Sample viewer

vx.netlux.org/Virus.DOS.Hider.1782

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:50:01.686961208Z	26	PC: 12bcd \| Set disk transfer address
2018-12-17T22:50:01.689056725Z	71	PC: 12bdb \| Get current directory
2018-12-17T22:50:01.6923648Z	78	PC: 130ec \| Find first file
2018-12-17T22:50:01.698842659Z	78	PC: 1310b \| Find first file
2018-12-17T22:50:01.706301753Z	78	PC: 12bf6 \| Find first file
2018-12-17T22:50:01.713388728Z	67	PC: 1308a \| Get or set file attributes
2018-12-17T22:50:01.724966569Z	67	PC: 13096 \| Get or set file attributes
2018-12-17T22:50:01.743398558Z	61	PC: 12efe \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:50:01.751924096Z	66	PC: 12f08 \| Move file pointer
2018-12-17T22:50:01.753869871Z	66	PC: 12f3e \| Move file pointer
2018-12-17T22:50:01.75564193Z	63	PC: 12f4b \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:50:01.764110881Z	87	PC: 130aa \| Get or set file date and time
2018-12-17T22:50:01.765713241Z	66	PC: 12ee8 \| Move file pointer
2018-12-17T22:50:01.767244488Z	63	PC: 12ef2 \| Read file or device (Read 256 bytes on handle 5)
2018-12-17T22:50:01.770575537Z	66	PC: 12c2e \| Move file pointer
2018-12-17T22:50:01.772798533Z	63	PC: 12c38 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:50:01.774788943Z	66	PC: 12c41 \| Move file pointer
2018-12-17T22:50:01.776748815Z	64	PC: 12c51 \| Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:50:01.778923701Z	64	PC: 12c5c \| Write file or device (Write 2 bytes on handle 5)
2018-12-17T22:50:01.781162606Z	66	PC: 12c70 \| Move file pointer
2018-12-17T22:50:01.782771469Z	64	PC: 12c84 \| Write file or device (Write 1780 bytes on handle 5)
2018-12-17T22:50:01.790532671Z	64	PC: 1313b \| Write file or device (Write 2 bytes on handle 5)
2018-12-17T22:50:01.793856185Z	87	PC: 130c4 \| Get or set file date and time
2018-12-17T22:50:01.795931073Z	62	PC: 12c8e \| Close file
2018-12-17T22:50:01.805849376Z	67	PC: 130a4 \| Get or set file attributes
2018-12-17T22:50:01.819983611Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:50:01.822988726Z	67	PC: 1308a \| Get or set file attributes
2018-12-17T22:50:01.829864104Z	67	PC: 13096 \| Get or set file attributes
2018-12-17T22:50:01.840759444Z	61	PC: 12efe \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:50:01.848319867Z	66	PC: 12f08 \| Move file pointer
2018-12-17T22:50:01.851141959Z	62	PC: 12f5b \| Close file
2018-12-17T22:50:01.854257873Z	67	PC: 130a4 \| Get or set file attributes
2018-12-17T22:50:01.868039375Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:50:01.872989154Z	67	PC: 1308a \| Get or set file attributes
2018-12-17T22:50:01.880429533Z	67	PC: 13096 \| Get or set file attributes
2018-12-17T22:50:01.89431494Z	61	PC: 12efe \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:50:01.903175877Z	66	PC: 12f08 \| Move file pointer
2018-12-17T22:50:01.905305508Z	62	PC: 12f5b \| Close file
2018-12-17T22:50:01.907757404Z	67	PC: 130a4 \| Get or set file attributes
2018-12-17T22:50:01.918836109Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:50:01.922571376Z	67	PC: 1308a \| Get or set file attributes
2018-12-17T22:50:01.928952925Z	67	PC: 13096 \| Get or set file attributes
2018-12-17T22:50:01.939960085Z	61	PC: 12efe \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:50:01.948150983Z	66	PC: 12f08 \| Move file pointer
2018-12-17T22:50:01.950125112Z	62	PC: 12f5b \| Close file
2018-12-17T22:50:01.952403512Z	67	PC: 130a4 \| Get or set file attributes
2018-12-17T22:50:01.964046527Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:50:01.967355283Z	67	PC: 1308a \| Get or set file attributes
2018-12-17T22:50:01.973754676Z	67	PC: 13096 \| Get or set file attributes
2018-12-17T22:50:01.985943977Z	61	PC: 12efe \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:50:01.998885079Z	66	PC: 12f08 \| Move file pointer
2018-12-17T22:50:02.001643221Z	62	PC: 12f5b \| Close file
2018-12-17T22:50:02.004446327Z	67	PC: 130a4 \| Get or set file attributes
2018-12-17T22:50:02.015635318Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:50:02.019082004Z	67	PC: 1308a \| Get or set file attributes
2018-12-17T22:50:02.025911405Z	67	PC: 13096 \| Get or set file attributes
2018-12-17T22:50:02.0376777Z	61	PC: 12efe \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:50:02.045887915Z	66	PC: 12f08 \| Move file pointer
2018-12-17T22:50:02.047972301Z	66	PC: 12f3e \| Move file pointer
2018-12-17T22:50:02.05088351Z	63	PC: 12f4b \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:50:02.058214683Z	87	PC: 130aa \| Get or set file date and time
2018-12-17T22:50:02.06036873Z	66	PC: 12ee8 \| Move file pointer
2018-12-17T22:50:02.063119889Z	63	PC: 12ef2 \| Read file or device (Read 256 bytes on handle 5)
2018-12-17T22:50:02.066815953Z	66	PC: 12c2e \| Move file pointer
2018-12-17T22:50:02.068759224Z	63	PC: 12c38 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:50:02.073763165Z	66	PC: 12c41 \| Move file pointer
2018-12-17T22:50:02.076217726Z	64	PC: 12c51 \| Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:50:02.079576957Z	64	PC: 12c5c \| Write file or device (Write 2 bytes on handle 5)
2018-12-17T22:50:02.083528171Z	66	PC: 12c70 \| Move file pointer
2018-12-17T22:50:02.08583248Z	64	PC: 12c84 \| Write file or device (Write 1780 bytes on handle 5)
2018-12-17T22:50:02.096103146Z	64	PC: 1313b \| Write file or device (Write 2 bytes on handle 5)
2018-12-17T22:50:02.099629401Z	87	PC: 130c4 \| Get or set file date and time
2018-12-17T22:50:02.102149165Z	62	PC: 12c8e \| Close file
2018-12-17T22:50:02.112627871Z	67	PC: 130a4 \| Get or set file attributes
2018-12-17T22:50:02.123945985Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:50:02.128211138Z	67	PC: 1308a \| Get or set file attributes
2018-12-17T22:50:02.134658861Z	67	PC: 13096 \| Get or set file attributes
2018-12-17T22:50:02.147176289Z	61	PC: 12efe \| Open file (Filename = 'PAH.COM')
2018-12-17T22:50:02.155686306Z	66	PC: 12f08 \| Move file pointer
2018-12-17T22:50:02.157680323Z	62	PC: 12f5b \| Close file
2018-12-17T22:50:02.160034806Z	67	PC: 130a4 \| Get or set file attributes
2018-12-17T22:50:02.171832461Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:50:02.175229282Z	67	PC: 1308a \| Get or set file attributes
2018-12-17T22:50:02.181972411Z	67	PC: 13096 \| Get or set file attributes
2018-12-17T22:50:02.193795503Z	61	PC: 12efe \| Open file (Filename = 'TEST.COM')
2018-12-17T22:50:02.207435129Z	66	PC: 12f08 \| Move file pointer
2018-12-17T22:50:02.20960188Z	66	PC: 12f3e \| Move file pointer
2018-12-17T22:50:02.211701354Z	63	PC: 12f4b \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:50:02.220657921Z	62	PC: 12f5b \| Close file
2018-12-17T22:50:02.223161364Z	67	PC: 130a4 \| Get or set file attributes
2018-12-17T22:50:02.234612497Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:50:02.238974803Z	78	PC: 12cb3 \| Find first file
2018-12-17T22:50:02.246255702Z	59	PC: 12fb3 \| Change current directory
2018-12-17T22:50:02.251745145Z	78	PC: 130ec \| Find first file
2018-12-17T22:50:02.259367916Z	78	PC: 1310b \| Find first file
2018-12-17T22:50:02.271725593Z	78	PC: 12bf6 \| Find first file
2018-12-17T22:50:02.278966286Z	67	PC: 1308a \| Get or set file attributes
2018-12-17T22:50:02.285993759Z	67	PC: 13096 \| Get or set file attributes
2018-12-17T22:50:02.297237934Z	61	PC: 12efe \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:50:02.304617518Z	66	PC: 12f08 \| Move file pointer
2018-12-17T22:50:02.306521616Z	66	PC: 12f3e \| Move file pointer
2018-12-17T22:50:02.309474383Z	63	PC: 12f4b \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:50:02.317109207Z	62	PC: 12f5b \| Close file
2018-12-17T22:50:02.321833943Z	67	PC: 130a4 \| Get or set file attributes
2018-12-17T22:50:02.335159549Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:50:02.338461371Z	67	PC: 1308a \| Get or set file attributes
2018-12-17T22:50:02.345699931Z	67	PC: 13096 \| Get or set file attributes
2018-12-17T22:50:02.357594878Z	61	PC: 12efe \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:50:02.370483914Z	66	PC: 12f08 \| Move file pointer
2018-12-17T22:50:02.372412497Z	62	PC: 12f5b \| Close file
2018-12-17T22:50:02.375882566Z	67	PC: 130a4 \| Get or set file attributes
2018-12-17T22:50:02.390723038Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:50:02.393750265Z	67	PC: 1308a \| Get or set file attributes
2018-12-17T22:50:02.400128728Z	67	PC: 13096 \| Get or set file attributes
2018-12-17T22:50:02.412524246Z	61	PC: 12efe \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:50:02.419928196Z	66	PC: 12f08 \| Move file pointer
2018-12-17T22:50:02.42180954Z	62	PC: 12f5b \| Close file
2018-12-17T22:50:02.424764923Z	67	PC: 130a4 \| Get or set file attributes
2018-12-17T22:50:02.43563762Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:50:02.438972565Z	67	PC: 1308a \| Get or set file attributes
2018-12-17T22:50:02.446331711Z	67	PC: 13096 \| Get or set file attributes
2018-12-17T22:50:02.460078908Z	61	PC: 12efe \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:50:02.473491888Z	66	PC: 12f08 \| Move file pointer
2018-12-17T22:50:02.476387478Z	62	PC: 12f5b \| Close file
2018-12-17T22:50:02.479710581Z	67	PC: 130a4 \| Get or set file attributes
2018-12-17T22:50:02.490779948Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:50:02.495167811Z	67	PC: 1308a \| Get or set file attributes
2018-12-17T22:50:02.501901522Z	67	PC: 13096 \| Get or set file attributes
2018-12-17T22:50:02.512753891Z	61	PC: 12efe \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:50:02.520750083Z	66	PC: 12f08 \| Move file pointer
2018-12-17T22:50:02.523165882Z	62	PC: 12f5b \| Close file
2018-12-17T22:50:02.526038409Z	67	PC: 130a4 \| Get or set file attributes
2018-12-17T22:50:02.5400063Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:50:02.544579061Z	67	PC: 1308a \| Get or set file attributes
2018-12-17T22:50:02.551096877Z	67	PC: 13096 \| Get or set file attributes
2018-12-17T22:50:02.562230183Z	61	PC: 12efe \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:50:02.570971346Z	66	PC: 12f08 \| Move file pointer
2018-12-17T22:50:02.57299625Z	66	PC: 12f3e \| Move file pointer
2018-12-17T22:50:02.574987631Z	63	PC: 12f4b \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:50:02.583742569Z	62	PC: 12f5b \| Close file
2018-12-17T22:50:02.586115567Z	67	PC: 130a4 \| Get or set file attributes
2018-12-17T22:50:02.597217805Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:50:02.601786689Z	67	PC: 1308a \| Get or set file attributes
2018-12-17T22:50:02.614270112Z	67	PC: 13096 \| Get or set file attributes
2018-12-17T22:50:02.625103756Z	61	PC: 12efe \| Open file (Filename = 'PAH.COM')
2018-12-17T22:50:02.633118624Z	66	PC: 12f08 \| Move file pointer
2018-12-17T22:50:02.634930718Z	62	PC: 12f5b \| Close file
2018-12-17T22:50:02.636941996Z	67	PC: 130a4 \| Get or set file attributes
2018-12-17T22:50:02.648714775Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:50:02.651875152Z	67	PC: 1308a \| Get or set file attributes
2018-12-17T22:50:02.658125665Z	67	PC: 13096 \| Get or set file attributes
2018-12-17T22:50:02.673510409Z	61	PC: 12efe \| Open file (Filename = 'TEST.COM')
2018-12-17T22:50:02.68135179Z	66	PC: 12f08 \| Move file pointer
2018-12-17T22:50:02.683192078Z	66	PC: 12f3e \| Move file pointer
2018-12-17T22:50:02.68575847Z	63	PC: 12f4b \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:50:02.693607516Z	62	PC: 12f5b \| Close file
2018-12-17T22:50:02.695693344Z	67	PC: 130a4 \| Get or set file attributes
2018-12-17T22:50:02.706282699Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:50:02.70975899Z	78	PC: 12cb3 \| Find first file
2018-12-17T22:50:02.716397562Z	78	PC: 12fea \| Find first file
2018-12-17T22:50:02.72290109Z	67	PC: 13002 \| Get or set file attributes
2018-12-17T22:50:02.735740011Z	79	PC: 12fea \| Find next file
2018-12-17T22:50:02.738399538Z	67	PC: 13002 \| Get or set file attributes
2018-12-17T22:50:02.74557575Z	79	PC: 12fea \| Find next file
2018-12-17T22:50:02.750034407Z	67	PC: 13002 \| Get or set file attributes
2018-12-17T22:50:02.756306541Z	79	PC: 12fea \| Find next file
2018-12-17T22:50:02.759357553Z	67	PC: 13002 \| Get or set file attributes
2018-12-17T22:50:02.766255191Z	79	PC: 12fea \| Find next file
2018-12-17T22:50:02.769157193Z	67	PC: 13002 \| Get or set file attributes
2018-12-17T22:50:02.775379163Z	79	PC: 12fea \| Find next file
2018-12-17T22:50:02.778932158Z	67	PC: 13002 \| Get or set file attributes
2018-12-17T22:50:02.785074417Z	79	PC: 12fea \| Find next file
2018-12-17T22:50:02.78794449Z	67	PC: 13002 \| Get or set file attributes
2018-12-17T22:50:02.795408663Z	79	PC: 12fea \| Find next file
2018-12-17T22:50:02.798338017Z	67	PC: 13002 \| Get or set file attributes
2018-12-17T22:50:02.804486508Z	79	PC: 12fea \| Find next file
2018-12-17T22:50:02.808430437Z	67	PC: 13002 \| Get or set file attributes
2018-12-17T22:50:02.815298751Z	79	PC: 12fea \| Find next file
2018-12-17T22:50:02.817916299Z	59	PC: 13036 \| Change current directory
2018-12-17T22:50:02.823482947Z	59	PC: 12e6f \| Change current directory
2018-12-17T22:50:02.828112845Z	42	PC: 13125 \| Get date 0x13125: cmp dl, 0xd 0x13128: je 0x1312c 0x1312a: clc 0x1312b: ret 0x1312c: stc 0x1312d: ret 0x1312e: push cs 0x1312f: pop ds 0x13130: lea dx, word ptr [di + 0x6f2] 0x13134: mov cx, 2 0x13137: mov ah, 0x40 0x13139: int 0x21 0x1313b: push es 0x1313c: pop ds 0x1313d: ret 0x1313e: push ds 0x1313f: mov dl, 3 0x13141: mov ah, 0x32 0x13143: int 0x21 0x13145: mov ax, word ptr [bx + 9]
2018-12-17T22:50:02.830816745Z	26	PC: 12e93 \| Set disk transfer address

{"DateBased":true,"Day":13,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10082,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:27:10.335144841Z	26	PC: 12bcd \| Set disk transfer address
2018-12-25T12:27:10.336914104Z	71	PC: 12bdb \| Get current directory
2018-12-25T12:27:10.341591432Z	78	PC: 130ec \| Find first file
2018-12-25T12:27:10.348645595Z	78	PC: 1310b \| Find first file
2018-12-25T12:27:10.355499727Z	78	PC: 12bf6 \| Find first file
2018-12-25T12:27:10.363708447Z	67	PC: 1308a \| Get or set file attributes
2018-12-25T12:27:10.377481488Z	67	PC: 13096 \| Get or set file attributes
2018-12-25T12:27:10.400880387Z	61	PC: 12efe \| Open file (Filename = 'SLEEP.COM')
2018-12-25T12:27:10.407248065Z	66	PC: 12f08 \| Move file pointer
2018-12-25T12:27:10.409313392Z	66	PC: 12f3e \| Move file pointer
2018-12-25T12:27:10.411307091Z	63	PC: 12f4b \| Read file or device (Read 2 bytes on handle 5)
2018-12-25T12:27:10.420279154Z	87	PC: 130aa \| Get or set file date and time
2018-12-25T12:27:10.422461507Z	66	PC: 12ee8 \| Move file pointer
2018-12-25T12:27:10.424498261Z	63	PC: 12ef2 \| Read file or device (Read 256 bytes on handle 5)
2018-12-25T12:27:10.4279206Z	66	PC: 12c2e \| Move file pointer
2018-12-25T12:27:10.430081533Z	63	PC: 12c38 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:27:10.434677857Z	66	PC: 12c41 \| Move file pointer
2018-12-25T12:27:10.436587911Z	64	PC: 12c51 \| Write file or device (Write 1 bytes on handle 5)
2018-12-25T12:27:10.440835763Z	64	PC: 12c5c \| Write file or device (Write 2 bytes on handle 5)
2018-12-25T12:27:10.443843748Z	66	PC: 12c70 \| Move file pointer
2018-12-25T12:27:10.445945995Z	64	PC: 12c84 \| Write file or device (Write 1780 bytes on handle 5)
2018-12-25T12:27:10.456763248Z	64	PC: 1313b \| Write file or device (Write 2 bytes on handle 5)
2018-12-25T12:27:10.46027592Z	87	PC: 130c4 \| Get or set file date and time
2018-12-25T12:27:10.462543312Z	62	PC: 12c8e \| Close file
2018-12-25T12:27:10.473465129Z	67	PC: 130a4 \| Get or set file attributes
2018-12-25T12:27:10.486639865Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T12:27:10.490082809Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T12:27:10.497339334Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T12:27:10.508937986Z	61	PC: 12efe \| Open file (See above)
2018-12-25T12:27:10.516939431Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T12:27:10.519394012Z	62	PC: 12f5b \| Close file
2018-12-25T12:27:10.522621673Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T12:27:10.53744374Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T12:27:10.540864338Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T12:27:10.548252066Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T12:27:10.559345368Z	61	PC: 12efe \| Open file (See above)
2018-12-25T12:27:10.567337282Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T12:27:10.57120464Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T12:27:10.573653441Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T12:27:10.584897968Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T12:27:10.589336055Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T12:27:10.602731572Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T12:27:10.612154321Z	61	PC: 12efe \| Open file (See above)
2018-12-25T12:27:10.620374594Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T12:27:10.622638082Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T12:27:10.625076652Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T12:27:10.636463772Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T12:27:10.639967793Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T12:27:10.646589184Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T12:27:10.660635822Z	61	PC: 12efe \| Open file (See above)
2018-12-25T12:27:10.670408651Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T12:27:10.672515322Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T12:27:10.674940906Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T12:27:10.687264182Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T12:27:10.691070515Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T12:27:10.697854283Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T12:27:10.710034149Z	61	PC: 12efe \| Open file (See above)
2018-12-25T12:27:10.718659328Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T12:27:10.720759319Z	66	PC: 12f3e \| Move file pointer (See above)
2018-12-25T12:27:10.723025613Z	63	PC: 12f4b \| Read file or device (See above)
2018-12-25T12:27:10.732122732Z	87	PC: 130aa \| Get or set file date and time (See above)
2018-12-25T12:27:10.734217039Z	66	PC: 12ee8 \| Move file pointer (See above)
2018-12-25T12:27:10.736227474Z	63	PC: 12ef2 \| Read file or device (See above)
2018-12-25T12:27:10.742558549Z	66	PC: 12c2e \| Move file pointer (See above)
2018-12-25T12:27:10.744527243Z	63	PC: 12c38 \| Read file or device (See above)
2018-12-25T12:27:10.747709256Z	66	PC: 12c41 \| Move file pointer (See above)
2018-12-25T12:27:10.750601767Z	64	PC: 12c51 \| Write file or device (See above)
2018-12-25T12:27:10.754297348Z	64	PC: 12c5c \| Write file or device (See above)
2018-12-25T12:27:10.75766532Z	66	PC: 12c70 \| Move file pointer (See above)
2018-12-25T12:27:10.76066468Z	64	PC: 12c84 \| Write file or device (See above)
2018-12-25T12:27:10.77110368Z	64	PC: 1313b \| Write file or device (See above)
2018-12-25T12:27:10.774197505Z	87	PC: 130c4 \| Get or set file date and time (See above)
2018-12-25T12:27:10.776129316Z	62	PC: 12c8e \| Close file (See above)
2018-12-25T12:27:10.785491282Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T12:27:10.796973922Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T12:27:10.801280264Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T12:27:10.809120711Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T12:27:10.820511705Z	61	PC: 12efe \| Open file (See above)
2018-12-25T12:27:10.828381245Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T12:27:10.831137396Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T12:27:10.833736116Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T12:27:10.845011569Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T12:27:10.849133753Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T12:27:10.856033156Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T12:27:10.868877555Z	61	PC: 12efe \| Open file (See above)
2018-12-25T12:27:10.877621245Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T12:27:10.879467808Z	66	PC: 12f3e \| Move file pointer (See above)
2018-12-25T12:27:10.881439698Z	63	PC: 12f4b \| Read file or device (See above)
2018-12-25T12:27:10.890200457Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T12:27:10.893184618Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T12:27:10.905003387Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T12:27:10.908927144Z	78	PC: 12cb3 \| Find first file
2018-12-25T12:27:10.91581608Z	59	PC: 12fb3 \| Change current directory
2018-12-25T12:27:10.920850801Z	78	PC: 130ec \| Find first file (See above)
2018-12-25T12:27:10.933601235Z	78	PC: 1310b \| Find first file (See above)
2018-12-25T12:27:10.943130786Z	78	PC: 12bf6 \| Find first file (See above)
2018-12-25T12:27:10.949871837Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T12:27:10.956505164Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T12:27:10.968639474Z	61	PC: 12efe \| Open file (See above)
2018-12-25T12:27:10.981703229Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T12:27:10.983794089Z	66	PC: 12f3e \| Move file pointer (See above)
2018-12-25T12:27:10.987018216Z	63	PC: 12f4b \| Read file or device (See above)
2018-12-25T12:27:10.995595726Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T12:27:10.998036304Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T12:27:11.010513156Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T12:27:11.014331602Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T12:27:11.021116514Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T12:27:11.033298546Z	61	PC: 12efe \| Open file (See above)
2018-12-25T12:27:11.041574339Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T12:27:11.043684424Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T12:27:11.046130159Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T12:27:11.058547775Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T12:27:11.062800862Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T12:27:11.069551005Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T12:27:11.082114401Z	61	PC: 12efe \| Open file (See above)
2018-12-25T12:27:11.089968664Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T12:27:11.092051119Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T12:27:11.095322307Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T12:27:11.106942485Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T12:27:11.110338638Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T12:27:11.11785756Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T12:27:11.129992029Z	61	PC: 12efe \| Open file (See above)
2018-12-25T12:27:11.138082894Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T12:27:11.140158233Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T12:27:11.143663052Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T12:27:11.154952971Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T12:27:11.158323696Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T12:27:11.166219082Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T12:27:11.178148126Z	61	PC: 12efe \| Open file (See above)
2018-12-25T12:27:11.193614147Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T12:27:11.196627564Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T12:27:11.199198291Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T12:27:11.210553389Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T12:27:11.215239429Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T12:27:11.222202266Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T12:27:11.233571044Z	61	PC: 12efe \| Open file (See above)
2018-12-25T12:27:11.257250045Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T12:27:11.259729359Z	66	PC: 12f3e \| Move file pointer (See above)
2018-12-25T12:27:11.261294116Z	63	PC: 12f4b \| Read file or device (See above)
2018-12-25T12:27:11.269592758Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T12:27:11.27191908Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T12:27:11.283522487Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T12:27:11.287108463Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T12:27:11.294590235Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T12:27:11.305833299Z	61	PC: 12efe \| Open file (See above)
2018-12-25T12:27:11.313650483Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T12:27:11.31683136Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T12:27:11.320018368Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T12:27:11.331289286Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T12:27:11.335725518Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T12:27:11.342473237Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T12:27:11.353734939Z	61	PC: 12efe \| Open file (See above)
2018-12-25T12:27:11.370856625Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T12:27:11.373048001Z	66	PC: 12f3e \| Move file pointer (See above)
2018-12-25T12:27:11.375096038Z	63	PC: 12f4b \| Read file or device (See above)
2018-12-25T12:27:11.384753591Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T12:27:11.387661987Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T12:27:11.399713932Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T12:27:11.403911104Z	78	PC: 12cb3 \| Find first file (See above)
2018-12-25T12:27:11.411472488Z	78	PC: 12fea \| Find first file
2018-12-25T12:27:11.41868063Z	67	PC: 13002 \| Get or set file attributes
2018-12-25T12:27:11.426884276Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T12:27:11.430314433Z	67	PC: 13002 \| Get or set file attributes (See above)
2018-12-25T12:27:11.443044593Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T12:27:11.448457504Z	67	PC: 13002 \| Get or set file attributes (See above)
2018-12-25T12:27:11.456251201Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T12:27:11.459770981Z	67	PC: 13002 \| Get or set file attributes (See above)
2018-12-25T12:27:11.467725815Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T12:27:11.471651807Z	67	PC: 13002 \| Get or set file attributes (See above)
2018-12-25T12:27:11.478970523Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T12:27:11.482722043Z	67	PC: 13002 \| Get or set file attributes (See above)
2018-12-25T12:27:11.49099327Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T12:27:11.494438655Z	67	PC: 13002 \| Get or set file attributes (See above)
2018-12-25T12:27:11.501693741Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T12:27:11.506280419Z	67	PC: 13002 \| Get or set file attributes (See above)
2018-12-25T12:27:11.51426852Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T12:27:11.517786265Z	67	PC: 13002 \| Get or set file attributes (See above)
2018-12-25T12:27:11.526391566Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T12:27:11.529730866Z	59	PC: 13036 \| Change current directory
2018-12-25T12:27:11.535203084Z	59	PC: 12e6f \| Change current directory
2018-12-25T12:27:11.54180541Z	42	PC: 13125 \| Get date 0x13125: cmp dl, 0xd 0x13128: je 0x1312c 0x1312a: clc 0x1312b: ret 0x1312c: stc 0x1312d: ret 0x1312e: push cs 0x1312f: pop ds 0x13130: lea dx, word ptr [di + 0x6f2] 0x13134: mov cx, 2 0x13137: mov ah, 0x40 0x13139: int 0x21 0x1313b: push es 0x1313c: pop ds 0x1313d: ret 0x1313e: push ds 0x1313f: mov dl, 3 0x13141: mov ah, 0x32 0x13143: int 0x21 0x13145: mov ax, word ptr [bx + 9]
2018-12-25T12:27:11.545105627Z	64	PC: 12e84 \| Write file or device (Write 88 bytes on handle 1)
2018-12-25T12:27:11.555775306Z	50	PC: 13145 \| Get disk parameter block for specified drive
2018-12-25T12:27:11.903327951Z	26	PC: 12e93 \| Set disk transfer address

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10082,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:27:10.768402528Z	26	PC: 12bcd \| Set disk transfer address
2018-12-25T12:27:10.77191391Z	71	PC: 12bdb \| Get current directory
2018-12-25T12:27:10.776195704Z	78	PC: 130ec \| Find first file
2018-12-25T12:27:10.783246374Z	78	PC: 1310b \| Find first file
2018-12-25T12:27:10.790386298Z	78	PC: 12bf6 \| Find first file
2018-12-25T12:27:10.799953099Z	67	PC: 1308a \| Get or set file attributes
2018-12-25T12:27:10.812695872Z	67	PC: 13096 \| Get or set file attributes
2018-12-25T12:27:10.833085734Z	61	PC: 12efe \| Open file (Filename = 'SLEEP.COM')
2018-12-25T12:27:10.848666958Z	66	PC: 12f08 \| Move file pointer
2018-12-25T12:27:10.851267806Z	66	PC: 12f3e \| Move file pointer
2018-12-25T12:27:10.853225635Z	63	PC: 12f4b \| Read file or device (Read 2 bytes on handle 5)
2018-12-25T12:27:10.861697412Z	87	PC: 130aa \| Get or set file date and time
2018-12-25T12:27:10.863687134Z	66	PC: 12ee8 \| Move file pointer
2018-12-25T12:27:10.865625219Z	63	PC: 12ef2 \| Read file or device (Read 256 bytes on handle 5)
2018-12-25T12:27:10.873699153Z	66	PC: 12c2e \| Move file pointer
2018-12-25T12:27:10.876634331Z	63	PC: 12c38 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:27:10.879752473Z	66	PC: 12c41 \| Move file pointer
2018-12-25T12:27:10.89250815Z	64	PC: 12c51 \| Write file or device (Write 1 bytes on handle 5)
2018-12-25T12:27:10.895920195Z	64	PC: 12c5c \| Write file or device (Write 2 bytes on handle 5)
2018-12-25T12:27:10.90124705Z	66	PC: 12c70 \| Move file pointer
2018-12-25T12:27:10.904279623Z	64	PC: 12c84 \| Write file or device (Write 1780 bytes on handle 5)
2018-12-25T12:27:10.920519552Z	64	PC: 1313b \| Write file or device (Write 2 bytes on handle 5)
2018-12-25T12:27:10.92457449Z	87	PC: 130c4 \| Get or set file date and time
2018-12-25T12:27:10.929949181Z	62	PC: 12c8e \| Close file
2018-12-25T12:27:10.945540625Z	67	PC: 130a4 \| Get or set file attributes
2018-12-25T12:27:10.972695356Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T12:27:10.982779902Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T12:27:11.004995413Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T12:27:11.016843033Z	61	PC: 12efe \| Open file (See above)
2018-12-25T12:27:11.024814398Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T12:27:11.027383826Z	62	PC: 12f5b \| Close file
2018-12-25T12:27:11.029825083Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T12:27:11.041191137Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T12:27:11.045063192Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T12:27:11.053079972Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T12:27:11.065335574Z	61	PC: 12efe \| Open file (See above)
2018-12-25T12:27:11.074102574Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T12:27:11.076270676Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T12:27:11.078895594Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T12:27:11.091439641Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T12:27:11.095114988Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T12:27:11.10225523Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T12:27:11.11501409Z	61	PC: 12efe \| Open file (See above)
2018-12-25T12:27:11.123782666Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T12:27:11.125873204Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T12:27:11.129481757Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T12:27:11.140912076Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T12:27:11.144216977Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T12:27:11.150931703Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T12:27:11.162669707Z	61	PC: 12efe \| Open file (See above)
2018-12-25T12:27:11.170442581Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T12:27:11.17253744Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T12:27:11.176003273Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T12:27:11.187793533Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T12:27:11.191133822Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T12:27:11.198982179Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T12:27:11.210250634Z	61	PC: 12efe \| Open file (See above)
2018-12-25T12:27:11.217946467Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T12:27:11.220594573Z	66	PC: 12f3e \| Move file pointer (See above)
2018-12-25T12:27:11.222418344Z	63	PC: 12f4b \| Read file or device (See above)
2018-12-25T12:27:11.229919328Z	87	PC: 130aa \| Get or set file date and time (See above)
2018-12-25T12:27:11.232834526Z	66	PC: 12ee8 \| Move file pointer (See above)
2018-12-25T12:27:11.235145909Z	63	PC: 12ef2 \| Read file or device (See above)
2018-12-25T12:27:11.238223486Z	66	PC: 12c2e \| Move file pointer (See above)
2018-12-25T12:27:11.240308419Z	63	PC: 12c38 \| Read file or device (See above)
2018-12-25T12:27:11.244206238Z	66	PC: 12c41 \| Move file pointer (See above)
2018-12-25T12:27:11.246021896Z	64	PC: 12c51 \| Write file or device (See above)
2018-12-25T12:27:11.249256531Z	64	PC: 12c5c \| Write file or device (See above)
2018-12-25T12:27:11.25439661Z	66	PC: 12c70 \| Move file pointer (See above)
2018-12-25T12:27:11.25646731Z	64	PC: 12c84 \| Write file or device (See above)
2018-12-25T12:27:11.266469926Z	64	PC: 1313b \| Write file or device (See above)
2018-12-25T12:27:11.270653308Z	87	PC: 130c4 \| Get or set file date and time (See above)
2018-12-25T12:27:11.273077405Z	62	PC: 12c8e \| Close file (See above)
2018-12-25T12:27:11.28191399Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T12:27:11.293990793Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T12:27:11.297595614Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T12:27:11.30422319Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T12:27:11.315575512Z	61	PC: 12efe \| Open file (See above)
2018-12-25T12:27:11.324846057Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T12:27:11.3267785Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T12:27:11.329051843Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T12:27:11.341058478Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T12:27:11.344307335Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T12:27:11.350923843Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T12:27:11.363003935Z	61	PC: 12efe \| Open file (See above)
2018-12-25T12:27:11.371148098Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T12:27:11.373343826Z	66	PC: 12f3e \| Move file pointer (See above)
2018-12-25T12:27:11.37635474Z	63	PC: 12f4b \| Read file or device (See above)
2018-12-25T12:27:11.385219578Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T12:27:11.387669936Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T12:27:11.399627247Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T12:27:11.403949969Z	78	PC: 12cb3 \| Find first file
2018-12-25T12:27:11.411178746Z	59	PC: 12fb3 \| Change current directory
2018-12-25T12:27:11.416133095Z	78	PC: 130ec \| Find first file (See above)
2018-12-25T12:27:11.423869697Z	78	PC: 1310b \| Find first file (See above)
2018-12-25T12:27:11.436133754Z	78	PC: 12bf6 \| Find first file (See above)
2018-12-25T12:27:11.449030561Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T12:27:11.456619185Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T12:27:11.468153741Z	61	PC: 12efe \| Open file (See above)
2018-12-25T12:27:11.475974048Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T12:27:11.478939118Z	66	PC: 12f3e \| Move file pointer (See above)
2018-12-25T12:27:11.481165516Z	63	PC: 12f4b \| Read file or device (See above)
2018-12-25T12:27:11.489628023Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T12:27:11.492277323Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T12:27:11.504101697Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T12:27:11.507601229Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T12:27:11.5152252Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T12:27:11.526992693Z	61	PC: 12efe \| Open file (See above)
2018-12-25T12:27:11.535016965Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T12:27:11.537196408Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T12:27:11.539897722Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T12:27:11.551302953Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T12:27:11.554917181Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T12:27:11.562179293Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T12:27:11.574075517Z	61	PC: 12efe \| Open file (See above)
2018-12-25T12:27:11.582849383Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T12:27:11.585591256Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T12:27:11.587794261Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T12:27:11.901686135Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T12:27:11.906047714Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T12:27:11.911932714Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T12:27:11.929850435Z	61	PC: 12efe \| Open file (See above)
2018-12-25T12:27:11.940954584Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T12:27:11.943935678Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T12:27:11.94743164Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T12:27:11.970096261Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T12:27:11.973646958Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T12:27:11.985937242Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T12:27:12.009514688Z	61	PC: 12efe \| Open file (See above)
2018-12-25T12:27:12.025876087Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T12:27:12.028906136Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T12:27:12.032685368Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T12:27:12.056503441Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T12:27:12.062296802Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T12:27:12.077639109Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T12:27:12.10157928Z	61	PC: 12efe \| Open file (See above)
2018-12-25T12:27:12.116317Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T12:27:12.120519909Z	66	PC: 12f3e \| Move file pointer (See above)
2018-12-25T12:27:12.126034814Z	63	PC: 12f4b \| Read file or device (See above)
2018-12-25T12:27:12.142028889Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T12:27:12.145759105Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T12:27:12.170139642Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T12:27:12.175704532Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T12:27:12.189924961Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T12:27:12.206794018Z	61	PC: 12efe \| Open file (See above)
2018-12-25T12:27:12.214286059Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T12:27:12.216169309Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T12:27:12.228512883Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T12:27:12.240083151Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T12:27:12.244405166Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T12:27:12.254185894Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T12:27:12.281734259Z	61	PC: 12efe \| Open file (See above)
2018-12-25T12:27:12.292142023Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T12:27:12.300618745Z	66	PC: 12f3e \| Move file pointer (See above)
2018-12-25T12:27:12.302890687Z	63	PC: 12f4b \| Read file or device (See above)
2018-12-25T12:27:12.320171947Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T12:27:12.324715219Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T12:27:12.345633251Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T12:27:12.352607678Z	78	PC: 12cb3 \| Find first file (See above)
2018-12-25T12:27:12.366379847Z	78	PC: 12fea \| Find first file
2018-12-25T12:27:12.377734812Z	67	PC: 13002 \| Get or set file attributes
2018-12-25T12:27:12.385271198Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T12:27:12.388526837Z	67	PC: 13002 \| Get or set file attributes (See above)
2018-12-25T12:27:12.395622154Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T12:27:12.399391885Z	67	PC: 13002 \| Get or set file attributes (See above)
2018-12-25T12:27:12.408767256Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T12:27:12.414096985Z	67	PC: 13002 \| Get or set file attributes (See above)
2018-12-25T12:27:12.42405737Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T12:27:12.428865344Z	67	PC: 13002 \| Get or set file attributes (See above)
2018-12-25T12:27:12.436653568Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T12:27:12.439998092Z	67	PC: 13002 \| Get or set file attributes (See above)
2018-12-25T12:27:12.447916992Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T12:27:12.451651083Z	67	PC: 13002 \| Get or set file attributes (See above)
2018-12-25T12:27:12.458763368Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T12:27:12.462175754Z	67	PC: 13002 \| Get or set file attributes (See above)
2018-12-25T12:27:12.469644057Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T12:27:12.473112983Z	67	PC: 13002 \| Get or set file attributes (See above)
2018-12-25T12:27:12.480146825Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T12:27:12.483876966Z	59	PC: 13036 \| Change current directory
2018-12-25T12:27:12.48908347Z	59	PC: 12e6f \| Change current directory
2018-12-25T12:27:12.494400579Z	42	PC: 13125 \| Get date 0x13125: cmp dl, 0xd 0x13128: je 0x1312c 0x1312a: clc 0x1312b: ret 0x1312c: stc 0x1312d: ret 0x1312e: push cs 0x1312f: pop ds 0x13130: lea dx, word ptr [di + 0x6f2] 0x13134: mov cx, 2 0x13137: mov ah, 0x40 0x13139: int 0x21 0x1313b: push es 0x1313c: pop ds 0x1313d: ret 0x1313e: push ds 0x1313f: mov dl, 3 0x13141: mov ah, 0x32 0x13143: int 0x21 0x13145: mov ax, word ptr [bx + 9]
2018-12-25T12:27:12.497665357Z	26	PC: 12e93 \| Set disk transfer address