Sample viewer

vx.netlux.org/Virus.DOS.IVP.Birgit.424

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:45:01.020825556Z 26 PC: 12b6b | Set disk transfer address
2018-12-17T22:45:01.022346296Z 53 PC: 12a6a | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:45:01.023673283Z 37 PC: 12a7c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:45:01.024822729Z 71 PC: 12a88 | Get current directory
2018-12-17T22:45:01.028169815Z 78 PC: 12ac3 | Find first file
2018-12-17T22:45:01.032355796Z 61 PC: 12b74 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:45:01.042730745Z 63 PC: 12ade | Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:45:01.049149731Z 62 PC: 12ae2 | Close file
2018-12-17T22:45:01.051212867Z 67 PC: 12b7f | Get or set file attributes
2018-12-17T22:45:01.065597867Z 61 PC: 12b74 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:45:01.072988553Z 64 PC: 12b28 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:45:01.08000598Z 66 PC: 12b66 | Move file pointer
2018-12-17T22:45:01.08135259Z 44 PC: 12b33 | Get time 0x12b33: cmp dh, 0
0x12b36: je 0x12b2f
0x12b38: mov byte ptr cs:[bp + 0x2aa], dh
0x12b3d: call 0x12ba1
0x12b40: mov ax, 0x5701
0x12b43: mov cx, word ptr cs:[bp + 0x31d]
0x12b48: mov dx, word ptr cs:[bp + 0x31f]
0x12b4d: int 0x21
0x12b4f: mov ah, 0x3e
0x12b51: int 0x21
0x12b53: xor cx, cx
0x12b55: mov cl, byte ptr cs:[bp + 0x31c]
0x12b5a: call 0x12b76
0x12b5d: ret
0x12b5e: mov ah, 0x42
0x12b60: xor cx, cx
0x12b62: xor dx, dx
0x12b64: int 0x21
0x12b66: ret
0x12b67: mov ah, 0x1a
2018-12-17T22:45:01.083959988Z 64 PC: 12bfe | Write file or device (Write 424 bytes on handle 5)
2018-12-17T22:45:01.091377903Z 87 PC: 12b4f | Get or set file date and time
2018-12-17T22:45:01.092513323Z 62 PC: 12b53 | Close file
2018-12-17T22:45:01.100160665Z 67 PC: 12b7f | Get or set file attributes
2018-12-17T22:45:01.111116533Z 79 PC: 12ac3 | Find next file
2018-12-17T22:45:01.113714953Z 61 PC: 12b74 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:45:01.120314201Z 63 PC: 12ade | Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:45:01.127232882Z 62 PC: 12ae2 | Close file
2018-12-17T22:45:01.129098463Z 67 PC: 12b7f | Get or set file attributes
2018-12-17T22:45:01.139302611Z 61 PC: 12b74 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:45:01.146098536Z 64 PC: 12b28 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:45:01.148802133Z 66 PC: 12b66 | Move file pointer
2018-12-17T22:45:01.150156694Z 44 PC: 12b33 | Get time 0x12b33: cmp dh, 0
0x12b36: je 0x12b2f
0x12b38: mov byte ptr cs:[bp + 0x2aa], dh
0x12b3d: call 0x12ba1
0x12b40: mov ax, 0x5701
0x12b43: mov cx, word ptr cs:[bp + 0x31d]
0x12b48: mov dx, word ptr cs:[bp + 0x31f]
0x12b4d: int 0x21
0x12b4f: mov ah, 0x3e
0x12b51: int 0x21
0x12b53: xor cx, cx
0x12b55: mov cl, byte ptr cs:[bp + 0x31c]
0x12b5a: call 0x12b76
0x12b5d: ret
0x12b5e: mov ah, 0x42
0x12b60: xor cx, cx
0x12b62: xor dx, dx
0x12b64: int 0x21
0x12b66: ret
0x12b67: mov ah, 0x1a
2018-12-17T22:45:01.153176271Z 64 PC: 12bfe | Write file or device (Write 424 bytes on handle 5)
2018-12-17T22:45:01.156017987Z 87 PC: 12b4f | Get or set file date and time
2018-12-17T22:45:01.157312846Z 62 PC: 12b53 | Close file
2018-12-17T22:45:01.165060032Z 67 PC: 12b7f | Get or set file attributes
2018-12-17T22:45:01.175642455Z 79 PC: 12ac3 | Find next file
2018-12-17T22:45:01.178568747Z 61 PC: 12b74 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:45:01.185860607Z 63 PC: 12ade | Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:45:01.192377038Z 62 PC: 12ae2 | Close file
2018-12-17T22:45:01.194529556Z 67 PC: 12b7f | Get or set file attributes
2018-12-17T22:45:01.258885488Z 61 PC: 12b74 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:45:01.265537589Z 64 PC: 12b28 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:45:01.27200312Z 66 PC: 12b66 | Move file pointer
2018-12-17T22:45:01.273880089Z 44 PC: 12b33 | Get time 0x12b33: cmp dh, 0
0x12b36: je 0x12b2f
0x12b38: mov byte ptr cs:[bp + 0x2aa], dh
0x12b3d: call 0x12ba1
0x12b40: mov ax, 0x5701
0x12b43: mov cx, word ptr cs:[bp + 0x31d]
0x12b48: mov dx, word ptr cs:[bp + 0x31f]
0x12b4d: int 0x21
0x12b4f: mov ah, 0x3e
0x12b51: int 0x21
0x12b53: xor cx, cx
0x12b55: mov cl, byte ptr cs:[bp + 0x31c]
0x12b5a: call 0x12b76
0x12b5d: ret
0x12b5e: mov ah, 0x42
0x12b60: xor cx, cx
0x12b62: xor dx, dx
0x12b64: int 0x21
0x12b66: ret
0x12b67: mov ah, 0x1a
2018-12-17T22:45:01.276200767Z 64 PC: 12bfe | Write file or device (Write 424 bytes on handle 5)
2018-12-17T22:45:01.329518517Z 87 PC: 12b4f | Get or set file date and time
2018-12-17T22:45:01.331716118Z 62 PC: 12b53 | Close file
2018-12-17T22:45:01.422384301Z 67 PC: 12b7f | Get or set file attributes
2018-12-17T22:45:01.469817335Z 79 PC: 12ac3 | Find next file
2018-12-17T22:45:01.472642093Z 61 PC: 12b74 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:45:01.479643126Z 63 PC: 12ade | Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:45:01.486278182Z 62 PC: 12ae2 | Close file
2018-12-17T22:45:01.487924895Z 67 PC: 12b7f | Get or set file attributes
2018-12-17T22:45:01.548808169Z 61 PC: 12b74 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:45:01.55567655Z 64 PC: 12b28 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:45:01.558762978Z 66 PC: 12b66 | Move file pointer
2018-12-17T22:45:01.560884924Z 44 PC: 12b33 | Get time 0x12b33: cmp dh, 0
0x12b36: je 0x12b2f
0x12b38: mov byte ptr cs:[bp + 0x2aa], dh
0x12b3d: call 0x12ba1
0x12b40: mov ax, 0x5701
0x12b43: mov cx, word ptr cs:[bp + 0x31d]
0x12b48: mov dx, word ptr cs:[bp + 0x31f]
0x12b4d: int 0x21
0x12b4f: mov ah, 0x3e
0x12b51: int 0x21
0x12b53: xor cx, cx
0x12b55: mov cl, byte ptr cs:[bp + 0x31c]
0x12b5a: call 0x12b76
0x12b5d: ret
0x12b5e: mov ah, 0x42
0x12b60: xor cx, cx
0x12b62: xor dx, dx
0x12b64: int 0x21
0x12b66: ret
0x12b67: mov ah, 0x1a
2018-12-17T22:45:01.56356553Z 64 PC: 12bfe | Write file or device (Write 424 bytes on handle 5)
2018-12-17T22:45:01.566180002Z 87 PC: 12b4f | Get or set file date and time
2018-12-17T22:45:01.568124981Z 62 PC: 12b53 | Close file
2018-12-17T22:45:01.643859688Z 67 PC: 12b7f | Get or set file attributes
2018-12-17T22:45:01.746083819Z 79 PC: 12ac3 | Find next file
2018-12-17T22:45:01.749336504Z 61 PC: 12b74 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:45:01.761007101Z 63 PC: 12ade | Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:45:01.767155955Z 62 PC: 12ae2 | Close file
2018-12-17T22:45:01.769372993Z 67 PC: 12b7f | Get or set file attributes
2018-12-17T22:45:01.773611826Z 61 PC: 12b74 | Open file (Filename = 'PRINTA~1.COM�')
2018-12-17T22:45:01.778226492Z 64 PC: 12b28 | Write file or device (Write 3 bytes on handle 2)
2018-12-17T22:45:01.781318192Z 66 PC: 12b66 | Move file pointer
2018-12-17T22:45:01.783008054Z 44 PC: 12b33 | Get time 0x12b33: cmp dh, 0
0x12b36: je 0x12b2f
0x12b38: mov byte ptr cs:[bp + 0x2aa], dh
0x12b3d: call 0x12ba1
0x12b40: mov ax, 0x5701
0x12b43: mov cx, word ptr cs:[bp + 0x31d]
0x12b48: mov dx, word ptr cs:[bp + 0x31f]
0x12b4d: int 0x21
0x12b4f: mov ah, 0x3e
0x12b51: int 0x21
0x12b53: xor cx, cx
0x12b55: mov cl, byte ptr cs:[bp + 0x31c]
0x12b5a: call 0x12b76
0x12b5d: ret
0x12b5e: mov ah, 0x42
0x12b60: xor cx, cx
0x12b62: xor dx, dx
0x12b64: int 0x21
0x12b66: ret
0x12b67: mov ah, 0x1a
2018-12-17T22:45:01.785658098Z 64 PC: 12bfe | Write file or device (Write 424 bytes on handle 2)
2018-12-17T22:45:01.789477823Z 87 PC: 12b4f | Get or set file date and time
2018-12-17T22:45:01.791064741Z 62 PC: 12b53 | Close file
2018-12-17T22:45:01.792761952Z 67 PC: 12b7f | Get or set file attributes
2018-12-17T22:45:01.797564856Z 79 PC: 12ac3 | Find next file
2018-12-17T22:45:01.800367625Z 61 PC: 12b74 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:45:01.807038553Z 63 PC: 12ade | Read file or device (Read 26 bytes on handle 2)
2018-12-17T22:45:01.814260443Z 62 PC: 12ae2 | Close file
2018-12-17T22:45:01.816152484Z 67 PC: 12b7f | Get or set file attributes
2018-12-17T22:45:01.879001127Z 61 PC: 12b74 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:45:01.886365438Z 64 PC: 12b28 | Write file or device (Write 3 bytes on handle 2)
2018-12-17T22:45:01.89250364Z 66 PC: 12b66 | Move file pointer
2018-12-17T22:45:01.89371886Z 44 PC: 12b33 | Get time 0x12b33: cmp dh, 0
0x12b36: je 0x12b2f
0x12b38: mov byte ptr cs:[bp + 0x2aa], dh
0x12b3d: call 0x12ba1
0x12b40: mov ax, 0x5701
0x12b43: mov cx, word ptr cs:[bp + 0x31d]
0x12b48: mov dx, word ptr cs:[bp + 0x31f]
0x12b4d: int 0x21
0x12b4f: mov ah, 0x3e
0x12b51: int 0x21
0x12b53: xor cx, cx
0x12b55: mov cl, byte ptr cs:[bp + 0x31c]
0x12b5a: call 0x12b76
0x12b5d: ret
0x12b5e: mov ah, 0x42
0x12b60: xor cx, cx
0x12b62: xor dx, dx
0x12b64: int 0x21
0x12b66: ret
0x12b67: mov ah, 0x1a
2018-12-17T22:45:01.896244166Z 64 PC: 12bfe | Write file or device (Write 424 bytes on handle 2)
2018-12-17T22:45:01.962280304Z 87 PC: 12b4f | Get or set file date and time
2018-12-17T22:45:01.963745689Z 62 PC: 12b53 | Close file
2018-12-17T22:45:02.037255866Z 67 PC: 12b7f | Get or set file attributes
2018-12-17T22:45:02.123631493Z 79 PC: 12ac3 | Find next file
2018-12-17T22:45:02.126277367Z 61 PC: 12b74 | Open file (Filename = 'PAH.COM')
2018-12-17T22:45:02.133749115Z 63 PC: 12ade | Read file or device (Read 26 bytes on handle 2)
2018-12-17T22:45:02.140349544Z 62 PC: 12ae2 | Close file
2018-12-17T22:45:02.14264713Z 67 PC: 12b7f | Get or set file attributes
2018-12-17T22:45:02.214838052Z 61 PC: 12b74 | Open file (Filename = 'PAH.COM')
2018-12-17T22:45:02.22131479Z 64 PC: 12b28 | Write file or device (Write 3 bytes on handle 2)
2018-12-17T22:45:02.223996368Z 66 PC: 12b66 | Move file pointer
2018-12-17T22:45:02.226705053Z 44 PC: 12b33 | Get time 0x12b33: cmp dh, 0
0x12b36: je 0x12b2f
0x12b38: mov byte ptr cs:[bp + 0x2aa], dh
0x12b3d: call 0x12ba1
0x12b40: mov ax, 0x5701
0x12b43: mov cx, word ptr cs:[bp + 0x31d]
0x12b48: mov dx, word ptr cs:[bp + 0x31f]
0x12b4d: int 0x21
0x12b4f: mov ah, 0x3e
0x12b51: int 0x21
0x12b53: xor cx, cx
0x12b55: mov cl, byte ptr cs:[bp + 0x31c]
0x12b5a: call 0x12b76
0x12b5d: ret
0x12b5e: mov ah, 0x42
0x12b60: xor cx, cx
0x12b62: xor dx, dx
0x12b64: int 0x21
0x12b66: ret
0x12b67: mov ah, 0x1a
2018-12-17T22:45:02.228980454Z 64 PC: 12bfe | Write file or device (Write 424 bytes on handle 2)
2018-12-17T22:45:02.231663403Z 87 PC: 12b4f | Get or set file date and time
2018-12-17T22:45:02.233273846Z 62 PC: 12b53 | Close file
2018-12-17T22:45:02.240735718Z 67 PC: 12b7f | Get or set file attributes
2018-12-17T22:45:02.250473044Z 79 PC: 12ac3 | Find next file
2018-12-17T22:45:02.252907293Z 61 PC: 12b74 | Open file (Filename = 'TEST.COM')
2018-12-17T22:45:02.259398102Z 63 PC: 12ade | Read file or device (Read 26 bytes on handle 2)
2018-12-17T22:45:02.266197245Z 62 PC: 12ae2 | Close file
2018-12-17T22:45:02.268653104Z 79 PC: 12ac3 | Find next file
2018-12-17T22:45:02.271471145Z 59 PC: 12a97 | Change current directory
2018-12-17T22:45:02.275525354Z 9 PC: 12aa1 | Display string (String= 'Birgit [IVP] ')
2018-12-17T22:45:02.282124665Z 37 PC: 12aab | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:45:02.283871755Z 59 PC: 12ab5 | Change current directory
2018-12-17T22:45:02.285596195Z 26 PC: 12b6b | Set disk transfer address

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":8411,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:04:33.148222074Z 26 PC: 12b6b | Set disk transfer address
2018-12-25T12:04:33.149519732Z 53 PC: 12a6a | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:04:33.150635551Z 37 PC: 12a7c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:04:33.151392029Z 71 PC: 12a88 | Get current directory
2018-12-25T12:04:33.153777881Z 78 PC: 12ac3 | Find first file
2018-12-25T12:04:33.157399125Z 61 PC: 12b74 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:04:33.163507822Z 63 PC: 12ade | Read file or device (Read 26 bytes on handle 5)
2018-12-25T12:04:33.169822576Z 62 PC: 12ae2 | Close file
2018-12-25T12:04:33.171461873Z 67 PC: 12b7f | Get or set file attributes
2018-12-25T12:04:33.186402371Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.197635001Z 64 PC: 12b28 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:04:33.204377594Z 66 PC: 12b66 | Move file pointer
2018-12-25T12:04:33.205719812Z 44 PC: 12b33 | Get time 0x12b33: cmp dh, 0
0x12b36: je 0x12b2f
0x12b38: mov byte ptr cs:[bp + 0x2aa], dh
0x12b3d: call 0x12ba1
0x12b40: mov ax, 0x5701
0x12b43: mov cx, word ptr cs:[bp + 0x31d]
0x12b48: mov dx, word ptr cs:[bp + 0x31f]
0x12b4d: int 0x21
0x12b4f: mov ah, 0x3e
0x12b51: int 0x21
0x12b53: xor cx, cx
0x12b55: mov cl, byte ptr cs:[bp + 0x31c]
0x12b5a: call 0x12b76
0x12b5d: ret
0x12b5e: mov ah, 0x42
0x12b60: xor cx, cx
0x12b62: xor dx, dx
0x12b64: int 0x21
0x12b66: ret
0x12b67: mov ah, 0x1a
2018-12-25T12:04:33.208002259Z 64 PC: 12bfe | Write file or device (Write 424 bytes on handle 5)
2018-12-25T12:04:33.21655896Z 87 PC: 12b4f | Get or set file date and time
2018-12-25T12:04:33.217815533Z 62 PC: 12b53 | Close file
2018-12-25T12:04:33.225116077Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.242700945Z 79 PC: 12ac3 | Find next file (See above)
2018-12-25T12:04:33.245232577Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.251517071Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:04:33.258025549Z 62 PC: 12ae2 | Close file (See above)
2018-12-25T12:04:33.259673333Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.269410059Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.281320913Z 64 PC: 12b28 | Write file or device (See above)
2018-12-25T12:04:33.288184578Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:04:33.289483263Z 44 PC: 12b33 | Get time (See above)
2018-12-25T12:04:33.292066043Z 64 PC: 12bfe | Write file or device (See above)
2018-12-25T12:04:33.294794367Z 87 PC: 12b4f | Get or set file date and time (See above)
2018-12-25T12:04:33.296120698Z 62 PC: 12b53 | Close file (See above)
2018-12-25T12:04:33.304236883Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.313726643Z 79 PC: 12ac3 | Find next file (See above)
2018-12-25T12:04:33.316096798Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.322863624Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:04:33.326786678Z 62 PC: 12ae2 | Close file (See above)
2018-12-25T12:04:33.327967425Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.334896813Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.342174428Z 64 PC: 12b28 | Write file or device (See above)
2018-12-25T12:04:33.346483222Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:04:33.347789633Z 44 PC: 12b33 | Get time (See above)
2018-12-25T12:04:33.349279924Z 64 PC: 12bfe | Write file or device (See above)
2018-12-25T12:04:33.354610513Z 87 PC: 12b4f | Get or set file date and time (See above)
2018-12-25T12:04:33.356404554Z 62 PC: 12b53 | Close file (See above)
2018-12-25T12:04:33.363548682Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.373045998Z 79 PC: 12ac3 | Find next file (See above)
2018-12-25T12:04:33.378256241Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.38448968Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:04:33.390542587Z 62 PC: 12ae2 | Close file (See above)
2018-12-25T12:04:33.392513782Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.399065323Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.406114212Z 64 PC: 12b28 | Write file or device (See above)
2018-12-25T12:04:33.410686622Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:04:33.411966811Z 44 PC: 12b33 | Get time (See above)
2018-12-25T12:04:33.414533469Z 64 PC: 12bfe | Write file or device (See above)
2018-12-25T12:04:33.417853021Z 87 PC: 12b4f | Get or set file date and time (See above)
2018-12-25T12:04:33.419084702Z 62 PC: 12b53 | Close file (See above)
2018-12-25T12:04:33.426025491Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.43623037Z 79 PC: 12ac3 | Find next file (See above)
2018-12-25T12:04:33.438760906Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.445031849Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:04:33.45154881Z 62 PC: 12ae2 | Close file (See above)
2018-12-25T12:04:33.453558254Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.461351916Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.470634924Z 64 PC: 12b28 | Write file or device (See above)
2018-12-25T12:04:33.474183278Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:04:33.475527667Z 44 PC: 12b33 | Get time (See above)
2018-12-25T12:04:33.478773613Z 64 PC: 12bfe | Write file or device (See above)
2018-12-25T12:04:33.505792997Z 87 PC: 12b4f | Get or set file date and time (See above)
2018-12-25T12:04:33.507260713Z 62 PC: 12b53 | Close file (See above)
2018-12-25T12:04:33.51257465Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.517655425Z 79 PC: 12ac3 | Find next file (See above)
2018-12-25T12:04:33.523753424Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.530831952Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:04:33.537148358Z 62 PC: 12ae2 | Close file (See above)
2018-12-25T12:04:33.540217023Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.551148029Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.558384235Z 64 PC: 12b28 | Write file or device (See above)
2018-12-25T12:04:33.561608266Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:04:33.564096597Z 44 PC: 12b33 | Get time (See above)
2018-12-25T12:04:33.571040595Z 64 PC: 12bfe | Write file or device (See above)
2018-12-25T12:04:33.579510586Z 87 PC: 12b4f | Get or set file date and time (See above)
2018-12-25T12:04:33.581493546Z 62 PC: 12b53 | Close file (See above)
2018-12-25T12:04:33.589086486Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.598503884Z 79 PC: 12ac3 | Find next file (See above)
2018-12-25T12:04:33.601459438Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.608606302Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:04:33.614921364Z 62 PC: 12ae2 | Close file (See above)
2018-12-25T12:04:33.616873587Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.629393782Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.635801293Z 64 PC: 12b28 | Write file or device (See above)
2018-12-25T12:04:33.638689546Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:04:33.640310956Z 44 PC: 12b33 | Get time (See above)
2018-12-25T12:04:33.642522864Z 64 PC: 12bfe | Write file or device (See above)
2018-12-25T12:04:33.645302667Z 87 PC: 12b4f | Get or set file date and time (See above)
2018-12-25T12:04:33.647046852Z 62 PC: 12b53 | Close file (See above)
2018-12-25T12:04:33.654115612Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.663776324Z 79 PC: 12ac3 | Find next file (See above)
2018-12-25T12:04:33.666630595Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.6781107Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:04:33.68432309Z 62 PC: 12ae2 | Close file (See above)
2018-12-25T12:04:33.686725384Z 79 PC: 12ac3 | Find next file (See above)
2018-12-25T12:04:33.689087796Z 59 PC: 12a97 | Change current directory
2018-12-25T12:04:33.693391402Z 9 PC: 12aa1 | Display string (String= 'Birgit [IVP] ')
2018-12-25T12:04:33.701206754Z 37 PC: 12aab | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:04:33.702179471Z 59 PC: 12ab5 | Change current directory
2018-12-25T12:04:33.704008743Z 26 PC: 12b6b | Set disk transfer address (See above)

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":1,"TimeBased":true,"OriginalID":8411,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:04:33.449181646Z 26 PC: 12b6b | Set disk transfer address
2018-12-25T12:04:33.450615997Z 53 PC: 12a6a | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:04:33.451643263Z 37 PC: 12a7c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:04:33.45241287Z 71 PC: 12a88 | Get current directory
2018-12-25T12:04:33.454522494Z 78 PC: 12ac3 | Find first file
2018-12-25T12:04:33.459115585Z 61 PC: 12b74 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:04:33.467664635Z 63 PC: 12ade | Read file or device (Read 26 bytes on handle 5)
2018-12-25T12:04:33.47225789Z 62 PC: 12ae2 | Close file
2018-12-25T12:04:33.47388417Z 67 PC: 12b7f | Get or set file attributes
2018-12-25T12:04:33.486934468Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.49185218Z 64 PC: 12b28 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:04:33.494498139Z 66 PC: 12b66 | Move file pointer
2018-12-25T12:04:33.495651368Z 44 PC: 12b33 | Get time 0x12b33: cmp dh, 0
0x12b36: je 0x12b2f
0x12b38: mov byte ptr cs:[bp + 0x2aa], dh
0x12b3d: call 0x12ba1
0x12b40: mov ax, 0x5701
0x12b43: mov cx, word ptr cs:[bp + 0x31d]
0x12b48: mov dx, word ptr cs:[bp + 0x31f]
0x12b4d: int 0x21
0x12b4f: mov ah, 0x3e
0x12b51: int 0x21
0x12b53: xor cx, cx
0x12b55: mov cl, byte ptr cs:[bp + 0x31c]
0x12b5a: call 0x12b76
0x12b5d: ret
0x12b5e: mov ah, 0x42
0x12b60: xor cx, cx
0x12b62: xor dx, dx
0x12b64: int 0x21
0x12b66: ret
0x12b67: mov ah, 0x1a
2018-12-25T12:04:33.497483676Z 64 PC: 12bfe | Write file or device (Write 424 bytes on handle 5)
2018-12-25T12:04:33.504344701Z 87 PC: 12b4f | Get or set file date and time
2018-12-25T12:04:33.506234462Z 62 PC: 12b53 | Close file
2018-12-25T12:04:33.515281437Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.526388652Z 79 PC: 12ac3 | Find next file (See above)
2018-12-25T12:04:33.529585646Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.537712337Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:04:33.545250697Z 62 PC: 12ae2 | Close file (See above)
2018-12-25T12:04:33.54722798Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.557544285Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.564470664Z 64 PC: 12b28 | Write file or device (See above)
2018-12-25T12:04:33.567120784Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:04:33.568296943Z 44 PC: 12b33 | Get time (See above)
2018-12-25T12:04:33.570884428Z 64 PC: 12bfe | Write file or device (See above)
2018-12-25T12:04:33.573737465Z 87 PC: 12b4f | Get or set file date and time (See above)
2018-12-25T12:04:33.574993867Z 62 PC: 12b53 | Close file (See above)
2018-12-25T12:04:33.581595215Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.59058628Z 79 PC: 12ac3 | Find next file (See above)
2018-12-25T12:04:33.592845993Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.598886477Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:04:33.604092334Z 62 PC: 12ae2 | Close file (See above)
2018-12-25T12:04:33.605426685Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.613200415Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.618643589Z 64 PC: 12b28 | Write file or device (See above)
2018-12-25T12:04:33.620834691Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:04:33.621976808Z 44 PC: 12b33 | Get time (See above)
2018-12-25T12:04:33.624146114Z 64 PC: 12bfe | Write file or device (See above)
2018-12-25T12:04:33.630153833Z 87 PC: 12b4f | Get or set file date and time (See above)
2018-12-25T12:04:33.63130919Z 62 PC: 12b53 | Close file (See above)
2018-12-25T12:04:33.637316019Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.644322095Z 79 PC: 12ac3 | Find next file (See above)
2018-12-25T12:04:33.646217061Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.654656711Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:04:33.659529484Z 62 PC: 12ae2 | Close file (See above)
2018-12-25T12:04:33.660878219Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.66821626Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.672967465Z 64 PC: 12b28 | Write file or device (See above)
2018-12-25T12:04:33.675034872Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:04:33.6765609Z 44 PC: 12b33 | Get time (See above)
2018-12-25T12:04:33.678344788Z 64 PC: 12bfe | Write file or device (See above)
2018-12-25T12:04:33.680313701Z 87 PC: 12b4f | Get or set file date and time (See above)
2018-12-25T12:04:33.68168621Z 62 PC: 12b53 | Close file (See above)
2018-12-25T12:04:33.688992452Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.698620463Z 79 PC: 12ac3 | Find next file (See above)
2018-12-25T12:04:33.701422122Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.711902991Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:04:33.717331882Z 62 PC: 12ae2 | Close file (See above)
2018-12-25T12:04:33.719702864Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.722912968Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.729488535Z 64 PC: 12b28 | Write file or device (See above)
2018-12-25T12:04:33.732866385Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:04:33.734072168Z 44 PC: 12b33 | Get time (See above)
2018-12-25T12:04:33.736012216Z 64 PC: 12bfe | Write file or device (See above)
2018-12-25T12:04:33.743509145Z 87 PC: 12b4f | Get or set file date and time (See above)
2018-12-25T12:04:33.744741956Z 62 PC: 12b53 | Close file (See above)
2018-12-25T12:04:33.746127171Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.749807921Z 79 PC: 12ac3 | Find next file (See above)
2018-12-25T12:04:33.753889299Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.761868441Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:04:33.76931593Z 62 PC: 12ae2 | Close file (See above)
2018-12-25T12:04:33.770916471Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.780416654Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.785793084Z 64 PC: 12b28 | Write file or device (See above)
2018-12-25T12:04:33.787933506Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:04:33.789131958Z 44 PC: 12b33 | Get time (See above)
2018-12-25T12:04:33.79107367Z 64 PC: 12bfe | Write file or device (See above)
2018-12-25T12:04:33.797166491Z 87 PC: 12b4f | Get or set file date and time (See above)
2018-12-25T12:04:33.798327692Z 62 PC: 12b53 | Close file (See above)
2018-12-25T12:04:33.804079745Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.811191851Z 79 PC: 12ac3 | Find next file (See above)
2018-12-25T12:04:33.813090595Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.817784752Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:04:33.822577404Z 62 PC: 12ae2 | Close file (See above)
2018-12-25T12:04:33.823994862Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.831277995Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.839513498Z 64 PC: 12b28 | Write file or device (See above)
2018-12-25T12:04:33.843806755Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:04:33.845421759Z 44 PC: 12b33 | Get time (See above)
2018-12-25T12:04:33.847174773Z 64 PC: 12bfe | Write file or device (See above)
2018-12-25T12:04:33.849023754Z 87 PC: 12b4f | Get or set file date and time (See above)
2018-12-25T12:04:33.850181536Z 62 PC: 12b53 | Close file (See above)
2018-12-25T12:04:33.855065909Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.861198521Z 79 PC: 12ac3 | Find next file (See above)
2018-12-25T12:04:33.863053262Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.867832855Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:04:33.873086933Z 62 PC: 12ae2 | Close file (See above)
2018-12-25T12:04:33.874592656Z 79 PC: 12ac3 | Find next file (See above)
2018-12-25T12:04:33.876339299Z 59 PC: 12a97 | Change current directory
2018-12-25T12:04:33.878910482Z 9 PC: 12aa1 | Display string (String= 'Birgit [IVP] ')
2018-12-25T12:04:33.882569399Z 37 PC: 12aab | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:04:33.884304986Z 59 PC: 12ab5 | Change current directory
2018-12-25T12:04:33.886247495Z 26 PC: 12b6b | Set disk transfer address (See above)

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":8411,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:04:33.574561533Z 26 PC: 12b6b | Set disk transfer address
2018-12-25T12:04:33.576170922Z 53 PC: 12a6a | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:04:33.577339039Z 37 PC: 12a7c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:04:33.578356915Z 71 PC: 12a88 | Get current directory
2018-12-25T12:04:33.58154482Z 78 PC: 12ac3 | Find first file
2018-12-25T12:04:33.587488891Z 61 PC: 12b74 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:04:33.593774719Z 63 PC: 12ade | Read file or device (Read 26 bytes on handle 5)
2018-12-25T12:04:33.601073688Z 62 PC: 12ae2 | Close file
2018-12-25T12:04:33.602881846Z 67 PC: 12b7f | Get or set file attributes
2018-12-25T12:04:33.618276869Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.63016876Z 64 PC: 12b28 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:04:33.637114617Z 66 PC: 12b66 | Move file pointer
2018-12-25T12:04:33.638900576Z 44 PC: 12b33 | Get time 0x12b33: cmp dh, 0
0x12b36: je 0x12b2f
0x12b38: mov byte ptr cs:[bp + 0x2aa], dh
0x12b3d: call 0x12ba1
0x12b40: mov ax, 0x5701
0x12b43: mov cx, word ptr cs:[bp + 0x31d]
0x12b48: mov dx, word ptr cs:[bp + 0x31f]
0x12b4d: int 0x21
0x12b4f: mov ah, 0x3e
0x12b51: int 0x21
0x12b53: xor cx, cx
0x12b55: mov cl, byte ptr cs:[bp + 0x31c]
0x12b5a: call 0x12b76
0x12b5d: ret
0x12b5e: mov ah, 0x42
0x12b60: xor cx, cx
0x12b62: xor dx, dx
0x12b64: int 0x21
0x12b66: ret
0x12b67: mov ah, 0x1a
2018-12-25T12:04:33.64161492Z 64 PC: 12bfe | Write file or device (Write 424 bytes on handle 5)
2018-12-25T12:04:33.649772727Z 87 PC: 12b4f | Get or set file date and time
2018-12-25T12:04:33.651113318Z 62 PC: 12b53 | Close file
2018-12-25T12:04:33.658515602Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.668187381Z 79 PC: 12ac3 | Find next file (See above)
2018-12-25T12:04:33.670643623Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.676879036Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:04:33.683043436Z 62 PC: 12ae2 | Close file (See above)
2018-12-25T12:04:33.684667541Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.694732748Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.70144249Z 64 PC: 12b28 | Write file or device (See above)
2018-12-25T12:04:33.703999769Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:04:33.705179496Z 44 PC: 12b33 | Get time (See above)
2018-12-25T12:04:33.721229606Z 64 PC: 12bfe | Write file or device (See above)
2018-12-25T12:04:33.723974338Z 87 PC: 12b4f | Get or set file date and time (See above)
2018-12-25T12:04:33.725280806Z 62 PC: 12b53 | Close file (See above)
2018-12-25T12:04:33.740098304Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.750420808Z 79 PC: 12ac3 | Find next file (See above)
2018-12-25T12:04:33.753014057Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.759916322Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:04:33.766508876Z 62 PC: 12ae2 | Close file (See above)
2018-12-25T12:04:33.780933567Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.794229134Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.800763292Z 64 PC: 12b28 | Write file or device (See above)
2018-12-25T12:04:33.80711723Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:04:33.809220424Z 44 PC: 12b33 | Get time (See above)
2018-12-25T12:04:33.811490395Z 64 PC: 12bfe | Write file or device (See above)
2018-12-25T12:04:33.819499368Z 87 PC: 12b4f | Get or set file date and time (See above)
2018-12-25T12:04:33.821396488Z 62 PC: 12b53 | Close file (See above)
2018-12-25T12:04:33.828805657Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.838378914Z 79 PC: 12ac3 | Find next file (See above)
2018-12-25T12:04:33.841452935Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.847801186Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:04:33.854343203Z 62 PC: 12ae2 | Close file (See above)
2018-12-25T12:04:33.856626553Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.866395683Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.872690404Z 64 PC: 12b28 | Write file or device (See above)
2018-12-25T12:04:33.876026096Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:04:33.877278909Z 44 PC: 12b33 | Get time (See above)
2018-12-25T12:04:33.8795574Z 64 PC: 12bfe | Write file or device (See above)
2018-12-25T12:04:33.882912461Z 87 PC: 12b4f | Get or set file date and time (See above)
2018-12-25T12:04:33.88438466Z 62 PC: 12b53 | Close file (See above)
2018-12-25T12:04:33.891487971Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.90208013Z 79 PC: 12ac3 | Find next file (See above)
2018-12-25T12:04:33.905074489Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.911486011Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:04:33.919019098Z 62 PC: 12ae2 | Close file (See above)
2018-12-25T12:04:33.920941431Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.925125467Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.929951912Z 64 PC: 12b28 | Write file or device (See above)
2018-12-25T12:04:33.93247958Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:04:33.933685316Z 44 PC: 12b33 | Get time (See above)
2018-12-25T12:04:33.936370889Z 64 PC: 12bfe | Write file or device (See above)
2018-12-25T12:04:33.94839082Z 87 PC: 12b4f | Get or set file date and time (See above)
2018-12-25T12:04:33.949685769Z 62 PC: 12b53 | Close file (See above)
2018-12-25T12:04:33.951707759Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.955761748Z 79 PC: 12ac3 | Find next file (See above)
2018-12-25T12:04:33.958144115Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.964644973Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:04:33.970807748Z 62 PC: 12ae2 | Close file (See above)
2018-12-25T12:04:33.972376884Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.982549535Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.9898719Z 64 PC: 12b28 | Write file or device (See above)
2018-12-25T12:04:33.992441387Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:04:33.994026699Z 44 PC: 12b33 | Get time (See above)
2018-12-25T12:04:33.996238503Z 64 PC: 12bfe | Write file or device (See above)
2018-12-25T12:04:34.004018534Z 87 PC: 12b4f | Get or set file date and time (See above)
2018-12-25T12:04:34.005801851Z 62 PC: 12b53 | Close file (See above)
2018-12-25T12:04:34.013032575Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:34.022539305Z 79 PC: 12ac3 | Find next file (See above)
2018-12-25T12:04:34.026478978Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:34.032995918Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:04:34.039678891Z 62 PC: 12ae2 | Close file (See above)
2018-12-25T12:04:34.041870995Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:34.054068551Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:34.060280171Z 64 PC: 12b28 | Write file or device (See above)
2018-12-25T12:04:34.066843277Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:04:34.067929586Z 44 PC: 12b33 | Get time (See above)
2018-12-25T12:04:34.069409868Z 64 PC: 12bfe | Write file or device (See above)
2018-12-25T12:04:34.071595199Z 87 PC: 12b4f | Get or set file date and time (See above)
2018-12-25T12:04:34.072661848Z 62 PC: 12b53 | Close file (See above)
2018-12-25T12:04:34.077297658Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:34.083739884Z 79 PC: 12ac3 | Find next file (See above)
2018-12-25T12:04:34.085764353Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:34.08962427Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:04:34.096631093Z 62 PC: 12ae2 | Close file (See above)
2018-12-25T12:04:34.098302276Z 79 PC: 12ac3 | Find next file (See above)
2018-12-25T12:04:34.100490298Z 59 PC: 12a97 | Change current directory
2018-12-25T12:04:34.10970682Z 9 PC: 12aa1 | Display string (String= 'Birgit [IVP] ')
2018-12-25T12:04:34.116881827Z 37 PC: 12aab | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:04:34.117790498Z 59 PC: 12ab5 | Change current directory
2018-12-25T12:04:34.119774341Z 26 PC: 12b6b | Set disk transfer address (See above)

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":1,"TimeBased":true,"OriginalID":8411,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:04:33.585180653Z 26 PC: 12b6b | Set disk transfer address
2018-12-25T12:04:33.586645119Z 53 PC: 12a6a | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:04:33.588036287Z 37 PC: 12a7c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:04:33.589111203Z 71 PC: 12a88 | Get current directory
2018-12-25T12:04:33.592201067Z 78 PC: 12ac3 | Find first file
2018-12-25T12:04:33.604250909Z 61 PC: 12b74 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:04:33.610527879Z 63 PC: 12ade | Read file or device (Read 26 bytes on handle 5)
2018-12-25T12:04:33.61675121Z 62 PC: 12ae2 | Close file
2018-12-25T12:04:33.621193376Z 67 PC: 12b7f | Get or set file attributes
2018-12-25T12:04:33.636143969Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.647423467Z 64 PC: 12b28 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:04:33.654566547Z 66 PC: 12b66 | Move file pointer
2018-12-25T12:04:33.655908439Z 44 PC: 12b33 | Get time 0x12b33: cmp dh, 0
0x12b36: je 0x12b2f
0x12b38: mov byte ptr cs:[bp + 0x2aa], dh
0x12b3d: call 0x12ba1
0x12b40: mov ax, 0x5701
0x12b43: mov cx, word ptr cs:[bp + 0x31d]
0x12b48: mov dx, word ptr cs:[bp + 0x31f]
0x12b4d: int 0x21
0x12b4f: mov ah, 0x3e
0x12b51: int 0x21
0x12b53: xor cx, cx
0x12b55: mov cl, byte ptr cs:[bp + 0x31c]
0x12b5a: call 0x12b76
0x12b5d: ret
0x12b5e: mov ah, 0x42
0x12b60: xor cx, cx
0x12b62: xor dx, dx
0x12b64: int 0x21
0x12b66: ret
0x12b67: mov ah, 0x1a
2018-12-25T12:04:33.658232Z 64 PC: 12bfe | Write file or device (Write 424 bytes on handle 5)
2018-12-25T12:04:33.666599719Z 87 PC: 12b4f | Get or set file date and time
2018-12-25T12:04:33.667970517Z 62 PC: 12b53 | Close file
2018-12-25T12:04:33.675106437Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.685090112Z 79 PC: 12ac3 | Find next file (See above)
2018-12-25T12:04:33.686874634Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.690862339Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:04:33.697553926Z 62 PC: 12ae2 | Close file (See above)
2018-12-25T12:04:33.699283231Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.709093318Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.732574421Z 64 PC: 12b28 | Write file or device (See above)
2018-12-25T12:04:33.73998725Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:04:33.741637173Z 44 PC: 12b33 | Get time (See above)
2018-12-25T12:04:33.744726081Z 64 PC: 12bfe | Write file or device (See above)
2018-12-25T12:04:33.747784455Z 87 PC: 12b4f | Get or set file date and time (See above)
2018-12-25T12:04:33.749258973Z 62 PC: 12b53 | Close file (See above)
2018-12-25T12:04:33.757129399Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.767012877Z 79 PC: 12ac3 | Find next file (See above)
2018-12-25T12:04:33.769541706Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.776662979Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:04:33.782964912Z 62 PC: 12ae2 | Close file (See above)
2018-12-25T12:04:33.784795016Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.795959028Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.802629916Z 64 PC: 12b28 | Write file or device (See above)
2018-12-25T12:04:33.80545947Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:04:33.806941343Z 44 PC: 12b33 | Get time (See above)
2018-12-25T12:04:33.809653559Z 64 PC: 12bfe | Write file or device (See above)
2018-12-25T12:04:33.818528298Z 87 PC: 12b4f | Get or set file date and time (See above)
2018-12-25T12:04:33.819980356Z 62 PC: 12b53 | Close file (See above)
2018-12-25T12:04:33.828328562Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.837999115Z 79 PC: 12ac3 | Find next file (See above)
2018-12-25T12:04:33.840702748Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.84892142Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:04:33.856391068Z 62 PC: 12ae2 | Close file (See above)
2018-12-25T12:04:33.858566943Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.870086882Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.876620326Z 64 PC: 12b28 | Write file or device (See above)
2018-12-25T12:04:33.879353005Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:04:33.881509131Z 44 PC: 12b33 | Get time (See above)
2018-12-25T12:04:33.88416904Z 64 PC: 12bfe | Write file or device (See above)
2018-12-25T12:04:33.887400188Z 87 PC: 12b4f | Get or set file date and time (See above)
2018-12-25T12:04:33.88980503Z 62 PC: 12b53 | Close file (See above)
2018-12-25T12:04:33.89716972Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.907576535Z 79 PC: 12ac3 | Find next file (See above)
2018-12-25T12:04:33.910737354Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.922330354Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:04:33.926306458Z 62 PC: 12ae2 | Close file (See above)
2018-12-25T12:04:33.928012506Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.932263492Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.936635761Z 64 PC: 12b28 | Write file or device (See above)
2018-12-25T12:04:33.939529067Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:04:33.941871959Z 44 PC: 12b33 | Get time (See above)
2018-12-25T12:04:33.944267763Z 64 PC: 12bfe | Write file or device (See above)
2018-12-25T12:04:33.953801491Z 87 PC: 12b4f | Get or set file date and time (See above)
2018-12-25T12:04:33.955185049Z 62 PC: 12b53 | Close file (See above)
2018-12-25T12:04:33.956786013Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.961452697Z 79 PC: 12ac3 | Find next file (See above)
2018-12-25T12:04:33.964044964Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.97032974Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:04:33.977114915Z 62 PC: 12ae2 | Close file (See above)
2018-12-25T12:04:33.978907146Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:33.991093773Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:33.99782093Z 64 PC: 12b28 | Write file or device (See above)
2018-12-25T12:04:34.003061357Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:04:34.004444616Z 44 PC: 12b33 | Get time (See above)
2018-12-25T12:04:34.007269704Z 64 PC: 12bfe | Write file or device (See above)
2018-12-25T12:04:34.016403456Z 87 PC: 12b4f | Get or set file date and time (See above)
2018-12-25T12:04:34.017992009Z 62 PC: 12b53 | Close file (See above)
2018-12-25T12:04:34.025721295Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:34.042161362Z 79 PC: 12ac3 | Find next file (See above)
2018-12-25T12:04:34.044784242Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:34.052250067Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:04:34.058558053Z 62 PC: 12ae2 | Close file (See above)
2018-12-25T12:04:34.060237399Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:34.070715305Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:34.077244261Z 64 PC: 12b28 | Write file or device (See above)
2018-12-25T12:04:34.079932156Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:04:34.081622311Z 44 PC: 12b33 | Get time (See above)
2018-12-25T12:04:34.08402347Z 64 PC: 12bfe | Write file or device (See above)
2018-12-25T12:04:34.086755729Z 87 PC: 12b4f | Get or set file date and time (See above)
2018-12-25T12:04:34.08906718Z 62 PC: 12b53 | Close file (See above)
2018-12-25T12:04:34.096892265Z 67 PC: 12b7f | Get or set file attributes (See above)
2018-12-25T12:04:34.106167567Z 79 PC: 12ac3 | Find next file (See above)
2018-12-25T12:04:34.108755377Z 61 PC: 12b74 | Open file (See above)
2018-12-25T12:04:34.115695964Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:04:34.121747754Z 62 PC: 12ae2 | Close file (See above)
2018-12-25T12:04:34.123639276Z 79 PC: 12ac3 | Find next file (See above)
2018-12-25T12:04:34.126499014Z 59 PC: 12a97 | Change current directory
2018-12-25T12:04:34.130706416Z 9 PC: 12aa1 | Display string (String= 'Birgit [IVP] ')
2018-12-25T12:04:34.136731376Z 37 PC: 12aab | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:04:34.138006009Z 59 PC: 12ab5 | Change current directory
2018-12-25T12:04:34.139622351Z 26 PC: 12b6b | Set disk transfer address (See above)