Sample viewer

vx.netlux.org/Virus.DOS.Cybercide.1221

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T21:59:28.85383872Z	221	PC: 12a49 \| UNKNOWN!
2018-12-17T21:59:28.855451315Z	53	PC: 12a58 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T21:59:28.856744428Z	37	PC: 12a95 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T21:59:28.859903054Z	44	PC: 9f787 \| Get time 0x9f787: cmp cl, 0 0x9f78a: je 0x9f72a 0x9f78c: pop dx 0x9f78d: pop cx 0x9f78e: pop ax 0x9f78f: cmp ah, 0x36 0x9f792: jne 0x9f79a 0x9f794: push bp 0x9f795: mov bp, 0x281 0x9f798: jmp bp 0x9f79a: popf 0x9f79b: ljmp 0x19:0x40f8 0x9f7a0: push bp 0x9f7a1: mov bp, 0x369 0x9f7a4: jmp bp 0x9f7a6: push bp 0x9f7a7: mov bp, 0x3f0 0x9f7aa: jmp bp 0x9f7ac: push bp 0x9f7ad: mov bp, 0x49e
2018-12-17T21:59:28.866513147Z	77	PC: 11fe0 \| Get program return code
2018-12-17T21:59:28.867760696Z	44	PC: 9f787 \| Get time 0x9f787: cmp cl, 0 0x9f78a: je 0x9f72a 0x9f78c: pop dx 0x9f78d: pop cx 0x9f78e: pop ax 0x9f78f: cmp ah, 0x36 0x9f792: jne 0x9f79a 0x9f794: push bp 0x9f795: mov bp, 0x281 0x9f798: jmp bp 0x9f79a: popf 0x9f79b: ljmp 0x19:0x40f8 0x9f7a0: push bp 0x9f7a1: mov bp, 0x369 0x9f7a4: jmp bp 0x9f7a6: push bp 0x9f7a7: mov bp, 0x3f0 0x9f7aa: jmp bp 0x9f7ac: push bp 0x9f7ad: mov bp, 0x49e
2018-12-17T21:59:28.87006552Z	72	PC: 12174 \| Allocate memory
2018-12-17T21:59:28.872246439Z	44	PC: 9f787 \| Get time 0x9f787: cmp cl, 0 0x9f78a: je 0x9f72a 0x9f78c: pop dx 0x9f78d: pop cx 0x9f78e: pop ax 0x9f78f: cmp ah, 0x36 0x9f792: jne 0x9f79a 0x9f794: push bp 0x9f795: mov bp, 0x281 0x9f798: jmp bp 0x9f79a: popf 0x9f79b: ljmp 0x19:0x40f8 0x9f7a0: push bp 0x9f7a1: mov bp, 0x369 0x9f7a4: jmp bp 0x9f7a6: push bp 0x9f7a7: mov bp, 0x3f0 0x9f7aa: jmp bp 0x9f7ac: push bp 0x9f7ad: mov bp, 0x49e
2018-12-17T21:59:28.874438721Z	72	PC: 1218d \| Allocate memory
2018-12-17T21:59:28.876669749Z	44	PC: 9f787 \| Get time 0x9f787: cmp cl, 0 0x9f78a: je 0x9f72a 0x9f78c: pop dx 0x9f78d: pop cx 0x9f78e: pop ax 0x9f78f: cmp ah, 0x36 0x9f792: jne 0x9f79a 0x9f794: push bp 0x9f795: mov bp, 0x281 0x9f798: jmp bp 0x9f79a: popf 0x9f79b: ljmp 0x19:0x40f8 0x9f7a0: push bp 0x9f7a1: mov bp, 0x369 0x9f7a4: jmp bp 0x9f7a6: push bp 0x9f7a7: mov bp, 0x3f0 0x9f7aa: jmp bp 0x9f7ac: push bp 0x9f7ad: mov bp, 0x49e
2018-12-17T21:59:28.879010197Z	37	PC: 123c4 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T21:59:28.880574844Z	44	PC: 9f787 \| Get time 0x9f787: cmp cl, 0 0x9f78a: je 0x9f72a 0x9f78c: pop dx 0x9f78d: pop cx 0x9f78e: pop ax 0x9f78f: cmp ah, 0x36 0x9f792: jne 0x9f79a 0x9f794: push bp 0x9f795: mov bp, 0x281 0x9f798: jmp bp 0x9f79a: popf 0x9f79b: ljmp 0x19:0x40f8 0x9f7a0: push bp 0x9f7a1: mov bp, 0x369 0x9f7a4: jmp bp 0x9f7a6: push bp 0x9f7a7: mov bp, 0x3f0 0x9f7aa: jmp bp 0x9f7ac: push bp 0x9f7ad: mov bp, 0x49e
2018-12-17T21:59:28.883398028Z	37	PC: 123cb \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T21:59:28.884568135Z	44	PC: 9f787 \| Get time 0x9f787: cmp cl, 0 0x9f78a: je 0x9f72a 0x9f78c: pop dx 0x9f78d: pop cx 0x9f78e: pop ax 0x9f78f: cmp ah, 0x36 0x9f792: jne 0x9f79a 0x9f794: push bp 0x9f795: mov bp, 0x281 0x9f798: jmp bp 0x9f79a: popf 0x9f79b: ljmp 0x19:0x40f8 0x9f7a0: push bp 0x9f7a1: mov bp, 0x369 0x9f7a4: jmp bp 0x9f7a6: push bp 0x9f7a7: mov bp, 0x3f0 0x9f7aa: jmp bp 0x9f7ac: push bp 0x9f7ad: mov bp, 0x49e
2018-12-17T21:59:28.887094935Z	37	PC: 123d2 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:59:28.888730641Z	62	PC: 9fa5b \| Close file
2018-12-17T21:59:28.89065043Z	62	PC: 9fa5b \| Close file
2018-12-17T21:59:28.893162015Z	62	PC: 9fa5b \| Close file
2018-12-17T21:59:28.895698874Z	62	PC: 9fa5b \| Close file
2018-12-17T21:59:28.897760169Z	62	PC: 9fa5b \| Close file
2018-12-17T21:59:28.908827823Z	62	PC: 9fa5b \| Close file
2018-12-17T21:59:28.911210737Z	62	PC: 9fa5b \| Close file
2018-12-17T21:59:28.913496615Z	62	PC: 9fa5b \| Close file
2018-12-17T21:59:28.924250135Z	62	PC: 9fa5b \| Close file
2018-12-17T21:59:28.926288601Z	62	PC: 9fa5b \| Close file
2018-12-17T21:59:28.928262389Z	62	PC: 9fa5b \| Close file
2018-12-17T21:59:28.931227735Z	62	PC: 9fa5b \| Close file
2018-12-17T21:59:28.934991418Z	62	PC: 9fa5b \| Close file
2018-12-17T21:59:28.9372924Z	62	PC: 9fa5b \| Close file
2018-12-17T21:59:28.94415735Z	62	PC: 9fa5b \| Close file
2018-12-17T21:59:28.947940642Z	44	PC: 9f787 \| Get time 0x9f787: cmp cl, 0 0x9f78a: je 0x9f72a 0x9f78c: pop dx 0x9f78d: pop cx 0x9f78e: pop ax 0x9f78f: cmp ah, 0x36 0x9f792: jne 0x9f79a 0x9f794: push bp 0x9f795: mov bp, 0x281 0x9f798: jmp bp 0x9f79a: popf 0x9f79b: ljmp 0x19:0x40f8 0x9f7a0: push bp 0x9f7a1: mov bp, 0x369 0x9f7a4: jmp bp 0x9f7a6: push bp 0x9f7a7: mov bp, 0x3f0 0x9f7aa: jmp bp 0x9f7ac: push bp 0x9f7ad: mov bp, 0x49e
2018-12-17T21:59:28.950384436Z	99	PC: 99f97 \| Get DBCS lead byte table pointer
2018-12-17T21:59:28.952715634Z	44	PC: 9f787 \| Get time 0x9f787: cmp cl, 0 0x9f78a: je 0x9f72a 0x9f78c: pop dx 0x9f78d: pop cx 0x9f78e: pop ax 0x9f78f: cmp ah, 0x36 0x9f792: jne 0x9f79a 0x9f794: push bp 0x9f795: mov bp, 0x281 0x9f798: jmp bp 0x9f79a: popf 0x9f79b: ljmp 0x19:0x40f8 0x9f7a0: push bp 0x9f7a1: mov bp, 0x369 0x9f7a4: jmp bp 0x9f7a6: push bp 0x9f7a7: mov bp, 0x3f0 0x9f7aa: jmp bp 0x9f7ac: push bp 0x9f7ad: mov bp, 0x49e
2018-12-17T21:59:28.955180861Z	56	PC: 947b9 \| Get or set country info
2018-12-17T21:59:28.957454189Z	44	PC: 9f787 \| Get time 0x9f787: cmp cl, 0 0x9f78a: je 0x9f72a 0x9f78c: pop dx 0x9f78d: pop cx 0x9f78e: pop ax 0x9f78f: cmp ah, 0x36 0x9f792: jne 0x9f79a 0x9f794: push bp 0x9f795: mov bp, 0x281 0x9f798: jmp bp 0x9f79a: popf 0x9f79b: ljmp 0x19:0x40f8 0x9f7a0: push bp 0x9f7a1: mov bp, 0x369 0x9f7a4: jmp bp 0x9f7a6: push bp 0x9f7a7: mov bp, 0x3f0 0x9f7aa: jmp bp 0x9f7ac: push bp 0x9f7ad: mov bp, 0x49e
2018-12-17T21:59:28.959908041Z	64	PC: 9a208 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T21:59:28.965795502Z	44	PC: 9f787 \| Get time 0x9f787: cmp cl, 0 0x9f78a: je 0x9f72a 0x9f78c: pop dx 0x9f78d: pop cx 0x9f78e: pop ax 0x9f78f: cmp ah, 0x36 0x9f792: jne 0x9f79a 0x9f794: push bp 0x9f795: mov bp, 0x281 0x9f798: jmp bp 0x9f79a: popf 0x9f79b: ljmp 0x19:0x40f8 0x9f7a0: push bp 0x9f7a1: mov bp, 0x369 0x9f7a4: jmp bp 0x9f7a6: push bp 0x9f7a7: mov bp, 0x3f0 0x9f7aa: jmp bp 0x9f7ac: push bp 0x9f7ad: mov bp, 0x49e
2018-12-17T21:59:28.967807115Z	25	PC: 94822 \| Get default drive
2018-12-17T21:59:28.969336848Z	44	PC: 9f787 \| Get time 0x9f787: cmp cl, 0 0x9f78a: je 0x9f72a 0x9f78c: pop dx 0x9f78d: pop cx 0x9f78e: pop ax 0x9f78f: cmp ah, 0x36 0x9f792: jne 0x9f79a 0x9f794: push bp 0x9f795: mov bp, 0x281 0x9f798: jmp bp 0x9f79a: popf 0x9f79b: ljmp 0x19:0x40f8 0x9f7a0: push bp 0x9f7a1: mov bp, 0x369 0x9f7a4: jmp bp 0x9f7a6: push bp 0x9f7a7: mov bp, 0x3f0 0x9f7aa: jmp bp 0x9f7ac: push bp 0x9f7ad: mov bp, 0x49e
2018-12-17T21:59:28.972040439Z	71	PC: 96a9d \| Get current directory
2018-12-17T21:59:28.975872652Z	44	PC: 9f787 \| Get time 0x9f787: cmp cl, 0 0x9f78a: je 0x9f72a 0x9f78c: pop dx 0x9f78d: pop cx 0x9f78e: pop ax 0x9f78f: cmp ah, 0x36 0x9f792: jne 0x9f79a 0x9f794: push bp 0x9f795: mov bp, 0x281 0x9f798: jmp bp 0x9f79a: popf 0x9f79b: ljmp 0x19:0x40f8 0x9f7a0: push bp 0x9f7a1: mov bp, 0x369 0x9f7a4: jmp bp 0x9f7a6: push bp 0x9f7a7: mov bp, 0x3f0 0x9f7aa: jmp bp 0x9f7ac: push bp 0x9f7ad: mov bp, 0x49e
2018-12-17T21:59:28.978283185Z	64	PC: 9a208 \| Write file or device (Write 3 bytes on handle 1)
2018-12-17T21:59:28.984691909Z	44	PC: 9f787 \| Get time 0x9f787: cmp cl, 0 0x9f78a: je 0x9f72a 0x9f78c: pop dx 0x9f78d: pop cx 0x9f78e: pop ax 0x9f78f: cmp ah, 0x36 0x9f792: jne 0x9f79a 0x9f794: push bp 0x9f795: mov bp, 0x281 0x9f798: jmp bp 0x9f79a: popf 0x9f79b: ljmp 0x19:0x40f8 0x9f7a0: push bp 0x9f7a1: mov bp, 0x369 0x9f7a4: jmp bp 0x9f7a6: push bp 0x9f7a7: mov bp, 0x3f0 0x9f7aa: jmp bp 0x9f7ac: push bp 0x9f7ad: mov bp, 0x49e
2018-12-17T21:59:28.987557611Z	2	PC: 96a72 \| Character output (Char = '3e')
2018-12-17T21:59:28.990015872Z	44	PC: 9f787 \| Get time 0x9f787: cmp cl, 0 0x9f78a: je 0x9f72a 0x9f78c: pop dx 0x9f78d: pop cx 0x9f78e: pop ax 0x9f78f: cmp ah, 0x36 0x9f792: jne 0x9f79a 0x9f794: push bp 0x9f795: mov bp, 0x281 0x9f798: jmp bp 0x9f79a: popf 0x9f79b: ljmp 0x19:0x40f8 0x9f7a0: push bp 0x9f7a1: mov bp, 0x369 0x9f7a4: jmp bp 0x9f7a6: push bp 0x9f7a7: mov bp, 0x3f0 0x9f7aa: jmp bp 0x9f7ac: push bp 0x9f7ad: mov bp, 0x49e
2018-12-17T21:59:28.993399948Z	93	PC: 948e0 \| File sharing functions
2018-12-17T21:59:28.995099751Z	44	PC: 9f787 \| Get time 0x9f787: cmp cl, 0 0x9f78a: je 0x9f72a 0x9f78c: pop dx 0x9f78d: pop cx 0x9f78e: pop ax 0x9f78f: cmp ah, 0x36 0x9f792: jne 0x9f79a 0x9f794: push bp 0x9f795: mov bp, 0x281 0x9f798: jmp bp 0x9f79a: popf 0x9f79b: ljmp 0x19:0x40f8 0x9f7a0: push bp 0x9f7a1: mov bp, 0x369 0x9f7a4: jmp bp 0x9f7a6: push bp 0x9f7a7: mov bp, 0x3f0 0x9f7aa: jmp bp 0x9f7ac: push bp 0x9f7ad: mov bp, 0x49e
2018-12-17T21:59:28.997122797Z	93	PC: 948e7 \| File sharing functions
2018-12-17T21:59:28.999525986Z	44	PC: 9f787 \| Get time 0x9f787: cmp cl, 0 0x9f78a: je 0x9f72a 0x9f78c: pop dx 0x9f78d: pop cx 0x9f78e: pop ax 0x9f78f: cmp ah, 0x36 0x9f792: jne 0x9f79a 0x9f794: push bp 0x9f795: mov bp, 0x281 0x9f798: jmp bp 0x9f79a: popf 0x9f79b: ljmp 0x19:0x40f8 0x9f7a0: push bp 0x9f7a1: mov bp, 0x369 0x9f7a4: jmp bp 0x9f7a6: push bp 0x9f7a7: mov bp, 0x3f0 0x9f7aa: jmp bp 0x9f7ac: push bp 0x9f7ad: mov bp, 0x49e
2018-12-17T21:59:29.002566213Z	10	PC: 948f9 \| Buffered keyboard input

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":1051,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:42:28.040799833Z	221	PC: 12a49 \| UNKNOWN!
2018-12-25T11:42:28.04472404Z	53	PC: 12a58 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:42:28.046527655Z	37	PC: 12a95 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:42:28.050026692Z	44	PC: 9f787 \| Get time 0x9f787: cmp cl, 0 0x9f78a: je 0x9f72a 0x9f78c: pop dx 0x9f78d: pop cx 0x9f78e: pop ax 0x9f78f: cmp ah, 0x36 0x9f792: jne 0x9f79a 0x9f794: push bp 0x9f795: mov bp, 0x281 0x9f798: jmp bp 0x9f79a: popf 0x9f79b: ljmp 0x19:0x40f8 0x9f7a0: push bp 0x9f7a1: mov bp, 0x369 0x9f7a4: jmp bp 0x9f7a6: push bp 0x9f7a7: mov bp, 0x3f0 0x9f7aa: jmp bp 0x9f7ac: push bp 0x9f7ad: mov bp, 0x49e
2018-12-25T11:42:28.05272511Z	77	PC: 11fe0 \| Get program return code
2018-12-25T11:42:28.055170427Z	44	PC: 9f787 \| Get time (See above)
2018-12-25T11:42:28.057754232Z	72	PC: 12174 \| Allocate memory
2018-12-25T11:42:28.060606408Z	44	PC: 9f787 \| Get time (See above)
2018-12-25T11:42:28.071479394Z	72	PC: 1218d \| Allocate memory
2018-12-25T11:42:28.074021342Z	44	PC: 9f787 \| Get time (See above)
2018-12-25T11:42:28.076893356Z	37	PC: 123c4 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-25T11:42:28.079429751Z	44	PC: 9f787 \| Get time (See above)
2018-12-25T11:42:28.08189705Z	37	PC: 123cb \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-25T11:42:28.08341083Z	44	PC: 9f787 \| Get time (See above)
2018-12-25T11:42:28.08740792Z	37	PC: 123d2 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:42:28.089394063Z	62	PC: 9fa5b \| Close file
2018-12-25T11:42:28.091716538Z	62	PC: 9fa5b \| Close file (See above)
2018-12-25T11:42:28.094319399Z	62	PC: 9fa5b \| Close file (See above)
2018-12-25T11:42:28.097269332Z	62	PC: 9fa5b \| Close file (See above)
2018-12-25T11:42:28.099257109Z	62	PC: 9fa5b \| Close file (See above)
2018-12-25T11:42:28.101189742Z	62	PC: 9fa5b \| Close file (See above)
2018-12-25T11:42:28.103864348Z	62	PC: 9fa5b \| Close file (See above)
2018-12-25T11:42:28.106087508Z	62	PC: 9fa5b \| Close file (See above)
2018-12-25T11:42:28.108310149Z	62	PC: 9fa5b \| Close file (See above)
2018-12-25T11:42:28.110941333Z	62	PC: 9fa5b \| Close file (See above)
2018-12-25T11:42:28.113148436Z	62	PC: 9fa5b \| Close file (See above)
2018-12-25T11:42:28.115339503Z	62	PC: 9fa5b \| Close file (See above)
2018-12-25T11:42:28.118472959Z	62	PC: 9fa5b \| Close file (See above)
2018-12-25T11:42:28.121048643Z	62	PC: 9fa5b \| Close file (See above)
2018-12-25T11:42:28.123230513Z	62	PC: 9fa5b \| Close file (See above)
2018-12-25T11:42:28.127445275Z	44	PC: 9f787 \| Get time (See above)
2018-12-25T11:42:28.129797069Z	99	PC: 99f97 \| Get DBCS lead byte table pointer
2018-12-25T11:42:28.131388365Z	44	PC: 9f787 \| Get time (See above)
2018-12-25T11:42:28.134391724Z	56	PC: 947b9 \| Get or set country info
2018-12-25T11:42:28.136663625Z	44	PC: 9f787 \| Get time (See above)
2018-12-25T11:42:28.139011969Z	64	PC: 9a208 \| Write file or device (Write 2 bytes on handle 1)
2018-12-25T11:42:28.144944361Z	44	PC: 9f787 \| Get time (See above)
2018-12-25T11:42:28.147559272Z	25	PC: 94822 \| Get default drive
2018-12-25T11:42:28.149398842Z	44	PC: 9f787 \| Get time (See above)
2018-12-25T11:42:28.151642786Z	71	PC: 96a9d \| Get current directory
2018-12-25T11:42:28.156599626Z	44	PC: 9f787 \| Get time (See above)
2018-12-25T11:42:28.158910752Z	64	PC: 9a208 \| Write file or device (See above)
2018-12-25T11:42:28.162280375Z	44	PC: 9f787 \| Get time (See above)
2018-12-25T11:42:28.165472987Z	2	PC: 96a72 \| Character output (Char = '3e')
2018-12-25T11:42:28.167871523Z	44	PC: 9f787 \| Get time (See above)
2018-12-25T11:42:28.170155685Z	93	PC: 948e0 \| File sharing functions
2018-12-25T11:42:28.17278118Z	44	PC: 9f787 \| Get time (See above)
2018-12-25T11:42:28.17537954Z	93	PC: 948e7 \| File sharing functions
2018-12-25T11:42:28.177368827Z	44	PC: 9f787 \| Get time (See above)
2018-12-25T11:42:28.180309637Z	10	PC: 948f9 \| Buffered keyboard input

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":1,"Second":0,"TimeBased":true,"OriginalID":1051,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:42:28.206008746Z	221	PC: 12a49 \| UNKNOWN!
2018-12-25T11:42:28.208190432Z	53	PC: 12a58 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:42:28.210090079Z	37	PC: 12a95 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:42:28.214082468Z	44	PC: 9f787 \| Get time 0x9f787: cmp cl, 0 0x9f78a: je 0x9f72a 0x9f78c: pop dx 0x9f78d: pop cx 0x9f78e: pop ax 0x9f78f: cmp ah, 0x36 0x9f792: jne 0x9f79a 0x9f794: push bp 0x9f795: mov bp, 0x281 0x9f798: jmp bp 0x9f79a: popf 0x9f79b: ljmp 0x19:0x40f8 0x9f7a0: push bp 0x9f7a1: mov bp, 0x369 0x9f7a4: jmp bp 0x9f7a6: push bp 0x9f7a7: mov bp, 0x3f0 0x9f7aa: jmp bp 0x9f7ac: push bp 0x9f7ad: mov bp, 0x49e
2018-12-25T11:42:28.216877421Z	77	PC: 11fe0 \| Get program return code
2018-12-25T11:42:28.219817162Z	44	PC: 9f787 \| Get time (See above)
2018-12-25T11:42:28.222607845Z	72	PC: 12174 \| Allocate memory
2018-12-25T11:42:28.225037847Z	44	PC: 9f787 \| Get time (See above)
2018-12-25T11:42:28.228407341Z	72	PC: 1218d \| Allocate memory
2018-12-25T11:42:28.231271495Z	44	PC: 9f787 \| Get time (See above)
2018-12-25T11:42:28.234052145Z	37	PC: 123c4 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-25T11:42:28.244580259Z	44	PC: 9f787 \| Get time (See above)
2018-12-25T11:42:28.247370864Z	37	PC: 123cb \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-25T11:42:28.249139399Z	44	PC: 9f787 \| Get time (See above)
2018-12-25T11:42:28.255593456Z	37	PC: 123d2 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:42:28.257584783Z	62	PC: 9fa5b \| Close file
2018-12-25T11:42:28.259946936Z	62	PC: 9fa5b \| Close file (See above)
2018-12-25T11:42:28.262821579Z	62	PC: 9fa5b \| Close file (See above)
2018-12-25T11:42:28.265631011Z	62	PC: 9fa5b \| Close file (See above)
2018-12-25T11:42:28.26824816Z	62	PC: 9fa5b \| Close file (See above)
2018-12-25T11:42:28.271162965Z	62	PC: 9fa5b \| Close file (See above)
2018-12-25T11:42:28.284927255Z	62	PC: 9fa5b \| Close file (See above)
2018-12-25T11:42:28.287586712Z	62	PC: 9fa5b \| Close file (See above)
2018-12-25T11:42:28.29039667Z	62	PC: 9fa5b \| Close file (See above)
2018-12-25T11:42:28.302453954Z	62	PC: 9fa5b \| Close file (See above)
2018-12-25T11:42:28.305074947Z	62	PC: 9fa5b \| Close file (See above)
2018-12-25T11:42:28.307692582Z	62	PC: 9fa5b \| Close file (See above)
2018-12-25T11:42:28.311126017Z	62	PC: 9fa5b \| Close file (See above)
2018-12-25T11:42:28.315230591Z	62	PC: 9fa5b \| Close file (See above)
2018-12-25T11:42:28.321567347Z	62	PC: 9fa5b \| Close file (See above)
2018-12-25T11:42:28.33462893Z	44	PC: 9f787 \| Get time (See above)
2018-12-25T11:42:28.337898564Z	99	PC: 99f97 \| Get DBCS lead byte table pointer
2018-12-25T11:42:28.339868683Z	44	PC: 9f787 \| Get time (See above)
2018-12-25T11:42:28.344415901Z	56	PC: 947b9 \| Get or set country info
2018-12-25T11:42:28.347007786Z	44	PC: 9f787 \| Get time (See above)
2018-12-25T11:42:28.350341269Z	64	PC: 9a208 \| Write file or device (Write 2 bytes on handle 1)
2018-12-25T11:42:28.35646341Z	44	PC: 9f787 \| Get time (See above)
2018-12-25T11:42:28.360718219Z	25	PC: 94822 \| Get default drive
2018-12-25T11:42:28.362622814Z	44	PC: 9f787 \| Get time (See above)
2018-12-25T11:42:28.365047044Z	71	PC: 96a9d \| Get current directory
2018-12-25T11:42:28.370182743Z	44	PC: 9f787 \| Get time (See above)
2018-12-25T11:42:28.372455711Z	64	PC: 9a208 \| Write file or device (See above)
2018-12-25T11:42:28.37596664Z	44	PC: 9f787 \| Get time (See above)
2018-12-25T11:42:28.378891029Z	2	PC: 96a72 \| Character output (Char = '3e')
2018-12-25T11:42:28.392761593Z	44	PC: 9f787 \| Get time (See above)
2018-12-25T11:42:28.395201317Z	93	PC: 948e0 \| File sharing functions
2018-12-25T11:42:28.397826409Z	44	PC: 9f787 \| Get time (See above)
2018-12-25T11:42:28.40036302Z	93	PC: 948e7 \| File sharing functions
2018-12-25T11:42:28.402680001Z	44	PC: 9f787 \| Get time (See above)
2018-12-25T11:42:28.405960952Z	10	PC: 948f9 \| Buffered keyboard input