12-25T11:51:17.749339482Z | 63 | PC: 12ad4 | Read file or device (See above) |
| 2018-12-25T11:51:17.756342338Z | 62 | PC: 12b35 | Close file (See above) |
| 2018-12-25T11:51:17.758817175Z | 79 | PC: 12a78 | Find next file (See above) |
| 2018-12-25T11:51:17.761821027Z | 61 | PC: 12ac0 | Open file (See above) |
| 2018-12-25T11:51:17.769808454Z | 63 | PC: 12ad4 | Read file or device (See above) |
| 2018-12-25T11:51:17.778130374Z | 62 | PC: 12b35 | Close file (See above) |
| 2018-12-25T11:51:17.78027327Z | 79 | PC: 12a78 | Find next file (See above) |
| 2018-12-25T11:51:17.783503043Z | 61 | PC: 12ac0 | Open file (See above) |
| 2018-12-25T11:51:17.792109324Z | 63 | PC: 12ad4 | Read file or device (See above) |
| 2018-12-25T11:51:17.799225571Z | 62 | PC: 12b35 | Close file (See above) |
| 2018-12-25T11:51:17.801149497Z | 79 | PC: 12a78 | Find next file (See above) |
| 2018-12-25T11:51:17.804454632Z | 61 | PC: 12ac0 | Open file (See above) |
| 2018-12-25T11:51:17.81177309Z | 63 | PC: 12ad4 | Read file or device (See above) |
| 2018-12-25T11:51:17.819111123Z | 62 | PC: 12b35 | Close file (See above) |
| 2018-12-25T11:51:17.821608091Z | 79 | PC: 12a78 | Find next file (See above) |
| 2018-12-25T11:51:17.824900917Z | 61 | PC: 12ac0 | Open file (See above) |
| 2018-12-25T11:51:17.831991756Z | 63 | PC: 12ad4 | Read file or device (See above) |
| 2018-12-25T11:51:17.834756266Z | 62 | PC: 12b35 | Close file (See above) |
| 2018-12-25T11:51:17.837306359Z | 79 | PC: 12a78 | Find next file (See above) |
| 2018-12-25T11:51:17.839907758Z | 78 | PC: 12a88 | Find first file |
| 2018-12-25T11:51:17.846675745Z | 59 | PC: 12ab2 | Change current directory |
| 2018-12-25T11:51:17.852059147Z | 42 | PC: 12b3e | Get date 0x12b3e: cmp dl, 0xf 0x12b41: jne 0x12b46 0x12b43: jmp 0x12b49 0x12b45: nop 0x12b46: jmp 0x12bfd 0x12b49: mov ah, 9 0x12b4b: lea dx, word ptr [bp + 0x3c1] 0x12b4f: int 0x21 0x12b51: mov ah, 0x4e 0x12b53: lea dx, word ptr [bp + 0x56d] 0x12b57: mov cx, 7 0x12b5a: int 0x21 0x12b5c: jae 0x12b61 0x12b5e: jmp 0x12b7e 0x12b60: nop 0x12b61: mov ax, 0x3d02 0x12b64: lea dx, word ptr [bp + 0x3a9] 0x12b68: int 0x21 0x12b6a: xchg ax, bx 0x12b6b: mov ah, 0x40 |
| 2018-12-25T11:51:17.855270755Z | 26 | PC: 12c04 | Set disk transfer address |