{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":6201,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:58:48.72909462Z | 71 | PC: 12a65 | Get current directory |
| 2018-12-25T11:58:48.731908025Z | 26 | PC: 12a75 | Set disk transfer address |
| 2018-12-25T11:58:48.732897498Z | 78 | PC: 12c8c | Find first file |
| 2018-12-25T11:58:48.736665038Z | 61 | PC: 12a92 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T11:58:48.741282742Z | 66 | PC: 12aa9 | Move file pointer |
| 2018-12-25T11:58:48.742869958Z | 63 | PC: 12abf | Read file or device (Read 5 bytes on handle 5) |
| 2018-12-25T11:58:48.747702369Z | 66 | PC: 12ae9 | Move file pointer |
| 2018-12-25T11:58:48.748776581Z | 63 | PC: 12af9 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-25T11:58:48.750673697Z | 66 | PC: 12b07 | Move file pointer |
| 2018-12-25T11:58:48.751639846Z | 64 | PC: 12c28 | Write file or device (Write 821 bytes on handle 5) |
| 2018-12-25T11:58:48.762505213Z | 66 | PC: 12b1f | Move file pointer |
| 2018-12-25T11:58:48.763907752Z | 64 | PC: 12b2e | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T11:58:48.770183544Z | 59 | PC: 12b37 | Change current directory |
| 2018-12-25T11:58:48.774327773Z | 62 | PC: 12c32 | Close file |
| 2018-12-25T11:58:48.782924946Z | 42 | PC: 12b89 | Get date 0x12b89: cmp dl, 5 0x12b8c: jne 0x12b98 0x12b8e: mov al, 2 0x12b90: mov cx, 0x100 0x12b93: cdq 0x12b94: int 0x26 0x12b96: jmp 0x12b96 0x12b98: mov ax, 0x100 0x12b9b: jmp ax 0x12b9d: call 0x12c2b 0x12ba0: call 0x12d4f 0x12ba3: jb 0x12b3a 0x12ba5: jmp 0x12a88 0x12ba8: mov ah, 0x3b 0x12baa: lea dx, word ptr [si + 0x2f3] 0x12bae: int 0x21 0x12bb0: jmp 0x12b85 0x12bb2: call 0x94e92bf0 0x12bb8: add word ptr [bx + si], sp 0x12bba: dec bp |
| 2018-12-25T11:58:48.784978684Z | 76 | PC: 12a44 | Terminate with return code (Return code = '0') |
{"DateBased":true,"Day":5,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":6201,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:58:48.887873716Z | 71 | PC: 12a65 | Get current directory |
| 2018-12-25T11:58:48.890853734Z | 26 | PC: 12a75 | Set disk transfer address |
| 2018-12-25T11:58:48.892157272Z | 78 | PC: 12c8c | Find first file |
| 2018-12-25T11:58:48.896899917Z | 61 | PC: 12a92 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T11:58:48.902721565Z | 66 | PC: 12aa9 | Move file pointer |
| 2018-12-25T11:58:48.904149506Z | 63 | PC: 12abf | Read file or device (Read 5 bytes on handle 5) |
| 2018-12-25T11:58:48.908628547Z | 66 | PC: 12ae9 | Move file pointer |
| 2018-12-25T11:58:48.909979335Z | 63 | PC: 12af9 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-25T11:58:48.912837955Z | 66 | PC: 12b07 | Move file pointer |
| 2018-12-25T11:58:48.925693459Z | 64 | PC: 12c28 | Write file or device (Write 821 bytes on handle 5) |
| 2018-12-25T11:58:48.947189068Z | 66 | PC: 12b1f | Move file pointer |
| 2018-12-25T11:58:48.949418335Z | 64 | PC: 12b2e | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T11:58:48.95718183Z | 59 | PC: 12b37 | Change current directory |
| 2018-12-25T11:58:48.962442054Z | 62 | PC: 12c32 | Close file |
| 2018-12-25T11:58:48.976086401Z | 42 | PC: 12b89 | Get date 0x12b89: cmp dl, 5 0x12b8c: jne 0x12b98 0x12b8e: mov al, 2 0x12b90: mov cx, 0x100 0x12b93: cdq 0x12b94: int 0x26 0x12b96: jmp 0x12b96 0x12b98: mov ax, 0x100 0x12b9b: jmp ax 0x12b9d: call 0x12c2b 0x12ba0: call 0x12d4f 0x12ba3: jb 0x12b3a 0x12ba5: jmp 0x12a88 0x12ba8: mov ah, 0x3b 0x12baa: lea dx, word ptr [si + 0x2f3] 0x12bae: int 0x21 0x12bb0: jmp 0x12b85 0x12bb2: call 0x94e92bf0 0x12bb8: add word ptr [bx + si], sp 0x12bba: dec bp |