Sample viewer

vx.netlux.org/Virus.DOS.Sirius.Annihilator.599

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:56:43.037685113Z	53	PC: 15308 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:56:43.04032394Z	37	PC: 15319 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:56:43.042106298Z	26	PC: 15195 \| Set disk transfer address
2018-12-17T22:56:43.043423064Z	25	PC: 151a3 \| Get default drive
2018-12-17T22:56:43.044998478Z	14	PC: 151ae \| Set default drive (Drive = 'C')
2018-12-17T22:56:43.047461899Z	78	PC: 151de \| Find first file
2018-12-17T22:56:43.051882356Z	61	PC: 151e9 \| Open file (Filename = 'COMMAND.COM')
2018-12-17T22:56:43.056767906Z	66	PC: 152e3 \| Move file pointer
2018-12-17T22:56:43.058896934Z	62	PC: 15210 \| Close file
2018-12-17T22:56:43.060318923Z	79	PC: 151de \| Find next file
2018-12-17T22:56:43.063033714Z	14	PC: 151ba \| Set default drive (Drive = 'A')
2018-12-17T22:56:43.064454207Z	78	PC: 151de \| Find first file
2018-12-17T22:56:43.068614404Z	61	PC: 151e9 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:56:43.073146094Z	66	PC: 152e3 \| Move file pointer
2018-12-17T22:56:43.075005537Z	62	PC: 15210 \| Close file
2018-12-17T22:56:43.077214294Z	79	PC: 151de \| Find next file
2018-12-17T22:56:43.079617535Z	61	PC: 151e9 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:56:43.086440797Z	66	PC: 152e3 \| Move file pointer
2018-12-17T22:56:43.087976152Z	62	PC: 15210 \| Close file
2018-12-17T22:56:43.089515598Z	79	PC: 151de \| Find next file
2018-12-17T22:56:43.092247029Z	61	PC: 151e9 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:56:43.096679094Z	66	PC: 152e3 \| Move file pointer
2018-12-17T22:56:43.097836562Z	62	PC: 15210 \| Close file
2018-12-17T22:56:43.099447972Z	79	PC: 151de \| Find next file
2018-12-17T22:56:43.101594421Z	61	PC: 151e9 \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:56:43.121135764Z	66	PC: 152e3 \| Move file pointer
2018-12-17T22:56:43.123117573Z	62	PC: 15210 \| Close file
2018-12-17T22:56:43.126765312Z	79	PC: 151de \| Find next file
2018-12-17T22:56:43.129917843Z	61	PC: 151e9 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:56:43.137477232Z	66	PC: 152e3 \| Move file pointer
2018-12-17T22:56:43.139571931Z	62	PC: 15210 \| Close file
2018-12-17T22:56:43.141079707Z	79	PC: 151de \| Find next file
2018-12-17T22:56:43.143008537Z	61	PC: 151e9 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:56:43.147899087Z	66	PC: 152e3 \| Move file pointer
2018-12-17T22:56:43.149102468Z	62	PC: 15210 \| Close file
2018-12-17T22:56:43.150479537Z	79	PC: 151de \| Find next file
2018-12-17T22:56:43.152901502Z	61	PC: 151e9 \| Open file (Filename = 'PAH.COM')
2018-12-17T22:56:43.157296289Z	66	PC: 152e3 \| Move file pointer
2018-12-17T22:56:43.158783757Z	62	PC: 15210 \| Close file
2018-12-17T22:56:43.161344879Z	79	PC: 151de \| Find next file
2018-12-17T22:56:43.164194994Z	61	PC: 151e9 \| Open file (Filename = 'TEST.COM')
2018-12-17T22:56:43.168619458Z	66	PC: 152e3 \| Move file pointer
2018-12-17T22:56:43.182090503Z	87	PC: 15200 \| Get or set file date and time
2018-12-17T22:56:43.183669008Z	44	PC: 15220 \| Get time 0x15220: cmp dx, 0x100 0x15224: jbe 0x1521c 0x15226: mov word ptr ds:[bp + 0x11e], dx 0x1522b: and dx, 7 0x1522e: add dx, dx 0x15230: mov word ptr [0xf4], dx 0x15234: mov ax, 0x4200 0x15237: call 0x152dd 0x1523a: mov ah, 0x3f 0x1523c: lea dx, word ptr [bp + 0x353] 0x15240: mov cx, 3 0x15243: int 0x21 0x15245: cmp byte ptr ds:[bp + 0x353], 0x4d 0x1524b: je 0x1520c 0x1524d: cmp byte ptr ds:[bp + 0x353], 0x5a 0x15253: je 0x1520c 0x15255: mov ax, 0x4202 0x15258: call 0x152dd 0x1525b: sub ax, 3 0x1525e: mov word ptr ds:[bp + 0x351], ax
2018-12-17T22:56:43.1860325Z	66	PC: 152e3 \| Move file pointer
2018-12-17T22:56:43.187500577Z	63	PC: 15245 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:56:43.195491606Z	66	PC: 152e3 \| Move file pointer
2018-12-17T22:56:43.197134295Z	64	PC: 1529d \| Write file or device (Write 599 bytes on handle 5)
2018-12-17T22:56:43.222540608Z	66	PC: 152e3 \| Move file pointer
2018-12-17T22:56:43.236291804Z	64	PC: 152b0 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:56:43.239766191Z	87	PC: 152b7 \| Get or set file date and time
2018-12-17T22:56:43.241748871Z	62	PC: 152bb \| Close file
2018-12-17T22:56:43.248589029Z	42	PC: 152bf \| Get date 0x152bf: test dh, 1 0x152c2: jne 0x152dc 0x152c4: cmp dh, dl 0x152c6: jne 0x152dc 0x152c8: cmp cx, 0x7ca 0x152cc: jbe 0x152dc 0x152ce: cmp al, 4 0x152d0: jbe 0x152dc 0x152d2: mov ah, 9 0x152d4: lea dx, word ptr [bp + 0x2e6] 0x152d8: int 0x21 0x152da: cli 0x152db: hlt 0x152dc: ret 0x152dd: xor cx, cx 0x152df: xor dx, dx 0x152e1: int 0x21 0x152e3: ret 0x152e4: pop word ptr cs:[0xf6] 0x152e9: pop es
2018-12-17T22:56:43.25031448Z	78	PC: 151de \| Find first file
2018-12-17T22:56:43.254398261Z	61	PC: 151e9 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:56:43.259268584Z	66	PC: 152e3 \| Move file pointer
2018-12-17T22:56:43.260413718Z	62	PC: 15210 \| Close file
2018-12-17T22:56:43.262171265Z	79	PC: 151de \| Find next file
2018-12-17T22:56:43.264346436Z	61	PC: 151e9 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:56:43.268846026Z	66	PC: 152e3 \| Move file pointer
2018-12-17T22:56:43.270259649Z	62	PC: 15210 \| Close file
2018-12-17T22:56:43.272064063Z	79	PC: 151de \| Find next file
2018-12-17T22:56:43.274165946Z	61	PC: 151e9 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:56:43.278766229Z	66	PC: 152e3 \| Move file pointer
2018-12-17T22:56:43.28051245Z	62	PC: 15210 \| Close file
2018-12-17T22:56:43.282221931Z	79	PC: 151de \| Find next file
2018-12-17T22:56:43.284118524Z	61	PC: 151e9 \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:56:43.288599525Z	66	PC: 152e3 \| Move file pointer
2018-12-17T22:56:43.290481914Z	62	PC: 15210 \| Close file
2018-12-17T22:56:43.291955805Z	79	PC: 151de \| Find next file
2018-12-17T22:56:43.293873954Z	61	PC: 151e9 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:56:43.298813298Z	66	PC: 152e3 \| Move file pointer
2018-12-17T22:56:43.30014286Z	62	PC: 15210 \| Close file
2018-12-17T22:56:43.301889237Z	79	PC: 151de \| Find next file
2018-12-17T22:56:43.304877556Z	61	PC: 151e9 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:56:43.311687968Z	66	PC: 152e3 \| Move file pointer
2018-12-17T22:56:43.313450754Z	62	PC: 15210 \| Close file
2018-12-17T22:56:43.316131581Z	79	PC: 151de \| Find next file
2018-12-17T22:56:43.318969911Z	61	PC: 151e9 \| Open file (Filename = 'PAH.COM')
2018-12-17T22:56:43.325917502Z	66	PC: 152e3 \| Move file pointer
2018-12-17T22:56:43.327492015Z	62	PC: 15210 \| Close file
2018-12-17T22:56:43.329040671Z	79	PC: 151de \| Find next file
2018-12-17T22:56:43.330762493Z	61	PC: 151e9 \| Open file (Filename = 'TEST.COM')
2018-12-17T22:56:43.335727996Z	66	PC: 152e3 \| Move file pointer
2018-12-17T22:56:43.337438703Z	87	PC: 15200 \| Get or set file date and time
2018-12-17T22:56:43.338885849Z	62	PC: 15210 \| Close file
2018-12-17T22:56:43.340798384Z	79	PC: 151de \| Find next file
2018-12-17T22:56:43.342523716Z	26	PC: 151c7 \| Set disk transfer address
2018-12-17T22:56:43.343489106Z	37	PC: 15329 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:56:43.347091007Z	9	PC: 12bb5 \| Display string (String= '')
2018-12-17T22:56:43.348796111Z	9	PC: 12bbc \| Display string (Could not find end pointer)
2018-12-17T22:56:43.355764333Z	76	PC: 12bd2 \| Terminate with return code (Return code = '0')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":12313,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:32:27.865169633Z	53	PC: 15308 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:32:27.866909031Z	37	PC: 15319 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:32:27.868375235Z	26	PC: 15195 \| Set disk transfer address
2018-12-25T12:32:27.869459177Z	25	PC: 151a3 \| Get default drive
2018-12-25T12:32:27.879482828Z	14	PC: 151ae \| Set default drive (Drive = 'C')
2018-12-25T12:32:27.880372496Z	78	PC: 151de \| Find first file
2018-12-25T12:32:27.883670602Z	61	PC: 151e9 \| Open file (Filename = 'COMMAND.COM')
2018-12-25T12:32:27.888232328Z	66	PC: 152e3 \| Move file pointer
2018-12-25T12:32:27.889759719Z	62	PC: 15210 \| Close file
2018-12-25T12:32:27.891469293Z	79	PC: 151de \| Find next file (See above)
2018-12-25T12:32:27.89432031Z	14	PC: 151ba \| Set default drive (Drive = 'A')
2018-12-25T12:32:27.895499552Z	78	PC: 151de \| Find first file (See above)
2018-12-25T12:32:27.901718118Z	61	PC: 151e9 \| Open file (See above)
2018-12-25T12:32:27.908536738Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:27.910111644Z	62	PC: 15210 \| Close file (See above)
2018-12-25T12:32:27.926851376Z	79	PC: 151de \| Find next file (See above)
2018-12-25T12:32:27.929915946Z	61	PC: 151e9 \| Open file (See above)
2018-12-25T12:32:27.93626227Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:27.937548393Z	62	PC: 15210 \| Close file (See above)
2018-12-25T12:32:27.940544624Z	79	PC: 151de \| Find next file (See above)
2018-12-25T12:32:27.943198224Z	61	PC: 151e9 \| Open file (See above)
2018-12-25T12:32:27.949671581Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:27.952126924Z	62	PC: 15210 \| Close file (See above)
2018-12-25T12:32:27.954128028Z	79	PC: 151de \| Find next file (See above)
2018-12-25T12:32:27.957277957Z	61	PC: 151e9 \| Open file (See above)
2018-12-25T12:32:27.964412511Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:27.965935435Z	62	PC: 15210 \| Close file (See above)
2018-12-25T12:32:27.967578473Z	79	PC: 151de \| Find next file (See above)
2018-12-25T12:32:27.970264603Z	61	PC: 151e9 \| Open file (See above)
2018-12-25T12:32:27.976561768Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:27.977804008Z	62	PC: 15210 \| Close file (See above)
2018-12-25T12:32:27.979880534Z	79	PC: 151de \| Find next file (See above)
2018-12-25T12:32:27.982195745Z	61	PC: 151e9 \| Open file (See above)
2018-12-25T12:32:27.988520688Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:27.994487149Z	62	PC: 15210 \| Close file (See above)
2018-12-25T12:32:27.996520885Z	79	PC: 151de \| Find next file (See above)
2018-12-25T12:32:27.998961504Z	61	PC: 151e9 \| Open file (See above)
2018-12-25T12:32:28.004084567Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:28.005100221Z	62	PC: 15210 \| Close file (See above)
2018-12-25T12:32:28.006271087Z	79	PC: 151de \| Find next file (See above)
2018-12-25T12:32:28.010452914Z	61	PC: 151e9 \| Open file (See above)
2018-12-25T12:32:28.014774182Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:28.015703558Z	87	PC: 15200 \| Get or set file date and time
2018-12-25T12:32:28.017133987Z	44	PC: 15220 \| Get time 0x15220: cmp dx, 0x100 0x15224: jbe 0x1521c 0x15226: mov word ptr ds:[bp + 0x11e], dx 0x1522b: and dx, 7 0x1522e: add dx, dx 0x15230: mov word ptr [0xf4], dx 0x15234: mov ax, 0x4200 0x15237: call 0x152dd 0x1523a: mov ah, 0x3f 0x1523c: lea dx, word ptr [bp + 0x353] 0x15240: mov cx, 3 0x15243: int 0x21 0x15245: cmp byte ptr ds:[bp + 0x353], 0x4d 0x1524b: je 0x1520c 0x1524d: cmp byte ptr ds:[bp + 0x353], 0x5a 0x15253: je 0x1520c 0x15255: mov ax, 0x4202 0x15258: call 0x152dd 0x1525b: sub ax, 3 0x1525e: mov word ptr ds:[bp + 0x351], ax
2018-12-25T12:32:28.018930608Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:28.02026707Z	63	PC: 15245 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:32:28.030336711Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:28.031908403Z	64	PC: 1529d \| Write file or device (Write 599 bytes on handle 5)
2018-12-25T12:32:28.845028807Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:28.846731972Z	64	PC: 152b0 \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:32:28.849579839Z	87	PC: 152b7 \| Get or set file date and time
2018-12-25T12:32:28.851102161Z	62	PC: 152bb \| Close file
2018-12-25T12:32:28.862000583Z	42	PC: 152bf \| Get date 0x152bf: test dh, 1 0x152c2: jne 0x152dc 0x152c4: cmp dh, dl 0x152c6: jne 0x152dc 0x152c8: cmp cx, 0x7ca 0x152cc: jbe 0x152dc 0x152ce: cmp al, 4 0x152d0: jbe 0x152dc 0x152d2: mov ah, 9 0x152d4: lea dx, word ptr [bp + 0x2e6] 0x152d8: int 0x21 0x152da: cli 0x152db: hlt 0x152dc: ret 0x152dd: xor cx, cx 0x152df: xor dx, dx 0x152e1: int 0x21 0x152e3: ret 0x152e4: pop word ptr cs:[0xf6] 0x152e9: pop es
2018-12-25T12:32:28.864345742Z	78	PC: 151de \| Find first file (See above)
2018-12-25T12:32:28.870231213Z	61	PC: 151e9 \| Open file (See above)
2018-12-25T12:32:28.877810971Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:28.87910089Z	62	PC: 15210 \| Close file (See above)
2018-12-25T12:32:28.880712777Z	79	PC: 151de \| Find next file (See above)
2018-12-25T12:32:28.883268057Z	61	PC: 151e9 \| Open file (See above)
2018-12-25T12:32:28.890575281Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:28.89190919Z	62	PC: 15210 \| Close file (See above)
2018-12-25T12:32:28.893679631Z	79	PC: 151de \| Find next file (See above)
2018-12-25T12:32:28.896972265Z	61	PC: 151e9 \| Open file (See above)
2018-12-25T12:32:28.9040793Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:28.905495584Z	62	PC: 15210 \| Close file (See above)
2018-12-25T12:32:28.907968577Z	79	PC: 151de \| Find next file (See above)
2018-12-25T12:32:28.910401323Z	61	PC: 151e9 \| Open file (See above)
2018-12-25T12:32:28.91676495Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:28.918487308Z	62	PC: 15210 \| Close file (See above)
2018-12-25T12:32:28.92010946Z	79	PC: 151de \| Find next file (See above)
2018-12-25T12:32:28.929880441Z	61	PC: 151e9 \| Open file (See above)
2018-12-25T12:32:28.9364536Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:28.93790158Z	62	PC: 15210 \| Close file (See above)
2018-12-25T12:32:28.939537026Z	79	PC: 151de \| Find next file (See above)
2018-12-25T12:32:28.942783065Z	61	PC: 151e9 \| Open file (See above)
2018-12-25T12:32:28.949395706Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:28.950968902Z	62	PC: 15210 \| Close file (See above)
2018-12-25T12:32:28.95347593Z	79	PC: 151de \| Find next file (See above)
2018-12-25T12:32:28.956046415Z	61	PC: 151e9 \| Open file (See above)
2018-12-25T12:32:28.96310096Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:28.965886173Z	62	PC: 15210 \| Close file (See above)
2018-12-25T12:32:28.968578283Z	79	PC: 151de \| Find next file (See above)
2018-12-25T12:32:28.971166221Z	61	PC: 151e9 \| Open file (See above)
2018-12-25T12:32:28.978491921Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:28.979969301Z	87	PC: 15200 \| Get or set file date and time (See above)
2018-12-25T12:32:28.981416481Z	62	PC: 15210 \| Close file (See above)
2018-12-25T12:32:28.984101903Z	79	PC: 151de \| Find next file (See above)
2018-12-25T12:32:28.986382891Z	26	PC: 151c7 \| Set disk transfer address
2018-12-25T12:32:28.987527615Z	37	PC: 15329 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:32:28.991611751Z	9	PC: 12bb5 \| Display string (String= '')
2018-12-25T12:32:28.993954197Z	9	PC: 12bbc \| Display string (Could not find end pointer)
2018-12-25T12:32:29.004543034Z	76	PC: 12bd2 \| Terminate with return code (Return code = '0')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":1,"TimeBased":true,"OriginalID":12313,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:32:28.301580433Z	53	PC: 15308 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:32:28.303325132Z	37	PC: 15319 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:32:28.3053217Z	26	PC: 15195 \| Set disk transfer address
2018-12-25T12:32:28.306491547Z	25	PC: 151a3 \| Get default drive
2018-12-25T12:32:28.307557464Z	14	PC: 151ae \| Set default drive (Drive = 'C')
2018-12-25T12:32:28.308798162Z	78	PC: 151de \| Find first file
2018-12-25T12:32:28.315222013Z	61	PC: 151e9 \| Open file (Filename = 'COMMAND.COM')
2018-12-25T12:32:28.326815285Z	66	PC: 152e3 \| Move file pointer
2018-12-25T12:32:28.328315085Z	62	PC: 15210 \| Close file
2018-12-25T12:32:28.330022369Z	79	PC: 151de \| Find next file (See above)
2018-12-25T12:32:28.332978029Z	14	PC: 151ba \| Set default drive (Drive = 'A')
2018-12-25T12:32:28.33427704Z	78	PC: 151de \| Find first file (See above)
2018-12-25T12:32:28.340980288Z	61	PC: 151e9 \| Open file (See above)
2018-12-25T12:32:28.349389785Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:28.351305854Z	62	PC: 15210 \| Close file (See above)
2018-12-25T12:32:28.353192959Z	79	PC: 151de \| Find next file (See above)
2018-12-25T12:32:28.370528462Z	61	PC: 151e9 \| Open file (See above)
2018-12-25T12:32:28.377854697Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:28.379411304Z	62	PC: 15210 \| Close file (See above)
2018-12-25T12:32:28.382254356Z	79	PC: 151de \| Find next file (See above)
2018-12-25T12:32:28.385341203Z	61	PC: 151e9 \| Open file (See above)
2018-12-25T12:32:28.393377771Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:28.395534118Z	62	PC: 15210 \| Close file (See above)
2018-12-25T12:32:28.398210056Z	79	PC: 151de \| Find next file (See above)
2018-12-25T12:32:28.401416534Z	61	PC: 151e9 \| Open file (See above)
2018-12-25T12:32:28.409918702Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:28.412831215Z	62	PC: 15210 \| Close file (See above)
2018-12-25T12:32:28.41527705Z	79	PC: 151de \| Find next file (See above)
2018-12-25T12:32:28.418625469Z	61	PC: 151e9 \| Open file (See above)
2018-12-25T12:32:28.427481122Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:28.429214789Z	62	PC: 15210 \| Close file (See above)
2018-12-25T12:32:28.431291264Z	79	PC: 151de \| Find next file (See above)
2018-12-25T12:32:28.441412933Z	61	PC: 151e9 \| Open file (See above)
2018-12-25T12:32:28.44925629Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:28.45130789Z	62	PC: 15210 \| Close file (See above)
2018-12-25T12:32:28.454169393Z	79	PC: 151de \| Find next file (See above)
2018-12-25T12:32:28.457351885Z	61	PC: 151e9 \| Open file (See above)
2018-12-25T12:32:28.464989268Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:28.467199872Z	62	PC: 15210 \| Close file (See above)
2018-12-25T12:32:28.470425156Z	79	PC: 151de \| Find next file (See above)
2018-12-25T12:32:28.473605203Z	61	PC: 151e9 \| Open file (See above)
2018-12-25T12:32:28.482027289Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:28.485034133Z	87	PC: 15200 \| Get or set file date and time
2018-12-25T12:32:28.486923126Z	44	PC: 15220 \| Get time 0x15220: cmp dx, 0x100 0x15224: jbe 0x1521c 0x15226: mov word ptr ds:[bp + 0x11e], dx 0x1522b: and dx, 7 0x1522e: add dx, dx 0x15230: mov word ptr [0xf4], dx 0x15234: mov ax, 0x4200 0x15237: call 0x152dd 0x1523a: mov ah, 0x3f 0x1523c: lea dx, word ptr [bp + 0x353] 0x15240: mov cx, 3 0x15243: int 0x21 0x15245: cmp byte ptr ds:[bp + 0x353], 0x4d 0x1524b: je 0x1520c 0x1524d: cmp byte ptr ds:[bp + 0x353], 0x5a 0x15253: je 0x1520c 0x15255: mov ax, 0x4202 0x15258: call 0x152dd 0x1525b: sub ax, 3 0x1525e: mov word ptr ds:[bp + 0x351], ax
2018-12-25T12:32:28.489640808Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:28.492308784Z	63	PC: 15245 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:32:28.495820799Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:28.497723417Z	64	PC: 1529d \| Write file or device (Write 599 bytes on handle 5)
2018-12-25T12:32:28.516082041Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:28.518233734Z	64	PC: 152b0 \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:32:28.521342839Z	87	PC: 152b7 \| Get or set file date and time
2018-12-25T12:32:28.523659267Z	62	PC: 152bb \| Close file
2018-12-25T12:32:28.533070432Z	42	PC: 152bf \| Get date 0x152bf: test dh, 1 0x152c2: jne 0x152dc 0x152c4: cmp dh, dl 0x152c6: jne 0x152dc 0x152c8: cmp cx, 0x7ca 0x152cc: jbe 0x152dc 0x152ce: cmp al, 4 0x152d0: jbe 0x152dc 0x152d2: mov ah, 9 0x152d4: lea dx, word ptr [bp + 0x2e6] 0x152d8: int 0x21 0x152da: cli 0x152db: hlt 0x152dc: ret 0x152dd: xor cx, cx 0x152df: xor dx, dx 0x152e1: int 0x21 0x152e3: ret 0x152e4: pop word ptr cs:[0xf6] 0x152e9: pop es
2018-12-25T12:32:28.535411847Z	78	PC: 151de \| Find first file (See above)
2018-12-25T12:32:28.541964496Z	61	PC: 151e9 \| Open file (See above)
2018-12-25T12:32:28.549463857Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:28.551281254Z	62	PC: 15210 \| Close file (See above)
2018-12-25T12:32:28.553368418Z	79	PC: 151de \| Find next file (See above)
2018-12-25T12:32:28.556558575Z	61	PC: 151e9 \| Open file (See above)
2018-12-25T12:32:28.564551034Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:28.566946592Z	62	PC: 15210 \| Close file (See above)
2018-12-25T12:32:28.569206603Z	79	PC: 151de \| Find next file (See above)
2018-12-25T12:32:28.57300239Z	61	PC: 151e9 \| Open file (See above)
2018-12-25T12:32:28.58011937Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:28.582054678Z	62	PC: 15210 \| Close file (See above)
2018-12-25T12:32:28.584295137Z	79	PC: 151de \| Find next file (See above)
2018-12-25T12:32:28.586834858Z	61	PC: 151e9 \| Open file (See above)
2018-12-25T12:32:28.594179286Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:28.595668143Z	62	PC: 15210 \| Close file (See above)
2018-12-25T12:32:28.597513754Z	79	PC: 151de \| Find next file (See above)
2018-12-25T12:32:28.600666726Z	61	PC: 151e9 \| Open file (See above)
2018-12-25T12:32:28.607982435Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:28.609637692Z	62	PC: 15210 \| Close file (See above)
2018-12-25T12:32:28.612345401Z	79	PC: 151de \| Find next file (See above)
2018-12-25T12:32:28.615400418Z	61	PC: 151e9 \| Open file (See above)
2018-12-25T12:32:28.622685914Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:28.624659842Z	62	PC: 15210 \| Close file (See above)
2018-12-25T12:32:28.627416393Z	79	PC: 151de \| Find next file (See above)
2018-12-25T12:32:28.630259082Z	61	PC: 151e9 \| Open file (See above)
2018-12-25T12:32:28.637362635Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:28.639315464Z	62	PC: 15210 \| Close file (See above)
2018-12-25T12:32:28.641517945Z	79	PC: 151de \| Find next file (See above)
2018-12-25T12:32:28.644335606Z	61	PC: 151e9 \| Open file (See above)
2018-12-25T12:32:28.651556057Z	66	PC: 152e3 \| Move file pointer (See above)
2018-12-25T12:32:28.653095833Z	87	PC: 15200 \| Get or set file date and time (See above)
2018-12-25T12:32:28.654366514Z	62	PC: 15210 \| Close file (See above)
2018-12-25T12:32:28.65769764Z	79	PC: 151de \| Find next file (See above)
2018-12-25T12:32:28.660491542Z	26	PC: 151c7 \| Set disk transfer address
2018-12-25T12:32:28.66200426Z	37	PC: 15329 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:32:28.666824662Z	9	PC: 12bb5 \| Display string (String= '')
2018-12-25T12:32:28.669830558Z	9	PC: 12bbc \| Display string (Could not find end pointer)
2018-12-25T12:32:28.682752988Z	76	PC: 12bd2 \| Terminate with return code (Return code = '0')