Sample viewer

vx.netlux.org/Virus.DOS.Sypec.2850

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:28:34.407397967Z 245 PC: 1675e | UNKNOWN!
2018-12-17T22:28:34.408477086Z 53 PC: 1676b | Get interrupt vector (Interrupt = '32' AKA 'Reserved')
2018-12-17T22:28:34.4112705Z 53 PC: 16778 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:28:34.412340206Z 98 PC: 16785 | Get current PSP
2018-12-17T22:28:34.413748102Z 37 PC: 170d5 | Set interrupt vector (Interrupt = '32' AKA 'Reserved')
2018-12-17T22:28:34.414913173Z 37 PC: 170dd | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:28:34.420119538Z 42 PC: 9f87a | Get date 0x9f87a: cmp cx, 0x7cb
0x9f87e: jl 0x9f8d6
0x9f880: cmp dl, 0xf
0x9f883: jne 0x9f8d6
0x9f885: mov ah, 0x2c
0x9f887: pushf
0x9f888: lcall ptr cs:[bp - 0x66]
0x9f88c: and cx, 0xff02
0x9f890: cmp cx, 0xc00
0x9f894: jne 0x9f8d6
0x9f896: cmp byte ptr cs:[bp - 0x46], 0
0x9f89b: jne 0x9f8db
0x9f89d: mov byte ptr cs:[bp - 0x46], 0xff
0x9f8a2: mov ah, 0xf
0x9f8a4: int 0x10
0x9f8a6: push ax
0x9f8a7: mov ax, 2
0x9f8aa: int 0x10
0x9f8ac: push es
0x9f8ad: push cs
2018-12-17T22:28:34.421711141Z 99 PC: 15209 | Get DBCS lead byte table pointer
2018-12-17T22:28:34.424367111Z 42 PC: 9f87a | Get date 0x9f87a: cmp cx, 0x7cb
0x9f87e: jl 0x9f8d6
0x9f880: cmp dl, 0xf
0x9f883: jne 0x9f8d6
0x9f885: mov ah, 0x2c
0x9f887: pushf
0x9f888: lcall ptr cs:[bp - 0x66]
0x9f88c: and cx, 0xff02
0x9f890: cmp cx, 0xc00
0x9f894: jne 0x9f8d6
0x9f896: cmp byte ptr cs:[bp - 0x46], 0
0x9f89b: jne 0x9f8db
0x9f89d: mov byte ptr cs:[bp - 0x46], 0xff
0x9f8a2: mov ah, 0xf
0x9f8a4: int 0x10
0x9f8a6: push ax
0x9f8a7: mov ax, 2
0x9f8aa: int 0x10
0x9f8ac: push es
0x9f8ad: push cs
2018-12-17T22:28:34.425837844Z 68 PC: 15223 | I/O control for devices (Set for = '')
2018-12-17T22:28:34.426803589Z 42 PC: 9f87a | Get date 0x9f87a: cmp cx, 0x7cb
0x9f87e: jl 0x9f8d6
0x9f880: cmp dl, 0xf
0x9f883: jne 0x9f8d6
0x9f885: mov ah, 0x2c
0x9f887: pushf
0x9f888: lcall ptr cs:[bp - 0x66]
0x9f88c: and cx, 0xff02
0x9f890: cmp cx, 0xc00
0x9f894: jne 0x9f8d6
0x9f896: cmp byte ptr cs:[bp - 0x46], 0
0x9f89b: jne 0x9f8db
0x9f89d: mov byte ptr cs:[bp - 0x46], 0xff
0x9f8a2: mov ah, 0xf
0x9f8a4: int 0x10
0x9f8a6: push ax
0x9f8a7: mov ax, 2
0x9f8aa: int 0x10
0x9f8ac: push es
0x9f8ad: push cs
2018-12-17T22:28:34.428644444Z 68 PC: 1522e | I/O control for devices (Set for = '')
2018-12-17T22:28:34.430376082Z 42 PC: 9f87a | Get date 0x9f87a: cmp cx, 0x7cb
0x9f87e: jl 0x9f8d6
0x9f880: cmp dl, 0xf
0x9f883: jne 0x9f8d6
0x9f885: mov ah, 0x2c
0x9f887: pushf
0x9f888: lcall ptr cs:[bp - 0x66]
0x9f88c: and cx, 0xff02
0x9f890: cmp cx, 0xc00
0x9f894: jne 0x9f8d6
0x9f896: cmp byte ptr cs:[bp - 0x46], 0
0x9f89b: jne 0x9f8db
0x9f89d: mov byte ptr cs:[bp - 0x46], 0xff
0x9f8a2: mov ah, 0xf
0x9f8a4: int 0x10
0x9f8a6: push ax
0x9f8a7: mov ax, 2
0x9f8aa: int 0x10
0x9f8ac: push es
0x9f8ad: push cs
2018-12-17T22:28:34.432364737Z 68 PC: 15239 | I/O control for devices (Set for = '')
2018-12-17T22:28:34.434093653Z 42 PC: 9f87a | Get date 0x9f87a: cmp cx, 0x7cb
0x9f87e: jl 0x9f8d6
0x9f880: cmp dl, 0xf
0x9f883: jne 0x9f8d6
0x9f885: mov ah, 0x2c
0x9f887: pushf
0x9f888: lcall ptr cs:[bp - 0x66]
0x9f88c: and cx, 0xff02
0x9f890: cmp cx, 0xc00
0x9f894: jne 0x9f8d6
0x9f896: cmp byte ptr cs:[bp - 0x46], 0
0x9f89b: jne 0x9f8db
0x9f89d: mov byte ptr cs:[bp - 0x46], 0xff
0x9f8a2: mov ah, 0xf
0x9f8a4: int 0x10
0x9f8a6: push ax
0x9f8a7: mov ax, 2
0x9f8aa: int 0x10
0x9f8ac: push es
0x9f8ad: push cs
2018-12-17T22:28:34.435637107Z 68 PC: 15241 | I/O control for devices (Set for = '��b���g�t�S3����[r�2��W�<t�<u�6�u����>��>W')
2018-12-17T22:28:34.436678542Z 42 PC: 9f87a | Get date 0x9f87a: cmp cx, 0x7cb
0x9f87e: jl 0x9f8d6
0x9f880: cmp dl, 0xf
0x9f883: jne 0x9f8d6
0x9f885: mov ah, 0x2c
0x9f887: pushf
0x9f888: lcall ptr cs:[bp - 0x66]
0x9f88c: and cx, 0xff02
0x9f890: cmp cx, 0xc00
0x9f894: jne 0x9f8d6
0x9f896: cmp byte ptr cs:[bp - 0x46], 0
0x9f89b: jne 0x9f8db
0x9f89d: mov byte ptr cs:[bp - 0x46], 0xff
0x9f8a2: mov ah, 0xf
0x9f8a4: int 0x10
0x9f8a6: push ax
0x9f8a7: mov ax, 2
0x9f8aa: int 0x10
0x9f8ac: push es
0x9f8ad: push cs
2018-12-17T22:28:34.439532511Z 48 PC: 15246 | Get DOS version
2018-12-17T22:28:34.440658232Z 42 PC: 9f87a | Get date 0x9f87a: cmp cx, 0x7cb
0x9f87e: jl 0x9f8d6
0x9f880: cmp dl, 0xf
0x9f883: jne 0x9f8d6
0x9f885: mov ah, 0x2c
0x9f887: pushf
0x9f888: lcall ptr cs:[bp - 0x66]
0x9f88c: and cx, 0xff02
0x9f890: cmp cx, 0xc00
0x9f894: jne 0x9f8d6
0x9f896: cmp byte ptr cs:[bp - 0x46], 0
0x9f89b: jne 0x9f8db
0x9f89d: mov byte ptr cs:[bp - 0x46], 0xff
0x9f8a2: mov ah, 0xf
0x9f8a4: int 0x10
0x9f8a6: push ax
0x9f8a7: mov ax, 2
0x9f8aa: int 0x10
0x9f8ac: push es
0x9f8ad: push cs
2018-12-17T22:28:34.442101204Z 53 PC: 12b72 | Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:28:34.445539799Z 42 PC: 9f87a | Get date 0x9f87a: cmp cx, 0x7cb
0x9f87e: jl 0x9f8d6
0x9f880: cmp dl, 0xf
0x9f883: jne 0x9f8d6
0x9f885: mov ah, 0x2c
0x9f887: pushf
0x9f888: lcall ptr cs:[bp - 0x66]
0x9f88c: and cx, 0xff02
0x9f890: cmp cx, 0xc00
0x9f894: jne 0x9f8d6
0x9f896: cmp byte ptr cs:[bp - 0x46], 0
0x9f89b: jne 0x9f8db
0x9f89d: mov byte ptr cs:[bp - 0x46], 0xff
0x9f8a2: mov ah, 0xf
0x9f8a4: int 0x10
0x9f8a6: push ax
0x9f8a7: mov ax, 2
0x9f8aa: int 0x10
0x9f8ac: push es
0x9f8ad: push cs
2018-12-17T22:28:34.447070546Z 53 PC: 12b81 | Get interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T22:28:34.44826911Z 42 PC: 9f87a | Get date 0x9f87a: cmp cx, 0x7cb
0x9f87e: jl 0x9f8d6
0x9f880: cmp dl, 0xf
0x9f883: jne 0x9f8d6
0x9f885: mov ah, 0x2c
0x9f887: pushf
0x9f888: lcall ptr cs:[bp - 0x66]
0x9f88c: and cx, 0xff02
0x9f890: cmp cx, 0xc00
0x9f894: jne 0x9f8d6
0x9f896: cmp byte ptr cs:[bp - 0x46], 0
0x9f89b: jne 0x9f8db
0x9f89d: mov byte ptr cs:[bp - 0x46], 0xff
0x9f8a2: mov ah, 0xf
0x9f8a4: int 0x10
0x9f8a6: push ax
0x9f8a7: mov ax, 2
0x9f8aa: int 0x10
0x9f8ac: push es
0x9f8ad: push cs
2018-12-17T22:28:34.450296328Z 81 PC: 12bb7 | Get current PSP
2018-12-17T22:28:34.45136983Z 42 PC: 9f87a | Get date 0x9f87a: cmp cx, 0x7cb
0x9f87e: jl 0x9f8d6
0x9f880: cmp dl, 0xf
0x9f883: jne 0x9f8d6
0x9f885: mov ah, 0x2c
0x9f887: pushf
0x9f888: lcall ptr cs:[bp - 0x66]
0x9f88c: and cx, 0xff02
0x9f890: cmp cx, 0xc00
0x9f894: jne 0x9f8d6
0x9f896: cmp byte ptr cs:[bp - 0x46], 0
0x9f89b: jne 0x9f8db
0x9f89d: mov byte ptr cs:[bp - 0x46], 0xff
0x9f8a2: mov ah, 0xf
0x9f8a4: int 0x10
0x9f8a6: push ax
0x9f8a7: mov ax, 2
0x9f8aa: int 0x10
0x9f8ac: push es
0x9f8ad: push cs
2018-12-17T22:28:34.452797656Z 37 PC: 12d4a | Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:28:34.453970701Z 42 PC: 9f87a | Get date 0x9f87a: cmp cx, 0x7cb
0x9f87e: jl 0x9f8d6
0x9f880: cmp dl, 0xf
0x9f883: jne 0x9f8d6
0x9f885: mov ah, 0x2c
0x9f887: pushf
0x9f888: lcall ptr cs:[bp - 0x66]
0x9f88c: and cx, 0xff02
0x9f890: cmp cx, 0xc00
0x9f894: jne 0x9f8d6
0x9f896: cmp byte ptr cs:[bp - 0x46], 0
0x9f89b: jne 0x9f8db
0x9f89d: mov byte ptr cs:[bp - 0x46], 0xff
0x9f8a2: mov ah, 0xf
0x9f8a4: int 0x10
0x9f8a6: push ax
0x9f8a7: mov ax, 2
0x9f8aa: int 0x10
0x9f8ac: push es
0x9f8ad: push cs
2018-12-17T22:28:34.455488286Z 53 PC: 12bcf | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:28:34.456351624Z 42 PC: 9f87a | Get date 0x9f87a: cmp cx, 0x7cb
0x9f87e: jl 0x9f8d6
0x9f880: cmp dl, 0xf
0x9f883: jne 0x9f8d6
0x9f885: mov ah, 0x2c
0x9f887: pushf
0x9f888: lcall ptr cs:[bp - 0x66]
0x9f88c: and cx, 0xff02
0x9f890: cmp cx, 0xc00
0x9f894: jne 0x9f8d6
0x9f896: cmp byte ptr cs:[bp - 0x46], 0
0x9f89b: jne 0x9f8db
0x9f89d: mov byte ptr cs:[bp - 0x46], 0xff
0x9f8a2: mov ah, 0xf
0x9f8a4: int 0x10
0x9f8a6: push ax
0x9f8a7: mov ax, 2
0x9f8aa: int 0x10
0x9f8ac: push es
0x9f8ad: push cs
2018-12-17T22:28:34.458211004Z 37 PC: 12be0 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:28:34.459079148Z 42 PC: 9f87a | Get date 0x9f87a: cmp cx, 0x7cb
0x9f87e: jl 0x9f8d6
0x9f880: cmp dl, 0xf
0x9f883: jne 0x9f8d6
0x9f885: mov ah, 0x2c
0x9f887: pushf
0x9f888: lcall ptr cs:[bp - 0x66]
0x9f88c: and cx, 0xff02
0x9f890: cmp cx, 0xc00
0x9f894: jne 0x9f8d6
0x9f896: cmp byte ptr cs:[bp - 0x46], 0
0x9f89b: jne 0x9f8db
0x9f89d: mov byte ptr cs:[bp - 0x46], 0xff
0x9f8a2: mov ah, 0xf
0x9f8a4: int 0x10
0x9f8a6: push ax
0x9f8a7: mov ax, 2
0x9f8aa: int 0x10
0x9f8ac: push es
0x9f8ad: push cs
2018-12-17T22:28:34.460535999Z 37 PC: 12be7 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:28:34.465760939Z 42 PC: 9f87a | Get date 0x9f87a: cmp cx, 0x7cb
0x9f87e: jl 0x9f8d6
0x9f880: cmp dl, 0xf
0x9f883: jne 0x9f8d6
0x9f885: mov ah, 0x2c
0x9f887: pushf
0x9f888: lcall ptr cs:[bp - 0x66]
0x9f88c: and cx, 0xff02
0x9f890: cmp cx, 0xc00
0x9f894: jne 0x9f8d6
0x9f896: cmp byte ptr cs:[bp - 0x46], 0
0x9f89b: jne 0x9f8db
0x9f89d: mov byte ptr cs:[bp - 0x46], 0xff
0x9f8a2: mov ah, 0xf
0x9f8a4: int 0x10
0x9f8a6: push ax
0x9f8a7: mov ax, 2
0x9f8aa: int 0x10
0x9f8ac: push es
0x9f8ad: push cs
2018-12-17T22:28:34.467871643Z 38 PC: 12a44 | Create PSP
2018-12-17T22:28:34.469120973Z 42 PC: 9f87a | Get date 0x9f87a: cmp cx, 0x7cb
0x9f87e: jl 0x9f8d6
0x9f880: cmp dl, 0xf
0x9f883: jne 0x9f8d6
0x9f885: mov ah, 0x2c
0x9f887: pushf
0x9f888: lcall ptr cs:[bp - 0x66]
0x9f88c: and cx, 0xff02
0x9f890: cmp cx, 0xc00
0x9f894: jne 0x9f8d6
0x9f896: cmp byte ptr cs:[bp - 0x46], 0
0x9f89b: jne 0x9f8db
0x9f89d: mov byte ptr cs:[bp - 0x46], 0xff
0x9f8a2: mov ah, 0xf
0x9f8a4: int 0x10
0x9f8a6: push ax
0x9f8a7: mov ax, 2
0x9f8aa: int 0x10
0x9f8ac: push es
0x9f8ad: push cs
2018-12-17T22:28:34.471321387Z 26 PC: 12c28 | Set disk transfer address
2018-12-17T22:28:34.472484305Z 42 PC: 9f87a | Get date 0x9f87a: cmp cx, 0x7cb
0x9f87e: jl 0x9f8d6
0x9f880: cmp dl, 0xf
0x9f883: jne 0x9f8d6
0x9f885: mov ah, 0x2c
0x9f887: pushf
0x9f888: lcall ptr cs:[bp - 0x66]
0x9f88c: and cx, 0xff02
0x9f890: cmp cx, 0xc00
0x9f894: jne 0x9f8d6
0x9f896: cmp byte ptr cs:[bp - 0x46], 0
0x9f89b: jne 0x9f8db
0x9f89d: mov byte ptr cs:[bp - 0x46], 0xff
0x9f8a2: mov ah, 0xf
0x9f8a4: int 0x10
0x9f8a6: push ax
0x9f8a7: mov ax, 2
0x9f8aa: int 0x10
0x9f8ac: push es
0x9f8ad: push cs
2018-12-17T22:28:34.474468072Z 99 PC: 12f8d | Get DBCS lead byte table pointer
2018-12-17T22:28:34.476230913Z 42 PC: 9f87a | Get date 0x9f87a: cmp cx, 0x7cb
0x9f87e: jl 0x9f8d6
0x9f880: cmp dl, 0xf
0x9f883: jne 0x9f8d6
0x9f885: mov ah, 0x2c
0x9f887: pushf
0x9f888: lcall ptr cs:[bp - 0x66]
0x9f88c: and cx, 0xff02
0x9f890: cmp cx, 0xc00
0x9f894: jne 0x9f8d6
0x9f896: cmp byte ptr cs:[bp - 0x46], 0
0x9f89b: jne 0x9f8db
0x9f89d: mov byte ptr cs:[bp - 0x46], 0xff
0x9f8a2: mov ah, 0xf
0x9f8a4: int 0x10
0x9f8a6: push ax
0x9f8a7: mov ax, 2
0x9f8aa: int 0x10
0x9f8ac: push es
0x9f8ad: push cs
2018-12-17T22:28:34.478241744Z 41 PC: 12cb5 | Parse filename
2018-12-17T22:28:34.479558802Z 42 PC: 9f87a | Get date 0x9f87a: cmp cx, 0x7cb
0x9f87e: jl 0x9f8d6
0x9f880: cmp dl, 0xf
0x9f883: jne 0x9f8d6
0x9f885: mov ah, 0x2c
0x9f887: pushf
0x9f888: lcall ptr cs:[bp - 0x66]
0x9f88c: and cx, 0xff02
0x9f890: cmp cx, 0xc00
0x9f894: jne 0x9f8d6
0x9f896: cmp byte ptr cs:[bp - 0x46], 0
0x9f89b: jne 0x9f8db
0x9f89d: mov byte ptr cs:[bp - 0x46], 0xff
0x9f8a2: mov ah, 0xf
0x9f8a4: int 0x10
0x9f8a6: push ax
0x9f8a7: mov ax, 2
0x9f8aa: int 0x10
0x9f8ac: push es
0x9f8ad: push cs
2018-12-17T22:28:34.482173416Z 55 PC: 13fab | Get or set switch character
2018-12-17T22:28:34.483117715Z 42 PC: 9f87a | Get date 0x9f87a: cmp cx, 0x7cb
0x9f87e: jl 0x9f8d6
0x9f880: cmp dl, 0xf
0x9f883: jne 0x9f8d6
0x9f885: mov ah, 0x2c
0x9f887: pushf
0x9f888: lcall ptr cs:[bp - 0x66]
0x9f88c: and cx, 0xff02
0x9f890: cmp cx, 0xc00
0x9f894: jne 0x9f8d6
0x9f896: cmp byte ptr cs:[bp - 0x46], 0
0x9f89b: jne 0x9f8db
0x9f89d: mov byte ptr cs:[bp - 0x46], 0xff
0x9f8a2: mov ah, 0xf
0x9f8a4: int 0x10
0x9f8a6: push ax
0x9f8a7: mov ax, 2
0x9f8aa: int 0x10
0x9f8ac: push es
0x9f8ad: push cs
2018-12-17T22:28:34.484633621Z 41 PC: 1358a | Parse filename
2018-12-17T22:28:34.486191234Z 42 PC: 9f87a | Get date 0x9f87a: cmp cx, 0x7cb
0x9f87e: jl 0x9f8d6
0x9f880: cmp dl, 0xf
0x9f883: jne 0x9f8d6
0x9f885: mov ah, 0x2c
0x9f887: pushf
0x9f888: lcall ptr cs:[bp - 0x66]
0x9f88c: and cx, 0xff02
0x9f890: cmp cx, 0xc00
0x9f894: jne 0x9f8d6
0x9f896: cmp byte ptr cs:[bp - 0x46], 0
0x9f89b: jne 0x9f8db
0x9f89d: mov byte ptr cs:[bp - 0x46], 0xff
0x9f8a2: mov ah, 0xf
0x9f8a4: int 0x10
0x9f8a6: push ax
0x9f8a7: mov ax, 2
0x9f8aa: int 0x10
0x9f8ac: push es
0x9f8ad: push cs
2018-12-17T22:28:34.487690346Z 55 PC: 13fab | Get or set switch character
2018-12-17T22:28:34.488590391Z 42 PC: 9f87a | Get date 0x9f87a: cmp cx, 0x7cb
0x9f87e: jl 0x9f8d6
0x9f880: cmp dl, 0xf
0x9f883: jne 0x9f8d6
0x9f885: mov ah, 0x2c
0x9f887: pushf
0x9f888: lcall ptr cs:[bp - 0x66]
0x9f88c: and cx, 0xff02
0x9f890: cmp cx, 0xc00
0x9f894: jne 0x9f8d6
0x9f896: cmp byte ptr cs:[bp - 0x46], 0
0x9f89b: jne 0x9f8db
0x9f89d: mov byte ptr cs:[bp - 0x46], 0xff
0x9f8a2: mov ah, 0xf
0x9f8a4: int 0x10
0x9f8a6: push ax
0x9f8a7: mov ax, 2
0x9f8aa: int 0x10
0x9f8ac: push es
0x9f8ad: push cs
2018-12-17T22:28:34.490833323Z 41 PC: 13598 | Parse filename
2018-12-17T22:28:34.492293929Z 42 PC: 9f87a | Get date 0x9f87a: cmp cx, 0x7cb
0x9f87e: jl 0x9f8d6
0x9f880: cmp dl, 0xf
0x9f883: jne 0x9f8d6
0x9f885: mov ah, 0x2c
0x9f887: pushf
0x9f888: lcall ptr cs:[bp - 0x66]
0x9f88c: and cx, 0xff02
0x9f890: cmp cx, 0xc00
0x9f894: jne 0x9f8d6
0x9f896: cmp byte ptr cs:[bp - 0x46], 0
0x9f89b: jne 0x9f8db
0x9f89d: mov byte ptr cs:[bp - 0x46], 0xff
0x9f8a2: mov ah, 0xf
0x9f8a4: int 0x10
0x9f8a6: push ax
0x9f8a7: mov ax, 2
0x9f8aa: int 0x10
0x9f8ac: push es
0x9f8ad: push cs
2018-12-17T22:28:34.494317385Z 64 PC: 1534b | Write file or device (Write 1 bytes on handle 1)
2018-12-17T22:28:34.496678717Z 42 PC: 9f87a | Get date 0x9f87a: cmp cx, 0x7cb
0x9f87e: jl 0x9f8d6
0x9f880: cmp dl, 0xf
0x9f883: jne 0x9f8d6
0x9f885: mov ah, 0x2c
0x9f887: pushf
0x9f888: lcall ptr cs:[bp - 0x66]
0x9f88c: and cx, 0xff02
0x9f890: cmp cx, 0xc00
0x9f894: jne 0x9f8d6
0x9f896: cmp byte ptr cs:[bp - 0x46], 0
0x9f89b: jne 0x9f8db
0x9f89d: mov byte ptr cs:[bp - 0x46], 0xff
0x9f8a2: mov ah, 0xf
0x9f8a4: int 0x10
0x9f8a6: push ax
0x9f8a7: mov ax, 2
0x9f8aa: int 0x10
0x9f8ac: push es
0x9f8ad: push cs
2018-12-17T22:28:34.498128416Z 10 PC: 12eca | Buffered keyboard input

{"DateBased":true,"Day":15,"Month":1,"Year":1995,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":5092,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:53:41.250976693Z 245 PC: 1675e | UNKNOWN!
2018-12-25T11:53:41.252054202Z 53 PC: 1676b | Get interrupt vector (Interrupt = '32' AKA 'Reserved')
2018-12-25T11:53:41.253340129Z 53 PC: 16778 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:53:41.254590253Z 98 PC: 16785 | Get current PSP
2018-12-25T11:53:41.256727609Z 37 PC: 170d5 | Set interrupt vector (Interrupt = '32' AKA 'Reserved')
2018-12-25T11:53:41.257786774Z 37 PC: 170dd | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:53:41.282736799Z 42 PC: 9f87a | Get date 0x9f87a: cmp cx, 0x7cb
0x9f87e: jl 0x9f8d6
0x9f880: cmp dl, 0xf
0x9f883: jne 0x9f8d6
0x9f885: mov ah, 0x2c
0x9f887: pushf
0x9f888: lcall ptr cs:[bp - 0x66]
0x9f88c: and cx, 0xff02
0x9f890: cmp cx, 0xc00
0x9f894: jne 0x9f8d6
0x9f896: cmp byte ptr cs:[bp - 0x46], 0
0x9f89b: jne 0x9f8db
0x9f89d: mov byte ptr cs:[bp - 0x46], 0xff
0x9f8a2: mov ah, 0xf
0x9f8a4: int 0x10
0x9f8a6: push ax
0x9f8a7: mov ax, 2
0x9f8aa: int 0x10
0x9f8ac: push es
0x9f8ad: push cs
2018-12-25T11:53:41.28614366Z 44 PC: 9f88c | Get time 0x9f88c: and cx, 0xff02
0x9f890: cmp cx, 0xc00
0x9f894: jne 0x9f8d6
0x9f896: cmp byte ptr cs:[bp - 0x46], 0
0x9f89b: jne 0x9f8db
0x9f89d: mov byte ptr cs:[bp - 0x46], 0xff
0x9f8a2: mov ah, 0xf
0x9f8a4: int 0x10
0x9f8a6: push ax
0x9f8a7: mov ax, 2
0x9f8aa: int 0x10
0x9f8ac: push es
0x9f8ad: push cs
0x9f8ae: pop es
0x9f8af: mov ax, 0x1301
0x9f8b2: mov cx, 0x10
0x9f8b5: push cx
0x9f8b6: mov dx, 0x520
0x9f8b9: mov cx, 0x1d
0x9f8bc: mov bp, si
2018-12-25T11:53:41.288268943Z 99 PC: 15209 | Get DBCS lead byte table pointer
2018-12-25T11:53:41.289481937Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:41.292172185Z 44 PC: 9f88c | Get time (See above)
2018-12-25T11:53:41.295076583Z 68 PC: 15223 | I/O control for devices (Set for = '')
2018-12-25T11:53:41.297187129Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:41.300075112Z 44 PC: 9f88c | Get time (See above)
2018-12-25T11:53:41.303202705Z 68 PC: 1522e | I/O control for devices (Set for = '')
2018-12-25T11:53:41.305449049Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:41.308729028Z 44 PC: 9f88c | Get time (See above)
2018-12-25T11:53:41.311313391Z 68 PC: 15239 | I/O control for devices (Set for = '')
2018-12-25T11:53:41.312977885Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:41.315323939Z 44 PC: 9f88c | Get time (See above)
2018-12-25T11:53:41.317719556Z 68 PC: 15241 | I/O control for devices (Set for = '��b���g�t�S3����[r�2��W�<t�<u�6�u����>��>W')
2018-12-25T11:53:41.319924662Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:41.322030119Z 44 PC: 9f88c | Get time (See above)
2018-12-25T11:53:41.324182378Z 48 PC: 15246 | Get DOS version
2018-12-25T11:53:41.325977107Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:41.327941299Z 44 PC: 9f88c | Get time (See above)
2018-12-25T11:53:41.329980826Z 53 PC: 12b72 | Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T11:53:41.331940115Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:41.333763611Z 44 PC: 9f88c | Get time (See above)
2018-12-25T11:53:41.33578865Z 53 PC: 12b81 | Get interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-25T11:53:41.341937675Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:41.344155727Z 44 PC: 9f88c | Get time (See above)
2018-12-25T11:53:41.346248605Z 81 PC: 12bb7 | Get current PSP
2018-12-25T11:53:41.347419825Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:41.364301786Z 44 PC: 9f88c | Get time (See above)
2018-12-25T11:53:41.366951034Z 37 PC: 12d4a | Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-25T11:53:41.373964805Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:41.376045427Z 44 PC: 9f88c | Get time (See above)
2018-12-25T11:53:41.378170534Z 53 PC: 12bcf | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:53:41.38054485Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:41.382675376Z 44 PC: 9f88c | Get time (See above)
2018-12-25T11:53:41.384785767Z 37 PC: 12be0 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:53:41.387172913Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:41.389208427Z 44 PC: 9f88c | Get time (See above)
2018-12-25T11:53:41.391282041Z 37 PC: 12be7 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-25T11:53:41.399693126Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:41.402279496Z 44 PC: 9f88c | Get time (See above)
2018-12-25T11:53:41.404783016Z 38 PC: 12a44 | Create PSP
2018-12-25T11:53:41.407539823Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:41.4096742Z 44 PC: 9f88c | Get time (See above)
2018-12-25T11:53:41.411755535Z 26 PC: 12c28 | Set disk transfer address
2018-12-25T11:53:41.41384381Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:41.416161437Z 44 PC: 9f88c | Get time (See above)
2018-12-25T11:53:41.419158636Z 99 PC: 12f8d | Get DBCS lead byte table pointer
2018-12-25T11:53:41.421152309Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:41.423661007Z 44 PC: 9f88c | Get time (See above)
2018-12-25T11:53:41.425644305Z 41 PC: 12cb5 | Parse filename
2018-12-25T11:53:41.427213224Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:41.429790899Z 44 PC: 9f88c | Get time (See above)
2018-12-25T11:53:41.432051058Z 55 PC: 13fab | Get or set switch character
2018-12-25T11:53:41.433482977Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:41.436259702Z 44 PC: 9f88c | Get time (See above)
2018-12-25T11:53:41.438342308Z 41 PC: 1358a | Parse filename
2018-12-25T11:53:41.440069838Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:41.443122432Z 44 PC: 9f88c | Get time (See above)
2018-12-25T11:53:41.445186894Z 55 PC: 13fab | Get or set switch character (See above)
2018-12-25T11:53:41.446390728Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:41.449709651Z 44 PC: 9f88c | Get time (See above)
2018-12-25T11:53:41.451779207Z 41 PC: 13598 | Parse filename
2018-12-25T11:53:41.45438129Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:41.457034447Z 44 PC: 9f88c | Get time (See above)
2018-12-25T11:53:41.459443972Z 64 PC: 1534b | Write file or device (Write 1 bytes on handle 1)
2018-12-25T11:53:41.461672097Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:41.463423741Z 44 PC: 9f88c | Get time (See above)
2018-12-25T11:53:41.464855407Z 10 PC: 12eca | Buffered keyboard input

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":5092,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:53:42.48601421Z 245 PC: 1675e | UNKNOWN!
2018-12-25T11:53:42.488100333Z 53 PC: 1676b | Get interrupt vector (Interrupt = '32' AKA 'Reserved')
2018-12-25T11:53:42.489503304Z 53 PC: 16778 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:53:42.490810982Z 98 PC: 16785 | Get current PSP
2018-12-25T11:53:42.492455589Z 37 PC: 170d5 | Set interrupt vector (Interrupt = '32' AKA 'Reserved')
2018-12-25T11:53:42.493605922Z 37 PC: 170dd | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:53:42.499443742Z 42 PC: 9f87a | Get date 0x9f87a: cmp cx, 0x7cb
0x9f87e: jl 0x9f8d6
0x9f880: cmp dl, 0xf
0x9f883: jne 0x9f8d6
0x9f885: mov ah, 0x2c
0x9f887: pushf
0x9f888: lcall ptr cs:[bp - 0x66]
0x9f88c: and cx, 0xff02
0x9f890: cmp cx, 0xc00
0x9f894: jne 0x9f8d6
0x9f896: cmp byte ptr cs:[bp - 0x46], 0
0x9f89b: jne 0x9f8db
0x9f89d: mov byte ptr cs:[bp - 0x46], 0xff
0x9f8a2: mov ah, 0xf
0x9f8a4: int 0x10
0x9f8a6: push ax
0x9f8a7: mov ax, 2
0x9f8aa: int 0x10
0x9f8ac: push es
0x9f8ad: push cs
2018-12-25T11:53:42.501469192Z 99 PC: 15209 | Get DBCS lead byte table pointer
2018-12-25T11:53:42.503308628Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.505271046Z 68 PC: 15223 | I/O control for devices (Set for = '')
2018-12-25T11:53:42.506638112Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.51232077Z 68 PC: 1522e | I/O control for devices (Set for = '')
2018-12-25T11:53:42.51403908Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.516828352Z 68 PC: 15239 | I/O control for devices (Set for = '')
2018-12-25T11:53:42.528571359Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.530916937Z 68 PC: 15241 | I/O control for devices (Set for = '��b���g�t�S3����[r�2��W�<t�<u�6�u����>��>W')
2018-12-25T11:53:42.533009926Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.536844867Z 48 PC: 15246 | Get DOS version
2018-12-25T11:53:42.538322364Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.540880047Z 53 PC: 12b72 | Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T11:53:42.543070712Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.545627859Z 53 PC: 12b81 | Get interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-25T11:53:42.547261787Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.550317527Z 81 PC: 12bb7 | Get current PSP
2018-12-25T11:53:42.552010458Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.554478475Z 37 PC: 12d4a | Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-25T11:53:42.556122068Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.559014497Z 53 PC: 12bcf | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:53:42.560420404Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.562616067Z 37 PC: 12be0 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:53:42.56441818Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.56687413Z 37 PC: 12be7 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-25T11:53:42.568006994Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.571156893Z 38 PC: 12a44 | Create PSP
2018-12-25T11:53:42.572672053Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.574864315Z 26 PC: 12c28 | Set disk transfer address
2018-12-25T11:53:42.576832789Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.579782623Z 99 PC: 12f8d | Get DBCS lead byte table pointer
2018-12-25T11:53:42.581051243Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.58431323Z 41 PC: 12cb5 | Parse filename
2018-12-25T11:53:42.58651739Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.588997051Z 55 PC: 13fab | Get or set switch character
2018-12-25T11:53:42.591266768Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.593714491Z 41 PC: 1358a | Parse filename
2018-12-25T11:53:42.595203838Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.598245221Z 55 PC: 13fab | Get or set switch character (See above)
2018-12-25T11:53:42.600276606Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.602582403Z 41 PC: 13598 | Parse filename
2018-12-25T11:53:42.604693853Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.608458884Z 64 PC: 1534b | Write file or device (Write 1 bytes on handle 1)
2018-12-25T11:53:42.612336331Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.615636598Z 10 PC: 12eca | Buffered keyboard input

{"DateBased":true,"Day":1,"Month":1,"Year":1995,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":5092,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:53:42.582045549Z 245 PC: 1675e | UNKNOWN!
2018-12-25T11:53:42.583503772Z 53 PC: 1676b | Get interrupt vector (Interrupt = '32' AKA 'Reserved')
2018-12-25T11:53:42.584503934Z 53 PC: 16778 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:53:42.585470524Z 98 PC: 16785 | Get current PSP
2018-12-25T11:53:42.587669974Z 37 PC: 170d5 | Set interrupt vector (Interrupt = '32' AKA 'Reserved')
2018-12-25T11:53:42.588721706Z 37 PC: 170dd | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:53:42.597734597Z 42 PC: 9f87a | Get date 0x9f87a: cmp cx, 0x7cb
0x9f87e: jl 0x9f8d6
0x9f880: cmp dl, 0xf
0x9f883: jne 0x9f8d6
0x9f885: mov ah, 0x2c
0x9f887: pushf
0x9f888: lcall ptr cs:[bp - 0x66]
0x9f88c: and cx, 0xff02
0x9f890: cmp cx, 0xc00
0x9f894: jne 0x9f8d6
0x9f896: cmp byte ptr cs:[bp - 0x46], 0
0x9f89b: jne 0x9f8db
0x9f89d: mov byte ptr cs:[bp - 0x46], 0xff
0x9f8a2: mov ah, 0xf
0x9f8a4: int 0x10
0x9f8a6: push ax
0x9f8a7: mov ax, 2
0x9f8aa: int 0x10
0x9f8ac: push es
0x9f8ad: push cs
2018-12-25T11:53:42.600313439Z 99 PC: 15209 | Get DBCS lead byte table pointer
2018-12-25T11:53:42.601557406Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.603878875Z 68 PC: 15223 | I/O control for devices (Set for = '')
2018-12-25T11:53:42.605957543Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.608009682Z 68 PC: 1522e | I/O control for devices (Set for = '')
2018-12-25T11:53:42.609487339Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.612146116Z 68 PC: 15239 | I/O control for devices (Set for = '')
2018-12-25T11:53:42.613643495Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.615675837Z 68 PC: 15241 | I/O control for devices (Set for = '��b���g�t�S3����[r�2��W�<t�<u�6�u����>��>W')
2018-12-25T11:53:42.617403113Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.619883661Z 48 PC: 15246 | Get DOS version
2018-12-25T11:53:42.621133218Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.623308458Z 53 PC: 12b72 | Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T11:53:42.63907916Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.642145965Z 53 PC: 12b81 | Get interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-25T11:53:42.643842186Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.647238089Z 81 PC: 12bb7 | Get current PSP
2018-12-25T11:53:42.648117574Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.65025615Z 37 PC: 12d4a | Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-25T11:53:42.652179918Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.654331142Z 53 PC: 12bcf | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:53:42.6556348Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.658551147Z 37 PC: 12be0 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:53:42.659543509Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.661402452Z 37 PC: 12be7 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-25T11:53:42.682409286Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.684578087Z 38 PC: 12a44 | Create PSP
2018-12-25T11:53:42.685857931Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.689022603Z 26 PC: 12c28 | Set disk transfer address
2018-12-25T11:53:42.690513293Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.692596183Z 99 PC: 12f8d | Get DBCS lead byte table pointer
2018-12-25T11:53:42.69479516Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.698188021Z 41 PC: 12cb5 | Parse filename
2018-12-25T11:53:42.699727482Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.702220131Z 55 PC: 13fab | Get or set switch character
2018-12-25T11:53:42.703930162Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.706083689Z 41 PC: 1358a | Parse filename
2018-12-25T11:53:42.707990693Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.71067613Z 55 PC: 13fab | Get or set switch character (See above)
2018-12-25T11:53:42.712312473Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.727961498Z 41 PC: 13598 | Parse filename
2018-12-25T11:53:42.730080386Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.734546016Z 64 PC: 1534b | Write file or device (Write 1 bytes on handle 1)
2018-12-25T11:53:42.742193153Z 42 PC: 9f87a | Get date (See above)
2018-12-25T11:53:42.745396688Z 10 PC: 12eca | Buffered keyboard input