Sample viewer

vx.netlux.org/Virus.DOS.Friday13.456

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:47:11.037789731Z	26	PC: 12b36 \| Set disk transfer address
2018-12-17T22:47:11.039458947Z	78	PC: 12b3f \| Find first file
2018-12-17T22:47:11.046137731Z	61	PC: 12b78 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:47:11.054493174Z	63	PC: 12b91 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:47:11.070624848Z	66	PC: 12bb4 \| Move file pointer
2018-12-17T22:47:11.072482411Z	66	PC: 12bc9 \| Move file pointer
2018-12-17T22:47:11.074092461Z	64	PC: 12bd5 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:47:11.077733429Z	66	PC: 12be2 \| Move file pointer
2018-12-17T22:47:11.079623695Z	64	PC: 12bee \| Write file or device (Write 456 bytes on handle 5)
2018-12-17T22:47:11.095800009Z	87	PC: 12c08 \| Get or set file date and time
2018-12-17T22:47:11.097383315Z	62	PC: 12c0c \| Close file
2018-12-17T22:47:11.105797744Z	79	PC: 12b48 \| Find next file
2018-12-17T22:47:11.108897161Z	61	PC: 12b78 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:47:11.116302729Z	63	PC: 12b91 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:47:11.123628624Z	66	PC: 12bb4 \| Move file pointer
2018-12-17T22:47:11.124865826Z	66	PC: 12bc9 \| Move file pointer
2018-12-17T22:47:11.126058539Z	64	PC: 12bd5 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:47:11.129146589Z	66	PC: 12be2 \| Move file pointer
2018-12-17T22:47:11.131497557Z	64	PC: 12bee \| Write file or device (Write 456 bytes on handle 5)
2018-12-17T22:47:11.134322895Z	87	PC: 12c08 \| Get or set file date and time
2018-12-17T22:47:11.136415281Z	62	PC: 12c0c \| Close file
2018-12-17T22:47:11.144864201Z	79	PC: 12b48 \| Find next file
2018-12-17T22:47:11.147956877Z	61	PC: 12b78 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:47:11.156113104Z	63	PC: 12b91 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:47:11.163702817Z	66	PC: 12bb4 \| Move file pointer
2018-12-17T22:47:11.166121221Z	66	PC: 12bc9 \| Move file pointer
2018-12-17T22:47:11.168588299Z	64	PC: 12bd5 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:47:11.172699183Z	66	PC: 12be2 \| Move file pointer
2018-12-17T22:47:11.174688977Z	64	PC: 12bee \| Write file or device (Write 456 bytes on handle 5)
2018-12-17T22:47:11.184025907Z	87	PC: 12c08 \| Get or set file date and time
2018-12-17T22:47:11.186812985Z	62	PC: 12c0c \| Close file
2018-12-17T22:47:11.195697544Z	79	PC: 12b48 \| Find next file
2018-12-17T22:47:11.198897675Z	61	PC: 12b78 \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:47:11.20807601Z	63	PC: 12b91 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:47:11.215245379Z	66	PC: 12bb4 \| Move file pointer
2018-12-17T22:47:11.216942627Z	66	PC: 12bc9 \| Move file pointer
2018-12-17T22:47:11.219336402Z	64	PC: 12bd5 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:47:11.22274408Z	66	PC: 12be2 \| Move file pointer
2018-12-17T22:47:11.224782756Z	64	PC: 12bee \| Write file or device (Write 456 bytes on handle 5)
2018-12-17T22:47:11.228631922Z	87	PC: 12c08 \| Get or set file date and time
2018-12-17T22:47:11.230918785Z	62	PC: 12c0c \| Close file
2018-12-17T22:47:11.239302657Z	79	PC: 12b48 \| Find next file
2018-12-17T22:47:11.242125811Z	61	PC: 12b78 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:47:11.249567354Z	63	PC: 12b91 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:47:11.256876092Z	66	PC: 12bb4 \| Move file pointer
2018-12-17T22:47:11.258831636Z	66	PC: 12bc9 \| Move file pointer
2018-12-17T22:47:11.261493741Z	64	PC: 12bd5 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:47:11.26501511Z	66	PC: 12be2 \| Move file pointer
2018-12-17T22:47:11.267006691Z	64	PC: 12bee \| Write file or device (Write 456 bytes on handle 5)
2018-12-17T22:47:11.270835624Z	87	PC: 12c08 \| Get or set file date and time
2018-12-17T22:47:11.273520297Z	62	PC: 12c0c \| Close file
2018-12-17T22:47:11.282151971Z	79	PC: 12b48 \| Find next file
2018-12-17T22:47:11.28513872Z	61	PC: 12b78 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:47:11.2930564Z	63	PC: 12b91 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:47:11.300683327Z	66	PC: 12bb4 \| Move file pointer
2018-12-17T22:47:11.302183284Z	66	PC: 12bc9 \| Move file pointer
2018-12-17T22:47:11.303988324Z	64	PC: 12bd5 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:47:11.306863893Z	66	PC: 12be2 \| Move file pointer
2018-12-17T22:47:11.308362207Z	64	PC: 12bee \| Write file or device (Write 456 bytes on handle 5)
2018-12-17T22:47:11.313421227Z	87	PC: 12c08 \| Get or set file date and time
2018-12-17T22:47:11.315169967Z	62	PC: 12c0c \| Close file
2018-12-17T22:47:11.525060792Z	79	PC: 12b48 \| Find next file
2018-12-17T22:47:11.529230218Z	61	PC: 12b78 \| Open file (Filename = 'PAH.COM')
2018-12-17T22:47:11.537772445Z	63	PC: 12b91 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:47:11.545847303Z	66	PC: 12bb4 \| Move file pointer
2018-12-17T22:47:11.549092296Z	66	PC: 12bc9 \| Move file pointer
2018-12-17T22:47:11.551399938Z	64	PC: 12bd5 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:47:11.557433425Z	66	PC: 12be2 \| Move file pointer
2018-12-17T22:47:11.559780484Z	64	PC: 12bee \| Write file or device (Write 456 bytes on handle 5)
2018-12-17T22:47:11.564675245Z	87	PC: 12c08 \| Get or set file date and time
2018-12-17T22:47:11.567099013Z	62	PC: 12c0c \| Close file
2018-12-17T22:47:11.646440445Z	79	PC: 12b48 \| Find next file
2018-12-17T22:47:11.651197428Z	61	PC: 12b78 \| Open file (Filename = 'TEST.COM')
2018-12-17T22:47:11.659493928Z	63	PC: 12b91 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:47:11.663131997Z	87	PC: 12c08 \| Get or set file date and time
2018-12-17T22:47:11.66649506Z	62	PC: 12c0c \| Close file
2018-12-17T22:47:11.675343724Z	79	PC: 12b48 \| Find next file
2018-12-17T22:47:11.678856601Z	26	PC: 12b56 \| Set disk transfer address
2018-12-17T22:47:11.681961311Z	42	PC: 12c14 \| Get date 0x12c14: cmp dl, 0xd 0x12c17: jne 0x12c5f 0x12c19: cmp al, 5 0x12c1b: jne 0x12c5f 0x12c1d: mov ah, 0x62 0x12c1f: int 0x21 0x12c21: mov es, bx 0x12c23: mov es, word ptr es:[0x2c] 0x12c28: xor ax, ax 0x12c2a: mov cx, 0x7fff 0x12c2d: xor di, di 0x12c2f: cld 0x12c30: repne scasd eax, dword ptr es:[di] 0x12c32: jne 0x12c46 0x12c34: add di, 2 0x12c37: push ds 0x12c38: push es 0x12c39: pop ds 0x12c3a: mov dx, di 0x12c3c: mov ah, 0x41
2018-12-17T22:47:11.685634222Z	9	PC: 12aa2 \| Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9118,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:22:24.397979557Z	26	PC: 12b36 \| Set disk transfer address
2018-12-25T12:22:24.399433914Z	78	PC: 12b3f \| Find first file
2018-12-25T12:22:24.405336453Z	61	PC: 12b78 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T12:22:24.411666022Z	63	PC: 12b91 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:22:24.42405087Z	66	PC: 12bb4 \| Move file pointer
2018-12-25T12:22:24.425873416Z	66	PC: 12bc9 \| Move file pointer
2018-12-25T12:22:24.427345143Z	64	PC: 12bd5 \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:22:24.430411607Z	66	PC: 12be2 \| Move file pointer
2018-12-25T12:22:24.431702264Z	64	PC: 12bee \| Write file or device (Write 456 bytes on handle 5)
2018-12-25T12:22:25.531527714Z	87	PC: 12c08 \| Get or set file date and time
2018-12-25T12:22:25.533631543Z	62	PC: 12c0c \| Close file
2018-12-25T12:22:25.758602194Z	79	PC: 12b48 \| Find next file
2018-12-25T12:22:25.761229204Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:25.768468291Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:25.774614861Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:25.77587852Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:25.77729303Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:25.780446285Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:25.781772756Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:25.784500217Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:25.786039354Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:26.054504833Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:26.057126286Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:26.064616771Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:26.070879263Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:26.072181499Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:26.073792216Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:26.076356938Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:26.07829696Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:27.411467996Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:27.413261542Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:28.531591297Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:28.535045252Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:28.539562956Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:28.543907408Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:28.545795398Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:28.547001417Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:28.548953016Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:28.550818289Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:28.552819861Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:28.554027808Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:29.035595087Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:29.03759135Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:29.041797052Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:29.04809415Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:29.050440325Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:29.051599528Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:29.054251589Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:29.056483997Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:29.059330924Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:29.061491838Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:29.307194951Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:29.309751346Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:29.316864115Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:29.329323618Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:29.331371586Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:29.333274183Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:29.337326466Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:29.338659588Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:29.342325325Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:29.344109121Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:29.351690975Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:29.354421518Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:29.362066142Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:29.368818878Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:29.370041622Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:29.372361684Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:29.375493843Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:29.377304908Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:29.3810393Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:29.383664231Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:29.391256757Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:29.395908966Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:29.408866831Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:29.411889836Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:29.414866875Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:29.422903934Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:29.425647544Z	26	PC: 12b56 \| Set disk transfer address
2018-12-25T12:22:29.427925935Z	42	PC: 12c14 \| Get date 0x12c14: cmp dl, 0xd 0x12c17: jne 0x12c5f 0x12c19: cmp al, 5 0x12c1b: jne 0x12c5f 0x12c1d: mov ah, 0x62 0x12c1f: int 0x21 0x12c21: mov es, bx 0x12c23: mov es, word ptr es:[0x2c] 0x12c28: xor ax, ax 0x12c2a: mov cx, 0x7fff 0x12c2d: xor di, di 0x12c2f: cld 0x12c30: repne scasd eax, dword ptr es:[di] 0x12c32: jne 0x12c46 0x12c34: add di, 2 0x12c37: push ds 0x12c38: push es 0x12c39: pop ds 0x12c3a: mov dx, di 0x12c3c: mov ah, 0x41
2018-12-25T12:22:29.430881677Z	9	PC: 12aa2 \| Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')

{"DateBased":true,"Day":13,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9118,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:22:25.284606562Z	26	PC: 12b36 \| Set disk transfer address
2018-12-25T12:22:25.286737984Z	78	PC: 12b3f \| Find first file
2018-12-25T12:22:25.292634991Z	61	PC: 12b78 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T12:22:25.298932789Z	63	PC: 12b91 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:22:25.305350002Z	66	PC: 12bb4 \| Move file pointer
2018-12-25T12:22:25.307950649Z	66	PC: 12bc9 \| Move file pointer
2018-12-25T12:22:25.309150021Z	64	PC: 12bd5 \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:22:25.31267287Z	66	PC: 12be2 \| Move file pointer
2018-12-25T12:22:25.313913205Z	64	PC: 12bee \| Write file or device (Write 456 bytes on handle 5)
2018-12-25T12:22:26.999237593Z	87	PC: 12c08 \| Get or set file date and time
2018-12-25T12:22:27.000689798Z	62	PC: 12c0c \| Close file
2018-12-25T12:22:28.691873967Z	79	PC: 12b48 \| Find next file
2018-12-25T12:22:28.694340682Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:28.700421476Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:28.704814087Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:28.706034118Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:28.707204054Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:28.70987868Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:28.711043135Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:28.713400883Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:28.715034594Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:29.142863294Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:29.145500371Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:29.152641312Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:29.159274387Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:29.160564745Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:29.162564294Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:29.165034919Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:29.166284979Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:29.314376062Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:29.318503888Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:29.326396224Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:29.330106742Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:29.338701367Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:29.351553376Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:29.355380655Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:29.359785096Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:29.365365811Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:29.371517113Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:29.375749438Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:29.377942691Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:29.391957235Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:29.396244139Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:29.40389159Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:29.413656724Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:29.42107397Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:29.422870825Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:29.427871891Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:29.432152391Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:29.435149331Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:29.437811448Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:29.448189413Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:29.451220765Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:29.458171877Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:29.465628083Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:29.467217342Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:29.468613306Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:29.472175992Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:29.473511797Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:29.477489399Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:29.4797783Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:29.487836433Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:29.490521568Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:29.496148065Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:29.504760887Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:29.506325289Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:29.508343501Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:29.510822649Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:29.512051908Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:29.514982403Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:29.516631627Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:29.523817276Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:29.527049907Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:29.533286015Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:29.535754959Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:29.5380316Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:29.544810722Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:29.547340887Z	26	PC: 12b56 \| Set disk transfer address
2018-12-25T12:22:29.549158552Z	42	PC: 12c14 \| Get date 0x12c14: cmp dl, 0xd 0x12c17: jne 0x12c5f 0x12c19: cmp al, 5 0x12c1b: jne 0x12c5f 0x12c1d: mov ah, 0x62 0x12c1f: int 0x21 0x12c21: mov es, bx 0x12c23: mov es, word ptr es:[0x2c] 0x12c28: xor ax, ax 0x12c2a: mov cx, 0x7fff 0x12c2d: xor di, di 0x12c2f: cld 0x12c30: repne scasd eax, dword ptr es:[di] 0x12c32: jne 0x12c46 0x12c34: add di, 2 0x12c37: push ds 0x12c38: push es 0x12c39: pop ds 0x12c3a: mov dx, di 0x12c3c: mov ah, 0x41
2018-12-25T12:22:29.551487794Z	9	PC: 12aa2 \| Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')

{"DateBased":true,"Day":13,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9118,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:22:25.366603348Z	26	PC: 12b36 \| Set disk transfer address
2018-12-25T12:22:25.370303077Z	78	PC: 12b3f \| Find first file
2018-12-25T12:22:25.375854872Z	61	PC: 12b78 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T12:22:25.381606316Z	63	PC: 12b91 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:22:25.388094912Z	66	PC: 12bb4 \| Move file pointer
2018-12-25T12:22:25.38950809Z	66	PC: 12bc9 \| Move file pointer
2018-12-25T12:22:25.391060914Z	64	PC: 12bd5 \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:22:25.394095325Z	66	PC: 12be2 \| Move file pointer
2018-12-25T12:22:25.395369226Z	64	PC: 12bee \| Write file or device (Write 456 bytes on handle 5)
2018-12-25T12:22:26.998829103Z	87	PC: 12c08 \| Get or set file date and time
2018-12-25T12:22:27.000403147Z	62	PC: 12c0c \| Close file
2018-12-25T12:22:28.718111847Z	79	PC: 12b48 \| Find next file
2018-12-25T12:22:28.721052265Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:28.727896829Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:28.734414286Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:28.735673726Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:28.736964548Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:28.740517137Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:28.741916533Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:28.74457928Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:28.747030732Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:29.172462658Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:29.175033661Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:29.182674017Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:29.188788236Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:29.190067976Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:29.191836926Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:29.194371783Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:29.195653361Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:29.314443937Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:29.317374984Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:29.328761505Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:29.332747412Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:29.340392386Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:29.348950503Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:29.352155299Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:29.3552685Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:29.357968129Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:29.360801177Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:29.366374848Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:29.368059102Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:29.376990179Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:29.383116079Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:29.391625591Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:29.398456044Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:29.400833094Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:29.402454689Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:29.406156281Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:29.408678526Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:29.411095947Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:29.415689793Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:29.426433909Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:29.43004628Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:29.437093752Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:29.444680272Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:29.446266627Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:29.447691822Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:29.451163952Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:29.452818302Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:29.457786979Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:29.460335933Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:29.467965476Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:29.470703055Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:29.477496117Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:29.48387388Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:29.485570172Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:29.487190398Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:29.490251504Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:29.491905789Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:29.494769966Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:29.496561992Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:29.504236792Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:29.507173293Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:29.513566055Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:29.516011299Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:29.517610033Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:29.524867655Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:29.527388101Z	26	PC: 12b56 \| Set disk transfer address
2018-12-25T12:22:29.528580122Z	42	PC: 12c14 \| Get date 0x12c14: cmp dl, 0xd 0x12c17: jne 0x12c5f 0x12c19: cmp al, 5 0x12c1b: jne 0x12c5f 0x12c1d: mov ah, 0x62 0x12c1f: int 0x21 0x12c21: mov es, bx 0x12c23: mov es, word ptr es:[0x2c] 0x12c28: xor ax, ax 0x12c2a: mov cx, 0x7fff 0x12c2d: xor di, di 0x12c2f: cld 0x12c30: repne scasd eax, dword ptr es:[di] 0x12c32: jne 0x12c46 0x12c34: add di, 2 0x12c37: push ds 0x12c38: push es 0x12c39: pop ds 0x12c3a: mov dx, di 0x12c3c: mov ah, 0x41
2018-12-25T12:22:29.530813015Z	98	PC: 12c21 \| Get current PSP
2018-12-25T12:22:29.531512022Z	65	PC: 12c40 \| Delete file (Filename = 'A:\TEST.COM')
2018-12-25T12:22:29.542469147Z	9	PC: 12aa2 \| Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9118,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:22:25.543616181Z	26	PC: 12b36 \| Set disk transfer address
2018-12-25T12:22:25.545579105Z	78	PC: 12b3f \| Find first file
2018-12-25T12:22:25.551475078Z	61	PC: 12b78 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T12:22:25.55887534Z	63	PC: 12b91 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:22:25.565683355Z	66	PC: 12bb4 \| Move file pointer
2018-12-25T12:22:25.567061639Z	66	PC: 12bc9 \| Move file pointer
2018-12-25T12:22:25.568320437Z	64	PC: 12bd5 \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:22:25.571121125Z	66	PC: 12be2 \| Move file pointer
2018-12-25T12:22:25.573227756Z	64	PC: 12bee \| Write file or device (Write 456 bytes on handle 5)
2018-12-25T12:22:29.253563485Z	87	PC: 12c08 \| Get or set file date and time
2018-12-25T12:22:29.255439731Z	62	PC: 12c0c \| Close file
2018-12-25T12:22:29.316616564Z	79	PC: 12b48 \| Find next file
2018-12-25T12:22:29.319555869Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:29.326888078Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:29.335029874Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:29.336705102Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:29.338363822Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:29.342507468Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:29.344148972Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:29.347056436Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:29.349328502Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:29.357361561Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:29.360025683Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:29.367079934Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:29.373457598Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:29.374788646Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:29.376124136Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:29.378819764Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:29.379802009Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:29.384796763Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:29.386651391Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:29.391698834Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:29.393453271Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:29.398187694Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:29.402319809Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:29.403479504Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:29.406637397Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:29.409151899Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:29.41078522Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:29.413978662Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:29.415373207Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:29.424746808Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:29.427890332Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:29.43496674Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:29.441153537Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:29.443130027Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:29.444341584Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:29.44693045Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:29.449177776Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:29.451864441Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:29.453558113Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:29.461793876Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:29.465307532Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:29.471962769Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:29.478232413Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:29.479594109Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:29.480872899Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:29.483847475Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:29.485096323Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:29.488632193Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:29.4902585Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:29.497889575Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:29.50036843Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:29.508372463Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:29.514813101Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:29.51639093Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:29.518864819Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:29.522158214Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:29.523824357Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:29.527465691Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:29.529570579Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:29.537898941Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:29.541642291Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:29.549495736Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:29.552034093Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:29.553598013Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:29.561989357Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:29.564310751Z	26	PC: 12b56 \| Set disk transfer address
2018-12-25T12:22:29.565607827Z	42	PC: 12c14 \| Get date 0x12c14: cmp dl, 0xd 0x12c17: jne 0x12c5f 0x12c19: cmp al, 5 0x12c1b: jne 0x12c5f 0x12c1d: mov ah, 0x62 0x12c1f: int 0x21 0x12c21: mov es, bx 0x12c23: mov es, word ptr es:[0x2c] 0x12c28: xor ax, ax 0x12c2a: mov cx, 0x7fff 0x12c2d: xor di, di 0x12c2f: cld 0x12c30: repne scasd eax, dword ptr es:[di] 0x12c32: jne 0x12c46 0x12c34: add di, 2 0x12c37: push ds 0x12c38: push es 0x12c39: pop ds 0x12c3a: mov dx, di 0x12c3c: mov ah, 0x41
2018-12-25T12:22:29.574740104Z	9	PC: 12aa2 \| Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')

{"DateBased":true,"Day":13,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9118,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:22:25.642245613Z	26	PC: 12b36 \| Set disk transfer address
2018-12-25T12:22:25.643953557Z	78	PC: 12b3f \| Find first file
2018-12-25T12:22:25.649688985Z	61	PC: 12b78 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T12:22:25.65591345Z	63	PC: 12b91 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:22:25.662584903Z	66	PC: 12bb4 \| Move file pointer
2018-12-25T12:22:25.664279033Z	66	PC: 12bc9 \| Move file pointer
2018-12-25T12:22:25.665943181Z	64	PC: 12bd5 \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:22:25.669936124Z	66	PC: 12be2 \| Move file pointer
2018-12-25T12:22:25.671441452Z	64	PC: 12bee \| Write file or device (Write 456 bytes on handle 5)
2018-12-25T12:22:29.252687071Z	87	PC: 12c08 \| Get or set file date and time
2018-12-25T12:22:29.262143874Z	62	PC: 12c0c \| Close file
2018-12-25T12:22:29.313252412Z	79	PC: 12b48 \| Find next file
2018-12-25T12:22:29.319124615Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:29.325648396Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:29.33335874Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:29.335128551Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:29.336866854Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:29.344146201Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:29.346421871Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:29.349880608Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:29.354039672Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:29.361141554Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:29.363970763Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:29.371860654Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:29.378255998Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:29.379912669Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:29.383833814Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:29.386863971Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:29.38858618Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:29.39693894Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:29.398840555Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:29.408172014Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:29.417593523Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:29.424589855Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:29.431313628Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:29.433373851Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:29.435520527Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:29.438444302Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:29.441260406Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:29.444224212Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:29.445944695Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:29.453511976Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:29.457022532Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:29.463292549Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:29.469594111Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:29.471883401Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:29.473134414Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:29.476134953Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:29.478078269Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:29.480935457Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:29.482481541Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:29.490120783Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:29.493061968Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:29.499826041Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:29.506441548Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:29.508040649Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:29.509538159Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:29.512924011Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:29.514385372Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:29.518163261Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:29.520853754Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:29.528439622Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:29.53110265Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:29.538405983Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:29.545244437Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:29.546930328Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:29.549494222Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:29.552160643Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:29.553540046Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:29.557091306Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:29.558917336Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:29.566451444Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:29.569941224Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:29.576661077Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:29.579489335Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:29.582195624Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:29.589497848Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:29.591797644Z	26	PC: 12b56 \| Set disk transfer address
2018-12-25T12:22:29.594270975Z	42	PC: 12c14 \| Get date 0x12c14: cmp dl, 0xd 0x12c17: jne 0x12c5f 0x12c19: cmp al, 5 0x12c1b: jne 0x12c5f 0x12c1d: mov ah, 0x62 0x12c1f: int 0x21 0x12c21: mov es, bx 0x12c23: mov es, word ptr es:[0x2c] 0x12c28: xor ax, ax 0x12c2a: mov cx, 0x7fff 0x12c2d: xor di, di 0x12c2f: cld 0x12c30: repne scasd eax, dword ptr es:[di] 0x12c32: jne 0x12c46 0x12c34: add di, 2 0x12c37: push ds 0x12c38: push es 0x12c39: pop ds 0x12c3a: mov dx, di 0x12c3c: mov ah, 0x41
2018-12-25T12:22:29.596795682Z	9	PC: 12aa2 \| Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')

{"DateBased":true,"Day":13,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9118,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:22:25.770092521Z	26	PC: 12b36 \| Set disk transfer address
2018-12-25T12:22:25.772489901Z	78	PC: 12b3f \| Find first file
2018-12-25T12:22:25.779504198Z	61	PC: 12b78 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T12:22:25.787737402Z	63	PC: 12b91 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:22:25.796782297Z	66	PC: 12bb4 \| Move file pointer
2018-12-25T12:22:25.798943195Z	66	PC: 12bc9 \| Move file pointer
2018-12-25T12:22:25.800933365Z	64	PC: 12bd5 \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:22:25.804570495Z	66	PC: 12be2 \| Move file pointer
2018-12-25T12:22:25.817387653Z	64	PC: 12bee \| Write file or device (Write 456 bytes on handle 5)
2018-12-25T12:22:25.833174032Z	87	PC: 12c08 \| Get or set file date and time
2018-12-25T12:22:25.834925328Z	62	PC: 12c0c \| Close file
2018-12-25T12:22:25.844193013Z	79	PC: 12b48 \| Find next file
2018-12-25T12:22:25.847518061Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:25.854767005Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:25.886704193Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:25.8883268Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:25.889868494Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:25.900961229Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:25.904387265Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:25.907645873Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:25.911009756Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:25.920871403Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:25.926112034Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:25.934404012Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:25.941923461Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:25.943793045Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:25.945997109Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:25.951394033Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:25.960677933Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:25.970895736Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:25.973162862Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:25.982312384Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:25.985860019Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:25.994733252Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:26.001245449Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:26.003122198Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:26.006684103Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:26.00996616Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:26.011898803Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:26.015888454Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:26.018172945Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:26.026781238Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:26.030606474Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:26.038589258Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:26.046875181Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:26.049096297Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:26.051810823Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:26.055172202Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:26.05715135Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:26.061225946Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:26.06345205Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:26.071936516Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:26.075918598Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:26.083689686Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:26.091681619Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:26.094603004Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:26.096956613Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:26.100360516Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:26.103133131Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:26.107865541Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:26.110017399Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:26.119755531Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:26.123275996Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:26.130950094Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:26.13842166Z	66	PC: 12bb4 \| Move file pointer (See above)
2018-12-25T12:22:26.14080355Z	66	PC: 12bc9 \| Move file pointer (See above)
2018-12-25T12:22:26.142735132Z	64	PC: 12bd5 \| Write file or device (See above)
2018-12-25T12:22:26.14602556Z	66	PC: 12be2 \| Move file pointer (See above)
2018-12-25T12:22:26.149079667Z	64	PC: 12bee \| Write file or device (See above)
2018-12-25T12:22:26.152478633Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:26.154516522Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:26.164132875Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:26.167562171Z	61	PC: 12b78 \| Open file (See above)
2018-12-25T12:22:26.175706142Z	63	PC: 12b91 \| Read file or device (See above)
2018-12-25T12:22:26.180604991Z	87	PC: 12c08 \| Get or set file date and time (See above)
2018-12-25T12:22:26.182936031Z	62	PC: 12c0c \| Close file (See above)
2018-12-25T12:22:26.190929713Z	79	PC: 12b48 \| Find next file (See above)
2018-12-25T12:22:26.194162302Z	26	PC: 12b56 \| Set disk transfer address
2018-12-25T12:22:26.196538018Z	42	PC: 12c14 \| Get date 0x12c14: cmp dl, 0xd 0x12c17: jne 0x12c5f 0x12c19: cmp al, 5 0x12c1b: jne 0x12c5f 0x12c1d: mov ah, 0x62 0x12c1f: int 0x21 0x12c21: mov es, bx 0x12c23: mov es, word ptr es:[0x2c] 0x12c28: xor ax, ax 0x12c2a: mov cx, 0x7fff 0x12c2d: xor di, di 0x12c2f: cld 0x12c30: repne scasd eax, dword ptr es:[di] 0x12c32: jne 0x12c46 0x12c34: add di, 2 0x12c37: push ds 0x12c38: push es 0x12c39: pop ds 0x12c3a: mov dx, di 0x12c3c: mov ah, 0x41
2018-12-25T12:22:26.199299398Z	98	PC: 12c21 \| Get current PSP
2018-12-25T12:22:26.200662717Z	65	PC: 12c40 \| Delete file (Filename = 'A:\TEST.COM')
2018-12-25T12:22:26.214172679Z	9	PC: 12aa2 \| Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')