{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9448,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:23:10.785100097Z | 250 | PC: 12bc7 | UNKNOWN! |
| 2018-12-25T12:23:10.786366225Z | 54 | PC: 12bd7 | Get free disk space |
| 2018-12-25T12:23:10.796799511Z | 53 | PC: 12be3 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:23:10.798113276Z | 37 | PC: 12bf6 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:23:10.799351711Z | 26 | PC: 12c00 | Set disk transfer address |
| 2018-12-25T12:23:10.801246639Z | 71 | PC: 12c0a | Get current directory |
| 2018-12-25T12:23:10.804492875Z | 59 | PC: 12c12 | Change current directory |
| 2018-12-25T12:23:10.814652496Z | 78 | PC: 12c1c | Find first file |
| 2018-12-25T12:23:10.825947516Z | 67 | PC: 12cdb | Get or set file attributes |
| 2018-12-25T12:23:11.191575248Z | 61 | PC: 12ce5 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:23:11.199143903Z | 63 | PC: 12cf7 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-25T12:23:11.207120762Z | 42 | PC: 12d12 | Get date 0x12d12: cmp dl, 0x12 0x12d15: jne 0x12d2a 0x12d17: lea dx, word ptr [bp + 0x199] 0x12d1b: mov ah, 9 0x12d1d: int 0x21 0x12d1f: mov ah, 0x19 0x12d21: int 0x21 0x12d23: xor dx, dx 0x12d25: mov cx, 0xc8 0x12d28: int 0x26 0x12d2a: xor ax, ax 0x12d2c: mov byte ptr ds:[bp + 0x160], al 0x12d31: mov ax, word ptr ds:[bp + 0x173] 0x12d36: dec ax 0x12d37: dec ax 0x12d38: dec ax 0x12d39: mov word ptr ds:[bp + 0x18a], ax 0x12d3e: xor bx, bx 0x12d40: mov bl, byte ptr ds:[bp + 0x179] 0x12d45: mov ax, 0x4200 |
| 2018-12-25T12:23:11.209588899Z | 66 | PC: 12d4e | Move file pointer |
| 2018-12-25T12:23:11.211214504Z | 64 | PC: 12d59 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-25T12:23:11.214444497Z | 66 | PC: 12d62 | Move file pointer |
| 2018-12-25T12:23:11.216954952Z | 64 | PC: 12d81 | Write file or device (Write 787 bytes on handle 5) |
| 2018-12-25T12:23:11.226957469Z | 87 | PC: 12baa | Get or set file date and time |
| 2018-12-25T12:23:11.229180568Z | 62 | PC: 12bae | Close file |
| 2018-12-25T12:23:11.239152704Z | 67 | PC: 12bbe | Get or set file attributes |
| 2018-12-25T12:23:11.250003248Z | 67 | PC: 12b65 | Get or set file attributes |
| 2018-12-25T12:23:11.2565481Z | 65 | PC: 12b69 | Delete file (Filename = 'chklist.ms') |
| 2018-12-25T12:23:11.263553308Z | 26 | PC: 12b71 | Set disk transfer address |
| 2018-12-25T12:23:11.264968803Z | 59 | PC: 12b79 | Change current directory |
| 2018-12-25T12:23:11.26958955Z | 37 | PC: 12b8a | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:23:11.27136823Z | 9 | PC: 12aa2 | Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ') |
{"DateBased":true,"Day":18,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9448,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:23:11.417418068Z | 250 | PC: 12bc7 | UNKNOWN! |
| 2018-12-25T12:23:11.42575767Z | 54 | PC: 12bd7 | Get free disk space |
| 2018-12-25T12:23:11.43888108Z | 53 | PC: 12be3 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:23:11.44108157Z | 37 | PC: 12bf6 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:23:11.442715582Z | 26 | PC: 12c00 | Set disk transfer address |
| 2018-12-25T12:23:11.44542227Z | 71 | PC: 12c0a | Get current directory |
| 2018-12-25T12:23:11.449243462Z | 59 | PC: 12c12 | Change current directory |
| 2018-12-25T12:23:11.454051551Z | 78 | PC: 12c1c | Find first file |
| 2018-12-25T12:23:11.46301064Z | 67 | PC: 12cdb | Get or set file attributes |
| 2018-12-25T12:23:11.485824219Z | 61 | PC: 12ce5 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:23:11.493327485Z | 63 | PC: 12cf7 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-25T12:23:11.500689163Z | 42 | PC: 12d12 | Get date 0x12d12: cmp dl, 0x12 0x12d15: jne 0x12d2a 0x12d17: lea dx, word ptr [bp + 0x199] 0x12d1b: mov ah, 9 0x12d1d: int 0x21 0x12d1f: mov ah, 0x19 0x12d21: int 0x21 0x12d23: xor dx, dx 0x12d25: mov cx, 0xc8 0x12d28: int 0x26 0x12d2a: xor ax, ax 0x12d2c: mov byte ptr ds:[bp + 0x160], al 0x12d31: mov ax, word ptr ds:[bp + 0x173] 0x12d36: dec ax 0x12d37: dec ax 0x12d38: dec ax 0x12d39: mov word ptr ds:[bp + 0x18a], ax 0x12d3e: xor bx, bx 0x12d40: mov bl, byte ptr ds:[bp + 0x179] 0x12d45: mov ax, 0x4200 |
| 2018-12-25T12:23:11.503879866Z | 9 | PC: 12d1f | Display string (String= 'Lapidario - Argentina 1993 -') |
| 2018-12-25T12:23:11.506820017Z | 25 | PC: 12d23 | Get default drive |
| 2018-12-25T12:23:11.518414328Z | 66 | PC: 12d4e | Move file pointer |
| 2018-12-25T12:23:11.520798517Z | 64 | PC: 12d59 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-25T12:23:11.528481355Z | 66 | PC: 12d62 | Move file pointer |
| 2018-12-25T12:23:11.530895678Z | 64 | PC: 12d81 | Write file or device (Write 787 bytes on handle 5) |
| 2018-12-25T12:23:11.541696683Z | 87 | PC: 12baa | Get or set file date and time |
| 2018-12-25T12:23:11.543827882Z | 62 | PC: 12bae | Close file |
| 2018-12-25T12:23:11.549436173Z | 67 | PC: 12bbe | Get or set file attributes |
| 2018-12-25T12:23:11.556303389Z | 67 | PC: 12b65 | Get or set file attributes |
| 2018-12-25T12:23:11.56272729Z | 65 | PC: 12b69 | Delete file (Filename = 'chklist.ms') |
| 2018-12-25T12:23:11.569144309Z | 26 | PC: 12b71 | Set disk transfer address |
| 2018-12-25T12:23:11.570772168Z | 59 | PC: 12b79 | Change current directory |
| 2018-12-25T12:23:11.575662019Z | 37 | PC: 12b8a | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:23:11.577091259Z | 9 | PC: 12aa2 | Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ') |
| 2018-12-25T12:23:11.586853346Z | 81 | PC: 122cc | Get current PSP |
| 2018-12-25T12:23:11.587905031Z | 2 | PC: 1268d | Character output (Char = '0d') |
| 2018-12-25T12:23:11.590041525Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.595127564Z | 89 | PC: 12459 | Get extended error info |
| 2018-12-25T12:23:11.596871199Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.599498935Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.60239406Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.605201124Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.607523741Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.609882571Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.613244753Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.615966402Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.619518425Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.623261904Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.626356061Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.629055025Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.632246796Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.634941718Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.637297869Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.648330297Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.650804665Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.653133326Z | 2 | PC: 126da | Character output (Char = '77') |
| 2018-12-25T12:23:11.655834554Z | 2 | PC: 126da | Character output (See above) |
| 2018-12-25T12:23:11.657597712Z | 2 | PC: 126da | Character output (See above) |
| 2018-12-25T12:23:11.659299776Z | 2 | PC: 126da | Character output (See above) |
| 2018-12-25T12:23:11.661048678Z | 2 | PC: 126da | Character output (See above) |
| 2018-12-25T12:23:11.669622093Z | 2 | PC: 126da | Character output (See above) |
| 2018-12-25T12:23:11.681687436Z | 2 | PC: 126da | Character output (See above) |
| 2018-12-25T12:23:11.683963894Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.695110508Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.697559664Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.700009837Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.703663235Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.705971796Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.708043667Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.711063068Z | 2 | PC: 126ce | Character output (Char = '41') |
| 2018-12-25T12:23:11.713326268Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.715416573Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.720117328Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.72236998Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.724453835Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.727488706Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.729156188Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.731474823Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.733879777Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.736561731Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.738813162Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.741769568Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.744354077Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.746583661Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.748874744Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.751730081Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.753963525Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.756075527Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.758773302Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.761273346Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.763515146Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.766258351Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.768955682Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.771585492Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.775890009Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.778190985Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.780425581Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.783577615Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.786038385Z | 2 | PC: 1268d | Character output (See above) |
| 2018-12-25T12:23:11.788371781Z | 12 | PC: 12581 | Flush input buffer and input |