Sample viewer

vx.netlux.org/Virus.DOS.Lct.602

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:44:04.538659878Z 42 PC: 12a62 | Get date 0x12a62: cmp dh, 0xc
0x12a65: jne 0x12a6f
0x12a67: cmp dl, 0x19
0x12a6a: jne 0x12a6f
0x12a6c: jmp 0x12c47
0x12a6f: cmp dh, 4
0x12a72: jne 0x12a79
0x12a74: cmp dl, 1
0x12a77: jne 0x12a79
0x12a79: call 0x12c27
0x12a7c: call 0x12c14
0x12a7f: mov si, bp
0x12a81: add si, 0x22d
0x12a85: lodsw ax, word ptr [si]
0x12a86: cmp ax, 5
0x12a89: ja 0x12a8e
0x12a8b: jmp 0x12ae5
0x12a8d: nop
0x12a8e: call 0x12bfb
0x12a91: mov bx, ax
2018-12-17T22:44:04.541477661Z 26 PC: 12c31 | Set disk transfer address
2018-12-17T22:44:04.542622472Z 78 PC: 12c21 | Find first file
2018-12-17T22:44:04.548261851Z 61 PC: 12c06 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:44:04.561912565Z 87 PC: 12be9 | Get or set file date and time
2018-12-17T22:44:04.563373225Z 63 PC: 12aa5 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:44:04.569448816Z 66 PC: 12aaf | Move file pointer
2018-12-17T22:44:04.571634392Z 64 PC: 12b09 | Write file or device (Write 602 bytes on handle 5)
2018-12-17T22:44:04.587386032Z 66 PC: 12b13 | Move file pointer
2018-12-17T22:44:04.588705347Z 64 PC: 12b21 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:44:04.596201978Z 87 PC: 12be4 | Get or set file date and time
2018-12-17T22:44:04.597839943Z 62 PC: 12b2b | Close file
2018-12-17T22:44:04.606624906Z 79 PC: 12aec | Find next file
2018-12-17T22:44:04.609963649Z 61 PC: 12c06 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:44:04.616600121Z 87 PC: 12be9 | Get or set file date and time
2018-12-17T22:44:04.618281925Z 63 PC: 12aa5 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:44:04.625141125Z 66 PC: 12aaf | Move file pointer
2018-12-17T22:44:04.6268449Z 64 PC: 12b09 | Write file or device (Write 602 bytes on handle 5)
2018-12-17T22:44:04.634831226Z 66 PC: 12b13 | Move file pointer
2018-12-17T22:44:04.637035303Z 64 PC: 12b21 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:44:04.643664839Z 87 PC: 12be4 | Get or set file date and time
2018-12-17T22:44:04.645448988Z 62 PC: 12b2b | Close file
2018-12-17T22:44:04.653597367Z 79 PC: 12aec | Find next file
2018-12-17T22:44:04.657221609Z 61 PC: 12c06 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:44:04.663903974Z 87 PC: 12be9 | Get or set file date and time
2018-12-17T22:44:04.665623424Z 63 PC: 12aa5 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:44:04.673168666Z 66 PC: 12aaf | Move file pointer
2018-12-17T22:44:04.675662818Z 64 PC: 12b09 | Write file or device (Write 602 bytes on handle 5)
2018-12-17T22:44:04.683713987Z 66 PC: 12b13 | Move file pointer
2018-12-17T22:44:04.685794767Z 64 PC: 12b21 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:44:04.692587057Z 87 PC: 12be4 | Get or set file date and time
2018-12-17T22:44:04.694461301Z 62 PC: 12b2b | Close file
2018-12-17T22:44:04.703564281Z 79 PC: 12aec | Find next file
2018-12-17T22:44:04.706619536Z 61 PC: 12c06 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:44:04.713331475Z 87 PC: 12be9 | Get or set file date and time
2018-12-17T22:44:04.715738626Z 63 PC: 12aa5 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:44:04.722309552Z 66 PC: 12aaf | Move file pointer
2018-12-17T22:44:04.724133685Z 64 PC: 12b09 | Write file or device (Write 602 bytes on handle 5)
2018-12-17T22:44:04.733131664Z 66 PC: 12b13 | Move file pointer
2018-12-17T22:44:04.734803522Z 64 PC: 12b21 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:44:04.741464726Z 87 PC: 12be4 | Get or set file date and time
2018-12-17T22:44:04.750059267Z 62 PC: 12b2b | Close file
2018-12-17T22:44:04.913464341Z 79 PC: 12aec | Find next file
2018-12-17T22:44:04.915970906Z 61 PC: 12c06 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:44:04.923570103Z 87 PC: 12be9 | Get or set file date and time
2018-12-17T22:44:04.925010196Z 63 PC: 12aa5 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:44:04.931204389Z 66 PC: 12aaf | Move file pointer
2018-12-17T22:44:04.933298596Z 64 PC: 12b09 | Write file or device (Write 602 bytes on handle 5)
2018-12-17T22:44:05.022857816Z 66 PC: 12b13 | Move file pointer
2018-12-17T22:44:05.024247799Z 64 PC: 12b21 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:44:05.031855376Z 87 PC: 12be4 | Get or set file date and time
2018-12-17T22:44:05.03358715Z 62 PC: 12b2b | Close file
2018-12-17T22:44:05.169484902Z 79 PC: 12aec | Find next file
2018-12-17T22:44:05.172598266Z 61 PC: 12c06 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:44:05.179955524Z 87 PC: 12be9 | Get or set file date and time
2018-12-17T22:44:05.182146986Z 63 PC: 12aa5 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:44:05.188297328Z 66 PC: 12aaf | Move file pointer
2018-12-17T22:44:05.190540436Z 64 PC: 12b09 | Write file or device (Write 602 bytes on handle 5)
2018-12-17T22:44:05.198890877Z 66 PC: 12b13 | Move file pointer
2018-12-17T22:44:05.200263876Z 64 PC: 12b21 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:44:05.207761137Z 87 PC: 12be4 | Get or set file date and time
2018-12-17T22:44:05.209661472Z 62 PC: 12b2b | Close file
2018-12-17T22:44:05.217483892Z 79 PC: 12aec | Find next file
2018-12-17T22:44:05.220953185Z 61 PC: 12c06 | Open file (Filename = 'PAH.COM')
2018-12-17T22:44:05.227388725Z 87 PC: 12be9 | Get or set file date and time
2018-12-17T22:44:05.228911951Z 63 PC: 12aa5 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:44:05.235614105Z 66 PC: 12aaf | Move file pointer
2018-12-17T22:44:05.236997982Z 64 PC: 12b09 | Write file or device (Write 602 bytes on handle 5)
2018-12-17T22:44:05.245329984Z 66 PC: 12b13 | Move file pointer
2018-12-17T22:44:05.247637719Z 64 PC: 12b21 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:44:05.254537466Z 87 PC: 12be4 | Get or set file date and time
2018-12-17T22:44:05.256062025Z 62 PC: 12b2b | Close file
2018-12-17T22:44:05.265070077Z 79 PC: 12aec | Find next file
2018-12-17T22:44:05.267540311Z 61 PC: 12c06 | Open file (Filename = 'TEST.COM')
2018-12-17T22:44:05.273763815Z 87 PC: 12be9 | Get or set file date and time
2018-12-17T22:44:05.275373664Z 63 PC: 12aa5 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:44:05.277723863Z 66 PC: 12aaf | Move file pointer
2018-12-17T22:44:05.27902318Z 64 PC: 12b09 | Write file or device (Write 602 bytes on handle 5)
2018-12-17T22:44:05.287090452Z 66 PC: 12b13 | Move file pointer
2018-12-17T22:44:05.288276592Z 64 PC: 12b21 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:44:05.29083548Z 87 PC: 12be4 | Get or set file date and time
2018-12-17T22:44:05.292651869Z 62 PC: 12b2b | Close file
2018-12-17T22:44:05.300216056Z 79 PC: 12aec | Find next file

{"DateBased":true,"Day":1,"Month":12,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8095,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:03:21.079389817Z 42 PC: 12a62 | Get date 0x12a62: cmp dh, 0xc
0x12a65: jne 0x12a6f
0x12a67: cmp dl, 0x19
0x12a6a: jne 0x12a6f
0x12a6c: jmp 0x12c47
0x12a6f: cmp dh, 4
0x12a72: jne 0x12a79
0x12a74: cmp dl, 1
0x12a77: jne 0x12a79
0x12a79: call 0x12c27
0x12a7c: call 0x12c14
0x12a7f: mov si, bp
0x12a81: add si, 0x22d
0x12a85: lodsw ax, word ptr [si]
0x12a86: cmp ax, 5
0x12a89: ja 0x12a8e
0x12a8b: jmp 0x12ae5
0x12a8d: nop
0x12a8e: call 0x12bfb
0x12a91: mov bx, ax
2018-12-25T12:03:21.082300927Z 26 PC: 12c31 | Set disk transfer address
2018-12-25T12:03:21.085906676Z 78 PC: 12c21 | Find first file
2018-12-25T12:03:21.091196714Z 61 PC: 12c06 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:03:21.09745904Z 87 PC: 12be9 | Get or set file date and time
2018-12-25T12:03:21.099368726Z 63 PC: 12aa5 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T12:03:21.103822034Z 66 PC: 12aaf | Move file pointer
2018-12-25T12:03:21.105222325Z 64 PC: 12b09 | Write file or device (Write 602 bytes on handle 5)
2018-12-25T12:03:21.118404867Z 66 PC: 12b13 | Move file pointer
2018-12-25T12:03:21.125886342Z 64 PC: 12b21 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:03:21.130710864Z 87 PC: 12be4 | Get or set file date and time
2018-12-25T12:03:21.13264846Z 62 PC: 12b2b | Close file
2018-12-25T12:03:21.138457387Z 79 PC: 12aec | Find next file
2018-12-25T12:03:21.141475351Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:21.149673323Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:21.151211952Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:21.155623113Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:21.157124777Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:21.163354842Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:21.164640091Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:21.169099458Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:21.171334865Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:21.180747072Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:21.183701826Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:21.195069529Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:21.196810797Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:21.203713851Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:21.205625001Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:21.215577446Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:21.21747782Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:21.225155905Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:21.228233816Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:21.237442432Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:21.240622847Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:21.251053241Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:21.253081778Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:21.260215778Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:21.262893166Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:21.271763667Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:21.273265827Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:21.281933698Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:21.297538438Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:21.306466086Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:21.30947297Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:21.317104683Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:21.318797511Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:21.325916222Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:21.328325805Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:21.337527886Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:21.339607067Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:21.348058374Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:21.350048587Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:21.359894001Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:21.364699555Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:21.373028604Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:21.374917727Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:21.38310004Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:21.385364294Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:21.395125205Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:21.396352678Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:21.401085911Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:21.402992027Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:21.411804862Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:21.415216771Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:21.423205346Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:21.424616445Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:21.432379732Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:21.434030212Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:21.442982725Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:21.44514323Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:21.452405254Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:21.453999342Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:21.464017004Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:21.466919638Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:21.474178001Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:21.475661177Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:21.479063275Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:21.480698341Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:21.490120261Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:21.492472704Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:21.495970547Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:21.497999256Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:21.507191107Z 79 PC: 12aec | Find next file (See above)

{"DateBased":true,"Day":25,"Month":12,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8095,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:03:21.396671745Z 42 PC: 12a62 | Get date 0x12a62: cmp dh, 0xc
0x12a65: jne 0x12a6f
0x12a67: cmp dl, 0x19
0x12a6a: jne 0x12a6f
0x12a6c: jmp 0x12c47
0x12a6f: cmp dh, 4
0x12a72: jne 0x12a79
0x12a74: cmp dl, 1
0x12a77: jne 0x12a79
0x12a79: call 0x12c27
0x12a7c: call 0x12c14
0x12a7f: mov si, bp
0x12a81: add si, 0x22d
0x12a85: lodsw ax, word ptr [si]
0x12a86: cmp ax, 5
0x12a89: ja 0x12a8e
0x12a8b: jmp 0x12ae5
0x12a8d: nop
0x12a8e: call 0x12bfb
0x12a91: mov bx, ax

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8095,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:03:21.94428572Z 42 PC: 12a62 | Get date 0x12a62: cmp dh, 0xc
0x12a65: jne 0x12a6f
0x12a67: cmp dl, 0x19
0x12a6a: jne 0x12a6f
0x12a6c: jmp 0x12c47
0x12a6f: cmp dh, 4
0x12a72: jne 0x12a79
0x12a74: cmp dl, 1
0x12a77: jne 0x12a79
0x12a79: call 0x12c27
0x12a7c: call 0x12c14
0x12a7f: mov si, bp
0x12a81: add si, 0x22d
0x12a85: lodsw ax, word ptr [si]
0x12a86: cmp ax, 5
0x12a89: ja 0x12a8e
0x12a8b: jmp 0x12ae5
0x12a8d: nop
0x12a8e: call 0x12bfb
0x12a91: mov bx, ax
2018-12-25T12:03:21.955256196Z 26 PC: 12c31 | Set disk transfer address
2018-12-25T12:03:21.956689381Z 78 PC: 12c21 | Find first file
2018-12-25T12:03:21.962878113Z 61 PC: 12c06 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:03:21.970086477Z 87 PC: 12be9 | Get or set file date and time
2018-12-25T12:03:21.971369439Z 63 PC: 12aa5 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T12:03:21.977574909Z 66 PC: 12aaf | Move file pointer
2018-12-25T12:03:21.979743419Z 64 PC: 12b09 | Write file or device (Write 602 bytes on handle 5)
2018-12-25T12:03:21.994341064Z 66 PC: 12b13 | Move file pointer
2018-12-25T12:03:21.995601944Z 64 PC: 12b21 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:03:22.00232075Z 87 PC: 12be4 | Get or set file date and time
2018-12-25T12:03:22.003815832Z 62 PC: 12b2b | Close file
2018-12-25T12:03:22.011244327Z 79 PC: 12aec | Find next file
2018-12-25T12:03:22.013776762Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:22.022931567Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:22.024329634Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:22.03040971Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:22.032413263Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:22.04044312Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:22.041854634Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:22.049159201Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:22.051077383Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:22.059321774Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:22.062975344Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:22.069663666Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:22.071312947Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:22.079752021Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:22.081122688Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:22.090133877Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:22.092984653Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:22.099727484Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:22.10136378Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:22.109385788Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:22.112430661Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:22.119527464Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:22.121135473Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:22.127649623Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:22.129453325Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:22.137819025Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:22.139821774Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:22.146192789Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:22.147866736Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:22.156117364Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:22.159748276Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:22.16637819Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:22.168645084Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:22.175085259Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:22.176499573Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:22.185709696Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:22.187202586Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:22.193599653Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:22.19579478Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:22.204279222Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:22.206802326Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:22.213993005Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:22.215790516Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:22.222541664Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:22.224547354Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:22.233986298Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:22.235698218Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:22.242749239Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:22.244678389Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:22.252347007Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:22.255038418Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:22.261736654Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:22.263039447Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:22.269598727Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:22.27136864Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:22.279219052Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:22.28079163Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:22.288031516Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:22.289523187Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:22.298514516Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:22.301418034Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:22.308891584Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:22.311289689Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:22.314241988Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:22.315720698Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:22.323976331Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:22.325881157Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:22.328654977Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:22.330269987Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:22.338926555Z 79 PC: 12aec | Find next file (See above)

{"DateBased":true,"Day":1,"Month":4,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8095,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:03:22.157501064Z 42 PC: 12a62 | Get date 0x12a62: cmp dh, 0xc
0x12a65: jne 0x12a6f
0x12a67: cmp dl, 0x19
0x12a6a: jne 0x12a6f
0x12a6c: jmp 0x12c47
0x12a6f: cmp dh, 4
0x12a72: jne 0x12a79
0x12a74: cmp dl, 1
0x12a77: jne 0x12a79
0x12a79: call 0x12c27
0x12a7c: call 0x12c14
0x12a7f: mov si, bp
0x12a81: add si, 0x22d
0x12a85: lodsw ax, word ptr [si]
0x12a86: cmp ax, 5
0x12a89: ja 0x12a8e
0x12a8b: jmp 0x12ae5
0x12a8d: nop
0x12a8e: call 0x12bfb
0x12a91: mov bx, ax
2018-12-25T12:03:22.160439442Z 26 PC: 12c31 | Set disk transfer address
2018-12-25T12:03:22.16201672Z 78 PC: 12c21 | Find first file
2018-12-25T12:03:22.168823219Z 61 PC: 12c06 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:03:22.176903324Z 87 PC: 12be9 | Get or set file date and time
2018-12-25T12:03:22.178432166Z 63 PC: 12aa5 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T12:03:22.185347934Z 66 PC: 12aaf | Move file pointer
2018-12-25T12:03:22.187066462Z 64 PC: 12b09 | Write file or device (Write 602 bytes on handle 5)
2018-12-25T12:03:22.206409328Z 66 PC: 12b13 | Move file pointer
2018-12-25T12:03:22.20783111Z 64 PC: 12b21 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:03:22.215022792Z 87 PC: 12be4 | Get or set file date and time
2018-12-25T12:03:22.217179602Z 62 PC: 12b2b | Close file
2018-12-25T12:03:22.226272395Z 79 PC: 12aec | Find next file
2018-12-25T12:03:22.229797915Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:22.237900189Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:22.239771653Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:22.244915001Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:22.246836825Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:22.256023818Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:22.258008776Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:22.26590064Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:22.267482919Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:22.276102238Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:22.279296235Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:22.28655251Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:22.287896599Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:22.295889542Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:22.297550522Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:22.306125913Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:22.307681959Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:22.315348906Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:22.317007173Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:22.326479913Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:22.32975075Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:22.336952431Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:22.338687938Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:22.34680453Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:22.348977663Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:22.358502537Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:22.360788591Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:22.367828906Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:22.369389232Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:22.378483892Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:22.381386825Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:22.388628702Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:22.39064135Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:22.39753179Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:22.399145532Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:22.408335304Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:22.41003103Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:22.417203676Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:22.420306759Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:22.429710558Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:22.432726884Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:22.440108499Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:22.44199119Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:22.449940824Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:22.451995544Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:22.462383799Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:22.464197024Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:22.472027574Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:22.475334952Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:22.484529319Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:22.488321749Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:22.498746325Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:22.50080546Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:22.508378004Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:22.51139242Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:22.520808589Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:22.522525216Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:22.530663321Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:22.532711964Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:22.548668373Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:22.551906109Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:22.561440395Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:22.563443477Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:22.566702954Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:22.568939233Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:22.577972467Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:22.579395664Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:22.583354447Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:22.585641902Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:22.594889675Z 79 PC: 12aec | Find next file (See above)

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8095,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:03:22.289502487Z 42 PC: 12a62 | Get date 0x12a62: cmp dh, 0xc
0x12a65: jne 0x12a6f
0x12a67: cmp dl, 0x19
0x12a6a: jne 0x12a6f
0x12a6c: jmp 0x12c47
0x12a6f: cmp dh, 4
0x12a72: jne 0x12a79
0x12a74: cmp dl, 1
0x12a77: jne 0x12a79
0x12a79: call 0x12c27
0x12a7c: call 0x12c14
0x12a7f: mov si, bp
0x12a81: add si, 0x22d
0x12a85: lodsw ax, word ptr [si]
0x12a86: cmp ax, 5
0x12a89: ja 0x12a8e
0x12a8b: jmp 0x12ae5
0x12a8d: nop
0x12a8e: call 0x12bfb
0x12a91: mov bx, ax
2018-12-25T12:03:22.29232372Z 26 PC: 12c31 | Set disk transfer address
2018-12-25T12:03:22.293701753Z 78 PC: 12c21 | Find first file
2018-12-25T12:03:22.300263367Z 61 PC: 12c06 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:03:22.307551155Z 87 PC: 12be9 | Get or set file date and time
2018-12-25T12:03:22.309373101Z 63 PC: 12aa5 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T12:03:22.31621111Z 66 PC: 12aaf | Move file pointer
2018-12-25T12:03:22.317759679Z 64 PC: 12b09 | Write file or device (Write 602 bytes on handle 5)
2018-12-25T12:03:22.332818833Z 66 PC: 12b13 | Move file pointer
2018-12-25T12:03:22.334216331Z 64 PC: 12b21 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:03:22.342049316Z 87 PC: 12be4 | Get or set file date and time
2018-12-25T12:03:22.343949756Z 62 PC: 12b2b | Close file
2018-12-25T12:03:22.352390729Z 79 PC: 12aec | Find next file
2018-12-25T12:03:22.355477549Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:22.363233772Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:22.364687574Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:22.371481001Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:22.373666258Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:22.382353412Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:22.383865717Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:22.400195131Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:22.401866572Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:22.411189204Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:22.414465085Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:22.422300385Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:22.424064246Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:22.431860174Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:22.433927794Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:22.442845882Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:22.44435766Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:22.452749345Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:22.454816005Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:22.463525663Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:22.46829315Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:22.476003186Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:22.478374907Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:22.486993842Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:22.48903971Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:22.498998882Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:22.501820254Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:22.509109486Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:22.510696421Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:22.519982562Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:22.522886921Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:22.530608891Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:22.532258853Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:22.547718796Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:22.549415728Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:22.555189982Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:22.557403374Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:22.561793478Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:22.563047242Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:22.571359752Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:22.574556934Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:22.582042359Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:22.585086251Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:22.591185457Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:22.592692682Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:22.60126723Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:22.603239867Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:22.607669592Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:22.60901246Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:22.617865018Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:22.620559762Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:22.627323089Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:22.628959814Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:22.635478752Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:22.636794164Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:22.645534203Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:22.646716385Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:22.653825333Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:22.655838577Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:22.664176543Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:22.66697345Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:22.675433843Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:22.677114068Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:22.679790096Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:22.681946488Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:22.690702223Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:22.692035111Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:22.695580748Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:22.697212536Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:22.705481263Z 79 PC: 12aec | Find next file (See above)

{"DateBased":true,"Day":1,"Month":4,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8095,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:03:22.493598311Z 42 PC: 12a62 | Get date 0x12a62: cmp dh, 0xc
0x12a65: jne 0x12a6f
0x12a67: cmp dl, 0x19
0x12a6a: jne 0x12a6f
0x12a6c: jmp 0x12c47
0x12a6f: cmp dh, 4
0x12a72: jne 0x12a79
0x12a74: cmp dl, 1
0x12a77: jne 0x12a79
0x12a79: call 0x12c27
0x12a7c: call 0x12c14
0x12a7f: mov si, bp
0x12a81: add si, 0x22d
0x12a85: lodsw ax, word ptr [si]
0x12a86: cmp ax, 5
0x12a89: ja 0x12a8e
0x12a8b: jmp 0x12ae5
0x12a8d: nop
0x12a8e: call 0x12bfb
0x12a91: mov bx, ax
2018-12-25T12:03:22.496192367Z 26 PC: 12c31 | Set disk transfer address
2018-12-25T12:03:22.498739214Z 78 PC: 12c21 | Find first file
2018-12-25T12:03:22.505363575Z 61 PC: 12c06 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:03:22.512555917Z 87 PC: 12be9 | Get or set file date and time
2018-12-25T12:03:22.514977999Z 63 PC: 12aa5 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T12:03:22.521977926Z 66 PC: 12aaf | Move file pointer
2018-12-25T12:03:22.523594203Z 64 PC: 12b09 | Write file or device (Write 602 bytes on handle 5)
2018-12-25T12:03:22.545360553Z 66 PC: 12b13 | Move file pointer
2018-12-25T12:03:22.547039041Z 64 PC: 12b21 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:03:22.554340158Z 87 PC: 12be4 | Get or set file date and time
2018-12-25T12:03:22.557083751Z 62 PC: 12b2b | Close file
2018-12-25T12:03:22.570382623Z 79 PC: 12aec | Find next file
2018-12-25T12:03:22.573146635Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:22.580214825Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:22.582266537Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:22.589331836Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:22.590885276Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:22.600483175Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:22.602058444Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:22.616670383Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:22.61906144Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:22.627984041Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:22.631850389Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:22.639258218Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:22.641013202Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:22.647807452Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:22.649340128Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:22.658301218Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:22.659723381Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:22.667140747Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:22.668925855Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:22.677805463Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:22.680756345Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:22.688779031Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:22.690326974Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:22.697916413Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:22.700135707Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:22.708869224Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:22.710363865Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:22.71814103Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:22.721889529Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:22.730399592Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:22.733993993Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:22.741380036Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:22.742856056Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:22.74981416Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:22.751413513Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:22.760258481Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:22.761673349Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:22.769102511Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:22.770632085Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:22.779183272Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:22.782860466Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:22.79008226Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:22.791514156Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:22.799016002Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:22.800559286Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:22.810031335Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:22.811878346Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:22.819171051Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:22.820992744Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:22.830794926Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:22.833680717Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:22.841069076Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:22.843756977Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:22.850844023Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:22.852363788Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:22.862166709Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:22.864281397Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:22.871709734Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:22.873402557Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:22.882837215Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:22.885501557Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:22.891414448Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:22.893318758Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:22.902282829Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:22.904211515Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:22.914155531Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:22.915745429Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:22.918840079Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:22.921514649Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:22.930107102Z 79 PC: 12aec | Find next file (See above)

{"DateBased":true,"Day":1,"Month":12,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8095,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:03:22.501619916Z 42 PC: 12a62 | Get date 0x12a62: cmp dh, 0xc
0x12a65: jne 0x12a6f
0x12a67: cmp dl, 0x19
0x12a6a: jne 0x12a6f
0x12a6c: jmp 0x12c47
0x12a6f: cmp dh, 4
0x12a72: jne 0x12a79
0x12a74: cmp dl, 1
0x12a77: jne 0x12a79
0x12a79: call 0x12c27
0x12a7c: call 0x12c14
0x12a7f: mov si, bp
0x12a81: add si, 0x22d
0x12a85: lodsw ax, word ptr [si]
0x12a86: cmp ax, 5
0x12a89: ja 0x12a8e
0x12a8b: jmp 0x12ae5
0x12a8d: nop
0x12a8e: call 0x12bfb
0x12a91: mov bx, ax
2018-12-25T12:03:22.504792173Z 26 PC: 12c31 | Set disk transfer address
2018-12-25T12:03:22.50591476Z 78 PC: 12c21 | Find first file
2018-12-25T12:03:22.512443015Z 61 PC: 12c06 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:03:22.519752912Z 87 PC: 12be9 | Get or set file date and time
2018-12-25T12:03:22.521973744Z 63 PC: 12aa5 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T12:03:22.529191629Z 66 PC: 12aaf | Move file pointer
2018-12-25T12:03:22.530872771Z 64 PC: 12b09 | Write file or device (Write 602 bytes on handle 5)
2018-12-25T12:03:22.545584918Z 66 PC: 12b13 | Move file pointer
2018-12-25T12:03:22.54727831Z 64 PC: 12b21 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:03:22.555801545Z 87 PC: 12be4 | Get or set file date and time
2018-12-25T12:03:22.559143536Z 62 PC: 12b2b | Close file
2018-12-25T12:03:22.571037037Z 79 PC: 12aec | Find next file
2018-12-25T12:03:22.574697426Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:22.583781779Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:22.585500522Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:22.592353256Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:22.594196575Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:22.603299117Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:22.604694419Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:22.612055918Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:22.614071934Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:22.622994331Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:22.625704224Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:22.633117245Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:22.634519431Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:22.64127077Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:22.643267894Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:22.651732651Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:22.653165458Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:22.661002172Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:22.662572097Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:22.669246259Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:22.671627811Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:22.676547664Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:22.67777917Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:22.682719581Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:22.683876214Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:22.689947165Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:22.691604742Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:22.699146123Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:22.700932087Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:22.710482922Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:22.713901557Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:22.721752795Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:22.723338588Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:22.731116706Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:22.732743616Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:22.741221119Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:22.742950438Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:22.750679739Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:22.752189989Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:22.761275238Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:22.7643678Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:22.771628982Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:22.773689763Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:22.780640605Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:22.782498043Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:22.792019504Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:22.793720838Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:22.801154593Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:22.802837056Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:22.812265797Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:22.815748013Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:22.823126042Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:22.825382828Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:22.832464733Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:22.834633736Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:22.844263549Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:22.845892364Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:22.853107117Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:22.855562939Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:22.870622114Z 79 PC: 12aec | Find next file (See above)
2018-12-25T12:03:22.873909817Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:03:22.882318727Z 87 PC: 12be9 | Get or set file date and time (See above)
2018-12-25T12:03:22.883969001Z 63 PC: 12aa5 | Read file or device (See above)
2018-12-25T12:03:22.887211565Z 66 PC: 12aaf | Move file pointer (See above)
2018-12-25T12:03:22.889624697Z 64 PC: 12b09 | Write file or device (See above)
2018-12-25T12:03:22.898942302Z 66 PC: 12b13 | Move file pointer (See above)
2018-12-25T12:03:22.900588687Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:03:22.904798581Z 87 PC: 12be4 | Get or set file date and time (See above)
2018-12-25T12:03:22.907334478Z 62 PC: 12b2b | Close file (See above)
2018-12-25T12:03:22.916145015Z 79 PC: 12aec | Find next file (See above)

{"DateBased":true,"Day":25,"Month":12,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8095,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:03:22.468811935Z 64 PC: 0 | Write file or device (Write 2 bytes on handle 1)
2018-12-25T12:03:22.47310385Z 41 PC: 94fae | Parse filename
2018-12-25T12:03:22.475230801Z 41 PC: 9502f | Parse filename
2018-12-25T12:03:22.476744915Z 41 PC: 9504c | Parse filename
2018-12-25T12:03:22.479420425Z 26 PC: 984f7 | Set disk transfer address
2018-12-25T12:03:22.482953618Z 71 PC: 986f3 | Get current directory
2018-12-25T12:03:22.485870667Z 78 PC: 986fe | Find first file
2018-12-25T12:03:22.505988734Z 71 PC: 986f3 | Get current directory (See above)
2018-12-25T12:03:22.510401483Z 78 PC: 986fe | Find first file (See above)
2018-12-25T12:03:22.519976323Z 64 PC: 9a848 | Write file or device (Write 26 bytes on handle 2)
2018-12-25T12:03:22.524038358Z 37 PC: 123c4 | Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-25T12:03:22.525640565Z 37 PC: 123cb | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-25T12:03:22.526901514Z 37 PC: 123d2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:03:22.5281553Z 62 PC: 122ab | Close file
2018-12-25T12:03:22.529935238Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:03:22.531861514Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:03:22.533592159Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:03:22.535009396Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:03:22.536589789Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:03:22.537780077Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:03:22.539440114Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:03:22.541015965Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:03:22.542126365Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:03:22.54322709Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:03:22.544926802Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:03:22.546063698Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:03:22.547355135Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:03:22.552646652Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:03:22.556081741Z 99 PC: 9a5d7 | Get DBCS lead byte table pointer
2018-12-25T12:03:22.557451113Z 56 PC: 94df9 | Get or set country info
2018-12-25T12:03:22.565439108Z 64 PC: 9a848 | Write file or device (See above)
2018-12-25T12:03:22.57043086Z 25 PC: 94e62 | Get default drive
2018-12-25T12:03:22.573098858Z 71 PC: 970dd | Get current directory
2018-12-25T12:03:22.580118372Z 64 PC: 9a848 | Write file or device (See above)
2018-12-25T12:03:22.586287782Z 2 PC: 970b2 | Character output (Char = '3e')
2018-12-25T12:03:22.588691429Z 93 PC: 94f20 | File sharing functions
2018-12-25T12:03:22.592520225Z 93 PC: 94f27 | File sharing functions
2018-12-25T12:03:22.594812229Z 10 PC: 94f39 | Buffered keyboard input
2018-12-25T12:03:37.516671308Z 0 PC: 0 | Program terminate (See above)
2018-12-25T12:03:38.870519286Z 0 PC: 0 | Program terminate (See above)
2018-12-25T12:03:38.972935591Z 64 PC: 9a848 | Write file or device (See above)
2018-12-25T12:03:38.980145398Z 41 PC: 94fae | Parse filename (See above)
2018-12-25T12:03:38.982539674Z 41 PC: 9502f | Parse filename (See above)
2018-12-25T12:03:38.984973379Z 41 PC: 9504c | Parse filename (See above)
2018-12-25T12:03:38.988294102Z 26 PC: 984f7 | Set disk transfer address (See above)
2018-12-25T12:03:38.989817643Z 71 PC: 986f3 | Get current directory (See above)
2018-12-25T12:03:38.997240298Z 78 PC: 986fe | Find first file (See above)
2018-12-25T12:03:39.006144916Z 71 PC: 9856c | Get current directory
2018-12-25T12:03:39.009731273Z 73 PC: 97c09 | Release memory
2018-12-25T12:03:39.011055502Z 75 PC: 11821 | Execute program
2018-12-25T12:03:39.024687279Z 9 PC: 12a47 | Display string (String= 'Hello, World! ')
2018-12-25T12:03:39.029539526Z 76 PC: 12a4b | Terminate with return code (Return code = '36')