Sample viewer

vx.netlux.org/Virus.DOS.IVP.a

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:24:16.943580798Z 26 PC: 12c51 | Set disk transfer address
2018-12-17T22:24:16.945441374Z 53 PC: 12a84 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:24:16.947388005Z 37 PC: 12a96 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:24:16.94867984Z 71 PC: 12aa2 | Get current directory
2018-12-17T22:24:16.95199655Z 78 PC: 12b15 | Find first file
2018-12-17T22:24:16.958944237Z 78 PC: 12b15 | Find first file
2018-12-17T22:24:16.971237318Z 61 PC: 12c5a | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:24:16.984973814Z 63 PC: 12b30 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:24:16.994494945Z 62 PC: 12b34 | Close file
2018-12-17T22:24:16.996832954Z 67 PC: 12c65 | Get or set file attributes
2018-12-17T22:24:17.014796784Z 61 PC: 12c5a | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:24:17.02326541Z 64 PC: 12c0e | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:24:17.026684305Z 66 PC: 12c4c | Move file pointer
2018-12-17T22:24:17.028982786Z 44 PC: 12c19 | Get time 0x12c19: cmp dh, 0
0x12c1c: je 0x12c15
0x12c1e: mov byte ptr cs:[bp + 0x3d1], dh
0x12c23: call 0x12cc8
0x12c26: mov ax, 0x5701
0x12c29: mov cx, word ptr cs:[bp + 0x444]
0x12c2e: mov dx, word ptr cs:[bp + 0x446]
0x12c33: int 0x21
0x12c35: mov ah, 0x3e
0x12c37: int 0x21
0x12c39: xor cx, cx
0x12c3b: mov cl, byte ptr cs:[bp + 0x443]
0x12c40: call 0x12c5c
0x12c43: ret
0x12c44: mov ah, 0x42
0x12c46: xor cx, cx
0x12c48: xor dx, dx
0x12c4a: int 0x21
0x12c4c: ret
0x12c4d: mov ah, 0x1a
2018-12-17T22:24:17.033186499Z 64 PC: 12d25 | Write file or device (Write 719 bytes on handle 5)
2018-12-17T22:24:17.04493154Z 87 PC: 12c35 | Get or set file date and time
2018-12-17T22:24:17.046993202Z 62 PC: 12c39 | Close file
2018-12-17T22:24:17.05687907Z 67 PC: 12c65 | Get or set file attributes
2018-12-17T22:24:17.07460505Z 79 PC: 12b15 | Find next file
2018-12-17T22:24:17.077582391Z 61 PC: 12c5a | Open file (Filename = 'PRINT.COM')
2018-12-17T22:24:17.084758341Z 63 PC: 12b30 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:24:17.092425917Z 62 PC: 12b34 | Close file
2018-12-17T22:24:17.094565395Z 67 PC: 12c65 | Get or set file attributes
2018-12-17T22:24:17.105644561Z 61 PC: 12c5a | Open file (Filename = 'PRINT.COM')
2018-12-17T22:24:17.11375737Z 64 PC: 12c0e | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:24:17.117334193Z 66 PC: 12c4c | Move file pointer
2018-12-17T22:24:17.119275771Z 44 PC: 12c19 | Get time 0x12c19: cmp dh, 0
0x12c1c: je 0x12c15
0x12c1e: mov byte ptr cs:[bp + 0x3d1], dh
0x12c23: call 0x12cc8
0x12c26: mov ax, 0x5701
0x12c29: mov cx, word ptr cs:[bp + 0x444]
0x12c2e: mov dx, word ptr cs:[bp + 0x446]
0x12c33: int 0x21
0x12c35: mov ah, 0x3e
0x12c37: int 0x21
0x12c39: xor cx, cx
0x12c3b: mov cl, byte ptr cs:[bp + 0x443]
0x12c40: call 0x12c5c
0x12c43: ret
0x12c44: mov ah, 0x42
0x12c46: xor cx, cx
0x12c48: xor dx, dx
0x12c4a: int 0x21
0x12c4c: ret
0x12c4d: mov ah, 0x1a
2018-12-17T22:24:17.124009969Z 64 PC: 12d25 | Write file or device (Write 719 bytes on handle 5)
2018-12-17T22:24:17.13430135Z 87 PC: 12c35 | Get or set file date and time
2018-12-17T22:24:17.13643702Z 62 PC: 12c39 | Close file
2018-12-17T22:24:17.145415878Z 67 PC: 12c65 | Get or set file attributes
2018-12-17T22:24:17.158837832Z 79 PC: 12b15 | Find next file
2018-12-17T22:24:17.162197717Z 61 PC: 12c5a | Open file (Filename = 'HELLO.COM')
2018-12-17T22:24:17.169835707Z 63 PC: 12b30 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:24:17.17850065Z 62 PC: 12b34 | Close file
2018-12-17T22:24:17.181008488Z 67 PC: 12c65 | Get or set file attributes
2018-12-17T22:24:17.193178696Z 61 PC: 12c5a | Open file (Filename = 'HELLO.COM')
2018-12-17T22:24:17.202992791Z 64 PC: 12c0e | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:24:17.207403432Z 66 PC: 12c4c | Move file pointer
2018-12-17T22:24:17.209400208Z 44 PC: 12c19 | Get time 0x12c19: cmp dh, 0
0x12c1c: je 0x12c15
0x12c1e: mov byte ptr cs:[bp + 0x3d1], dh
0x12c23: call 0x12cc8
0x12c26: mov ax, 0x5701
0x12c29: mov cx, word ptr cs:[bp + 0x444]
0x12c2e: mov dx, word ptr cs:[bp + 0x446]
0x12c33: int 0x21
0x12c35: mov ah, 0x3e
0x12c37: int 0x21
0x12c39: xor cx, cx
0x12c3b: mov cl, byte ptr cs:[bp + 0x443]
0x12c40: call 0x12c5c
0x12c43: ret
0x12c44: mov ah, 0x42
0x12c46: xor cx, cx
0x12c48: xor dx, dx
0x12c4a: int 0x21
0x12c4c: ret
0x12c4d: mov ah, 0x1a
2018-12-17T22:24:17.213507058Z 64 PC: 12d25 | Write file or device (Write 719 bytes on handle 5)
2018-12-17T22:24:17.223243879Z 87 PC: 12c35 | Get or set file date and time
2018-12-17T22:24:17.225297884Z 62 PC: 12c39 | Close file
2018-12-17T22:24:17.234618677Z 67 PC: 12c65 | Get or set file attributes
2018-12-17T22:24:17.247893939Z 79 PC: 12b15 | Find next file
2018-12-17T22:24:17.251274251Z 61 PC: 12c5a | Open file (Filename = 'PHANG.COM')
2018-12-17T22:24:17.259766001Z 63 PC: 12b30 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:24:17.268603948Z 62 PC: 12b34 | Close file
2018-12-17T22:24:17.27105115Z 67 PC: 12c65 | Get or set file attributes
2018-12-17T22:24:17.283169821Z 61 PC: 12c5a | Open file (Filename = 'PHANG.COM')
2018-12-17T22:24:17.291711566Z 64 PC: 12c0e | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:24:17.295427042Z 66 PC: 12c4c | Move file pointer
2018-12-17T22:24:17.297285422Z 44 PC: 12c19 | Get time 0x12c19: cmp dh, 0
0x12c1c: je 0x12c15
0x12c1e: mov byte ptr cs:[bp + 0x3d1], dh
0x12c23: call 0x12cc8
0x12c26: mov ax, 0x5701
0x12c29: mov cx, word ptr cs:[bp + 0x444]
0x12c2e: mov dx, word ptr cs:[bp + 0x446]
0x12c33: int 0x21
0x12c35: mov ah, 0x3e
0x12c37: int 0x21
0x12c39: xor cx, cx
0x12c3b: mov cl, byte ptr cs:[bp + 0x443]
0x12c40: call 0x12c5c
0x12c43: ret
0x12c44: mov ah, 0x42
0x12c46: xor cx, cx
0x12c48: xor dx, dx
0x12c4a: int 0x21
0x12c4c: ret
0x12c4d: mov ah, 0x1a
2018-12-17T22:24:17.30160311Z 64 PC: 12d25 | Write file or device (Write 719 bytes on handle 5)
2018-12-17T22:24:17.311526104Z 87 PC: 12c35 | Get or set file date and time
2018-12-17T22:24:17.313503751Z 62 PC: 12c39 | Close file
2018-12-17T22:24:17.323904123Z 67 PC: 12c65 | Get or set file attributes
2018-12-17T22:24:17.336158087Z 79 PC: 12b15 | Find next file
2018-12-17T22:24:17.339559373Z 61 PC: 12c5a | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:24:17.347215201Z 63 PC: 12b30 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:24:17.355593613Z 62 PC: 12b34 | Close file
2018-12-17T22:24:17.35799344Z 67 PC: 12c65 | Get or set file attributes
2018-12-17T22:24:17.363263871Z 61 PC: 12c5a | Open file (Filename = 'PRINTA~1.COM�')
2018-12-17T22:24:17.369671408Z 64 PC: 12c0e | Write file or device (Write 3 bytes on handle 2)
2018-12-17T22:24:17.373346311Z 66 PC: 12c4c | Move file pointer
2018-12-17T22:24:17.37519868Z 44 PC: 12c19 | Get time 0x12c19: cmp dh, 0
0x12c1c: je 0x12c15
0x12c1e: mov byte ptr cs:[bp + 0x3d1], dh
0x12c23: call 0x12cc8
0x12c26: mov ax, 0x5701
0x12c29: mov cx, word ptr cs:[bp + 0x444]
0x12c2e: mov dx, word ptr cs:[bp + 0x446]
0x12c33: int 0x21
0x12c35: mov ah, 0x3e
0x12c37: int 0x21
0x12c39: xor cx, cx
0x12c3b: mov cl, byte ptr cs:[bp + 0x443]
0x12c40: call 0x12c5c
0x12c43: ret
0x12c44: mov ah, 0x42
0x12c46: xor cx, cx
0x12c48: xor dx, dx
0x12c4a: int 0x21
0x12c4c: ret
0x12c4d: mov ah, 0x1a
2018-12-17T22:24:17.379182374Z 64 PC: 12d25 | Write file or device (Write 719 bytes on handle 2)
2018-12-17T22:24:17.400414433Z 87 PC: 12c35 | Get or set file date and time
2018-12-17T22:24:17.402407061Z 62 PC: 12c39 | Close file
2018-12-17T22:24:17.404776059Z 67 PC: 12c65 | Get or set file attributes
2018-12-17T22:24:17.410835122Z 79 PC: 12b15 | Find next file
2018-12-17T22:24:17.4141467Z 61 PC: 12c5a | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:24:17.421865431Z 63 PC: 12b30 | Read file or device (Read 26 bytes on handle 2)
2018-12-17T22:24:17.429518428Z 62 PC: 12b34 | Close file
2018-12-17T22:24:17.431900315Z 67 PC: 12c65 | Get or set file attributes
2018-12-17T22:24:17.443063435Z 61 PC: 12c5a | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:24:17.450549679Z 64 PC: 12c0e | Write file or device (Write 3 bytes on handle 2)
2018-12-17T22:24:17.452985718Z 66 PC: 12c4c | Move file pointer
2018-12-17T22:24:17.454370023Z 44 PC: 12c19 | Get time 0x12c19: cmp dh, 0
0x12c1c: je 0x12c15
0x12c1e: mov byte ptr cs:[bp + 0x3d1], dh
0x12c23: call 0x12cc8
0x12c26: mov ax, 0x5701
0x12c29: mov cx, word ptr cs:[bp + 0x444]
0x12c2e: mov dx, word ptr cs:[bp + 0x446]
0x12c33: int 0x21
0x12c35: mov ah, 0x3e
0x12c37: int 0x21
0x12c39: xor cx, cx
0x12c3b: mov cl, byte ptr cs:[bp + 0x443]
0x12c40: call 0x12c5c
0x12c43: ret
0x12c44: mov ah, 0x42
0x12c46: xor cx, cx
0x12c48: xor dx, dx
0x12c4a: int 0x21
0x12c4c: ret
0x12c4d: mov ah, 0x1a
2018-12-17T22:24:17.457235214Z 64 PC: 12d25 | Write file or device (Write 719 bytes on handle 2)
2018-12-17T22:24:17.467415679Z 87 PC: 12c35 | Get or set file date and time
2018-12-17T22:24:17.469722387Z 62 PC: 12c39 | Close file
2018-12-17T22:24:17.479543199Z 67 PC: 12c65 | Get or set file attributes
2018-12-17T22:24:17.48725514Z 79 PC: 12b15 | Find next file
2018-12-17T22:24:17.489293674Z 61 PC: 12c5a | Open file (Filename = 'PAH.COM')
2018-12-17T22:24:17.495305102Z 63 PC: 12b30 | Read file or device (Read 26 bytes on handle 2)
2018-12-17T22:24:17.50011983Z 62 PC: 12b34 | Close file
2018-12-17T22:24:17.501622673Z 67 PC: 12c65 | Get or set file attributes
2018-12-17T22:24:17.513775455Z 61 PC: 12c5a | Open file (Filename = 'PAH.COM')
2018-12-17T22:24:17.519290749Z 64 PC: 12c0e | Write file or device (Write 3 bytes on handle 2)
2018-12-17T22:24:17.521506058Z 66 PC: 12c4c | Move file pointer
2018-12-17T22:24:17.522926723Z 44 PC: 12c19 | Get time 0x12c19: cmp dh, 0
0x12c1c: je 0x12c15
0x12c1e: mov byte ptr cs:[bp + 0x3d1], dh
0x12c23: call 0x12cc8
0x12c26: mov ax, 0x5701
0x12c29: mov cx, word ptr cs:[bp + 0x444]
0x12c2e: mov dx, word ptr cs:[bp + 0x446]
0x12c33: int 0x21
0x12c35: mov ah, 0x3e
0x12c37: int 0x21
0x12c39: xor cx, cx
0x12c3b: mov cl, byte ptr cs:[bp + 0x443]
0x12c40: call 0x12c5c
0x12c43: ret
0x12c44: mov ah, 0x42
0x12c46: xor cx, cx
0x12c48: xor dx, dx
0x12c4a: int 0x21
0x12c4c: ret
0x12c4d: mov ah, 0x1a
2018-12-17T22:24:17.52595813Z 64 PC: 12d25 | Write file or device (Write 719 bytes on handle 2)
2018-12-17T22:24:17.844072583Z 87 PC: 12c35 | Get or set file date and time
2018-12-17T22:24:17.846236148Z 62 PC: 12c39 | Close file
2018-12-17T22:24:17.85651086Z 67 PC: 12c65 | Get or set file attributes
2018-12-17T22:24:17.867429913Z 79 PC: 12b15 | Find next file
2018-12-17T22:24:17.870026456Z 61 PC: 12c5a | Open file (Filename = 'TEST.COM')
2018-12-17T22:24:17.874853435Z 63 PC: 12b30 | Read file or device (Read 26 bytes on handle 2)
2018-12-17T22:24:17.879065761Z 62 PC: 12b34 | Close file
2018-12-17T22:24:17.880574972Z 79 PC: 12b15 | Find next file
2018-12-17T22:24:17.882931008Z 59 PC: 12ab8 | Change current directory
2018-12-17T22:24:17.885662698Z 9 PC: 12ac2 | Display string (String= 'Roseanne Conner - Ya! Fuck You Too... MuTaTiON INTERRUPT [NOVEMBER 1994] ')
2018-12-17T22:24:17.891468794Z 37 PC: 12acc | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:24:17.893283004Z 59 PC: 12ad6 | Change current directory
2018-12-17T22:24:17.894696457Z 26 PC: 12c51 | Set disk transfer address

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":4277,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:51:22.824357275Z 26 PC: 12c51 | Set disk transfer address
2018-12-25T11:51:22.825764593Z 53 PC: 12a84 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:51:22.827636691Z 37 PC: 12a96 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:51:22.829053094Z 71 PC: 12aa2 | Get current directory
2018-12-25T11:51:22.832548714Z 78 PC: 12b15 | Find first file
2018-12-25T11:51:22.844382575Z 78 PC: 12b15 | Find first file (See above)
2018-12-25T11:51:22.851845859Z 61 PC: 12c5a | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:51:22.859990256Z 63 PC: 12b30 | Read file or device (Read 26 bytes on handle 5)
2018-12-25T11:51:22.868452957Z 62 PC: 12b34 | Close file
2018-12-25T11:51:22.870040719Z 67 PC: 12c65 | Get or set file attributes
2018-12-25T11:51:22.884650485Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:22.893270164Z 64 PC: 12c0e | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:51:22.900764197Z 66 PC: 12c4c | Move file pointer
2018-12-25T11:51:22.902157832Z 44 PC: 12c19 | Get time 0x12c19: cmp dh, 0
0x12c1c: je 0x12c15
0x12c1e: mov byte ptr cs:[bp + 0x3d1], dh
0x12c23: call 0x12cc8
0x12c26: mov ax, 0x5701
0x12c29: mov cx, word ptr cs:[bp + 0x444]
0x12c2e: mov dx, word ptr cs:[bp + 0x446]
0x12c33: int 0x21
0x12c35: mov ah, 0x3e
0x12c37: int 0x21
0x12c39: xor cx, cx
0x12c3b: mov cl, byte ptr cs:[bp + 0x443]
0x12c40: call 0x12c5c
0x12c43: ret
0x12c44: mov ah, 0x42
0x12c46: xor cx, cx
0x12c48: xor dx, dx
0x12c4a: int 0x21
0x12c4c: ret
0x12c4d: mov ah, 0x1a
2018-12-25T11:51:22.906341327Z 64 PC: 12d25 | Write file or device (Write 719 bytes on handle 5)
2018-12-25T11:51:22.916334789Z 87 PC: 12c35 | Get or set file date and time
2018-12-25T11:51:22.917953734Z 62 PC: 12c39 | Close file
2018-12-25T11:51:22.928500389Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:22.940476941Z 79 PC: 12b15 | Find next file (See above)
2018-12-25T11:51:22.943912832Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:22.952500336Z 63 PC: 12b30 | Read file or device (See above)
2018-12-25T11:51:22.957521113Z 62 PC: 12b34 | Close file (See above)
2018-12-25T11:51:22.959089937Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:22.966779651Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:22.975139904Z 64 PC: 12c0e | Write file or device (See above)
2018-12-25T11:51:22.9782272Z 66 PC: 12c4c | Move file pointer (See above)
2018-12-25T11:51:22.97971311Z 44 PC: 12c19 | Get time (See above)
2018-12-25T11:51:22.982849917Z 64 PC: 12d25 | Write file or device (See above)
2018-12-25T11:51:22.992718989Z 87 PC: 12c35 | Get or set file date and time (See above)
2018-12-25T11:51:22.994841461Z 62 PC: 12c39 | Close file (See above)
2018-12-25T11:51:23.004827893Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.016883041Z 79 PC: 12b15 | Find next file (See above)
2018-12-25T11:51:23.019971961Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.028252971Z 63 PC: 12b30 | Read file or device (See above)
2018-12-25T11:51:23.0363235Z 62 PC: 12b34 | Close file (See above)
2018-12-25T11:51:23.038540862Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.050802524Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.058986147Z 64 PC: 12c0e | Write file or device (See above)
2018-12-25T11:51:23.061096699Z 66 PC: 12c4c | Move file pointer (See above)
2018-12-25T11:51:23.062375932Z 44 PC: 12c19 | Get time (See above)
2018-12-25T11:51:23.064660317Z 64 PC: 12d25 | Write file or device (See above)
2018-12-25T11:51:23.070225708Z 87 PC: 12c35 | Get or set file date and time (See above)
2018-12-25T11:51:23.071807304Z 62 PC: 12c39 | Close file (See above)
2018-12-25T11:51:23.081343159Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.092154333Z 79 PC: 12b15 | Find next file (See above)
2018-12-25T11:51:23.094932404Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.103210775Z 63 PC: 12b30 | Read file or device (See above)
2018-12-25T11:51:23.110458411Z 62 PC: 12b34 | Close file (See above)
2018-12-25T11:51:23.112220325Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.123637481Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.131101722Z 64 PC: 12c0e | Write file or device (See above)
2018-12-25T11:51:23.134837679Z 66 PC: 12c4c | Move file pointer (See above)
2018-12-25T11:51:23.136952029Z 44 PC: 12c19 | Get time (See above)
2018-12-25T11:51:23.140108128Z 64 PC: 12d25 | Write file or device (See above)
2018-12-25T11:51:23.150232727Z 87 PC: 12c35 | Get or set file date and time (See above)
2018-12-25T11:51:23.15312306Z 62 PC: 12c39 | Close file (See above)
2018-12-25T11:51:23.161702712Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.172376529Z 79 PC: 12b15 | Find next file (See above)
2018-12-25T11:51:23.175339853Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.18360502Z 63 PC: 12b30 | Read file or device (See above)
2018-12-25T11:51:23.191505112Z 62 PC: 12b34 | Close file (See above)
2018-12-25T11:51:23.194031927Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.199717887Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.208072427Z 64 PC: 12c0e | Write file or device (See above)
2018-12-25T11:51:23.20994363Z 66 PC: 12c4c | Move file pointer (See above)
2018-12-25T11:51:23.211985598Z 44 PC: 12c19 | Get time (See above)
2018-12-25T11:51:23.213969194Z 64 PC: 12d25 | Write file or device (See above)
2018-12-25T11:51:23.225008282Z 87 PC: 12c35 | Get or set file date and time (See above)
2018-12-25T11:51:23.226773499Z 62 PC: 12c39 | Close file (See above)
2018-12-25T11:51:23.228142555Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.23103443Z 79 PC: 12b15 | Find next file (See above)
2018-12-25T11:51:23.235716976Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.239933186Z 63 PC: 12b30 | Read file or device (See above)
2018-12-25T11:51:23.244156419Z 62 PC: 12b34 | Close file (See above)
2018-12-25T11:51:23.246126481Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.253967262Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.258420064Z 64 PC: 12c0e | Write file or device (See above)
2018-12-25T11:51:23.260796947Z 66 PC: 12c4c | Move file pointer (See above)
2018-12-25T11:51:23.261884385Z 44 PC: 12c19 | Get time (See above)
2018-12-25T11:51:23.263809012Z 64 PC: 12d25 | Write file or device (See above)
2018-12-25T11:51:23.27051338Z 87 PC: 12c35 | Get or set file date and time (See above)
2018-12-25T11:51:23.271635261Z 62 PC: 12c39 | Close file (See above)
2018-12-25T11:51:23.276752719Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.284596164Z 79 PC: 12b15 | Find next file (See above)
2018-12-25T11:51:23.287816022Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.294985722Z 63 PC: 12b30 | Read file or device (See above)
2018-12-25T11:51:23.302522098Z 62 PC: 12b34 | Close file (See above)
2018-12-25T11:51:23.304838828Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.316070712Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.323397804Z 64 PC: 12c0e | Write file or device (See above)
2018-12-25T11:51:23.327416158Z 66 PC: 12c4c | Move file pointer (See above)
2018-12-25T11:51:23.329389826Z 44 PC: 12c19 | Get time (See above)
2018-12-25T11:51:23.332599471Z 64 PC: 12d25 | Write file or device (See above)
2018-12-25T11:51:23.343078484Z 87 PC: 12c35 | Get or set file date and time (See above)
2018-12-25T11:51:23.345117941Z 62 PC: 12c39 | Close file (See above)
2018-12-25T11:51:23.354080287Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.366022538Z 79 PC: 12b15 | Find next file (See above)
2018-12-25T11:51:23.369274629Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.376966363Z 63 PC: 12b30 | Read file or device (See above)
2018-12-25T11:51:23.38854214Z 62 PC: 12b34 | Close file (See above)
2018-12-25T11:51:23.390537224Z 79 PC: 12b15 | Find next file (See above)
2018-12-25T11:51:23.393382061Z 59 PC: 12ab8 | Change current directory
2018-12-25T11:51:23.399543605Z 9 PC: 12ac2 | Display string (String= 'Roseanne Conner - Ya! Fuck You Too... MuTaTiON INTERRUPT [NOVEMBER 1994] ')
2018-12-25T11:51:23.410084941Z 37 PC: 12acc | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:51:23.411761863Z 59 PC: 12ad6 | Change current directory
2018-12-25T11:51:23.414331397Z 26 PC: 12c51 | Set disk transfer address (See above)

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":1,"TimeBased":true,"OriginalID":4277,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:51:23.142154034Z 26 PC: 12c51 | Set disk transfer address
2018-12-25T11:51:23.144147068Z 53 PC: 12a84 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:51:23.145204237Z 37 PC: 12a96 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:51:23.146220521Z 71 PC: 12aa2 | Get current directory
2018-12-25T11:51:23.149685151Z 78 PC: 12b15 | Find first file
2018-12-25T11:51:23.156382303Z 78 PC: 12b15 | Find first file (See above)
2018-12-25T11:51:23.166916572Z 61 PC: 12c5a | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:51:23.178844552Z 63 PC: 12b30 | Read file or device (Read 26 bytes on handle 5)
2018-12-25T11:51:23.184875019Z 62 PC: 12b34 | Close file
2018-12-25T11:51:23.18670268Z 67 PC: 12c65 | Get or set file attributes
2018-12-25T11:51:23.202360219Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.206602099Z 64 PC: 12c0e | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:51:23.209476806Z 66 PC: 12c4c | Move file pointer
2018-12-25T11:51:23.213617027Z 44 PC: 12c19 | Get time 0x12c19: cmp dh, 0
0x12c1c: je 0x12c15
0x12c1e: mov byte ptr cs:[bp + 0x3d1], dh
0x12c23: call 0x12cc8
0x12c26: mov ax, 0x5701
0x12c29: mov cx, word ptr cs:[bp + 0x444]
0x12c2e: mov dx, word ptr cs:[bp + 0x446]
0x12c33: int 0x21
0x12c35: mov ah, 0x3e
0x12c37: int 0x21
0x12c39: xor cx, cx
0x12c3b: mov cl, byte ptr cs:[bp + 0x443]
0x12c40: call 0x12c5c
0x12c43: ret
0x12c44: mov ah, 0x42
0x12c46: xor cx, cx
0x12c48: xor dx, dx
0x12c4a: int 0x21
0x12c4c: ret
0x12c4d: mov ah, 0x1a
2018-12-25T11:51:23.216735232Z 64 PC: 12d25 | Write file or device (Write 719 bytes on handle 5)
2018-12-25T11:51:23.225986779Z 87 PC: 12c35 | Get or set file date and time
2018-12-25T11:51:23.232760912Z 62 PC: 12c39 | Close file
2018-12-25T11:51:23.238045474Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.244143274Z 79 PC: 12b15 | Find next file (See above)
2018-12-25T11:51:23.246225991Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.25307433Z 63 PC: 12b30 | Read file or device (See above)
2018-12-25T11:51:23.262923481Z 62 PC: 12b34 | Close file (See above)
2018-12-25T11:51:23.264578106Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.274558807Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.280917464Z 64 PC: 12c0e | Write file or device (See above)
2018-12-25T11:51:23.283590525Z 66 PC: 12c4c | Move file pointer (See above)
2018-12-25T11:51:23.286223444Z 44 PC: 12c19 | Get time (See above)
2018-12-25T11:51:23.289049745Z 64 PC: 12d25 | Write file or device (See above)
2018-12-25T11:51:23.297475384Z 87 PC: 12c35 | Get or set file date and time (See above)
2018-12-25T11:51:23.299990571Z 62 PC: 12c39 | Close file (See above)
2018-12-25T11:51:23.307673369Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.317737847Z 79 PC: 12b15 | Find next file (See above)
2018-12-25T11:51:23.320933069Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.327421598Z 63 PC: 12b30 | Read file or device (See above)
2018-12-25T11:51:23.333539442Z 62 PC: 12b34 | Close file (See above)
2018-12-25T11:51:23.335654271Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.345655489Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.35247631Z 64 PC: 12c0e | Write file or device (See above)
2018-12-25T11:51:23.355752913Z 66 PC: 12c4c | Move file pointer (See above)
2018-12-25T11:51:23.357537109Z 44 PC: 12c19 | Get time (See above)
2018-12-25T11:51:23.360427173Z 64 PC: 12d25 | Write file or device (See above)
2018-12-25T11:51:23.37022931Z 87 PC: 12c35 | Get or set file date and time (See above)
2018-12-25T11:51:23.372038207Z 62 PC: 12c39 | Close file (See above)
2018-12-25T11:51:23.380090357Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.389864443Z 79 PC: 12b15 | Find next file (See above)
2018-12-25T11:51:23.39253937Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.398866633Z 63 PC: 12b30 | Read file or device (See above)
2018-12-25T11:51:23.405097473Z 62 PC: 12b34 | Close file (See above)
2018-12-25T11:51:23.407048055Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.416719903Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.423220174Z 64 PC: 12c0e | Write file or device (See above)
2018-12-25T11:51:23.425961561Z 66 PC: 12c4c | Move file pointer (See above)
2018-12-25T11:51:23.427209046Z 44 PC: 12c19 | Get time (See above)
2018-12-25T11:51:23.42948227Z 64 PC: 12d25 | Write file or device (See above)
2018-12-25T11:51:23.437946187Z 87 PC: 12c35 | Get or set file date and time (See above)
2018-12-25T11:51:23.439283594Z 62 PC: 12c39 | Close file (See above)
2018-12-25T11:51:23.447376228Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.457068243Z 79 PC: 12b15 | Find next file (See above)
2018-12-25T11:51:23.459685135Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.466030306Z 63 PC: 12b30 | Read file or device (See above)
2018-12-25T11:51:23.472952032Z 62 PC: 12b34 | Close file (See above)
2018-12-25T11:51:23.475023422Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.47933235Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.484467784Z 64 PC: 12c0e | Write file or device (See above)
2018-12-25T11:51:23.487391929Z 66 PC: 12c4c | Move file pointer (See above)
2018-12-25T11:51:23.488982155Z 44 PC: 12c19 | Get time (See above)
2018-12-25T11:51:23.496827378Z 64 PC: 12d25 | Write file or device (See above)
2018-12-25T11:51:23.510059405Z 87 PC: 12c35 | Get or set file date and time (See above)
2018-12-25T11:51:23.511466773Z 62 PC: 12c39 | Close file (See above)
2018-12-25T11:51:23.513903768Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.52712737Z 79 PC: 12b15 | Find next file (See above)
2018-12-25T11:51:23.52951712Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.536516865Z 63 PC: 12b30 | Read file or device (See above)
2018-12-25T11:51:23.541015614Z 62 PC: 12b34 | Close file (See above)
2018-12-25T11:51:23.549085186Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.560353123Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.566822856Z 64 PC: 12c0e | Write file or device (See above)
2018-12-25T11:51:23.570325327Z 66 PC: 12c4c | Move file pointer (See above)
2018-12-25T11:51:23.572549767Z 44 PC: 12c19 | Get time (See above)
2018-12-25T11:51:23.575295532Z 64 PC: 12d25 | Write file or device (See above)
2018-12-25T11:51:23.584415735Z 87 PC: 12c35 | Get or set file date and time (See above)
2018-12-25T11:51:23.587302804Z 62 PC: 12c39 | Close file (See above)
2018-12-25T11:51:23.595268682Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.60517572Z 79 PC: 12b15 | Find next file (See above)
2018-12-25T11:51:23.608277685Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.614620705Z 63 PC: 12b30 | Read file or device (See above)
2018-12-25T11:51:23.620745559Z 62 PC: 12b34 | Close file (See above)
2018-12-25T11:51:23.623275741Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.63301153Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.640060199Z 64 PC: 12c0e | Write file or device (See above)
2018-12-25T11:51:23.643149545Z 66 PC: 12c4c | Move file pointer (See above)
2018-12-25T11:51:23.64449654Z 44 PC: 12c19 | Get time (See above)
2018-12-25T11:51:23.64684784Z 64 PC: 12d25 | Write file or device (See above)
2018-12-25T11:51:23.655585824Z 87 PC: 12c35 | Get or set file date and time (See above)
2018-12-25T11:51:23.656992501Z 62 PC: 12c39 | Close file (See above)
2018-12-25T11:51:23.664342145Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.674365892Z 79 PC: 12b15 | Find next file (See above)
2018-12-25T11:51:23.677616245Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.68426927Z 63 PC: 12b30 | Read file or device (See above)
2018-12-25T11:51:23.692037705Z 62 PC: 12b34 | Close file (See above)
2018-12-25T11:51:23.693861421Z 79 PC: 12b15 | Find next file (See above)
2018-12-25T11:51:23.696254076Z 59 PC: 12ab8 | Change current directory
2018-12-25T11:51:23.701695022Z 9 PC: 12ac2 | Display string (String= 'Roseanne Conner - Ya! Fuck You Too... MuTaTiON INTERRUPT [NOVEMBER 1994] ')
2018-12-25T11:51:23.710523342Z 37 PC: 12acc | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:51:23.711475268Z 59 PC: 12ad6 | Change current directory
2018-12-25T11:51:23.713575064Z 26 PC: 12c51 | Set disk transfer address (See above)

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":4277,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:51:23.338332905Z 26 PC: 12c51 | Set disk transfer address
2018-12-25T11:51:23.339499664Z 53 PC: 12a84 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:51:23.34094629Z 37 PC: 12a96 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:51:23.341916534Z 71 PC: 12aa2 | Get current directory
2018-12-25T11:51:23.34478743Z 78 PC: 12b15 | Find first file
2018-12-25T11:51:23.351879727Z 78 PC: 12b15 | Find first file (See above)
2018-12-25T11:51:23.358810095Z 61 PC: 12c5a | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:51:23.366565747Z 63 PC: 12b30 | Read file or device (Read 26 bytes on handle 5)
2018-12-25T11:51:23.37469268Z 62 PC: 12b34 | Close file
2018-12-25T11:51:23.376678774Z 67 PC: 12c65 | Get or set file attributes
2018-12-25T11:51:23.405232934Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.419482689Z 64 PC: 12c0e | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:51:23.427435836Z 66 PC: 12c4c | Move file pointer
2018-12-25T11:51:23.429538536Z 44 PC: 12c19 | Get time 0x12c19: cmp dh, 0
0x12c1c: je 0x12c15
0x12c1e: mov byte ptr cs:[bp + 0x3d1], dh
0x12c23: call 0x12cc8
0x12c26: mov ax, 0x5701
0x12c29: mov cx, word ptr cs:[bp + 0x444]
0x12c2e: mov dx, word ptr cs:[bp + 0x446]
0x12c33: int 0x21
0x12c35: mov ah, 0x3e
0x12c37: int 0x21
0x12c39: xor cx, cx
0x12c3b: mov cl, byte ptr cs:[bp + 0x443]
0x12c40: call 0x12c5c
0x12c43: ret
0x12c44: mov ah, 0x42
0x12c46: xor cx, cx
0x12c48: xor dx, dx
0x12c4a: int 0x21
0x12c4c: ret
0x12c4d: mov ah, 0x1a
2018-12-25T11:51:23.434530864Z 64 PC: 12d25 | Write file or device (Write 719 bytes on handle 5)
2018-12-25T11:51:23.444549287Z 87 PC: 12c35 | Get or set file date and time
2018-12-25T11:51:23.446605453Z 62 PC: 12c39 | Close file
2018-12-25T11:51:23.456181913Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.467605279Z 79 PC: 12b15 | Find next file (See above)
2018-12-25T11:51:23.470908088Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.479309458Z 63 PC: 12b30 | Read file or device (See above)
2018-12-25T11:51:23.487438684Z 62 PC: 12b34 | Close file (See above)
2018-12-25T11:51:23.489408032Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.500365423Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.508376574Z 64 PC: 12c0e | Write file or device (See above)
2018-12-25T11:51:23.511976567Z 66 PC: 12c4c | Move file pointer (See above)
2018-12-25T11:51:23.513481541Z 44 PC: 12c19 | Get time (See above)
2018-12-25T11:51:23.517138163Z 64 PC: 12d25 | Write file or device (See above)
2018-12-25T11:51:23.526467136Z 87 PC: 12c35 | Get or set file date and time (See above)
2018-12-25T11:51:23.528357197Z 62 PC: 12c39 | Close file (See above)
2018-12-25T11:51:23.537835295Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.549082325Z 79 PC: 12b15 | Find next file (See above)
2018-12-25T11:51:23.552109864Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.560537169Z 63 PC: 12b30 | Read file or device (See above)
2018-12-25T11:51:23.56844538Z 62 PC: 12b34 | Close file (See above)
2018-12-25T11:51:23.570686352Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.58272777Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.592174127Z 64 PC: 12c0e | Write file or device (See above)
2018-12-25T11:51:23.595720378Z 66 PC: 12c4c | Move file pointer (See above)
2018-12-25T11:51:23.597789466Z 44 PC: 12c19 | Get time (See above)
2018-12-25T11:51:23.601577606Z 64 PC: 12d25 | Write file or device (See above)
2018-12-25T11:51:23.611322799Z 87 PC: 12c35 | Get or set file date and time (See above)
2018-12-25T11:51:23.613166555Z 62 PC: 12c39 | Close file (See above)
2018-12-25T11:51:23.622792826Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.6339175Z 79 PC: 12b15 | Find next file (See above)
2018-12-25T11:51:23.637148275Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.645858103Z 63 PC: 12b30 | Read file or device (See above)
2018-12-25T11:51:23.653133498Z 62 PC: 12b34 | Close file (See above)
2018-12-25T11:51:23.655550546Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.667584456Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.681330968Z 64 PC: 12c0e | Write file or device (See above)
2018-12-25T11:51:23.688918028Z 66 PC: 12c4c | Move file pointer (See above)
2018-12-25T11:51:23.69109812Z 44 PC: 12c19 | Get time (See above)
2018-12-25T11:51:23.695590961Z 64 PC: 12d25 | Write file or device (See above)
2018-12-25T11:51:23.705832984Z 87 PC: 12c35 | Get or set file date and time (See above)
2018-12-25T11:51:23.707919558Z 62 PC: 12c39 | Close file (See above)
2018-12-25T11:51:23.716948006Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.727712238Z 79 PC: 12b15 | Find next file (See above)
2018-12-25T11:51:23.730626685Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.739869928Z 63 PC: 12b30 | Read file or device (See above)
2018-12-25T11:51:23.747773946Z 62 PC: 12b34 | Close file (See above)
2018-12-25T11:51:23.750208147Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.756152033Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.761986144Z 64 PC: 12c0e | Write file or device (See above)
2018-12-25T11:51:23.765301427Z 66 PC: 12c4c | Move file pointer (See above)
2018-12-25T11:51:23.767442109Z 44 PC: 12c19 | Get time (See above)
2018-12-25T11:51:23.771369321Z 64 PC: 12d25 | Write file or device (See above)
2018-12-25T11:51:23.791984472Z 87 PC: 12c35 | Get or set file date and time (See above)
2018-12-25T11:51:23.794029261Z 62 PC: 12c39 | Close file (See above)
2018-12-25T11:51:23.797341855Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.803316349Z 79 PC: 12b15 | Find next file (See above)
2018-12-25T11:51:23.806625319Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.814876846Z 63 PC: 12b30 | Read file or device (See above)
2018-12-25T11:51:23.822630276Z 62 PC: 12b34 | Close file (See above)
2018-12-25T11:51:23.825564853Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.83779564Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.845588421Z 64 PC: 12c0e | Write file or device (See above)
2018-12-25T11:51:23.848925812Z 66 PC: 12c4c | Move file pointer (See above)
2018-12-25T11:51:23.85110035Z 44 PC: 12c19 | Get time (See above)
2018-12-25T11:51:23.854137499Z 64 PC: 12d25 | Write file or device (See above)
2018-12-25T11:51:23.864427983Z 87 PC: 12c35 | Get or set file date and time (See above)
2018-12-25T11:51:23.867973903Z 62 PC: 12c39 | Close file (See above)
2018-12-25T11:51:23.877533346Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.888493648Z 79 PC: 12b15 | Find next file (See above)
2018-12-25T11:51:23.891494882Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.898769511Z 63 PC: 12b30 | Read file or device (See above)
2018-12-25T11:51:23.90632356Z 62 PC: 12b34 | Close file (See above)
2018-12-25T11:51:23.90969652Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.921386901Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.930075986Z 64 PC: 12c0e | Write file or device (See above)
2018-12-25T11:51:23.933195983Z 66 PC: 12c4c | Move file pointer (See above)
2018-12-25T11:51:23.934953199Z 44 PC: 12c19 | Get time (See above)
2018-12-25T11:51:23.936982897Z 64 PC: 12d25 | Write file or device (See above)
2018-12-25T11:51:23.943381256Z 87 PC: 12c35 | Get or set file date and time (See above)
2018-12-25T11:51:23.945099483Z 62 PC: 12c39 | Close file (See above)
2018-12-25T11:51:23.95048861Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.957982347Z 79 PC: 12b15 | Find next file (See above)
2018-12-25T11:51:23.969881581Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.977627028Z 63 PC: 12b30 | Read file or device (See above)
2018-12-25T11:51:23.988390515Z 62 PC: 12b34 | Close file (See above)
2018-12-25T11:51:23.991357209Z 79 PC: 12b15 | Find next file (See above)
2018-12-25T11:51:23.994645322Z 59 PC: 12ab8 | Change current directory
2018-12-25T11:51:23.999675152Z 9 PC: 12ac2 | Display string (String= 'Roseanne Conner - Ya! Fuck You Too... MuTaTiON INTERRUPT [NOVEMBER 1994] ')
2018-12-25T11:51:24.011902422Z 37 PC: 12acc | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:51:24.013947505Z 59 PC: 12ad6 | Change current directory
2018-12-25T11:51:24.016369748Z 26 PC: 12c51 | Set disk transfer address (See above)

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":1,"TimeBased":true,"OriginalID":4277,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:51:23.343412707Z 26 PC: 12c51 | Set disk transfer address
2018-12-25T11:51:23.345073418Z 53 PC: 12a84 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:51:23.346444337Z 37 PC: 12a96 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:51:23.347819193Z 71 PC: 12aa2 | Get current directory
2018-12-25T11:51:23.351276336Z 78 PC: 12b15 | Find first file
2018-12-25T11:51:23.358264001Z 78 PC: 12b15 | Find first file (See above)
2018-12-25T11:51:23.364832519Z 61 PC: 12c5a | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:51:23.372606822Z 63 PC: 12b30 | Read file or device (Read 26 bytes on handle 5)
2018-12-25T11:51:23.380399486Z 62 PC: 12b34 | Close file
2018-12-25T11:51:23.382726415Z 67 PC: 12c65 | Get or set file attributes
2018-12-25T11:51:23.405052696Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.413528202Z 64 PC: 12c0e | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:51:23.422680534Z 66 PC: 12c4c | Move file pointer
2018-12-25T11:51:23.424147504Z 44 PC: 12c19 | Get time 0x12c19: cmp dh, 0
0x12c1c: je 0x12c15
0x12c1e: mov byte ptr cs:[bp + 0x3d1], dh
0x12c23: call 0x12cc8
0x12c26: mov ax, 0x5701
0x12c29: mov cx, word ptr cs:[bp + 0x444]
0x12c2e: mov dx, word ptr cs:[bp + 0x446]
0x12c33: int 0x21
0x12c35: mov ah, 0x3e
0x12c37: int 0x21
0x12c39: xor cx, cx
0x12c3b: mov cl, byte ptr cs:[bp + 0x443]
0x12c40: call 0x12c5c
0x12c43: ret
0x12c44: mov ah, 0x42
0x12c46: xor cx, cx
0x12c48: xor dx, dx
0x12c4a: int 0x21
0x12c4c: ret
0x12c4d: mov ah, 0x1a
2018-12-25T11:51:23.427435734Z 64 PC: 12d25 | Write file or device (Write 719 bytes on handle 5)
2018-12-25T11:51:23.437946195Z 87 PC: 12c35 | Get or set file date and time
2018-12-25T11:51:23.439767297Z 62 PC: 12c39 | Close file
2018-12-25T11:51:23.460879146Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.472017803Z 79 PC: 12b15 | Find next file (See above)
2018-12-25T11:51:23.475251175Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.483446365Z 63 PC: 12b30 | Read file or device (See above)
2018-12-25T11:51:23.490917861Z 62 PC: 12b34 | Close file (See above)
2018-12-25T11:51:23.493043585Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.505140202Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.513304416Z 64 PC: 12c0e | Write file or device (See above)
2018-12-25T11:51:23.516976992Z 66 PC: 12c4c | Move file pointer (See above)
2018-12-25T11:51:23.51850371Z 44 PC: 12c19 | Get time (See above)
2018-12-25T11:51:23.521872406Z 64 PC: 12d25 | Write file or device (See above)
2018-12-25T11:51:23.531368447Z 87 PC: 12c35 | Get or set file date and time (See above)
2018-12-25T11:51:23.533316984Z 62 PC: 12c39 | Close file (See above)
2018-12-25T11:51:23.542715564Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.553990085Z 79 PC: 12b15 | Find next file (See above)
2018-12-25T11:51:23.556839591Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.564454532Z 63 PC: 12b30 | Read file or device (See above)
2018-12-25T11:51:23.571535093Z 62 PC: 12b34 | Close file (See above)
2018-12-25T11:51:23.573488369Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.584967623Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.592490694Z 64 PC: 12c0e | Write file or device (See above)
2018-12-25T11:51:23.596039694Z 66 PC: 12c4c | Move file pointer (See above)
2018-12-25T11:51:23.59823992Z 44 PC: 12c19 | Get time (See above)
2018-12-25T11:51:23.60219938Z 64 PC: 12d25 | Write file or device (See above)
2018-12-25T11:51:23.61233592Z 87 PC: 12c35 | Get or set file date and time (See above)
2018-12-25T11:51:23.614422572Z 62 PC: 12c39 | Close file (See above)
2018-12-25T11:51:23.623398444Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.634651765Z 79 PC: 12b15 | Find next file (See above)
2018-12-25T11:51:23.637695149Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.645904663Z 63 PC: 12b30 | Read file or device (See above)
2018-12-25T11:51:23.65320061Z 62 PC: 12b34 | Close file (See above)
2018-12-25T11:51:23.655366357Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.668352479Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.67749823Z 64 PC: 12c0e | Write file or device (See above)
2018-12-25T11:51:23.680588448Z 66 PC: 12c4c | Move file pointer (See above)
2018-12-25T11:51:23.682748193Z 44 PC: 12c19 | Get time (See above)
2018-12-25T11:51:23.68567966Z 64 PC: 12d25 | Write file or device (See above)
2018-12-25T11:51:23.695026489Z 87 PC: 12c35 | Get or set file date and time (See above)
2018-12-25T11:51:23.696610253Z 62 PC: 12c39 | Close file (See above)
2018-12-25T11:51:23.705530354Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.726561551Z 79 PC: 12b15 | Find next file (See above)
2018-12-25T11:51:23.729039776Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.733856626Z 63 PC: 12b30 | Read file or device (See above)
2018-12-25T11:51:23.740487812Z 62 PC: 12b34 | Close file (See above)
2018-12-25T11:51:23.742848177Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.74899898Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.754427075Z 64 PC: 12c0e | Write file or device (See above)
2018-12-25T11:51:23.757632848Z 66 PC: 12c4c | Move file pointer (See above)
2018-12-25T11:51:23.759901587Z 44 PC: 12c19 | Get time (See above)
2018-12-25T11:51:23.762447116Z 64 PC: 12d25 | Write file or device (See above)
2018-12-25T11:51:23.773946701Z 87 PC: 12c35 | Get or set file date and time (See above)
2018-12-25T11:51:23.775728676Z 62 PC: 12c39 | Close file (See above)
2018-12-25T11:51:23.777338383Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.780503227Z 79 PC: 12b15 | Find next file (See above)
2018-12-25T11:51:23.783239534Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.787595346Z 63 PC: 12b30 | Read file or device (See above)
2018-12-25T11:51:23.791976258Z 62 PC: 12b34 | Close file (See above)
2018-12-25T11:51:23.7935151Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.803054278Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.807632233Z 64 PC: 12c0e | Write file or device (See above)
2018-12-25T11:51:23.812191333Z 66 PC: 12c4c | Move file pointer (See above)
2018-12-25T11:51:23.814032686Z 44 PC: 12c19 | Get time (See above)
2018-12-25T11:51:23.816135672Z 64 PC: 12d25 | Write file or device (See above)
2018-12-25T11:51:23.822762825Z 87 PC: 12c35 | Get or set file date and time (See above)
2018-12-25T11:51:23.825070012Z 62 PC: 12c39 | Close file (See above)
2018-12-25T11:51:23.830818213Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.837634043Z 79 PC: 12b15 | Find next file (See above)
2018-12-25T11:51:23.840176617Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.844440652Z 63 PC: 12b30 | Read file or device (See above)
2018-12-25T11:51:23.848698294Z 62 PC: 12b34 | Close file (See above)
2018-12-25T11:51:23.85143342Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.861614231Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.873158494Z 64 PC: 12c0e | Write file or device (See above)
2018-12-25T11:51:23.879601439Z 66 PC: 12c4c | Move file pointer (See above)
2018-12-25T11:51:23.882183809Z 44 PC: 12c19 | Get time (See above)
2018-12-25T11:51:23.884513052Z 64 PC: 12d25 | Write file or device (See above)
2018-12-25T11:51:23.892587925Z 87 PC: 12c35 | Get or set file date and time (See above)
2018-12-25T11:51:23.895342514Z 62 PC: 12c39 | Close file (See above)
2018-12-25T11:51:23.903803056Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T11:51:23.914390453Z 79 PC: 12b15 | Find next file (See above)
2018-12-25T11:51:23.921618796Z 61 PC: 12c5a | Open file (See above)
2018-12-25T11:51:23.9259437Z 63 PC: 12b30 | Read file or device (See above)
2018-12-25T11:51:23.930887941Z 62 PC: 12b34 | Close file (See above)
2018-12-25T11:51:23.933723566Z 79 PC: 12b15 | Find next file (See above)
2018-12-25T11:51:23.938002951Z 59 PC: 12ab8 | Change current directory
2018-12-25T11:51:23.943224412Z 9 PC: 12ac2 | Display string (String= 'Roseanne Conner - Ya! Fuck You Too... MuTaTiON INTERRUPT [NOVEMBER 1994] ')
2018-12-25T11:51:23.954267046Z 37 PC: 12acc | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:51:23.955557796Z 59 PC: 12ad6 | Change current directory
2018-12-25T11:51:23.95745813Z 26 PC: 12c51 | Set disk transfer address (See above)