{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8473,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:04:42.360722334Z | 71 | PC: 12a64 | Get current directory |
| 2018-12-25T12:04:42.364579791Z | 26 | PC: 12a74 | Set disk transfer address |
| 2018-12-25T12:04:42.365675205Z | 78 | PC: 12c85 | Find first file |
| 2018-12-25T12:04:42.371898802Z | 61 | PC: 12a91 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:04:42.376159152Z | 66 | PC: 12aa6 | Move file pointer |
| 2018-12-25T12:04:42.377622101Z | 63 | PC: 12abb | Read file or device (Read 5 bytes on handle 5) |
| 2018-12-25T12:04:42.381540547Z | 66 | PC: 12ae5 | Move file pointer |
| 2018-12-25T12:04:42.382806655Z | 63 | PC: 12af5 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-25T12:04:42.385273613Z | 66 | PC: 12b03 | Move file pointer |
| 2018-12-25T12:04:42.386607899Z | 64 | PC: 12c22 | Write file or device (Write 815 bytes on handle 5) |
| 2018-12-25T12:04:42.621240406Z | 66 | PC: 12b1b | Move file pointer |
| 2018-12-25T12:04:42.623403644Z | 64 | PC: 12b2a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:04:42.630108656Z | 59 | PC: 12b33 | Change current directory |
| 2018-12-25T12:04:42.635662066Z | 62 | PC: 12c2c | Close file |
| 2018-12-25T12:04:42.645292236Z | 42 | PC: 12b83 | Get date 0x12b83: cmp dl, 5 0x12b86: jne 0x12b92 0x12b88: mov al, 2 0x12b8a: mov cx, 0x100 0x12b8d: cdq 0x12b8e: int 0x26 0x12b90: jmp 0x12b90 0x12b92: mov ax, 0x100 0x12b95: jmp ax 0x12b97: call 0x12c25 0x12b9a: call 0x12d48 0x12b9d: jb 0x12b35 0x12b9f: jmp 0x12a87 0x12ba2: mov ah, 0x3b 0x12ba4: lea dx, word ptr [si + 0x2ed] 0x12ba8: int 0x21 0x12baa: jmp 0x12b7f 0x12bac: call 0x94e92bea 0x12bb2: add word ptr [bx + si], sp 0x12bb4: dec bp |
| 2018-12-25T12:04:42.647864365Z | 76 | PC: 12a44 | Terminate with return code (Return code = '0') |
{"DateBased":true,"Day":5,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8473,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:04:42.385659389Z | 71 | PC: 12a64 | Get current directory |
| 2018-12-25T12:04:42.39624843Z | 26 | PC: 12a74 | Set disk transfer address |
| 2018-12-25T12:04:42.397652858Z | 78 | PC: 12c85 | Find first file |
| 2018-12-25T12:04:42.403511533Z | 61 | PC: 12a91 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:04:42.409820291Z | 66 | PC: 12aa6 | Move file pointer |
| 2018-12-25T12:04:42.411978909Z | 63 | PC: 12abb | Read file or device (Read 5 bytes on handle 5) |
| 2018-12-25T12:04:42.418426884Z | 66 | PC: 12ae5 | Move file pointer |
| 2018-12-25T12:04:42.419827234Z | 63 | PC: 12af5 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-25T12:04:42.423580003Z | 66 | PC: 12b03 | Move file pointer |
| 2018-12-25T12:04:42.425046944Z | 64 | PC: 12c22 | Write file or device (Write 815 bytes on handle 5) |
| 2018-12-25T12:04:42.624357062Z | 66 | PC: 12b1b | Move file pointer |
| 2018-12-25T12:04:42.627210693Z | 64 | PC: 12b2a | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:04:42.635129604Z | 59 | PC: 12b33 | Change current directory |
| 2018-12-25T12:04:42.639975777Z | 62 | PC: 12c2c | Close file |
| 2018-12-25T12:04:42.648952341Z | 42 | PC: 12b83 | Get date 0x12b83: cmp dl, 5 0x12b86: jne 0x12b92 0x12b88: mov al, 2 0x12b8a: mov cx, 0x100 0x12b8d: cdq 0x12b8e: int 0x26 0x12b90: jmp 0x12b90 0x12b92: mov ax, 0x100 0x12b95: jmp ax 0x12b97: call 0x12c25 0x12b9a: call 0x12d48 0x12b9d: jb 0x12b35 0x12b9f: jmp 0x12a87 0x12ba2: mov ah, 0x3b 0x12ba4: lea dx, word ptr [si + 0x2ed] 0x12ba8: int 0x21 0x12baa: jmp 0x12b7f 0x12bac: call 0x94e92bea 0x12bb2: add word ptr [bx + si], sp 0x12bb4: dec bp |