Sample viewer

vx.netlux.org/Virus.DOS.HLLP.Krile.4537

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:54:01.210873688Z	98	PC: 199d6 \| Get current PSP
2018-12-17T22:54:01.214816765Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:01.221461186Z	65	PC: 13b9d \| Delete file (Filename = 'anti-vir.dat')
2018-12-17T22:54:01.229759082Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:01.242865011Z	65	PC: 13b9d \| Delete file (Filename = 'chklist.ms')
2018-12-17T22:54:01.250163992Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:01.258347443Z	65	PC: 13b9d \| Delete file (Filename = 'chklist.cps')
2018-12-17T22:54:01.265699583Z	26	PC: 12c85 \| Set disk transfer address
2018-12-17T22:54:01.267330116Z	78	PC: 12c97 \| Find first file
2018-12-17T22:54:01.275542723Z	67	PC: 13335 \| Get or set file attributes
2018-12-17T22:54:01.287510864Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:01.315996181Z	61	PC: 13483 \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:54:01.334244899Z	63	PC: 13525 \| Read file or device (Read 4537 bytes on handle 5)
2018-12-17T22:54:01.343616844Z	62	PC: 1356b \| Close file
2018-12-17T22:54:01.345841973Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:01.357601653Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:01.365952619Z	65	PC: 13b9d \| Delete file (Filename = 'anti-vir.dat')
2018-12-17T22:54:01.373517017Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:01.380199931Z	65	PC: 13b9d \| Delete file (Filename = 'chklist.ms')
2018-12-17T22:54:01.394689498Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:01.401094519Z	65	PC: 13b9d \| Delete file (Filename = 'chklist.cps')
2018-12-17T22:54:01.407771451Z	47	PC: 19815 \| Get disk transfer address
2018-12-17T22:54:01.410001049Z	26	PC: 19820 \| Set disk transfer address
2018-12-17T22:54:01.411382224Z	78	PC: 1982c \| Find first file
2018-12-17T22:54:01.418112536Z	26	PC: 1983e \| Set disk transfer address
2018-12-17T22:54:01.423022779Z	26	PC: 1387d \| Set disk transfer address
2018-12-17T22:54:01.424482191Z	78	PC: 1388f \| Find first file
2018-12-17T22:54:01.431139887Z	67	PC: 13335 \| Get or set file attributes
2018-12-17T22:54:01.43879199Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:01.449569645Z	61	PC: 13483 \| Open file (Filename = 'TEST.EXE')
2018-12-17T22:54:01.457138462Z	66	PC: 19afb \| Move file pointer
2018-12-17T22:54:01.462812431Z	63	PC: 13525 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:54:01.472226193Z	62	PC: 1356b \| Close file
2018-12-17T22:54:01.47454025Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:01.486248262Z	47	PC: 19852 \| Get disk transfer address
2018-12-17T22:54:01.489745491Z	26	PC: 1985d \| Set disk transfer address
2018-12-17T22:54:01.491476002Z	79	PC: 19861 \| Find next file
2018-12-17T22:54:01.495120228Z	26	PC: 19871 \| Set disk transfer address
2018-12-17T22:54:01.498464609Z	47	PC: 19815 \| Get disk transfer address
2018-12-17T22:54:01.500270923Z	26	PC: 19820 \| Set disk transfer address
2018-12-17T22:54:01.502250652Z	78	PC: 1982c \| Find first file
2018-12-17T22:54:01.511841196Z	26	PC: 1983e \| Set disk transfer address
2018-12-17T22:54:01.515165531Z	26	PC: 1387d \| Set disk transfer address
2018-12-17T22:54:01.516753062Z	78	PC: 1388f \| Find first file
2018-12-17T22:54:01.526102364Z	47	PC: 19852 \| Get disk transfer address
2018-12-17T22:54:01.52780361Z	26	PC: 1985d \| Set disk transfer address
2018-12-17T22:54:01.529440746Z	79	PC: 19861 \| Find next file
2018-12-17T22:54:01.53356397Z	26	PC: 19871 \| Set disk transfer address
2018-12-17T22:54:01.536302013Z	26	PC: 1387d \| Set disk transfer address
2018-12-17T22:54:01.538056118Z	78	PC: 1388f \| Find first file
2018-12-17T22:54:01.545928836Z	47	PC: 19852 \| Get disk transfer address
2018-12-17T22:54:01.548450133Z	26	PC: 1985d \| Set disk transfer address
2018-12-17T22:54:01.550084673Z	79	PC: 19861 \| Find next file
2018-12-17T22:54:01.553188513Z	26	PC: 19871 \| Set disk transfer address
2018-12-17T22:54:01.556309215Z	26	PC: 1387d \| Set disk transfer address
2018-12-17T22:54:01.557718372Z	78	PC: 1388f \| Find first file
2018-12-17T22:54:01.564376679Z	47	PC: 19852 \| Get disk transfer address
2018-12-17T22:54:01.566415699Z	26	PC: 1985d \| Set disk transfer address
2018-12-17T22:54:01.567967264Z	79	PC: 19861 \| Find next file
2018-12-17T22:54:01.57119657Z	26	PC: 19871 \| Set disk transfer address
2018-12-17T22:54:01.575064615Z	26	PC: 1387d \| Set disk transfer address
2018-12-17T22:54:01.576478682Z	78	PC: 1388f \| Find first file
2018-12-17T22:54:01.583068039Z	47	PC: 19852 \| Get disk transfer address
2018-12-17T22:54:01.587191073Z	26	PC: 1985d \| Set disk transfer address
2018-12-17T22:54:01.588830894Z	79	PC: 19861 \| Find next file
2018-12-17T22:54:01.591882045Z	26	PC: 19871 \| Set disk transfer address
2018-12-17T22:54:01.595338878Z	26	PC: 1387d \| Set disk transfer address
2018-12-17T22:54:01.596830631Z	78	PC: 1388f \| Find first file
2018-12-17T22:54:01.603568688Z	47	PC: 19852 \| Get disk transfer address
2018-12-17T22:54:01.605701955Z	26	PC: 1985d \| Set disk transfer address
2018-12-17T22:54:01.607756193Z	79	PC: 19861 \| Find next file
2018-12-17T22:54:01.610803728Z	26	PC: 19871 \| Set disk transfer address
2018-12-17T22:54:01.6133603Z	26	PC: 1387d \| Set disk transfer address
2018-12-17T22:54:01.615946187Z	78	PC: 1388f \| Find first file
2018-12-17T22:54:01.622685857Z	47	PC: 19852 \| Get disk transfer address
2018-12-17T22:54:01.624212836Z	26	PC: 1985d \| Set disk transfer address
2018-12-17T22:54:01.626316287Z	79	PC: 19861 \| Find next file
2018-12-17T22:54:01.629309158Z	26	PC: 19871 \| Set disk transfer address
2018-12-17T22:54:01.631894524Z	26	PC: 1387d \| Set disk transfer address
2018-12-17T22:54:01.63392077Z	78	PC: 1388f \| Find first file
2018-12-17T22:54:01.640653848Z	47	PC: 19852 \| Get disk transfer address
2018-12-17T22:54:01.64218294Z	26	PC: 1985d \| Set disk transfer address
2018-12-17T22:54:01.644433738Z	79	PC: 19861 \| Find next file
2018-12-17T22:54:01.647509837Z	26	PC: 19871 \| Set disk transfer address
2018-12-17T22:54:01.649342599Z	98	PC: 19a0d \| Get current PSP
2018-12-17T22:54:01.652506352Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:01.664250903Z	65	PC: 13b9d \| Delete file (Filename = 'C:\DOS\anti-vir.dat')
2018-12-17T22:54:01.671447742Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:01.6793316Z	65	PC: 13b9d \| Delete file (Filename = 'C:\DOS\chklist.ms')
2018-12-17T22:54:01.687190352Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:01.694452344Z	65	PC: 13b9d \| Delete file (Filename = 'C:\DOS\chklist.cps')
2018-12-17T22:54:01.702023765Z	47	PC: 19815 \| Get disk transfer address
2018-12-17T22:54:01.705551853Z	26	PC: 19820 \| Set disk transfer address
2018-12-17T22:54:01.707013448Z	78	PC: 1982c \| Find first file
2018-12-17T22:54:01.713976688Z	26	PC: 1983e \| Set disk transfer address
2018-12-17T22:54:01.718812562Z	26	PC: 1387d \| Set disk transfer address
2018-12-17T22:54:01.720364657Z	78	PC: 1388f \| Find first file
2018-12-17T22:54:01.727356741Z	67	PC: 13335 \| Get or set file attributes
2018-12-17T22:54:01.741054852Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:02.085061915Z	61	PC: 13483 \| Open file (Filename = 'C:\DOS\ATTRIB.EXE')
2018-12-17T22:54:02.093376914Z	66	PC: 19afb \| Move file pointer
2018-12-17T22:54:02.096953553Z	63	PC: 13525 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:54:02.10772188Z	62	PC: 1356b \| Close file
2018-12-17T22:54:02.111104564Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:02.148476804Z	26	PC: 13220 \| Set disk transfer address
2018-12-17T22:54:02.15022106Z	78	PC: 13232 \| Find first file
2018-12-17T22:54:02.157441513Z	67	PC: 13335 \| Get or set file attributes
2018-12-17T22:54:02.164501334Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:02.176909612Z	61	PC: 13483 \| Open file (Filename = 'C:\DOS\ATTRIB.EXE')
2018-12-17T22:54:02.184726936Z	87	PC: 133f0 \| Get or set file date and time
2018-12-17T22:54:02.187399096Z	63	PC: 13525 \| Read file or device (Read 4537 bytes on handle 5)
2018-12-17T22:54:02.196187824Z	66	PC: 19afb \| Move file pointer
2018-12-17T22:54:02.198414467Z	64	PC: 134cf \| Write file or device (Write 4537 bytes on handle 5)
2018-12-17T22:54:02.207152059Z	66	PC: 19afb \| Move file pointer
2018-12-17T22:54:02.221152938Z	64	PC: 134cf \| Write file or device (Write 4537 bytes on handle 5)
2018-12-17T22:54:02.233663579Z	87	PC: 13452 \| Get or set file date and time
2018-12-17T22:54:02.235371447Z	62	PC: 1356b \| Close file
2018-12-17T22:54:02.243972964Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:02.255346207Z	47	PC: 19852 \| Get disk transfer address
2018-12-17T22:54:02.256661799Z	26	PC: 1985d \| Set disk transfer address
2018-12-17T22:54:02.258557519Z	79	PC: 19861 \| Find next file
2018-12-17T22:54:02.262025904Z	26	PC: 19871 \| Set disk transfer address
2018-12-17T22:54:02.264308131Z	26	PC: 1387d \| Set disk transfer address
2018-12-17T22:54:02.266461496Z	78	PC: 1388f \| Find first file
2018-12-17T22:54:02.273668654Z	67	PC: 13335 \| Get or set file attributes
2018-12-17T22:54:02.2800708Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:02.290817577Z	61	PC: 13483 \| Open file (Filename = 'C:\DOS\CHKDSK.EXE')
2018-12-17T22:54:02.298836419Z	66	PC: 19afb \| Move file pointer
2018-12-17T22:54:02.300826047Z	63	PC: 13525 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:54:02.306940271Z	62	PC: 1356b \| Close file
2018-12-17T22:54:02.309624533Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:02.323859513Z	26	PC: 13220 \| Set disk transfer address
2018-12-17T22:54:02.325473875Z	78	PC: 13232 \| Find first file
2018-12-17T22:54:02.333380978Z	67	PC: 13335 \| Get or set file attributes
2018-12-17T22:54:02.340689356Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:02.39179856Z	61	PC: 13483 \| Open file (Filename = 'C:\DOS\CHKDSK.EXE')
2018-12-17T22:54:02.400031324Z	87	PC: 133f0 \| Get or set file date and time
2018-12-17T22:54:02.402411355Z	63	PC: 13525 \| Read file or device (Read 4537 bytes on handle 5)
2018-12-17T22:54:02.411124041Z	66	PC: 19afb \| Move file pointer
2018-12-17T22:54:02.414505653Z	64	PC: 134cf \| Write file or device (Write 4537 bytes on handle 5)
2018-12-17T22:54:02.44339051Z	66	PC: 19afb \| Move file pointer
2018-12-17T22:54:02.461671519Z	64	PC: 134cf \| Write file or device (Write 4537 bytes on handle 5)
2018-12-17T22:54:02.484747886Z	87	PC: 13452 \| Get or set file date and time
2018-12-17T22:54:02.487127115Z	62	PC: 1356b \| Close file
2018-12-17T22:54:02.547703331Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:02.610650511Z	47	PC: 19852 \| Get disk transfer address
2018-12-17T22:54:02.612203769Z	26	PC: 1985d \| Set disk transfer address
2018-12-17T22:54:02.613740225Z	79	PC: 19861 \| Find next file
2018-12-17T22:54:02.618918452Z	26	PC: 19871 \| Set disk transfer address
2018-12-17T22:54:02.622497415Z	26	PC: 1387d \| Set disk transfer address
2018-12-17T22:54:02.62419293Z	78	PC: 1388f \| Find first file
2018-12-17T22:54:02.633349309Z	67	PC: 13335 \| Get or set file attributes
2018-12-17T22:54:02.640665361Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:02.676932124Z	61	PC: 13483 \| Open file (Filename = 'C:\DOS\DEBUG.EXE')
2018-12-17T22:54:02.688357186Z	66	PC: 19afb \| Move file pointer
2018-12-17T22:54:02.690887258Z	63	PC: 13525 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:54:02.697357381Z	62	PC: 1356b \| Close file
2018-12-17T22:54:02.700550089Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:02.745951901Z	26	PC: 13220 \| Set disk transfer address
2018-12-17T22:54:02.747662094Z	78	PC: 13232 \| Find first file
2018-12-17T22:54:02.756451164Z	67	PC: 13335 \| Get or set file attributes
2018-12-17T22:54:02.76344483Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:02.80750361Z	61	PC: 13483 \| Open file (Filename = 'C:\DOS\DEBUG.EXE')
2018-12-17T22:54:02.816370225Z	87	PC: 133f0 \| Get or set file date and time
2018-12-17T22:54:02.818154126Z	63	PC: 13525 \| Read file or device (Read 4537 bytes on handle 5)
2018-12-17T22:54:02.828236144Z	66	PC: 19afb \| Move file pointer
2018-12-17T22:54:02.83154018Z	64	PC: 134cf \| Write file or device (Write 4537 bytes on handle 5)
2018-12-17T22:54:02.88356266Z	66	PC: 19afb \| Move file pointer
2018-12-17T22:54:02.896080714Z	64	PC: 134cf \| Write file or device (Write 4537 bytes on handle 5)
2018-12-17T22:54:02.975314056Z	87	PC: 13452 \| Get or set file date and time
2018-12-17T22:54:02.977580002Z	62	PC: 1356b \| Close file
2018-12-17T22:54:02.985756481Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:02.998004818Z	47	PC: 19852 \| Get disk transfer address
2018-12-17T22:54:02.99979442Z	26	PC: 1985d \| Set disk transfer address
2018-12-17T22:54:03.001468705Z	79	PC: 19861 \| Find next file
2018-12-17T22:54:03.005776276Z	26	PC: 19871 \| Set disk transfer address
2018-12-17T22:54:03.008696812Z	26	PC: 1387d \| Set disk transfer address
2018-12-17T22:54:03.010377539Z	78	PC: 1388f \| Find first file
2018-12-17T22:54:03.018488294Z	67	PC: 13335 \| Get or set file attributes
2018-12-17T22:54:03.026207324Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:03.036929905Z	61	PC: 13483 \| Open file (Filename = 'C:\DOS\EXPAND.EXE')
2018-12-17T22:54:03.044498852Z	66	PC: 19afb \| Move file pointer
2018-12-17T22:54:03.047486214Z	63	PC: 13525 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:54:03.053960585Z	62	PC: 1356b \| Close file
2018-12-17T22:54:03.056612797Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:03.068462957Z	26	PC: 13220 \| Set disk transfer address
2018-12-17T22:54:03.070125189Z	78	PC: 13232 \| Find first file
2018-12-17T22:54:03.077721287Z	67	PC: 13335 \| Get or set file attributes
2018-12-17T22:54:03.086340017Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:03.097511842Z	61	PC: 13483 \| Open file (Filename = 'C:\DOS\EXPAND.EXE')
2018-12-17T22:54:03.105190565Z	87	PC: 133f0 \| Get or set file date and time
2018-12-17T22:54:03.108024259Z	63	PC: 13525 \| Read file or device (Read 4537 bytes on handle 5)
2018-12-17T22:54:03.116060714Z	66	PC: 19afb \| Move file pointer
2018-12-17T22:54:03.11844884Z	64	PC: 134cf \| Write file or device (Write 4537 bytes on handle 5)
2018-12-17T22:54:03.128257956Z	66	PC: 19afb \| Move file pointer
2018-12-17T22:54:03.143000107Z	64	PC: 134cf \| Write file or device (Write 4537 bytes on handle 5)
2018-12-17T22:54:03.153665Z	87	PC: 13452 \| Get or set file date and time
2018-12-17T22:54:03.156670486Z	62	PC: 1356b \| Close file
2018-12-17T22:54:03.165224653Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:03.176407259Z	47	PC: 19852 \| Get disk transfer address
2018-12-17T22:54:03.179293902Z	26	PC: 1985d \| Set disk transfer address
2018-12-17T22:54:03.181247491Z	79	PC: 19861 \| Find next file
2018-12-17T22:54:03.184541057Z	26	PC: 19871 \| Set disk transfer address
2018-12-17T22:54:03.187741399Z	26	PC: 1387d \| Set disk transfer address
2018-12-17T22:54:03.189662348Z	78	PC: 1388f \| Find first file
2018-12-17T22:54:03.196788323Z	67	PC: 13335 \| Get or set file attributes
2018-12-17T22:54:03.204205035Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:03.212912731Z	61	PC: 13483 \| Open file (Filename = 'C:\DOS\FDISK.EXE')
2018-12-17T22:54:03.220045339Z	66	PC: 19afb \| Move file pointer
2018-12-17T22:54:03.222929336Z	63	PC: 13525 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:54:03.228855698Z	62	PC: 1356b \| Close file
2018-12-17T22:54:03.230487383Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:03.239783655Z	26	PC: 13220 \| Set disk transfer address
2018-12-17T22:54:03.240808911Z	78	PC: 13232 \| Find first file
2018-12-17T22:54:03.245765542Z	67	PC: 13335 \| Get or set file attributes
2018-12-17T22:54:03.253308981Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:03.262052335Z	61	PC: 13483 \| Open file (Filename = 'C:\DOS\FDISK.EXE')
2018-12-17T22:54:03.26751201Z	87	PC: 133f0 \| Get or set file date and time
2018-12-17T22:54:03.269796271Z	63	PC: 13525 \| Read file or device (Read 4537 bytes on handle 5)
2018-12-17T22:54:03.275867245Z	66	PC: 19afb \| Move file pointer
2018-12-17T22:54:03.27749344Z	64	PC: 134cf \| Write file or device (Write 4537 bytes on handle 5)
2018-12-17T22:54:03.285224482Z	66	PC: 19afb \| Move file pointer
2018-12-17T22:54:03.293928552Z	64	PC: 134cf \| Write file or device (Write 4537 bytes on handle 5)
2018-12-17T22:54:03.306364291Z	87	PC: 13452 \| Get or set file date and time
2018-12-17T22:54:03.308810115Z	62	PC: 1356b \| Close file
2018-12-17T22:54:03.33173155Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:03.34098927Z	47	PC: 19852 \| Get disk transfer address
2018-12-17T22:54:03.342775535Z	26	PC: 1985d \| Set disk transfer address
2018-12-17T22:54:03.34553023Z	79	PC: 19861 \| Find next file
2018-12-17T22:54:03.350257389Z	26	PC: 19871 \| Set disk transfer address
2018-12-17T22:54:03.352595752Z	47	PC: 19815 \| Get disk transfer address
2018-12-17T22:54:03.355315841Z	26	PC: 19820 \| Set disk transfer address
2018-12-17T22:54:03.356994695Z	78	PC: 1982c \| Find first file
2018-12-17T22:54:03.364334001Z	26	PC: 1983e \| Set disk transfer address
2018-12-17T22:54:03.368110885Z	26	PC: 1387d \| Set disk transfer address
2018-12-17T22:54:03.369778668Z	78	PC: 1388f \| Find first file
2018-12-17T22:54:03.374930896Z	47	PC: 19852 \| Get disk transfer address
2018-12-17T22:54:03.377000323Z	26	PC: 1985d \| Set disk transfer address
2018-12-17T22:54:03.37812722Z	79	PC: 19861 \| Find next file
2018-12-17T22:54:03.380707247Z	26	PC: 19871 \| Set disk transfer address
2018-12-17T22:54:03.38316845Z	26	PC: 1387d \| Set disk transfer address
2018-12-17T22:54:03.384255191Z	78	PC: 1388f \| Find first file
2018-12-17T22:54:03.389461069Z	67	PC: 13335 \| Get or set file attributes
2018-12-17T22:54:03.395409714Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:03.404759316Z	61	PC: 13483 \| Open file (Filename = 'C:\DOS\FORMAT.COM')
2018-12-17T22:54:03.411870844Z	66	PC: 19afb \| Move file pointer
2018-12-17T22:54:03.415063351Z	63	PC: 13525 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:54:03.421467641Z	62	PC: 1356b \| Close file
2018-12-17T22:54:03.423794902Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:03.435194585Z	26	PC: 13220 \| Set disk transfer address
2018-12-17T22:54:03.437002661Z	78	PC: 13232 \| Find first file
2018-12-17T22:54:03.444079896Z	67	PC: 13335 \| Get or set file attributes
2018-12-17T22:54:03.452181754Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:03.463028439Z	61	PC: 13483 \| Open file (Filename = 'C:\DOS\FORMAT.COM')
2018-12-17T22:54:03.471010802Z	87	PC: 133f0 \| Get or set file date and time
2018-12-17T22:54:03.473155251Z	63	PC: 13525 \| Read file or device (Read 4537 bytes on handle 5)
2018-12-17T22:54:03.482624839Z	66	PC: 19afb \| Move file pointer
2018-12-17T22:54:03.485128341Z	64	PC: 134cf \| Write file or device (Write 4537 bytes on handle 5)
2018-12-17T22:54:03.49440718Z	66	PC: 19afb \| Move file pointer
2018-12-17T22:54:03.508142491Z	64	PC: 134cf \| Write file or device (Write 4537 bytes on handle 5)
2018-12-17T22:54:03.51831564Z	87	PC: 13452 \| Get or set file date and time
2018-12-17T22:54:03.520536552Z	62	PC: 1356b \| Close file
2018-12-17T22:54:03.530041516Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:03.540686792Z	47	PC: 19852 \| Get disk transfer address
2018-12-17T22:54:03.542251752Z	26	PC: 1985d \| Set disk transfer address
2018-12-17T22:54:03.544606054Z	79	PC: 19861 \| Find next file
2018-12-17T22:54:03.548328677Z	26	PC: 19871 \| Set disk transfer address
2018-12-17T22:54:03.550897722Z	26	PC: 1387d \| Set disk transfer address
2018-12-17T22:54:03.553258667Z	78	PC: 1388f \| Find first file
2018-12-17T22:54:03.561259907Z	67	PC: 13335 \| Get or set file attributes
2018-12-17T22:54:03.568034201Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:03.579621126Z	61	PC: 13483 \| Open file (Filename = 'C:\DOS\KEYB.COM')
2018-12-17T22:54:03.587495838Z	66	PC: 19afb \| Move file pointer
2018-12-17T22:54:03.589874927Z	63	PC: 13525 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:54:03.596824061Z	62	PC: 1356b \| Close file
2018-12-17T22:54:03.599160239Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:03.609864616Z	26	PC: 13220 \| Set disk transfer address
2018-12-17T22:54:03.612340807Z	78	PC: 13232 \| Find first file
2018-12-17T22:54:03.620257508Z	67	PC: 13335 \| Get or set file attributes
2018-12-17T22:54:03.627169421Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:03.638862956Z	61	PC: 13483 \| Open file (Filename = 'C:\DOS\KEYB.COM')
2018-12-17T22:54:03.646752696Z	87	PC: 133f0 \| Get or set file date and time
2018-12-17T22:54:03.648827534Z	63	PC: 13525 \| Read file or device (Read 4537 bytes on handle 5)
2018-12-17T22:54:03.658094851Z	66	PC: 19afb \| Move file pointer
2018-12-17T22:54:03.660395413Z	64	PC: 134cf \| Write file or device (Write 4537 bytes on handle 5)
2018-12-17T22:54:03.668806502Z	66	PC: 19afb \| Move file pointer
2018-12-17T22:54:03.679464262Z	64	PC: 134cf \| Write file or device (Write 4537 bytes on handle 5)
2018-12-17T22:54:03.687656971Z	87	PC: 13452 \| Get or set file date and time
2018-12-17T22:54:03.689105331Z	62	PC: 1356b \| Close file
2018-12-17T22:54:03.695526262Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:03.705469931Z	47	PC: 19852 \| Get disk transfer address
2018-12-17T22:54:03.707294959Z	26	PC: 1985d \| Set disk transfer address
2018-12-17T22:54:03.71010139Z	79	PC: 19861 \| Find next file
2018-12-17T22:54:03.717255719Z	26	PC: 19871 \| Set disk transfer address
2018-12-17T22:54:03.720123325Z	26	PC: 1387d \| Set disk transfer address
2018-12-17T22:54:03.723072135Z	78	PC: 1388f \| Find first file
2018-12-17T22:54:03.730756619Z	67	PC: 13335 \| Get or set file attributes
2018-12-17T22:54:03.737692578Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:03.749349754Z	61	PC: 13483 \| Open file (Filename = 'C:\DOS\SYS.COM')
2018-12-17T22:54:03.756090046Z	66	PC: 19afb \| Move file pointer
2018-12-17T22:54:03.759307619Z	63	PC: 13525 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:54:03.764182316Z	62	PC: 1356b \| Close file
2018-12-17T22:54:03.765724874Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:03.775419494Z	26	PC: 13220 \| Set disk transfer address
2018-12-17T22:54:03.776623175Z	78	PC: 13232 \| Find first file
2018-12-17T22:54:03.784245994Z	67	PC: 13335 \| Get or set file attributes
2018-12-17T22:54:03.793246571Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:03.807335926Z	61	PC: 13483 \| Open file (Filename = 'C:\DOS\SYS.COM')
2018-12-17T22:54:03.818543718Z	87	PC: 133f0 \| Get or set file date and time
2018-12-17T22:54:03.821774767Z	63	PC: 13525 \| Read file or device (Read 4537 bytes on handle 5)
2018-12-17T22:54:03.830481612Z	66	PC: 19afb \| Move file pointer
2018-12-17T22:54:03.832811529Z	64	PC: 134cf \| Write file or device (Write 4537 bytes on handle 5)
2018-12-17T22:54:03.841710044Z	66	PC: 19afb \| Move file pointer
2018-12-17T22:54:03.854055123Z	64	PC: 134cf \| Write file or device (Write 4537 bytes on handle 5)
2018-12-17T22:54:03.86365181Z	87	PC: 13452 \| Get or set file date and time
2018-12-17T22:54:03.866679467Z	62	PC: 1356b \| Close file
2018-12-17T22:54:03.874554239Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:03.885879652Z	47	PC: 19852 \| Get disk transfer address
2018-12-17T22:54:03.888664303Z	26	PC: 1985d \| Set disk transfer address
2018-12-17T22:54:03.890206279Z	79	PC: 19861 \| Find next file
2018-12-17T22:54:03.896820243Z	26	PC: 19871 \| Set disk transfer address
2018-12-17T22:54:03.899988374Z	98	PC: 19a0d \| Get current PSP
2018-12-17T22:54:03.902093429Z	26	PC: 12ea2 \| Set disk transfer address
2018-12-17T22:54:03.903628702Z	78	PC: 12eb4 \| Find first file
2018-12-17T22:54:03.914679039Z	67	PC: 13335 \| Get or set file attributes
2018-12-17T22:54:03.921055126Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:03.931379229Z	61	PC: 13483 \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:54:03.939765712Z	87	PC: 133f0 \| Get or set file date and time
2018-12-17T22:54:03.941786177Z	66	PC: 19afb \| Move file pointer
2018-12-17T22:54:03.944032467Z	63	PC: 13525 \| Read file or device (Read 4537 bytes on handle 5)
2018-12-17T22:54:03.954883379Z	66	PC: 19afb \| Move file pointer
2018-12-17T22:54:03.967367108Z	64	PC: 134cf \| Write file or device (Write 4537 bytes on handle 5)
2018-12-17T22:54:03.976022276Z	87	PC: 13452 \| Get or set file date and time
2018-12-17T22:54:03.979141365Z	62	PC: 1356b \| Close file
2018-12-17T22:54:03.988650036Z	61	PC: 136de \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:54:03.996993588Z	66	PC: 13711 \| Move file pointer
2018-12-17T22:54:03.99991144Z	64	PC: 1374a \| Write file or device (Write 0 bytes on handle 5)
2018-12-17T22:54:04.008230747Z	62	PC: 1376d \| Close file
2018-12-17T22:54:04.017019836Z	61	PC: 13483 \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:54:04.025813995Z	87	PC: 13452 \| Get or set file date and time
2018-12-17T22:54:04.027880276Z	62	PC: 1356b \| Close file
2018-12-17T22:54:04.035728759Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:04.047908507Z	75	PC: 13035 \| Execute program
2018-12-17T22:54:04.058176976Z	26	PC: 1387d \| Set disk transfer address
2018-12-17T22:54:04.05968021Z	78	PC: 1388f \| Find first file
2018-12-17T22:54:04.072809902Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:04.079767842Z	65	PC: 13b9d \| Delete file (Filename = 'anti-vir.dat')
2018-12-17T22:54:04.086214381Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:04.093159727Z	65	PC: 13b9d \| Delete file (Filename = 'chklist.ms')
2018-12-17T22:54:04.099681838Z	67	PC: 1336c \| Get or set file attributes
2018-12-17T22:54:04.121569542Z	65	PC: 13b9d \| Delete file (Filename = 'chklist.cps')
2018-12-17T22:54:04.133130869Z	47	PC: 19815 \| Get disk transfer address
2018-12-17T22:54:04.134482558Z	26	PC: 19820 \| Set disk transfer address
2018-12-17T22:54:04.135593465Z	78	PC: 1982c \| Find first file
2018-12-17T22:54:04.143790361Z	26	PC: 1983e \| Set disk transfer address
2018-12-17T22:54:04.147274456Z	26	PC: 1387d \| Set disk transfer address
2018-12-17T22:54:04.148988215Z	78	PC: 1388f \| Find first file
2018-12-17T22:54:04.158177557Z	47	PC: 19852 \| Get disk transfer address
2018-12-17T22:54:04.159781049Z	26	PC: 1985d \| Set disk transfer address
2018-12-17T22:54:04.16132588Z	79	PC: 19861 \| Find next file
2018-12-17T22:54:04.165516131Z	26	PC: 19871 \| Set disk transfer address
2018-12-17T22:54:04.167617609Z	47	PC: 19815 \| Get disk transfer address
2018-12-17T22:54:04.169158764Z	26	PC: 19820 \| Set disk transfer address
2018-12-17T22:54:04.171992106Z	78	PC: 1982c \| Find first file
2018-12-17T22:54:04.177804765Z	26	PC: 1983e \| Set disk transfer address
2018-12-17T22:54:04.179637196Z	26	PC: 1387d \| Set disk transfer address
2018-12-17T22:54:04.181348551Z	78	PC: 1388f \| Find first file
2018-12-17T22:54:04.187119681Z	47	PC: 19852 \| Get disk transfer address
2018-12-17T22:54:04.188669763Z	26	PC: 1985d \| Set disk transfer address
2018-12-17T22:54:04.19142567Z	79	PC: 19861 \| Find next file
2018-12-17T22:54:04.194531684Z	26	PC: 19871 \| Set disk transfer address
2018-12-17T22:54:04.197101451Z	26	PC: 1387d \| Set disk transfer address
2018-12-17T22:54:04.199792666Z	78	PC: 1388f \| Find first file
2018-12-17T22:54:04.206428051Z	47	PC: 19852 \| Get disk transfer address
2018-12-17T22:54:04.208177677Z	26	PC: 1985d \| Set disk transfer address
2018-12-17T22:54:04.210786277Z	79	PC: 19861 \| Find next file
2018-12-17T22:54:04.213085075Z	26	PC: 19871 \| Set disk transfer address
2018-12-17T22:54:04.2158936Z	26	PC: 1387d \| Set disk transfer address
2018-12-17T22:54:04.217529494Z	78	PC: 1388f \| Find first file
2018-12-17T22:54:04.223109815Z	47	PC: 19852 \| Get disk transfer address
2018-12-17T22:54:04.224394198Z	26	PC: 1985d \| Set disk transfer address
2018-12-17T22:54:04.225966592Z	79	PC: 19861 \| Find next file
2018-12-17T22:54:04.228186181Z	26	PC: 19871 \| Set disk transfer address
2018-12-17T22:54:04.230632055Z	26	PC: 1387d \| Set disk transfer address
2018-12-17T22:54:04.231680645Z	78	PC: 1388f \| Find first file
2018-12-17T22:54:04.23648538Z	47	PC: 19852 \| Get disk transfer address
2018-12-17T22:54:04.238195723Z	26	PC: 1985d \| Set disk transfer address
2018-12-17T22:54:04.239219967Z	79	PC: 19861 \| Find next file
2018-12-17T22:54:04.241403408Z	26	PC: 19871 \| Set disk transfer address
2018-12-17T22:54:04.24513077Z	26	PC: 1387d \| Set disk transfer address
2018-12-17T22:54:04.246714815Z	78	PC: 1388f \| Find first file
2018-12-17T22:54:04.253615066Z	47	PC: 19852 \| Get disk transfer address
2018-12-17T22:54:04.256172631Z	26	PC: 1985d \| Set disk transfer address
2018-12-17T22:54:04.258132733Z	79	PC: 19861 \| Find next file
2018-12-17T22:54:04.261296074Z	26	PC: 19871 \| Set disk transfer address
2018-12-17T22:54:04.264882742Z	26	PC: 1387d \| Set disk transfer address
2018-12-17T22:54:04.266480553Z	78	PC: 1388f \| Find first file
2018-12-17T22:54:04.273350186Z	47	PC: 19852 \| Get disk transfer address
2018-12-17T22:54:04.276162149Z	26	PC: 1985d \| Set disk transfer address
2018-12-17T22:54:04.277709556Z	79	PC: 19861 \| Find next file
2018-12-17T22:54:04.280787958Z	26	PC: 19871 \| Set disk transfer address
2018-12-17T22:54:04.284549754Z	26	PC: 1387d \| Set disk transfer address
2018-12-17T22:54:04.286092923Z	78	PC: 1388f \| Find first file
2018-12-17T22:54:04.293554258Z	47	PC: 19852 \| Get disk transfer address
2018-12-17T22:54:04.296224865Z	26	PC: 1985d \| Set disk transfer address
2018-12-17T22:54:04.297769015Z	79	PC: 19861 \| Find next file
2018-12-17T22:54:04.300692356Z	26	PC: 19871 \| Set disk transfer address
2018-12-17T22:54:04.3043889Z	76	PC: 1311f \| Terminate with return code (Return code = '0')