{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7864,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:02:52.133323593Z | 26 | PC: 12a78 | Set disk transfer address |
| 2018-12-25T12:02:52.13474747Z | 78 | PC: 12a83 | Find first file |
| 2018-12-25T12:02:52.140509503Z | 67 | PC: 12b03 | Get or set file attributes |
| 2018-12-25T12:02:52.27078564Z | 61 | PC: 12b0c | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:02:52.278891451Z | 63 | PC: 12b18 | Read file or device (Read 5 bytes on handle 5) |
| 2018-12-25T12:02:52.285809383Z | 66 | PC: 12b30 | Move file pointer |
| 2018-12-25T12:02:52.287738716Z | 64 | PC: 12b64 | Write file or device (Write 30 bytes on handle 5) |
| 2018-12-25T12:02:52.291016792Z | 64 | PC: 12b6f | Write file or device (Write 383 bytes on handle 5) |
| 2018-12-25T12:02:52.298922791Z | 66 | PC: 12b77 | Move file pointer |
| 2018-12-25T12:02:52.301491232Z | 64 | PC: 12b82 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:02:52.308261005Z | 64 | PC: 12b8d | Write file or device (Write 2 bytes on handle 5) |
| 2018-12-25T12:02:52.311009172Z | 87 | PC: 12b9a | Get or set file date and time |
| 2018-12-25T12:02:52.312733332Z | 62 | PC: 12b9e | Close file |
| 2018-12-25T12:02:52.320817438Z | 67 | PC: 12bab | Get or set file attributes |
| 2018-12-25T12:02:52.326455793Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T12:02:52.329399746Z | 67 | PC: 12b03 | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.344296568Z | 61 | PC: 12b0c | Open file (See above) |
| 2018-12-25T12:02:52.351980136Z | 63 | PC: 12b18 | Read file or device (See above) |
| 2018-12-25T12:02:52.358297636Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T12:02:52.359797622Z | 64 | PC: 12b64 | Write file or device (See above) |
| 2018-12-25T12:02:52.362938631Z | 64 | PC: 12b6f | Write file or device (See above) |
| 2018-12-25T12:02:52.365699239Z | 66 | PC: 12b77 | Move file pointer (See above) |
| 2018-12-25T12:02:52.368527689Z | 64 | PC: 12b82 | Write file or device (See above) |
| 2018-12-25T12:02:52.374640487Z | 64 | PC: 12b8d | Write file or device (See above) |
| 2018-12-25T12:02:52.37721973Z | 87 | PC: 12b9a | Get or set file date and time (See above) |
| 2018-12-25T12:02:52.378950739Z | 62 | PC: 12b9e | Close file (See above) |
| 2018-12-25T12:02:52.389098166Z | 67 | PC: 12bab | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.393800233Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T12:02:52.396614565Z | 67 | PC: 12b03 | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.411146409Z | 61 | PC: 12b0c | Open file (See above) |
| 2018-12-25T12:02:52.417713873Z | 63 | PC: 12b18 | Read file or device (See above) |
| 2018-12-25T12:02:52.424445505Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T12:02:52.427089708Z | 64 | PC: 12b64 | Write file or device (See above) |
| 2018-12-25T12:02:52.429996325Z | 64 | PC: 12b6f | Write file or device (See above) |
| 2018-12-25T12:02:52.432909015Z | 66 | PC: 12b77 | Move file pointer (See above) |
| 2018-12-25T12:02:52.434736175Z | 64 | PC: 12b82 | Write file or device (See above) |
| 2018-12-25T12:02:52.437987303Z | 64 | PC: 12b8d | Write file or device (See above) |
| 2018-12-25T12:02:52.440826043Z | 87 | PC: 12b9a | Get or set file date and time (See above) |
| 2018-12-25T12:02:52.442744261Z | 62 | PC: 12b9e | Close file (See above) |
| 2018-12-25T12:02:52.45092019Z | 67 | PC: 12bab | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.456063153Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T12:02:52.458622871Z | 67 | PC: 12b03 | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.468828139Z | 61 | PC: 12b0c | Open file (See above) |
| 2018-12-25T12:02:52.475600774Z | 63 | PC: 12b18 | Read file or device (See above) |
| 2018-12-25T12:02:52.482154345Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T12:02:52.48505118Z | 64 | PC: 12b64 | Write file or device (See above) |
| 2018-12-25T12:02:52.487665741Z | 64 | PC: 12b6f | Write file or device (See above) |
| 2018-12-25T12:02:52.490201465Z | 66 | PC: 12b77 | Move file pointer (See above) |
| 2018-12-25T12:02:52.492561302Z | 64 | PC: 12b82 | Write file or device (See above) |
| 2018-12-25T12:02:52.49500251Z | 64 | PC: 12b8d | Write file or device (See above) |
| 2018-12-25T12:02:52.498101502Z | 87 | PC: 12b9a | Get or set file date and time (See above) |
| 2018-12-25T12:02:52.500226831Z | 62 | PC: 12b9e | Close file (See above) |
| 2018-12-25T12:02:52.507581581Z | 67 | PC: 12bab | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.517568345Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T12:02:52.524819216Z | 67 | PC: 12b03 | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.534587886Z | 61 | PC: 12b0c | Open file (See above) |
| 2018-12-25T12:02:52.541337013Z | 63 | PC: 12b18 | Read file or device (See above) |
| 2018-12-25T12:02:52.548577346Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T12:02:52.55046326Z | 64 | PC: 12b64 | Write file or device (See above) |
| 2018-12-25T12:02:52.553383759Z | 64 | PC: 12b6f | Write file or device (See above) |
| 2018-12-25T12:02:52.556841169Z | 66 | PC: 12b77 | Move file pointer (See above) |
| 2018-12-25T12:02:52.558243439Z | 64 | PC: 12b82 | Write file or device (See above) |
| 2018-12-25T12:02:52.560716084Z | 64 | PC: 12b8d | Write file or device (See above) |
| 2018-12-25T12:02:52.563766902Z | 87 | PC: 12b9a | Get or set file date and time (See above) |
| 2018-12-25T12:02:52.565401477Z | 62 | PC: 12b9e | Close file (See above) |
| 2018-12-25T12:02:52.572746392Z | 67 | PC: 12bab | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.578227685Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T12:02:52.58163772Z | 67 | PC: 12b03 | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.591138398Z | 61 | PC: 12b0c | Open file (See above) |
| 2018-12-25T12:02:52.59851977Z | 63 | PC: 12b18 | Read file or device (See above) |
| 2018-12-25T12:02:52.605220738Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T12:02:52.606679922Z | 64 | PC: 12b64 | Write file or device (See above) |
| 2018-12-25T12:02:52.614865538Z | 64 | PC: 12b6f | Write file or device (See above) |
| 2018-12-25T12:02:52.618484184Z | 66 | PC: 12b77 | Move file pointer (See above) |
| 2018-12-25T12:02:52.619681557Z | 64 | PC: 12b82 | Write file or device (See above) |
| 2018-12-25T12:02:52.625965339Z | 64 | PC: 12b8d | Write file or device (See above) |
| 2018-12-25T12:02:52.629009492Z | 87 | PC: 12b9a | Get or set file date and time (See above) |
| 2018-12-25T12:02:52.630324226Z | 62 | PC: 12b9e | Close file (See above) |
| 2018-12-25T12:02:52.63801576Z | 67 | PC: 12bab | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.642739538Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T12:02:52.64619341Z | 67 | PC: 12b03 | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.656821418Z | 61 | PC: 12b0c | Open file (See above) |
| 2018-12-25T12:02:52.664578785Z | 63 | PC: 12b18 | Read file or device (See above) |
| 2018-12-25T12:02:52.671238486Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T12:02:52.673049835Z | 64 | PC: 12b64 | Write file or device (See above) |
| 2018-12-25T12:02:52.676332508Z | 64 | PC: 12b6f | Write file or device (See above) |
| 2018-12-25T12:02:52.678914193Z | 66 | PC: 12b77 | Move file pointer (See above) |
| 2018-12-25T12:02:52.680180532Z | 64 | PC: 12b82 | Write file or device (See above) |
| 2018-12-25T12:02:52.683534395Z | 64 | PC: 12b8d | Write file or device (See above) |
| 2018-12-25T12:02:52.685990282Z | 87 | PC: 12b9a | Get or set file date and time (See above) |
| 2018-12-25T12:02:52.687388197Z | 62 | PC: 12b9e | Close file (See above) |
| 2018-12-25T12:02:52.69533305Z | 67 | PC: 12bab | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.699877861Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T12:02:52.703721584Z | 67 | PC: 12b03 | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.715064826Z | 61 | PC: 12b0c | Open file (See above) |
| 2018-12-25T12:02:52.721867594Z | 63 | PC: 12b18 | Read file or device (See above) |
| 2018-12-25T12:02:52.728194052Z | 62 | PC: 12b9e | Close file (See above) |
| 2018-12-25T12:02:52.730732875Z | 67 | PC: 12bab | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.741196668Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T12:02:52.743853504Z | 78 | PC: 12a90 | Find first file |
| 2018-12-25T12:02:52.750557842Z | 42 | PC: 12ac8 | Get date 0x12ac8: cmp dl, 0xd 0x12acb: jne 0x12aef 0x12acd: mov ah, 0x19 0x12acf: int 0x21 0x12ad1: mov cx, 0x100 0x12ad4: cli 0x12ad5: mov dx, 0 0x12ad8: int 0x26 0x12ada: sti 0x12adb: mov ah, 0x40 0x12add: mov bx, 1 0x12ae0: mov cx, 0x1a 0x12ae3: lea dx, word ptr [bp + 0x16a] 0x12ae7: int 0x21 0x12ae9: xor ax, ax 0x12aeb: int 0x16 0x12aed: jmp 0x12adb 0x12aef: mov ah, 0x1a 0x12af1: mov dx, 0x80 0x12af4: int 0x21 |
| 2018-12-25T12:02:52.753340156Z | 26 | PC: 12af6 | Set disk transfer address |
{"DateBased":true,"Day":13,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7864,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:02:52.101997884Z | 26 | PC: 12a78 | Set disk transfer address |
| 2018-12-25T12:02:52.103620726Z | 78 | PC: 12a83 | Find first file |
| 2018-12-25T12:02:52.110327019Z | 67 | PC: 12b03 | Get or set file attributes |
| 2018-12-25T12:02:52.128180421Z | 61 | PC: 12b0c | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:02:52.13718734Z | 63 | PC: 12b18 | Read file or device (Read 5 bytes on handle 5) |
| 2018-12-25T12:02:52.144339955Z | 66 | PC: 12b30 | Move file pointer |
| 2018-12-25T12:02:52.146048226Z | 64 | PC: 12b64 | Write file or device (Write 30 bytes on handle 5) |
| 2018-12-25T12:02:52.149080027Z | 64 | PC: 12b6f | Write file or device (Write 383 bytes on handle 5) |
| 2018-12-25T12:02:52.158801175Z | 66 | PC: 12b77 | Move file pointer |
| 2018-12-25T12:02:52.160832457Z | 64 | PC: 12b82 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:02:52.168484051Z | 64 | PC: 12b8d | Write file or device (Write 2 bytes on handle 5) |
| 2018-12-25T12:02:52.172394383Z | 87 | PC: 12b9a | Get or set file date and time |
| 2018-12-25T12:02:52.173949722Z | 62 | PC: 12b9e | Close file |
| 2018-12-25T12:02:52.182795636Z | 67 | PC: 12bab | Get or set file attributes |
| 2018-12-25T12:02:52.188741492Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T12:02:52.191997573Z | 67 | PC: 12b03 | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.203386466Z | 61 | PC: 12b0c | Open file (See above) |
| 2018-12-25T12:02:52.211389828Z | 63 | PC: 12b18 | Read file or device (See above) |
| 2018-12-25T12:02:52.218575674Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T12:02:52.221139551Z | 64 | PC: 12b64 | Write file or device (See above) |
| 2018-12-25T12:02:52.224641579Z | 64 | PC: 12b6f | Write file or device (See above) |
| 2018-12-25T12:02:52.227468772Z | 66 | PC: 12b77 | Move file pointer (See above) |
| 2018-12-25T12:02:52.228884082Z | 64 | PC: 12b82 | Write file or device (See above) |
| 2018-12-25T12:02:52.232055498Z | 64 | PC: 12b8d | Write file or device (See above) |
| 2018-12-25T12:02:52.234868649Z | 87 | PC: 12b9a | Get or set file date and time (See above) |
| 2018-12-25T12:02:52.23643324Z | 62 | PC: 12b9e | Close file (See above) |
| 2018-12-25T12:02:52.24467814Z | 67 | PC: 12bab | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.250020237Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T12:02:52.252831987Z | 67 | PC: 12b03 | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.26390652Z | 61 | PC: 12b0c | Open file (See above) |
| 2018-12-25T12:02:52.271293545Z | 63 | PC: 12b18 | Read file or device (See above) |
| 2018-12-25T12:02:52.278134013Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T12:02:52.279629553Z | 64 | PC: 12b64 | Write file or device (See above) |
| 2018-12-25T12:02:52.282858893Z | 64 | PC: 12b6f | Write file or device (See above) |
| 2018-12-25T12:02:52.285745572Z | 66 | PC: 12b77 | Move file pointer (See above) |
| 2018-12-25T12:02:52.287019856Z | 64 | PC: 12b82 | Write file or device (See above) |
| 2018-12-25T12:02:52.290743174Z | 64 | PC: 12b8d | Write file or device (See above) |
| 2018-12-25T12:02:52.293705986Z | 87 | PC: 12b9a | Get or set file date and time (See above) |
| 2018-12-25T12:02:52.295434714Z | 62 | PC: 12b9e | Close file (See above) |
| 2018-12-25T12:02:52.304981661Z | 67 | PC: 12bab | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.310818609Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T12:02:52.314204572Z | 67 | PC: 12b03 | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.326554687Z | 61 | PC: 12b0c | Open file (See above) |
| 2018-12-25T12:02:52.333878468Z | 63 | PC: 12b18 | Read file or device (See above) |
| 2018-12-25T12:02:52.340958406Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T12:02:52.343166988Z | 64 | PC: 12b64 | Write file or device (See above) |
| 2018-12-25T12:02:52.346082421Z | 64 | PC: 12b6f | Write file or device (See above) |
| 2018-12-25T12:02:52.348863125Z | 66 | PC: 12b77 | Move file pointer (See above) |
| 2018-12-25T12:02:52.3502534Z | 64 | PC: 12b82 | Write file or device (See above) |
| 2018-12-25T12:02:52.353422789Z | 64 | PC: 12b8d | Write file or device (See above) |
| 2018-12-25T12:02:52.356470436Z | 87 | PC: 12b9a | Get or set file date and time (See above) |
| 2018-12-25T12:02:52.358222701Z | 62 | PC: 12b9e | Close file (See above) |
| 2018-12-25T12:02:52.367262798Z | 67 | PC: 12bab | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.372523715Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T12:02:52.375364993Z | 67 | PC: 12b03 | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.386453189Z | 61 | PC: 12b0c | Open file (See above) |
| 2018-12-25T12:02:52.39479427Z | 63 | PC: 12b18 | Read file or device (See above) |
| 2018-12-25T12:02:52.4026167Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T12:02:52.405855897Z | 64 | PC: 12b64 | Write file or device (See above) |
| 2018-12-25T12:02:52.40959726Z | 64 | PC: 12b6f | Write file or device (See above) |
| 2018-12-25T12:02:52.412977446Z | 66 | PC: 12b77 | Move file pointer (See above) |
| 2018-12-25T12:02:52.415598452Z | 64 | PC: 12b82 | Write file or device (See above) |
| 2018-12-25T12:02:52.419070833Z | 64 | PC: 12b8d | Write file or device (See above) |
| 2018-12-25T12:02:52.422211103Z | 87 | PC: 12b9a | Get or set file date and time (See above) |
| 2018-12-25T12:02:52.424241917Z | 62 | PC: 12b9e | Close file (See above) |
| 2018-12-25T12:02:52.432611043Z | 67 | PC: 12bab | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.438291143Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T12:02:52.448674336Z | 67 | PC: 12b03 | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.457650905Z | 61 | PC: 12b0c | Open file (See above) |
| 2018-12-25T12:02:52.466214392Z | 63 | PC: 12b18 | Read file or device (See above) |
| 2018-12-25T12:02:52.474197889Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T12:02:52.478253296Z | 64 | PC: 12b64 | Write file or device (See above) |
| 2018-12-25T12:02:52.488254292Z | 64 | PC: 12b6f | Write file or device (See above) |
| 2018-12-25T12:02:52.496324091Z | 66 | PC: 12b77 | Move file pointer (See above) |
| 2018-12-25T12:02:52.514371791Z | 64 | PC: 12b82 | Write file or device (See above) |
| 2018-12-25T12:02:52.524928124Z | 64 | PC: 12b8d | Write file or device (See above) |
| 2018-12-25T12:02:52.529652009Z | 87 | PC: 12b9a | Get or set file date and time (See above) |
| 2018-12-25T12:02:52.532593685Z | 62 | PC: 12b9e | Close file (See above) |
| 2018-12-25T12:02:52.542036635Z | 67 | PC: 12bab | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.547724784Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T12:02:52.551928907Z | 67 | PC: 12b03 | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.563628984Z | 61 | PC: 12b0c | Open file (See above) |
| 2018-12-25T12:02:52.571070048Z | 63 | PC: 12b18 | Read file or device (See above) |
| 2018-12-25T12:02:52.579397469Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T12:02:52.582285757Z | 64 | PC: 12b64 | Write file or device (See above) |
| 2018-12-25T12:02:52.58562336Z | 64 | PC: 12b6f | Write file or device (See above) |
| 2018-12-25T12:02:52.59006394Z | 66 | PC: 12b77 | Move file pointer (See above) |
| 2018-12-25T12:02:52.593886392Z | 64 | PC: 12b82 | Write file or device (See above) |
| 2018-12-25T12:02:52.597514098Z | 64 | PC: 12b8d | Write file or device (See above) |
| 2018-12-25T12:02:52.601259764Z | 87 | PC: 12b9a | Get or set file date and time (See above) |
| 2018-12-25T12:02:52.604312485Z | 62 | PC: 12b9e | Close file (See above) |
| 2018-12-25T12:02:52.613960896Z | 67 | PC: 12bab | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.619824344Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T12:02:52.624107237Z | 67 | PC: 12b03 | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.636522153Z | 61 | PC: 12b0c | Open file (See above) |
| 2018-12-25T12:02:52.644416208Z | 63 | PC: 12b18 | Read file or device (See above) |
| 2018-12-25T12:02:52.647993057Z | 62 | PC: 12b9e | Close file (See above) |
| 2018-12-25T12:02:52.651415892Z | 67 | PC: 12bab | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.663444643Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T12:02:52.666561958Z | 78 | PC: 12a90 | Find first file |
| 2018-12-25T12:02:52.674787645Z | 42 | PC: 12ac8 | Get date 0x12ac8: cmp dl, 0xd 0x12acb: jne 0x12aef 0x12acd: mov ah, 0x19 0x12acf: int 0x21 0x12ad1: mov cx, 0x100 0x12ad4: cli 0x12ad5: mov dx, 0 0x12ad8: int 0x26 0x12ada: sti 0x12adb: mov ah, 0x40 0x12add: mov bx, 1 0x12ae0: mov cx, 0x1a 0x12ae3: lea dx, word ptr [bp + 0x16a] 0x12ae7: int 0x21 0x12ae9: xor ax, ax 0x12aeb: int 0x16 0x12aed: jmp 0x12adb 0x12aef: mov ah, 0x1a 0x12af1: mov dx, 0x80 0x12af4: int 0x21 |
| 2018-12-25T12:02:52.67765801Z | 25 | PC: 12ad1 | Get default drive |
| 2018-12-25T12:02:52.693513864Z | 64 | PC: 12ae9 | Write file or device (Write 26 bytes on handle 1) |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7864,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:02:52.175340561Z | 26 | PC: 12a78 | Set disk transfer address |
| 2018-12-25T12:02:52.176795349Z | 78 | PC: 12a83 | Find first file |
| 2018-12-25T12:02:52.184241777Z | 67 | PC: 12b03 | Get or set file attributes |
| 2018-12-25T12:02:52.200749646Z | 61 | PC: 12b0c | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:02:52.208204616Z | 63 | PC: 12b18 | Read file or device (Read 5 bytes on handle 5) |
| 2018-12-25T12:02:52.21382402Z | 66 | PC: 12b30 | Move file pointer |
| 2018-12-25T12:02:52.215543193Z | 64 | PC: 12b64 | Write file or device (Write 30 bytes on handle 5) |
| 2018-12-25T12:02:52.218697536Z | 64 | PC: 12b6f | Write file or device (Write 383 bytes on handle 5) |
| 2018-12-25T12:02:52.228342727Z | 66 | PC: 12b77 | Move file pointer |
| 2018-12-25T12:02:52.229909595Z | 64 | PC: 12b82 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:02:52.238082765Z | 64 | PC: 12b8d | Write file or device (Write 2 bytes on handle 5) |
| 2018-12-25T12:02:52.242134714Z | 87 | PC: 12b9a | Get or set file date and time |
| 2018-12-25T12:02:52.244130336Z | 62 | PC: 12b9e | Close file |
| 2018-12-25T12:02:52.253239219Z | 67 | PC: 12bab | Get or set file attributes |
| 2018-12-25T12:02:52.259338361Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T12:02:52.261304127Z | 67 | PC: 12b03 | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.269596688Z | 61 | PC: 12b0c | Open file (See above) |
| 2018-12-25T12:02:52.275829077Z | 63 | PC: 12b18 | Read file or device (See above) |
| 2018-12-25T12:02:52.291660459Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T12:02:52.293938236Z | 64 | PC: 12b64 | Write file or device (See above) |
| 2018-12-25T12:02:52.297740369Z | 64 | PC: 12b6f | Write file or device (See above) |
| 2018-12-25T12:02:52.301639058Z | 66 | PC: 12b77 | Move file pointer (See above) |
| 2018-12-25T12:02:52.303740163Z | 64 | PC: 12b82 | Write file or device (See above) |
| 2018-12-25T12:02:52.307126778Z | 64 | PC: 12b8d | Write file or device (See above) |
| 2018-12-25T12:02:52.313854958Z | 87 | PC: 12b9a | Get or set file date and time (See above) |
| 2018-12-25T12:02:52.316679253Z | 62 | PC: 12b9e | Close file (See above) |
| 2018-12-25T12:02:52.325423238Z | 67 | PC: 12bab | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.332553234Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T12:02:52.335753185Z | 67 | PC: 12b03 | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.347324682Z | 61 | PC: 12b0c | Open file (See above) |
| 2018-12-25T12:02:52.35673446Z | 63 | PC: 12b18 | Read file or device (See above) |
| 2018-12-25T12:02:52.364960281Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T12:02:52.367364031Z | 64 | PC: 12b64 | Write file or device (See above) |
| 2018-12-25T12:02:52.371079406Z | 64 | PC: 12b6f | Write file or device (See above) |
| 2018-12-25T12:02:52.374730968Z | 66 | PC: 12b77 | Move file pointer (See above) |
| 2018-12-25T12:02:52.37736022Z | 64 | PC: 12b82 | Write file or device (See above) |
| 2018-12-25T12:02:52.381645548Z | 64 | PC: 12b8d | Write file or device (See above) |
| 2018-12-25T12:02:52.386228728Z | 87 | PC: 12b9a | Get or set file date and time (See above) |
| 2018-12-25T12:02:52.388362363Z | 62 | PC: 12b9e | Close file (See above) |
| 2018-12-25T12:02:52.397348Z | 67 | PC: 12bab | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.404544373Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T12:02:52.407605542Z | 67 | PC: 12b03 | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.419039676Z | 61 | PC: 12b0c | Open file (See above) |
| 2018-12-25T12:02:52.428277164Z | 63 | PC: 12b18 | Read file or device (See above) |
| 2018-12-25T12:02:52.436482065Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T12:02:52.438324668Z | 64 | PC: 12b64 | Write file or device (See above) |
| 2018-12-25T12:02:52.442543955Z | 64 | PC: 12b6f | Write file or device (See above) |
| 2018-12-25T12:02:52.44587022Z | 66 | PC: 12b77 | Move file pointer (See above) |
| 2018-12-25T12:02:52.447484823Z | 64 | PC: 12b82 | Write file or device (See above) |
| 2018-12-25T12:02:52.451923585Z | 64 | PC: 12b8d | Write file or device (See above) |
| 2018-12-25T12:02:52.455639229Z | 87 | PC: 12b9a | Get or set file date and time (See above) |
| 2018-12-25T12:02:52.457238447Z | 62 | PC: 12b9e | Close file (See above) |
| 2018-12-25T12:02:52.464718418Z | 67 | PC: 12bab | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.469793896Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T12:02:52.471840144Z | 67 | PC: 12b03 | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.479222159Z | 61 | PC: 12b0c | Open file (See above) |
| 2018-12-25T12:02:52.48752162Z | 63 | PC: 12b18 | Read file or device (See above) |
| 2018-12-25T12:02:52.494596469Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T12:02:52.496575317Z | 64 | PC: 12b64 | Write file or device (See above) |
| 2018-12-25T12:02:52.499996718Z | 64 | PC: 12b6f | Write file or device (See above) |
| 2018-12-25T12:02:52.502221291Z | 66 | PC: 12b77 | Move file pointer (See above) |
| 2018-12-25T12:02:52.503164605Z | 64 | PC: 12b82 | Write file or device (See above) |
| 2018-12-25T12:02:52.505289686Z | 64 | PC: 12b8d | Write file or device (See above) |
| 2018-12-25T12:02:52.507037431Z | 87 | PC: 12b9a | Get or set file date and time (See above) |
| 2018-12-25T12:02:52.508055678Z | 62 | PC: 12b9e | Close file (See above) |
| 2018-12-25T12:02:52.519493744Z | 67 | PC: 12bab | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.525513872Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T12:02:52.527761058Z | 67 | PC: 12b03 | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.539270351Z | 61 | PC: 12b0c | Open file (See above) |
| 2018-12-25T12:02:52.547098921Z | 63 | PC: 12b18 | Read file or device (See above) |
| 2018-12-25T12:02:52.555629606Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T12:02:52.558177912Z | 64 | PC: 12b64 | Write file or device (See above) |
| 2018-12-25T12:02:52.568836577Z | 64 | PC: 12b6f | Write file or device (See above) |
| 2018-12-25T12:02:52.572306594Z | 66 | PC: 12b77 | Move file pointer (See above) |
| 2018-12-25T12:02:52.5742687Z | 64 | PC: 12b82 | Write file or device (See above) |
| 2018-12-25T12:02:52.583303944Z | 64 | PC: 12b8d | Write file or device (See above) |
| 2018-12-25T12:02:52.586633597Z | 87 | PC: 12b9a | Get or set file date and time (See above) |
| 2018-12-25T12:02:52.589578406Z | 62 | PC: 12b9e | Close file (See above) |
| 2018-12-25T12:02:52.600218818Z | 67 | PC: 12bab | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.606484687Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T12:02:52.609833902Z | 67 | PC: 12b03 | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.622130752Z | 61 | PC: 12b0c | Open file (See above) |
| 2018-12-25T12:02:52.630067891Z | 63 | PC: 12b18 | Read file or device (See above) |
| 2018-12-25T12:02:52.637761961Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T12:02:52.64030072Z | 64 | PC: 12b64 | Write file or device (See above) |
| 2018-12-25T12:02:52.644704015Z | 64 | PC: 12b6f | Write file or device (See above) |
| 2018-12-25T12:02:52.648614224Z | 66 | PC: 12b77 | Move file pointer (See above) |
| 2018-12-25T12:02:52.650567692Z | 64 | PC: 12b82 | Write file or device (See above) |
| 2018-12-25T12:02:52.654600626Z | 64 | PC: 12b8d | Write file or device (See above) |
| 2018-12-25T12:02:52.658675945Z | 87 | PC: 12b9a | Get or set file date and time (See above) |
| 2018-12-25T12:02:52.660758396Z | 62 | PC: 12b9e | Close file (See above) |
| 2018-12-25T12:02:52.670183765Z | 67 | PC: 12bab | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.677078192Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T12:02:52.680947485Z | 67 | PC: 12b03 | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.692928458Z | 61 | PC: 12b0c | Open file (See above) |
| 2018-12-25T12:02:52.700774345Z | 63 | PC: 12b18 | Read file or device (See above) |
| 2018-12-25T12:02:52.704110537Z | 62 | PC: 12b9e | Close file (See above) |
| 2018-12-25T12:02:52.707255716Z | 67 | PC: 12bab | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.718462349Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T12:02:52.721533503Z | 78 | PC: 12a90 | Find first file |
| 2018-12-25T12:02:52.728889814Z | 42 | PC: 12ac8 | Get date 0x12ac8: cmp dl, 0xd 0x12acb: jne 0x12aef 0x12acd: mov ah, 0x19 0x12acf: int 0x21 0x12ad1: mov cx, 0x100 0x12ad4: cli 0x12ad5: mov dx, 0 0x12ad8: int 0x26 0x12ada: sti 0x12adb: mov ah, 0x40 0x12add: mov bx, 1 0x12ae0: mov cx, 0x1a 0x12ae3: lea dx, word ptr [bp + 0x16a] 0x12ae7: int 0x21 0x12ae9: xor ax, ax 0x12aeb: int 0x16 0x12aed: jmp 0x12adb 0x12aef: mov ah, 0x1a 0x12af1: mov dx, 0x80 0x12af4: int 0x21 |
| 2018-12-25T12:02:52.731810222Z | 26 | PC: 12af6 | Set disk transfer address |
{"DateBased":true,"Day":13,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7864,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:02:52.25641019Z | 26 | PC: 12a78 | Set disk transfer address |
| 2018-12-25T12:02:52.25791673Z | 78 | PC: 12a83 | Find first file |
| 2018-12-25T12:02:52.263686516Z | 67 | PC: 12b03 | Get or set file attributes |
| 2018-12-25T12:02:52.280663701Z | 61 | PC: 12b0c | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:02:52.288024741Z | 63 | PC: 12b18 | Read file or device (Read 5 bytes on handle 5) |
| 2018-12-25T12:02:52.294689644Z | 66 | PC: 12b30 | Move file pointer |
| 2018-12-25T12:02:52.296792368Z | 64 | PC: 12b64 | Write file or device (Write 30 bytes on handle 5) |
| 2018-12-25T12:02:52.299979536Z | 64 | PC: 12b6f | Write file or device (Write 383 bytes on handle 5) |
| 2018-12-25T12:02:52.307982169Z | 66 | PC: 12b77 | Move file pointer |
| 2018-12-25T12:02:52.309605231Z | 64 | PC: 12b82 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:02:52.318460522Z | 64 | PC: 12b8d | Write file or device (Write 2 bytes on handle 5) |
| 2018-12-25T12:02:52.324267813Z | 87 | PC: 12b9a | Get or set file date and time |
| 2018-12-25T12:02:52.32572414Z | 62 | PC: 12b9e | Close file |
| 2018-12-25T12:02:52.333539855Z | 67 | PC: 12bab | Get or set file attributes |
| 2018-12-25T12:02:52.349035854Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T12:02:52.351913794Z | 67 | PC: 12b03 | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.362573817Z | 61 | PC: 12b0c | Open file (See above) |
| 2018-12-25T12:02:52.37037309Z | 63 | PC: 12b18 | Read file or device (See above) |
| 2018-12-25T12:02:52.3769223Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T12:02:52.378575437Z | 64 | PC: 12b64 | Write file or device (See above) |
| 2018-12-25T12:02:52.386064623Z | 64 | PC: 12b6f | Write file or device (See above) |
| 2018-12-25T12:02:52.388825461Z | 66 | PC: 12b77 | Move file pointer (See above) |
| 2018-12-25T12:02:52.390036976Z | 64 | PC: 12b82 | Write file or device (See above) |
| 2018-12-25T12:02:52.396760533Z | 64 | PC: 12b8d | Write file or device (See above) |
| 2018-12-25T12:02:52.39942374Z | 87 | PC: 12b9a | Get or set file date and time (See above) |
| 2018-12-25T12:02:52.40092877Z | 62 | PC: 12b9e | Close file (See above) |
| 2018-12-25T12:02:52.40918197Z | 67 | PC: 12bab | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.413805148Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T12:02:52.41645948Z | 67 | PC: 12b03 | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.427272934Z | 61 | PC: 12b0c | Open file (See above) |
| 2018-12-25T12:02:52.433888144Z | 63 | PC: 12b18 | Read file or device (See above) |
| 2018-12-25T12:02:52.440196133Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T12:02:52.445981016Z | 64 | PC: 12b64 | Write file or device (See above) |
| 2018-12-25T12:02:52.451225152Z | 64 | PC: 12b6f | Write file or device (See above) |
| 2018-12-25T12:02:52.454753242Z | 66 | PC: 12b77 | Move file pointer (See above) |
| 2018-12-25T12:02:52.456906502Z | 64 | PC: 12b82 | Write file or device (See above) |
| 2018-12-25T12:02:52.459890245Z | 64 | PC: 12b8d | Write file or device (See above) |
| 2018-12-25T12:02:52.462852281Z | 87 | PC: 12b9a | Get or set file date and time (See above) |
| 2018-12-25T12:02:52.465708322Z | 62 | PC: 12b9e | Close file (See above) |
| 2018-12-25T12:02:52.472946124Z | 67 | PC: 12bab | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.477906968Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T12:02:52.480883438Z | 67 | PC: 12b03 | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.49113059Z | 61 | PC: 12b0c | Open file (See above) |
| 2018-12-25T12:02:52.497699807Z | 63 | PC: 12b18 | Read file or device (See above) |
| 2018-12-25T12:02:52.504419505Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T12:02:52.506471962Z | 64 | PC: 12b64 | Write file or device (See above) |
| 2018-12-25T12:02:52.509203423Z | 64 | PC: 12b6f | Write file or device (See above) |
| 2018-12-25T12:02:52.512614583Z | 66 | PC: 12b77 | Move file pointer (See above) |
| 2018-12-25T12:02:52.514508114Z | 64 | PC: 12b82 | Write file or device (See above) |
| 2018-12-25T12:02:52.517553548Z | 64 | PC: 12b8d | Write file or device (See above) |
| 2018-12-25T12:02:52.520454075Z | 87 | PC: 12b9a | Get or set file date and time (See above) |
| 2018-12-25T12:02:52.522401459Z | 62 | PC: 12b9e | Close file (See above) |
| 2018-12-25T12:02:52.530167281Z | 67 | PC: 12bab | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.535095829Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T12:02:52.539019853Z | 67 | PC: 12b03 | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.555943505Z | 61 | PC: 12b0c | Open file (See above) |
| 2018-12-25T12:02:52.562782729Z | 63 | PC: 12b18 | Read file or device (See above) |
| 2018-12-25T12:02:52.569693706Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T12:02:52.571885917Z | 64 | PC: 12b64 | Write file or device (See above) |
| 2018-12-25T12:02:52.575098313Z | 64 | PC: 12b6f | Write file or device (See above) |
| 2018-12-25T12:02:52.578695472Z | 66 | PC: 12b77 | Move file pointer (See above) |
| 2018-12-25T12:02:52.580389108Z | 64 | PC: 12b82 | Write file or device (See above) |
| 2018-12-25T12:02:52.58333791Z | 64 | PC: 12b8d | Write file or device (See above) |
| 2018-12-25T12:02:52.594066488Z | 87 | PC: 12b9a | Get or set file date and time (See above) |
| 2018-12-25T12:02:52.595925622Z | 62 | PC: 12b9e | Close file (See above) |
| 2018-12-25T12:02:52.604108704Z | 67 | PC: 12bab | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.609458942Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T12:02:52.611872128Z | 67 | PC: 12b03 | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.621449699Z | 61 | PC: 12b0c | Open file (See above) |
| 2018-12-25T12:02:52.628785563Z | 63 | PC: 12b18 | Read file or device (See above) |
| 2018-12-25T12:02:52.635132001Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T12:02:52.636919317Z | 64 | PC: 12b64 | Write file or device (See above) |
| 2018-12-25T12:02:52.645393129Z | 64 | PC: 12b6f | Write file or device (See above) |
| 2018-12-25T12:02:52.648244738Z | 66 | PC: 12b77 | Move file pointer (See above) |
| 2018-12-25T12:02:52.649839641Z | 64 | PC: 12b82 | Write file or device (See above) |
| 2018-12-25T12:02:52.657513356Z | 64 | PC: 12b8d | Write file or device (See above) |
| 2018-12-25T12:02:52.660271436Z | 87 | PC: 12b9a | Get or set file date and time (See above) |
| 2018-12-25T12:02:52.661958403Z | 62 | PC: 12b9e | Close file (See above) |
| 2018-12-25T12:02:52.671023365Z | 67 | PC: 12bab | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.675732477Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T12:02:52.678304885Z | 67 | PC: 12b03 | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.688568586Z | 61 | PC: 12b0c | Open file (See above) |
| 2018-12-25T12:02:52.694917094Z | 63 | PC: 12b18 | Read file or device (See above) |
| 2018-12-25T12:02:52.701049685Z | 66 | PC: 12b30 | Move file pointer (See above) |
| 2018-12-25T12:02:52.703276887Z | 64 | PC: 12b64 | Write file or device (See above) |
| 2018-12-25T12:02:52.706062749Z | 64 | PC: 12b6f | Write file or device (See above) |
| 2018-12-25T12:02:52.708574455Z | 66 | PC: 12b77 | Move file pointer (See above) |
| 2018-12-25T12:02:52.710791463Z | 64 | PC: 12b82 | Write file or device (See above) |
| 2018-12-25T12:02:52.713707161Z | 64 | PC: 12b8d | Write file or device (See above) |
| 2018-12-25T12:02:52.716513769Z | 87 | PC: 12b9a | Get or set file date and time (See above) |
| 2018-12-25T12:02:52.718696648Z | 62 | PC: 12b9e | Close file (See above) |
| 2018-12-25T12:02:52.727246687Z | 67 | PC: 12bab | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.737258775Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T12:02:52.743304765Z | 67 | PC: 12b03 | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.753752678Z | 61 | PC: 12b0c | Open file (See above) |
| 2018-12-25T12:02:52.760158143Z | 63 | PC: 12b18 | Read file or device (See above) |
| 2018-12-25T12:02:52.767873664Z | 62 | PC: 12b9e | Close file (See above) |
| 2018-12-25T12:02:52.769735639Z | 67 | PC: 12bab | Get or set file attributes (See above) |
| 2018-12-25T12:02:52.784988622Z | 79 | PC: 12a83 | Find next file (See above) |
| 2018-12-25T12:02:52.787424141Z | 78 | PC: 12a90 | Find first file |
| 2018-12-25T12:02:52.794828791Z | 42 | PC: 12ac8 | Get date 0x12ac8: cmp dl, 0xd 0x12acb: jne 0x12aef 0x12acd: mov ah, 0x19 0x12acf: int 0x21 0x12ad1: mov cx, 0x100 0x12ad4: cli 0x12ad5: mov dx, 0 0x12ad8: int 0x26 0x12ada: sti 0x12adb: mov ah, 0x40 0x12add: mov bx, 1 0x12ae0: mov cx, 0x1a 0x12ae3: lea dx, word ptr [bp + 0x16a] 0x12ae7: int 0x21 0x12ae9: xor ax, ax 0x12aeb: int 0x16 0x12aed: jmp 0x12adb 0x12aef: mov ah, 0x1a 0x12af1: mov dx, 0x80 0x12af4: int 0x21 |
| 2018-12-25T12:02:52.79779955Z | 25 | PC: 12ad1 | Get default drive |
| 2018-12-25T12:02:52.810861647Z | 64 | PC: 12ae9 | Write file or device (Write 26 bytes on handle 1) |