{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":30,"Second":0,"TimeBased":true,"OriginalID":6372,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:59:14.533694251Z | 71 | PC: 12a9d | Get current directory |
| 2018-12-25T11:59:14.537845928Z | 26 | PC: 12aae | Set disk transfer address |
| 2018-12-25T11:59:14.539673553Z | 78 | PC: 12aba | Find first file |
| 2018-12-25T11:59:14.546981728Z | 67 | PC: 12da9 | Get or set file attributes |
| 2018-12-25T11:59:15.112467352Z | 61 | PC: 12d1c | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T11:59:15.130204287Z | 63 | PC: 12d31 | Read file or device (Read 28 bytes on handle 5) |
| 2018-12-25T11:59:15.140457874Z | 62 | PC: 12d5a | Close file |
| 2018-12-25T11:59:15.147369742Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.160101131Z | 79 | PC: 12aca | Find next file |
| 2018-12-25T11:59:15.163562983Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.175465279Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:15.191846677Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:15.199372521Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:15.201880824Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.214197293Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:15.217720563Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.229009304Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:15.237591839Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:15.244777292Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:15.246777523Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.258853167Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:15.262208299Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.27418509Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:15.282337239Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:15.28854213Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:15.290076278Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.300133997Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:15.302508525Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.31003252Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:15.318702587Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:15.32658314Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:15.329066605Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.340363546Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:15.344504732Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.355780396Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:15.363648923Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:15.372073587Z | 44 | PC: 12d0e | Get time 0x12d0e: mov byte ptr [bp + 0x126], cl 0x12d12: ret 0x12d13: mov ax, 0x3d02 0x12d16: lea dx, word ptr [bp + 0x70e] 0x12d1a: int 0x21 0x12d1c: jae 0x12d20 0x12d1e: jmp 0x12d56 0x12d20: mov word ptr [bp + 0x6ee], ax 0x12d24: xchg ax, bx 0x12d25: mov cx, 0x1c 0x12d28: mov ax, 0x3f00 0x12d2b: lea dx, word ptr [bp + 0x760] 0x12d2f: int 0x21 0x12d31: jae 0x12d35 0x12d33: jmp 0x12d56 0x12d35: cmp byte ptr [bp + 0x778], 0x40 0x12d3a: je 0x12d4c 0x12d3c: cmp word ptr [bp + 0x763], 0x6565 0x12d42: je 0x12d4c 0x12d44: cmp word ptr [bp + 0x772], 0x6565 |
| 2018-12-25T11:59:15.375003891Z | 66 | PC: 12afe | Move file pointer |
| 2018-12-25T11:59:15.377492689Z | 64 | PC: 12dcd | Write file or device (Write 48 bytes on handle 5) |
| 2018-12-25T11:59:15.3873516Z | 64 | PC: 12dcd | Write file or device (See above) |
| 2018-12-25T11:59:15.397029533Z | 66 | PC: 12dd9 | Move file pointer |
| 2018-12-25T11:59:15.398694674Z | 64 | PC: 12dcd | Write file or device (See above) |
| 2018-12-25T11:59:15.40659238Z | 87 | PC: 12dbf | Get or set file date and time |
| 2018-12-25T11:59:15.422323451Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:15.431791016Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.444269127Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:15.447566483Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.459813138Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:15.468062775Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:15.476610286Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:15.479031213Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.490480817Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:15.494491868Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.5066538Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:15.514543444Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:15.518233367Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:15.520613384Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.531822588Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:15.536160103Z | 78 | PC: 12b44 | Find first file |
| 2018-12-25T11:59:15.54362209Z | 59 | PC: 12cb1 | Change current directory |
| 2018-12-25T11:59:15.54861998Z | 78 | PC: 12cc1 | Find first file |
| 2018-12-25T11:59:15.561752954Z | 59 | PC: 12cf9 | Change current directory |
| 2018-12-25T11:59:15.574795564Z | 78 | PC: 12aba | Find first file (See above) |
| 2018-12-25T11:59:15.581960328Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.597379169Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:15.605265936Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:15.612643874Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:15.614759473Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.627640114Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:15.631937681Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.643187265Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:15.65177948Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:15.65965454Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:15.662004215Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.674783435Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:15.678187819Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.689275082Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:15.698974056Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:15.706556863Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:15.708951318Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.720888022Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:15.724226667Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.735502211Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:15.744144873Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:15.752291344Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:15.755554588Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.767002695Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:15.771317618Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.783068533Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:15.790977935Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:15.79923651Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:15.801413002Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.812587712Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:15.816944566Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.828683223Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:15.836951442Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:15.845551659Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:15.847837405Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.858897641Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:15.86255321Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.873592024Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:15.882124627Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:15.890098471Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:15.892342137Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.902325254Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:15.904822313Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.911436563Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:15.916496912Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:15.92132335Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:15.923200081Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.930092318Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:15.931922878Z | 78 | PC: 12b44 | Find first file (See above) |
| 2018-12-25T11:59:15.939582632Z | 59 | PC: 12cb1 | Change current directory (See above) |
| 2018-12-25T11:59:15.947312513Z | 78 | PC: 12cc1 | Find first file (See above) |
| 2018-12-25T11:59:15.953558521Z | 79 | PC: 12cda | Find next file |
| 2018-12-25T11:59:15.956175754Z | 79 | PC: 12cda | Find next file (See above) |
| 2018-12-25T11:59:15.958181656Z | 79 | PC: 12cda | Find next file (See above) |
| 2018-12-25T11:59:15.960303911Z | 79 | PC: 12cda | Find next file (See above) |
| 2018-12-25T11:59:15.96267266Z | 79 | PC: 12cda | Find next file (See above) |
| 2018-12-25T11:59:15.964653198Z | 79 | PC: 12cda | Find next file (See above) |
| 2018-12-25T11:59:15.966667806Z | 79 | PC: 12cda | Find next file (See above) |
| 2018-12-25T11:59:15.969889466Z | 79 | PC: 12cda | Find next file (See above) |
| 2018-12-25T11:59:15.972835558Z | 79 | PC: 12cda | Find next file (See above) |
| 2018-12-25T11:59:15.975082586Z | 44 | PC: 12c31 | Get time 0x12c31: cmp cl, 0x1e 0x12c34: jne 0x12c3e 0x12c36: cmp dh, 0x1e 0x12c39: ja 0x12c3e 0x12c3b: jmp 0x12dda 0x12c3e: push ax 0x12c3f: push bp 0x12c40: mov bp, sp 0x12c42: mov word ptr [bp + 2], 0x1a00 0x12c47: pop bp 0x12c48: pop ax 0x12c49: mov dx, 0x80 0x12c4c: int 0x21 0x12c4e: lea dx, word ptr [bp + 0x720] 0x12c52: mov ax, 0x3b00 0x12c55: int 0x21 0x12c57: cmp byte ptr cs:[0], 0xcd 0x12c5d: je 0x12c8d 0x12c5f: pop ds 0x12c60: push ds |
{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":30,"Second":31,"TimeBased":true,"OriginalID":6372,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:59:15.352683946Z | 71 | PC: 12a9d | Get current directory |
| 2018-12-25T11:59:15.356787954Z | 26 | PC: 12aae | Set disk transfer address |
| 2018-12-25T11:59:15.358438994Z | 78 | PC: 12aba | Find first file |
| 2018-12-25T11:59:15.365632509Z | 67 | PC: 12da9 | Get or set file attributes |
| 2018-12-25T11:59:15.38444004Z | 61 | PC: 12d1c | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T11:59:15.394147223Z | 63 | PC: 12d31 | Read file or device (Read 28 bytes on handle 5) |
| 2018-12-25T11:59:15.404108732Z | 62 | PC: 12d5a | Close file |
| 2018-12-25T11:59:15.406799422Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.42140811Z | 79 | PC: 12aca | Find next file |
| 2018-12-25T11:59:15.424356462Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.435088363Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:15.443402547Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:15.453072605Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:15.455424283Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.467171773Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:15.470519727Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.482087018Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:15.490211918Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:15.497741321Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:15.500148077Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.512114086Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:15.515237099Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.530266816Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:15.539299625Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:15.546916448Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:15.549402412Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.561443674Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:15.564594605Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.575419646Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:15.584053933Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:15.591655774Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:15.594214419Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.606247478Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:15.610367469Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.621692951Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:15.629583882Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:15.6375985Z | 44 | PC: 12d0e | Get time 0x12d0e: mov byte ptr [bp + 0x126], cl 0x12d12: ret 0x12d13: mov ax, 0x3d02 0x12d16: lea dx, word ptr [bp + 0x70e] 0x12d1a: int 0x21 0x12d1c: jae 0x12d20 0x12d1e: jmp 0x12d56 0x12d20: mov word ptr [bp + 0x6ee], ax 0x12d24: xchg ax, bx 0x12d25: mov cx, 0x1c 0x12d28: mov ax, 0x3f00 0x12d2b: lea dx, word ptr [bp + 0x760] 0x12d2f: int 0x21 0x12d31: jae 0x12d35 0x12d33: jmp 0x12d56 0x12d35: cmp byte ptr [bp + 0x778], 0x40 0x12d3a: je 0x12d4c 0x12d3c: cmp word ptr [bp + 0x763], 0x6565 0x12d42: je 0x12d4c 0x12d44: cmp word ptr [bp + 0x772], 0x6565 |
| 2018-12-25T11:59:15.64015063Z | 66 | PC: 12afe | Move file pointer |
| 2018-12-25T11:59:15.641908404Z | 64 | PC: 12dcd | Write file or device (Write 48 bytes on handle 5) |
| 2018-12-25T11:59:15.651622901Z | 64 | PC: 12dcd | Write file or device (See above) |
| 2018-12-25T11:59:15.661350901Z | 66 | PC: 12dd9 | Move file pointer |
| 2018-12-25T11:59:15.663319084Z | 64 | PC: 12dcd | Write file or device (See above) |
| 2018-12-25T11:59:15.672097878Z | 87 | PC: 12dbf | Get or set file date and time |
| 2018-12-25T11:59:15.673942911Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:15.68282038Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.694470303Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:15.697831259Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.708962222Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:15.717576744Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:15.725361372Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:15.727710937Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.739410251Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:15.743870485Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.754806188Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:15.7624986Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:15.770955095Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:15.773324544Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.788458856Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:15.792269052Z | 78 | PC: 12b44 | Find first file |
| 2018-12-25T11:59:15.796666576Z | 59 | PC: 12cb1 | Change current directory |
| 2018-12-25T11:59:15.799784914Z | 78 | PC: 12cc1 | Find first file |
| 2018-12-25T11:59:15.804374506Z | 59 | PC: 12cf9 | Change current directory |
| 2018-12-25T11:59:15.80967386Z | 78 | PC: 12aba | Find first file (See above) |
| 2018-12-25T11:59:15.817239799Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.831318557Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:15.839729426Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:15.847365136Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:15.849556177Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.862283003Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:15.8656701Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.877371689Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:15.885934068Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:15.88975441Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:15.89215462Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.904114614Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:15.907747466Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.920630621Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:15.92857375Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:15.931631994Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:15.933829759Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.945857929Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:15.948961999Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.960181625Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:15.968151831Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:15.971728201Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:15.973956701Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:15.988411061Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:15.992246987Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:16.003767543Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:16.011561224Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:16.019797999Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:16.022658905Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:16.034274169Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:16.038656221Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:16.051005222Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:16.058133648Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:16.06580741Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:16.068059053Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:16.078502863Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:16.082026317Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:16.093141763Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:16.097554462Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:16.102131409Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:16.103804648Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:16.110273423Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:16.11334433Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:16.125258331Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:16.132825098Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:16.140108552Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:16.1426712Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:16.154033507Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:16.156956711Z | 78 | PC: 12b44 | Find first file (See above) |
| 2018-12-25T11:59:16.164575631Z | 59 | PC: 12cb1 | Change current directory (See above) |
| 2018-12-25T11:59:16.167538342Z | 78 | PC: 12cc1 | Find first file (See above) |
| 2018-12-25T11:59:16.175230279Z | 79 | PC: 12cda | Find next file |
| 2018-12-25T11:59:16.177679233Z | 79 | PC: 12cda | Find next file (See above) |
| 2018-12-25T11:59:16.181338887Z | 79 | PC: 12cda | Find next file (See above) |
| 2018-12-25T11:59:16.184033549Z | 79 | PC: 12cda | Find next file (See above) |
| 2018-12-25T11:59:16.188173121Z | 79 | PC: 12cda | Find next file (See above) |
| 2018-12-25T11:59:16.191313174Z | 79 | PC: 12cda | Find next file (See above) |
| 2018-12-25T11:59:16.194528018Z | 79 | PC: 12cda | Find next file (See above) |
| 2018-12-25T11:59:16.198273753Z | 79 | PC: 12cda | Find next file (See above) |
| 2018-12-25T11:59:16.201292668Z | 79 | PC: 12cda | Find next file (See above) |
| 2018-12-25T11:59:16.203793874Z | 44 | PC: 12c31 | Get time 0x12c31: cmp cl, 0x1e 0x12c34: jne 0x12c3e 0x12c36: cmp dh, 0x1e 0x12c39: ja 0x12c3e 0x12c3b: jmp 0x12dda 0x12c3e: push ax 0x12c3f: push bp 0x12c40: mov bp, sp 0x12c42: mov word ptr [bp + 2], 0x1a00 0x12c47: pop bp 0x12c48: pop ax 0x12c49: mov dx, 0x80 0x12c4c: int 0x21 0x12c4e: lea dx, word ptr [bp + 0x720] 0x12c52: mov ax, 0x3b00 0x12c55: int 0x21 0x12c57: cmp byte ptr cs:[0], 0xcd 0x12c5d: je 0x12c8d 0x12c5f: pop ds 0x12c60: push ds |
| 2018-12-25T11:59:16.206645626Z | 26 | PC: 12c4e | Set disk transfer address |
| 2018-12-25T11:59:16.20840269Z | 59 | PC: 12c57 | Change current directory |
| 2018-12-25T11:59:16.210434045Z | 76 | PC: 12a4f | Terminate with return code (Return code = '0') |
{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":6372,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T11:59:16.404856143Z | 71 | PC: 12a9d | Get current directory |
| 2018-12-25T11:59:16.408433549Z | 26 | PC: 12aae | Set disk transfer address |
| 2018-12-25T11:59:16.410499876Z | 78 | PC: 12aba | Find first file |
| 2018-12-25T11:59:16.416878357Z | 67 | PC: 12da9 | Get or set file attributes |
| 2018-12-25T11:59:16.436547677Z | 61 | PC: 12d1c | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T11:59:16.454937322Z | 63 | PC: 12d31 | Read file or device (Read 28 bytes on handle 5) |
| 2018-12-25T11:59:16.461254103Z | 62 | PC: 12d5a | Close file |
| 2018-12-25T11:59:16.463068356Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:16.473735371Z | 79 | PC: 12aca | Find next file |
| 2018-12-25T11:59:16.476380516Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:16.486039168Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:16.493474789Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:16.500023376Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:16.501696033Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:16.512009125Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:16.515423141Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:16.52514425Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:16.532411145Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:16.539411887Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:16.541278056Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:16.551682666Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:16.554545579Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:16.566737222Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:16.57424809Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:16.580580603Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:16.582298695Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:16.592707358Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:16.595557127Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:16.605265228Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:16.612234914Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:16.619266287Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:16.621397756Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:16.632034606Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:16.634990764Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:16.644832974Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:16.652040262Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:16.658254131Z | 44 | PC: 12d0e | Get time 0x12d0e: mov byte ptr [bp + 0x126], cl 0x12d12: ret 0x12d13: mov ax, 0x3d02 0x12d16: lea dx, word ptr [bp + 0x70e] 0x12d1a: int 0x21 0x12d1c: jae 0x12d20 0x12d1e: jmp 0x12d56 0x12d20: mov word ptr [bp + 0x6ee], ax 0x12d24: xchg ax, bx 0x12d25: mov cx, 0x1c 0x12d28: mov ax, 0x3f00 0x12d2b: lea dx, word ptr [bp + 0x760] 0x12d2f: int 0x21 0x12d31: jae 0x12d35 0x12d33: jmp 0x12d56 0x12d35: cmp byte ptr [bp + 0x778], 0x40 0x12d3a: je 0x12d4c 0x12d3c: cmp word ptr [bp + 0x763], 0x6565 0x12d42: je 0x12d4c 0x12d44: cmp word ptr [bp + 0x772], 0x6565 |
| 2018-12-25T11:59:16.660330719Z | 66 | PC: 12afe | Move file pointer |
| 2018-12-25T11:59:16.662051481Z | 64 | PC: 12dcd | Write file or device (Write 48 bytes on handle 5) |
| 2018-12-25T11:59:16.669898326Z | 64 | PC: 12dcd | Write file or device (See above) |
| 2018-12-25T11:59:16.67814862Z | 66 | PC: 12dd9 | Move file pointer |
| 2018-12-25T11:59:16.687912926Z | 64 | PC: 12dcd | Write file or device (See above) |
| 2018-12-25T11:59:16.703068697Z | 87 | PC: 12dbf | Get or set file date and time |
| 2018-12-25T11:59:16.705460788Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:16.713506321Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:16.723769647Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:16.726486833Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:16.736289598Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:16.743257655Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:16.749670255Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:16.751532263Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:16.770526453Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:16.773529862Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:16.786365975Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:16.793076415Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:16.799595335Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:16.801324206Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:16.812142891Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:16.814701827Z | 78 | PC: 12b44 | Find first file |
| 2018-12-25T11:59:16.820226294Z | 59 | PC: 12cb1 | Change current directory |
| 2018-12-25T11:59:16.824826012Z | 78 | PC: 12cc1 | Find first file |
| 2018-12-25T11:59:16.835116693Z | 59 | PC: 12cf9 | Change current directory |
| 2018-12-25T11:59:16.841946702Z | 78 | PC: 12aba | Find first file (See above) |
| 2018-12-25T11:59:16.846528531Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:16.852576216Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:16.856644496Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:16.861482242Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:16.862752519Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:16.869005274Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:16.871927661Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:16.884586163Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:16.896721453Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:16.905940275Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:16.907695791Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:16.91797047Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:16.921806116Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:16.932140524Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:16.938661098Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:16.94652543Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:16.949254414Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:16.959267274Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:16.962423159Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:16.975347502Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:16.982221387Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:16.988758999Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:16.991102153Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:17.00098933Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:17.003992368Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:17.014340582Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:17.020792661Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:17.02721264Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:17.029911438Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:17.040302307Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:17.043161445Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:17.052830062Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:17.059162875Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:17.075224853Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:17.077273105Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:17.086950061Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:17.089477503Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:17.099546937Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:17.105849316Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:17.111974262Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:17.114119327Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:17.123799405Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:17.126259416Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:17.135787228Z | 61 | PC: 12d1c | Open file (See above) |
| 2018-12-25T11:59:17.142098486Z | 63 | PC: 12d31 | Read file or device (See above) |
| 2018-12-25T11:59:17.148168667Z | 62 | PC: 12d5a | Close file (See above) |
| 2018-12-25T11:59:17.1502246Z | 67 | PC: 12da9 | Get or set file attributes (See above) |
| 2018-12-25T11:59:17.162793888Z | 79 | PC: 12aca | Find next file (See above) |
| 2018-12-25T11:59:17.165112623Z | 78 | PC: 12b44 | Find first file (See above) |
| 2018-12-25T11:59:17.170893552Z | 59 | PC: 12cb1 | Change current directory (See above) |
| 2018-12-25T11:59:17.175185999Z | 78 | PC: 12cc1 | Find first file (See above) |
| 2018-12-25T11:59:17.18123653Z | 79 | PC: 12cda | Find next file |
| 2018-12-25T11:59:17.184923336Z | 79 | PC: 12cda | Find next file (See above) |
| 2018-12-25T11:59:17.187661255Z | 79 | PC: 12cda | Find next file (See above) |
| 2018-12-25T11:59:17.190362733Z | 79 | PC: 12cda | Find next file (See above) |
| 2018-12-25T11:59:17.193946927Z | 79 | PC: 12cda | Find next file (See above) |
| 2018-12-25T11:59:17.196594057Z | 79 | PC: 12cda | Find next file (See above) |
| 2018-12-25T11:59:17.199193427Z | 79 | PC: 12cda | Find next file (See above) |
| 2018-12-25T11:59:17.202938258Z | 79 | PC: 12cda | Find next file (See above) |
| 2018-12-25T11:59:17.205535595Z | 79 | PC: 12cda | Find next file (See above) |
| 2018-12-25T11:59:17.207917138Z | 44 | PC: 12c31 | Get time 0x12c31: cmp cl, 0x1e 0x12c34: jne 0x12c3e 0x12c36: cmp dh, 0x1e 0x12c39: ja 0x12c3e 0x12c3b: jmp 0x12dda 0x12c3e: push ax 0x12c3f: push bp 0x12c40: mov bp, sp 0x12c42: mov word ptr [bp + 2], 0x1a00 0x12c47: pop bp 0x12c48: pop ax 0x12c49: mov dx, 0x80 0x12c4c: int 0x21 0x12c4e: lea dx, word ptr [bp + 0x720] 0x12c52: mov ax, 0x3b00 0x12c55: int 0x21 0x12c57: cmp byte ptr cs:[0], 0xcd 0x12c5d: je 0x12c8d 0x12c5f: pop ds 0x12c60: push ds |
| 2018-12-25T11:59:17.211136378Z | 26 | PC: 12c4e | Set disk transfer address |
| 2018-12-25T11:59:17.212382839Z | 59 | PC: 12c57 | Change current directory |
| 2018-12-25T11:59:17.214322288Z | 76 | PC: 12a4f | Terminate with return code (Return code = '0') |