{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":9160,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:22:37.317350934Z | 53 | PC: 12f79 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:22:37.319095804Z | 53 | PC: 12fcc | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:22:37.320333597Z | 78 | PC: 13063 | Find first file |
| 2018-12-25T12:22:37.326513986Z | 47 | PC: 1307e | Get disk transfer address |
| 2018-12-25T12:22:37.327659001Z | 67 | PC: 130af | Get or set file attributes |
| 2018-12-25T12:22:37.33348541Z | 67 | PC: 130c1 | Get or set file attributes |
| 2018-12-25T12:22:37.353592662Z | 61 | PC: 130de | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:22:37.360449689Z | 66 | PC: 13126 | Move file pointer |
| 2018-12-25T12:22:37.361863738Z | 63 | PC: 13134 | Read file or device (Read 10 bytes on handle 5) |
| 2018-12-25T12:22:37.368373657Z | 87 | PC: 1326b | Get or set file date and time |
| 2018-12-25T12:22:37.369682623Z | 66 | PC: 13079 | Move file pointer |
| 2018-12-25T12:22:37.371669793Z | 66 | PC: 131d4 | Move file pointer |
| 2018-12-25T12:22:37.373361641Z | 63 | PC: 131e2 | Read file or device (Read 259 bytes on handle 5) |
| 2018-12-25T12:22:37.376134989Z | 66 | PC: 13079 | Move file pointer (See above) |
| 2018-12-25T12:22:37.378263986Z | 64 | PC: 131f3 | Write file or device (Write 259 bytes on handle 5) |
| 2018-12-25T12:22:37.386563564Z | 66 | PC: 13079 | Move file pointer (See above) |
| 2018-12-25T12:22:37.387916005Z | 66 | PC: 1320a | Move file pointer |
| 2018-12-25T12:22:37.39037485Z | 64 | PC: 13233 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:22:37.396723718Z | 66 | PC: 131b5 | Move file pointer |
| 2018-12-25T12:22:37.398061781Z | 64 | PC: 131c3 | Write file or device (Write 256 bytes on handle 5) |
| 2018-12-25T12:22:37.409422941Z | 66 | PC: 13079 | Move file pointer (See above) |
| 2018-12-25T12:22:37.410774096Z | 64 | PC: 13196 | Write file or device (Write 1014 bytes on handle 5) |
| 2018-12-25T12:22:37.418869667Z | 87 | PC: 13260 | Get or set file date and time |
| 2018-12-25T12:22:37.421109981Z | 62 | PC: 1323c | Close file |
| 2018-12-25T12:22:37.429360699Z | 67 | PC: 1324d | Get or set file attributes |
| 2018-12-25T12:22:37.439799055Z | 44 | PC: 12fb5 | Get time 0x12fb5: nop 0x12fb6: cmp dh, cl 0x12fb8: jne 0x12fbd 0x12fba: call 0x12ff7 0x12fbd: ret 0x12fbe: push es 0x12fbf: push ds 0x12fc0: pushaw 0x12fc1: push cs 0x12fc2: pop cx 0x12fc3: mov dx, 4 0x12fc6: mov ah, 0x35 0x12fc8: mov al, 0x24 0x12fca: int 0x21 0x12fcc: push es 0x12fcd: pop ds 0x12fce: mov word ptr [bx + 2], dx 0x12fd1: mov word ptr [bx], cx 0x12fd3: popaw 0x12fd4: pop ds |
| 2018-12-25T12:22:37.442584083Z | 53 | PC: 12f97 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:22:37.444100372Z | 9 | PC: 12e26 | Display string (String= 'Hello - Copyright S & S International, 1990 ') |
{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":1,"TimeBased":true,"OriginalID":9160,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:22:37.537568445Z | 53 | PC: 12f79 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:22:37.543550368Z | 53 | PC: 12fcc | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:22:37.545003247Z | 78 | PC: 13063 | Find first file |
| 2018-12-25T12:22:37.550699972Z | 47 | PC: 1307e | Get disk transfer address |
| 2018-12-25T12:22:37.551935921Z | 67 | PC: 130af | Get or set file attributes |
| 2018-12-25T12:22:37.557413029Z | 67 | PC: 130c1 | Get or set file attributes |
| 2018-12-25T12:22:38.135004516Z | 61 | PC: 130de | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:22:38.149286455Z | 66 | PC: 13126 | Move file pointer |
| 2018-12-25T12:22:38.151579318Z | 63 | PC: 13134 | Read file or device (Read 10 bytes on handle 5) |
| 2018-12-25T12:22:38.158903278Z | 87 | PC: 1326b | Get or set file date and time |
| 2018-12-25T12:22:38.160795521Z | 66 | PC: 13079 | Move file pointer |
| 2018-12-25T12:22:38.163920951Z | 66 | PC: 131d4 | Move file pointer |
| 2018-12-25T12:22:38.165659545Z | 63 | PC: 131e2 | Read file or device (Read 259 bytes on handle 5) |
| 2018-12-25T12:22:38.168414484Z | 66 | PC: 13079 | Move file pointer (See above) |
| 2018-12-25T12:22:38.170680831Z | 64 | PC: 131f3 | Write file or device (Write 259 bytes on handle 5) |
| 2018-12-25T12:22:38.178692722Z | 66 | PC: 13079 | Move file pointer (See above) |
| 2018-12-25T12:22:38.180375232Z | 66 | PC: 1320a | Move file pointer |
| 2018-12-25T12:22:38.194608558Z | 64 | PC: 13233 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:22:38.201422081Z | 66 | PC: 131b5 | Move file pointer |
| 2018-12-25T12:22:38.202912357Z | 64 | PC: 131c3 | Write file or device (Write 256 bytes on handle 5) |
| 2018-12-25T12:22:38.206125721Z | 66 | PC: 13079 | Move file pointer (See above) |
| 2018-12-25T12:22:38.207627335Z | 64 | PC: 13196 | Write file or device (Write 1014 bytes on handle 5) |
| 2018-12-25T12:22:38.218606181Z | 87 | PC: 13260 | Get or set file date and time |
| 2018-12-25T12:22:38.223532317Z | 62 | PC: 1323c | Close file |
| 2018-12-25T12:22:38.231456888Z | 67 | PC: 1324d | Get or set file attributes |
| 2018-12-25T12:22:38.242307737Z | 44 | PC: 12fb5 | Get time 0x12fb5: nop 0x12fb6: cmp dh, cl 0x12fb8: jne 0x12fbd 0x12fba: call 0x12ff7 0x12fbd: ret 0x12fbe: push es 0x12fbf: push ds 0x12fc0: pushaw 0x12fc1: push cs 0x12fc2: pop cx 0x12fc3: mov dx, 4 0x12fc6: mov ah, 0x35 0x12fc8: mov al, 0x24 0x12fca: int 0x21 0x12fcc: push es 0x12fcd: pop ds 0x12fce: mov word ptr [bx + 2], dx 0x12fd1: mov word ptr [bx], cx 0x12fd3: popaw 0x12fd4: pop ds |
| 2018-12-25T12:22:38.253766446Z | 53 | PC: 12f97 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:22:38.255385159Z | 9 | PC: 12e26 | Display string (String= 'Hello - Copyright S & S International, 1990 ') |