Sample viewer

vx.netlux.org/Virus.DOS.Mahon.1372

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:27:19.262500784Z 26 PC: 12b91 | Set disk transfer address
2018-12-17T22:27:19.264304758Z 53 PC: 12b96 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:27:19.265979351Z 37 PC: 12ba7 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:27:19.26726793Z 71 PC: 12bb0 | Get current directory
2018-12-17T22:27:19.270536442Z 78 PC: 12bbb | Find first file
2018-12-17T22:27:19.279273141Z 78 PC: 12c4f | Find first file
2018-12-17T22:27:19.286955319Z 78 PC: 12ccd | Find first file
2018-12-17T22:27:19.293843534Z 61 PC: 12cee | Open file
2018-12-17T22:27:19.300161058Z 87 PC: 12df0 | Get or set file date and time
2018-12-17T22:27:19.302278746Z 63 PC: 12d18 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:27:19.309584734Z 66 PC: 12e0f | Move file pointer
2018-12-17T22:27:19.312793124Z 64 PC: 12d3c | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:27:19.316142259Z 66 PC: 12e18 | Move file pointer
2018-12-17T22:27:19.318013797Z 64 PC: 12d4f | Write file or device (Write 1372 bytes on handle 5)
2018-12-17T22:27:19.333501274Z 87 PC: 12e06 | Get or set file date and time
2018-12-17T22:27:19.335943114Z 62 PC: 12d56 | Close file
2018-12-17T22:27:19.34453807Z 79 PC: 12d5a | Find next file
2018-12-17T22:27:19.347865658Z 61 PC: 12cee | Open file
2018-12-17T22:27:19.356803325Z 87 PC: 12df0 | Get or set file date and time
2018-12-17T22:27:19.358455624Z 63 PC: 12d18 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:27:19.372345805Z 66 PC: 12e0f | Move file pointer
2018-12-17T22:27:19.374989785Z 64 PC: 12d3c | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:27:19.378652318Z 66 PC: 12e18 | Move file pointer
2018-12-17T22:27:19.381010589Z 64 PC: 12d4f | Write file or device (Write 1372 bytes on handle 5)
2018-12-17T22:27:19.392210347Z 87 PC: 12e06 | Get or set file date and time
2018-12-17T22:27:19.394860515Z 62 PC: 12d56 | Close file
2018-12-17T22:27:19.403397944Z 79 PC: 12d5a | Find next file
2018-12-17T22:27:19.406569807Z 61 PC: 12cee | Open file
2018-12-17T22:27:19.418263103Z 87 PC: 12df0 | Get or set file date and time
2018-12-17T22:27:19.420014579Z 63 PC: 12d18 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:27:19.427968957Z 66 PC: 12e0f | Move file pointer
2018-12-17T22:27:19.435770838Z 64 PC: 12d3c | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:27:19.454742344Z 66 PC: 12e18 | Move file pointer
2018-12-17T22:27:19.456750499Z 64 PC: 12d4f | Write file or device (Write 1372 bytes on handle 5)
2018-12-17T22:27:19.475155134Z 87 PC: 12e06 | Get or set file date and time
2018-12-17T22:27:19.477994762Z 62 PC: 12d56 | Close file
2018-12-17T22:27:19.486924145Z 79 PC: 12d5a | Find next file
2018-12-17T22:27:19.489593658Z 61 PC: 12cee | Open file
2018-12-17T22:27:19.494214257Z 87 PC: 12df0 | Get or set file date and time
2018-12-17T22:27:19.495597398Z 63 PC: 12d18 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:27:19.500728226Z 66 PC: 12e0f | Move file pointer
2018-12-17T22:27:19.501994595Z 64 PC: 12d3c | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:27:19.50395192Z 66 PC: 12e18 | Move file pointer
2018-12-17T22:27:19.505730611Z 64 PC: 12d4f | Write file or device (Write 1372 bytes on handle 5)
2018-12-17T22:27:19.511489666Z 87 PC: 12e06 | Get or set file date and time
2018-12-17T22:27:19.512768528Z 62 PC: 12d56 | Close file
2018-12-17T22:27:19.518486112Z 79 PC: 12d5a | Find next file
2018-12-17T22:27:19.520949084Z 61 PC: 12cee | Open file
2018-12-17T22:27:19.52613368Z 87 PC: 12df0 | Get or set file date and time
2018-12-17T22:27:19.52753479Z 63 PC: 12d18 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:27:19.540529687Z 66 PC: 12e0f | Move file pointer
2018-12-17T22:27:19.541736589Z 64 PC: 12d3c | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:27:19.543798239Z 66 PC: 12e18 | Move file pointer
2018-12-17T22:27:19.545873261Z 64 PC: 12d4f | Write file or device (Write 1372 bytes on handle 5)
2018-12-17T22:27:19.551804042Z 87 PC: 12e06 | Get or set file date and time
2018-12-17T22:27:19.553331817Z 62 PC: 12d56 | Close file
2018-12-17T22:27:19.559307048Z 79 PC: 12d5a | Find next file
2018-12-17T22:27:19.561691328Z 61 PC: 12cee | Open file
2018-12-17T22:27:19.56942832Z 87 PC: 12df0 | Get or set file date and time
2018-12-17T22:27:19.571892258Z 63 PC: 12d18 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:27:19.576550609Z 66 PC: 12e0f | Move file pointer
2018-12-17T22:27:19.577778584Z 64 PC: 12d3c | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:27:19.580549895Z 66 PC: 12e18 | Move file pointer
2018-12-17T22:27:19.581789078Z 64 PC: 12d4f | Write file or device (Write 1372 bytes on handle 5)
2018-12-17T22:27:19.588062246Z 87 PC: 12e06 | Get or set file date and time
2018-12-17T22:27:19.59006679Z 62 PC: 12d56 | Close file
2018-12-17T22:27:19.598347669Z 79 PC: 12d5a | Find next file
2018-12-17T22:27:19.600868514Z 61 PC: 12cee | Open file
2018-12-17T22:27:19.606782167Z 87 PC: 12df0 | Get or set file date and time
2018-12-17T22:27:19.608193215Z 63 PC: 12d18 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:27:19.612828622Z 66 PC: 12e0f | Move file pointer
2018-12-17T22:27:19.614400971Z 64 PC: 12d3c | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:27:19.616820213Z 66 PC: 12e18 | Move file pointer
2018-12-17T22:27:19.618301429Z 64 PC: 12d4f | Write file or device (Write 1372 bytes on handle 5)
2018-12-17T22:27:19.625765766Z 87 PC: 12e06 | Get or set file date and time
2018-12-17T22:27:19.629110318Z 62 PC: 12d56 | Close file
2018-12-17T22:27:19.638283135Z 79 PC: 12d5a | Find next file
2018-12-17T22:27:19.641676441Z 61 PC: 12cee | Open file
2018-12-17T22:27:19.650620016Z 87 PC: 12df0 | Get or set file date and time
2018-12-17T22:27:19.652600266Z 63 PC: 12d18 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:27:19.655918042Z 66 PC: 12e0f | Move file pointer
2018-12-17T22:27:19.658670353Z 64 PC: 12d3c | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:27:19.662042518Z 66 PC: 12e18 | Move file pointer
2018-12-17T22:27:19.664016975Z 64 PC: 12d4f | Write file or device (Write 1372 bytes on handle 5)
2018-12-17T22:27:19.674766231Z 87 PC: 12e06 | Get or set file date and time
2018-12-17T22:27:19.678022259Z 62 PC: 12d56 | Close file
2018-12-17T22:27:19.6871241Z 79 PC: 12d5a | Find next file
2018-12-17T22:27:19.690912724Z 59 PC: 12cdd | Change current directory
2018-12-17T22:27:19.696637613Z 42 PC: 12d65 | Get date 0x12d65: cmp dh, 0xa
0x12d68: jne 0x12d95
0x12d6a: nop
0x12d6b: nop
0x12d6c: nop
0x12d6d: cmp dl, 0x12
0x12d70: jne 0x12d95
0x12d72: nop
0x12d73: nop
0x12d74: nop
0x12d75: mov ah, 9
0x12d77: lea dx, word ptr [bp + 0x43f]
0x12d7b: int 0x21
0x12d7d: xor ax, ax
0x12d7f: int 0x16
0x12d81: mov ah, 3
0x12d83: mov al, 0xf
0x12d85: mov ch, 0
0x12d87: mov cl, 1
0x12d89: mov dh, 0
2018-12-17T22:27:19.699450167Z 37 PC: 12d9e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:27:19.701115409Z 59 PC: 12da6 | Change current directory
2018-12-17T22:27:19.704564413Z 26 PC: 12de6 | Set disk transfer address

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4854,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:52:59.103851765Z 26 PC: 12b91 | Set disk transfer address
2018-12-25T11:52:59.105548633Z 53 PC: 12b96 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:52:59.106911123Z 37 PC: 12ba7 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:52:59.10823783Z 71 PC: 12bb0 | Get current directory
2018-12-25T11:52:59.125903469Z 78 PC: 12bbb | Find first file
2018-12-25T11:52:59.13164863Z 78 PC: 12c4f | Find first file
2018-12-25T11:52:59.137719927Z 78 PC: 12ccd | Find first file
2018-12-25T11:52:59.144930459Z 61 PC: 12cee | Open file
2018-12-25T11:52:59.151801936Z 87 PC: 12df0 | Get or set file date and time
2018-12-25T11:52:59.153439472Z 63 PC: 12d18 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T11:52:59.159819331Z 66 PC: 12e0f | Move file pointer
2018-12-25T11:52:59.162680448Z 64 PC: 12d3c | Write file or device (Write 5 bytes on handle 5)
2018-12-25T11:52:59.16562268Z 66 PC: 12e18 | Move file pointer
2018-12-25T11:52:59.167127609Z 64 PC: 12d4f | Write file or device (Write 1372 bytes on handle 5)
2018-12-25T11:52:59.195915243Z 87 PC: 12e06 | Get or set file date and time
2018-12-25T11:52:59.197176646Z 62 PC: 12d56 | Close file
2018-12-25T11:52:59.205363786Z 79 PC: 12d5a | Find next file
2018-12-25T11:52:59.20919223Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:52:59.215865285Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:52:59.217291449Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:52:59.224298318Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:52:59.225599703Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:52:59.22814639Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:52:59.231410945Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:52:59.240046816Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:52:59.241833141Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:52:59.250568675Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:52:59.253391499Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:52:59.259807231Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:52:59.261541454Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:52:59.274959634Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:52:59.276303383Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:52:59.279006653Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:52:59.281723633Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:52:59.2907169Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:52:59.293811283Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:52:59.302221796Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:52:59.305004559Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:52:59.311822655Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:52:59.313971649Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:52:59.320219764Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:52:59.321764856Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:52:59.325799744Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:52:59.327191224Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:52:59.335862081Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:52:59.351492064Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:52:59.372343741Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:52:59.374863483Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:52:59.381770912Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:52:59.383146347Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:52:59.389241694Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:52:59.391627147Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:52:59.394219111Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:52:59.395529959Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:52:59.404877982Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:52:59.411891157Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:52:59.429135138Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:52:59.432109235Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:52:59.438697222Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:52:59.440325772Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:52:59.449360773Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:52:59.450622554Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:52:59.453086396Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:52:59.457500678Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:52:59.465835121Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:52:59.467304326Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:52:59.47565647Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:52:59.478216481Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:52:59.484636224Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:52:59.486888952Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:52:59.493992573Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:52:59.495426453Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:52:59.498317215Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:52:59.500328412Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:52:59.508970934Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:52:59.526212251Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:52:59.535269013Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:52:59.538178531Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:52:59.544968082Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:52:59.547478891Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:52:59.550063104Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:52:59.55140592Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:52:59.555568756Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:52:59.556916742Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:52:59.566464625Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:52:59.56819607Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:52:59.575993835Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:52:59.578167471Z 59 PC: 12cdd | Change current directory
2018-12-25T11:52:59.583381675Z 42 PC: 12d65 | Get date 0x12d65: cmp dh, 0xa
0x12d68: jne 0x12d95
0x12d6a: nop
0x12d6b: nop
0x12d6c: nop
0x12d6d: cmp dl, 0x12
0x12d70: jne 0x12d95
0x12d72: nop
0x12d73: nop
0x12d74: nop
0x12d75: mov ah, 9
0x12d77: lea dx, word ptr [bp + 0x43f]
0x12d7b: int 0x21
0x12d7d: xor ax, ax
0x12d7f: int 0x16
0x12d81: mov ah, 3
0x12d83: mov al, 0xf
0x12d85: mov ch, 0
0x12d87: mov cl, 1
0x12d89: mov dh, 0
2018-12-25T11:52:59.585625376Z 37 PC: 12d9e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:52:59.586918924Z 59 PC: 12da6 | Change current directory
2018-12-25T11:52:59.590380797Z 26 PC: 12de6 | Set disk transfer address

{"DateBased":true,"Day":1,"Month":10,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4854,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:52:59.149800406Z 26 PC: 12b91 | Set disk transfer address
2018-12-25T11:52:59.153395356Z 53 PC: 12b96 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:52:59.154726024Z 37 PC: 12ba7 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:52:59.155761831Z 71 PC: 12bb0 | Get current directory
2018-12-25T11:52:59.158836888Z 78 PC: 12bbb | Find first file
2018-12-25T11:52:59.170476991Z 78 PC: 12c4f | Find first file
2018-12-25T11:52:59.176534001Z 78 PC: 12ccd | Find first file
2018-12-25T11:52:59.182626869Z 61 PC: 12cee | Open file
2018-12-25T11:52:59.190612007Z 87 PC: 12df0 | Get or set file date and time
2018-12-25T11:52:59.192352031Z 63 PC: 12d18 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T11:52:59.198756294Z 66 PC: 12e0f | Move file pointer
2018-12-25T11:52:59.201556892Z 64 PC: 12d3c | Write file or device (Write 5 bytes on handle 5)
2018-12-25T11:52:59.204136561Z 66 PC: 12e18 | Move file pointer
2018-12-25T11:52:59.20550884Z 64 PC: 12d4f | Write file or device (Write 1372 bytes on handle 5)
2018-12-25T11:52:59.22111831Z 87 PC: 12e06 | Get or set file date and time
2018-12-25T11:52:59.222338978Z 62 PC: 12d56 | Close file
2018-12-25T11:52:59.22778078Z 79 PC: 12d5a | Find next file
2018-12-25T11:52:59.230690259Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:52:59.235130224Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:52:59.236333982Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:52:59.2430109Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:52:59.244445191Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:52:59.247114214Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:52:59.248793767Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:52:59.257302819Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:52:59.25877639Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:52:59.266388407Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:52:59.269098925Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:52:59.277885643Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:52:59.279279587Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:52:59.286193407Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:52:59.287607251Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:52:59.290602697Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:52:59.292876618Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:52:59.30148623Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:52:59.303089182Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:52:59.311575267Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:52:59.314252699Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:52:59.320517683Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:52:59.322457172Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:52:59.328835151Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:52:59.330437605Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:52:59.333922977Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:52:59.335452804Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:52:59.344060984Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:52:59.346084796Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:52:59.353907822Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:52:59.356387081Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:52:59.364568069Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:52:59.366028329Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:52:59.385344623Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:52:59.388671334Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:52:59.391280295Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:52:59.392606331Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:52:59.402177377Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:52:59.404040837Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:52:59.411802082Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:52:59.415069298Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:52:59.419251473Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:52:59.42063458Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:52:59.425295847Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:52:59.426749966Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:52:59.429245318Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:52:59.431172247Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:52:59.438993712Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:52:59.44012062Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:52:59.455159837Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:52:59.457323713Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:52:59.461468969Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:52:59.462973561Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:52:59.467725763Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:52:59.469660018Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:52:59.473297376Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:52:59.475020486Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:52:59.483650024Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:52:59.486049936Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:52:59.493647478Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:52:59.496392484Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:52:59.503877395Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:52:59.505758751Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:52:59.508599969Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:52:59.51067621Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:52:59.51327719Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:52:59.514560575Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:52:59.523526442Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:52:59.525235279Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:52:59.533552233Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:52:59.536721592Z 59 PC: 12cdd | Change current directory
2018-12-25T11:52:59.540857992Z 42 PC: 12d65 | Get date 0x12d65: cmp dh, 0xa
0x12d68: jne 0x12d95
0x12d6a: nop
0x12d6b: nop
0x12d6c: nop
0x12d6d: cmp dl, 0x12
0x12d70: jne 0x12d95
0x12d72: nop
0x12d73: nop
0x12d74: nop
0x12d75: mov ah, 9
0x12d77: lea dx, word ptr [bp + 0x43f]
0x12d7b: int 0x21
0x12d7d: xor ax, ax
0x12d7f: int 0x16
0x12d81: mov ah, 3
0x12d83: mov al, 0xf
0x12d85: mov ch, 0
0x12d87: mov cl, 1
0x12d89: mov dh, 0
2018-12-25T11:52:59.542918637Z 37 PC: 12d9e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:52:59.544293973Z 59 PC: 12da6 | Change current directory
2018-12-25T11:52:59.546460283Z 26 PC: 12de6 | Set disk transfer address

{"DateBased":true,"Day":18,"Month":10,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4854,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:52:59.39016674Z 26 PC: 12b91 | Set disk transfer address
2018-12-25T11:52:59.392631224Z 53 PC: 12b96 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:52:59.39381508Z 37 PC: 12ba7 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:52:59.394925969Z 71 PC: 12bb0 | Get current directory
2018-12-25T11:52:59.398424242Z 78 PC: 12bbb | Find first file
2018-12-25T11:52:59.404481105Z 78 PC: 12c4f | Find first file
2018-12-25T11:52:59.410519185Z 78 PC: 12ccd | Find first file
2018-12-25T11:52:59.41733217Z 61 PC: 12cee | Open file
2018-12-25T11:52:59.423696818Z 87 PC: 12df0 | Get or set file date and time
2018-12-25T11:52:59.425004126Z 63 PC: 12d18 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T11:52:59.431679504Z 66 PC: 12e0f | Move file pointer
2018-12-25T11:52:59.43334418Z 64 PC: 12d3c | Write file or device (Write 5 bytes on handle 5)
2018-12-25T11:52:59.435143359Z 66 PC: 12e18 | Move file pointer
2018-12-25T11:52:59.436390621Z 64 PC: 12d4f | Write file or device (Write 1372 bytes on handle 5)
2018-12-25T11:52:59.455576337Z 87 PC: 12e06 | Get or set file date and time
2018-12-25T11:52:59.457356129Z 62 PC: 12d56 | Close file
2018-12-25T11:52:59.464956506Z 79 PC: 12d5a | Find next file
2018-12-25T11:52:59.467770363Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:52:59.474383055Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:52:59.475680863Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:52:59.482743795Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:52:59.484146499Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:52:59.486806126Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:52:59.496935331Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:52:59.505008367Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:52:59.506447513Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:52:59.515127589Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:52:59.517995397Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:52:59.524803876Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:52:59.534445355Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:52:59.541042783Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:52:59.542695211Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:52:59.545894554Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:52:59.547671155Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:52:59.556270242Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:52:59.558481055Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:52:59.566174553Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:52:59.57162033Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:52:59.577917174Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:52:59.579258397Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:52:59.584572631Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:52:59.586317011Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:52:59.588227203Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:52:59.589425547Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:52:59.599872785Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:52:59.601245571Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:52:59.606198055Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:52:59.608122717Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:52:59.613018846Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:52:59.614024026Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:52:59.618024712Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:52:59.619344998Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:52:59.622085659Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:52:59.623709954Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:52:59.632417871Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:52:59.633792681Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:52:59.641200361Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:52:59.643740862Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:52:59.647938006Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:52:59.649053856Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:52:59.656034349Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:52:59.657239462Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:52:59.659786147Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:52:59.661045082Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:52:59.6692225Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:52:59.670518746Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:52:59.678008111Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:52:59.680355818Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:52:59.686589042Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:52:59.690248297Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:52:59.696738892Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:52:59.697666151Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:52:59.699802855Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:52:59.701035893Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:52:59.709417322Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:52:59.711440883Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:52:59.719186906Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:52:59.721562167Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:52:59.728355748Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:52:59.729580898Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:52:59.731934896Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:52:59.733678943Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:52:59.736195489Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:52:59.737504227Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:52:59.746259415Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:52:59.747515602Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:52:59.754934616Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:52:59.757721172Z 59 PC: 12cdd | Change current directory
2018-12-25T11:52:59.761747634Z 42 PC: 12d65 | Get date 0x12d65: cmp dh, 0xa
0x12d68: jne 0x12d95
0x12d6a: nop
0x12d6b: nop
0x12d6c: nop
0x12d6d: cmp dl, 0x12
0x12d70: jne 0x12d95
0x12d72: nop
0x12d73: nop
0x12d74: nop
0x12d75: mov ah, 9
0x12d77: lea dx, word ptr [bp + 0x43f]
0x12d7b: int 0x21
0x12d7d: xor ax, ax
0x12d7f: int 0x16
0x12d81: mov ah, 3
0x12d83: mov al, 0xf
0x12d85: mov ch, 0
0x12d87: mov cl, 1
0x12d89: mov dh, 0
2018-12-25T11:52:59.763947161Z 9 PC: 12d7d | Display string (String= 'M�� A &ck�� �!j�W�!/%���')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4854,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:52:59.380552035Z 26 PC: 12b91 | Set disk transfer address
2018-12-25T11:52:59.382115044Z 53 PC: 12b96 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:52:59.383307421Z 37 PC: 12ba7 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:52:59.384512626Z 71 PC: 12bb0 | Get current directory
2018-12-25T11:52:59.38817502Z 78 PC: 12bbb | Find first file
2018-12-25T11:52:59.395083982Z 78 PC: 12c4f | Find first file
2018-12-25T11:52:59.400756328Z 78 PC: 12ccd | Find first file
2018-12-25T11:52:59.406331559Z 61 PC: 12cee | Open file
2018-12-25T11:52:59.422173865Z 87 PC: 12df0 | Get or set file date and time
2018-12-25T11:52:59.423611864Z 63 PC: 12d18 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T11:52:59.42968581Z 66 PC: 12e0f | Move file pointer
2018-12-25T11:52:59.431007057Z 64 PC: 12d3c | Write file or device (Write 5 bytes on handle 5)
2018-12-25T11:52:59.433701019Z 66 PC: 12e18 | Move file pointer
2018-12-25T11:52:59.435129639Z 64 PC: 12d4f | Write file or device (Write 1372 bytes on handle 5)
2018-12-25T11:52:59.455296691Z 87 PC: 12e06 | Get or set file date and time
2018-12-25T11:52:59.457502714Z 62 PC: 12d56 | Close file
2018-12-25T11:52:59.465428309Z 79 PC: 12d5a | Find next file
2018-12-25T11:52:59.46807828Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:52:59.475148289Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:52:59.479930822Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:52:59.488100413Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:52:59.490157197Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:52:59.492845288Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:52:59.494201831Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:52:59.504628193Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:52:59.506173561Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:52:59.513918622Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:52:59.517974803Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:52:59.534852977Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:52:59.536340192Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:52:59.543985647Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:52:59.546007818Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:52:59.549826861Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:52:59.55262891Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:52:59.562381298Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:52:59.564073458Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:52:59.572217024Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:52:59.575013068Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:52:59.581317227Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:52:59.582777713Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:52:59.589235965Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:52:59.590475504Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:52:59.59380638Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:52:59.595804207Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:52:59.604344289Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:52:59.605766443Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:52:59.613276995Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:52:59.61570711Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:52:59.622579347Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:52:59.624361493Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:52:59.630791583Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:52:59.63183327Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:52:59.634200961Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:52:59.635466536Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:52:59.648164293Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:52:59.650463092Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:52:59.657908491Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:52:59.660541792Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:52:59.667777973Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:52:59.669093467Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:52:59.675170258Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:52:59.676800082Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:52:59.679250043Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:52:59.680582808Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:52:59.690563562Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:52:59.692057622Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:52:59.699480923Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:52:59.702441022Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:52:59.725515787Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:52:59.727203818Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:52:59.734992487Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:52:59.737224851Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:52:59.74029014Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:52:59.742865248Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:52:59.751979875Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:52:59.753517446Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:52:59.761410145Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:52:59.764304686Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:52:59.771144468Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:52:59.773653723Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:52:59.780777269Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:52:59.78222642Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:52:59.785049943Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:52:59.78740733Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:52:59.79680819Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:52:59.798438365Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:52:59.806398003Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:52:59.808567791Z 59 PC: 12cdd | Change current directory
2018-12-25T11:52:59.812401649Z 42 PC: 12d65 | Get date 0x12d65: cmp dh, 0xa
0x12d68: jne 0x12d95
0x12d6a: nop
0x12d6b: nop
0x12d6c: nop
0x12d6d: cmp dl, 0x12
0x12d70: jne 0x12d95
0x12d72: nop
0x12d73: nop
0x12d74: nop
0x12d75: mov ah, 9
0x12d77: lea dx, word ptr [bp + 0x43f]
0x12d7b: int 0x21
0x12d7d: xor ax, ax
0x12d7f: int 0x16
0x12d81: mov ah, 3
0x12d83: mov al, 0xf
0x12d85: mov ch, 0
0x12d87: mov cl, 1
0x12d89: mov dh, 0
2018-12-25T11:52:59.819004794Z 37 PC: 12d9e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:52:59.820011655Z 59 PC: 12da6 | Change current directory
2018-12-25T11:52:59.821575814Z 26 PC: 12de6 | Set disk transfer address

{"DateBased":true,"Day":1,"Month":10,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4854,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:53:01.068074023Z 26 PC: 12b91 | Set disk transfer address
2018-12-25T11:53:01.07081813Z 53 PC: 12b96 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:53:01.073273259Z 37 PC: 12ba7 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:53:01.075014575Z 71 PC: 12bb0 | Get current directory
2018-12-25T11:53:01.078622317Z 78 PC: 12bbb | Find first file
2018-12-25T11:53:01.086619885Z 78 PC: 12c4f | Find first file
2018-12-25T11:53:01.094458477Z 78 PC: 12ccd | Find first file
2018-12-25T11:53:01.101276993Z 61 PC: 12cee | Open file
2018-12-25T11:53:01.116198849Z 87 PC: 12df0 | Get or set file date and time
2018-12-25T11:53:01.118069315Z 63 PC: 12d18 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T11:53:01.12542091Z 66 PC: 12e0f | Move file pointer
2018-12-25T11:53:01.128996139Z 64 PC: 12d3c | Write file or device (Write 5 bytes on handle 5)
2018-12-25T11:53:01.132365308Z 66 PC: 12e18 | Move file pointer
2018-12-25T11:53:01.134426551Z 64 PC: 12d4f | Write file or device (Write 1372 bytes on handle 5)
2018-12-25T11:53:01.797244708Z 87 PC: 12e06 | Get or set file date and time
2018-12-25T11:53:01.79926067Z 62 PC: 12d56 | Close file
2018-12-25T11:53:01.808160548Z 79 PC: 12d5a | Find next file
2018-12-25T11:53:01.811813306Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:53:01.820236932Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:53:01.823256447Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:53:01.835013513Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:53:01.838498684Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:53:01.841629015Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:53:01.843469628Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:53:01.855797031Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:53:01.85770742Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:53:01.866295726Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:53:01.870365403Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:53:01.87813339Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:53:01.879880748Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:53:01.889559017Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:53:01.89144435Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:53:01.894568188Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:53:01.896753717Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:53:01.90894774Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:53:01.911322623Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:53:01.922142595Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:53:01.926148398Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:53:01.934482784Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:53:01.936608308Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:53:01.944832371Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:53:01.947804655Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:53:01.951384977Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:53:01.953802314Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:53:01.964324843Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:53:01.966008029Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:53:01.97526468Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:53:01.978208649Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:53:01.986464032Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:53:01.9970951Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:53:02.004358119Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:53:02.005856247Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:53:02.009594475Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:53:02.0113132Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:53:02.021345414Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:53:02.023314143Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:53:02.032898089Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:53:02.03577678Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:53:02.043802202Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:53:02.045653029Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:53:02.052788549Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:53:02.054347004Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:53:02.058280253Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:53:02.059632003Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:53:02.069750632Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:53:02.074055713Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:53:02.083530589Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:53:02.086877963Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:53:02.095817952Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:53:02.09783942Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:53:02.105643997Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:53:02.108045418Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:53:02.111042135Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:53:02.112650834Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:53:02.123255684Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:53:02.125777684Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:53:02.134562587Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:53:02.137833842Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:53:02.146411215Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:53:02.148022105Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:53:02.155273659Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:53:02.157903371Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:53:02.160903889Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:53:02.162492371Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:53:02.173514186Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:53:02.175219286Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:53:02.184086946Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:53:02.188092246Z 59 PC: 12cdd | Change current directory
2018-12-25T11:53:02.192800624Z 42 PC: 12d65 | Get date 0x12d65: cmp dh, 0xa
0x12d68: jne 0x12d95
0x12d6a: nop
0x12d6b: nop
0x12d6c: nop
0x12d6d: cmp dl, 0x12
0x12d70: jne 0x12d95
0x12d72: nop
0x12d73: nop
0x12d74: nop
0x12d75: mov ah, 9
0x12d77: lea dx, word ptr [bp + 0x43f]
0x12d7b: int 0x21
0x12d7d: xor ax, ax
0x12d7f: int 0x16
0x12d81: mov ah, 3
0x12d83: mov al, 0xf
0x12d85: mov ch, 0
0x12d87: mov cl, 1
0x12d89: mov dh, 0
2018-12-25T11:53:02.195961129Z 37 PC: 12d9e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:53:02.197759693Z 59 PC: 12da6 | Change current directory
2018-12-25T11:53:02.200828006Z 26 PC: 12de6 | Set disk transfer address

{"DateBased":true,"Day":18,"Month":10,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4854,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:53:02.127591392Z 26 PC: 12b91 | Set disk transfer address
2018-12-25T11:53:02.129941174Z 53 PC: 12b96 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:53:02.131430498Z 37 PC: 12ba7 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:53:02.132822119Z 71 PC: 12bb0 | Get current directory
2018-12-25T11:53:02.13639409Z 78 PC: 12bbb | Find first file
2018-12-25T11:53:02.142159032Z 78 PC: 12c4f | Find first file
2018-12-25T11:53:02.14772069Z 78 PC: 12ccd | Find first file
2018-12-25T11:53:02.153800187Z 61 PC: 12cee | Open file
2018-12-25T11:53:02.164866358Z 87 PC: 12df0 | Get or set file date and time
2018-12-25T11:53:02.166172267Z 63 PC: 12d18 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T11:53:02.182839302Z 66 PC: 12e0f | Move file pointer
2018-12-25T11:53:02.184432415Z 64 PC: 12d3c | Write file or device (Write 5 bytes on handle 5)
2018-12-25T11:53:02.187788353Z 66 PC: 12e18 | Move file pointer
2018-12-25T11:53:02.190148227Z 64 PC: 12d4f | Write file or device (Write 1372 bytes on handle 5)
2018-12-25T11:53:02.205023248Z 87 PC: 12e06 | Get or set file date and time
2018-12-25T11:53:02.20661886Z 62 PC: 12d56 | Close file
2018-12-25T11:53:02.214094811Z 79 PC: 12d5a | Find next file
2018-12-25T11:53:02.216983113Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:53:02.223418503Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:53:02.224697208Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:53:02.231437377Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:53:02.232781111Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:53:02.235415973Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:53:02.237347289Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:53:02.245693931Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:53:02.247174903Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:53:02.263160658Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:53:02.26608208Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:53:02.273206635Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:53:02.277996508Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:53:02.283795373Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:53:02.285033195Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:53:02.288397796Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:53:02.289776632Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:53:02.298149555Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:53:02.300827554Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:53:02.30852906Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:53:02.311280181Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:53:02.318803691Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:53:02.320799124Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:53:02.327064618Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:53:02.328595064Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:53:02.332374005Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:53:02.333661793Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:53:02.342205927Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:53:02.344403135Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:53:02.352356401Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:53:02.354847896Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:53:02.36201981Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:53:02.36335581Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:53:02.369639211Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:53:02.371891535Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:53:02.374528773Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:53:02.375937853Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:53:02.385622569Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:53:02.387344591Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:53:02.39509947Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:53:02.39890257Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:53:02.40546335Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:53:02.407037304Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:53:02.41474753Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:53:02.416376068Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:53:02.419074362Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:53:02.42175891Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:53:02.43044396Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:53:02.432063054Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:53:02.440584036Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:53:02.443429634Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:53:02.450074214Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:53:02.453303662Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:53:02.460318023Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:53:02.461819619Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:53:02.464718126Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:53:02.467061339Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:53:02.475716192Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:53:02.478977142Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:53:02.487448641Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:53:02.490316095Z 61 PC: 12cee | Open file (See above)
2018-12-25T11:53:02.496866293Z 87 PC: 12df0 | Get or set file date and time (See above)
2018-12-25T11:53:02.499084775Z 63 PC: 12d18 | Read file or device (See above)
2018-12-25T11:53:02.505267066Z 66 PC: 12e0f | Move file pointer (See above)
2018-12-25T11:53:02.506536349Z 64 PC: 12d3c | Write file or device (See above)
2018-12-25T11:53:02.50955897Z 66 PC: 12e18 | Move file pointer (See above)
2018-12-25T11:53:02.510997227Z 64 PC: 12d4f | Write file or device (See above)
2018-12-25T11:53:02.519662928Z 87 PC: 12e06 | Get or set file date and time (See above)
2018-12-25T11:53:02.521764001Z 62 PC: 12d56 | Close file (See above)
2018-12-25T11:53:02.529803414Z 79 PC: 12d5a | Find next file (See above)
2018-12-25T11:53:02.532871891Z 59 PC: 12cdd | Change current directory
2018-12-25T11:53:02.538169586Z 42 PC: 12d65 | Get date 0x12d65: cmp dh, 0xa
0x12d68: jne 0x12d95
0x12d6a: nop
0x12d6b: nop
0x12d6c: nop
0x12d6d: cmp dl, 0x12
0x12d70: jne 0x12d95
0x12d72: nop
0x12d73: nop
0x12d74: nop
0x12d75: mov ah, 9
0x12d77: lea dx, word ptr [bp + 0x43f]
0x12d7b: int 0x21
0x12d7d: xor ax, ax
0x12d7f: int 0x16
0x12d81: mov ah, 3
0x12d83: mov al, 0xf
0x12d85: mov ch, 0
0x12d87: mov cl, 1
0x12d89: mov dh, 0
2018-12-25T11:53:02.540499665Z 9 PC: 12d7d | Display string (String= 'M�� A &ck�� �!j�W�!/%���')