Sample viewer

vx.netlux.org/Virus.DOS.SillyC.681

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:51:53.50096876Z	53	PC: 13648 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:51:53.503143112Z	37	PC: 13656 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:51:53.505199191Z	42	PC: 1365a \| Get date 0x1365a: push dx 0x1365b: cmp dh, 0xc 0x1365e: jne 0x13662 0x13660: mov dh, 0 0x13662: inc dh 0x13664: push word ptr [bp + 0x2d] 0x13667: mov word ptr [bp + 0x2d], dx 0x1366a: mov di, 0x100 0x1366d: mov si, 3 0x13670: add si, bp 0x13672: mov cx, 4 0x13675: rep movsb byte ptr es:[di], byte ptr [si] 0x13677: mov si, 0x80 0x1367a: mov di, bp 0x1367c: add di, 0x2a9 0x13680: mov cx, 0x2c 0x13683: rep movsb byte ptr es:[di], byte ptr [si] 0x13685: mov di, 0x14 0x13688: add di, bp 0x1368a: mov si, 0xb
2018-12-17T22:51:53.508467439Z	78	PC: 136a0 \| Find first file
2018-12-17T22:51:53.514671632Z	78	PC: 136f8 \| Find first file
2018-12-17T22:51:53.521342985Z	61	PC: 1373e \| Open file (Filename = 'c:\COMMAND.COM')
2018-12-17T22:51:53.527487153Z	66	PC: 13893 \| Move file pointer
2018-12-17T22:51:53.529050198Z	66	PC: 1389f \| Move file pointer
2018-12-17T22:51:53.531484792Z	63	PC: 13773 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:51:53.534086858Z	87	PC: 137a2 \| Get or set file date and time
2018-12-17T22:51:53.541699686Z	67	PC: 137b1 \| Get or set file attributes
2018-12-17T22:51:53.547540008Z	67	PC: 137bd \| Get or set file attributes
2018-12-17T22:51:53.890192712Z	66	PC: 1389f \| Move file pointer
2018-12-17T22:51:53.89160656Z	64	PC: 137e0 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:51:53.894708257Z	66	PC: 13893 \| Move file pointer
2018-12-17T22:51:53.897067896Z	64	PC: 13800 \| Write file or device (Write 681 bytes on handle 5)
2018-12-17T22:51:53.907693027Z	67	PC: 13810 \| Get or set file attributes
2018-12-17T22:51:53.918209541Z	87	PC: 13818 \| Get or set file date and time
2018-12-17T22:51:53.920977619Z	62	PC: 1381c \| Close file
2018-12-17T22:51:53.927355484Z	79	PC: 13821 \| Find next file
2018-12-17T22:51:53.930280923Z	78	PC: 136f8 \| Find first file
2018-12-17T22:51:53.937642673Z	61	PC: 1373e \| Open file (Filename = '\SLEEP.COM')
2018-12-17T22:51:53.944300604Z	66	PC: 13893 \| Move file pointer
2018-12-17T22:51:53.946049441Z	66	PC: 1389f \| Move file pointer
2018-12-17T22:51:53.948601747Z	63	PC: 13773 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:51:53.955038945Z	87	PC: 137a2 \| Get or set file date and time
2018-12-17T22:51:53.956614557Z	67	PC: 137b1 \| Get or set file attributes
2018-12-17T22:51:53.963188642Z	67	PC: 137bd \| Get or set file attributes
2018-12-17T22:51:53.978786816Z	66	PC: 1389f \| Move file pointer
2018-12-17T22:51:53.98087743Z	64	PC: 137e0 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:51:53.984664546Z	66	PC: 13893 \| Move file pointer
2018-12-17T22:51:53.986511326Z	64	PC: 13800 \| Write file or device (Write 681 bytes on handle 5)
2018-12-17T22:51:53.995458558Z	67	PC: 13810 \| Get or set file attributes
2018-12-17T22:51:54.007017047Z	87	PC: 13818 \| Get or set file date and time
2018-12-17T22:51:54.008558683Z	62	PC: 1381c \| Close file
2018-12-17T22:51:54.015389771Z	79	PC: 13821 \| Find next file
2018-12-17T22:51:54.018588238Z	61	PC: 1373e \| Open file (Filename = '\PRINT.COM')
2018-12-17T22:51:54.025062692Z	66	PC: 13893 \| Move file pointer
2018-12-17T22:51:54.026428979Z	66	PC: 1389f \| Move file pointer
2018-12-17T22:51:54.028525886Z	63	PC: 13773 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:51:54.034802914Z	87	PC: 137a2 \| Get or set file date and time
2018-12-17T22:51:54.036177563Z	67	PC: 137b1 \| Get or set file attributes
2018-12-17T22:51:54.04239498Z	67	PC: 137bd \| Get or set file attributes
2018-12-17T22:51:54.055255155Z	66	PC: 1389f \| Move file pointer
2018-12-17T22:51:54.057025511Z	64	PC: 137e0 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:51:54.064626527Z	66	PC: 13893 \| Move file pointer
2018-12-17T22:51:54.066286569Z	64	PC: 13800 \| Write file or device (Write 681 bytes on handle 5)
2018-12-17T22:51:54.074284586Z	67	PC: 13810 \| Get or set file attributes
2018-12-17T22:51:54.085958402Z	87	PC: 13818 \| Get or set file date and time
2018-12-17T22:51:54.087557415Z	62	PC: 1381c \| Close file
2018-12-17T22:51:54.094340842Z	79	PC: 13821 \| Find next file
2018-12-17T22:51:54.097998836Z	61	PC: 1373e \| Open file (Filename = '\HELLO.COM')
2018-12-17T22:51:54.104378913Z	66	PC: 13893 \| Move file pointer
2018-12-17T22:51:54.10573745Z	66	PC: 1389f \| Move file pointer
2018-12-17T22:51:54.1079921Z	63	PC: 13773 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:51:54.114207124Z	87	PC: 137a2 \| Get or set file date and time
2018-12-17T22:51:54.116196037Z	67	PC: 137b1 \| Get or set file attributes
2018-12-17T22:51:54.121978773Z	67	PC: 137bd \| Get or set file attributes
2018-12-17T22:51:54.132512216Z	66	PC: 1389f \| Move file pointer
2018-12-17T22:51:54.133940178Z	64	PC: 137e0 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:51:54.13954203Z	66	PC: 13893 \| Move file pointer
2018-12-17T22:51:54.141151825Z	64	PC: 13800 \| Write file or device (Write 681 bytes on handle 5)
2018-12-17T22:51:54.149068366Z	67	PC: 13810 \| Get or set file attributes
2018-12-17T22:51:54.159799739Z	87	PC: 13818 \| Get or set file date and time
2018-12-17T22:51:54.162824038Z	62	PC: 1381c \| Close file
2018-12-17T22:51:54.169668564Z	79	PC: 13821 \| Find next file
2018-12-17T22:51:54.172329319Z	61	PC: 1373e \| Open file (Filename = '\PHANG.COM')
2018-12-17T22:51:54.178895467Z	66	PC: 13893 \| Move file pointer
2018-12-17T22:51:54.180308228Z	66	PC: 1389f \| Move file pointer
2018-12-17T22:51:54.181678298Z	63	PC: 13773 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:51:54.18854853Z	87	PC: 137a2 \| Get or set file date and time
2018-12-17T22:51:54.189954061Z	67	PC: 137b1 \| Get or set file attributes
2018-12-17T22:51:54.195501874Z	67	PC: 137bd \| Get or set file attributes
2018-12-17T22:51:54.205471356Z	66	PC: 1389f \| Move file pointer
2018-12-17T22:51:54.206720303Z	64	PC: 137e0 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:51:54.209311935Z	66	PC: 13893 \| Move file pointer
2018-12-17T22:51:54.211040106Z	64	PC: 13800 \| Write file or device (Write 681 bytes on handle 5)
2018-12-17T22:51:54.218711389Z	67	PC: 13810 \| Get or set file attributes
2018-12-17T22:51:54.229064872Z	87	PC: 13818 \| Get or set file date and time
2018-12-17T22:51:54.23152758Z	62	PC: 1381c \| Close file
2018-12-17T22:51:54.238328307Z	79	PC: 13821 \| Find next file
2018-12-17T22:51:54.241372296Z	61	PC: 1373e \| Open file (Filename = '\PRINTA~1.COM')
2018-12-17T22:51:54.254182114Z	66	PC: 13893 \| Move file pointer
2018-12-17T22:51:54.255861872Z	66	PC: 1389f \| Move file pointer
2018-12-17T22:51:54.257500688Z	63	PC: 13773 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:51:54.264888399Z	87	PC: 137a2 \| Get or set file date and time
2018-12-17T22:51:54.266526355Z	67	PC: 137b1 \| Get or set file attributes
2018-12-17T22:51:54.272425062Z	67	PC: 137bd \| Get or set file attributes
2018-12-17T22:51:54.282831205Z	66	PC: 1389f \| Move file pointer
2018-12-17T22:51:54.284421779Z	64	PC: 137e0 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:51:54.287628784Z	66	PC: 13893 \| Move file pointer
2018-12-17T22:51:54.290326978Z	64	PC: 13800 \| Write file or device (Write 681 bytes on handle 5)
2018-12-17T22:51:54.299410864Z	67	PC: 13810 \| Get or set file attributes
2018-12-17T22:51:54.310060168Z	87	PC: 13818 \| Get or set file date and time
2018-12-17T22:51:54.312097494Z	62	PC: 1381c \| Close file
2018-12-17T22:51:54.319281725Z	79	PC: 13821 \| Find next file
2018-12-17T22:51:54.322441147Z	61	PC: 1373e \| Open file (Filename = '\MANDEL.COM')
2018-12-17T22:51:54.329842767Z	66	PC: 13893 \| Move file pointer
2018-12-17T22:51:54.331266621Z	66	PC: 1389f \| Move file pointer
2018-12-17T22:51:54.332552643Z	63	PC: 13773 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:51:54.339313924Z	87	PC: 137a2 \| Get or set file date and time
2018-12-17T22:51:54.341020107Z	67	PC: 137b1 \| Get or set file attributes
2018-12-17T22:51:54.346767839Z	67	PC: 137bd \| Get or set file attributes
2018-12-17T22:51:54.35747295Z	66	PC: 1389f \| Move file pointer
2018-12-17T22:51:54.358923436Z	64	PC: 137e0 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:51:54.361633096Z	66	PC: 13893 \| Move file pointer
2018-12-17T22:51:54.363331655Z	64	PC: 13800 \| Write file or device (Write 681 bytes on handle 5)
2018-12-17T22:51:54.372838343Z	67	PC: 13810 \| Get or set file attributes
2018-12-17T22:51:54.383323533Z	87	PC: 13818 \| Get or set file date and time
2018-12-17T22:51:54.384892229Z	62	PC: 1381c \| Close file
2018-12-17T22:51:54.392737153Z	79	PC: 13821 \| Find next file
2018-12-17T22:51:54.395691253Z	61	PC: 1373e \| Open file (Filename = '\PAH.COM')
2018-12-17T22:51:54.402388896Z	66	PC: 13893 \| Move file pointer
2018-12-17T22:51:54.404214969Z	66	PC: 1389f \| Move file pointer
2018-12-17T22:51:54.405579851Z	63	PC: 13773 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:51:54.411922439Z	87	PC: 137a2 \| Get or set file date and time
2018-12-17T22:51:54.414103429Z	67	PC: 137b1 \| Get or set file attributes
2018-12-17T22:51:54.419867747Z	67	PC: 137bd \| Get or set file attributes
2018-12-17T22:51:54.429732973Z	66	PC: 1389f \| Move file pointer
2018-12-17T22:51:54.432135533Z	64	PC: 137e0 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:51:54.435280388Z	66	PC: 13893 \| Move file pointer
2018-12-17T22:51:54.436830213Z	64	PC: 13800 \| Write file or device (Write 681 bytes on handle 5)
2018-12-17T22:51:54.445949723Z	67	PC: 13810 \| Get or set file attributes
2018-12-17T22:51:54.457198487Z	87	PC: 13818 \| Get or set file date and time
2018-12-17T22:51:54.45884375Z	62	PC: 1381c \| Close file
2018-12-17T22:51:54.46657831Z	79	PC: 13821 \| Find next file
2018-12-17T22:51:54.469418689Z	61	PC: 1373e \| Open file (Filename = '\TEST.COM')
2018-12-17T22:51:54.476069302Z	66	PC: 13893 \| Move file pointer
2018-12-17T22:51:54.478356198Z	66	PC: 1389f \| Move file pointer
2018-12-17T22:51:54.480068451Z	63	PC: 13773 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:51:54.486873229Z	62	PC: 1381c \| Close file
2018-12-17T22:51:54.489557196Z	79	PC: 13821 \| Find next file
2018-12-17T22:51:54.492147263Z	78	PC: 136f8 \| Find first file
2018-12-17T22:51:54.498192976Z	61	PC: 1373e \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:51:54.505803389Z	66	PC: 13893 \| Move file pointer
2018-12-17T22:51:54.507575355Z	66	PC: 1389f \| Move file pointer
2018-12-17T22:51:54.509270326Z	63	PC: 13773 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:51:54.516822922Z	62	PC: 1381c \| Close file
2018-12-17T22:51:54.519298771Z	79	PC: 13821 \| Find next file
2018-12-17T22:51:54.522320016Z	61	PC: 1373e \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:51:54.534580975Z	66	PC: 13893 \| Move file pointer
2018-12-17T22:51:54.537224638Z	66	PC: 1389f \| Move file pointer
2018-12-17T22:51:54.53886098Z	63	PC: 13773 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:51:54.545534677Z	62	PC: 1381c \| Close file
2018-12-17T22:51:54.547230175Z	79	PC: 13821 \| Find next file
2018-12-17T22:51:54.549051261Z	61	PC: 1373e \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:51:54.553173296Z	66	PC: 13893 \| Move file pointer
2018-12-17T22:51:54.554741493Z	66	PC: 1389f \| Move file pointer
2018-12-17T22:51:54.555924666Z	63	PC: 13773 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:51:54.562209559Z	62	PC: 1381c \| Close file
2018-12-17T22:51:54.563841184Z	79	PC: 13821 \| Find next file
2018-12-17T22:51:54.566382866Z	61	PC: 1373e \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:51:54.572879234Z	66	PC: 13893 \| Move file pointer
2018-12-17T22:51:54.574671751Z	66	PC: 1389f \| Move file pointer
2018-12-17T22:51:54.576543623Z	63	PC: 13773 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:51:54.583030237Z	62	PC: 1381c \| Close file
2018-12-17T22:51:54.585262559Z	79	PC: 13821 \| Find next file
2018-12-17T22:51:54.592091313Z	61	PC: 1373e \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:51:54.599395439Z	66	PC: 13893 \| Move file pointer
2018-12-17T22:51:54.602418663Z	66	PC: 1389f \| Move file pointer
2018-12-17T22:51:54.604073087Z	63	PC: 13773 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:51:54.610577568Z	62	PC: 1381c \| Close file
2018-12-17T22:51:54.613770082Z	79	PC: 13821 \| Find next file
2018-12-17T22:51:54.616501863Z	61	PC: 1373e \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:51:54.623855125Z	66	PC: 13893 \| Move file pointer
2018-12-17T22:51:54.62695692Z	66	PC: 1389f \| Move file pointer
2018-12-17T22:51:54.628736598Z	63	PC: 13773 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:51:54.635351505Z	62	PC: 1381c \| Close file
2018-12-17T22:51:54.638809756Z	79	PC: 13821 \| Find next file
2018-12-17T22:51:54.641795144Z	61	PC: 1373e \| Open file (Filename = 'PAH.COM')
2018-12-17T22:51:54.648661173Z	66	PC: 13893 \| Move file pointer
2018-12-17T22:51:54.651744247Z	66	PC: 1389f \| Move file pointer
2018-12-17T22:51:54.65378094Z	63	PC: 13773 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:51:54.660649976Z	62	PC: 1381c \| Close file
2018-12-17T22:51:54.664030562Z	79	PC: 13821 \| Find next file
2018-12-17T22:51:54.667220447Z	61	PC: 1373e \| Open file (Filename = 'TEST.COM')
2018-12-17T22:51:54.675396742Z	66	PC: 13893 \| Move file pointer
2018-12-17T22:51:54.677213322Z	66	PC: 1389f \| Move file pointer
2018-12-17T22:51:54.678345539Z	63	PC: 13773 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:51:54.682251383Z	62	PC: 1381c \| Close file
2018-12-17T22:51:54.684208671Z	79	PC: 13821 \| Find next file
2018-12-17T22:51:54.685921485Z	37	PC: 1387c \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:51:54.687221957Z	76	PC: 12a48 \| Terminate with return code (Return code = '76')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":10701,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:28:54.346276658Z	53	PC: 13648 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:28:54.347670857Z	37	PC: 13656 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:28:54.348647779Z	42	PC: 1365a \| Get date 0x1365a: push dx 0x1365b: cmp dh, 0xc 0x1365e: jne 0x13662 0x13660: mov dh, 0 0x13662: inc dh 0x13664: push word ptr [bp + 0x2d] 0x13667: mov word ptr [bp + 0x2d], dx 0x1366a: mov di, 0x100 0x1366d: mov si, 3 0x13670: add si, bp 0x13672: mov cx, 4 0x13675: rep movsb byte ptr es:[di], byte ptr [si] 0x13677: mov si, 0x80 0x1367a: mov di, bp 0x1367c: add di, 0x2a9 0x13680: mov cx, 0x2c 0x13683: rep movsb byte ptr es:[di], byte ptr [si] 0x13685: mov di, 0x14 0x13688: add di, bp 0x1368a: mov si, 0xb
2018-12-25T12:28:54.350526522Z	78	PC: 136a0 \| Find first file
2018-12-25T12:28:54.354405931Z	78	PC: 136f8 \| Find first file
2018-12-25T12:28:54.358004841Z	61	PC: 1373e \| Open file (Filename = 'c:\COMMAND.COM')
2018-12-25T12:28:54.362081443Z	66	PC: 13893 \| Move file pointer
2018-12-25T12:28:54.363542137Z	66	PC: 1389f \| Move file pointer
2018-12-25T12:28:54.364955951Z	63	PC: 13773 \| Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:28:54.366812811Z	87	PC: 137a2 \| Get or set file date and time
2018-12-25T12:28:54.367925338Z	67	PC: 137b1 \| Get or set file attributes
2018-12-25T12:28:54.371695082Z	67	PC: 137bd \| Get or set file attributes
2018-12-25T12:28:54.699056827Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:54.700468099Z	64	PC: 137e0 \| Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:28:54.703808308Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:54.705481043Z	64	PC: 13800 \| Write file or device (Write 681 bytes on handle 5)
2018-12-25T12:28:54.714717916Z	67	PC: 13810 \| Get or set file attributes
2018-12-25T12:28:54.725037673Z	87	PC: 13818 \| Get or set file date and time
2018-12-25T12:28:54.726589817Z	62	PC: 1381c \| Close file
2018-12-25T12:28:54.732321305Z	79	PC: 13821 \| Find next file
2018-12-25T12:28:54.735289145Z	78	PC: 136f8 \| Find first file (See above)
2018-12-25T12:28:54.742013503Z	61	PC: 1373e \| Open file (See above)
2018-12-25T12:28:54.748261061Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:54.750209418Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:54.75249909Z	63	PC: 13773 \| Read file or device (See above)
2018-12-25T12:28:54.758666816Z	87	PC: 137a2 \| Get or set file date and time (See above)
2018-12-25T12:28:54.761059691Z	67	PC: 137b1 \| Get or set file attributes (See above)
2018-12-25T12:28:54.766921299Z	67	PC: 137bd \| Get or set file attributes (See above)
2018-12-25T12:28:54.78366162Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:54.785125363Z	64	PC: 137e0 \| Write file or device (See above)
2018-12-25T12:28:54.788048804Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:54.789832486Z	64	PC: 13800 \| Write file or device (See above)
2018-12-25T12:28:54.798383751Z	67	PC: 13810 \| Get or set file attributes (See above)
2018-12-25T12:28:54.80998878Z	87	PC: 13818 \| Get or set file date and time (See above)
2018-12-25T12:28:54.811619352Z	62	PC: 1381c \| Close file (See above)
2018-12-25T12:28:54.819860361Z	79	PC: 13821 \| Find next file (See above)
2018-12-25T12:28:54.832995073Z	61	PC: 1373e \| Open file (See above)
2018-12-25T12:28:54.839274932Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:54.840544487Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:54.851860799Z	63	PC: 13773 \| Read file or device (See above)
2018-12-25T12:28:54.858413812Z	87	PC: 137a2 \| Get or set file date and time (See above)
2018-12-25T12:28:54.859798555Z	67	PC: 137b1 \| Get or set file attributes (See above)
2018-12-25T12:28:54.866653525Z	67	PC: 137bd \| Get or set file attributes (See above)
2018-12-25T12:28:54.876594851Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:54.87807713Z	64	PC: 137e0 \| Write file or device (See above)
2018-12-25T12:28:54.881895078Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:54.884448988Z	64	PC: 13800 \| Write file or device (See above)
2018-12-25T12:28:54.894040021Z	67	PC: 13810 \| Get or set file attributes (See above)
2018-12-25T12:28:54.913719273Z	87	PC: 13818 \| Get or set file date and time (See above)
2018-12-25T12:28:54.915253138Z	62	PC: 1381c \| Close file (See above)
2018-12-25T12:28:54.922224423Z	79	PC: 13821 \| Find next file (See above)
2018-12-25T12:28:54.925712632Z	61	PC: 1373e \| Open file (See above)
2018-12-25T12:28:54.932580774Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:54.934334683Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:54.936734264Z	63	PC: 13773 \| Read file or device (See above)
2018-12-25T12:28:54.943743062Z	87	PC: 137a2 \| Get or set file date and time (See above)
2018-12-25T12:28:54.945366179Z	67	PC: 137b1 \| Get or set file attributes (See above)
2018-12-25T12:28:54.951913004Z	67	PC: 137bd \| Get or set file attributes (See above)
2018-12-25T12:28:54.967398235Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:54.969099431Z	64	PC: 137e0 \| Write file or device (See above)
2018-12-25T12:28:54.973403668Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:54.975288522Z	64	PC: 13800 \| Write file or device (See above)
2018-12-25T12:28:54.992834278Z	67	PC: 13810 \| Get or set file attributes (See above)
2018-12-25T12:28:55.003398794Z	87	PC: 13818 \| Get or set file date and time (See above)
2018-12-25T12:28:55.00506322Z	62	PC: 1381c \| Close file (See above)
2018-12-25T12:28:55.009765146Z	79	PC: 13821 \| Find next file (See above)
2018-12-25T12:28:55.011904072Z	61	PC: 1373e \| Open file (See above)
2018-12-25T12:28:55.016939725Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.018121902Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.019331734Z	63	PC: 13773 \| Read file or device (See above)
2018-12-25T12:28:55.024463656Z	87	PC: 137a2 \| Get or set file date and time (See above)
2018-12-25T12:28:55.025832727Z	67	PC: 137b1 \| Get or set file attributes (See above)
2018-12-25T12:28:55.02954986Z	67	PC: 137bd \| Get or set file attributes (See above)
2018-12-25T12:28:55.036724179Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.037830476Z	64	PC: 137e0 \| Write file or device (See above)
2018-12-25T12:28:55.039896491Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.041294735Z	64	PC: 13800 \| Write file or device (See above)
2018-12-25T12:28:55.049270179Z	67	PC: 13810 \| Get or set file attributes (See above)
2018-12-25T12:28:55.059637765Z	87	PC: 13818 \| Get or set file date and time (See above)
2018-12-25T12:28:55.061722864Z	62	PC: 1381c \| Close file (See above)
2018-12-25T12:28:55.068506419Z	79	PC: 13821 \| Find next file (See above)
2018-12-25T12:28:55.071240152Z	61	PC: 1373e \| Open file (See above)
2018-12-25T12:28:55.082572939Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.084053742Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.085620888Z	63	PC: 13773 \| Read file or device (See above)
2018-12-25T12:28:55.092517295Z	87	PC: 137a2 \| Get or set file date and time (See above)
2018-12-25T12:28:55.093762159Z	67	PC: 137b1 \| Get or set file attributes (See above)
2018-12-25T12:28:55.099407885Z	67	PC: 137bd \| Get or set file attributes (See above)
2018-12-25T12:28:55.106875046Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.107784017Z	64	PC: 137e0 \| Write file or device (See above)
2018-12-25T12:28:55.109840682Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.111776967Z	64	PC: 13800 \| Write file or device (See above)
2018-12-25T12:28:55.118091011Z	67	PC: 13810 \| Get or set file attributes (See above)
2018-12-25T12:28:55.128705543Z	87	PC: 13818 \| Get or set file date and time (See above)
2018-12-25T12:28:55.13203816Z	62	PC: 1381c \| Close file (See above)
2018-12-25T12:28:55.140140277Z	79	PC: 13821 \| Find next file (See above)
2018-12-25T12:28:55.142769372Z	61	PC: 1373e \| Open file (See above)
2018-12-25T12:28:55.154755589Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.156135025Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.158275658Z	63	PC: 13773 \| Read file or device (See above)
2018-12-25T12:28:55.165642742Z	87	PC: 137a2 \| Get or set file date and time (See above)
2018-12-25T12:28:55.17176102Z	67	PC: 137b1 \| Get or set file attributes (See above)
2018-12-25T12:28:55.177720915Z	67	PC: 137bd \| Get or set file attributes (See above)
2018-12-25T12:28:55.188441404Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.189798756Z	64	PC: 137e0 \| Write file or device (See above)
2018-12-25T12:28:55.192729977Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.194915071Z	64	PC: 13800 \| Write file or device (See above)
2018-12-25T12:28:55.203545683Z	67	PC: 13810 \| Get or set file attributes (See above)
2018-12-25T12:28:55.21551578Z	87	PC: 13818 \| Get or set file date and time (See above)
2018-12-25T12:28:55.218007697Z	62	PC: 1381c \| Close file (See above)
2018-12-25T12:28:55.22478109Z	79	PC: 13821 \| Find next file (See above)
2018-12-25T12:28:55.228261692Z	61	PC: 1373e \| Open file (See above)
2018-12-25T12:28:55.2356803Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.237030667Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.238357478Z	63	PC: 13773 \| Read file or device (See above)
2018-12-25T12:28:55.245678877Z	87	PC: 137a2 \| Get or set file date and time (See above)
2018-12-25T12:28:55.247071525Z	67	PC: 137b1 \| Get or set file attributes (See above)
2018-12-25T12:28:55.253029263Z	67	PC: 137bd \| Get or set file attributes (See above)
2018-12-25T12:28:55.263565125Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.264948178Z	64	PC: 137e0 \| Write file or device (See above)
2018-12-25T12:28:55.267636809Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.269922633Z	64	PC: 13800 \| Write file or device (See above)
2018-12-25T12:28:55.277848891Z	67	PC: 13810 \| Get or set file attributes (See above)
2018-12-25T12:28:55.288241608Z	87	PC: 13818 \| Get or set file date and time (See above)
2018-12-25T12:28:55.290553637Z	62	PC: 1381c \| Close file (See above)
2018-12-25T12:28:55.298559299Z	79	PC: 13821 \| Find next file (See above)
2018-12-25T12:28:55.301179834Z	61	PC: 1373e \| Open file (See above)
2018-12-25T12:28:55.308370178Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.310011409Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.311394553Z	63	PC: 13773 \| Read file or device (See above)
2018-12-25T12:28:55.318457153Z	62	PC: 1381c \| Close file (See above)
2018-12-25T12:28:55.320243851Z	79	PC: 13821 \| Find next file (See above)
2018-12-25T12:28:55.322669666Z	78	PC: 136f8 \| Find first file (See above)
2018-12-25T12:28:55.328725499Z	61	PC: 1373e \| Open file (See above)
2018-12-25T12:28:55.33548154Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.336842837Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.338557636Z	63	PC: 13773 \| Read file or device (See above)
2018-12-25T12:28:55.345556233Z	62	PC: 1381c \| Close file (See above)
2018-12-25T12:28:55.347269366Z	79	PC: 13821 \| Find next file (See above)
2018-12-25T12:28:55.349887471Z	61	PC: 1373e \| Open file (See above)
2018-12-25T12:28:55.358702074Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.360268453Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.363097084Z	63	PC: 13773 \| Read file or device (See above)
2018-12-25T12:28:55.370738578Z	62	PC: 1381c \| Close file (See above)
2018-12-25T12:28:55.372729117Z	79	PC: 13821 \| Find next file (See above)
2018-12-25T12:28:55.375808603Z	61	PC: 1373e \| Open file (See above)
2018-12-25T12:28:55.383439998Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.385078402Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.386665283Z	63	PC: 13773 \| Read file or device (See above)
2018-12-25T12:28:55.394119392Z	62	PC: 1381c \| Close file (See above)
2018-12-25T12:28:55.396093756Z	79	PC: 13821 \| Find next file (See above)
2018-12-25T12:28:55.399019387Z	61	PC: 1373e \| Open file (See above)
2018-12-25T12:28:55.406495222Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.408229357Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.409816319Z	63	PC: 13773 \| Read file or device (See above)
2018-12-25T12:28:55.414849433Z	62	PC: 1381c \| Close file (See above)
2018-12-25T12:28:55.416107123Z	79	PC: 13821 \| Find next file (See above)
2018-12-25T12:28:55.417949233Z	61	PC: 1373e \| Open file (See above)
2018-12-25T12:28:55.422551924Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.423644303Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.424645762Z	63	PC: 13773 \| Read file or device (See above)
2018-12-25T12:28:55.429247347Z	62	PC: 1381c \| Close file (See above)
2018-12-25T12:28:55.430871832Z	79	PC: 13821 \| Find next file (See above)
2018-12-25T12:28:55.433155445Z	61	PC: 1373e \| Open file (See above)
2018-12-25T12:28:55.438197535Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.43929285Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.440236079Z	63	PC: 13773 \| Read file or device (See above)
2018-12-25T12:28:55.444654031Z	62	PC: 1381c \| Close file (See above)
2018-12-25T12:28:55.44609394Z	79	PC: 13821 \| Find next file (See above)
2018-12-25T12:28:55.44796032Z	61	PC: 1373e \| Open file (See above)
2018-12-25T12:28:55.452671823Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.453883799Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.454954741Z	63	PC: 13773 \| Read file or device (See above)
2018-12-25T12:28:55.459626143Z	62	PC: 1381c \| Close file (See above)
2018-12-25T12:28:55.461015459Z	79	PC: 13821 \| Find next file (See above)
2018-12-25T12:28:55.462835272Z	61	PC: 1373e \| Open file (See above)
2018-12-25T12:28:55.467201673Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.468685294Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.469713879Z	63	PC: 13773 \| Read file or device (See above)
2018-12-25T12:28:55.472131054Z	62	PC: 1381c \| Close file (See above)
2018-12-25T12:28:55.473396264Z	79	PC: 13821 \| Find next file (See above)
2018-12-25T12:28:55.475091159Z	37	PC: 1387c \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:28:55.476970114Z	76	PC: 12a48 \| Terminate with return code (Return code = '76')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":3,"TimeBased":true,"OriginalID":10701,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:28:54.386344129Z	53	PC: 13648 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:28:54.387574186Z	37	PC: 13656 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:28:54.389435475Z	42	PC: 1365a \| Get date 0x1365a: push dx 0x1365b: cmp dh, 0xc 0x1365e: jne 0x13662 0x13660: mov dh, 0 0x13662: inc dh 0x13664: push word ptr [bp + 0x2d] 0x13667: mov word ptr [bp + 0x2d], dx 0x1366a: mov di, 0x100 0x1366d: mov si, 3 0x13670: add si, bp 0x13672: mov cx, 4 0x13675: rep movsb byte ptr es:[di], byte ptr [si] 0x13677: mov si, 0x80 0x1367a: mov di, bp 0x1367c: add di, 0x2a9 0x13680: mov cx, 0x2c 0x13683: rep movsb byte ptr es:[di], byte ptr [si] 0x13685: mov di, 0x14 0x13688: add di, bp 0x1368a: mov si, 0xb
2018-12-25T12:28:54.391971781Z	78	PC: 136a0 \| Find first file
2018-12-25T12:28:54.398464548Z	78	PC: 136f8 \| Find first file
2018-12-25T12:28:54.407395012Z	61	PC: 1373e \| Open file (Filename = 'c:\COMMAND.COM')
2018-12-25T12:28:54.414942113Z	66	PC: 13893 \| Move file pointer
2018-12-25T12:28:54.416510334Z	66	PC: 1389f \| Move file pointer
2018-12-25T12:28:54.419063529Z	63	PC: 13773 \| Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:28:54.42214079Z	87	PC: 137a2 \| Get or set file date and time
2018-12-25T12:28:54.423787256Z	67	PC: 137b1 \| Get or set file attributes
2018-12-25T12:28:54.430296625Z	67	PC: 137bd \| Get or set file attributes
2018-12-25T12:28:54.781353708Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:54.782953588Z	64	PC: 137e0 \| Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:28:54.786584925Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:54.78834453Z	64	PC: 13800 \| Write file or device (Write 681 bytes on handle 5)
2018-12-25T12:28:54.799365453Z	67	PC: 13810 \| Get or set file attributes
2018-12-25T12:28:54.811007854Z	87	PC: 13818 \| Get or set file date and time
2018-12-25T12:28:54.81298688Z	62	PC: 1381c \| Close file
2018-12-25T12:28:54.820132941Z	79	PC: 13821 \| Find next file
2018-12-25T12:28:54.824204441Z	78	PC: 136f8 \| Find first file (See above)
2018-12-25T12:28:54.83254838Z	61	PC: 1373e \| Open file (See above)
2018-12-25T12:28:54.840374998Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:54.842593109Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:54.845107921Z	63	PC: 13773 \| Read file or device (See above)
2018-12-25T12:28:54.852741913Z	87	PC: 137a2 \| Get or set file date and time (See above)
2018-12-25T12:28:54.854940484Z	67	PC: 137b1 \| Get or set file attributes (See above)
2018-12-25T12:28:54.863022137Z	67	PC: 137bd \| Get or set file attributes (See above)
2018-12-25T12:28:54.881164355Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:54.88316838Z	64	PC: 137e0 \| Write file or device (See above)
2018-12-25T12:28:54.887369089Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:54.889591518Z	64	PC: 13800 \| Write file or device (See above)
2018-12-25T12:28:54.899831747Z	67	PC: 13810 \| Get or set file attributes (See above)
2018-12-25T12:28:54.913135507Z	87	PC: 13818 \| Get or set file date and time (See above)
2018-12-25T12:28:54.915013257Z	62	PC: 1381c \| Close file (See above)
2018-12-25T12:28:54.922975055Z	79	PC: 13821 \| Find next file (See above)
2018-12-25T12:28:54.9261578Z	61	PC: 1373e \| Open file (See above)
2018-12-25T12:28:54.934168486Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:54.937118672Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:54.938868088Z	63	PC: 13773 \| Read file or device (See above)
2018-12-25T12:28:54.946950197Z	87	PC: 137a2 \| Get or set file date and time (See above)
2018-12-25T12:28:54.94878459Z	67	PC: 137b1 \| Get or set file attributes (See above)
2018-12-25T12:28:54.955682499Z	67	PC: 137bd \| Get or set file attributes (See above)
2018-12-25T12:28:54.971298738Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:54.972969751Z	64	PC: 137e0 \| Write file or device (See above)
2018-12-25T12:28:54.980478639Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:54.983675327Z	64	PC: 13800 \| Write file or device (See above)
2018-12-25T12:28:54.992975856Z	67	PC: 13810 \| Get or set file attributes (See above)
2018-12-25T12:28:55.005450965Z	87	PC: 13818 \| Get or set file date and time (See above)
2018-12-25T12:28:55.00878047Z	62	PC: 1381c \| Close file (See above)
2018-12-25T12:28:55.017474377Z	79	PC: 13821 \| Find next file (See above)
2018-12-25T12:28:55.021006064Z	61	PC: 1373e \| Open file (See above)
2018-12-25T12:28:55.029792787Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.03308142Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.035134691Z	63	PC: 13773 \| Read file or device (See above)
2018-12-25T12:28:55.043993387Z	87	PC: 137a2 \| Get or set file date and time (See above)
2018-12-25T12:28:55.046351775Z	67	PC: 137b1 \| Get or set file attributes (See above)
2018-12-25T12:28:55.05459068Z	67	PC: 137bd \| Get or set file attributes (See above)
2018-12-25T12:28:55.065976639Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.06823061Z	64	PC: 137e0 \| Write file or device (See above)
2018-12-25T12:28:55.071452268Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.073212441Z	64	PC: 13800 \| Write file or device (See above)
2018-12-25T12:28:55.083662687Z	67	PC: 13810 \| Get or set file attributes (See above)
2018-12-25T12:28:55.095233087Z	87	PC: 13818 \| Get or set file date and time (See above)
2018-12-25T12:28:55.096946535Z	62	PC: 1381c \| Close file (See above)
2018-12-25T12:28:55.105298319Z	79	PC: 13821 \| Find next file (See above)
2018-12-25T12:28:55.108462038Z	61	PC: 1373e \| Open file (See above)
2018-12-25T12:28:55.115957663Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.117992163Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.120249122Z	63	PC: 13773 \| Read file or device (See above)
2018-12-25T12:28:55.127393881Z	87	PC: 137a2 \| Get or set file date and time (See above)
2018-12-25T12:28:55.128919436Z	67	PC: 137b1 \| Get or set file attributes (See above)
2018-12-25T12:28:55.135939131Z	67	PC: 137bd \| Get or set file attributes (See above)
2018-12-25T12:28:55.146995478Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.148744125Z	64	PC: 137e0 \| Write file or device (See above)
2018-12-25T12:28:55.152441354Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.153920098Z	64	PC: 13800 \| Write file or device (See above)
2018-12-25T12:28:55.163391094Z	67	PC: 13810 \| Get or set file attributes (See above)
2018-12-25T12:28:55.176276121Z	87	PC: 13818 \| Get or set file date and time (See above)
2018-12-25T12:28:55.178456089Z	62	PC: 1381c \| Close file (See above)
2018-12-25T12:28:55.186266889Z	79	PC: 13821 \| Find next file (See above)
2018-12-25T12:28:55.189934068Z	61	PC: 1373e \| Open file (See above)
2018-12-25T12:28:55.197399644Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.199113318Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.200926778Z	63	PC: 13773 \| Read file or device (See above)
2018-12-25T12:28:55.20841882Z	87	PC: 137a2 \| Get or set file date and time (See above)
2018-12-25T12:28:55.209792242Z	67	PC: 137b1 \| Get or set file attributes (See above)
2018-12-25T12:28:55.216280635Z	67	PC: 137bd \| Get or set file attributes (See above)
2018-12-25T12:28:55.227820225Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.229445818Z	64	PC: 137e0 \| Write file or device (See above)
2018-12-25T12:28:55.232592912Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.235100804Z	64	PC: 13800 \| Write file or device (See above)
2018-12-25T12:28:55.244211553Z	67	PC: 13810 \| Get or set file attributes (See above)
2018-12-25T12:28:55.255911861Z	87	PC: 13818 \| Get or set file date and time (See above)
2018-12-25T12:28:55.258146784Z	62	PC: 1381c \| Close file (See above)
2018-12-25T12:28:55.2659048Z	79	PC: 13821 \| Find next file (See above)
2018-12-25T12:28:55.268885714Z	61	PC: 1373e \| Open file (See above)
2018-12-25T12:28:55.27739123Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.279181783Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.280617916Z	63	PC: 13773 \| Read file or device (See above)
2018-12-25T12:28:55.288876501Z	87	PC: 137a2 \| Get or set file date and time (See above)
2018-12-25T12:28:55.291085623Z	67	PC: 137b1 \| Get or set file attributes (See above)
2018-12-25T12:28:55.298819663Z	67	PC: 137bd \| Get or set file attributes (See above)
2018-12-25T12:28:55.31017347Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.312440316Z	64	PC: 137e0 \| Write file or device (See above)
2018-12-25T12:28:55.315506935Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.316976016Z	64	PC: 13800 \| Write file or device (See above)
2018-12-25T12:28:55.327292859Z	67	PC: 13810 \| Get or set file attributes (See above)
2018-12-25T12:28:55.339084341Z	87	PC: 13818 \| Get or set file date and time (See above)
2018-12-25T12:28:55.340813234Z	62	PC: 1381c \| Close file (See above)
2018-12-25T12:28:55.349712341Z	79	PC: 13821 \| Find next file (See above)
2018-12-25T12:28:55.353183949Z	61	PC: 1373e \| Open file (See above)
2018-12-25T12:28:55.361241579Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.363157667Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.364793233Z	63	PC: 13773 \| Read file or device (See above)
2018-12-25T12:28:55.371912349Z	87	PC: 137a2 \| Get or set file date and time (See above)
2018-12-25T12:28:55.37400693Z	67	PC: 137b1 \| Get or set file attributes (See above)
2018-12-25T12:28:55.380426589Z	67	PC: 137bd \| Get or set file attributes (See above)
2018-12-25T12:28:55.391241305Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.393686092Z	64	PC: 137e0 \| Write file or device (See above)
2018-12-25T12:28:55.397152616Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.39864028Z	64	PC: 13800 \| Write file or device (See above)
2018-12-25T12:28:55.40811939Z	67	PC: 13810 \| Get or set file attributes (See above)
2018-12-25T12:28:55.420323593Z	87	PC: 13818 \| Get or set file date and time (See above)
2018-12-25T12:28:55.423307548Z	62	PC: 1381c \| Close file (See above)
2018-12-25T12:28:55.43260201Z	79	PC: 13821 \| Find next file (See above)
2018-12-25T12:28:55.436423442Z	61	PC: 1373e \| Open file (See above)
2018-12-25T12:28:55.444055656Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.446224052Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.449244936Z	63	PC: 13773 \| Read file or device (See above)
2018-12-25T12:28:55.456390742Z	62	PC: 1381c \| Close file (See above)
2018-12-25T12:28:55.458405323Z	79	PC: 13821 \| Find next file (See above)
2018-12-25T12:28:55.462149141Z	78	PC: 136f8 \| Find first file (See above)
2018-12-25T12:28:55.46886952Z	61	PC: 1373e \| Open file (See above)
2018-12-25T12:28:55.476713177Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.479070251Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.480611098Z	63	PC: 13773 \| Read file or device (See above)
2018-12-25T12:28:55.487872793Z	62	PC: 1381c \| Close file (See above)
2018-12-25T12:28:55.491360924Z	79	PC: 13821 \| Find next file (See above)
2018-12-25T12:28:55.49428554Z	61	PC: 1373e \| Open file (See above)
2018-12-25T12:28:55.501472165Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.503293968Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.50518336Z	63	PC: 13773 \| Read file or device (See above)
2018-12-25T12:28:55.512202742Z	62	PC: 1381c \| Close file (See above)
2018-12-25T12:28:55.514703089Z	79	PC: 13821 \| Find next file (See above)
2018-12-25T12:28:55.517941241Z	61	PC: 1373e \| Open file (See above)
2018-12-25T12:28:55.525223971Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.527210579Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.52862588Z	63	PC: 13773 \| Read file or device (See above)
2018-12-25T12:28:55.535930587Z	62	PC: 1381c \| Close file (See above)
2018-12-25T12:28:55.53846591Z	79	PC: 13821 \| Find next file (See above)
2018-12-25T12:28:55.541601526Z	61	PC: 1373e \| Open file (See above)
2018-12-25T12:28:55.546319995Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.548577925Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.549699235Z	63	PC: 13773 \| Read file or device (See above)
2018-12-25T12:28:55.554898041Z	62	PC: 1381c \| Close file (See above)
2018-12-25T12:28:55.557397644Z	79	PC: 13821 \| Find next file (See above)
2018-12-25T12:28:55.559389978Z	61	PC: 1373e \| Open file (See above)
2018-12-25T12:28:55.564784505Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.566752127Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.567921181Z	63	PC: 13773 \| Read file or device (See above)
2018-12-25T12:28:55.572715518Z	62	PC: 1381c \| Close file (See above)
2018-12-25T12:28:55.57485749Z	79	PC: 13821 \| Find next file (See above)
2018-12-25T12:28:55.576809548Z	61	PC: 1373e \| Open file (See above)
2018-12-25T12:28:55.581449973Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.583045154Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.584223816Z	63	PC: 13773 \| Read file or device (See above)
2018-12-25T12:28:55.588389262Z	62	PC: 1381c \| Close file (See above)
2018-12-25T12:28:55.590596619Z	79	PC: 13821 \| Find next file (See above)
2018-12-25T12:28:55.593398901Z	61	PC: 1373e \| Open file (See above)
2018-12-25T12:28:55.600529785Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.602229313Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.603428203Z	63	PC: 13773 \| Read file or device (See above)
2018-12-25T12:28:55.610325079Z	62	PC: 1381c \| Close file (See above)
2018-12-25T12:28:55.612561752Z	79	PC: 13821 \| Find next file (See above)
2018-12-25T12:28:55.615967185Z	61	PC: 1373e \| Open file (See above)
2018-12-25T12:28:55.623796551Z	66	PC: 13893 \| Move file pointer (See above)
2018-12-25T12:28:55.625431307Z	66	PC: 1389f \| Move file pointer (See above)
2018-12-25T12:28:55.626809439Z	63	PC: 13773 \| Read file or device (See above)
2018-12-25T12:28:55.629776761Z	62	PC: 1381c \| Close file (See above)
2018-12-25T12:28:55.633008551Z	79	PC: 13821 \| Find next file (See above)
2018-12-25T12:28:55.635678766Z	37	PC: 1387c \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:28:55.636814173Z	76	PC: 12a48 \| Terminate with return code (Return code = '76')