Sample viewer

vx.netlux.org/Virus.DOS.Taek.2072

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:02:17.486969906Z 47 PC: 1be45 | Get disk transfer address
2018-12-17T23:02:17.489454199Z 26 PC: 1be57 | Set disk transfer address
2018-12-17T23:02:17.491176795Z 78 PC: 1be62 | Find first file
2018-12-17T23:02:17.498372361Z 255 PC: 1be72 | UNKNOWN!
2018-12-17T23:02:17.50036626Z 79 PC: 1be62 | Find next file
2018-12-17T23:02:17.503298797Z 26 PC: 1be7c | Set disk transfer address
2018-12-17T23:02:17.505281888Z 255 PC: 1be82 | UNKNOWN!
2018-12-17T23:02:17.514788395Z 74 PC: 1bea8 | Reallocate memory
2018-12-17T23:02:17.51882255Z 72 PC: 1beb2 | Allocate memory
2018-12-17T23:02:17.521044615Z 72 PC: 1bec7 | Allocate memory
2018-12-17T23:02:17.523510318Z 74 PC: 9ed83 | Reallocate memory
2018-12-17T23:02:17.529710965Z 75 PC: 9edc3 | Execute program
2018-12-17T23:02:17.551770422Z 47 PC: 1bfa5 | Get disk transfer address
2018-12-17T23:02:17.553483876Z 26 PC: 1bfb7 | Set disk transfer address
2018-12-17T23:02:17.556018929Z 78 PC: 1bfc2 | Find first file
2018-12-17T23:02:17.563180315Z 67 PC: 9edc3 | Get or set file attributes
2018-12-17T23:02:17.56991858Z 67 PC: 9edc3 | Get or set file attributes
2018-12-17T23:02:17.588465586Z 61 PC: 9edc3 | Open file
2018-12-17T23:02:17.596714728Z 87 PC: 9edc3 | Get or set file date and time
2018-12-17T23:02:17.59900872Z 66 PC: 9edc3 | Move file pointer
2018-12-17T23:02:17.601996601Z 66 PC: 9edc3 | Move file pointer
2018-12-17T23:02:17.604350322Z 63 PC: 9edc3 | Read file or device (Read 64 bytes on handle 5)
2018-12-17T23:02:17.607816606Z 66 PC: 9edc3 | Move file pointer
2018-12-17T23:02:17.6104679Z 63 PC: 9edc3 | Read file or device (Read 2 bytes on handle 5)
2018-12-17T23:02:17.613490834Z 66 PC: 9edc3 | Move file pointer
2018-12-17T23:02:17.615562201Z 64 PC: 9edc3 | Write file or device (Write 32 bytes on handle 5)
2018-12-17T23:02:17.620396181Z 66 PC: 9edc3 | Move file pointer
2018-12-17T23:02:17.623553754Z 64 PC: 9edc3 | Write file or device (Write 30 bytes on handle 5)
2018-12-17T23:02:17.62759913Z 64 PC: 9edc3 | Write file or device (Write 2072 bytes on handle 5)
2018-12-17T23:02:17.63791087Z 64 PC: 9edc3 | Write file or device (Write 49 bytes on handle 5)
2018-12-17T23:02:17.64300053Z 64 PC: 9edc3 | Write file or device (Write 30 bytes on handle 5)
2018-12-17T23:02:17.646501231Z 87 PC: 9edc3 | Get or set file date and time
2018-12-17T23:02:17.649041281Z 44 PC: 9f1eb | Get time 0x9f1eb: cmp ch, 0x17
0x9f1ee: jb 0x9f208
0x9f1f0: mov dx, 0x3c8
0x9f1f3: mov al, 0
0x9f1f5: out dx, al
0x9f1f6: mov dx, 0x3c9
0x9f1f9: mov al, 0
0x9f1fb: out dx, al
0x9f1fc: mov dx, 0x3c9
0x9f1ff: mov al, 0
0x9f201: out dx, al
0x9f202: mov dx, 0x3c9
0x9f205: mov al, 0x3f
0x9f207: out dx, al
0x9f208: ret
0x9f209: push di
0x9f20a: insb byte ptr es:[di], dx
0x9f20c: arpl word ptr [bx + 0x6d], bp
0x9f20f: and byte ptr gs:[si + 0x6f], dh
0x9f213: and byte ptr [bp + si + 0x6c], al
2018-12-17T23:02:17.652722828Z 62 PC: 9edc3 | Close file
2018-12-17T23:02:17.662568803Z 67 PC: 9edc3 | Get or set file attributes
2018-12-17T23:02:17.675810526Z 255 PC: 1bfd2 | UNKNOWN!
2018-12-17T23:02:17.678154697Z 79 PC: 1bfc2 | Find next file
2018-12-17T23:02:17.681675395Z 26 PC: 1bfdc | Set disk transfer address
2018-12-17T23:02:17.685563945Z 48 PC: 2ac5e | Get DOS version
2018-12-17T23:02:17.688403094Z 53 PC: 2ad67 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:02:17.694103137Z 48 PC: 2ac5e | Get DOS version
2018-12-17T23:02:17.696710224Z 53 PC: 2ad67 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:02:17.703210298Z 48 PC: 2ac5e | Get DOS version
2018-12-17T23:02:17.704755359Z 53 PC: 2ad67 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:02:17.711425085Z 48 PC: 2ac5e | Get DOS version
2018-12-17T23:02:17.713913042Z 53 PC: 2ad67 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:02:17.722263792Z 48 PC: 2ac5e | Get DOS version
2018-12-17T23:02:17.723960511Z 53 PC: 2ad67 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:02:17.732330639Z 48 PC: 2ac5e | Get DOS version
2018-12-17T23:02:17.734946152Z 53 PC: 2ad67 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:02:17.743843984Z 48 PC: 2ac5e | Get DOS version
2018-12-17T23:02:17.745537658Z 53 PC: 2ad67 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:02:17.75579244Z 48 PC: 2ac5e | Get DOS version
2018-12-17T23:02:17.757488993Z 53 PC: 2ad67 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:02:17.766358699Z 48 PC: 2ac5e | Get DOS version
2018-12-17T23:02:17.769910169Z 53 PC: 2ad67 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:02:17.778290768Z 48 PC: 2ac5e | Get DOS version
2018-12-17T23:02:17.779965253Z 53 PC: 2ad67 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:02:17.789934999Z 48 PC: 2ac5e | Get DOS version
2018-12-17T23:02:17.791432994Z 53 PC: 2ad67 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:02:17.800085857Z 48 PC: 2ac5e | Get DOS version
2018-12-17T23:02:17.802741524Z 53 PC: 2ad67 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:02:17.809284362Z 48 PC: 2ac5e | Get DOS version
2018-12-17T23:02:17.811053329Z 53 PC: 2ad67 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:02:17.815356653Z 48 PC: 12bac | Get DOS version
2018-12-17T23:02:17.817016025Z 53 PC: 12d0e | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:02:17.818667668Z 53 PC: 12d1b | Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T23:02:17.821134104Z 53 PC: 12d28 | Get interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T23:02:17.822942233Z 53 PC: 12d35 | Get interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-17T23:02:17.824668552Z 37 PC: 12d49 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:02:17.826487323Z 74 PC: 12c36 | Reallocate memory
2018-12-17T23:02:17.829985766Z 68 PC: 131f2 | I/O control for devices (Set for = '')
2018-12-17T23:02:17.832650276Z 74 PC: 1526d | Reallocate memory
2018-12-17T23:02:17.835289821Z 74 PC: 1526d | Reallocate memory
2018-12-17T23:02:17.83946069Z 68 PC: 131f2 | I/O control for devices (Set for = 'Borland C++ - Copyright 1991 Borland Intl.')
2018-12-17T23:02:17.844338604Z 53 PC: 1300e | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:02:17.846185298Z 37 PC: 13028 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:02:17.848799288Z 37 PC: 13028 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:02:17.876901866Z 67 PC: 1550a | Get or set file attributes
2018-12-17T23:02:17.884515453Z 67 PC: 9edc3 | Get or set file attributes
2018-12-17T23:02:17.895069475Z 67 PC: 9edc3 | Get or set file attributes
2018-12-17T23:02:17.903509864Z 67 PC: 9edc3 | Get or set file attributes
2018-12-17T23:02:17.910555853Z 61 PC: 162fd | Open file (Filename = '!�R� ')
2018-12-17T23:02:17.930977436Z 64 PC: 16d56 | Write file or device (Write 48 bytes on handle 1)
2018-12-17T23:02:17.938924348Z 64 PC: 16d56 | Write file or device (Write 63 bytes on handle 1)
2018-12-17T23:02:17.944564938Z 62 PC: 15636 | Close file
2018-12-17T23:02:17.949315885Z 37 PC: 12d5b | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:02:17.950768167Z 37 PC: 12d66 | Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T23:02:17.952163219Z 37 PC: 12d71 | Set interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T23:02:17.9554487Z 37 PC: 12d7b | Set interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-17T23:02:17.957403175Z 74 PC: 1526d | Reallocate memory
2018-12-17T23:02:17.959337369Z 62 PC: 15636 | Close file
2018-12-17T23:02:17.962471031Z 62 PC: 15636 | Close file
2018-12-17T23:02:17.9659491Z 62 PC: 15636 | Close file
2018-12-17T23:02:17.968501011Z 62 PC: 15636 | Close file
2018-12-17T23:02:17.971548093Z 62 PC: 15636 | Close file
2018-12-17T23:02:17.974970419Z 76 PC: 12cff | Terminate with return code (Return code = '1')
2018-12-17T23:02:17.97920033Z 73 PC: 9edb2 | Release memory
2018-12-17T23:02:17.982128286Z 77 PC: 9edb6 | Get program return code
2018-12-17T23:02:17.983465842Z 76 PC: 9edba | Terminate with return code (Return code = '1')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":14153,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:39:50.379418428Z 47 PC: 1be45 | Get disk transfer address
2018-12-25T12:39:50.381450474Z 26 PC: 1be57 | Set disk transfer address
2018-12-25T12:39:50.382914811Z 78 PC: 1be62 | Find first file
2018-12-25T12:39:50.389956803Z 255 PC: 1be72 | UNKNOWN!
2018-12-25T12:39:50.391878165Z 79 PC: 1be62 | Find next file (See above)
2018-12-25T12:39:50.394808008Z 26 PC: 1be7c | Set disk transfer address
2018-12-25T12:39:50.396369774Z 255 PC: 1be82 | UNKNOWN!
2018-12-25T12:39:50.404859608Z 74 PC: 1bea8 | Reallocate memory
2018-12-25T12:39:50.407447594Z 72 PC: 1beb2 | Allocate memory
2018-12-25T12:39:50.410321122Z 72 PC: 1bec7 | Allocate memory
2018-12-25T12:39:50.412840074Z 74 PC: 9ed83 | Reallocate memory
2018-12-25T12:39:50.424346619Z 75 PC: 9edc3 | Execute program
2018-12-25T12:39:50.456767734Z 47 PC: 1bfa5 | Get disk transfer address
2018-12-25T12:39:50.458524722Z 26 PC: 1bfb7 | Set disk transfer address
2018-12-25T12:39:50.46134631Z 78 PC: 1bfc2 | Find first file
2018-12-25T12:39:50.468084698Z 67 PC: 9edc3 | Get or set file attributes (See above)
2018-12-25T12:39:50.474541263Z 67 PC: 9edc3 | Get or set file attributes (See above)
2018-12-25T12:39:50.492340238Z 61 PC: 9edc3 | Open file (See above)
2018-12-25T12:39:50.501510099Z 87 PC: 9edc3 | Get or set file date and time (See above)
2018-12-25T12:39:50.503198012Z 66 PC: 9edc3 | Move file pointer (See above)
2018-12-25T12:39:50.505229154Z 66 PC: 9edc3 | Move file pointer (See above)
2018-12-25T12:39:50.511585211Z 63 PC: 9edc3 | Read file or device (See above)
2018-12-25T12:39:50.514824912Z 66 PC: 9edc3 | Move file pointer (See above)
2018-12-25T12:39:50.516791486Z 63 PC: 9edc3 | Read file or device (See above)
2018-12-25T12:39:50.521612209Z 66 PC: 9edc3 | Move file pointer (See above)
2018-12-25T12:39:50.522852532Z 64 PC: 9edc3 | Write file or device (See above)
2018-12-25T12:39:50.525619789Z 66 PC: 9edc3 | Move file pointer (See above)
2018-12-25T12:39:50.527445036Z 64 PC: 9edc3 | Write file or device (See above)
2018-12-25T12:39:50.529927599Z 64 PC: 9edc3 | Write file or device (See above)
2018-12-25T12:39:50.539817159Z 64 PC: 9edc3 | Write file or device (See above)
2018-12-25T12:39:50.544173686Z 64 PC: 9edc3 | Write file or device (See above)
2018-12-25T12:39:50.547214431Z 87 PC: 9edc3 | Get or set file date and time (See above)
2018-12-25T12:39:50.548918819Z 44 PC: 9f1eb | Get time 0x9f1eb: cmp ch, 0x17
0x9f1ee: jb 0x9f208
0x9f1f0: mov dx, 0x3c8
0x9f1f3: mov al, 0
0x9f1f5: out dx, al
0x9f1f6: mov dx, 0x3c9
0x9f1f9: mov al, 0
0x9f1fb: out dx, al
0x9f1fc: mov dx, 0x3c9
0x9f1ff: mov al, 0
0x9f201: out dx, al
0x9f202: mov dx, 0x3c9
0x9f205: mov al, 0x3f
0x9f207: out dx, al
0x9f208: ret
0x9f209: push di
0x9f20a: insb byte ptr es:[di], dx
0x9f20c: arpl word ptr [bx + 0x6d], bp
0x9f20f: and byte ptr gs:[si + 0x6f], dh
0x9f213: and byte ptr [bp + si + 0x6c], al
2018-12-25T12:39:50.552127467Z 62 PC: 9edc3 | Close file (See above)
2018-12-25T12:39:50.560888307Z 67 PC: 9edc3 | Get or set file attributes (See above)
2018-12-25T12:39:50.585347462Z 255 PC: 1bfd2 | UNKNOWN!
2018-12-25T12:39:50.599965941Z 79 PC: 1bfc2 | Find next file (See above)
2018-12-25T12:39:50.605464845Z 26 PC: 1bfdc | Set disk transfer address
2018-12-25T12:39:50.608834765Z 48 PC: 2ac5e | Get DOS version
2018-12-25T12:39:50.610290598Z 53 PC: 2ad67 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-25T12:39:50.617176828Z 48 PC: 2ac5e | Get DOS version (See above)
2018-12-25T12:39:50.618961677Z 53 PC: 2ad67 | Get interrupt vector (See above)
2018-12-25T12:39:50.62427865Z 48 PC: 2ac5e | Get DOS version (See above)
2018-12-25T12:39:50.627303599Z 53 PC: 2ad67 | Get interrupt vector (See above)
2018-12-25T12:39:50.63375469Z 48 PC: 2ac5e | Get DOS version (See above)
2018-12-25T12:39:50.634964045Z 53 PC: 2ad67 | Get interrupt vector (See above)
2018-12-25T12:39:50.643606429Z 48 PC: 2ac5e | Get DOS version (See above)
2018-12-25T12:39:50.644927018Z 53 PC: 2ad67 | Get interrupt vector (See above)
2018-12-25T12:39:50.652272892Z 48 PC: 2ac5e | Get DOS version (See above)
2018-12-25T12:39:50.655086875Z 53 PC: 2ad67 | Get interrupt vector (See above)
2018-12-25T12:39:50.663863992Z 48 PC: 2ac5e | Get DOS version (See above)
2018-12-25T12:39:50.665343813Z 53 PC: 2ad67 | Get interrupt vector (See above)
2018-12-25T12:39:50.68827094Z 48 PC: 2ac5e | Get DOS version (See above)
2018-12-25T12:39:50.689925995Z 53 PC: 2ad67 | Get interrupt vector (See above)
2018-12-25T12:39:50.698801911Z 48 PC: 2ac5e | Get DOS version (See above)
2018-12-25T12:39:50.701241941Z 53 PC: 2ad67 | Get interrupt vector (See above)
2018-12-25T12:39:50.709407498Z 48 PC: 2ac5e | Get DOS version (See above)
2018-12-25T12:39:50.710814343Z 53 PC: 2ad67 | Get interrupt vector (See above)
2018-12-25T12:39:50.718714725Z 48 PC: 2ac5e | Get DOS version (See above)
2018-12-25T12:39:50.720387185Z 53 PC: 2ad67 | Get interrupt vector (See above)
2018-12-25T12:39:50.728646779Z 48 PC: 2ac5e | Get DOS version (See above)
2018-12-25T12:39:50.732063424Z 53 PC: 2ad67 | Get interrupt vector (See above)
2018-12-25T12:39:50.738268999Z 48 PC: 2ac5e | Get DOS version (See above)
2018-12-25T12:39:50.740011729Z 53 PC: 2ad67 | Get interrupt vector (See above)
2018-12-25T12:39:50.744178862Z 48 PC: 12bac | Get DOS version
2018-12-25T12:39:50.745666115Z 53 PC: 12d0e | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-25T12:39:50.747148697Z 53 PC: 12d1b | Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-25T12:39:50.748821129Z 53 PC: 12d28 | Get interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-25T12:39:50.751313623Z 53 PC: 12d35 | Get interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-25T12:39:50.75297872Z 37 PC: 12d49 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-25T12:39:50.754734455Z 74 PC: 12c36 | Reallocate memory
2018-12-25T12:39:50.75785468Z 68 PC: 131f2 | I/O control for devices (Set for = '')
2018-12-25T12:39:50.760582028Z 74 PC: 1526d | Reallocate memory
2018-12-25T12:39:50.764700006Z 74 PC: 1526d | Reallocate memory (See above)
2018-12-25T12:39:50.767938998Z 68 PC: 131f2 | I/O control for devices (See above)
2018-12-25T12:39:50.773173263Z 53 PC: 1300e | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-25T12:39:50.774930425Z 37 PC: 13028 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-25T12:39:50.777581697Z 37 PC: 13028 | Set interrupt vector (See above)
2018-12-25T12:39:50.817437882Z 67 PC: 1550a | Get or set file attributes
2018-12-25T12:39:50.825532533Z 67 PC: 9edc3 | Get or set file attributes (See above)
2018-12-25T12:39:50.834190946Z 67 PC: 9edc3 | Get or set file attributes (See above)
2018-12-25T12:39:50.841468017Z 67 PC: 9edc3 | Get or set file attributes (See above)
2018-12-25T12:39:50.849592994Z 61 PC: 162fd | Open file (Filename = '!�R� ')
2018-12-25T12:39:50.858987803Z 64 PC: 16d56 | Write file or device (Write 48 bytes on handle 1)
2018-12-25T12:39:50.867151621Z 64 PC: 16d56 | Write file or device (See above)
2018-12-25T12:39:50.872373786Z 62 PC: 15636 | Close file
2018-12-25T12:39:50.877390784Z 37 PC: 12d5b | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-25T12:39:50.879127836Z 37 PC: 12d66 | Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-25T12:39:50.880848632Z 37 PC: 12d71 | Set interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-25T12:39:50.883444196Z 37 PC: 12d7b | Set interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-25T12:39:50.886046051Z 74 PC: 1526d | Reallocate memory (See above)
2018-12-25T12:39:50.8883208Z 62 PC: 15636 | Close file (See above)
2018-12-25T12:39:50.891550947Z 62 PC: 15636 | Close file (See above)
2018-12-25T12:39:50.894611769Z 62 PC: 15636 | Close file (See above)
2018-12-25T12:39:50.897340687Z 62 PC: 15636 | Close file (See above)
2018-12-25T12:39:50.900805586Z 62 PC: 15636 | Close file (See above)
2018-12-25T12:39:50.903777406Z 76 PC: 12cff | Terminate with return code (Return code = '1')
2018-12-25T12:39:50.90697058Z 73 PC: 9edb2 | Release memory
2018-12-25T12:39:50.908974818Z 77 PC: 9edb6 | Get program return code
2018-12-25T12:39:50.911459355Z 76 PC: 9edba | Terminate with return code (Return code = '1')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":23,"Min":0,"Second":0,"TimeBased":true,"OriginalID":14153,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:39:50.446087901Z 47 PC: 1be45 | Get disk transfer address
2018-12-25T12:39:50.448490947Z 26 PC: 1be57 | Set disk transfer address
2018-12-25T12:39:50.450180854Z 78 PC: 1be62 | Find first file
2018-12-25T12:39:50.45574876Z 255 PC: 1be72 | UNKNOWN!
2018-12-25T12:39:50.468264872Z 79 PC: 1be62 | Find next file (See above)
2018-12-25T12:39:50.471138603Z 26 PC: 1be7c | Set disk transfer address
2018-12-25T12:39:50.472785191Z 255 PC: 1be82 | UNKNOWN!
2018-12-25T12:39:50.474337744Z 74 PC: 1bea8 | Reallocate memory
2018-12-25T12:39:50.476509875Z 72 PC: 1beb2 | Allocate memory
2018-12-25T12:39:50.478972036Z 72 PC: 1bec7 | Allocate memory
2018-12-25T12:39:50.481373305Z 74 PC: 9ed83 | Reallocate memory
2018-12-25T12:39:50.484414226Z 75 PC: 9edc3 | Execute program
2018-12-25T12:39:50.504902353Z 47 PC: 1bfa5 | Get disk transfer address
2018-12-25T12:39:50.50599851Z 26 PC: 1bfb7 | Set disk transfer address
2018-12-25T12:39:50.507923591Z 78 PC: 1bfc2 | Find first file
2018-12-25T12:39:50.512153729Z 67 PC: 9edc3 | Get or set file attributes (See above)
2018-12-25T12:39:50.515953048Z 67 PC: 9edc3 | Get or set file attributes (See above)
2018-12-25T12:39:50.544441615Z 61 PC: 9edc3 | Open file (See above)
2018-12-25T12:39:50.552393961Z 87 PC: 9edc3 | Get or set file date and time (See above)
2018-12-25T12:39:50.554274691Z 66 PC: 9edc3 | Move file pointer (See above)
2018-12-25T12:39:50.556889845Z 66 PC: 9edc3 | Move file pointer (See above)
2018-12-25T12:39:50.558880393Z 63 PC: 9edc3 | Read file or device (See above)
2018-12-25T12:39:50.567761174Z 66 PC: 9edc3 | Move file pointer (See above)
2018-12-25T12:39:50.570549713Z 63 PC: 9edc3 | Read file or device (See above)
2018-12-25T12:39:50.574687241Z 66 PC: 9edc3 | Move file pointer (See above)
2018-12-25T12:39:50.576846568Z 64 PC: 9edc3 | Write file or device (See above)
2018-12-25T12:39:50.584214576Z 66 PC: 9edc3 | Move file pointer (See above)
2018-12-25T12:39:50.586689954Z 64 PC: 9edc3 | Write file or device (See above)
2018-12-25T12:39:50.590506867Z 64 PC: 9edc3 | Write file or device (See above)
2018-12-25T12:39:50.612016044Z 64 PC: 9edc3 | Write file or device (See above)
2018-12-25T12:39:50.61550428Z 64 PC: 9edc3 | Write file or device (See above)
2018-12-25T12:39:50.618793515Z 87 PC: 9edc3 | Get or set file date and time (See above)
2018-12-25T12:39:50.621153958Z 44 PC: 9f1eb | Get time 0x9f1eb: cmp ch, 0x17
0x9f1ee: jb 0x9f208
0x9f1f0: mov dx, 0x3c8
0x9f1f3: mov al, 0
0x9f1f5: out dx, al
0x9f1f6: mov dx, 0x3c9
0x9f1f9: mov al, 0
0x9f1fb: out dx, al
0x9f1fc: mov dx, 0x3c9
0x9f1ff: mov al, 0
0x9f201: out dx, al
0x9f202: mov dx, 0x3c9
0x9f205: mov al, 0x3f
0x9f207: out dx, al
0x9f208: ret
0x9f209: push di
0x9f20a: insb byte ptr es:[di], dx
0x9f20c: arpl word ptr [bx + 0x6d], bp
0x9f20f: and byte ptr gs:[si + 0x6f], dh
0x9f213: and byte ptr [bp + si + 0x6c], al
2018-12-25T12:39:50.624294647Z 62 PC: 9edc3 | Close file (See above)
2018-12-25T12:39:50.633371175Z 67 PC: 9edc3 | Get or set file attributes (See above)
2018-12-25T12:39:50.641249507Z 255 PC: 1bfd2 | UNKNOWN!
2018-12-25T12:39:50.642541064Z 79 PC: 1bfc2 | Find next file (See above)
2018-12-25T12:39:50.644350731Z 26 PC: 1bfdc | Set disk transfer address
2018-12-25T12:39:50.646269776Z 48 PC: 2ac5e | Get DOS version
2018-12-25T12:39:50.647804185Z 53 PC: 2ad67 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-25T12:39:50.650871206Z 48 PC: 2ac5e | Get DOS version (See above)
2018-12-25T12:39:50.651899909Z 53 PC: 2ad67 | Get interrupt vector (See above)
2018-12-25T12:39:50.655587913Z 48 PC: 2ac5e | Get DOS version (See above)
2018-12-25T12:39:50.656650246Z 53 PC: 2ad67 | Get interrupt vector (See above)
2018-12-25T12:39:50.659981381Z 48 PC: 2ac5e | Get DOS version (See above)
2018-12-25T12:39:50.676212227Z 53 PC: 2ad67 | Get interrupt vector (See above)
2018-12-25T12:39:50.682774349Z 48 PC: 2ac5e | Get DOS version (See above)
2018-12-25T12:39:50.684540706Z 53 PC: 2ad67 | Get interrupt vector (See above)
2018-12-25T12:39:50.689899899Z 48 PC: 2ac5e | Get DOS version (See above)
2018-12-25T12:39:50.691044258Z 53 PC: 2ad67 | Get interrupt vector (See above)
2018-12-25T12:39:50.696393633Z 48 PC: 2ac5e | Get DOS version (See above)
2018-12-25T12:39:50.698198958Z 53 PC: 2ad67 | Get interrupt vector (See above)
2018-12-25T12:39:50.719334671Z 48 PC: 2ac5e | Get DOS version (See above)
2018-12-25T12:39:50.720937302Z 53 PC: 2ad67 | Get interrupt vector (See above)
2018-12-25T12:39:50.744057165Z 48 PC: 2ac5e | Get DOS version (See above)
2018-12-25T12:39:50.746423048Z 53 PC: 2ad67 | Get interrupt vector (See above)
2018-12-25T12:39:50.751488Z 48 PC: 2ac5e | Get DOS version (See above)
2018-12-25T12:39:50.753991407Z 53 PC: 2ad67 | Get interrupt vector (See above)
2018-12-25T12:39:50.758841733Z 48 PC: 2ac5e | Get DOS version (See above)
2018-12-25T12:39:50.759923499Z 53 PC: 2ad67 | Get interrupt vector (See above)
2018-12-25T12:39:50.765695215Z 48 PC: 2ac5e | Get DOS version (See above)
2018-12-25T12:39:50.767268053Z 53 PC: 2ad67 | Get interrupt vector (See above)
2018-12-25T12:39:50.770601778Z 48 PC: 2ac5e | Get DOS version (See above)
2018-12-25T12:39:50.772334987Z 53 PC: 2ad67 | Get interrupt vector (See above)
2018-12-25T12:39:50.774650593Z 48 PC: 12bac | Get DOS version
2018-12-25T12:39:50.775699302Z 53 PC: 12d0e | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-25T12:39:50.777870971Z 53 PC: 12d1b | Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-25T12:39:50.778943705Z 53 PC: 12d28 | Get interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-25T12:39:50.780041389Z 53 PC: 12d35 | Get interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-25T12:39:50.781675133Z 37 PC: 12d49 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-25T12:39:50.782840659Z 74 PC: 12c36 | Reallocate memory
2018-12-25T12:39:50.784561626Z 68 PC: 131f2 | I/O control for devices (Set for = '')
2018-12-25T12:39:50.786727769Z 74 PC: 1526d | Reallocate memory
2018-12-25T12:39:50.788301782Z 74 PC: 1526d | Reallocate memory (See above)
2018-12-25T12:39:50.789744836Z 68 PC: 131f2 | I/O control for devices (See above)
2018-12-25T12:39:50.792861859Z 53 PC: 1300e | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-25T12:39:50.794046017Z 37 PC: 13028 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-25T12:39:50.795203653Z 37 PC: 13028 | Set interrupt vector (See above)
2018-12-25T12:39:50.809422786Z 67 PC: 1550a | Get or set file attributes
2018-12-25T12:39:50.814119221Z 67 PC: 9edc3 | Get or set file attributes (See above)
2018-12-25T12:39:50.818113965Z 67 PC: 9edc3 | Get or set file attributes (See above)
2018-12-25T12:39:50.822345816Z 67 PC: 9edc3 | Get or set file attributes (See above)
2018-12-25T12:39:50.829185399Z 61 PC: 162fd | Open file (Filename = '!�R� ')
2018-12-25T12:39:50.837399384Z 64 PC: 16d56 | Write file or device (Write 48 bytes on handle 1)
2018-12-25T12:39:50.845582741Z 64 PC: 16d56 | Write file or device (See above)
2018-12-25T12:39:50.851202736Z 62 PC: 15636 | Close file
2018-12-25T12:39:50.856148107Z 37 PC: 12d5b | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-25T12:39:50.858002401Z 37 PC: 12d66 | Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-25T12:39:50.861742109Z 37 PC: 12d71 | Set interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-25T12:39:50.866280983Z 37 PC: 12d7b | Set interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-25T12:39:50.868953726Z 74 PC: 1526d | Reallocate memory (See above)
2018-12-25T12:39:50.871850018Z 62 PC: 15636 | Close file (See above)
2018-12-25T12:39:50.874082778Z 62 PC: 15636 | Close file (See above)
2018-12-25T12:39:50.8765949Z 62 PC: 15636 | Close file (See above)
2018-12-25T12:39:50.880180423Z 62 PC: 15636 | Close file (See above)
2018-12-25T12:39:50.882979533Z 62 PC: 15636 | Close file (See above)
2018-12-25T12:39:50.88556718Z 76 PC: 12cff | Terminate with return code (Return code = '1')
2018-12-25T12:39:50.891146756Z 73 PC: 9edb2 | Release memory
2018-12-25T12:39:50.893371892Z 77 PC: 9edb6 | Get program return code
2018-12-25T12:39:50.895336662Z 76 PC: 9edba | Terminate with return code (Return code = '1')