Sample viewer

vx.netlux.org/Virus.DOS.Jouce.1608

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:46:29.778208416Z 53 PC: 220de | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:46:29.780500691Z 37 PC: 220f0 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:46:29.782086486Z 26 PC: 22100 | Set disk transfer address
2018-12-17T22:46:29.783842987Z 67 PC: 22448 | Get or set file attributes
2018-12-17T22:46:29.790202381Z 67 PC: 22465 | Get or set file attributes
2018-12-17T22:46:30.130950754Z 61 PC: 22323 | Open file (Filename = 'C:\COMMAND.COM')
2018-12-17T22:46:30.137227338Z 63 PC: 2233c | Read file or device (Read 62 bytes on handle 5)
2018-12-17T22:46:30.140480357Z 66 PC: 2235b | Move file pointer
2018-12-17T22:46:30.142189422Z 66 PC: 2236f | Move file pointer
2018-12-17T22:46:30.143765758Z 63 PC: 2237c | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:46:30.147002216Z 66 PC: 22394 | Move file pointer
2018-12-17T22:46:30.14888175Z 64 PC: 223b0 | Write file or device (Write 1608 bytes on handle 5)
2018-12-17T22:46:30.160792156Z 66 PC: 223c0 | Move file pointer
2018-12-17T22:46:30.162557378Z 64 PC: 223d1 | Write file or device (Write 62 bytes on handle 5)
2018-12-17T22:46:30.166838608Z 87 PC: 22579 | Get or set file date and time
2018-12-17T22:46:30.168531586Z 87 PC: 22582 | Get or set file date and time
2018-12-17T22:46:30.171148669Z 62 PC: 223e5 | Close file
2018-12-17T22:46:30.178470565Z 67 PC: 22486 | Get or set file attributes
2018-12-17T22:46:30.187125441Z 78 PC: 22116 | Find first file
2018-12-17T22:46:30.193013667Z 67 PC: 22448 | Get or set file attributes
2018-12-17T22:46:30.199202956Z 67 PC: 22465 | Get or set file attributes
2018-12-17T22:46:30.215385165Z 61 PC: 2221c | Open file (Filename = 'TEST.EXE')
2018-12-17T22:46:30.221893123Z 63 PC: 22230 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:46:30.225263976Z 66 PC: 222e6 | Move file pointer
2018-12-17T22:46:30.226860428Z 66 PC: 2224c | Move file pointer
2018-12-17T22:46:30.228566432Z 64 PC: 22260 | Write file or device (Write 11 bytes on handle 5)
2018-12-17T22:46:30.232663085Z 64 PC: 22274 | Write file or device (Write 1608 bytes on handle 5)
2018-12-17T22:46:30.241657915Z 66 PC: 22287 | Move file pointer
2018-12-17T22:46:30.242979469Z 64 PC: 22298 | Write file or device (Write 28 bytes on handle 5)
2018-12-17T22:46:30.246594668Z 87 PC: 22579 | Get or set file date and time
2018-12-17T22:46:30.248068082Z 87 PC: 22582 | Get or set file date and time
2018-12-17T22:46:30.249520084Z 62 PC: 222ab | Close file
2018-12-17T22:46:30.257729258Z 67 PC: 22486 | Get or set file attributes
2018-12-17T22:46:30.267387035Z 79 PC: 2212b | Find next file
2018-12-17T22:46:30.26974395Z 78 PC: 2214c | Find first file
2018-12-17T22:46:30.276088387Z 67 PC: 22448 | Get or set file attributes
2018-12-17T22:46:30.281657628Z 67 PC: 22465 | Get or set file attributes
2018-12-17T22:46:30.293608592Z 61 PC: 22323 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:46:30.313357748Z 63 PC: 2233c | Read file or device (Read 62 bytes on handle 5)
2018-12-17T22:46:30.31984155Z 66 PC: 2235b | Move file pointer
2018-12-17T22:46:30.321412618Z 66 PC: 2236f | Move file pointer
2018-12-17T22:46:30.323397674Z 63 PC: 2237c | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:46:30.32579213Z 66 PC: 22394 | Move file pointer
2018-12-17T22:46:30.327048609Z 64 PC: 223b0 | Write file or device (Write 1608 bytes on handle 5)
2018-12-17T22:46:30.5233087Z 66 PC: 223c0 | Move file pointer
2018-12-17T22:46:30.52517969Z 64 PC: 223d1 | Write file or device (Write 62 bytes on handle 5)
2018-12-17T22:46:30.531963255Z 87 PC: 22579 | Get or set file date and time
2018-12-17T22:46:30.533293265Z 87 PC: 22582 | Get or set file date and time
2018-12-17T22:46:30.53482385Z 62 PC: 223e5 | Close file
2018-12-17T22:46:30.645057276Z 67 PC: 22486 | Get or set file attributes
2018-12-17T22:46:30.655981801Z 79 PC: 22161 | Find next file
2018-12-17T22:46:30.660378491Z 67 PC: 22448 | Get or set file attributes
2018-12-17T22:46:30.666659391Z 67 PC: 22465 | Get or set file attributes
2018-12-17T22:46:30.67629843Z 61 PC: 22323 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:46:30.683407663Z 63 PC: 2233c | Read file or device (Read 62 bytes on handle 5)
2018-12-17T22:46:30.689664781Z 66 PC: 2235b | Move file pointer
2018-12-17T22:46:30.691045322Z 66 PC: 2236f | Move file pointer
2018-12-17T22:46:30.693776866Z 63 PC: 2237c | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:46:30.697999932Z 66 PC: 22394 | Move file pointer
2018-12-17T22:46:30.700331192Z 64 PC: 223b0 | Write file or device (Write 1608 bytes on handle 5)
2018-12-17T22:46:30.709348994Z 66 PC: 223c0 | Move file pointer
2018-12-17T22:46:30.710811938Z 64 PC: 223d1 | Write file or device (Write 62 bytes on handle 5)
2018-12-17T22:46:30.717193301Z 87 PC: 22579 | Get or set file date and time
2018-12-17T22:46:30.719181377Z 87 PC: 22582 | Get or set file date and time
2018-12-17T22:46:30.720535254Z 62 PC: 223e5 | Close file
2018-12-17T22:46:30.728501288Z 67 PC: 22486 | Get or set file attributes
2018-12-17T22:46:30.73955288Z 79 PC: 22161 | Find next file
2018-12-17T22:46:30.742230134Z 67 PC: 22448 | Get or set file attributes
2018-12-17T22:46:30.747700159Z 67 PC: 22465 | Get or set file attributes
2018-12-17T22:46:30.760065835Z 61 PC: 22323 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:46:30.766745295Z 63 PC: 2233c | Read file or device (Read 62 bytes on handle 5)
2018-12-17T22:46:30.773086995Z 66 PC: 2235b | Move file pointer
2018-12-17T22:46:30.77471647Z 66 PC: 2236f | Move file pointer
2018-12-17T22:46:30.776497079Z 63 PC: 2237c | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:46:30.778903511Z 66 PC: 22394 | Move file pointer
2018-12-17T22:46:30.780368697Z 64 PC: 223b0 | Write file or device (Write 1608 bytes on handle 5)
2018-12-17T22:46:30.791119511Z 66 PC: 223c0 | Move file pointer
2018-12-17T22:46:30.792509667Z 64 PC: 223d1 | Write file or device (Write 62 bytes on handle 5)
2018-12-17T22:46:30.799085954Z 87 PC: 22579 | Get or set file date and time
2018-12-17T22:46:30.801089971Z 87 PC: 22582 | Get or set file date and time
2018-12-17T22:46:30.803387142Z 62 PC: 223e5 | Close file
2018-12-17T22:46:30.811239906Z 67 PC: 22486 | Get or set file attributes
2018-12-17T22:46:30.821657755Z 79 PC: 22161 | Find next file
2018-12-17T22:46:30.824365924Z 67 PC: 22448 | Get or set file attributes
2018-12-17T22:46:30.829905639Z 67 PC: 22465 | Get or set file attributes
2018-12-17T22:46:30.839930326Z 61 PC: 22323 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:46:30.846407076Z 63 PC: 2233c | Read file or device (Read 62 bytes on handle 5)
2018-12-17T22:46:30.852840567Z 66 PC: 2235b | Move file pointer
2018-12-17T22:46:30.855096838Z 66 PC: 2236f | Move file pointer
2018-12-17T22:46:30.856669855Z 63 PC: 2237c | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:46:30.859336416Z 66 PC: 22394 | Move file pointer
2018-12-17T22:46:30.861542896Z 64 PC: 223b0 | Write file or device (Write 1608 bytes on handle 5)
2018-12-17T22:46:30.870559881Z 66 PC: 223c0 | Move file pointer
2018-12-17T22:46:30.872149495Z 64 PC: 223d1 | Write file or device (Write 62 bytes on handle 5)
2018-12-17T22:46:30.879576425Z 87 PC: 22579 | Get or set file date and time
2018-12-17T22:46:30.88125864Z 87 PC: 22582 | Get or set file date and time
2018-12-17T22:46:30.883058946Z 62 PC: 223e5 | Close file
2018-12-17T22:46:30.891905109Z 67 PC: 22486 | Get or set file attributes
2018-12-17T22:46:30.900238116Z 79 PC: 22161 | Find next file
2018-12-17T22:46:30.902233669Z 67 PC: 22448 | Get or set file attributes
2018-12-17T22:46:30.910687561Z 67 PC: 22465 | Get or set file attributes
2018-12-17T22:46:30.920714062Z 61 PC: 22323 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:46:30.928010542Z 63 PC: 2233c | Read file or device (Read 62 bytes on handle 5)
2018-12-17T22:46:30.93301429Z 66 PC: 2235b | Move file pointer
2018-12-17T22:46:30.934606942Z 66 PC: 2236f | Move file pointer
2018-12-17T22:46:30.935751746Z 63 PC: 2237c | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:46:30.938051064Z 66 PC: 22394 | Move file pointer
2018-12-17T22:46:30.939236752Z 64 PC: 223b0 | Write file or device (Write 1608 bytes on handle 5)
2018-12-17T22:46:30.944952489Z 66 PC: 223c0 | Move file pointer
2018-12-17T22:46:30.946545425Z 64 PC: 223d1 | Write file or device (Write 62 bytes on handle 5)
2018-12-17T22:46:30.950875779Z 87 PC: 22579 | Get or set file date and time
2018-12-17T22:46:30.952064585Z 87 PC: 22582 | Get or set file date and time
2018-12-17T22:46:30.953762545Z 62 PC: 223e5 | Close file
2018-12-17T22:46:30.959188377Z 67 PC: 22486 | Get or set file attributes
2018-12-17T22:46:30.965528584Z 37 PC: 2217c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:46:30.967076992Z 42 PC: 22182 | Get date 0x22182: cmp al, 3
0x22184: jne 0x22189
0x22186: call 0x22583
0x22189: sub di, di
0x2218b: cmp word ptr cs:[di], 0x20cd
0x22190: je 0x221e5
0x22192: cmp word ptr [0x6df], 0
0x22197: jne 0x221b3
0x22199: mov sp, word ptr [0x6d9]
0x2219d: mov ax, word ptr [0x6dd]
0x221a0: mov ds, ax
0x221a2: mov es, ax
0x221a4: mov ax, word ptr cs:[0x6ff]
0x221a8: push ax
0x221a9: mov ax, word ptr cs:[0x701]
0x221ad: push ax
0x221ae: mov ax, word ptr cs:[0x6db]
0x221b2: retf
0x221b3: push cs
0x221b4: pop ds
2018-12-17T22:46:30.968625519Z 9 PC: 12a82 | Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ')
2018-12-17T22:46:30.971125798Z 76 PC: 12a86 | Terminate with return code (Return code = '36')

{"DateBased":true,"Day":2,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8904,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:22:08.69203315Z 53 PC: 220de | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:22:08.694020787Z 37 PC: 220f0 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:22:08.695739988Z 26 PC: 22100 | Set disk transfer address
2018-12-25T12:22:08.697345332Z 67 PC: 22448 | Get or set file attributes
2018-12-25T12:22:08.703357571Z 67 PC: 22465 | Get or set file attributes
2018-12-25T12:22:09.392335377Z 61 PC: 22323 | Open file (Filename = 'C:\COMMAND.COM')
2018-12-25T12:22:09.397180374Z 63 PC: 2233c | Read file or device (Read 62 bytes on handle 5)
2018-12-25T12:22:09.399219833Z 66 PC: 2235b | Move file pointer
2018-12-25T12:22:09.401209907Z 66 PC: 2236f | Move file pointer
2018-12-25T12:22:09.402299993Z 63 PC: 2237c | Read file or device (Read 2 bytes on handle 5)
2018-12-25T12:22:09.404414554Z 66 PC: 22394 | Move file pointer
2018-12-25T12:22:09.406324311Z 64 PC: 223b0 | Write file or device (Write 1608 bytes on handle 5)
2018-12-25T12:22:09.41264934Z 66 PC: 223c0 | Move file pointer
2018-12-25T12:22:09.413746167Z 64 PC: 223d1 | Write file or device (Write 62 bytes on handle 5)
2018-12-25T12:22:09.415802001Z 87 PC: 22579 | Get or set file date and time
2018-12-25T12:22:09.417936506Z 87 PC: 22582 | Get or set file date and time
2018-12-25T12:22:09.419816626Z 62 PC: 223e5 | Close file
2018-12-25T12:22:09.427676723Z 67 PC: 22486 | Get or set file attributes
2018-12-25T12:22:09.434039681Z 78 PC: 22116 | Find first file
2018-12-25T12:22:09.437975096Z 67 PC: 22448 | Get or set file attributes (See above)
2018-12-25T12:22:09.441769131Z 67 PC: 22465 | Get or set file attributes (See above)
2018-12-25T12:22:09.454082102Z 61 PC: 2221c | Open file (Filename = 'TEST.EXE')
2018-12-25T12:22:09.458381967Z 63 PC: 22230 | Read file or device (Read 28 bytes on handle 5)
2018-12-25T12:22:09.460206705Z 66 PC: 222e6 | Move file pointer
2018-12-25T12:22:09.461965852Z 66 PC: 2224c | Move file pointer
2018-12-25T12:22:09.463639331Z 64 PC: 22260 | Write file or device (Write 11 bytes on handle 5)
2018-12-25T12:22:09.466021063Z 64 PC: 22274 | Write file or device (Write 1608 bytes on handle 5)
2018-12-25T12:22:09.473122614Z 66 PC: 22287 | Move file pointer
2018-12-25T12:22:09.474694802Z 64 PC: 22298 | Write file or device (Write 28 bytes on handle 5)
2018-12-25T12:22:09.477749518Z 87 PC: 22579 | Get or set file date and time (See above)
2018-12-25T12:22:09.480110756Z 87 PC: 22582 | Get or set file date and time (See above)
2018-12-25T12:22:09.481708586Z 62 PC: 222ab | Close file
2018-12-25T12:22:09.490315409Z 67 PC: 22486 | Get or set file attributes (See above)
2018-12-25T12:22:09.501379427Z 79 PC: 2212b | Find next file
2018-12-25T12:22:09.504565163Z 78 PC: 2214c | Find first file
2018-12-25T12:22:09.510996975Z 67 PC: 22448 | Get or set file attributes (See above)
2018-12-25T12:22:09.517284716Z 67 PC: 22465 | Get or set file attributes (See above)
2018-12-25T12:22:09.530683536Z 61 PC: 22323 | Open file (See above)
2018-12-25T12:22:09.538891291Z 63 PC: 2233c | Read file or device (See above)
2018-12-25T12:22:09.54609529Z 66 PC: 2235b | Move file pointer (See above)
2018-12-25T12:22:09.548167906Z 66 PC: 2236f | Move file pointer (See above)
2018-12-25T12:22:09.549635076Z 63 PC: 2237c | Read file or device (See above)
2018-12-25T12:22:09.55238772Z 66 PC: 22394 | Move file pointer (See above)
2018-12-25T12:22:09.554812565Z 64 PC: 223b0 | Write file or device (See above)
2018-12-25T12:22:09.564172628Z 66 PC: 223c0 | Move file pointer (See above)
2018-12-25T12:22:09.565675854Z 64 PC: 223d1 | Write file or device (See above)
2018-12-25T12:22:09.574006938Z 87 PC: 22579 | Get or set file date and time (See above)
2018-12-25T12:22:09.575567567Z 87 PC: 22582 | Get or set file date and time (See above)
2018-12-25T12:22:09.577161926Z 62 PC: 223e5 | Close file (See above)
2018-12-25T12:22:09.586410859Z 67 PC: 22486 | Get or set file attributes (See above)
2018-12-25T12:22:09.597477811Z 79 PC: 22161 | Find next file
2018-12-25T12:22:09.601075103Z 67 PC: 22448 | Get or set file attributes (See above)
2018-12-25T12:22:09.607114881Z 67 PC: 22465 | Get or set file attributes (See above)
2018-12-25T12:22:09.61780643Z 61 PC: 22323 | Open file (See above)
2018-12-25T12:22:09.624871752Z 63 PC: 2233c | Read file or device (See above)
2018-12-25T12:22:09.63165623Z 66 PC: 2235b | Move file pointer (See above)
2018-12-25T12:22:09.634031939Z 66 PC: 2236f | Move file pointer (See above)
2018-12-25T12:22:09.635549082Z 63 PC: 2237c | Read file or device (See above)
2018-12-25T12:22:09.638100177Z 66 PC: 22394 | Move file pointer (See above)
2018-12-25T12:22:09.640190762Z 64 PC: 223b0 | Write file or device (See above)
2018-12-25T12:22:09.64953306Z 66 PC: 223c0 | Move file pointer (See above)
2018-12-25T12:22:09.650781433Z 64 PC: 223d1 | Write file or device (See above)
2018-12-25T12:22:09.658486626Z 87 PC: 22579 | Get or set file date and time (See above)
2018-12-25T12:22:09.660046431Z 87 PC: 22582 | Get or set file date and time (See above)
2018-12-25T12:22:09.662069946Z 62 PC: 223e5 | Close file (See above)
2018-12-25T12:22:09.671931076Z 67 PC: 22486 | Get or set file attributes (See above)
2018-12-25T12:22:09.682636177Z 79 PC: 22161 | Find next file (See above)
2018-12-25T12:22:09.68535463Z 67 PC: 22448 | Get or set file attributes (See above)
2018-12-25T12:22:09.691740837Z 67 PC: 22465 | Get or set file attributes (See above)
2018-12-25T12:22:09.702814825Z 61 PC: 22323 | Open file (See above)
2018-12-25T12:22:09.710140565Z 63 PC: 2233c | Read file or device (See above)
2018-12-25T12:22:09.717109364Z 66 PC: 2235b | Move file pointer (See above)
2018-12-25T12:22:09.718685509Z 66 PC: 2236f | Move file pointer (See above)
2018-12-25T12:22:09.720303352Z 63 PC: 2237c | Read file or device (See above)
2018-12-25T12:22:09.72297857Z 66 PC: 22394 | Move file pointer (See above)
2018-12-25T12:22:09.725123677Z 64 PC: 223b0 | Write file or device (See above)
2018-12-25T12:22:09.734869692Z 66 PC: 223c0 | Move file pointer (See above)
2018-12-25T12:22:09.736138491Z 64 PC: 223d1 | Write file or device (See above)
2018-12-25T12:22:09.743997522Z 87 PC: 22579 | Get or set file date and time (See above)
2018-12-25T12:22:09.745800335Z 87 PC: 22582 | Get or set file date and time (See above)
2018-12-25T12:22:09.747736178Z 62 PC: 223e5 | Close file (See above)
2018-12-25T12:22:09.75710442Z 67 PC: 22486 | Get or set file attributes (See above)
2018-12-25T12:22:09.768298375Z 79 PC: 22161 | Find next file (See above)
2018-12-25T12:22:09.771605372Z 67 PC: 22448 | Get or set file attributes (See above)
2018-12-25T12:22:09.778972105Z 67 PC: 22465 | Get or set file attributes (See above)
2018-12-25T12:22:09.789511325Z 61 PC: 22323 | Open file (See above)
2018-12-25T12:22:09.797492406Z 63 PC: 2233c | Read file or device (See above)
2018-12-25T12:22:09.804772927Z 66 PC: 2235b | Move file pointer (See above)
2018-12-25T12:22:09.806719347Z 66 PC: 2236f | Move file pointer (See above)
2018-12-25T12:22:09.808195479Z 63 PC: 2237c | Read file or device (See above)
2018-12-25T12:22:09.81085462Z 66 PC: 22394 | Move file pointer (See above)
2018-12-25T12:22:09.813307623Z 64 PC: 223b0 | Write file or device (See above)
2018-12-25T12:22:09.822707446Z 66 PC: 223c0 | Move file pointer (See above)
2018-12-25T12:22:09.824138974Z 64 PC: 223d1 | Write file or device (See above)
2018-12-25T12:22:09.831846299Z 87 PC: 22579 | Get or set file date and time (See above)
2018-12-25T12:22:09.833702219Z 87 PC: 22582 | Get or set file date and time (See above)
2018-12-25T12:22:09.835353696Z 62 PC: 223e5 | Close file (See above)
2018-12-25T12:22:09.844939159Z 67 PC: 22486 | Get or set file attributes (See above)
2018-12-25T12:22:09.856368422Z 79 PC: 22161 | Find next file (See above)
2018-12-25T12:22:09.859219081Z 67 PC: 22448 | Get or set file attributes (See above)
2018-12-25T12:22:09.865070383Z 67 PC: 22465 | Get or set file attributes (See above)
2018-12-25T12:22:09.87347741Z 61 PC: 22323 | Open file (See above)
2018-12-25T12:22:09.880778781Z 63 PC: 2233c | Read file or device (See above)
2018-12-25T12:22:09.887795812Z 66 PC: 2235b | Move file pointer (See above)
2018-12-25T12:22:09.889841714Z 66 PC: 2236f | Move file pointer (See above)
2018-12-25T12:22:09.891577002Z 63 PC: 2237c | Read file or device (See above)
2018-12-25T12:22:09.894459826Z 66 PC: 22394 | Move file pointer (See above)
2018-12-25T12:22:09.896619483Z 64 PC: 223b0 | Write file or device (See above)
2018-12-25T12:22:09.906198315Z 66 PC: 223c0 | Move file pointer (See above)
2018-12-25T12:22:09.907594643Z 64 PC: 223d1 | Write file or device (See above)
2018-12-25T12:22:09.915225395Z 87 PC: 22579 | Get or set file date and time (See above)
2018-12-25T12:22:09.916638302Z 87 PC: 22582 | Get or set file date and time (See above)
2018-12-25T12:22:09.918152947Z 62 PC: 223e5 | Close file (See above)
2018-12-25T12:22:09.927213919Z 67 PC: 22486 | Get or set file attributes (See above)
2018-12-25T12:22:09.938072467Z 37 PC: 2217c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:22:09.939196399Z 42 PC: 22182 | Get date 0x22182: cmp al, 3
0x22184: jne 0x22189
0x22186: call 0x22583
0x22189: sub di, di
0x2218b: cmp word ptr cs:[di], 0x20cd
0x22190: je 0x221e5
0x22192: cmp word ptr [0x6df], 0
0x22197: jne 0x221b3
0x22199: mov sp, word ptr [0x6d9]
0x2219d: mov ax, word ptr [0x6dd]
0x221a0: mov ds, ax
0x221a2: mov es, ax
0x221a4: mov ax, word ptr cs:[0x6ff]
0x221a8: push ax
0x221a9: mov ax, word ptr cs:[0x701]
0x221ad: push ax
0x221ae: mov ax, word ptr cs:[0x6db]
0x221b2: retf
0x221b3: push cs
0x221b4: pop ds
2018-12-25T12:22:09.942907956Z 25 PC: 225ae | Get default drive
2018-12-25T12:22:09.944428174Z 9 PC: 225ca | Display string (Could not find end pointer)

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8904,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:22:08.810299707Z 53 PC: 220de | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:22:08.812617636Z 37 PC: 220f0 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:22:08.813586565Z 26 PC: 22100 | Set disk transfer address
2018-12-25T12:22:08.815113724Z 67 PC: 22448 | Get or set file attributes
2018-12-25T12:22:08.821332156Z 67 PC: 22465 | Get or set file attributes
2018-12-25T12:22:09.650350265Z 61 PC: 22323 | Open file (Filename = 'C:\COMMAND.COM')
2018-12-25T12:22:09.658249238Z 63 PC: 2233c | Read file or device (Read 62 bytes on handle 5)
2018-12-25T12:22:09.660930203Z 66 PC: 2235b | Move file pointer
2018-12-25T12:22:09.662089899Z 66 PC: 2236f | Move file pointer
2018-12-25T12:22:09.66327342Z 63 PC: 2237c | Read file or device (Read 2 bytes on handle 5)
2018-12-25T12:22:09.666160792Z 66 PC: 22394 | Move file pointer
2018-12-25T12:22:09.667305981Z 64 PC: 223b0 | Write file or device (Write 1608 bytes on handle 5)
2018-12-25T12:22:09.6737582Z 66 PC: 223c0 | Move file pointer
2018-12-25T12:22:09.675047547Z 64 PC: 223d1 | Write file or device (Write 62 bytes on handle 5)
2018-12-25T12:22:09.677734695Z 87 PC: 22579 | Get or set file date and time
2018-12-25T12:22:09.67922958Z 87 PC: 22582 | Get or set file date and time
2018-12-25T12:22:09.68069377Z 62 PC: 223e5 | Close file
2018-12-25T12:22:09.685890537Z 67 PC: 22486 | Get or set file attributes
2018-12-25T12:22:09.69867391Z 78 PC: 22116 | Find first file
2018-12-25T12:22:09.70640962Z 67 PC: 22448 | Get or set file attributes (See above)
2018-12-25T12:22:09.710252351Z 67 PC: 22465 | Get or set file attributes (See above)
2018-12-25T12:22:09.722926447Z 61 PC: 2221c | Open file (Filename = 'TEST.EXE')
2018-12-25T12:22:09.727045003Z 63 PC: 22230 | Read file or device (Read 28 bytes on handle 5)
2018-12-25T12:22:09.728963255Z 66 PC: 222e6 | Move file pointer
2018-12-25T12:22:09.730961498Z 66 PC: 2224c | Move file pointer
2018-12-25T12:22:09.732065096Z 64 PC: 22260 | Write file or device (Write 11 bytes on handle 5)
2018-12-25T12:22:09.734455422Z 64 PC: 22274 | Write file or device (Write 1608 bytes on handle 5)
2018-12-25T12:22:09.747552577Z 66 PC: 22287 | Move file pointer
2018-12-25T12:22:09.749365706Z 64 PC: 22298 | Write file or device (Write 28 bytes on handle 5)
2018-12-25T12:22:09.753396605Z 87 PC: 22579 | Get or set file date and time (See above)
2018-12-25T12:22:09.756150406Z 87 PC: 22582 | Get or set file date and time (See above)
2018-12-25T12:22:09.757912103Z 62 PC: 222ab | Close file
2018-12-25T12:22:09.765451589Z 67 PC: 22486 | Get or set file attributes (See above)
2018-12-25T12:22:09.776871375Z 79 PC: 2212b | Find next file
2018-12-25T12:22:09.779494728Z 78 PC: 2214c | Find first file
2018-12-25T12:22:09.785541038Z 67 PC: 22448 | Get or set file attributes (See above)
2018-12-25T12:22:09.792043141Z 67 PC: 22465 | Get or set file attributes (See above)
2018-12-25T12:22:09.801680336Z 61 PC: 22323 | Open file (See above)
2018-12-25T12:22:09.808253361Z 63 PC: 2233c | Read file or device (See above)
2018-12-25T12:22:09.815827082Z 66 PC: 2235b | Move file pointer (See above)
2018-12-25T12:22:09.817534439Z 66 PC: 2236f | Move file pointer (See above)
2018-12-25T12:22:09.819212863Z 63 PC: 2237c | Read file or device (See above)
2018-12-25T12:22:09.822002822Z 66 PC: 22394 | Move file pointer (See above)
2018-12-25T12:22:09.823579524Z 64 PC: 223b0 | Write file or device (See above)
2018-12-25T12:22:09.832146443Z 66 PC: 223c0 | Move file pointer (See above)
2018-12-25T12:22:09.834128824Z 64 PC: 223d1 | Write file or device (See above)
2018-12-25T12:22:09.841053577Z 87 PC: 22579 | Get or set file date and time (See above)
2018-12-25T12:22:09.842589724Z 87 PC: 22582 | Get or set file date and time (See above)
2018-12-25T12:22:09.844535462Z 62 PC: 223e5 | Close file (See above)
2018-12-25T12:22:09.852726568Z 67 PC: 22486 | Get or set file attributes (See above)
2018-12-25T12:22:09.863076503Z 79 PC: 22161 | Find next file
2018-12-25T12:22:09.865941847Z 67 PC: 22448 | Get or set file attributes (See above)
2018-12-25T12:22:09.872283524Z 67 PC: 22465 | Get or set file attributes (See above)
2018-12-25T12:22:09.882854599Z 61 PC: 22323 | Open file (See above)
2018-12-25T12:22:09.894569182Z 63 PC: 2233c | Read file or device (See above)
2018-12-25T12:22:09.901856071Z 66 PC: 2235b | Move file pointer (See above)
2018-12-25T12:22:09.903190834Z 66 PC: 2236f | Move file pointer (See above)
2018-12-25T12:22:09.904472777Z 63 PC: 2237c | Read file or device (See above)
2018-12-25T12:22:09.907548819Z 66 PC: 22394 | Move file pointer (See above)
2018-12-25T12:22:09.908917721Z 64 PC: 223b0 | Write file or device (See above)
2018-12-25T12:22:09.917224218Z 66 PC: 223c0 | Move file pointer (See above)
2018-12-25T12:22:09.919111287Z 64 PC: 223d1 | Write file or device (See above)
2018-12-25T12:22:09.925420319Z 87 PC: 22579 | Get or set file date and time (See above)
2018-12-25T12:22:09.926691766Z 87 PC: 22582 | Get or set file date and time (See above)
2018-12-25T12:22:09.928845874Z 62 PC: 223e5 | Close file (See above)
2018-12-25T12:22:09.936392539Z 67 PC: 22486 | Get or set file attributes (See above)
2018-12-25T12:22:09.94611266Z 79 PC: 22161 | Find next file (See above)
2018-12-25T12:22:09.949752355Z 67 PC: 22448 | Get or set file attributes (See above)
2018-12-25T12:22:09.95564386Z 67 PC: 22465 | Get or set file attributes (See above)
2018-12-25T12:22:09.965827997Z 61 PC: 22323 | Open file (See above)
2018-12-25T12:22:09.973353292Z 63 PC: 2233c | Read file or device (See above)
2018-12-25T12:22:09.980087943Z 66 PC: 2235b | Move file pointer (See above)
2018-12-25T12:22:09.981747993Z 66 PC: 2236f | Move file pointer (See above)
2018-12-25T12:22:09.984082683Z 63 PC: 2237c | Read file or device (See above)
2018-12-25T12:22:09.987032401Z 66 PC: 22394 | Move file pointer (See above)
2018-12-25T12:22:09.988696908Z 64 PC: 223b0 | Write file or device (See above)
2018-12-25T12:22:09.997452233Z 66 PC: 223c0 | Move file pointer (See above)
2018-12-25T12:22:09.999569814Z 64 PC: 223d1 | Write file or device (See above)
2018-12-25T12:22:10.006628157Z 87 PC: 22579 | Get or set file date and time (See above)
2018-12-25T12:22:10.008390473Z 87 PC: 22582 | Get or set file date and time (See above)
2018-12-25T12:22:10.010787297Z 62 PC: 223e5 | Close file (See above)
2018-12-25T12:22:10.018213083Z 67 PC: 22486 | Get or set file attributes (See above)
2018-12-25T12:22:10.028874174Z 79 PC: 22161 | Find next file (See above)
2018-12-25T12:22:10.032594139Z 67 PC: 22448 | Get or set file attributes (See above)
2018-12-25T12:22:10.038362389Z 67 PC: 22465 | Get or set file attributes (See above)
2018-12-25T12:22:10.048148277Z 61 PC: 22323 | Open file (See above)
2018-12-25T12:22:10.055449304Z 63 PC: 2233c | Read file or device (See above)
2018-12-25T12:22:10.061919596Z 66 PC: 2235b | Move file pointer (See above)
2018-12-25T12:22:10.063572255Z 66 PC: 2236f | Move file pointer (See above)
2018-12-25T12:22:10.06563668Z 63 PC: 2237c | Read file or device (See above)
2018-12-25T12:22:10.068061038Z 66 PC: 22394 | Move file pointer (See above)
2018-12-25T12:22:10.06967879Z 64 PC: 223b0 | Write file or device (See above)
2018-12-25T12:22:10.078770007Z 66 PC: 223c0 | Move file pointer (See above)
2018-12-25T12:22:10.080392264Z 64 PC: 223d1 | Write file or device (See above)
2018-12-25T12:22:10.087112496Z 87 PC: 22579 | Get or set file date and time (See above)
2018-12-25T12:22:10.089291339Z 87 PC: 22582 | Get or set file date and time (See above)
2018-12-25T12:22:10.091016908Z 62 PC: 223e5 | Close file (See above)
2018-12-25T12:22:10.099183898Z 67 PC: 22486 | Get or set file attributes (See above)
2018-12-25T12:22:10.10949674Z 79 PC: 22161 | Find next file (See above)
2018-12-25T12:22:10.113028029Z 67 PC: 22448 | Get or set file attributes (See above)
2018-12-25T12:22:10.118848603Z 67 PC: 22465 | Get or set file attributes (See above)
2018-12-25T12:22:10.129244643Z 61 PC: 22323 | Open file (See above)
2018-12-25T12:22:10.135965455Z 63 PC: 2233c | Read file or device (See above)
2018-12-25T12:22:10.142358219Z 66 PC: 2235b | Move file pointer (See above)
2018-12-25T12:22:10.144859936Z 66 PC: 2236f | Move file pointer (See above)
2018-12-25T12:22:10.146437055Z 63 PC: 2237c | Read file or device (See above)
2018-12-25T12:22:10.149055423Z 66 PC: 22394 | Move file pointer (See above)
2018-12-25T12:22:10.151460133Z 64 PC: 223b0 | Write file or device (See above)
2018-12-25T12:22:10.162903262Z 66 PC: 223c0 | Move file pointer (See above)
2018-12-25T12:22:10.164411189Z 64 PC: 223d1 | Write file or device (See above)
2018-12-25T12:22:10.171875125Z 87 PC: 22579 | Get or set file date and time (See above)
2018-12-25T12:22:10.173732664Z 87 PC: 22582 | Get or set file date and time (See above)
2018-12-25T12:22:10.175445154Z 62 PC: 223e5 | Close file (See above)
2018-12-25T12:22:10.183884394Z 67 PC: 22486 | Get or set file attributes (See above)
2018-12-25T12:22:10.193915072Z 37 PC: 2217c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:22:10.195247919Z 42 PC: 22182 | Get date 0x22182: cmp al, 3
0x22184: jne 0x22189
0x22186: call 0x22583
0x22189: sub di, di
0x2218b: cmp word ptr cs:[di], 0x20cd
0x22190: je 0x221e5
0x22192: cmp word ptr [0x6df], 0
0x22197: jne 0x221b3
0x22199: mov sp, word ptr [0x6d9]
0x2219d: mov ax, word ptr [0x6dd]
0x221a0: mov ds, ax
0x221a2: mov es, ax
0x221a4: mov ax, word ptr cs:[0x6ff]
0x221a8: push ax
0x221a9: mov ax, word ptr cs:[0x701]
0x221ad: push ax
0x221ae: mov ax, word ptr cs:[0x6db]
0x221b2: retf
0x221b3: push cs
0x221b4: pop ds
2018-12-25T12:22:10.198571158Z 9 PC: 12a82 | Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ')
2018-12-25T12:22:10.204271Z 76 PC: 12a86 | Terminate with return code (Return code = '36')