{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":5043,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:53:31.869794397Z | 26 | PC: 12b35 | Set disk transfer address |
| 2018-12-25T11:53:31.87129638Z | 78 | PC: 12a83 | Find first file |
| 2018-12-25T11:53:31.877114365Z | 61 | PC: 12b3e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T11:53:31.883261058Z | 63 | PC: 12a9e | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-25T11:53:31.889879985Z | 62 | PC: 12aa2 | Close file |
| 2018-12-25T11:53:31.891245317Z | 67 | PC: 12b49 | Get or set file attributes |
| 2018-12-25T11:53:31.903156987Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:31.908585939Z | 64 | PC: 12af2 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T11:53:31.910523111Z | 66 | PC: 12b30 | Move file pointer |
| 2018-12-25T11:53:31.911764607Z | 44 | PC: 12afd | Get time 0x12afd: cmp dh, 0 0x12b00: je 0x12af9 0x12b02: mov byte ptr cs:[bp + 0x26e], dh 0x12b07: call 0x12b65 0x12b0a: mov ax, 0x5701 0x12b0d: mov cx, word ptr cs:[bp + 0x2a1] 0x12b12: mov dx, word ptr cs:[bp + 0x2a3] 0x12b17: int 0x21 0x12b19: mov ah, 0x3e 0x12b1b: int 0x21 0x12b1d: xor cx, cx 0x12b1f: mov cl, byte ptr cs:[bp + 0x2a0] 0x12b24: call 0x12b40 0x12b27: ret 0x12b28: mov ah, 0x42 0x12b2a: xor cx, cx 0x12b2c: xor dx, dx 0x12b2e: int 0x21 0x12b30: ret 0x12b31: mov ah, 0x1a |
| 2018-12-25T11:53:31.913968665Z | 64 | PC: 12bc2 | Write file or device (Write 364 bytes on handle 5) |
| 2018-12-25T11:53:31.91932419Z | 87 | PC: 12b19 | Get or set file date and time |
| 2018-12-25T11:53:31.920660848Z | 62 | PC: 12b1d | Close file |
| 2018-12-25T11:53:31.926067309Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:31.932275146Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T11:53:31.934745307Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:31.946361917Z | 63 | PC: 12a9e | Read file or device (See above) |
| 2018-12-25T11:53:31.953139986Z | 62 | PC: 12aa2 | Close file (See above) |
| 2018-12-25T11:53:31.955229892Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:31.965270353Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:31.972580021Z | 64 | PC: 12af2 | Write file or device (See above) |
| 2018-12-25T11:53:31.975513584Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T11:53:31.976902918Z | 44 | PC: 12afd | Get time (See above) |
| 2018-12-25T11:53:31.98024872Z | 64 | PC: 12bc2 | Write file or device (See above) |
| 2018-12-25T11:53:31.983305887Z | 87 | PC: 12b19 | Get or set file date and time (See above) |
| 2018-12-25T11:53:31.985026936Z | 62 | PC: 12b1d | Close file (See above) |
| 2018-12-25T11:53:31.998552053Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:32.00855277Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T11:53:32.011472496Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:32.01965751Z | 63 | PC: 12a9e | Read file or device (See above) |
| 2018-12-25T11:53:32.026175271Z | 62 | PC: 12aa2 | Close file (See above) |
| 2018-12-25T11:53:32.028280372Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:32.038817775Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:32.045971886Z | 64 | PC: 12af2 | Write file or device (See above) |
| 2018-12-25T11:53:32.048851548Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T11:53:32.050940834Z | 44 | PC: 12afd | Get time (See above) |
| 2018-12-25T11:53:32.053879693Z | 64 | PC: 12bc2 | Write file or device (See above) |
| 2018-12-25T11:53:32.056307277Z | 87 | PC: 12b19 | Get or set file date and time (See above) |
| 2018-12-25T11:53:32.064516366Z | 62 | PC: 12b1d | Close file (See above) |
| 2018-12-25T11:53:32.072393039Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:32.082093404Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T11:53:32.085608012Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:32.092811418Z | 63 | PC: 12a9e | Read file or device (See above) |
| 2018-12-25T11:53:32.099560707Z | 62 | PC: 12aa2 | Close file (See above) |
| 2018-12-25T11:53:32.10166055Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:32.112041575Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:32.11873452Z | 64 | PC: 12af2 | Write file or device (See above) |
| 2018-12-25T11:53:32.121699938Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T11:53:32.124154229Z | 44 | PC: 12afd | Get time (See above) |
| 2018-12-25T11:53:32.126728617Z | 64 | PC: 12bc2 | Write file or device (See above) |
| 2018-12-25T11:53:32.129754767Z | 87 | PC: 12b19 | Get or set file date and time (See above) |
| 2018-12-25T11:53:32.131844899Z | 62 | PC: 12b1d | Close file (See above) |
| 2018-12-25T11:53:32.139250503Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:32.148583853Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T11:53:32.151549643Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:32.158603931Z | 63 | PC: 12a9e | Read file or device (See above) |
| 2018-12-25T11:53:32.164699904Z | 62 | PC: 12aa2 | Close file (See above) |
| 2018-12-25T11:53:32.167120021Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:32.17139676Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:32.176140174Z | 64 | PC: 12af2 | Write file or device (See above) |
| 2018-12-25T11:53:32.1803548Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T11:53:32.181930458Z | 44 | PC: 12afd | Get time (See above) |
| 2018-12-25T11:53:32.184472361Z | 64 | PC: 12bc2 | Write file or device (See above) |
| 2018-12-25T11:53:32.194881451Z | 87 | PC: 12b19 | Get or set file date and time (See above) |
| 2018-12-25T11:53:32.196345691Z | 62 | PC: 12b1d | Close file (See above) |
| 2018-12-25T11:53:32.19799504Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:32.202979371Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T11:53:32.205578703Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:32.211824196Z | 63 | PC: 12a9e | Read file or device (See above) |
| 2018-12-25T11:53:32.218472699Z | 62 | PC: 12aa2 | Close file (See above) |
| 2018-12-25T11:53:32.220924649Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:32.231041032Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:32.239048909Z | 64 | PC: 12af2 | Write file or device (See above) |
| 2018-12-25T11:53:32.242121005Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T11:53:32.243814996Z | 44 | PC: 12afd | Get time (See above) |
| 2018-12-25T11:53:32.247251613Z | 64 | PC: 12bc2 | Write file or device (See above) |
| 2018-12-25T11:53:32.255924259Z | 87 | PC: 12b19 | Get or set file date and time (See above) |
| 2018-12-25T11:53:32.25771319Z | 62 | PC: 12b1d | Close file (See above) |
| 2018-12-25T11:53:32.265733433Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:32.277370185Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T11:53:32.280492687Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:32.287752767Z | 63 | PC: 12a9e | Read file or device (See above) |
| 2018-12-25T11:53:32.294506212Z | 62 | PC: 12aa2 | Close file (See above) |
| 2018-12-25T11:53:32.296307701Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:32.306825988Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:32.314063542Z | 64 | PC: 12af2 | Write file or device (See above) |
| 2018-12-25T11:53:32.3168982Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T11:53:32.319442297Z | 44 | PC: 12afd | Get time (See above) |
| 2018-12-25T11:53:32.322788687Z | 64 | PC: 12bc2 | Write file or device (See above) |
| 2018-12-25T11:53:32.325713046Z | 87 | PC: 12b19 | Get or set file date and time (See above) |
| 2018-12-25T11:53:32.327986451Z | 62 | PC: 12b1d | Close file (See above) |
| 2018-12-25T11:53:32.335821688Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:32.347622421Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T11:53:32.350333935Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:32.357943897Z | 63 | PC: 12a9e | Read file or device (See above) |
| 2018-12-25T11:53:32.364240911Z | 62 | PC: 12aa2 | Close file (See above) |
| 2018-12-25T11:53:32.366055878Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T11:53:32.368811631Z | 9 | PC: 12a75 | Display string (String= 'Birgit [IVP] ') |
| 2018-12-25T11:53:32.377300323Z | 26 | PC: 12b35 | Set disk transfer address (See above) |
{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":1,"TimeBased":true,"OriginalID":5043,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:53:32.101073549Z | 26 | PC: 12b35 | Set disk transfer address |
| 2018-12-25T11:53:32.102941369Z | 78 | PC: 12a83 | Find first file |
| 2018-12-25T11:53:32.108766912Z | 61 | PC: 12b3e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T11:53:32.114999647Z | 63 | PC: 12a9e | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-25T11:53:32.121533782Z | 62 | PC: 12aa2 | Close file |
| 2018-12-25T11:53:32.123471525Z | 67 | PC: 12b49 | Get or set file attributes |
| 2018-12-25T11:53:32.144299027Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:32.160272489Z | 64 | PC: 12af2 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T11:53:32.163191235Z | 66 | PC: 12b30 | Move file pointer |
| 2018-12-25T11:53:32.164523457Z | 44 | PC: 12afd | Get time 0x12afd: cmp dh, 0 0x12b00: je 0x12af9 0x12b02: mov byte ptr cs:[bp + 0x26e], dh 0x12b07: call 0x12b65 0x12b0a: mov ax, 0x5701 0x12b0d: mov cx, word ptr cs:[bp + 0x2a1] 0x12b12: mov dx, word ptr cs:[bp + 0x2a3] 0x12b17: int 0x21 0x12b19: mov ah, 0x3e 0x12b1b: int 0x21 0x12b1d: xor cx, cx 0x12b1f: mov cl, byte ptr cs:[bp + 0x2a0] 0x12b24: call 0x12b40 0x12b27: ret 0x12b28: mov ah, 0x42 0x12b2a: xor cx, cx 0x12b2c: xor dx, dx 0x12b2e: int 0x21 0x12b30: ret 0x12b31: mov ah, 0x1a |
| 2018-12-25T11:53:32.167046018Z | 64 | PC: 12bc2 | Write file or device (Write 364 bytes on handle 5) |
| 2018-12-25T11:53:32.175969277Z | 87 | PC: 12b19 | Get or set file date and time |
| 2018-12-25T11:53:32.17783725Z | 62 | PC: 12b1d | Close file |
| 2018-12-25T11:53:32.185347533Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:32.195684467Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T11:53:32.198262058Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:32.204571808Z | 63 | PC: 12a9e | Read file or device (See above) |
| 2018-12-25T11:53:32.212187007Z | 62 | PC: 12aa2 | Close file (See above) |
| 2018-12-25T11:53:32.213948044Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:32.224117612Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:32.231729008Z | 64 | PC: 12af2 | Write file or device (See above) |
| 2018-12-25T11:53:32.234413233Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T11:53:32.235712948Z | 44 | PC: 12afd | Get time (See above) |
| 2018-12-25T11:53:32.242489987Z | 64 | PC: 12bc2 | Write file or device (See above) |
| 2018-12-25T11:53:32.24550452Z | 87 | PC: 12b19 | Get or set file date and time (See above) |
| 2018-12-25T11:53:32.247141855Z | 62 | PC: 12b1d | Close file (See above) |
| 2018-12-25T11:53:32.255685973Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:32.26544579Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T11:53:32.26802275Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:32.274875168Z | 63 | PC: 12a9e | Read file or device (See above) |
| 2018-12-25T11:53:32.285166895Z | 62 | PC: 12aa2 | Close file (See above) |
| 2018-12-25T11:53:32.287129715Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:32.299569649Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:32.305617247Z | 64 | PC: 12af2 | Write file or device (See above) |
| 2018-12-25T11:53:32.311687376Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T11:53:32.313754656Z | 44 | PC: 12afd | Get time (See above) |
| 2018-12-25T11:53:32.3160986Z | 64 | PC: 12bc2 | Write file or device (See above) |
| 2018-12-25T11:53:32.318646893Z | 87 | PC: 12b19 | Get or set file date and time (See above) |
| 2018-12-25T11:53:32.320167013Z | 62 | PC: 12b1d | Close file (See above) |
| 2018-12-25T11:53:32.327859384Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:32.33703761Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T11:53:32.339847036Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:32.345902327Z | 63 | PC: 12a9e | Read file or device (See above) |
| 2018-12-25T11:53:32.351665632Z | 62 | PC: 12aa2 | Close file (See above) |
| 2018-12-25T11:53:32.353384614Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:32.366193214Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:32.3728865Z | 64 | PC: 12af2 | Write file or device (See above) |
| 2018-12-25T11:53:32.379495696Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T11:53:32.381813838Z | 44 | PC: 12afd | Get time (See above) |
| 2018-12-25T11:53:32.384435569Z | 64 | PC: 12bc2 | Write file or device (See above) |
| 2018-12-25T11:53:32.387568352Z | 87 | PC: 12b19 | Get or set file date and time (See above) |
| 2018-12-25T11:53:32.389745498Z | 62 | PC: 12b1d | Close file (See above) |
| 2018-12-25T11:53:32.397217977Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:32.407027941Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T11:53:32.410605595Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:32.417600309Z | 63 | PC: 12a9e | Read file or device (See above) |
| 2018-12-25T11:53:32.42393073Z | 62 | PC: 12aa2 | Close file (See above) |
| 2018-12-25T11:53:32.427280311Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:32.431520863Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:32.437176575Z | 64 | PC: 12af2 | Write file or device (See above) |
| 2018-12-25T11:53:32.440950582Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T11:53:32.442274237Z | 44 | PC: 12afd | Get time (See above) |
| 2018-12-25T11:53:32.444546613Z | 64 | PC: 12bc2 | Write file or device (See above) |
| 2018-12-25T11:53:32.454455122Z | 87 | PC: 12b19 | Get or set file date and time (See above) |
| 2018-12-25T11:53:32.45593809Z | 62 | PC: 12b1d | Close file (See above) |
| 2018-12-25T11:53:32.457913807Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:32.463233643Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T11:53:32.466706892Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:32.473749391Z | 63 | PC: 12a9e | Read file or device (See above) |
| 2018-12-25T11:53:32.480417664Z | 62 | PC: 12aa2 | Close file (See above) |
| 2018-12-25T11:53:32.48319601Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:32.493740787Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:32.500484513Z | 64 | PC: 12af2 | Write file or device (See above) |
| 2018-12-25T11:53:32.505446827Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T11:53:32.507389394Z | 44 | PC: 12afd | Get time (See above) |
| 2018-12-25T11:53:32.510067676Z | 64 | PC: 12bc2 | Write file or device (See above) |
| 2018-12-25T11:53:32.519133068Z | 87 | PC: 12b19 | Get or set file date and time (See above) |
| 2018-12-25T11:53:32.520924674Z | 62 | PC: 12b1d | Close file (See above) |
| 2018-12-25T11:53:32.52858189Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:32.539053815Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T11:53:32.541611638Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:32.548315973Z | 63 | PC: 12a9e | Read file or device (See above) |
| 2018-12-25T11:53:32.566440188Z | 62 | PC: 12aa2 | Close file (See above) |
| 2018-12-25T11:53:32.568494833Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:32.579350406Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:32.586512783Z | 64 | PC: 12af2 | Write file or device (See above) |
| 2018-12-25T11:53:32.589860141Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T11:53:32.591774602Z | 44 | PC: 12afd | Get time (See above) |
| 2018-12-25T11:53:32.59529335Z | 64 | PC: 12bc2 | Write file or device (See above) |
| 2018-12-25T11:53:32.598480433Z | 87 | PC: 12b19 | Get or set file date and time (See above) |
| 2018-12-25T11:53:32.600730177Z | 62 | PC: 12b1d | Close file (See above) |
| 2018-12-25T11:53:32.609606399Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:32.619807125Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T11:53:32.622392722Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:32.630306783Z | 63 | PC: 12a9e | Read file or device (See above) |
| 2018-12-25T11:53:32.637985329Z | 62 | PC: 12aa2 | Close file (See above) |
| 2018-12-25T11:53:32.640483854Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T11:53:32.644107309Z | 9 | PC: 12a75 | Display string (String= 'Birgit [IVP] ') |
| 2018-12-25T11:53:32.651839668Z | 26 | PC: 12b35 | Set disk transfer address (See above) |
{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":5043,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:53:32.719603791Z | 26 | PC: 12b35 | Set disk transfer address |
| 2018-12-25T11:53:32.721247994Z | 78 | PC: 12a83 | Find first file |
| 2018-12-25T11:53:32.728178793Z | 61 | PC: 12b3e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T11:53:32.735645431Z | 63 | PC: 12a9e | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-25T11:53:32.74247019Z | 62 | PC: 12aa2 | Close file |
| 2018-12-25T11:53:32.744891572Z | 67 | PC: 12b49 | Get or set file attributes |
| 2018-12-25T11:53:32.765500264Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:32.776882163Z | 64 | PC: 12af2 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T11:53:32.785740552Z | 66 | PC: 12b30 | Move file pointer |
| 2018-12-25T11:53:32.787353987Z | 44 | PC: 12afd | Get time 0x12afd: cmp dh, 0 0x12b00: je 0x12af9 0x12b02: mov byte ptr cs:[bp + 0x26e], dh 0x12b07: call 0x12b65 0x12b0a: mov ax, 0x5701 0x12b0d: mov cx, word ptr cs:[bp + 0x2a1] 0x12b12: mov dx, word ptr cs:[bp + 0x2a3] 0x12b17: int 0x21 0x12b19: mov ah, 0x3e 0x12b1b: int 0x21 0x12b1d: xor cx, cx 0x12b1f: mov cl, byte ptr cs:[bp + 0x2a0] 0x12b24: call 0x12b40 0x12b27: ret 0x12b28: mov ah, 0x42 0x12b2a: xor cx, cx 0x12b2c: xor dx, dx 0x12b2e: int 0x21 0x12b30: ret 0x12b31: mov ah, 0x1a |
| 2018-12-25T11:53:32.789306551Z | 64 | PC: 12bc2 | Write file or device (Write 364 bytes on handle 5) |
| 2018-12-25T11:53:32.795666243Z | 87 | PC: 12b19 | Get or set file date and time |
| 2018-12-25T11:53:32.797097317Z | 62 | PC: 12b1d | Close file |
| 2018-12-25T11:53:32.802368019Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:32.812665378Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T11:53:32.815023631Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:32.819339082Z | 63 | PC: 12a9e | Read file or device (See above) |
| 2018-12-25T11:53:32.830523168Z | 62 | PC: 12aa2 | Close file (See above) |
| 2018-12-25T11:53:32.832049874Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:32.838836231Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:32.843481153Z | 64 | PC: 12af2 | Write file or device (See above) |
| 2018-12-25T11:53:32.846564877Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T11:53:32.847986873Z | 44 | PC: 12afd | Get time (See above) |
| 2018-12-25T11:53:32.851314948Z | 64 | PC: 12bc2 | Write file or device (See above) |
| 2018-12-25T11:53:32.869576355Z | 87 | PC: 12b19 | Get or set file date and time (See above) |
| 2018-12-25T11:53:32.881004643Z | 62 | PC: 12b1d | Close file (See above) |
| 2018-12-25T11:53:32.889632334Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:32.901304902Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T11:53:32.904711177Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:32.912393972Z | 63 | PC: 12a9e | Read file or device (See above) |
| 2018-12-25T11:53:32.921633809Z | 62 | PC: 12aa2 | Close file (See above) |
| 2018-12-25T11:53:32.923979947Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:32.935286326Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:32.943702164Z | 64 | PC: 12af2 | Write file or device (See above) |
| 2018-12-25T11:53:32.947178129Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T11:53:32.949146726Z | 44 | PC: 12afd | Get time (See above) |
| 2018-12-25T11:53:32.952386923Z | 64 | PC: 12bc2 | Write file or device (See above) |
| 2018-12-25T11:53:32.956779341Z | 87 | PC: 12b19 | Get or set file date and time (See above) |
| 2018-12-25T11:53:32.958819284Z | 62 | PC: 12b1d | Close file (See above) |
| 2018-12-25T11:53:32.967386812Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:32.979519327Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T11:53:32.983331176Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:32.990582973Z | 63 | PC: 12a9e | Read file or device (See above) |
| 2018-12-25T11:53:32.998718193Z | 62 | PC: 12aa2 | Close file (See above) |
| 2018-12-25T11:53:33.001115736Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:33.012570359Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:33.020984639Z | 64 | PC: 12af2 | Write file or device (See above) |
| 2018-12-25T11:53:33.024428762Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T11:53:33.026298881Z | 44 | PC: 12afd | Get time (See above) |
| 2018-12-25T11:53:33.029640753Z | 64 | PC: 12bc2 | Write file or device (See above) |
| 2018-12-25T11:53:33.033304917Z | 87 | PC: 12b19 | Get or set file date and time (See above) |
| 2018-12-25T11:53:33.035288223Z | 62 | PC: 12b1d | Close file (See above) |
| 2018-12-25T11:53:33.043731346Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:33.055643727Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T11:53:33.058986016Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:33.066627662Z | 63 | PC: 12a9e | Read file or device (See above) |
| 2018-12-25T11:53:33.074256205Z | 62 | PC: 12aa2 | Close file (See above) |
| 2018-12-25T11:53:33.080434793Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:33.085458945Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:33.091533378Z | 64 | PC: 12af2 | Write file or device (See above) |
| 2018-12-25T11:53:33.095092418Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T11:53:33.096810026Z | 44 | PC: 12afd | Get time (See above) |
| 2018-12-25T11:53:33.100745583Z | 64 | PC: 12bc2 | Write file or device (See above) |
| 2018-12-25T11:53:33.112802416Z | 87 | PC: 12b19 | Get or set file date and time (See above) |
| 2018-12-25T11:53:33.114785386Z | 62 | PC: 12b1d | Close file (See above) |
| 2018-12-25T11:53:33.119361717Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:33.1243705Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T11:53:33.127364811Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:33.135424281Z | 63 | PC: 12a9e | Read file or device (See above) |
| 2018-12-25T11:53:33.14271606Z | 62 | PC: 12aa2 | Close file (See above) |
| 2018-12-25T11:53:33.144980493Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:33.156005884Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:33.16393099Z | 64 | PC: 12af2 | Write file or device (See above) |
| 2018-12-25T11:53:33.167831687Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T11:53:33.169952763Z | 44 | PC: 12afd | Get time (See above) |
| 2018-12-25T11:53:33.174317484Z | 64 | PC: 12bc2 | Write file or device (See above) |
| 2018-12-25T11:53:33.184255899Z | 87 | PC: 12b19 | Get or set file date and time (See above) |
| 2018-12-25T11:53:33.186492068Z | 62 | PC: 12b1d | Close file (See above) |
| 2018-12-25T11:53:33.196035844Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:33.207716206Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T11:53:33.210976785Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:33.219410116Z | 63 | PC: 12a9e | Read file or device (See above) |
| 2018-12-25T11:53:33.226959265Z | 62 | PC: 12aa2 | Close file (See above) |
| 2018-12-25T11:53:33.229620255Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:33.241999653Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:33.251132315Z | 64 | PC: 12af2 | Write file or device (See above) |
| 2018-12-25T11:53:33.254803121Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T11:53:33.256959845Z | 44 | PC: 12afd | Get time (See above) |
| 2018-12-25T11:53:33.261208172Z | 64 | PC: 12bc2 | Write file or device (See above) |
| 2018-12-25T11:53:33.264943138Z | 87 | PC: 12b19 | Get or set file date and time (See above) |
| 2018-12-25T11:53:33.267042484Z | 62 | PC: 12b1d | Close file (See above) |
| 2018-12-25T11:53:33.275890626Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:33.286883525Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T11:53:33.289875188Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:33.298680983Z | 63 | PC: 12a9e | Read file or device (See above) |
| 2018-12-25T11:53:33.306030168Z | 62 | PC: 12aa2 | Close file (See above) |
| 2018-12-25T11:53:33.308276456Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T11:53:33.31315138Z | 9 | PC: 12a75 | Display string (String= 'Birgit [IVP] ') |
| 2018-12-25T11:53:33.323950164Z | 26 | PC: 12b35 | Set disk transfer address (See above) |
{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":1,"TimeBased":true,"OriginalID":5043,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:53:34.154551936Z | 26 | PC: 12b35 | Set disk transfer address |
| 2018-12-25T11:53:34.156918553Z | 78 | PC: 12a83 | Find first file |
| 2018-12-25T11:53:34.164167412Z | 61 | PC: 12b3e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T11:53:34.171772248Z | 63 | PC: 12a9e | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-25T11:53:34.178999052Z | 62 | PC: 12aa2 | Close file |
| 2018-12-25T11:53:34.181853936Z | 67 | PC: 12b49 | Get or set file attributes |
| 2018-12-25T11:53:34.202980493Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:34.210616766Z | 64 | PC: 12af2 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T11:53:34.219600084Z | 66 | PC: 12b30 | Move file pointer |
| 2018-12-25T11:53:34.221530811Z | 44 | PC: 12afd | Get time 0x12afd: cmp dh, 0 0x12b00: je 0x12af9 0x12b02: mov byte ptr cs:[bp + 0x26e], dh 0x12b07: call 0x12b65 0x12b0a: mov ax, 0x5701 0x12b0d: mov cx, word ptr cs:[bp + 0x2a1] 0x12b12: mov dx, word ptr cs:[bp + 0x2a3] 0x12b17: int 0x21 0x12b19: mov ah, 0x3e 0x12b1b: int 0x21 0x12b1d: xor cx, cx 0x12b1f: mov cl, byte ptr cs:[bp + 0x2a0] 0x12b24: call 0x12b40 0x12b27: ret 0x12b28: mov ah, 0x42 0x12b2a: xor cx, cx 0x12b2c: xor dx, dx 0x12b2e: int 0x21 0x12b30: ret 0x12b31: mov ah, 0x1a |
| 2018-12-25T11:53:34.224636932Z | 64 | PC: 12bc2 | Write file or device (Write 364 bytes on handle 5) |
| 2018-12-25T11:53:34.234345539Z | 87 | PC: 12b19 | Get or set file date and time |
| 2018-12-25T11:53:34.236026525Z | 62 | PC: 12b1d | Close file |
| 2018-12-25T11:53:34.244510661Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:34.255916896Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T11:53:34.258941717Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:34.266958429Z | 63 | PC: 12a9e | Read file or device (See above) |
| 2018-12-25T11:53:34.27426799Z | 62 | PC: 12aa2 | Close file (See above) |
| 2018-12-25T11:53:34.290081091Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:34.301160368Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:34.308706576Z | 64 | PC: 12af2 | Write file or device (See above) |
| 2018-12-25T11:53:34.321087761Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T11:53:34.322632357Z | 44 | PC: 12afd | Get time (See above) |
| 2018-12-25T11:53:34.32527258Z | 64 | PC: 12bc2 | Write file or device (See above) |
| 2018-12-25T11:53:34.32911009Z | 87 | PC: 12b19 | Get or set file date and time (See above) |
| 2018-12-25T11:53:34.331175341Z | 62 | PC: 12b1d | Close file (See above) |
| 2018-12-25T11:53:34.339634618Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:34.352026363Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T11:53:34.354142109Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:34.358652077Z | 63 | PC: 12a9e | Read file or device (See above) |
| 2018-12-25T11:53:34.366207855Z | 62 | PC: 12aa2 | Close file (See above) |
| 2018-12-25T11:53:34.368124076Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:34.378771887Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:34.386313857Z | 64 | PC: 12af2 | Write file or device (See above) |
| 2018-12-25T11:53:34.388529087Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T11:53:34.389837889Z | 44 | PC: 12afd | Get time (See above) |
| 2018-12-25T11:53:34.392316017Z | 64 | PC: 12bc2 | Write file or device (See above) |
| 2018-12-25T11:53:34.394447485Z | 87 | PC: 12b19 | Get or set file date and time (See above) |
| 2018-12-25T11:53:34.39570494Z | 62 | PC: 12b1d | Close file (See above) |
| 2018-12-25T11:53:34.401021301Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:34.409552882Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T11:53:34.411419492Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:34.416338294Z | 63 | PC: 12a9e | Read file or device (See above) |
| 2018-12-25T11:53:34.421351873Z | 62 | PC: 12aa2 | Close file (See above) |
| 2018-12-25T11:53:34.422773168Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:34.429388553Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:34.43441599Z | 64 | PC: 12af2 | Write file or device (See above) |
| 2018-12-25T11:53:34.436584371Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T11:53:34.437844288Z | 44 | PC: 12afd | Get time (See above) |
| 2018-12-25T11:53:34.440339441Z | 64 | PC: 12bc2 | Write file or device (See above) |
| 2018-12-25T11:53:34.442624215Z | 87 | PC: 12b19 | Get or set file date and time (See above) |
| 2018-12-25T11:53:34.444045185Z | 62 | PC: 12b1d | Close file (See above) |
| 2018-12-25T11:53:34.449994245Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:34.457139288Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T11:53:34.459126696Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:34.467574801Z | 63 | PC: 12a9e | Read file or device (See above) |
| 2018-12-25T11:53:34.471844017Z | 62 | PC: 12aa2 | Close file (See above) |
| 2018-12-25T11:53:34.473310126Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:34.479819807Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:34.485845986Z | 64 | PC: 12af2 | Write file or device (See above) |
| 2018-12-25T11:53:34.489005485Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T11:53:34.491021387Z | 44 | PC: 12afd | Get time (See above) |
| 2018-12-25T11:53:34.494105561Z | 64 | PC: 12bc2 | Write file or device (See above) |
| 2018-12-25T11:53:34.504522581Z | 87 | PC: 12b19 | Get or set file date and time (See above) |
| 2018-12-25T11:53:34.505959611Z | 62 | PC: 12b1d | Close file (See above) |
| 2018-12-25T11:53:34.508141879Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:34.51288961Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T11:53:34.519914259Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:34.528145917Z | 63 | PC: 12a9e | Read file or device (See above) |
| 2018-12-25T11:53:34.535314924Z | 62 | PC: 12aa2 | Close file (See above) |
| 2018-12-25T11:53:34.537366855Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:34.549333384Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:34.55755952Z | 64 | PC: 12af2 | Write file or device (See above) |
| 2018-12-25T11:53:34.560626498Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T11:53:34.562654494Z | 44 | PC: 12afd | Get time (See above) |
| 2018-12-25T11:53:34.565231545Z | 64 | PC: 12bc2 | Write file or device (See above) |
| 2018-12-25T11:53:34.574315549Z | 87 | PC: 12b19 | Get or set file date and time (See above) |
| 2018-12-25T11:53:34.576714665Z | 62 | PC: 12b1d | Close file (See above) |
| 2018-12-25T11:53:34.58546247Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:34.596751483Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T11:53:34.600567763Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:34.609140973Z | 63 | PC: 12a9e | Read file or device (See above) |
| 2018-12-25T11:53:34.617028505Z | 62 | PC: 12aa2 | Close file (See above) |
| 2018-12-25T11:53:34.619871862Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:34.630687122Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:34.638082985Z | 64 | PC: 12af2 | Write file or device (See above) |
| 2018-12-25T11:53:34.642067805Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T11:53:34.644266729Z | 44 | PC: 12afd | Get time (See above) |
| 2018-12-25T11:53:34.647282665Z | 64 | PC: 12bc2 | Write file or device (See above) |
| 2018-12-25T11:53:34.650673933Z | 87 | PC: 12b19 | Get or set file date and time (See above) |
| 2018-12-25T11:53:34.65356117Z | 62 | PC: 12b1d | Close file (See above) |
| 2018-12-25T11:53:34.661944265Z | 67 | PC: 12b49 | Get or set file attributes (See above) |
| 2018-12-25T11:53:34.673528661Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T11:53:34.67719597Z | 61 | PC: 12b3e | Open file (See above) |
| 2018-12-25T11:53:34.684409668Z | 63 | PC: 12a9e | Read file or device (See above) |
| 2018-12-25T11:53:34.693854359Z | 62 | PC: 12aa2 | Close file (See above) |
| 2018-12-25T11:53:34.696566067Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T11:53:34.699300873Z | 9 | PC: 12a75 | Display string (String= 'Birgit [IVP] ') |
| 2018-12-25T11:53:34.707935181Z | 26 | PC: 12b35 | Set disk transfer address (See above) |