Sample viewer

vx.netlux.org/Virus.DOS.Nowi.1327

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:39:07.655897708Z 74 PC: 1569b | Reallocate memory
2018-12-17T22:39:07.658218738Z 74 PC: 156a2 | Reallocate memory
2018-12-17T22:39:07.660510342Z 72 PC: 156a9 | Allocate memory
2018-12-17T22:39:07.662455964Z 53 PC: 156ca | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:39:07.664094005Z 37 PC: 156e4 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:39:07.666484476Z 44 PC: 15707 | Get time 0x15707: cmp ch, 0xa
0x1570a: jb 0x15716
0x1570c: cmp ch, 0xb
0x1570f: jae 0x15716
0x15711: or byte ptr [0xc], 1
0x15716: mov ah, 0x2a
0x15718: int 0x21
0x1571a: cmp al, 5
0x1571c: jne 0x15723
0x1571e: or byte ptr [0xc], 0x10
0x15723: mov al, dh
0x15725: sub al, byte ptr cs:[0x105]
0x1572a: je 0x15737
0x1572c: cmp al, 1
0x1572e: ja 0x1573e
0x15730: cmp byte ptr cs:[0x104], dl
0x15735: jbe 0x1573e
0x15737: cmp byte ptr cs:[0x106], cl
0x1573c: je 0x15743
0x1573e: or byte ptr [0xc], 0x20
2018-12-17T22:39:07.66895071Z 42 PC: 1571a | Get date 0x1571a: cmp al, 5
0x1571c: jne 0x15723
0x1571e: or byte ptr [0xc], 0x10
0x15723: mov al, dh
0x15725: sub al, byte ptr cs:[0x105]
0x1572a: je 0x15737
0x1572c: cmp al, 1
0x1572e: ja 0x1573e
0x15730: cmp byte ptr cs:[0x104], dl
0x15735: jbe 0x1573e
0x15737: cmp byte ptr cs:[0x106], cl
0x1573c: je 0x15743
0x1573e: or byte ptr [0xc], 0x20
0x15743: mov byte ptr cs:[0x104], dl
0x15748: mov byte ptr cs:[0x105], dh
0x1574d: mov byte ptr cs:[0x106], cl
0x15752: cmp dl, 0xd
0x15755: jne 0x1575c
0x15757: or byte ptr [0xc], 2
0x1575c: mov di, 0x1e
2018-12-17T22:39:07.671576625Z 26 PC: 15aee | Set disk transfer address
2018-12-17T22:39:07.673840027Z 78 PC: 15af9 | Find first file
2018-12-17T22:39:07.680601356Z 67 PC: 15b76 | Get or set file attributes
2018-12-17T22:39:07.686785917Z 67 PC: 15b10 | Get or set file attributes
2018-12-17T22:39:07.704866445Z 61 PC: 157f1 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:39:07.712725165Z 87 PC: 157fd | Get or set file date and time
2018-12-17T22:39:07.714534249Z 63 PC: 15810 | Read file or device (Read 8 bytes on handle 5)
2018-12-17T22:39:07.722635447Z 66 PC: 15829 | Move file pointer
2018-12-17T22:39:07.724382294Z 66 PC: 1585a | Move file pointer
2018-12-17T22:39:07.726202699Z 62 PC: 158cf | Close file
2018-12-17T22:39:07.728563404Z 67 PC: 15b6d | Get or set file attributes
2018-12-17T22:39:08.068636948Z 26 PC: 15b19 | Set disk transfer address
2018-12-17T22:39:08.070499583Z 79 PC: 15b24 | Find next file
2018-12-17T22:39:08.073752141Z 67 PC: 15b76 | Get or set file attributes
2018-12-17T22:39:08.081064108Z 67 PC: 15b10 | Get or set file attributes
2018-12-17T22:39:08.091772416Z 61 PC: 157f1 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:39:08.099005726Z 87 PC: 157fd | Get or set file date and time
2018-12-17T22:39:08.104644056Z 63 PC: 15810 | Read file or device (Read 8 bytes on handle 5)
2018-12-17T22:39:08.111647372Z 66 PC: 15829 | Move file pointer
2018-12-17T22:39:08.11331074Z 66 PC: 1585a | Move file pointer
2018-12-17T22:39:08.117816874Z 62 PC: 158cf | Close file
2018-12-17T22:39:08.120330878Z 67 PC: 15b6d | Get or set file attributes
2018-12-17T22:39:08.131322961Z 26 PC: 15b19 | Set disk transfer address
2018-12-17T22:39:08.134177758Z 79 PC: 15b24 | Find next file
2018-12-17T22:39:08.137619392Z 67 PC: 15b76 | Get or set file attributes
2018-12-17T22:39:08.143481294Z 67 PC: 15b10 | Get or set file attributes
2018-12-17T22:39:08.154338513Z 61 PC: 157f1 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:39:08.161998518Z 87 PC: 157fd | Get or set file date and time
2018-12-17T22:39:08.163943959Z 63 PC: 15810 | Read file or device (Read 8 bytes on handle 5)
2018-12-17T22:39:08.172670527Z 66 PC: 15829 | Move file pointer
2018-12-17T22:39:08.17469103Z 66 PC: 1585a | Move file pointer
2018-12-17T22:39:08.1767155Z 62 PC: 158cf | Close file
2018-12-17T22:39:08.179089129Z 67 PC: 15b6d | Get or set file attributes
2018-12-17T22:39:08.191357971Z 26 PC: 15b19 | Set disk transfer address
2018-12-17T22:39:08.192896354Z 79 PC: 15b24 | Find next file
2018-12-17T22:39:08.196133052Z 67 PC: 15b76 | Get or set file attributes
2018-12-17T22:39:08.20330733Z 67 PC: 15b10 | Get or set file attributes
2018-12-17T22:39:08.213648275Z 61 PC: 157f1 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:39:08.220626052Z 87 PC: 157fd | Get or set file date and time
2018-12-17T22:39:08.223228744Z 63 PC: 15810 | Read file or device (Read 8 bytes on handle 5)
2018-12-17T22:39:08.230056639Z 66 PC: 15829 | Move file pointer
2018-12-17T22:39:08.231815117Z 66 PC: 1585a | Move file pointer
2018-12-17T22:39:08.234057308Z 62 PC: 158cf | Close file
2018-12-17T22:39:08.236741454Z 67 PC: 15b6d | Get or set file attributes
2018-12-17T22:39:08.247398343Z 26 PC: 15b19 | Set disk transfer address
2018-12-17T22:39:08.249865198Z 79 PC: 15b24 | Find next file
2018-12-17T22:39:08.253858935Z 67 PC: 15b76 | Get or set file attributes
2018-12-17T22:39:08.259919171Z 67 PC: 15b10 | Get or set file attributes
2018-12-17T22:39:08.270665591Z 61 PC: 157f1 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:39:08.28050558Z 87 PC: 157fd | Get or set file date and time
2018-12-17T22:39:08.28227566Z 63 PC: 15810 | Read file or device (Read 8 bytes on handle 5)
2018-12-17T22:39:08.2890535Z 66 PC: 15829 | Move file pointer
2018-12-17T22:39:08.29166067Z 66 PC: 1585a | Move file pointer
2018-12-17T22:39:08.294003702Z 62 PC: 158cf | Close file
2018-12-17T22:39:08.296378824Z 67 PC: 15b6d | Get or set file attributes
2018-12-17T22:39:08.307319299Z 26 PC: 15b19 | Set disk transfer address
2018-12-17T22:39:08.308744258Z 79 PC: 15b24 | Find next file
2018-12-17T22:39:08.31191468Z 67 PC: 15b76 | Get or set file attributes
2018-12-17T22:39:08.319008838Z 67 PC: 15b10 | Get or set file attributes
2018-12-17T22:39:08.330160722Z 61 PC: 157f1 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:39:08.337649985Z 87 PC: 157fd | Get or set file date and time
2018-12-17T22:39:08.339112215Z 63 PC: 15810 | Read file or device (Read 8 bytes on handle 5)
2018-12-17T22:39:08.345770239Z 66 PC: 15829 | Move file pointer
2018-12-17T22:39:08.34708489Z 66 PC: 1585a | Move file pointer
2018-12-17T22:39:08.348396435Z 62 PC: 158cf | Close file
2018-12-17T22:39:08.350421116Z 67 PC: 15b6d | Get or set file attributes
2018-12-17T22:39:08.360548246Z 26 PC: 15b19 | Set disk transfer address
2018-12-17T22:39:08.36172703Z 79 PC: 15b24 | Find next file
2018-12-17T22:39:08.365591863Z 67 PC: 15b76 | Get or set file attributes
2018-12-17T22:39:08.371543485Z 67 PC: 15b10 | Get or set file attributes
2018-12-17T22:39:08.381814427Z 61 PC: 157f1 | Open file (Filename = 'PAH.COM')
2018-12-17T22:39:08.396693535Z 87 PC: 157fd | Get or set file date and time
2018-12-17T22:39:08.398858661Z 63 PC: 15810 | Read file or device (Read 8 bytes on handle 5)
2018-12-17T22:39:08.405818515Z 66 PC: 15829 | Move file pointer
2018-12-17T22:39:08.408243361Z 66 PC: 1585a | Move file pointer
2018-12-17T22:39:08.409863989Z 62 PC: 158cf | Close file
2018-12-17T22:39:08.412274247Z 67 PC: 15b6d | Get or set file attributes
2018-12-17T22:39:08.424246359Z 26 PC: 15b19 | Set disk transfer address
2018-12-17T22:39:08.426182001Z 79 PC: 15b24 | Find next file
2018-12-17T22:39:08.429334821Z 67 PC: 15b76 | Get or set file attributes
2018-12-17T22:39:08.436297951Z 67 PC: 15b10 | Get or set file attributes
2018-12-17T22:39:08.447190667Z 61 PC: 157f1 | Open file (Filename = 'TEST.COM')
2018-12-17T22:39:08.453997301Z 87 PC: 157fd | Get or set file date and time
2018-12-17T22:39:08.456556882Z 63 PC: 15810 | Read file or device (Read 8 bytes on handle 5)
2018-12-17T22:39:08.469581389Z 66 PC: 15829 | Move file pointer
2018-12-17T22:39:08.471345759Z 62 PC: 158cf | Close file
2018-12-17T22:39:08.473486318Z 67 PC: 15b6d | Get or set file attributes
2018-12-17T22:39:08.78755518Z 26 PC: 15b19 | Set disk transfer address
2018-12-17T22:39:08.788975711Z 79 PC: 15b24 | Find next file
2018-12-17T22:39:08.791944984Z 26 PC: 15aee | Set disk transfer address
2018-12-17T22:39:08.794032042Z 78 PC: 15af9 | Find first file
2018-12-17T22:39:08.80399874Z 67 PC: 15b76 | Get or set file attributes
2018-12-17T22:39:08.810607451Z 67 PC: 15b10 | Get or set file attributes
2018-12-17T22:39:09.149114559Z 61 PC: 157f1 | Open file (Filename = 'C:\DOS\EDIT.COM')
2018-12-17T22:39:09.157711703Z 87 PC: 157fd | Get or set file date and time
2018-12-17T22:39:09.159595477Z 63 PC: 15810 | Read file or device (Read 8 bytes on handle 5)
2018-12-17T22:39:09.167157848Z 66 PC: 15829 | Move file pointer
2018-12-17T22:39:09.169319878Z 66 PC: 1585a | Move file pointer
2018-12-17T22:39:09.171555838Z 62 PC: 158cf | Close file
2018-12-17T22:39:09.174470468Z 67 PC: 15b6d | Get or set file attributes
2018-12-17T22:39:09.18765087Z 26 PC: 15b19 | Set disk transfer address
2018-12-17T22:39:09.189417012Z 79 PC: 15b24 | Find next file
2018-12-17T22:39:09.196016787Z 67 PC: 15b76 | Get or set file attributes
2018-12-17T22:39:09.204898748Z 67 PC: 15b10 | Get or set file attributes
2018-12-17T22:39:09.21600704Z 61 PC: 157f1 | Open file (Filename = 'C:\DOS\FORMAT.COM')
2018-12-17T22:39:09.222682297Z 87 PC: 157fd | Get or set file date and time
2018-12-17T22:39:09.225332659Z 63 PC: 15810 | Read file or device (Read 8 bytes on handle 5)
2018-12-17T22:39:09.230992068Z 66 PC: 15829 | Move file pointer
2018-12-17T22:39:09.232420324Z 66 PC: 1585a | Move file pointer
2018-12-17T22:39:09.234616478Z 64 PC: 15877 | Write file or device (Write 8 bytes on handle 5)
2018-12-17T22:39:09.240580351Z 64 PC: 1588b | Write file or device (Write 1319 bytes on handle 5)
2018-12-17T22:39:09.247589659Z 66 PC: 158a2 | Move file pointer
2018-12-17T22:39:09.250161792Z 64 PC: 158b6 | Write file or device (Write 8 bytes on handle 5)
2018-12-17T22:39:09.252625412Z 87 PC: 158ca | Get or set file date and time
2018-12-17T22:39:09.254006518Z 62 PC: 158cf | Close file
2018-12-17T22:39:09.260757237Z 67 PC: 15b6d | Get or set file attributes
2018-12-17T22:39:09.272695375Z 26 PC: 15b19 | Set disk transfer address
2018-12-17T22:39:09.274122178Z 79 PC: 15b24 | Find next file
2018-12-17T22:39:09.278497565Z 67 PC: 15b76 | Get or set file attributes
2018-12-17T22:39:09.292321511Z 67 PC: 15b10 | Get or set file attributes
2018-12-17T22:39:09.307819186Z 61 PC: 157f1 | Open file (Filename = 'C:\DOS\KEYB.COM')
2018-12-17T22:39:09.314717023Z 87 PC: 157fd | Get or set file date and time
2018-12-17T22:39:09.317187305Z 63 PC: 15810 | Read file or device (Read 8 bytes on handle 5)
2018-12-17T22:39:09.322067805Z 66 PC: 15829 | Move file pointer
2018-12-17T22:39:09.323611107Z 66 PC: 1585a | Move file pointer
2018-12-17T22:39:09.325736598Z 64 PC: 15877 | Write file or device (Write 8 bytes on handle 5)
2018-12-17T22:39:09.330994731Z 64 PC: 1588b | Write file or device (Write 1319 bytes on handle 5)
2018-12-17T22:39:09.340571483Z 66 PC: 158a2 | Move file pointer
2018-12-17T22:39:09.343431259Z 64 PC: 158b6 | Write file or device (Write 8 bytes on handle 5)
2018-12-17T22:39:09.346782182Z 87 PC: 158ca | Get or set file date and time
2018-12-17T22:39:09.348686656Z 62 PC: 158cf | Close file
2018-12-17T22:39:09.357869274Z 67 PC: 15b6d | Get or set file attributes
2018-12-17T22:39:09.368334283Z 26 PC: 15b19 | Set disk transfer address
2018-12-17T22:39:09.369847368Z 79 PC: 15b24 | Find next file
2018-12-17T22:39:09.377731065Z 67 PC: 15b76 | Get or set file attributes
2018-12-17T22:39:09.384387356Z 67 PC: 15b10 | Get or set file attributes
2018-12-17T22:39:09.395048876Z 61 PC: 157f1 | Open file (Filename = 'C:\DOS\SYS.COM')
2018-12-17T22:39:09.403426364Z 87 PC: 157fd | Get or set file date and time
2018-12-17T22:39:09.405647876Z 63 PC: 15810 | Read file or device (Read 8 bytes on handle 5)
2018-12-17T22:39:09.411672325Z 66 PC: 15829 | Move file pointer
2018-12-17T22:39:09.414265809Z 66 PC: 1585a | Move file pointer
2018-12-17T22:39:09.416424663Z 64 PC: 15877 | Write file or device (Write 8 bytes on handle 5)
2018-12-17T22:39:09.42395339Z 64 PC: 1588b | Write file or device (Write 1319 bytes on handle 5)
2018-12-17T22:39:09.433098318Z 66 PC: 158a2 | Move file pointer
2018-12-17T22:39:09.435217567Z 64 PC: 158b6 | Write file or device (Write 8 bytes on handle 5)
2018-12-17T22:39:09.438501283Z 87 PC: 158ca | Get or set file date and time
2018-12-17T22:39:09.441105478Z 62 PC: 158cf | Close file
2018-12-17T22:39:09.449001198Z 67 PC: 15b6d | Get or set file attributes
2018-12-17T22:39:09.457542485Z 26 PC: 15aee | Set disk transfer address
2018-12-17T22:39:09.458799046Z 78 PC: 15af9 | Find first file
2018-12-17T22:39:09.463920761Z 26 PC: 15aee | Set disk transfer address
2018-12-17T22:39:09.46499061Z 78 PC: 15af9 | Find first file
2018-12-17T22:39:09.473035321Z 37 PC: 159be | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:39:09.474932221Z 73 PC: 15a00 | Release memory
2018-12-17T22:39:09.476799956Z 26 PC: 12aa0 | Set disk transfer address
2018-12-17T22:39:09.478478643Z 42 PC: 12aa7 | Get date 0x12aa7: cmp dl, 1
0x12aaa: je 0x12ab6
0x12aac: cmp dl, 0x15
0x12aaf: je 0x12ab6
0x12ab1: cmp dl, 0x18
0x12ab4: jne 0x12ab9
0x12ab6: call 0x12c07
0x12ab9: push ds
0x12aba: mov ds, word ptr cs:[0x2c]
0x12abf: xor si, si
0x12ac1: lodsb al, byte ptr [si]
0x12ac2: cmp al, 0x50
0x12ac4: jne 0x12ac1
0x12ac6: cmp word ptr [si], 0x5441
0x12aca: jne 0x12ac1
0x12acc: add si, 4
0x12acf: mov cx, 1
0x12ad2: mov bx, word ptr cs:[0x631]
0x12ad7: lodsb al, byte ptr [si]
0x12ad8: cmp al, 0x3b
2018-12-17T22:39:09.482078847Z 26 PC: 12b96 | Set disk transfer address

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":6725,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:00:17.188985067Z 74 PC: 1569b | Reallocate memory
2018-12-25T12:00:17.19077132Z 74 PC: 156a2 | Reallocate memory
2018-12-25T12:00:17.191895969Z 72 PC: 156a9 | Allocate memory
2018-12-25T12:00:17.193167261Z 53 PC: 156ca | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:00:17.194976813Z 37 PC: 156e4 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:00:17.195994964Z 44 PC: 15707 | Get time 0x15707: cmp ch, 0xa
0x1570a: jb 0x15716
0x1570c: cmp ch, 0xb
0x1570f: jae 0x15716
0x15711: or byte ptr [0xc], 1
0x15716: mov ah, 0x2a
0x15718: int 0x21
0x1571a: cmp al, 5
0x1571c: jne 0x15723
0x1571e: or byte ptr [0xc], 0x10
0x15723: mov al, dh
0x15725: sub al, byte ptr cs:[0x105]
0x1572a: je 0x15737
0x1572c: cmp al, 1
0x1572e: ja 0x1573e
0x15730: cmp byte ptr cs:[0x104], dl
0x15735: jbe 0x1573e
0x15737: cmp byte ptr cs:[0x106], cl
0x1573c: je 0x15743
0x1573e: or byte ptr [0xc], 0x20
2018-12-25T12:00:17.198126767Z 42 PC: 1571a | Get date 0x1571a: cmp al, 5
0x1571c: jne 0x15723
0x1571e: or byte ptr [0xc], 0x10
0x15723: mov al, dh
0x15725: sub al, byte ptr cs:[0x105]
0x1572a: je 0x15737
0x1572c: cmp al, 1
0x1572e: ja 0x1573e
0x15730: cmp byte ptr cs:[0x104], dl
0x15735: jbe 0x1573e
0x15737: cmp byte ptr cs:[0x106], cl
0x1573c: je 0x15743
0x1573e: or byte ptr [0xc], 0x20
0x15743: mov byte ptr cs:[0x104], dl
0x15748: mov byte ptr cs:[0x105], dh
0x1574d: mov byte ptr cs:[0x106], cl
0x15752: cmp dl, 0xd
0x15755: jne 0x1575c
0x15757: or byte ptr [0xc], 2
0x1575c: mov di, 0x1e
2018-12-25T12:00:17.200608319Z 26 PC: 15aee | Set disk transfer address
2018-12-25T12:00:17.201761615Z 78 PC: 15af9 | Find first file
2018-12-25T12:00:17.207576914Z 67 PC: 15b76 | Get or set file attributes
2018-12-25T12:00:17.214846621Z 67 PC: 15b10 | Get or set file attributes
2018-12-25T12:00:17.232952968Z 61 PC: 157f1 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:00:17.240490712Z 87 PC: 157fd | Get or set file date and time
2018-12-25T12:00:17.246350956Z 63 PC: 15810 | Read file or device (Read 8 bytes on handle 5)
2018-12-25T12:00:17.2532832Z 66 PC: 15829 | Move file pointer
2018-12-25T12:00:17.254651443Z 66 PC: 1585a | Move file pointer
2018-12-25T12:00:17.256338851Z 62 PC: 158cf | Close file
2018-12-25T12:00:17.261440616Z 67 PC: 15b6d | Get or set file attributes
2018-12-25T12:00:17.273418261Z 26 PC: 15b19 | Set disk transfer address
2018-12-25T12:00:17.274394921Z 79 PC: 15b24 | Find next file
2018-12-25T12:00:17.278321704Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:17.283861643Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:17.293644534Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:17.301422855Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:17.302772497Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:17.308932564Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:17.3106286Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:17.311909687Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:17.313464883Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:17.323732385Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:17.324938997Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:17.326737458Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:17.330635108Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:17.337538978Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:17.341566481Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:17.350463998Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:17.354681573Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:17.355853914Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:17.357643728Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:17.359010477Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:17.366962848Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:17.368361121Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:17.370257199Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:17.376433298Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:17.386125459Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:17.392700388Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:17.395016382Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:17.40240947Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:17.403741778Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:17.404977094Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:17.417752367Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:17.427855262Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:17.428832685Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:17.432038721Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:17.4373544Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:17.447609726Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:17.455343275Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:17.456740291Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:17.462927839Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:17.464442353Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:17.466635335Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:17.468316296Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:17.478954355Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:17.480699476Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:17.483296492Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:17.488788228Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:17.49896666Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:17.505725311Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:17.507327204Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:17.514750118Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:17.517184485Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:17.518856135Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:17.522040005Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:17.878696899Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:17.879471354Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:17.881704665Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:17.88518654Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:18.158827995Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:18.166920717Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:18.168277545Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:18.174503219Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:18.176887721Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:18.178242787Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:18.179936323Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:18.297678117Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:18.298721082Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:18.301197098Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:18.312329021Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:18.390251631Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:18.39710201Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:18.3991796Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:18.405411708Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:18.40664664Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:18.408598644Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:18.514255745Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:18.515322023Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:18.522106464Z 26 PC: 15aee | Set disk transfer address (See above)
2018-12-25T12:00:18.524613661Z 78 PC: 15af9 | Find first file (See above)
2018-12-25T12:00:18.53340281Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:18.541449711Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.229343703Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.236829694Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.239671047Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.245656474Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.246920419Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:19.249761122Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.251520285Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.261650723Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.26409193Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:19.267176261Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.273461163Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.284227675Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.292398527Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.294013222Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.300567716Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.306782607Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:19.309703899Z 64 PC: 15877 | Write file or device (Write 8 bytes on handle 5)
2018-12-25T12:00:19.320729418Z 64 PC: 1588b | Write file or device (Write 1319 bytes on handle 5)
2018-12-25T12:00:19.334946741Z 66 PC: 158a2 | Move file pointer
2018-12-25T12:00:19.340371192Z 64 PC: 158b6 | Write file or device (Write 8 bytes on handle 5)
2018-12-25T12:00:19.342756045Z 87 PC: 158ca | Get or set file date and time
2018-12-25T12:00:19.343933667Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.348502941Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.357028088Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.357977291Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:19.360820157Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.365915938Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.720065565Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.727183169Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.729382524Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.735679362Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.737192397Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:19.739109079Z 64 PC: 15877 | Write file or device (See above)
2018-12-25T12:00:19.745329285Z 64 PC: 1588b | Write file or device (See above)
2018-12-25T12:00:19.76995967Z 66 PC: 158a2 | Move file pointer (See above)
2018-12-25T12:00:19.771731095Z 64 PC: 158b6 | Write file or device (See above)
2018-12-25T12:00:19.774883207Z 87 PC: 158ca | Get or set file date and time (See above)
2018-12-25T12:00:19.776716705Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.858931018Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.902905041Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.903933037Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:19.910486667Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.916406005Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.933237908Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.940944792Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.942256351Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.947618926Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.949599353Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:19.951290838Z 64 PC: 15877 | Write file or device (See above)
2018-12-25T12:00:19.95771429Z 64 PC: 1588b | Write file or device (See above)
2018-12-25T12:00:19.993305982Z 66 PC: 158a2 | Move file pointer (See above)
2018-12-25T12:00:19.995174016Z 64 PC: 158b6 | Write file or device (See above)
2018-12-25T12:00:19.998279638Z 87 PC: 158ca | Get or set file date and time (See above)
2018-12-25T12:00:20.000210103Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:20.007962525Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:20.018291557Z 26 PC: 15aee | Set disk transfer address (See above)
2018-12-25T12:00:20.021023926Z 78 PC: 15af9 | Find first file (See above)
2018-12-25T12:00:20.02797931Z 26 PC: 15aee | Set disk transfer address (See above)
2018-12-25T12:00:20.029093103Z 78 PC: 15af9 | Find first file (See above)
2018-12-25T12:00:20.039021209Z 37 PC: 159be | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:00:20.040077431Z 73 PC: 15a00 | Release memory
2018-12-25T12:00:20.041333651Z 26 PC: 12aa0 | Set disk transfer address
2018-12-25T12:00:20.042970675Z 42 PC: 12aa7 | Get date 0x12aa7: cmp dl, 1
0x12aaa: je 0x12ab6
0x12aac: cmp dl, 0x15
0x12aaf: je 0x12ab6
0x12ab1: cmp dl, 0x18
0x12ab4: jne 0x12ab9
0x12ab6: call 0x12c07
0x12ab9: push ds
0x12aba: mov ds, word ptr cs:[0x2c]
0x12abf: xor si, si
0x12ac1: lodsb al, byte ptr [si]
0x12ac2: cmp al, 0x50
0x12ac4: jne 0x12ac1
0x12ac6: cmp word ptr [si], 0x5441
0x12aca: jne 0x12ac1
0x12acc: add si, 4
0x12acf: mov cx, 1
0x12ad2: mov bx, word ptr cs:[0x631]
0x12ad7: lodsb al, byte ptr [si]
0x12ad8: cmp al, 0x3b
2018-12-25T12:00:22.243214658Z 26 PC: 12b96 | Set disk transfer address

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":6725,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:00:17.69823271Z 74 PC: 1569b | Reallocate memory
2018-12-25T12:00:17.69970214Z 74 PC: 156a2 | Reallocate memory
2018-12-25T12:00:17.70067656Z 72 PC: 156a9 | Allocate memory
2018-12-25T12:00:17.701931176Z 53 PC: 156ca | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:00:17.703135889Z 37 PC: 156e4 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:00:17.704097133Z 44 PC: 15707 | Get time 0x15707: cmp ch, 0xa
0x1570a: jb 0x15716
0x1570c: cmp ch, 0xb
0x1570f: jae 0x15716
0x15711: or byte ptr [0xc], 1
0x15716: mov ah, 0x2a
0x15718: int 0x21
0x1571a: cmp al, 5
0x1571c: jne 0x15723
0x1571e: or byte ptr [0xc], 0x10
0x15723: mov al, dh
0x15725: sub al, byte ptr cs:[0x105]
0x1572a: je 0x15737
0x1572c: cmp al, 1
0x1572e: ja 0x1573e
0x15730: cmp byte ptr cs:[0x104], dl
0x15735: jbe 0x1573e
0x15737: cmp byte ptr cs:[0x106], cl
0x1573c: je 0x15743
0x1573e: or byte ptr [0xc], 0x20
2018-12-25T12:00:17.70552393Z 42 PC: 1571a | Get date 0x1571a: cmp al, 5
0x1571c: jne 0x15723
0x1571e: or byte ptr [0xc], 0x10
0x15723: mov al, dh
0x15725: sub al, byte ptr cs:[0x105]
0x1572a: je 0x15737
0x1572c: cmp al, 1
0x1572e: ja 0x1573e
0x15730: cmp byte ptr cs:[0x104], dl
0x15735: jbe 0x1573e
0x15737: cmp byte ptr cs:[0x106], cl
0x1573c: je 0x15743
0x1573e: or byte ptr [0xc], 0x20
0x15743: mov byte ptr cs:[0x104], dl
0x15748: mov byte ptr cs:[0x105], dh
0x1574d: mov byte ptr cs:[0x106], cl
0x15752: cmp dl, 0xd
0x15755: jne 0x1575c
0x15757: or byte ptr [0xc], 2
0x1575c: mov di, 0x1e
2018-12-25T12:00:17.707239434Z 26 PC: 15aee | Set disk transfer address
2018-12-25T12:00:17.70807882Z 78 PC: 15af9 | Find first file
2018-12-25T12:00:17.712514739Z 67 PC: 15b76 | Get or set file attributes
2018-12-25T12:00:17.718822072Z 67 PC: 15b10 | Get or set file attributes
2018-12-25T12:00:17.741321808Z 61 PC: 157f1 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:00:17.74569817Z 87 PC: 157fd | Get or set file date and time
2018-12-25T12:00:17.746682124Z 63 PC: 15810 | Read file or device (Read 8 bytes on handle 5)
2018-12-25T12:00:17.751113457Z 66 PC: 15829 | Move file pointer
2018-12-25T12:00:17.752128402Z 66 PC: 1585a | Move file pointer
2018-12-25T12:00:17.75302722Z 62 PC: 158cf | Close file
2018-12-25T12:00:17.754652756Z 67 PC: 15b6d | Get or set file attributes
2018-12-25T12:00:17.765582993Z 26 PC: 15b19 | Set disk transfer address
2018-12-25T12:00:17.766625545Z 79 PC: 15b24 | Find next file
2018-12-25T12:00:17.769831195Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:17.776056531Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:17.788267219Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:17.801861726Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:17.803640908Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:17.810600564Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:17.812281829Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:17.81366127Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:17.815443377Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:17.826668588Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:17.828134965Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:17.830533103Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:17.834346582Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:17.841362894Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:17.849388448Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:17.850873351Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:17.859009194Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:17.860703154Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:17.8624064Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:17.866233182Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:17.879056668Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:17.880145578Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:17.883391309Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:17.889799537Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:17.900948205Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:17.908836188Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:17.910746393Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:17.91785331Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:17.919293153Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:17.921006846Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:17.923038792Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:17.934788042Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:17.936313337Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:17.939178527Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:17.945874743Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:17.957077418Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:17.964656108Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:17.966149833Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:17.973860486Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:17.975648778Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:17.9772818Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:17.980737216Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:18.004101591Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:18.005100352Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:18.008594489Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:18.014903835Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:18.026696386Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:18.034807735Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:18.036450998Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:18.043833297Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:18.046149441Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:18.048192138Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:18.050477987Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:18.062233931Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:18.064211061Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:18.067911473Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:18.074147703Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:18.085896389Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:18.093538928Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:18.095028159Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:18.104673832Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:18.107458564Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:18.109065034Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:18.111214219Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:18.118077865Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:18.11909019Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:18.122396087Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:18.128794621Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:18.140046399Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:18.147785194Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:18.149447326Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:18.156525502Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:18.158754533Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:18.161004572Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:18.181182485Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:18.183383793Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:18.186151367Z 26 PC: 15aee | Set disk transfer address (See above)
2018-12-25T12:00:18.187284246Z 78 PC: 15af9 | Find first file (See above)
2018-12-25T12:00:18.197586875Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:18.205091249Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.27760762Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.285793019Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.287310354Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.384239237Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.386571902Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:19.388373642Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.390263169Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.578979842Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.580754355Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:19.584909358Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.592983328Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.604181887Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.612031183Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.615540273Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.622406716Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.624325237Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:19.626900701Z 64 PC: 15877 | Write file or device (Write 8 bytes on handle 5)
2018-12-25T12:00:19.635132688Z 64 PC: 1588b | Write file or device (Write 1319 bytes on handle 5)
2018-12-25T12:00:19.647228355Z 66 PC: 158a2 | Move file pointer
2018-12-25T12:00:19.649243792Z 64 PC: 158b6 | Write file or device (Write 8 bytes on handle 5)
2018-12-25T12:00:19.652788838Z 87 PC: 158ca | Get or set file date and time
2018-12-25T12:00:19.654538Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.662588103Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.675770741Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.67834154Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:19.686778307Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.694475277Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.706123704Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.714236228Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.716855213Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.72311616Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.725122713Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:19.728116839Z 64 PC: 15877 | Write file or device (See above)
2018-12-25T12:00:19.735319632Z 64 PC: 1588b | Write file or device (See above)
2018-12-25T12:00:19.749049181Z 66 PC: 158a2 | Move file pointer (See above)
2018-12-25T12:00:19.75213268Z 64 PC: 158b6 | Write file or device (See above)
2018-12-25T12:00:19.755218569Z 87 PC: 158ca | Get or set file date and time (See above)
2018-12-25T12:00:19.757114689Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.765652231Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.943715265Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.945121047Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:19.952829397Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.959652863Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:20.232590663Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:20.241928984Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:20.243387745Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:20.249358485Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:20.251310151Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:20.253154736Z 64 PC: 15877 | Write file or device (See above)
2018-12-25T12:00:20.260325866Z 64 PC: 1588b | Write file or device (See above)
2018-12-25T12:00:20.406343144Z 66 PC: 158a2 | Move file pointer (See above)
2018-12-25T12:00:20.40784629Z 64 PC: 158b6 | Write file or device (See above)
2018-12-25T12:00:20.411252913Z 87 PC: 158ca | Get or set file date and time (See above)
2018-12-25T12:00:20.413704412Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:20.709365133Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:20.776606532Z 26 PC: 15aee | Set disk transfer address (See above)
2018-12-25T12:00:20.77861321Z 78 PC: 15af9 | Find first file (See above)
2018-12-25T12:00:20.786211206Z 26 PC: 15aee | Set disk transfer address (See above)
2018-12-25T12:00:20.787405845Z 78 PC: 15af9 | Find first file (See above)
2018-12-25T12:00:20.79788916Z 37 PC: 159be | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:00:20.799530428Z 73 PC: 15a00 | Release memory
2018-12-25T12:00:20.801144124Z 26 PC: 12aa0 | Set disk transfer address
2018-12-25T12:00:20.803087223Z 42 PC: 12aa7 | Get date 0x12aa7: cmp dl, 1
0x12aaa: je 0x12ab6
0x12aac: cmp dl, 0x15
0x12aaf: je 0x12ab6
0x12ab1: cmp dl, 0x18
0x12ab4: jne 0x12ab9
0x12ab6: call 0x12c07
0x12ab9: push ds
0x12aba: mov ds, word ptr cs:[0x2c]
0x12abf: xor si, si
0x12ac1: lodsb al, byte ptr [si]
0x12ac2: cmp al, 0x50
0x12ac4: jne 0x12ac1
0x12ac6: cmp word ptr [si], 0x5441
0x12aca: jne 0x12ac1
0x12acc: add si, 4
0x12acf: mov cx, 1
0x12ad2: mov bx, word ptr cs:[0x631]
0x12ad7: lodsb al, byte ptr [si]
0x12ad8: cmp al, 0x3b
2018-12-25T12:00:23.262573803Z 26 PC: 12b96 | Set disk transfer address

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":6725,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:00:17.814670972Z 74 PC: 1569b | Reallocate memory
2018-12-25T12:00:17.81634026Z 74 PC: 156a2 | Reallocate memory
2018-12-25T12:00:17.817769918Z 72 PC: 156a9 | Allocate memory
2018-12-25T12:00:17.819177882Z 53 PC: 156ca | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:00:17.820705454Z 37 PC: 156e4 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:00:17.821965771Z 44 PC: 15707 | Get time 0x15707: cmp ch, 0xa
0x1570a: jb 0x15716
0x1570c: cmp ch, 0xb
0x1570f: jae 0x15716
0x15711: or byte ptr [0xc], 1
0x15716: mov ah, 0x2a
0x15718: int 0x21
0x1571a: cmp al, 5
0x1571c: jne 0x15723
0x1571e: or byte ptr [0xc], 0x10
0x15723: mov al, dh
0x15725: sub al, byte ptr cs:[0x105]
0x1572a: je 0x15737
0x1572c: cmp al, 1
0x1572e: ja 0x1573e
0x15730: cmp byte ptr cs:[0x104], dl
0x15735: jbe 0x1573e
0x15737: cmp byte ptr cs:[0x106], cl
0x1573c: je 0x15743
0x1573e: or byte ptr [0xc], 0x20
2018-12-25T12:00:17.824031487Z 42 PC: 1571a | Get date 0x1571a: cmp al, 5
0x1571c: jne 0x15723
0x1571e: or byte ptr [0xc], 0x10
0x15723: mov al, dh
0x15725: sub al, byte ptr cs:[0x105]
0x1572a: je 0x15737
0x1572c: cmp al, 1
0x1572e: ja 0x1573e
0x15730: cmp byte ptr cs:[0x104], dl
0x15735: jbe 0x1573e
0x15737: cmp byte ptr cs:[0x106], cl
0x1573c: je 0x15743
0x1573e: or byte ptr [0xc], 0x20
0x15743: mov byte ptr cs:[0x104], dl
0x15748: mov byte ptr cs:[0x105], dh
0x1574d: mov byte ptr cs:[0x106], cl
0x15752: cmp dl, 0xd
0x15755: jne 0x1575c
0x15757: or byte ptr [0xc], 2
0x1575c: mov di, 0x1e
2018-12-25T12:00:17.826718181Z 26 PC: 15aee | Set disk transfer address
2018-12-25T12:00:17.827756508Z 78 PC: 15af9 | Find first file
2018-12-25T12:00:17.833615334Z 67 PC: 15b76 | Get or set file attributes
2018-12-25T12:00:17.839755391Z 67 PC: 15b10 | Get or set file attributes
2018-12-25T12:00:18.515643994Z 61 PC: 157f1 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:00:18.522112255Z 87 PC: 157fd | Get or set file date and time
2018-12-25T12:00:18.524330647Z 63 PC: 15810 | Read file or device (Read 8 bytes on handle 5)
2018-12-25T12:00:18.531381488Z 66 PC: 15829 | Move file pointer
2018-12-25T12:00:18.5328379Z 66 PC: 1585a | Move file pointer
2018-12-25T12:00:18.534531497Z 62 PC: 158cf | Close file
2018-12-25T12:00:18.537107868Z 67 PC: 15b6d | Get or set file attributes
2018-12-25T12:00:18.54716282Z 26 PC: 15b19 | Set disk transfer address
2018-12-25T12:00:18.548621088Z 79 PC: 15b24 | Find next file
2018-12-25T12:00:18.551649481Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:18.557223608Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:18.715752124Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:18.728256133Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:18.729988223Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:18.736547922Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:18.738774347Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:18.740149051Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:18.741819791Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:18.948727814Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:18.950542591Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:18.953294766Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:18.961082496Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.183075896Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.189632136Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.191557931Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.196559869Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.197831913Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:19.199632843Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.201400256Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.230289223Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.235676579Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:19.238359292Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.244082604Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.254711771Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.261446665Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.262955977Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.270742791Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.272587935Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:19.274410079Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.277347075Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.296779776Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.297850032Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:19.301220117Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.307374461Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.318144315Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.326024238Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.328216763Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.334858584Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.337350001Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:19.339578766Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.341626582Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.352296014Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.354731508Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:19.357649612Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.363486692Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.715486308Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.72738392Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.72864362Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.735558329Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.736902349Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:19.738113767Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.740028146Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.8637776Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.864821341Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:19.868047672Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.874879187Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.924627674Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.932666389Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.934380393Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.940913538Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.944433808Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:19.945757453Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.947400129Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.998640964Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.999963854Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:20.002559703Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:20.00890424Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:20.018834577Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:20.025448089Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:20.027486844Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:20.033834825Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:20.03530772Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:20.038365888Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:20.049388354Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:20.050789922Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:20.055780426Z 26 PC: 15aee | Set disk transfer address (See above)
2018-12-25T12:00:20.056974026Z 78 PC: 15af9 | Find first file (See above)
2018-12-25T12:00:20.06854707Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:20.075267335Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:20.710058203Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:20.717218802Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:20.719690682Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:20.725731121Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:20.72707773Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:20.728687737Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:20.730610082Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:20.74011649Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:20.741293337Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:20.745396717Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:20.751640493Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:20.761585328Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:20.769279438Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:20.770500414Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:20.775752377Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:20.777172685Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:20.778767738Z 64 PC: 15877 | Write file or device (Write 8 bytes on handle 5)
2018-12-25T12:00:20.784670666Z 64 PC: 1588b | Write file or device (Write 1319 bytes on handle 5)
2018-12-25T12:00:20.935878305Z 66 PC: 158a2 | Move file pointer
2018-12-25T12:00:20.937206506Z 64 PC: 158b6 | Write file or device (Write 8 bytes on handle 5)
2018-12-25T12:00:20.93993057Z 87 PC: 158ca | Get or set file date and time
2018-12-25T12:00:20.942147041Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:21.114840681Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:21.125590105Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:21.127790929Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:21.130783378Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:21.136662655Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:21.146766832Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:21.154211636Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:21.155884895Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:21.162397677Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:21.163720258Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:21.165045524Z 64 PC: 15877 | Write file or device (See above)
2018-12-25T12:00:21.171667921Z 64 PC: 1588b | Write file or device (See above)
2018-12-25T12:00:21.181118515Z 66 PC: 158a2 | Move file pointer (See above)
2018-12-25T12:00:21.182698165Z 64 PC: 158b6 | Write file or device (See above)
2018-12-25T12:00:21.18747602Z 87 PC: 158ca | Get or set file date and time (See above)
2018-12-25T12:00:21.189165524Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:21.196108143Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:21.20680842Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:21.208067286Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:21.214167441Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:21.220627838Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:21.23048802Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:21.237662659Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:21.240188012Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:21.245939959Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:21.247594974Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:21.249765714Z 64 PC: 15877 | Write file or device (See above)
2018-12-25T12:00:21.256750451Z 64 PC: 1588b | Write file or device (See above)
2018-12-25T12:00:21.264840482Z 66 PC: 158a2 | Move file pointer (See above)
2018-12-25T12:00:21.267237861Z 64 PC: 158b6 | Write file or device (See above)
2018-12-25T12:00:21.270174073Z 87 PC: 158ca | Get or set file date and time (See above)
2018-12-25T12:00:21.271836148Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:21.279433217Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:21.289141633Z 26 PC: 15aee | Set disk transfer address (See above)
2018-12-25T12:00:21.290382194Z 78 PC: 15af9 | Find first file (See above)
2018-12-25T12:00:21.297126805Z 26 PC: 15aee | Set disk transfer address (See above)
2018-12-25T12:00:21.298127432Z 78 PC: 15af9 | Find first file (See above)
2018-12-25T12:00:21.306828058Z 37 PC: 159be | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:00:21.308883209Z 73 PC: 15a00 | Release memory
2018-12-25T12:00:21.310246378Z 26 PC: 12aa0 | Set disk transfer address
2018-12-25T12:00:21.311880062Z 42 PC: 12aa7 | Get date 0x12aa7: cmp dl, 1
0x12aaa: je 0x12ab6
0x12aac: cmp dl, 0x15
0x12aaf: je 0x12ab6
0x12ab1: cmp dl, 0x18
0x12ab4: jne 0x12ab9
0x12ab6: call 0x12c07
0x12ab9: push ds
0x12aba: mov ds, word ptr cs:[0x2c]
0x12abf: xor si, si
0x12ac1: lodsb al, byte ptr [si]
0x12ac2: cmp al, 0x50
0x12ac4: jne 0x12ac1
0x12ac6: cmp word ptr [si], 0x5441
0x12aca: jne 0x12ac1
0x12acc: add si, 4
0x12acf: mov cx, 1
0x12ad2: mov bx, word ptr cs:[0x631]
0x12ad7: lodsb al, byte ptr [si]
0x12ad8: cmp al, 0x3b
2018-12-25T12:00:23.34741815Z 26 PC: 12b96 | Set disk transfer address

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":10,"Min":0,"Second":0,"TimeBased":true,"OriginalID":6725,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:00:18.028281592Z 74 PC: 1569b | Reallocate memory
2018-12-25T12:00:18.031405077Z 74 PC: 156a2 | Reallocate memory
2018-12-25T12:00:18.033218301Z 72 PC: 156a9 | Allocate memory
2018-12-25T12:00:18.035128394Z 53 PC: 156ca | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:00:18.037641754Z 37 PC: 156e4 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:00:18.041582545Z 44 PC: 15707 | Get time 0x15707: cmp ch, 0xa
0x1570a: jb 0x15716
0x1570c: cmp ch, 0xb
0x1570f: jae 0x15716
0x15711: or byte ptr [0xc], 1
0x15716: mov ah, 0x2a
0x15718: int 0x21
0x1571a: cmp al, 5
0x1571c: jne 0x15723
0x1571e: or byte ptr [0xc], 0x10
0x15723: mov al, dh
0x15725: sub al, byte ptr cs:[0x105]
0x1572a: je 0x15737
0x1572c: cmp al, 1
0x1572e: ja 0x1573e
0x15730: cmp byte ptr cs:[0x104], dl
0x15735: jbe 0x1573e
0x15737: cmp byte ptr cs:[0x106], cl
0x1573c: je 0x15743
0x1573e: or byte ptr [0xc], 0x20
2018-12-25T12:00:18.046445608Z 42 PC: 1571a | Get date 0x1571a: cmp al, 5
0x1571c: jne 0x15723
0x1571e: or byte ptr [0xc], 0x10
0x15723: mov al, dh
0x15725: sub al, byte ptr cs:[0x105]
0x1572a: je 0x15737
0x1572c: cmp al, 1
0x1572e: ja 0x1573e
0x15730: cmp byte ptr cs:[0x104], dl
0x15735: jbe 0x1573e
0x15737: cmp byte ptr cs:[0x106], cl
0x1573c: je 0x15743
0x1573e: or byte ptr [0xc], 0x20
0x15743: mov byte ptr cs:[0x104], dl
0x15748: mov byte ptr cs:[0x105], dh
0x1574d: mov byte ptr cs:[0x106], cl
0x15752: cmp dl, 0xd
0x15755: jne 0x1575c
0x15757: or byte ptr [0xc], 2
0x1575c: mov di, 0x1e
2018-12-25T12:00:18.049159138Z 26 PC: 15aee | Set disk transfer address
2018-12-25T12:00:18.053614308Z 78 PC: 15af9 | Find first file
2018-12-25T12:00:18.06147666Z 67 PC: 15b76 | Get or set file attributes
2018-12-25T12:00:18.069266093Z 67 PC: 15b10 | Get or set file attributes
2018-12-25T12:00:18.087243584Z 61 PC: 157f1 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:00:18.095450248Z 87 PC: 157fd | Get or set file date and time
2018-12-25T12:00:18.097014718Z 63 PC: 15810 | Read file or device (Read 8 bytes on handle 5)
2018-12-25T12:00:18.105481874Z 66 PC: 15829 | Move file pointer
2018-12-25T12:00:18.107637101Z 66 PC: 1585a | Move file pointer
2018-12-25T12:00:18.109502484Z 62 PC: 158cf | Close file
2018-12-25T12:00:18.112990864Z 67 PC: 15b6d | Get or set file attributes
2018-12-25T12:00:18.123809628Z 26 PC: 15b19 | Set disk transfer address
2018-12-25T12:00:18.125104986Z 79 PC: 15b24 | Find next file
2018-12-25T12:00:18.1286387Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:18.134805068Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:18.149965187Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:18.154558166Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:18.158904997Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:18.173176991Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:18.177717919Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:18.183769253Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:18.187567463Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:18.198708121Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:18.200321187Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:18.203197168Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:18.209415599Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:18.32014859Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:18.328282037Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:18.329799117Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:18.337276271Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:18.338769645Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:18.340312836Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:18.343077226Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:18.468724061Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:18.47012854Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:18.474419151Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:18.480912298Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:18.674503319Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:18.68527751Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:18.686644916Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:18.691682567Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:18.693604437Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:18.69522918Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:18.697064502Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.063836962Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.065210783Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:19.068139805Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.074889599Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.176125989Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.183182199Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.184543404Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.191006387Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.193311978Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:19.194799622Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.198215406Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.297925312Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.299678031Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:19.303502793Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.309789288Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.578379558Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.586909462Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.58945912Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.602583585Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.608124814Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:19.61005387Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.613100438Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.625310016Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.627379751Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:19.630870832Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.636356778Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.64842601Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.657284727Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.659380746Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.668941783Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.671588926Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:19.673956755Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.67771162Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.689282331Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.690387021Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:19.694095021Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.698994534Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.705769986Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.710943301Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.712671928Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.714677777Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.716538753Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.718114622Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.727867372Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.730474971Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:19.735019983Z 26 PC: 15aee | Set disk transfer address (See above)
2018-12-25T12:00:19.736676558Z 78 PC: 15af9 | Find first file (See above)
2018-12-25T12:00:19.747829366Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.75536459Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:21.463663006Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:21.471602776Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:21.479571145Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:21.486523052Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:21.488838676Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:21.492237014Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:21.49567526Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:21.586156831Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:21.58908301Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:21.594156276Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:21.601661234Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:21.766959759Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:21.775350206Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:21.777381314Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:21.783757722Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:21.786015869Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:21.788138449Z 64 PC: 15877 | Write file or device (Write 8 bytes on handle 5)
2018-12-25T12:00:21.794982585Z 64 PC: 1588b | Write file or device (Write 1319 bytes on handle 5)
2018-12-25T12:00:21.804760504Z 66 PC: 158a2 | Move file pointer
2018-12-25T12:00:21.807273739Z 64 PC: 158b6 | Write file or device (Write 8 bytes on handle 5)
2018-12-25T12:00:21.81139598Z 87 PC: 158ca | Get or set file date and time
2018-12-25T12:00:21.814349853Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:21.822866102Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:21.834043078Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:21.83578125Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:21.839459249Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:21.846763937Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:21.85815401Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:21.86673372Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:21.868414639Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:21.874927136Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:21.876409045Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:21.877862683Z 64 PC: 15877 | Write file or device (See above)
2018-12-25T12:00:21.883408597Z 64 PC: 1588b | Write file or device (See above)
2018-12-25T12:00:21.891747028Z 66 PC: 158a2 | Move file pointer (See above)
2018-12-25T12:00:21.893243039Z 64 PC: 158b6 | Write file or device (See above)
2018-12-25T12:00:21.895659545Z 87 PC: 158ca | Get or set file date and time (See above)
2018-12-25T12:00:21.896982701Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:21.902646074Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:21.913325039Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:21.914443914Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:21.921225403Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:21.928555676Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:21.935979918Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:21.940761449Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:21.942831998Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:21.949297304Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:21.951296332Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:21.95380486Z 64 PC: 15877 | Write file or device (See above)
2018-12-25T12:00:21.960741782Z 64 PC: 1588b | Write file or device (See above)
2018-12-25T12:00:21.969595937Z 66 PC: 158a2 | Move file pointer (See above)
2018-12-25T12:00:21.971703079Z 64 PC: 158b6 | Write file or device (See above)
2018-12-25T12:00:21.974751146Z 87 PC: 158ca | Get or set file date and time (See above)
2018-12-25T12:00:21.976337709Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:21.984731425Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:21.996714645Z 26 PC: 15aee | Set disk transfer address (See above)
2018-12-25T12:00:21.998413501Z 78 PC: 15af9 | Find first file (See above)
2018-12-25T12:00:22.006178942Z 26 PC: 15aee | Set disk transfer address (See above)
2018-12-25T12:00:22.007690052Z 78 PC: 15af9 | Find first file (See above)
2018-12-25T12:00:22.018299192Z 37 PC: 159be | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:00:22.021006221Z 9 PC: 159e7 | Display string (Could not find end pointer)
2018-12-25T12:00:22.025477054Z 73 PC: 159eb | Release memory
2018-12-25T12:00:22.027264676Z 76 PC: 159f0 | Terminate with return code (Return code = '255')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":10,"Min":0,"Second":0,"TimeBased":true,"OriginalID":6725,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:00:18.022551545Z 74 PC: 1569b | Reallocate memory
2018-12-25T12:00:18.025123757Z 74 PC: 156a2 | Reallocate memory
2018-12-25T12:00:18.026613146Z 72 PC: 156a9 | Allocate memory
2018-12-25T12:00:18.028457424Z 53 PC: 156ca | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:00:18.032055134Z 37 PC: 156e4 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:00:18.033440502Z 44 PC: 15707 | Get time 0x15707: cmp ch, 0xa
0x1570a: jb 0x15716
0x1570c: cmp ch, 0xb
0x1570f: jae 0x15716
0x15711: or byte ptr [0xc], 1
0x15716: mov ah, 0x2a
0x15718: int 0x21
0x1571a: cmp al, 5
0x1571c: jne 0x15723
0x1571e: or byte ptr [0xc], 0x10
0x15723: mov al, dh
0x15725: sub al, byte ptr cs:[0x105]
0x1572a: je 0x15737
0x1572c: cmp al, 1
0x1572e: ja 0x1573e
0x15730: cmp byte ptr cs:[0x104], dl
0x15735: jbe 0x1573e
0x15737: cmp byte ptr cs:[0x106], cl
0x1573c: je 0x15743
0x1573e: or byte ptr [0xc], 0x20
2018-12-25T12:00:18.036558266Z 42 PC: 1571a | Get date 0x1571a: cmp al, 5
0x1571c: jne 0x15723
0x1571e: or byte ptr [0xc], 0x10
0x15723: mov al, dh
0x15725: sub al, byte ptr cs:[0x105]
0x1572a: je 0x15737
0x1572c: cmp al, 1
0x1572e: ja 0x1573e
0x15730: cmp byte ptr cs:[0x104], dl
0x15735: jbe 0x1573e
0x15737: cmp byte ptr cs:[0x106], cl
0x1573c: je 0x15743
0x1573e: or byte ptr [0xc], 0x20
0x15743: mov byte ptr cs:[0x104], dl
0x15748: mov byte ptr cs:[0x105], dh
0x1574d: mov byte ptr cs:[0x106], cl
0x15752: cmp dl, 0xd
0x15755: jne 0x1575c
0x15757: or byte ptr [0xc], 2
0x1575c: mov di, 0x1e
2018-12-25T12:00:18.040073784Z 26 PC: 15aee | Set disk transfer address
2018-12-25T12:00:18.041922585Z 78 PC: 15af9 | Find first file
2018-12-25T12:00:18.050262396Z 67 PC: 15b76 | Get or set file attributes
2018-12-25T12:00:18.056638388Z 67 PC: 15b10 | Get or set file attributes
2018-12-25T12:00:18.075733751Z 61 PC: 157f1 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:00:18.082764835Z 87 PC: 157fd | Get or set file date and time
2018-12-25T12:00:18.084181053Z 63 PC: 15810 | Read file or device (Read 8 bytes on handle 5)
2018-12-25T12:00:18.095866882Z 66 PC: 15829 | Move file pointer
2018-12-25T12:00:18.100496856Z 66 PC: 1585a | Move file pointer
2018-12-25T12:00:18.102602426Z 62 PC: 158cf | Close file
2018-12-25T12:00:18.105684093Z 67 PC: 15b6d | Get or set file attributes
2018-12-25T12:00:18.116970365Z 26 PC: 15b19 | Set disk transfer address
2018-12-25T12:00:18.118168699Z 79 PC: 15b24 | Find next file
2018-12-25T12:00:18.121821257Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:18.12848908Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:18.139221921Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:18.144274622Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:18.145882938Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:18.158008886Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:18.160406592Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:18.162343872Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:18.165556963Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:18.177784184Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:18.179577001Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:18.182746369Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:18.188932614Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:18.204233687Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:18.212242775Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:18.21433225Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:18.222472975Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:18.224355451Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:18.226022212Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:18.232331655Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:18.365554481Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:18.368673634Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:18.37229449Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:18.378535105Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:18.46776895Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:18.47485456Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:18.47719791Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:18.485176233Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:18.487364387Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:18.490190863Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:18.492523899Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:18.673880141Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:18.676541647Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:18.68040017Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:18.686767355Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.069188936Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.077320134Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.079320221Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.087372401Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.088948707Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:19.090513039Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.092687651Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.194726708Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.195684784Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:19.198247529Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.211217262Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.297951888Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.305920714Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.309005353Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.384107199Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.38579735Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:19.388069437Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.390162597Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.578594935Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.580930141Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:19.584486236Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.60253971Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.626843515Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.646512677Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.648190709Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.656168541Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.659256193Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:19.661411124Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.663877114Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.677432652Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.679247784Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:19.682985751Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.690955687Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.7029506Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.71092566Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.713883801Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.721993821Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.724605116Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.726988067Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.73998191Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.742003277Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:19.74601517Z 26 PC: 15aee | Set disk transfer address (See above)
2018-12-25T12:00:19.749078161Z 78 PC: 15af9 | Find first file (See above)
2018-12-25T12:00:19.760019792Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.768624307Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:21.464913276Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:21.473140436Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:21.474785008Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:21.48222139Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:21.484218465Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:21.486208151Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:21.489345368Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:21.586063043Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:21.587757902Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:21.591930146Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:21.600247614Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:21.688752911Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:21.696989839Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:21.700143494Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:21.767840076Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:21.775355592Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:21.777558447Z 64 PC: 15877 | Write file or device (Write 8 bytes on handle 5)
2018-12-25T12:00:21.785903808Z 64 PC: 1588b | Write file or device (Write 1319 bytes on handle 5)
2018-12-25T12:00:21.794629841Z 66 PC: 158a2 | Move file pointer
2018-12-25T12:00:21.797477619Z 64 PC: 158b6 | Write file or device (Write 8 bytes on handle 5)
2018-12-25T12:00:21.801125094Z 87 PC: 158ca | Get or set file date and time
2018-12-25T12:00:21.803227355Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:21.813768133Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:21.824525717Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:21.825932145Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:21.829141832Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:21.83322184Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:21.840152626Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:21.84631368Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:21.847871783Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:21.854331832Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:21.857323108Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:21.859123101Z 64 PC: 15877 | Write file or device (See above)
2018-12-25T12:00:21.866037521Z 64 PC: 1588b | Write file or device (See above)
2018-12-25T12:00:21.881137192Z 66 PC: 158a2 | Move file pointer (See above)
2018-12-25T12:00:21.883573871Z 64 PC: 158b6 | Write file or device (See above)
2018-12-25T12:00:21.887160087Z 87 PC: 158ca | Get or set file date and time (See above)
2018-12-25T12:00:21.889567645Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:21.898259664Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:21.90916771Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:21.910536497Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:21.918418164Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:21.925337522Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:21.932259134Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:21.941841771Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:21.94378116Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:21.950092752Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:21.953055181Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:21.954707772Z 64 PC: 15877 | Write file or device (See above)
2018-12-25T12:00:21.961669792Z 64 PC: 1588b | Write file or device (See above)
2018-12-25T12:00:21.971144936Z 66 PC: 158a2 | Move file pointer (See above)
2018-12-25T12:00:21.97315776Z 64 PC: 158b6 | Write file or device (See above)
2018-12-25T12:00:21.976289286Z 87 PC: 158ca | Get or set file date and time (See above)
2018-12-25T12:00:21.978262557Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:21.986378086Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:21.997717917Z 26 PC: 15aee | Set disk transfer address (See above)
2018-12-25T12:00:21.99978911Z 78 PC: 15af9 | Find first file (See above)
2018-12-25T12:00:22.007365141Z 26 PC: 15aee | Set disk transfer address (See above)
2018-12-25T12:00:22.008600766Z 78 PC: 15af9 | Find first file (See above)
2018-12-25T12:00:22.032154532Z 37 PC: 159be | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:00:22.033651719Z 9 PC: 159e7 | Display string (Could not find end pointer)
2018-12-25T12:00:22.038627881Z 73 PC: 159eb | Release memory
2018-12-25T12:00:22.040537064Z 76 PC: 159f0 | Terminate with return code (Return code = '255')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":10,"Min":0,"Second":0,"TimeBased":true,"OriginalID":6725,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:00:18.098511023Z 74 PC: 1569b | Reallocate memory
2018-12-25T12:00:18.099861856Z 74 PC: 156a2 | Reallocate memory
2018-12-25T12:00:18.100716094Z 72 PC: 156a9 | Allocate memory
2018-12-25T12:00:18.101613034Z 53 PC: 156ca | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:00:18.102847567Z 37 PC: 156e4 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:00:18.103848377Z 44 PC: 15707 | Get time 0x15707: cmp ch, 0xa
0x1570a: jb 0x15716
0x1570c: cmp ch, 0xb
0x1570f: jae 0x15716
0x15711: or byte ptr [0xc], 1
0x15716: mov ah, 0x2a
0x15718: int 0x21
0x1571a: cmp al, 5
0x1571c: jne 0x15723
0x1571e: or byte ptr [0xc], 0x10
0x15723: mov al, dh
0x15725: sub al, byte ptr cs:[0x105]
0x1572a: je 0x15737
0x1572c: cmp al, 1
0x1572e: ja 0x1573e
0x15730: cmp byte ptr cs:[0x104], dl
0x15735: jbe 0x1573e
0x15737: cmp byte ptr cs:[0x106], cl
0x1573c: je 0x15743
0x1573e: or byte ptr [0xc], 0x20
2018-12-25T12:00:18.106381277Z 42 PC: 1571a | Get date 0x1571a: cmp al, 5
0x1571c: jne 0x15723
0x1571e: or byte ptr [0xc], 0x10
0x15723: mov al, dh
0x15725: sub al, byte ptr cs:[0x105]
0x1572a: je 0x15737
0x1572c: cmp al, 1
0x1572e: ja 0x1573e
0x15730: cmp byte ptr cs:[0x104], dl
0x15735: jbe 0x1573e
0x15737: cmp byte ptr cs:[0x106], cl
0x1573c: je 0x15743
0x1573e: or byte ptr [0xc], 0x20
0x15743: mov byte ptr cs:[0x104], dl
0x15748: mov byte ptr cs:[0x105], dh
0x1574d: mov byte ptr cs:[0x106], cl
0x15752: cmp dl, 0xd
0x15755: jne 0x1575c
0x15757: or byte ptr [0xc], 2
0x1575c: mov di, 0x1e
2018-12-25T12:00:18.108786797Z 26 PC: 15aee | Set disk transfer address
2018-12-25T12:00:18.109662141Z 78 PC: 15af9 | Find first file
2018-12-25T12:00:18.115228792Z 67 PC: 15b76 | Get or set file attributes
2018-12-25T12:00:18.120949232Z 67 PC: 15b10 | Get or set file attributes
2018-12-25T12:00:18.51622125Z 61 PC: 157f1 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:00:18.523133818Z 87 PC: 157fd | Get or set file date and time
2018-12-25T12:00:18.543746766Z 63 PC: 15810 | Read file or device (Read 8 bytes on handle 5)
2018-12-25T12:00:18.550529412Z 66 PC: 15829 | Move file pointer
2018-12-25T12:00:18.552157632Z 66 PC: 1585a | Move file pointer
2018-12-25T12:00:18.554917399Z 62 PC: 158cf | Close file
2018-12-25T12:00:18.557373516Z 67 PC: 15b6d | Get or set file attributes
2018-12-25T12:00:18.694789629Z 26 PC: 15b19 | Set disk transfer address
2018-12-25T12:00:18.696524259Z 79 PC: 15b24 | Find next file
2018-12-25T12:00:18.699223992Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:18.703055289Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:18.951552079Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:18.958063407Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:18.959468234Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.005978411Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.007327104Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:19.008669115Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.010715359Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.229394425Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.23100595Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:19.235112993Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.244064087Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.253878561Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.261746515Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.263218199Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.270246361Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.271975344Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:19.273924548Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.276169292Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.288298121Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.289536697Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:19.29356847Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.305153622Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.317183111Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.325123617Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.326797038Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.334680061Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.336357661Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:19.338044342Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.341227271Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.352206376Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.353563772Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:19.357373907Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.363655511Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.998504799Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:20.006101792Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:20.007579114Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:20.01440503Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:20.016970676Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:20.019266549Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:20.021279985Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:20.031545549Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:20.033846773Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:20.036795441Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:20.047570473Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:20.296881881Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:20.303861755Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:20.305491599Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:20.312878058Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:20.314557108Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:20.316215625Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:20.318742415Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:20.449526736Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:20.451161754Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:20.45540579Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:20.461596111Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:20.570452499Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:20.580534962Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:20.582030394Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:20.588478951Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:20.590796891Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:20.592124123Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:20.593750012Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:20.711248959Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:20.712256822Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:20.714185856Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:20.71820475Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:20.724901377Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:20.73200196Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:20.733821349Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:20.740655111Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:20.742170648Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:20.744323646Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:20.754426107Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:20.755849429Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:20.759072242Z 26 PC: 15aee | Set disk transfer address (See above)
2018-12-25T12:00:20.76049398Z 78 PC: 15af9 | Find first file (See above)
2018-12-25T12:00:20.769332784Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:20.775911457Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:21.115339793Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:21.122278435Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:21.124680723Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:21.130799158Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:21.132139459Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:21.133932206Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:21.137188041Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:21.147095455Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:21.148486059Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:21.153057379Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:21.159387695Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:21.169060238Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:21.178931595Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:21.180250644Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:21.185652992Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:21.187288353Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:21.189293424Z 64 PC: 15877 | Write file or device (Write 8 bytes on handle 5)
2018-12-25T12:00:21.195196202Z 64 PC: 1588b | Write file or device (Write 1319 bytes on handle 5)
2018-12-25T12:00:21.202882724Z 66 PC: 158a2 | Move file pointer
2018-12-25T12:00:21.204437012Z 64 PC: 158b6 | Write file or device (Write 8 bytes on handle 5)
2018-12-25T12:00:21.207545711Z 87 PC: 158ca | Get or set file date and time
2018-12-25T12:00:21.209914671Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:21.217074871Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:21.227070459Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:21.228663917Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:21.231551835Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:21.237253551Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:21.247000349Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:21.253810712Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:21.255053246Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:21.260617894Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:21.261788742Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:21.263007852Z 64 PC: 15877 | Write file or device (See above)
2018-12-25T12:00:21.27073019Z 64 PC: 1588b | Write file or device (See above)
2018-12-25T12:00:21.280015814Z 66 PC: 158a2 | Move file pointer (See above)
2018-12-25T12:00:21.281255109Z 64 PC: 158b6 | Write file or device (See above)
2018-12-25T12:00:21.284478667Z 87 PC: 158ca | Get or set file date and time (See above)
2018-12-25T12:00:21.286080052Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:21.293559121Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:21.303862451Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:21.304838412Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:21.310663942Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:21.316929394Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:21.326468404Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:21.33388608Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:21.335375185Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:21.340700025Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:21.342270644Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:21.344428039Z 64 PC: 15877 | Write file or device (See above)
2018-12-25T12:00:21.350496377Z 64 PC: 1588b | Write file or device (See above)
2018-12-25T12:00:21.358446364Z 66 PC: 158a2 | Move file pointer (See above)
2018-12-25T12:00:21.360525997Z 64 PC: 158b6 | Write file or device (See above)
2018-12-25T12:00:21.363135799Z 87 PC: 158ca | Get or set file date and time (See above)
2018-12-25T12:00:21.364612336Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:21.372893431Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:21.382922331Z 26 PC: 15aee | Set disk transfer address (See above)
2018-12-25T12:00:21.385536505Z 78 PC: 15af9 | Find first file (See above)
2018-12-25T12:00:21.391764534Z 26 PC: 15aee | Set disk transfer address (See above)
2018-12-25T12:00:21.393130358Z 78 PC: 15af9 | Find first file (See above)
2018-12-25T12:00:21.403826321Z 37 PC: 159be | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:00:21.405297753Z 9 PC: 159e7 | Display string (Could not find end pointer)
2018-12-25T12:00:21.40934556Z 73 PC: 159eb | Release memory
2018-12-25T12:00:21.411492192Z 76 PC: 159f0 | Terminate with return code (Return code = '255')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":12,"Min":0,"Second":0,"TimeBased":true,"OriginalID":6725,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:00:18.101331953Z 74 PC: 1569b | Reallocate memory
2018-12-25T12:00:18.103741404Z 74 PC: 156a2 | Reallocate memory
2018-12-25T12:00:18.105435454Z 72 PC: 156a9 | Allocate memory
2018-12-25T12:00:18.10707446Z 53 PC: 156ca | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:00:18.10855119Z 37 PC: 156e4 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:00:18.110090386Z 44 PC: 15707 | Get time 0x15707: cmp ch, 0xa
0x1570a: jb 0x15716
0x1570c: cmp ch, 0xb
0x1570f: jae 0x15716
0x15711: or byte ptr [0xc], 1
0x15716: mov ah, 0x2a
0x15718: int 0x21
0x1571a: cmp al, 5
0x1571c: jne 0x15723
0x1571e: or byte ptr [0xc], 0x10
0x15723: mov al, dh
0x15725: sub al, byte ptr cs:[0x105]
0x1572a: je 0x15737
0x1572c: cmp al, 1
0x1572e: ja 0x1573e
0x15730: cmp byte ptr cs:[0x104], dl
0x15735: jbe 0x1573e
0x15737: cmp byte ptr cs:[0x106], cl
0x1573c: je 0x15743
0x1573e: or byte ptr [0xc], 0x20
2018-12-25T12:00:18.11249914Z 42 PC: 1571a | Get date 0x1571a: cmp al, 5
0x1571c: jne 0x15723
0x1571e: or byte ptr [0xc], 0x10
0x15723: mov al, dh
0x15725: sub al, byte ptr cs:[0x105]
0x1572a: je 0x15737
0x1572c: cmp al, 1
0x1572e: ja 0x1573e
0x15730: cmp byte ptr cs:[0x104], dl
0x15735: jbe 0x1573e
0x15737: cmp byte ptr cs:[0x106], cl
0x1573c: je 0x15743
0x1573e: or byte ptr [0xc], 0x20
0x15743: mov byte ptr cs:[0x104], dl
0x15748: mov byte ptr cs:[0x105], dh
0x1574d: mov byte ptr cs:[0x106], cl
0x15752: cmp dl, 0xd
0x15755: jne 0x1575c
0x15757: or byte ptr [0xc], 2
0x1575c: mov di, 0x1e
2018-12-25T12:00:18.114923522Z 26 PC: 15aee | Set disk transfer address
2018-12-25T12:00:18.117692733Z 78 PC: 15af9 | Find first file
2018-12-25T12:00:18.124325258Z 67 PC: 15b76 | Get or set file attributes
2018-12-25T12:00:18.131018636Z 67 PC: 15b10 | Get or set file attributes
2018-12-25T12:00:18.148930829Z 61 PC: 157f1 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:00:18.156187567Z 87 PC: 157fd | Get or set file date and time
2018-12-25T12:00:18.157597806Z 63 PC: 15810 | Read file or device (Read 8 bytes on handle 5)
2018-12-25T12:00:18.16490039Z 66 PC: 15829 | Move file pointer
2018-12-25T12:00:18.166413228Z 66 PC: 1585a | Move file pointer
2018-12-25T12:00:18.167993605Z 62 PC: 158cf | Close file
2018-12-25T12:00:18.170258926Z 67 PC: 15b6d | Get or set file attributes
2018-12-25T12:00:18.181060763Z 26 PC: 15b19 | Set disk transfer address
2018-12-25T12:00:18.182198755Z 79 PC: 15b24 | Find next file
2018-12-25T12:00:18.185815556Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:18.192118577Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:18.20323636Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:18.211007837Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:18.213323322Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:18.220496306Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:18.222672997Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:18.227278142Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:18.229723859Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:18.364657542Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:18.367583199Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:18.370850277Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:18.37713757Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:18.467781792Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:18.476356507Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:18.47843301Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:18.487270418Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:18.489256041Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:18.490800052Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:18.493745337Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:18.678504036Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:18.679862863Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:18.683967414Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:18.690300816Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.062261212Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.071195133Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.074324989Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.082106706Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.083748401Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:19.086005436Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.087987946Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.194576098Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.196612893Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:19.199514143Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.20328027Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.298677986Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.304644186Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.305957297Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.387756756Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.389417875Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:19.390910861Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.393017254Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.584418462Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.586257639Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:19.589554147Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.603806184Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.640755821Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.649760585Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.653402203Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.660591105Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.662397816Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:19.666261324Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.668481878Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.679623677Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.681687025Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:19.684820553Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.693076301Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.70582877Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.713333729Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.715467703Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.724600057Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.726269171Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:19.728147955Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.730686927Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.74196043Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.743562198Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:19.746926264Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.754645562Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.765640937Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.773327519Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.77597392Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.778885926Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.780511257Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.783726206Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:20.032584873Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:20.0366756Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:20.041712103Z 26 PC: 15aee | Set disk transfer address (See above)
2018-12-25T12:00:20.043437884Z 78 PC: 15af9 | Find first file (See above)
2018-12-25T12:00:20.054809884Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:20.063872975Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:21.463568825Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:21.472064664Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:21.474480249Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:21.482181803Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:21.483819715Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:21.485750984Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:21.488722029Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:21.586375126Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:21.58807677Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:21.592778788Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:21.602463344Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:21.767209822Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:21.776492562Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:21.778841726Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:21.789874406Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:21.792657834Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:21.794328421Z 64 PC: 15877 | Write file or device (Write 8 bytes on handle 5)
2018-12-25T12:00:21.801690333Z 64 PC: 1588b | Write file or device (Write 1319 bytes on handle 5)
2018-12-25T12:00:21.811262313Z 66 PC: 158a2 | Move file pointer
2018-12-25T12:00:21.813017521Z 64 PC: 158b6 | Write file or device (Write 8 bytes on handle 5)
2018-12-25T12:00:21.816490443Z 87 PC: 158ca | Get or set file date and time
2018-12-25T12:00:21.820163791Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:21.827983328Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:21.840010176Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:21.841659743Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:21.844605275Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:21.849697546Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:21.859073464Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:21.866947661Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:21.868549375Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:21.876341916Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:21.878860644Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:21.880418099Z 64 PC: 15877 | Write file or device (See above)
2018-12-25T12:00:21.887883737Z 64 PC: 1588b | Write file or device (See above)
2018-12-25T12:00:21.898950984Z 66 PC: 158a2 | Move file pointer (See above)
2018-12-25T12:00:21.900738436Z 64 PC: 158b6 | Write file or device (See above)
2018-12-25T12:00:21.90407793Z 87 PC: 158ca | Get or set file date and time (See above)
2018-12-25T12:00:21.906530069Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:21.914697026Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:21.925577597Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:21.927651158Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:21.934459443Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:21.941347229Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:21.953955408Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:21.961626835Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:21.962857609Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:21.967293367Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:21.969016242Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:21.971083637Z 64 PC: 15877 | Write file or device (See above)
2018-12-25T12:00:21.979623032Z 64 PC: 1588b | Write file or device (See above)
2018-12-25T12:00:21.986280794Z 66 PC: 158a2 | Move file pointer (See above)
2018-12-25T12:00:21.98737387Z 64 PC: 158b6 | Write file or device (See above)
2018-12-25T12:00:21.990107496Z 87 PC: 158ca | Get or set file date and time (See above)
2018-12-25T12:00:21.991718625Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:21.996801303Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:22.004156334Z 26 PC: 15aee | Set disk transfer address (See above)
2018-12-25T12:00:22.007001206Z 78 PC: 15af9 | Find first file (See above)
2018-12-25T12:00:22.014560072Z 26 PC: 15aee | Set disk transfer address (See above)
2018-12-25T12:00:22.017213228Z 78 PC: 15af9 | Find first file (See above)
2018-12-25T12:00:22.028249439Z 37 PC: 159be | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:00:22.029532773Z 73 PC: 15a00 | Release memory
2018-12-25T12:00:22.032157098Z 26 PC: 12aa0 | Set disk transfer address
2018-12-25T12:00:22.033895438Z 42 PC: 12aa7 | Get date 0x12aa7: cmp dl, 1
0x12aaa: je 0x12ab6
0x12aac: cmp dl, 0x15
0x12aaf: je 0x12ab6
0x12ab1: cmp dl, 0x18
0x12ab4: jne 0x12ab9
0x12ab6: call 0x12c07
0x12ab9: push ds
0x12aba: mov ds, word ptr cs:[0x2c]
0x12abf: xor si, si
0x12ac1: lodsb al, byte ptr [si]
0x12ac2: cmp al, 0x50
0x12ac4: jne 0x12ac1
0x12ac6: cmp word ptr [si], 0x5441
0x12aca: jne 0x12ac1
0x12acc: add si, 4
0x12acf: mov cx, 1
0x12ad2: mov bx, word ptr cs:[0x631]
0x12ad7: lodsb al, byte ptr [si]
0x12ad8: cmp al, 0x3b
2018-12-25T12:00:24.627931057Z 26 PC: 12b96 | Set disk transfer address

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":12,"Min":0,"Second":0,"TimeBased":true,"OriginalID":6725,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:00:18.266404706Z 74 PC: 1569b | Reallocate memory
2018-12-25T12:00:18.26849765Z 74 PC: 156a2 | Reallocate memory
2018-12-25T12:00:18.269918844Z 72 PC: 156a9 | Allocate memory
2018-12-25T12:00:18.271499247Z 53 PC: 156ca | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:00:18.273052313Z 37 PC: 156e4 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:00:18.274299998Z 44 PC: 15707 | Get time 0x15707: cmp ch, 0xa
0x1570a: jb 0x15716
0x1570c: cmp ch, 0xb
0x1570f: jae 0x15716
0x15711: or byte ptr [0xc], 1
0x15716: mov ah, 0x2a
0x15718: int 0x21
0x1571a: cmp al, 5
0x1571c: jne 0x15723
0x1571e: or byte ptr [0xc], 0x10
0x15723: mov al, dh
0x15725: sub al, byte ptr cs:[0x105]
0x1572a: je 0x15737
0x1572c: cmp al, 1
0x1572e: ja 0x1573e
0x15730: cmp byte ptr cs:[0x104], dl
0x15735: jbe 0x1573e
0x15737: cmp byte ptr cs:[0x106], cl
0x1573c: je 0x15743
0x1573e: or byte ptr [0xc], 0x20
2018-12-25T12:00:18.276398298Z 42 PC: 1571a | Get date 0x1571a: cmp al, 5
0x1571c: jne 0x15723
0x1571e: or byte ptr [0xc], 0x10
0x15723: mov al, dh
0x15725: sub al, byte ptr cs:[0x105]
0x1572a: je 0x15737
0x1572c: cmp al, 1
0x1572e: ja 0x1573e
0x15730: cmp byte ptr cs:[0x104], dl
0x15735: jbe 0x1573e
0x15737: cmp byte ptr cs:[0x106], cl
0x1573c: je 0x15743
0x1573e: or byte ptr [0xc], 0x20
0x15743: mov byte ptr cs:[0x104], dl
0x15748: mov byte ptr cs:[0x105], dh
0x1574d: mov byte ptr cs:[0x106], cl
0x15752: cmp dl, 0xd
0x15755: jne 0x1575c
0x15757: or byte ptr [0xc], 2
0x1575c: mov di, 0x1e
2018-12-25T12:00:18.278903142Z 26 PC: 15aee | Set disk transfer address
2018-12-25T12:00:18.280233959Z 78 PC: 15af9 | Find first file
2018-12-25T12:00:18.287582024Z 67 PC: 15b76 | Get or set file attributes
2018-12-25T12:00:18.293910359Z 67 PC: 15b10 | Get or set file attributes
2018-12-25T12:00:19.277707303Z 61 PC: 157f1 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:00:19.282305978Z 87 PC: 157fd | Get or set file date and time
2018-12-25T12:00:19.28335823Z 63 PC: 15810 | Read file or device (Read 8 bytes on handle 5)
2018-12-25T12:00:19.287906853Z 66 PC: 15829 | Move file pointer
2018-12-25T12:00:19.288920208Z 66 PC: 1585a | Move file pointer
2018-12-25T12:00:19.289916025Z 62 PC: 158cf | Close file
2018-12-25T12:00:19.291776419Z 67 PC: 15b6d | Get or set file attributes
2018-12-25T12:00:19.539614399Z 26 PC: 15b19 | Set disk transfer address
2018-12-25T12:00:19.540778132Z 79 PC: 15b24 | Find next file
2018-12-25T12:00:19.544192734Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.550442382Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.578311997Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.588319973Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.590033584Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.597416415Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.600191299Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:19.601866629Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.604320205Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.616426493Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.618041556Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:19.621905916Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.630764304Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.642797379Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.65357604Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.655925896Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.665204085Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.667349081Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:19.669479654Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.673375537Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.682706889Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.684282451Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:19.687643084Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.694663303Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.707360954Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.717453381Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.719881898Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.727745588Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.729837649Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:19.73462852Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.742819422Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.755454064Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.75830655Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:19.761789352Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.768778857Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.944411246Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.952406355Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.954421331Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.96238028Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.964052185Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:19.965523261Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.969483332Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:20.232855443Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:20.234496294Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:20.237978451Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:20.246080764Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:20.406302108Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:20.421260015Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:20.42461924Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:20.430913289Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:20.432160205Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:20.4342506Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:20.436626818Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:20.540412945Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:20.542049868Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:20.54495638Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:20.55146105Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:20.571238205Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:20.578944007Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:20.580670589Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:20.588235422Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:20.589922331Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:20.591493723Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:20.593608127Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:20.612485831Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:20.613602631Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:20.616435838Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:20.623457134Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:20.663306678Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:20.67390366Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:20.676089318Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:20.683083328Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:20.690233162Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:20.692890357Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:20.933109028Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:20.934303937Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:20.938349257Z 26 PC: 15aee | Set disk transfer address (See above)
2018-12-25T12:00:20.940115676Z 78 PC: 15af9 | Find first file (See above)
2018-12-25T12:00:20.950398068Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:20.957183207Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:21.766990568Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:21.779812523Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:21.781957656Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:21.790578864Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:21.792086706Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:21.794215461Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:21.796599104Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:21.807824935Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:21.809209059Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:21.813513961Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:21.832755039Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:21.843977821Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:21.852392686Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:21.854374482Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:21.861010994Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:21.86336304Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:21.865468039Z 64 PC: 15877 | Write file or device (Write 8 bytes on handle 5)
2018-12-25T12:00:21.872670536Z 64 PC: 1588b | Write file or device (Write 1319 bytes on handle 5)
2018-12-25T12:00:21.88150464Z 66 PC: 158a2 | Move file pointer
2018-12-25T12:00:21.883348446Z 64 PC: 158b6 | Write file or device (Write 8 bytes on handle 5)
2018-12-25T12:00:21.886887131Z 87 PC: 158ca | Get or set file date and time
2018-12-25T12:00:21.88964661Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:21.898325051Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:21.909447969Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:21.911498046Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:21.91484124Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:21.921563031Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:21.932655864Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:21.940252806Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:21.941885713Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:21.949458254Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:21.951239608Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:21.953167214Z 64 PC: 15877 | Write file or device (See above)
2018-12-25T12:00:21.962351403Z 64 PC: 1588b | Write file or device (See above)
2018-12-25T12:00:21.97300024Z 66 PC: 158a2 | Move file pointer (See above)
2018-12-25T12:00:21.974426763Z 64 PC: 158b6 | Write file or device (See above)
2018-12-25T12:00:21.977622919Z 87 PC: 158ca | Get or set file date and time (See above)
2018-12-25T12:00:21.979365063Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:21.987073023Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:21.997953208Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:21.999496334Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:22.00656054Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:22.013904424Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:22.026460092Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:22.034332281Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:22.036295441Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:22.044214512Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:22.045977636Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:22.04785711Z 64 PC: 15877 | Write file or device (See above)
2018-12-25T12:00:22.055421167Z 64 PC: 1588b | Write file or device (See above)
2018-12-25T12:00:22.064356314Z 66 PC: 158a2 | Move file pointer (See above)
2018-12-25T12:00:22.066262249Z 64 PC: 158b6 | Write file or device (See above)
2018-12-25T12:00:22.070510263Z 87 PC: 158ca | Get or set file date and time (See above)
2018-12-25T12:00:22.072280578Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:22.080209314Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:22.092596613Z 26 PC: 15aee | Set disk transfer address (See above)
2018-12-25T12:00:22.094114915Z 78 PC: 15af9 | Find first file (See above)
2018-12-25T12:00:22.101151828Z 26 PC: 15aee | Set disk transfer address (See above)
2018-12-25T12:00:22.103520541Z 78 PC: 15af9 | Find first file (See above)
2018-12-25T12:00:22.114129272Z 37 PC: 159be | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:00:22.11585041Z 73 PC: 15a00 | Release memory
2018-12-25T12:00:22.118147613Z 26 PC: 12aa0 | Set disk transfer address
2018-12-25T12:00:22.119763743Z 42 PC: 12aa7 | Get date 0x12aa7: cmp dl, 1
0x12aaa: je 0x12ab6
0x12aac: cmp dl, 0x15
0x12aaf: je 0x12ab6
0x12ab1: cmp dl, 0x18
0x12ab4: jne 0x12ab9
0x12ab6: call 0x12c07
0x12ab9: push ds
0x12aba: mov ds, word ptr cs:[0x2c]
0x12abf: xor si, si
0x12ac1: lodsb al, byte ptr [si]
0x12ac2: cmp al, 0x50
0x12ac4: jne 0x12ac1
0x12ac6: cmp word ptr [si], 0x5441
0x12aca: jne 0x12ac1
0x12acc: add si, 4
0x12acf: mov cx, 1
0x12ad2: mov bx, word ptr cs:[0x631]
0x12ad7: lodsb al, byte ptr [si]
0x12ad8: cmp al, 0x3b
2018-12-25T12:00:24.64574182Z 26 PC: 12b96 | Set disk transfer address

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":12,"Min":0,"Second":0,"TimeBased":true,"OriginalID":6725,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:00:18.455895963Z 74 PC: 1569b | Reallocate memory
2018-12-25T12:00:18.45775314Z 74 PC: 156a2 | Reallocate memory
2018-12-25T12:00:18.458932103Z 72 PC: 156a9 | Allocate memory
2018-12-25T12:00:18.460239114Z 53 PC: 156ca | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:00:18.461890389Z 37 PC: 156e4 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:00:18.46296144Z 44 PC: 15707 | Get time 0x15707: cmp ch, 0xa
0x1570a: jb 0x15716
0x1570c: cmp ch, 0xb
0x1570f: jae 0x15716
0x15711: or byte ptr [0xc], 1
0x15716: mov ah, 0x2a
0x15718: int 0x21
0x1571a: cmp al, 5
0x1571c: jne 0x15723
0x1571e: or byte ptr [0xc], 0x10
0x15723: mov al, dh
0x15725: sub al, byte ptr cs:[0x105]
0x1572a: je 0x15737
0x1572c: cmp al, 1
0x1572e: ja 0x1573e
0x15730: cmp byte ptr cs:[0x104], dl
0x15735: jbe 0x1573e
0x15737: cmp byte ptr cs:[0x106], cl
0x1573c: je 0x15743
0x1573e: or byte ptr [0xc], 0x20
2018-12-25T12:00:18.464905596Z 42 PC: 1571a | Get date 0x1571a: cmp al, 5
0x1571c: jne 0x15723
0x1571e: or byte ptr [0xc], 0x10
0x15723: mov al, dh
0x15725: sub al, byte ptr cs:[0x105]
0x1572a: je 0x15737
0x1572c: cmp al, 1
0x1572e: ja 0x1573e
0x15730: cmp byte ptr cs:[0x104], dl
0x15735: jbe 0x1573e
0x15737: cmp byte ptr cs:[0x106], cl
0x1573c: je 0x15743
0x1573e: or byte ptr [0xc], 0x20
0x15743: mov byte ptr cs:[0x104], dl
0x15748: mov byte ptr cs:[0x105], dh
0x1574d: mov byte ptr cs:[0x106], cl
0x15752: cmp dl, 0xd
0x15755: jne 0x1575c
0x15757: or byte ptr [0xc], 2
0x1575c: mov di, 0x1e
2018-12-25T12:00:18.467338443Z 26 PC: 15aee | Set disk transfer address
2018-12-25T12:00:18.468209969Z 78 PC: 15af9 | Find first file
2018-12-25T12:00:18.473742068Z 67 PC: 15b76 | Get or set file attributes
2018-12-25T12:00:18.479546382Z 67 PC: 15b10 | Get or set file attributes
2018-12-25T12:00:18.532790212Z 61 PC: 157f1 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:00:18.540627591Z 87 PC: 157fd | Get or set file date and time
2018-12-25T12:00:18.543644736Z 63 PC: 15810 | Read file or device (Read 8 bytes on handle 5)
2018-12-25T12:00:18.562788377Z 66 PC: 15829 | Move file pointer
2018-12-25T12:00:18.564300315Z 66 PC: 1585a | Move file pointer
2018-12-25T12:00:18.566185889Z 62 PC: 158cf | Close file
2018-12-25T12:00:18.567968025Z 67 PC: 15b6d | Get or set file attributes
2018-12-25T12:00:18.781243491Z 26 PC: 15b19 | Set disk transfer address
2018-12-25T12:00:18.782737405Z 79 PC: 15b24 | Find next file
2018-12-25T12:00:18.785262307Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:18.790685736Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:18.923427382Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:18.929916956Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:18.931148752Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.008018002Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.009318106Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:19.011281402Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.013888846Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.229095783Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.234953433Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:19.238839996Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.245836327Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.255693081Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.272177108Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.27410918Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.278674052Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.280088827Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:19.281347004Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.282777414Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.299384687Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.300461172Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:19.302755409Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.315028857Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.336111038Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.340632707Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.34241271Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.348989476Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.350338738Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:19.351910355Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.354509969Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.364606448Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.365697822Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:19.369219699Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.375461926Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.474811643Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.481775026Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.48307964Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.489078229Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.490676944Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:19.492059232Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.493610807Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.545498233Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.546504126Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:19.548958592Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.555248803Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.694662492Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.703808875Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.705940024Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.712214562Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.713934229Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:19.71693202Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.71899017Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.86380095Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.865949802Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:19.868523434Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.874827682Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.913730833Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.920176768Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.921478524Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:19.929358462Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:19.931375004Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:19.933009522Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:19.936108099Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:19.952823025Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:19.953873105Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:19.956950344Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:19.962461954Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:19.987754825Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:19.994649141Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:19.99587321Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:20.001326683Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:20.007411171Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:20.009184387Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:20.022652826Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:20.024716673Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:20.027637933Z 26 PC: 15aee | Set disk transfer address (See above)
2018-12-25T12:00:20.02896119Z 78 PC: 15af9 | Find first file (See above)
2018-12-25T12:00:20.038442242Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:20.044441641Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:20.7100134Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:20.717492992Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:20.718840102Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:20.724648834Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:20.72712422Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:20.728464221Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:20.730131266Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:20.740481657Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:20.74170703Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:20.744664653Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:20.750938674Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:20.760140568Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:20.766905299Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:20.768727792Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:20.773659708Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:20.774812446Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:20.776392884Z 64 PC: 15877 | Write file or device (Write 8 bytes on handle 5)
2018-12-25T12:00:20.78233784Z 64 PC: 1588b | Write file or device (Write 1319 bytes on handle 5)
2018-12-25T12:00:20.873644863Z 66 PC: 158a2 | Move file pointer
2018-12-25T12:00:20.875997953Z 64 PC: 158b6 | Write file or device (Write 8 bytes on handle 5)
2018-12-25T12:00:20.880600204Z 87 PC: 158ca | Get or set file date and time
2018-12-25T12:00:20.881990584Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:21.114844455Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:21.124284637Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:21.125352655Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:21.128452286Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:21.134601054Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:21.143753022Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:21.150368868Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:21.154700103Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:21.159856989Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:21.161264038Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:21.162937848Z 64 PC: 15877 | Write file or device (See above)
2018-12-25T12:00:21.168774001Z 64 PC: 1588b | Write file or device (See above)
2018-12-25T12:00:21.178042661Z 66 PC: 158a2 | Move file pointer (See above)
2018-12-25T12:00:21.179372793Z 64 PC: 158b6 | Write file or device (See above)
2018-12-25T12:00:21.182906499Z 87 PC: 158ca | Get or set file date and time (See above)
2018-12-25T12:00:21.184919828Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:21.192002253Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:21.201574452Z 26 PC: 15b19 | Set disk transfer address (See above)
2018-12-25T12:00:21.203345736Z 79 PC: 15b24 | Find next file (See above)
2018-12-25T12:00:21.209347406Z 67 PC: 15b76 | Get or set file attributes (See above)
2018-12-25T12:00:21.215312964Z 67 PC: 15b10 | Get or set file attributes (See above)
2018-12-25T12:00:21.225878336Z 61 PC: 157f1 | Open file (See above)
2018-12-25T12:00:21.232853485Z 87 PC: 157fd | Get or set file date and time (See above)
2018-12-25T12:00:21.234147176Z 63 PC: 15810 | Read file or device (See above)
2018-12-25T12:00:21.240438943Z 66 PC: 15829 | Move file pointer (See above)
2018-12-25T12:00:21.241790358Z 66 PC: 1585a | Move file pointer (See above)
2018-12-25T12:00:21.243115151Z 64 PC: 15877 | Write file or device (See above)
2018-12-25T12:00:21.251172418Z 64 PC: 1588b | Write file or device (See above)
2018-12-25T12:00:21.259037174Z 66 PC: 158a2 | Move file pointer (See above)
2018-12-25T12:00:21.260379829Z 64 PC: 158b6 | Write file or device (See above)
2018-12-25T12:00:21.264445453Z 87 PC: 158ca | Get or set file date and time (See above)
2018-12-25T12:00:21.267827059Z 62 PC: 158cf | Close file (See above)
2018-12-25T12:00:21.274855106Z 67 PC: 15b6d | Get or set file attributes (See above)
2018-12-25T12:00:21.285491122Z 26 PC: 15aee | Set disk transfer address (See above)
2018-12-25T12:00:21.287135956Z 78 PC: 15af9 | Find first file (See above)
2018-12-25T12:00:21.292914304Z 26 PC: 15aee | Set disk transfer address (See above)
2018-12-25T12:00:21.294078591Z 78 PC: 15af9 | Find first file (See above)
2018-12-25T12:00:21.303193562Z 37 PC: 159be | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:00:21.304699366Z 73 PC: 15a00 | Release memory
2018-12-25T12:00:21.308355526Z 26 PC: 12aa0 | Set disk transfer address
2018-12-25T12:00:21.31072909Z 42 PC: 12aa7 | Get date 0x12aa7: cmp dl, 1
0x12aaa: je 0x12ab6
0x12aac: cmp dl, 0x15
0x12aaf: je 0x12ab6
0x12ab1: cmp dl, 0x18
0x12ab4: jne 0x12ab9
0x12ab6: call 0x12c07
0x12ab9: push ds
0x12aba: mov ds, word ptr cs:[0x2c]
0x12abf: xor si, si
0x12ac1: lodsb al, byte ptr [si]
0x12ac2: cmp al, 0x50
0x12ac4: jne 0x12ac1
0x12ac6: cmp word ptr [si], 0x5441
0x12aca: jne 0x12ac1
0x12acc: add si, 4
0x12acf: mov cx, 1
0x12ad2: mov bx, word ptr cs:[0x631]
0x12ad7: lodsb al, byte ptr [si]
0x12ad8: cmp al, 0x3b
2018-12-25T12:00:23.626311201Z 26 PC: 12b96 | Set disk transfer address