{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4888,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:53:11.546473737Z | 26 | PC: 12a66 | Set disk transfer address |
| 2018-12-25T11:53:11.54794859Z | 71 | PC: 12a70 | Get current directory |
| 2018-12-25T11:53:11.550606879Z | 78 | PC: 12a86 | Find first file |
| 2018-12-25T11:53:11.556252245Z | 67 | PC: 12ab6 | Get or set file attributes |
| 2018-12-25T11:53:11.562356469Z | 67 | PC: 12ac6 | Get or set file attributes |
| 2018-12-25T11:53:11.577177367Z | 61 | PC: 12acf | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T11:53:11.588100878Z | 87 | PC: 12ad5 | Get or set file date and time |
| 2018-12-25T11:53:11.58967034Z | 63 | PC: 12aea | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T11:53:11.593550553Z | 66 | PC: 12b4c | Move file pointer |
| 2018-12-25T11:53:11.594412557Z | 64 | PC: 12b57 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T11:53:11.596177357Z | 66 | PC: 12b5f | Move file pointer |
| 2018-12-25T11:53:11.597303646Z | 64 | PC: 12b6a | Write file or device (Write 843 bytes on handle 5) |
| 2018-12-25T11:53:11.602708041Z | 87 | PC: 12b0c | Get or set file date and time |
| 2018-12-25T11:53:11.603676527Z | 67 | PC: 12b1a | Get or set file attributes |
| 2018-12-25T11:53:11.610443282Z | 62 | PC: 12b1e | Close file |
| 2018-12-25T11:53:11.614711738Z | 78 | PC: 12bbd | Find first file |
| 2018-12-25T11:53:11.618169101Z | 78 | PC: 12be5 | Find first file |
| 2018-12-25T11:53:11.622435573Z | 79 | PC: 12aa9 | Find next file |
| 2018-12-25T11:53:11.624500627Z | 67 | PC: 12ab6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:11.630961392Z | 67 | PC: 12ac6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:11.638883843Z | 61 | PC: 12acf | Open file (See above) |
| 2018-12-25T11:53:11.64566495Z | 87 | PC: 12ad5 | Get or set file date and time (See above) |
| 2018-12-25T11:53:11.646673186Z | 63 | PC: 12aea | Read file or device (See above) |
| 2018-12-25T11:53:11.653172839Z | 66 | PC: 12b4c | Move file pointer (See above) |
| 2018-12-25T11:53:11.654381487Z | 64 | PC: 12b57 | Write file or device (See above) |
| 2018-12-25T11:53:11.65681534Z | 66 | PC: 12b5f | Move file pointer (See above) |
| 2018-12-25T11:53:11.658948795Z | 64 | PC: 12b6a | Write file or device (See above) |
| 2018-12-25T11:53:11.667217965Z | 87 | PC: 12b0c | Get or set file date and time (See above) |
| 2018-12-25T11:53:11.668567268Z | 67 | PC: 12b1a | Get or set file attributes (See above) |
| 2018-12-25T11:53:11.679073229Z | 62 | PC: 12b1e | Close file (See above) |
| 2018-12-25T11:53:11.685792296Z | 78 | PC: 12bbd | Find first file (See above) |
| 2018-12-25T11:53:11.691476975Z | 78 | PC: 12be5 | Find first file (See above) |
| 2018-12-25T11:53:11.697754984Z | 79 | PC: 12aa9 | Find next file (See above) |
| 2018-12-25T11:53:11.700257449Z | 67 | PC: 12ab6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:11.710549957Z | 67 | PC: 12ac6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:11.722771215Z | 61 | PC: 12acf | Open file (See above) |
| 2018-12-25T11:53:11.729726907Z | 87 | PC: 12ad5 | Get or set file date and time (See above) |
| 2018-12-25T11:53:11.730894578Z | 63 | PC: 12aea | Read file or device (See above) |
| 2018-12-25T11:53:11.736996906Z | 66 | PC: 12b4c | Move file pointer (See above) |
| 2018-12-25T11:53:11.73830582Z | 64 | PC: 12b57 | Write file or device (See above) |
| 2018-12-25T11:53:11.740534421Z | 66 | PC: 12b5f | Move file pointer (See above) |
| 2018-12-25T11:53:11.74175808Z | 64 | PC: 12b6a | Write file or device (See above) |
| 2018-12-25T11:53:11.749578016Z | 87 | PC: 12b0c | Get or set file date and time (See above) |
| 2018-12-25T11:53:11.751142893Z | 67 | PC: 12b1a | Get or set file attributes (See above) |
| 2018-12-25T11:53:11.761277792Z | 62 | PC: 12b1e | Close file (See above) |
| 2018-12-25T11:53:11.767924828Z | 78 | PC: 12bbd | Find first file (See above) |
| 2018-12-25T11:53:11.77339553Z | 78 | PC: 12be5 | Find first file (See above) |
| 2018-12-25T11:53:11.778894688Z | 79 | PC: 12aa9 | Find next file (See above) |
| 2018-12-25T11:53:11.781475188Z | 67 | PC: 12ab6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:11.791898652Z | 67 | PC: 12ac6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:11.801062184Z | 61 | PC: 12acf | Open file (See above) |
| 2018-12-25T11:53:11.807619364Z | 87 | PC: 12ad5 | Get or set file date and time (See above) |
| 2018-12-25T11:53:11.809135617Z | 63 | PC: 12aea | Read file or device (See above) |
| 2018-12-25T11:53:11.815502877Z | 66 | PC: 12b4c | Move file pointer (See above) |
| 2018-12-25T11:53:11.816768948Z | 64 | PC: 12b57 | Write file or device (See above) |
| 2018-12-25T11:53:11.81912652Z | 66 | PC: 12b5f | Move file pointer (See above) |
| 2018-12-25T11:53:11.820197922Z | 64 | PC: 12b6a | Write file or device (See above) |
| 2018-12-25T11:53:11.827891424Z | 87 | PC: 12b0c | Get or set file date and time (See above) |
| 2018-12-25T11:53:11.829173345Z | 67 | PC: 12b1a | Get or set file attributes (See above) |
| 2018-12-25T11:53:11.839164108Z | 62 | PC: 12b1e | Close file (See above) |
| 2018-12-25T11:53:11.845906242Z | 78 | PC: 12bbd | Find first file (See above) |
| 2018-12-25T11:53:11.852028836Z | 78 | PC: 12be5 | Find first file (See above) |
| 2018-12-25T11:53:11.8574314Z | 79 | PC: 12aa9 | Find next file (See above) |
| 2018-12-25T11:53:11.859896435Z | 67 | PC: 12ab6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:11.865216299Z | 67 | PC: 12ac6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:11.874482369Z | 61 | PC: 12acf | Open file (See above) |
| 2018-12-25T11:53:11.881088176Z | 87 | PC: 12ad5 | Get or set file date and time (See above) |
| 2018-12-25T11:53:11.882191056Z | 63 | PC: 12aea | Read file or device (See above) |
| 2018-12-25T11:53:11.888200997Z | 66 | PC: 12b4c | Move file pointer (See above) |
| 2018-12-25T11:53:11.889627123Z | 64 | PC: 12b57 | Write file or device (See above) |
| 2018-12-25T11:53:11.892014687Z | 66 | PC: 12b5f | Move file pointer (See above) |
| 2018-12-25T11:53:11.893210616Z | 64 | PC: 12b6a | Write file or device (See above) |
| 2018-12-25T11:53:11.901135856Z | 87 | PC: 12b0c | Get or set file date and time (See above) |
| 2018-12-25T11:53:11.902430012Z | 67 | PC: 12b1a | Get or set file attributes (See above) |
| 2018-12-25T11:53:11.913533441Z | 62 | PC: 12b1e | Close file (See above) |
| 2018-12-25T11:53:11.920390453Z | 78 | PC: 12bbd | Find first file (See above) |
| 2018-12-25T11:53:11.92584633Z | 78 | PC: 12be5 | Find first file (See above) |
| 2018-12-25T11:53:11.931264524Z | 78 | PC: 12bbd | Find first file (See above) |
| 2018-12-25T11:53:11.936880339Z | 78 | PC: 12be5 | Find first file (See above) |
| 2018-12-25T11:53:11.9471199Z | 59 | PC: 12b7d | Change current directory |
| 2018-12-25T11:53:11.948643163Z | 42 | PC: 12b81 | Get date 0x12b81: cmp dh, 0xa 0x12b84: jne 0x12b8d 0x12b86: cmp dl, 0x15 0x12b89: jne 0x12b8d 0x12b8b: jmp 0x12b9b 0x12b8d: ret 0x12b8e: mov ah, 0x3b 0x12b90: lea dx, word ptr [bp + 0x403] 0x12b94: int 0x21 0x12b96: jb 0x12b71 0x12b98: jmp 0x12a76 0x12b9b: mov al, 2 0x12b9d: mov cx, 0x29a 0x12ba0: mov dx, 0 0x12ba3: mov bx, 0x2bc 0x12ba6: int 0x26 0x12ba8: lea dx, word ptr [bp + 0x437] 0x12bac: mov ah, 9 0x12bae: int 0x21 0x12bb0: jmp 0x12bb0 |
{"DateBased":true,"Day":1,"Month":10,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4888,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:53:11.575621238Z | 26 | PC: 12a66 | Set disk transfer address |
| 2018-12-25T11:53:11.57699678Z | 71 | PC: 12a70 | Get current directory |
| 2018-12-25T11:53:11.580898952Z | 78 | PC: 12a86 | Find first file |
| 2018-12-25T11:53:11.588424139Z | 67 | PC: 12ab6 | Get or set file attributes |
| 2018-12-25T11:53:11.59485926Z | 67 | PC: 12ac6 | Get or set file attributes |
| 2018-12-25T11:53:11.620580375Z | 61 | PC: 12acf | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T11:53:11.636922032Z | 87 | PC: 12ad5 | Get or set file date and time |
| 2018-12-25T11:53:11.638568313Z | 63 | PC: 12aea | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T11:53:11.646561637Z | 66 | PC: 12b4c | Move file pointer |
| 2018-12-25T11:53:11.648585612Z | 64 | PC: 12b57 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T11:53:11.651716653Z | 66 | PC: 12b5f | Move file pointer |
| 2018-12-25T11:53:11.656087004Z | 64 | PC: 12b6a | Write file or device (Write 843 bytes on handle 5) |
| 2018-12-25T11:53:11.666470064Z | 87 | PC: 12b0c | Get or set file date and time |
| 2018-12-25T11:53:11.668550157Z | 67 | PC: 12b1a | Get or set file attributes |
| 2018-12-25T11:53:11.681147073Z | 62 | PC: 12b1e | Close file |
| 2018-12-25T11:53:11.689277105Z | 78 | PC: 12bbd | Find first file |
| 2018-12-25T11:53:11.696246075Z | 78 | PC: 12be5 | Find first file |
| 2018-12-25T11:53:11.703302706Z | 79 | PC: 12aa9 | Find next file |
| 2018-12-25T11:53:11.706381436Z | 67 | PC: 12ab6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:11.724544508Z | 67 | PC: 12ac6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:11.735969664Z | 61 | PC: 12acf | Open file (See above) |
| 2018-12-25T11:53:11.744054328Z | 87 | PC: 12ad5 | Get or set file date and time (See above) |
| 2018-12-25T11:53:11.745673045Z | 63 | PC: 12aea | Read file or device (See above) |
| 2018-12-25T11:53:11.75277841Z | 66 | PC: 12b4c | Move file pointer (See above) |
| 2018-12-25T11:53:11.76144569Z | 64 | PC: 12b57 | Write file or device (See above) |
| 2018-12-25T11:53:11.764736777Z | 66 | PC: 12b5f | Move file pointer (See above) |
| 2018-12-25T11:53:11.766703546Z | 64 | PC: 12b6a | Write file or device (See above) |
| 2018-12-25T11:53:11.776806813Z | 87 | PC: 12b0c | Get or set file date and time (See above) |
| 2018-12-25T11:53:11.778915515Z | 67 | PC: 12b1a | Get or set file attributes (See above) |
| 2018-12-25T11:53:11.792127125Z | 62 | PC: 12b1e | Close file (See above) |
| 2018-12-25T11:53:11.804581983Z | 78 | PC: 12bbd | Find first file (See above) |
| 2018-12-25T11:53:11.81818032Z | 78 | PC: 12be5 | Find first file (See above) |
| 2018-12-25T11:53:11.824693609Z | 79 | PC: 12aa9 | Find next file (See above) |
| 2018-12-25T11:53:11.828328332Z | 67 | PC: 12ab6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:11.83528181Z | 67 | PC: 12ac6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:11.848886651Z | 61 | PC: 12acf | Open file (See above) |
| 2018-12-25T11:53:11.863904917Z | 87 | PC: 12ad5 | Get or set file date and time (See above) |
| 2018-12-25T11:53:11.866412586Z | 63 | PC: 12aea | Read file or device (See above) |
| 2018-12-25T11:53:11.874171468Z | 66 | PC: 12b4c | Move file pointer (See above) |
| 2018-12-25T11:53:11.876218702Z | 64 | PC: 12b57 | Write file or device (See above) |
| 2018-12-25T11:53:11.879830611Z | 66 | PC: 12b5f | Move file pointer (See above) |
| 2018-12-25T11:53:11.881833914Z | 64 | PC: 12b6a | Write file or device (See above) |
| 2018-12-25T11:53:11.891964726Z | 87 | PC: 12b0c | Get or set file date and time (See above) |
| 2018-12-25T11:53:11.894470296Z | 67 | PC: 12b1a | Get or set file attributes (See above) |
| 2018-12-25T11:53:11.906590923Z | 62 | PC: 12b1e | Close file (See above) |
| 2018-12-25T11:53:11.914092737Z | 78 | PC: 12bbd | Find first file (See above) |
| 2018-12-25T11:53:11.920945448Z | 78 | PC: 12be5 | Find first file (See above) |
| 2018-12-25T11:53:11.928600539Z | 79 | PC: 12aa9 | Find next file (See above) |
| 2018-12-25T11:53:11.931278472Z | 67 | PC: 12ab6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:11.938138676Z | 67 | PC: 12ac6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:11.948953704Z | 61 | PC: 12acf | Open file (See above) |
| 2018-12-25T11:53:11.956424041Z | 87 | PC: 12ad5 | Get or set file date and time (See above) |
| 2018-12-25T11:53:11.958696105Z | 63 | PC: 12aea | Read file or device (See above) |
| 2018-12-25T11:53:11.965748864Z | 66 | PC: 12b4c | Move file pointer (See above) |
| 2018-12-25T11:53:11.96731886Z | 64 | PC: 12b57 | Write file or device (See above) |
| 2018-12-25T11:53:11.970959701Z | 66 | PC: 12b5f | Move file pointer (See above) |
| 2018-12-25T11:53:11.97291605Z | 64 | PC: 12b6a | Write file or device (See above) |
| 2018-12-25T11:53:11.981893117Z | 87 | PC: 12b0c | Get or set file date and time (See above) |
| 2018-12-25T11:53:11.983606682Z | 67 | PC: 12b1a | Get or set file attributes (See above) |
| 2018-12-25T11:53:11.996742151Z | 62 | PC: 12b1e | Close file (See above) |
| 2018-12-25T11:53:12.005426609Z | 78 | PC: 12bbd | Find first file (See above) |
| 2018-12-25T11:53:12.012689561Z | 78 | PC: 12be5 | Find first file (See above) |
| 2018-12-25T11:53:12.020737612Z | 79 | PC: 12aa9 | Find next file (See above) |
| 2018-12-25T11:53:12.024032263Z | 67 | PC: 12ab6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.030811983Z | 67 | PC: 12ac6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.04617201Z | 61 | PC: 12acf | Open file (See above) |
| 2018-12-25T11:53:12.060993099Z | 87 | PC: 12ad5 | Get or set file date and time (See above) |
| 2018-12-25T11:53:12.063037904Z | 63 | PC: 12aea | Read file or device (See above) |
| 2018-12-25T11:53:12.070882851Z | 66 | PC: 12b4c | Move file pointer (See above) |
| 2018-12-25T11:53:12.073303177Z | 64 | PC: 12b57 | Write file or device (See above) |
| 2018-12-25T11:53:12.076727576Z | 66 | PC: 12b5f | Move file pointer (See above) |
| 2018-12-25T11:53:12.07899766Z | 64 | PC: 12b6a | Write file or device (See above) |
| 2018-12-25T11:53:12.089411837Z | 87 | PC: 12b0c | Get or set file date and time (See above) |
| 2018-12-25T11:53:12.091533693Z | 67 | PC: 12b1a | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.103892781Z | 62 | PC: 12b1e | Close file (See above) |
| 2018-12-25T11:53:12.11332195Z | 78 | PC: 12bbd | Find first file (See above) |
| 2018-12-25T11:53:12.120740288Z | 78 | PC: 12be5 | Find first file (See above) |
| 2018-12-25T11:53:12.124683318Z | 78 | PC: 12bbd | Find first file (See above) |
| 2018-12-25T11:53:12.129394866Z | 78 | PC: 12be5 | Find first file (See above) |
| 2018-12-25T11:53:12.136244273Z | 59 | PC: 12b7d | Change current directory |
| 2018-12-25T11:53:12.138568126Z | 42 | PC: 12b81 | Get date 0x12b81: cmp dh, 0xa 0x12b84: jne 0x12b8d 0x12b86: cmp dl, 0x15 0x12b89: jne 0x12b8d 0x12b8b: jmp 0x12b9b 0x12b8d: ret 0x12b8e: mov ah, 0x3b 0x12b90: lea dx, word ptr [bp + 0x403] 0x12b94: int 0x21 0x12b96: jb 0x12b71 0x12b98: jmp 0x12a76 0x12b9b: mov al, 2 0x12b9d: mov cx, 0x29a 0x12ba0: mov dx, 0 0x12ba3: mov bx, 0x2bc 0x12ba6: int 0x26 0x12ba8: lea dx, word ptr [bp + 0x437] 0x12bac: mov ah, 9 0x12bae: int 0x21 0x12bb0: jmp 0x12bb0 |
{"DateBased":true,"Day":21,"Month":10,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4888,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:53:11.667961194Z | 26 | PC: 12a66 | Set disk transfer address |
| 2018-12-25T11:53:11.669401812Z | 71 | PC: 12a70 | Get current directory |
| 2018-12-25T11:53:11.674077912Z | 78 | PC: 12a86 | Find first file |
| 2018-12-25T11:53:11.68150875Z | 67 | PC: 12ab6 | Get or set file attributes |
| 2018-12-25T11:53:11.687895761Z | 67 | PC: 12ac6 | Get or set file attributes |
| 2018-12-25T11:53:11.714274127Z | 61 | PC: 12acf | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T11:53:11.722296795Z | 87 | PC: 12ad5 | Get or set file date and time |
| 2018-12-25T11:53:11.724357699Z | 63 | PC: 12aea | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T11:53:11.74492851Z | 66 | PC: 12b4c | Move file pointer |
| 2018-12-25T11:53:11.747010968Z | 64 | PC: 12b57 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T11:53:11.750043733Z | 66 | PC: 12b5f | Move file pointer |
| 2018-12-25T11:53:11.75216298Z | 64 | PC: 12b6a | Write file or device (Write 843 bytes on handle 5) |
| 2018-12-25T11:53:11.766242615Z | 87 | PC: 12b0c | Get or set file date and time |
| 2018-12-25T11:53:11.774153147Z | 67 | PC: 12b1a | Get or set file attributes |
| 2018-12-25T11:53:11.787736329Z | 62 | PC: 12b1e | Close file |
| 2018-12-25T11:53:11.796474824Z | 78 | PC: 12bbd | Find first file |
| 2018-12-25T11:53:11.802934497Z | 78 | PC: 12be5 | Find first file |
| 2018-12-25T11:53:11.809524782Z | 79 | PC: 12aa9 | Find next file |
| 2018-12-25T11:53:11.813976169Z | 67 | PC: 12ab6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:11.820787662Z | 67 | PC: 12ac6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:11.83447931Z | 61 | PC: 12acf | Open file (See above) |
| 2018-12-25T11:53:11.854700641Z | 87 | PC: 12ad5 | Get or set file date and time (See above) |
| 2018-12-25T11:53:11.856612556Z | 63 | PC: 12aea | Read file or device (See above) |
| 2018-12-25T11:53:11.864473194Z | 66 | PC: 12b4c | Move file pointer (See above) |
| 2018-12-25T11:53:11.867125439Z | 64 | PC: 12b57 | Write file or device (See above) |
| 2018-12-25T11:53:11.870575344Z | 66 | PC: 12b5f | Move file pointer (See above) |
| 2018-12-25T11:53:11.872038548Z | 64 | PC: 12b6a | Write file or device (See above) |
| 2018-12-25T11:53:11.880167515Z | 87 | PC: 12b0c | Get or set file date and time (See above) |
| 2018-12-25T11:53:11.88317773Z | 67 | PC: 12b1a | Get or set file attributes (See above) |
| 2018-12-25T11:53:11.895994225Z | 62 | PC: 12b1e | Close file (See above) |
| 2018-12-25T11:53:11.904870452Z | 78 | PC: 12bbd | Find first file (See above) |
| 2018-12-25T11:53:11.91290826Z | 78 | PC: 12be5 | Find first file (See above) |
| 2018-12-25T11:53:11.919272444Z | 79 | PC: 12aa9 | Find next file (See above) |
| 2018-12-25T11:53:11.922223419Z | 67 | PC: 12ab6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:11.929021187Z | 67 | PC: 12ac6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:11.940072003Z | 61 | PC: 12acf | Open file (See above) |
| 2018-12-25T11:53:11.947682199Z | 87 | PC: 12ad5 | Get or set file date and time (See above) |
| 2018-12-25T11:53:11.950224146Z | 63 | PC: 12aea | Read file or device (See above) |
| 2018-12-25T11:53:11.957557855Z | 66 | PC: 12b4c | Move file pointer (See above) |
| 2018-12-25T11:53:11.959356615Z | 64 | PC: 12b57 | Write file or device (See above) |
| 2018-12-25T11:53:11.963563565Z | 66 | PC: 12b5f | Move file pointer (See above) |
| 2018-12-25T11:53:11.96537312Z | 64 | PC: 12b6a | Write file or device (See above) |
| 2018-12-25T11:53:11.974652924Z | 87 | PC: 12b0c | Get or set file date and time (See above) |
| 2018-12-25T11:53:11.977058472Z | 67 | PC: 12b1a | Get or set file attributes (See above) |
| 2018-12-25T11:53:11.989786393Z | 62 | PC: 12b1e | Close file (See above) |
| 2018-12-25T11:53:11.997443561Z | 78 | PC: 12bbd | Find first file (See above) |
| 2018-12-25T11:53:12.004940511Z | 78 | PC: 12be5 | Find first file (See above) |
| 2018-12-25T11:53:12.011377973Z | 79 | PC: 12aa9 | Find next file (See above) |
| 2018-12-25T11:53:12.014983441Z | 67 | PC: 12ab6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.021533227Z | 67 | PC: 12ac6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.03899062Z | 61 | PC: 12acf | Open file (See above) |
| 2018-12-25T11:53:12.052388555Z | 87 | PC: 12ad5 | Get or set file date and time (See above) |
| 2018-12-25T11:53:12.054476374Z | 63 | PC: 12aea | Read file or device (See above) |
| 2018-12-25T11:53:12.063190003Z | 66 | PC: 12b4c | Move file pointer (See above) |
| 2018-12-25T11:53:12.065323817Z | 64 | PC: 12b57 | Write file or device (See above) |
| 2018-12-25T11:53:12.068808439Z | 66 | PC: 12b5f | Move file pointer (See above) |
| 2018-12-25T11:53:12.071693366Z | 64 | PC: 12b6a | Write file or device (See above) |
| 2018-12-25T11:53:12.080637622Z | 87 | PC: 12b0c | Get or set file date and time (See above) |
| 2018-12-25T11:53:12.082644726Z | 67 | PC: 12b1a | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.095526257Z | 62 | PC: 12b1e | Close file (See above) |
| 2018-12-25T11:53:12.103850807Z | 78 | PC: 12bbd | Find first file (See above) |
| 2018-12-25T11:53:12.111211644Z | 78 | PC: 12be5 | Find first file (See above) |
| 2018-12-25T11:53:12.11866005Z | 79 | PC: 12aa9 | Find next file (See above) |
| 2018-12-25T11:53:12.12172245Z | 67 | PC: 12ab6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.128779539Z | 67 | PC: 12ac6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.140339125Z | 61 | PC: 12acf | Open file (See above) |
| 2018-12-25T11:53:12.148299779Z | 87 | PC: 12ad5 | Get or set file date and time (See above) |
| 2018-12-25T11:53:12.149984696Z | 63 | PC: 12aea | Read file or device (See above) |
| 2018-12-25T11:53:12.157154249Z | 66 | PC: 12b4c | Move file pointer (See above) |
| 2018-12-25T11:53:12.158867163Z | 64 | PC: 12b57 | Write file or device (See above) |
| 2018-12-25T11:53:12.161897657Z | 66 | PC: 12b5f | Move file pointer (See above) |
| 2018-12-25T11:53:12.163584789Z | 64 | PC: 12b6a | Write file or device (See above) |
| 2018-12-25T11:53:12.173184776Z | 87 | PC: 12b0c | Get or set file date and time (See above) |
| 2018-12-25T11:53:12.175199993Z | 67 | PC: 12b1a | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.187702576Z | 62 | PC: 12b1e | Close file (See above) |
| 2018-12-25T11:53:12.196489621Z | 78 | PC: 12bbd | Find first file (See above) |
| 2018-12-25T11:53:12.20329595Z | 78 | PC: 12be5 | Find first file (See above) |
| 2018-12-25T11:53:12.210136468Z | 78 | PC: 12bbd | Find first file (See above) |
| 2018-12-25T11:53:12.218347637Z | 78 | PC: 12be5 | Find first file (See above) |
| 2018-12-25T11:53:12.230477934Z | 59 | PC: 12b7d | Change current directory |
| 2018-12-25T11:53:12.232663744Z | 42 | PC: 12b81 | Get date 0x12b81: cmp dh, 0xa 0x12b84: jne 0x12b8d 0x12b86: cmp dl, 0x15 0x12b89: jne 0x12b8d 0x12b8b: jmp 0x12b9b 0x12b8d: ret 0x12b8e: mov ah, 0x3b 0x12b90: lea dx, word ptr [bp + 0x403] 0x12b94: int 0x21 0x12b96: jb 0x12b71 0x12b98: jmp 0x12a76 0x12b9b: mov al, 2 0x12b9d: mov cx, 0x29a 0x12ba0: mov dx, 0 0x12ba3: mov bx, 0x2bc 0x12ba6: int 0x26 0x12ba8: lea dx, word ptr [bp + 0x437] 0x12bac: mov ah, 9 0x12bae: int 0x21 0x12bb0: jmp 0x12bb0 |
| 2018-12-25T11:53:12.236649261Z | 9 | PC: 12bb0 | Display string (String= 'Happy Birthday Freaky!') |
{"DateBased":true,"Day":1,"Month":10,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4888,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:53:11.644736253Z | 26 | PC: 12a66 | Set disk transfer address |
| 2018-12-25T11:53:11.647400571Z | 71 | PC: 12a70 | Get current directory |
| 2018-12-25T11:53:11.672810874Z | 78 | PC: 12a86 | Find first file |
| 2018-12-25T11:53:11.684308813Z | 67 | PC: 12ab6 | Get or set file attributes |
| 2018-12-25T11:53:11.690789949Z | 67 | PC: 12ac6 | Get or set file attributes |
| 2018-12-25T11:53:11.713561837Z | 61 | PC: 12acf | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T11:53:11.720827828Z | 87 | PC: 12ad5 | Get or set file date and time |
| 2018-12-25T11:53:11.72239394Z | 63 | PC: 12aea | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T11:53:11.731020789Z | 66 | PC: 12b4c | Move file pointer |
| 2018-12-25T11:53:11.732611556Z | 64 | PC: 12b57 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T11:53:11.735696378Z | 66 | PC: 12b5f | Move file pointer |
| 2018-12-25T11:53:11.737967602Z | 64 | PC: 12b6a | Write file or device (Write 843 bytes on handle 5) |
| 2018-12-25T11:53:11.747184724Z | 87 | PC: 12b0c | Get or set file date and time |
| 2018-12-25T11:53:11.748904467Z | 67 | PC: 12b1a | Get or set file attributes |
| 2018-12-25T11:53:11.76121917Z | 62 | PC: 12b1e | Close file |
| 2018-12-25T11:53:11.768924264Z | 78 | PC: 12bbd | Find first file |
| 2018-12-25T11:53:11.776149522Z | 78 | PC: 12be5 | Find first file |
| 2018-12-25T11:53:11.783679367Z | 79 | PC: 12aa9 | Find next file |
| 2018-12-25T11:53:11.786607692Z | 67 | PC: 12ab6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:11.793299273Z | 67 | PC: 12ac6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:11.80434489Z | 61 | PC: 12acf | Open file (See above) |
| 2018-12-25T11:53:11.819070719Z | 87 | PC: 12ad5 | Get or set file date and time (See above) |
| 2018-12-25T11:53:11.820789155Z | 63 | PC: 12aea | Read file or device (See above) |
| 2018-12-25T11:53:11.828469139Z | 66 | PC: 12b4c | Move file pointer (See above) |
| 2018-12-25T11:53:11.831506399Z | 64 | PC: 12b57 | Write file or device (See above) |
| 2018-12-25T11:53:11.834671457Z | 66 | PC: 12b5f | Move file pointer (See above) |
| 2018-12-25T11:53:11.837113619Z | 64 | PC: 12b6a | Write file or device (See above) |
| 2018-12-25T11:53:11.847439128Z | 87 | PC: 12b0c | Get or set file date and time (See above) |
| 2018-12-25T11:53:11.849786766Z | 67 | PC: 12b1a | Get or set file attributes (See above) |
| 2018-12-25T11:53:11.86319548Z | 62 | PC: 12b1e | Close file (See above) |
| 2018-12-25T11:53:11.872052502Z | 78 | PC: 12bbd | Find first file (See above) |
| 2018-12-25T11:53:11.878218853Z | 78 | PC: 12be5 | Find first file (See above) |
| 2018-12-25T11:53:11.882261322Z | 79 | PC: 12aa9 | Find next file (See above) |
| 2018-12-25T11:53:11.884926361Z | 67 | PC: 12ab6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:11.892040761Z | 67 | PC: 12ac6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:11.900943244Z | 61 | PC: 12acf | Open file (See above) |
| 2018-12-25T11:53:11.906111948Z | 87 | PC: 12ad5 | Get or set file date and time (See above) |
| 2018-12-25T11:53:11.907363547Z | 63 | PC: 12aea | Read file or device (See above) |
| 2018-12-25T11:53:11.911726892Z | 66 | PC: 12b4c | Move file pointer (See above) |
| 2018-12-25T11:53:11.921389307Z | 64 | PC: 12b57 | Write file or device (See above) |
| 2018-12-25T11:53:11.924391212Z | 66 | PC: 12b5f | Move file pointer (See above) |
| 2018-12-25T11:53:11.925874448Z | 64 | PC: 12b6a | Write file or device (See above) |
| 2018-12-25T11:53:11.935818943Z | 87 | PC: 12b0c | Get or set file date and time (See above) |
| 2018-12-25T11:53:11.937793801Z | 67 | PC: 12b1a | Get or set file attributes (See above) |
| 2018-12-25T11:53:11.949731102Z | 62 | PC: 12b1e | Close file (See above) |
| 2018-12-25T11:53:11.957958603Z | 78 | PC: 12bbd | Find first file (See above) |
| 2018-12-25T11:53:11.965307736Z | 78 | PC: 12be5 | Find first file (See above) |
| 2018-12-25T11:53:11.978194138Z | 79 | PC: 12aa9 | Find next file (See above) |
| 2018-12-25T11:53:11.981252488Z | 67 | PC: 12ab6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:11.988424018Z | 67 | PC: 12ac6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:11.999731481Z | 61 | PC: 12acf | Open file (See above) |
| 2018-12-25T11:53:12.007315937Z | 87 | PC: 12ad5 | Get or set file date and time (See above) |
| 2018-12-25T11:53:12.010089496Z | 63 | PC: 12aea | Read file or device (See above) |
| 2018-12-25T11:53:12.017771193Z | 66 | PC: 12b4c | Move file pointer (See above) |
| 2018-12-25T11:53:12.019455479Z | 64 | PC: 12b57 | Write file or device (See above) |
| 2018-12-25T11:53:12.023894244Z | 66 | PC: 12b5f | Move file pointer (See above) |
| 2018-12-25T11:53:12.025636787Z | 64 | PC: 12b6a | Write file or device (See above) |
| 2018-12-25T11:53:12.034570424Z | 87 | PC: 12b0c | Get or set file date and time (See above) |
| 2018-12-25T11:53:12.03754428Z | 67 | PC: 12b1a | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.04995738Z | 62 | PC: 12b1e | Close file (See above) |
| 2018-12-25T11:53:12.058139388Z | 78 | PC: 12bbd | Find first file (See above) |
| 2018-12-25T11:53:12.065761496Z | 78 | PC: 12be5 | Find first file (See above) |
| 2018-12-25T11:53:12.073017528Z | 79 | PC: 12aa9 | Find next file (See above) |
| 2018-12-25T11:53:12.076236426Z | 67 | PC: 12ab6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.08289882Z | 67 | PC: 12ac6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.097954417Z | 61 | PC: 12acf | Open file (See above) |
| 2018-12-25T11:53:12.111581536Z | 87 | PC: 12ad5 | Get or set file date and time (See above) |
| 2018-12-25T11:53:12.113542834Z | 63 | PC: 12aea | Read file or device (See above) |
| 2018-12-25T11:53:12.121956623Z | 66 | PC: 12b4c | Move file pointer (See above) |
| 2018-12-25T11:53:12.123861376Z | 64 | PC: 12b57 | Write file or device (See above) |
| 2018-12-25T11:53:12.12717412Z | 66 | PC: 12b5f | Move file pointer (See above) |
| 2018-12-25T11:53:12.129983775Z | 64 | PC: 12b6a | Write file or device (See above) |
| 2018-12-25T11:53:12.13965954Z | 87 | PC: 12b0c | Get or set file date and time (See above) |
| 2018-12-25T11:53:12.141707932Z | 67 | PC: 12b1a | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.154382431Z | 62 | PC: 12b1e | Close file (See above) |
| 2018-12-25T11:53:12.162702106Z | 78 | PC: 12bbd | Find first file (See above) |
| 2018-12-25T11:53:12.170383493Z | 78 | PC: 12be5 | Find first file (See above) |
| 2018-12-25T11:53:12.177377118Z | 78 | PC: 12bbd | Find first file (See above) |
| 2018-12-25T11:53:12.185205048Z | 78 | PC: 12be5 | Find first file (See above) |
| 2018-12-25T11:53:12.192027769Z | 59 | PC: 12b7d | Change current directory |
| 2018-12-25T11:53:12.194458375Z | 42 | PC: 12b81 | Get date 0x12b81: cmp dh, 0xa 0x12b84: jne 0x12b8d 0x12b86: cmp dl, 0x15 0x12b89: jne 0x12b8d 0x12b8b: jmp 0x12b9b 0x12b8d: ret 0x12b8e: mov ah, 0x3b 0x12b90: lea dx, word ptr [bp + 0x403] 0x12b94: int 0x21 0x12b96: jb 0x12b71 0x12b98: jmp 0x12a76 0x12b9b: mov al, 2 0x12b9d: mov cx, 0x29a 0x12ba0: mov dx, 0 0x12ba3: mov bx, 0x2bc 0x12ba6: int 0x26 0x12ba8: lea dx, word ptr [bp + 0x437] 0x12bac: mov ah, 9 0x12bae: int 0x21 0x12bb0: jmp 0x12bb0 |
{"DateBased":true,"Day":21,"Month":10,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4888,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:53:12.076424578Z | 26 | PC: 12a66 | Set disk transfer address |
| 2018-12-25T11:53:12.077876283Z | 71 | PC: 12a70 | Get current directory |
| 2018-12-25T11:53:12.08130024Z | 78 | PC: 12a86 | Find first file |
| 2018-12-25T11:53:12.08720765Z | 67 | PC: 12ab6 | Get or set file attributes |
| 2018-12-25T11:53:12.094883354Z | 67 | PC: 12ac6 | Get or set file attributes |
| 2018-12-25T11:53:12.110355058Z | 61 | PC: 12acf | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T11:53:12.116594654Z | 87 | PC: 12ad5 | Get or set file date and time |
| 2018-12-25T11:53:12.118982343Z | 63 | PC: 12aea | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T11:53:12.125154143Z | 66 | PC: 12b4c | Move file pointer |
| 2018-12-25T11:53:12.126272393Z | 64 | PC: 12b57 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T11:53:12.128401873Z | 66 | PC: 12b5f | Move file pointer |
| 2018-12-25T11:53:12.130827101Z | 64 | PC: 12b6a | Write file or device (Write 843 bytes on handle 5) |
| 2018-12-25T11:53:12.136712491Z | 87 | PC: 12b0c | Get or set file date and time |
| 2018-12-25T11:53:12.137815953Z | 67 | PC: 12b1a | Get or set file attributes |
| 2018-12-25T11:53:12.14924575Z | 62 | PC: 12b1e | Close file |
| 2018-12-25T11:53:12.156401119Z | 78 | PC: 12bbd | Find first file |
| 2018-12-25T11:53:12.161883879Z | 78 | PC: 12be5 | Find first file |
| 2018-12-25T11:53:12.165784772Z | 79 | PC: 12aa9 | Find next file |
| 2018-12-25T11:53:12.168250956Z | 67 | PC: 12ab6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.174402762Z | 67 | PC: 12ac6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.184670853Z | 61 | PC: 12acf | Open file (See above) |
| 2018-12-25T11:53:12.196214891Z | 87 | PC: 12ad5 | Get or set file date and time (See above) |
| 2018-12-25T11:53:12.198021456Z | 63 | PC: 12aea | Read file or device (See above) |
| 2018-12-25T11:53:12.205063724Z | 66 | PC: 12b4c | Move file pointer (See above) |
| 2018-12-25T11:53:12.206420358Z | 64 | PC: 12b57 | Write file or device (See above) |
| 2018-12-25T11:53:12.209042882Z | 66 | PC: 12b5f | Move file pointer (See above) |
| 2018-12-25T11:53:12.210820962Z | 64 | PC: 12b6a | Write file or device (See above) |
| 2018-12-25T11:53:12.222527741Z | 87 | PC: 12b0c | Get or set file date and time (See above) |
| 2018-12-25T11:53:12.223910221Z | 67 | PC: 12b1a | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.234915127Z | 62 | PC: 12b1e | Close file (See above) |
| 2018-12-25T11:53:12.242500296Z | 78 | PC: 12bbd | Find first file (See above) |
| 2018-12-25T11:53:12.248188894Z | 78 | PC: 12be5 | Find first file (See above) |
| 2018-12-25T11:53:12.254309277Z | 79 | PC: 12aa9 | Find next file (See above) |
| 2018-12-25T11:53:12.256725856Z | 67 | PC: 12ab6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.266869687Z | 67 | PC: 12ac6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.279105797Z | 61 | PC: 12acf | Open file (See above) |
| 2018-12-25T11:53:12.286039275Z | 87 | PC: 12ad5 | Get or set file date and time (See above) |
| 2018-12-25T11:53:12.287456597Z | 63 | PC: 12aea | Read file or device (See above) |
| 2018-12-25T11:53:12.297454085Z | 66 | PC: 12b4c | Move file pointer (See above) |
| 2018-12-25T11:53:12.299190733Z | 64 | PC: 12b57 | Write file or device (See above) |
| 2018-12-25T11:53:12.302071799Z | 66 | PC: 12b5f | Move file pointer (See above) |
| 2018-12-25T11:53:12.307945884Z | 64 | PC: 12b6a | Write file or device (See above) |
| 2018-12-25T11:53:12.315661425Z | 87 | PC: 12b0c | Get or set file date and time (See above) |
| 2018-12-25T11:53:12.317027117Z | 67 | PC: 12b1a | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.331440727Z | 62 | PC: 12b1e | Close file (See above) |
| 2018-12-25T11:53:12.338200772Z | 78 | PC: 12bbd | Find first file (See above) |
| 2018-12-25T11:53:12.343857286Z | 78 | PC: 12be5 | Find first file (See above) |
| 2018-12-25T11:53:12.350490196Z | 79 | PC: 12aa9 | Find next file (See above) |
| 2018-12-25T11:53:12.353234014Z | 67 | PC: 12ab6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.364323583Z | 67 | PC: 12ac6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.374846907Z | 61 | PC: 12acf | Open file (See above) |
| 2018-12-25T11:53:12.381631928Z | 87 | PC: 12ad5 | Get or set file date and time (See above) |
| 2018-12-25T11:53:12.383165424Z | 63 | PC: 12aea | Read file or device (See above) |
| 2018-12-25T11:53:12.390246265Z | 66 | PC: 12b4c | Move file pointer (See above) |
| 2018-12-25T11:53:12.391751503Z | 64 | PC: 12b57 | Write file or device (See above) |
| 2018-12-25T11:53:12.394832439Z | 66 | PC: 12b5f | Move file pointer (See above) |
| 2018-12-25T11:53:12.397332491Z | 64 | PC: 12b6a | Write file or device (See above) |
| 2018-12-25T11:53:12.405753716Z | 87 | PC: 12b0c | Get or set file date and time (See above) |
| 2018-12-25T11:53:12.407508468Z | 67 | PC: 12b1a | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.418617897Z | 62 | PC: 12b1e | Close file (See above) |
| 2018-12-25T11:53:12.425739264Z | 78 | PC: 12bbd | Find first file (See above) |
| 2018-12-25T11:53:12.431436648Z | 78 | PC: 12be5 | Find first file (See above) |
| 2018-12-25T11:53:12.437515305Z | 79 | PC: 12aa9 | Find next file (See above) |
| 2018-12-25T11:53:12.440853833Z | 67 | PC: 12ab6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.446702546Z | 67 | PC: 12ac6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.456701675Z | 61 | PC: 12acf | Open file (See above) |
| 2018-12-25T11:53:12.468662464Z | 87 | PC: 12ad5 | Get or set file date and time (See above) |
| 2018-12-25T11:53:12.470051288Z | 63 | PC: 12aea | Read file or device (See above) |
| 2018-12-25T11:53:12.476342489Z | 66 | PC: 12b4c | Move file pointer (See above) |
| 2018-12-25T11:53:12.478141563Z | 64 | PC: 12b57 | Write file or device (See above) |
| 2018-12-25T11:53:12.480782147Z | 66 | PC: 12b5f | Move file pointer (See above) |
| 2018-12-25T11:53:12.482215373Z | 64 | PC: 12b6a | Write file or device (See above) |
| 2018-12-25T11:53:12.491291856Z | 87 | PC: 12b0c | Get or set file date and time (See above) |
| 2018-12-25T11:53:12.49289832Z | 67 | PC: 12b1a | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.503977147Z | 62 | PC: 12b1e | Close file (See above) |
| 2018-12-25T11:53:12.511324671Z | 78 | PC: 12bbd | Find first file (See above) |
| 2018-12-25T11:53:12.517529241Z | 78 | PC: 12be5 | Find first file (See above) |
| 2018-12-25T11:53:12.523574162Z | 78 | PC: 12bbd | Find first file (See above) |
| 2018-12-25T11:53:12.535216235Z | 78 | PC: 12be5 | Find first file (See above) |
| 2018-12-25T11:53:12.544696639Z | 59 | PC: 12b7d | Change current directory |
| 2018-12-25T11:53:12.54610797Z | 42 | PC: 12b81 | Get date 0x12b81: cmp dh, 0xa 0x12b84: jne 0x12b8d 0x12b86: cmp dl, 0x15 0x12b89: jne 0x12b8d 0x12b8b: jmp 0x12b9b 0x12b8d: ret 0x12b8e: mov ah, 0x3b 0x12b90: lea dx, word ptr [bp + 0x403] 0x12b94: int 0x21 0x12b96: jb 0x12b71 0x12b98: jmp 0x12a76 0x12b9b: mov al, 2 0x12b9d: mov cx, 0x29a 0x12ba0: mov dx, 0 0x12ba3: mov bx, 0x2bc 0x12ba6: int 0x26 0x12ba8: lea dx, word ptr [bp + 0x437] 0x12bac: mov ah, 9 0x12bae: int 0x21 0x12bb0: jmp 0x12bb0 |
| 2018-12-25T11:53:12.548464838Z | 9 | PC: 12bb0 | Display string (String= 'Happy Birthday Freaky!') |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4888,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:53:12.197277947Z | 26 | PC: 12a66 | Set disk transfer address |
| 2018-12-25T11:53:12.198935965Z | 71 | PC: 12a70 | Get current directory |
| 2018-12-25T11:53:12.200769488Z | 78 | PC: 12a86 | Find first file |
| 2018-12-25T11:53:12.204435908Z | 67 | PC: 12ab6 | Get or set file attributes |
| 2018-12-25T11:53:12.208038469Z | 67 | PC: 12ac6 | Get or set file attributes |
| 2018-12-25T11:53:12.22300177Z | 61 | PC: 12acf | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T11:53:12.234404148Z | 87 | PC: 12ad5 | Get or set file date and time |
| 2018-12-25T11:53:12.235847725Z | 63 | PC: 12aea | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T11:53:12.242935375Z | 66 | PC: 12b4c | Move file pointer |
| 2018-12-25T11:53:12.244132849Z | 64 | PC: 12b57 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T11:53:12.246549826Z | 66 | PC: 12b5f | Move file pointer |
| 2018-12-25T11:53:12.24884578Z | 64 | PC: 12b6a | Write file or device (Write 843 bytes on handle 5) |
| 2018-12-25T11:53:12.25688088Z | 87 | PC: 12b0c | Get or set file date and time |
| 2018-12-25T11:53:12.258308331Z | 67 | PC: 12b1a | Get or set file attributes |
| 2018-12-25T11:53:12.26880668Z | 62 | PC: 12b1e | Close file |
| 2018-12-25T11:53:12.275468317Z | 78 | PC: 12bbd | Find first file |
| 2018-12-25T11:53:12.28101667Z | 78 | PC: 12be5 | Find first file |
| 2018-12-25T11:53:12.287380942Z | 79 | PC: 12aa9 | Find next file |
| 2018-12-25T11:53:12.290212269Z | 67 | PC: 12ab6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.300625931Z | 67 | PC: 12ac6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.313907179Z | 61 | PC: 12acf | Open file (See above) |
| 2018-12-25T11:53:12.320628232Z | 87 | PC: 12ad5 | Get or set file date and time (See above) |
| 2018-12-25T11:53:12.321810638Z | 63 | PC: 12aea | Read file or device (See above) |
| 2018-12-25T11:53:12.328486877Z | 66 | PC: 12b4c | Move file pointer (See above) |
| 2018-12-25T11:53:12.329816361Z | 64 | PC: 12b57 | Write file or device (See above) |
| 2018-12-25T11:53:12.332294266Z | 66 | PC: 12b5f | Move file pointer (See above) |
| 2018-12-25T11:53:12.334214807Z | 64 | PC: 12b6a | Write file or device (See above) |
| 2018-12-25T11:53:12.341884677Z | 87 | PC: 12b0c | Get or set file date and time (See above) |
| 2018-12-25T11:53:12.343280127Z | 67 | PC: 12b1a | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.355206412Z | 62 | PC: 12b1e | Close file (See above) |
| 2018-12-25T11:53:12.362149232Z | 78 | PC: 12bbd | Find first file (See above) |
| 2018-12-25T11:53:12.367946651Z | 78 | PC: 12be5 | Find first file (See above) |
| 2018-12-25T11:53:12.379398575Z | 79 | PC: 12aa9 | Find next file (See above) |
| 2018-12-25T11:53:12.381928141Z | 67 | PC: 12ab6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.387399722Z | 67 | PC: 12ac6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.396947405Z | 61 | PC: 12acf | Open file (See above) |
| 2018-12-25T11:53:12.403424509Z | 87 | PC: 12ad5 | Get or set file date and time (See above) |
| 2018-12-25T11:53:12.404687599Z | 63 | PC: 12aea | Read file or device (See above) |
| 2018-12-25T11:53:12.411323513Z | 66 | PC: 12b4c | Move file pointer (See above) |
| 2018-12-25T11:53:12.412525638Z | 64 | PC: 12b57 | Write file or device (See above) |
| 2018-12-25T11:53:12.414911182Z | 66 | PC: 12b5f | Move file pointer (See above) |
| 2018-12-25T11:53:12.416052104Z | 64 | PC: 12b6a | Write file or device (See above) |
| 2018-12-25T11:53:12.42377116Z | 87 | PC: 12b0c | Get or set file date and time (See above) |
| 2018-12-25T11:53:12.425300619Z | 67 | PC: 12b1a | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.435404273Z | 62 | PC: 12b1e | Close file (See above) |
| 2018-12-25T11:53:12.444612277Z | 78 | PC: 12bbd | Find first file (See above) |
| 2018-12-25T11:53:12.44975706Z | 78 | PC: 12be5 | Find first file (See above) |
| 2018-12-25T11:53:12.455542048Z | 79 | PC: 12aa9 | Find next file (See above) |
| 2018-12-25T11:53:12.458479532Z | 67 | PC: 12ab6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.462935148Z | 67 | PC: 12ac6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.473249943Z | 61 | PC: 12acf | Open file (See above) |
| 2018-12-25T11:53:12.4886517Z | 87 | PC: 12ad5 | Get or set file date and time (See above) |
| 2018-12-25T11:53:12.48998234Z | 63 | PC: 12aea | Read file or device (See above) |
| 2018-12-25T11:53:12.494619359Z | 66 | PC: 12b4c | Move file pointer (See above) |
| 2018-12-25T11:53:12.496070453Z | 64 | PC: 12b57 | Write file or device (See above) |
| 2018-12-25T11:53:12.497934289Z | 66 | PC: 12b5f | Move file pointer (See above) |
| 2018-12-25T11:53:12.498985949Z | 64 | PC: 12b6a | Write file or device (See above) |
| 2018-12-25T11:53:12.505254829Z | 87 | PC: 12b0c | Get or set file date and time (See above) |
| 2018-12-25T11:53:12.506600393Z | 67 | PC: 12b1a | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.513477622Z | 62 | PC: 12b1e | Close file (See above) |
| 2018-12-25T11:53:12.519616073Z | 78 | PC: 12bbd | Find first file (See above) |
| 2018-12-25T11:53:12.525480963Z | 78 | PC: 12be5 | Find first file (See above) |
| 2018-12-25T11:53:12.531135071Z | 79 | PC: 12aa9 | Find next file (See above) |
| 2018-12-25T11:53:12.534400656Z | 67 | PC: 12ab6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.544415715Z | 67 | PC: 12ac6 | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.55635982Z | 61 | PC: 12acf | Open file (See above) |
| 2018-12-25T11:53:12.568640452Z | 87 | PC: 12ad5 | Get or set file date and time (See above) |
| 2018-12-25T11:53:12.570314536Z | 63 | PC: 12aea | Read file or device (See above) |
| 2018-12-25T11:53:12.577049424Z | 66 | PC: 12b4c | Move file pointer (See above) |
| 2018-12-25T11:53:12.579343228Z | 64 | PC: 12b57 | Write file or device (See above) |
| 2018-12-25T11:53:12.582568919Z | 66 | PC: 12b5f | Move file pointer (See above) |
| 2018-12-25T11:53:12.584163406Z | 64 | PC: 12b6a | Write file or device (See above) |
| 2018-12-25T11:53:12.592369755Z | 87 | PC: 12b0c | Get or set file date and time (See above) |
| 2018-12-25T11:53:12.595007843Z | 67 | PC: 12b1a | Get or set file attributes (See above) |
| 2018-12-25T11:53:12.605758132Z | 62 | PC: 12b1e | Close file (See above) |
| 2018-12-25T11:53:12.613183695Z | 78 | PC: 12bbd | Find first file (See above) |
| 2018-12-25T11:53:12.619828396Z | 78 | PC: 12be5 | Find first file (See above) |
| 2018-12-25T11:53:12.625350066Z | 78 | PC: 12bbd | Find first file (See above) |
| 2018-12-25T11:53:12.636042505Z | 78 | PC: 12be5 | Find first file (See above) |
| 2018-12-25T11:53:12.643174276Z | 59 | PC: 12b7d | Change current directory |
| 2018-12-25T11:53:12.645151406Z | 42 | PC: 12b81 | Get date 0x12b81: cmp dh, 0xa 0x12b84: jne 0x12b8d 0x12b86: cmp dl, 0x15 0x12b89: jne 0x12b8d 0x12b8b: jmp 0x12b9b 0x12b8d: ret 0x12b8e: mov ah, 0x3b 0x12b90: lea dx, word ptr [bp + 0x403] 0x12b94: int 0x21 0x12b96: jb 0x12b71 0x12b98: jmp 0x12a76 0x12b9b: mov al, 2 0x12b9d: mov cx, 0x29a 0x12ba0: mov dx, 0 0x12ba3: mov bx, 0x2bc 0x12ba6: int 0x26 0x12ba8: lea dx, word ptr [bp + 0x437] 0x12bac: mov ah, 9 0x12bae: int 0x21 0x12bb0: jmp 0x12bb0 |