Sample viewer

vx.netlux.org/Virus.DOS.HWF.893

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:04:49.512934573Z 53 PC: 152c5 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:04:49.515729434Z 37 PC: 152d2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:04:49.516974889Z 26 PC: 152e0 | Set disk transfer address
2018-12-17T23:04:49.518132325Z 71 PC: 152e9 | Get current directory
2018-12-17T23:04:49.52183755Z 53 PC: 152f0 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:04:49.523095063Z 37 PC: 152f9 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T23:04:49.524129029Z 78 PC: 153d3 | Find first file
2018-12-17T23:04:49.531164732Z 67 PC: 153dd | Get or set file attributes
2018-12-17T23:04:49.537321571Z 67 PC: 153e8 | Get or set file attributes
2018-12-17T23:04:49.55450287Z 61 PC: 153f0 | Open file (Filename = 'TEST.EXE')
2018-12-17T23:04:49.562661819Z 87 PC: 153f5 | Get or set file date and time
2018-12-17T23:04:49.578437134Z 63 PC: 15401 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T23:04:49.581244657Z 66 PC: 15408 | Move file pointer
2018-12-17T23:04:49.583097325Z 87 PC: 1555e | Get or set file date and time
2018-12-17T23:04:49.584465252Z 62 PC: 15561 | Close file
2018-12-17T23:04:49.592222478Z 67 PC: 15565 | Get or set file attributes
2018-12-17T23:04:49.60350156Z 79 PC: 153d3 | Find next file
2018-12-17T23:04:49.606095905Z 78 PC: 153d3 | Find first file
2018-12-17T23:04:49.609920635Z 67 PC: 153dd | Get or set file attributes
2018-12-17T23:04:49.613579463Z 67 PC: 153e8 | Get or set file attributes
2018-12-17T23:04:49.622362689Z 61 PC: 153f0 | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:04:49.630000722Z 87 PC: 153f5 | Get or set file date and time
2018-12-17T23:04:49.6320238Z 63 PC: 15401 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T23:04:49.641734258Z 66 PC: 15408 | Move file pointer
2018-12-17T23:04:49.643493533Z 87 PC: 1555e | Get or set file date and time
2018-12-17T23:04:49.645238964Z 62 PC: 15561 | Close file
2018-12-17T23:04:49.656471086Z 67 PC: 15565 | Get or set file attributes
2018-12-17T23:04:49.67116605Z 79 PC: 153d3 | Find next file
2018-12-17T23:04:49.674318983Z 67 PC: 153dd | Get or set file attributes
2018-12-17T23:04:49.682006123Z 67 PC: 153e8 | Get or set file attributes
2018-12-17T23:04:49.69304457Z 61 PC: 153f0 | Open file (Filename = 'PRINT.COM')
2018-12-17T23:04:49.700189411Z 87 PC: 153f5 | Get or set file date and time
2018-12-17T23:04:49.702495514Z 63 PC: 15401 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T23:04:49.709743147Z 66 PC: 15408 | Move file pointer
2018-12-17T23:04:49.711483756Z 87 PC: 1555e | Get or set file date and time
2018-12-17T23:04:49.713217307Z 62 PC: 15561 | Close file
2018-12-17T23:04:49.72312797Z 67 PC: 15565 | Get or set file attributes
2018-12-17T23:04:49.736884468Z 79 PC: 153d3 | Find next file
2018-12-17T23:04:49.739817678Z 67 PC: 153dd | Get or set file attributes
2018-12-17T23:04:49.746661297Z 67 PC: 153e8 | Get or set file attributes
2018-12-17T23:04:49.75806145Z 61 PC: 153f0 | Open file (Filename = 'HELLO.COM')
2018-12-17T23:04:49.765872365Z 87 PC: 153f5 | Get or set file date and time
2018-12-17T23:04:49.768554349Z 63 PC: 15401 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T23:04:49.775776203Z 66 PC: 15408 | Move file pointer
2018-12-17T23:04:49.777498956Z 87 PC: 1555e | Get or set file date and time
2018-12-17T23:04:49.780460562Z 62 PC: 15561 | Close file
2018-12-17T23:04:49.788542513Z 67 PC: 15565 | Get or set file attributes
2018-12-17T23:04:49.803411242Z 79 PC: 153d3 | Find next file
2018-12-17T23:04:49.806808194Z 67 PC: 153dd | Get or set file attributes
2018-12-17T23:04:49.814092376Z 67 PC: 153e8 | Get or set file attributes
2018-12-17T23:04:49.824824013Z 61 PC: 153f0 | Open file (Filename = 'PHANG.COM')
2018-12-17T23:04:49.832290063Z 87 PC: 153f5 | Get or set file date and time
2018-12-17T23:04:49.835304864Z 63 PC: 15401 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T23:04:49.842402524Z 66 PC: 15408 | Move file pointer
2018-12-17T23:04:49.844289189Z 87 PC: 1555e | Get or set file date and time
2018-12-17T23:04:49.847402287Z 62 PC: 15561 | Close file
2018-12-17T23:04:49.855335955Z 67 PC: 15565 | Get or set file attributes
2018-12-17T23:04:49.869211797Z 79 PC: 153d3 | Find next file
2018-12-17T23:04:49.872510211Z 67 PC: 153dd | Get or set file attributes
2018-12-17T23:04:49.878468281Z 67 PC: 153e8 | Get or set file attributes
2018-12-17T23:04:49.888867035Z 61 PC: 153f0 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T23:04:49.896480359Z 87 PC: 153f5 | Get or set file date and time
2018-12-17T23:04:49.897998809Z 63 PC: 15401 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T23:04:49.905389862Z 66 PC: 15408 | Move file pointer
2018-12-17T23:04:49.907818879Z 87 PC: 1555e | Get or set file date and time
2018-12-17T23:04:49.909675917Z 62 PC: 15561 | Close file
2018-12-17T23:04:49.917511531Z 67 PC: 15565 | Get or set file attributes
2018-12-17T23:04:49.93206251Z 79 PC: 153d3 | Find next file
2018-12-17T23:04:49.936210607Z 67 PC: 153dd | Get or set file attributes
2018-12-17T23:04:49.942671757Z 67 PC: 153e8 | Get or set file attributes
2018-12-17T23:04:49.963458211Z 61 PC: 153f0 | Open file (Filename = 'MANDEL.COM')
2018-12-17T23:04:49.97159842Z 87 PC: 153f5 | Get or set file date and time
2018-12-17T23:04:49.973061186Z 63 PC: 15401 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T23:04:49.981115774Z 66 PC: 15408 | Move file pointer
2018-12-17T23:04:49.984106066Z 87 PC: 1555e | Get or set file date and time
2018-12-17T23:04:49.986416663Z 62 PC: 15561 | Close file
2018-12-17T23:04:49.994666166Z 67 PC: 15565 | Get or set file attributes
2018-12-17T23:04:50.009426327Z 79 PC: 153d3 | Find next file
2018-12-17T23:04:50.012398625Z 67 PC: 153dd | Get or set file attributes
2018-12-17T23:04:50.018891912Z 67 PC: 153e8 | Get or set file attributes
2018-12-17T23:04:50.029936433Z 61 PC: 153f0 | Open file (Filename = 'PAH.COM')
2018-12-17T23:04:50.03789917Z 87 PC: 153f5 | Get or set file date and time
2018-12-17T23:04:50.039905843Z 63 PC: 15401 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T23:04:50.047480607Z 66 PC: 15408 | Move file pointer
2018-12-17T23:04:50.050392876Z 87 PC: 1555e | Get or set file date and time
2018-12-17T23:04:50.052408852Z 62 PC: 15561 | Close file
2018-12-17T23:04:50.060721833Z 67 PC: 15565 | Get or set file attributes
2018-12-17T23:04:50.076478158Z 79 PC: 153d3 | Find next file
2018-12-17T23:04:50.079800087Z 59 PC: 1532f | Change current directory
2018-12-17T23:04:50.084914771Z 59 PC: 1533d | Change current directory
2018-12-17T23:04:50.090487009Z 37 PC: 15343 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:04:50.092279506Z 26 PC: 1534b | Set disk transfer address
2018-12-17T23:04:50.09399827Z 42 PC: 1534e | Get date 0x1534e: cmp cx, 0x7cb
0x15352: jb 0x15370
0x15354: and dx, 0xf0f
0x15358: add dl, 8
0x1535b: cmp dh, dl
0x1535d: jne 0x15370
0x1535f: cmp al, 3
0x15361: ja 0x15370
0x15363: xor ax, ax
0x15365: int 0x10
0x15367: mov ah, 9
0x15369: lea dx, word ptr [bp + 0x242]
0x1536d: int3
0x1536e: cli
0x1536f: hlt
0x15370: cmp word ptr cs:[bp + 0x4fd], -4
0x15376: je 0x153a0
0x15378: mov di, 0x100
0x1537b: lea si, word ptr [bp + 0x274]
0x1537f: movsw word ptr es:[di], word ptr [si]
2018-12-17T23:04:50.097819694Z 9 PC: 12a54 | Display string (String= '� ������WJWUWW���������������~�')
2018-12-17T23:04:50.100389881Z 76 PC: 12a59 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14991,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:42:20.193984628Z 53 PC: 152c5 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:42:20.196036568Z 37 PC: 152d2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:42:20.216624262Z 26 PC: 152e0 | Set disk transfer address
2018-12-25T12:42:20.217786239Z 71 PC: 152e9 | Get current directory
2018-12-25T12:42:20.222722122Z 53 PC: 152f0 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:42:20.22420459Z 37 PC: 152f9 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T12:42:20.225471651Z 78 PC: 153d3 | Find first file
2018-12-25T12:42:20.232575909Z 67 PC: 153dd | Get or set file attributes
2018-12-25T12:42:20.2399499Z 67 PC: 153e8 | Get or set file attributes
2018-12-25T12:42:20.25785999Z 61 PC: 153f0 | Open file (Filename = 'TEST.EXE')
2018-12-25T12:42:20.265786435Z 87 PC: 153f5 | Get or set file date and time
2018-12-25T12:42:20.267495049Z 63 PC: 15401 | Read file or device (Read 26 bytes on handle 5)
2018-12-25T12:42:20.274541001Z 66 PC: 15408 | Move file pointer
2018-12-25T12:42:20.276165568Z 87 PC: 1555e | Get or set file date and time
2018-12-25T12:42:20.28373156Z 62 PC: 15561 | Close file
2018-12-25T12:42:20.295266518Z 67 PC: 15565 | Get or set file attributes
2018-12-25T12:42:20.30753492Z 79 PC: 153d3 | Find next file (See above)
2018-12-25T12:42:20.311163786Z 78 PC: 153d3 | Find first file (See above)
2018-12-25T12:42:20.318047061Z 67 PC: 153dd | Get or set file attributes (See above)
2018-12-25T12:42:20.324827457Z 67 PC: 153e8 | Get or set file attributes (See above)
2018-12-25T12:42:20.339870324Z 61 PC: 153f0 | Open file (See above)
2018-12-25T12:42:20.348082249Z 87 PC: 153f5 | Get or set file date and time (See above)
2018-12-25T12:42:20.349729778Z 63 PC: 15401 | Read file or device (See above)
2018-12-25T12:42:20.357773024Z 66 PC: 15408 | Move file pointer (See above)
2018-12-25T12:42:20.360178109Z 87 PC: 1555e | Get or set file date and time (See above)
2018-12-25T12:42:20.362298939Z 62 PC: 15561 | Close file (See above)
2018-12-25T12:42:20.371522788Z 67 PC: 15565 | Get or set file attributes (See above)
2018-12-25T12:42:20.394503476Z 79 PC: 153d3 | Find next file (See above)
2018-12-25T12:42:20.398086861Z 67 PC: 153dd | Get or set file attributes (See above)
2018-12-25T12:42:20.403951446Z 67 PC: 153e8 | Get or set file attributes (See above)
2018-12-25T12:42:20.41351114Z 61 PC: 153f0 | Open file (See above)
2018-12-25T12:42:20.419898986Z 87 PC: 153f5 | Get or set file date and time (See above)
2018-12-25T12:42:20.421671502Z 63 PC: 15401 | Read file or device (See above)
2018-12-25T12:42:20.428903118Z 66 PC: 15408 | Move file pointer (See above)
2018-12-25T12:42:20.430661979Z 87 PC: 1555e | Get or set file date and time (See above)
2018-12-25T12:42:20.432256346Z 62 PC: 15561 | Close file (See above)
2018-12-25T12:42:20.440947606Z 67 PC: 15565 | Get or set file attributes (See above)
2018-12-25T12:42:20.452216046Z 79 PC: 153d3 | Find next file (See above)
2018-12-25T12:42:20.45722478Z 67 PC: 153dd | Get or set file attributes (See above)
2018-12-25T12:42:20.46612257Z 67 PC: 153e8 | Get or set file attributes (See above)
2018-12-25T12:42:20.478698254Z 61 PC: 153f0 | Open file (See above)
2018-12-25T12:42:20.486680067Z 87 PC: 153f5 | Get or set file date and time (See above)
2018-12-25T12:42:20.489621299Z 63 PC: 15401 | Read file or device (See above)
2018-12-25T12:42:20.497720969Z 66 PC: 15408 | Move file pointer (See above)
2018-12-25T12:42:20.499763536Z 87 PC: 1555e | Get or set file date and time (See above)
2018-12-25T12:42:20.502930444Z 62 PC: 15561 | Close file (See above)
2018-12-25T12:42:20.511421258Z 67 PC: 15565 | Get or set file attributes (See above)
2018-12-25T12:42:20.522768988Z 79 PC: 153d3 | Find next file (See above)
2018-12-25T12:42:20.526172173Z 67 PC: 153dd | Get or set file attributes (See above)
2018-12-25T12:42:20.534630661Z 67 PC: 153e8 | Get or set file attributes (See above)
2018-12-25T12:42:20.543779576Z 61 PC: 153f0 | Open file (See above)
2018-12-25T12:42:20.551072903Z 87 PC: 153f5 | Get or set file date and time (See above)
2018-12-25T12:42:20.553791062Z 63 PC: 15401 | Read file or device (See above)
2018-12-25T12:42:20.560938876Z 66 PC: 15408 | Move file pointer (See above)
2018-12-25T12:42:20.562287327Z 87 PC: 1555e | Get or set file date and time (See above)
2018-12-25T12:42:20.564467228Z 62 PC: 15561 | Close file (See above)
2018-12-25T12:42:20.572114717Z 67 PC: 15565 | Get or set file attributes (See above)
2018-12-25T12:42:20.58308636Z 79 PC: 153d3 | Find next file (See above)
2018-12-25T12:42:20.586714035Z 67 PC: 153dd | Get or set file attributes (See above)
2018-12-25T12:42:20.592714345Z 67 PC: 153e8 | Get or set file attributes (See above)
2018-12-25T12:42:20.601447757Z 61 PC: 153f0 | Open file (See above)
2018-12-25T12:42:20.607902464Z 87 PC: 153f5 | Get or set file date and time (See above)
2018-12-25T12:42:20.609422057Z 63 PC: 15401 | Read file or device (See above)
2018-12-25T12:42:20.615234832Z 66 PC: 15408 | Move file pointer (See above)
2018-12-25T12:42:20.616905191Z 87 PC: 1555e | Get or set file date and time (See above)
2018-12-25T12:42:20.619349877Z 62 PC: 15561 | Close file (See above)
2018-12-25T12:42:20.626947287Z 67 PC: 15565 | Get or set file attributes (See above)
2018-12-25T12:42:20.6379111Z 79 PC: 153d3 | Find next file (See above)
2018-12-25T12:42:20.641520147Z 67 PC: 153dd | Get or set file attributes (See above)
2018-12-25T12:42:20.647631051Z 67 PC: 153e8 | Get or set file attributes (See above)
2018-12-25T12:42:20.661167037Z 61 PC: 153f0 | Open file (See above)
2018-12-25T12:42:20.668516516Z 87 PC: 153f5 | Get or set file date and time (See above)
2018-12-25T12:42:20.669860543Z 63 PC: 15401 | Read file or device (See above)
2018-12-25T12:42:20.676641126Z 66 PC: 15408 | Move file pointer (See above)
2018-12-25T12:42:20.678486247Z 87 PC: 1555e | Get or set file date and time (See above)
2018-12-25T12:42:20.680000294Z 62 PC: 15561 | Close file (See above)
2018-12-25T12:42:20.687165367Z 67 PC: 15565 | Get or set file attributes (See above)
2018-12-25T12:42:20.697959934Z 79 PC: 153d3 | Find next file (See above)
2018-12-25T12:42:20.700773626Z 67 PC: 153dd | Get or set file attributes (See above)
2018-12-25T12:42:20.706782144Z 67 PC: 153e8 | Get or set file attributes (See above)
2018-12-25T12:42:20.720376425Z 61 PC: 153f0 | Open file (See above)
2018-12-25T12:42:20.72787689Z 87 PC: 153f5 | Get or set file date and time (See above)
2018-12-25T12:42:20.729238859Z 63 PC: 15401 | Read file or device (See above)
2018-12-25T12:42:20.736018808Z 66 PC: 15408 | Move file pointer (See above)
2018-12-25T12:42:20.737719971Z 87 PC: 1555e | Get or set file date and time (See above)
2018-12-25T12:42:20.739123075Z 62 PC: 15561 | Close file (See above)
2018-12-25T12:42:20.746677864Z 67 PC: 15565 | Get or set file attributes (See above)
2018-12-25T12:42:20.757563146Z 79 PC: 153d3 | Find next file (See above)
2018-12-25T12:42:20.76026528Z 59 PC: 1532f | Change current directory
2018-12-25T12:42:20.764611753Z 59 PC: 1533d | Change current directory
2018-12-25T12:42:20.774842969Z 37 PC: 15343 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:42:20.776118253Z 26 PC: 1534b | Set disk transfer address
2018-12-25T12:42:20.777322751Z 42 PC: 1534e | Get date 0x1534e: cmp cx, 0x7cb
0x15352: jb 0x15370
0x15354: and dx, 0xf0f
0x15358: add dl, 8
0x1535b: cmp dh, dl
0x1535d: jne 0x15370
0x1535f: cmp al, 3
0x15361: ja 0x15370
0x15363: xor ax, ax
0x15365: int 0x10
0x15367: mov ah, 9
0x15369: lea dx, word ptr [bp + 0x242]
0x1536d: int3
0x1536e: cli
0x1536f: hlt
0x15370: cmp word ptr cs:[bp + 0x4fd], -4
0x15376: je 0x153a0
0x15378: mov di, 0x100
0x1537b: lea si, word ptr [bp + 0x274]
0x1537f: movsw word ptr es:[di], word ptr [si]
2018-12-25T12:42:20.780259312Z 9 PC: 12a54 | Display string (String= '� ������WJWUWW���������������~�')
2018-12-25T12:42:20.783466334Z 76 PC: 12a59 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1995,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14991,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:42:20.234180698Z 53 PC: 152c5 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:42:20.236495884Z 37 PC: 152d2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:42:20.23860043Z 26 PC: 152e0 | Set disk transfer address
2018-12-25T12:42:20.240282399Z 71 PC: 152e9 | Get current directory
2018-12-25T12:42:20.24437975Z 53 PC: 152f0 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:42:20.246117831Z 37 PC: 152f9 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T12:42:20.247372416Z 78 PC: 153d3 | Find first file
2018-12-25T12:42:20.253082986Z 67 PC: 153dd | Get or set file attributes
2018-12-25T12:42:20.260366047Z 67 PC: 153e8 | Get or set file attributes
2018-12-25T12:42:20.27857193Z 61 PC: 153f0 | Open file (Filename = 'TEST.EXE')
2018-12-25T12:42:20.283177322Z 87 PC: 153f5 | Get or set file date and time
2018-12-25T12:42:20.285363797Z 63 PC: 15401 | Read file or device (Read 26 bytes on handle 5)
2018-12-25T12:42:20.287317091Z 66 PC: 15408 | Move file pointer
2018-12-25T12:42:20.288608163Z 87 PC: 1555e | Get or set file date and time
2018-12-25T12:42:20.29038339Z 62 PC: 15561 | Close file
2018-12-25T12:42:20.304344926Z 67 PC: 15565 | Get or set file attributes
2018-12-25T12:42:20.315592002Z 79 PC: 153d3 | Find next file (See above)
2018-12-25T12:42:20.319481178Z 78 PC: 153d3 | Find first file (See above)
2018-12-25T12:42:20.326501178Z 67 PC: 153dd | Get or set file attributes (See above)
2018-12-25T12:42:20.338522688Z 67 PC: 153e8 | Get or set file attributes (See above)
2018-12-25T12:42:20.354566932Z 61 PC: 153f0 | Open file (See above)
2018-12-25T12:42:20.362452807Z 87 PC: 153f5 | Get or set file date and time (See above)
2018-12-25T12:42:20.364549428Z 63 PC: 15401 | Read file or device (See above)
2018-12-25T12:42:20.373197115Z 66 PC: 15408 | Move file pointer (See above)
2018-12-25T12:42:20.37785948Z 87 PC: 1555e | Get or set file date and time (See above)
2018-12-25T12:42:20.379954559Z 62 PC: 15561 | Close file (See above)
2018-12-25T12:42:20.388259974Z 67 PC: 15565 | Get or set file attributes (See above)
2018-12-25T12:42:20.400877178Z 79 PC: 153d3 | Find next file (See above)
2018-12-25T12:42:20.404444876Z 67 PC: 153dd | Get or set file attributes (See above)
2018-12-25T12:42:20.412008842Z 67 PC: 153e8 | Get or set file attributes (See above)
2018-12-25T12:42:20.423674102Z 61 PC: 153f0 | Open file (See above)
2018-12-25T12:42:20.433181747Z 87 PC: 153f5 | Get or set file date and time (See above)
2018-12-25T12:42:20.438634119Z 63 PC: 15401 | Read file or device (See above)
2018-12-25T12:42:20.447199461Z 66 PC: 15408 | Move file pointer (See above)
2018-12-25T12:42:20.449237733Z 87 PC: 1555e | Get or set file date and time (See above)
2018-12-25T12:42:20.451344737Z 62 PC: 15561 | Close file (See above)
2018-12-25T12:42:20.460848214Z 67 PC: 15565 | Get or set file attributes (See above)
2018-12-25T12:42:20.472563549Z 79 PC: 153d3 | Find next file (See above)
2018-12-25T12:42:20.475864325Z 67 PC: 153dd | Get or set file attributes (See above)
2018-12-25T12:42:20.484219861Z 67 PC: 153e8 | Get or set file attributes (See above)
2018-12-25T12:42:20.495335768Z 61 PC: 153f0 | Open file (See above)
2018-12-25T12:42:20.502833505Z 87 PC: 153f5 | Get or set file date and time (See above)
2018-12-25T12:42:20.505582496Z 63 PC: 15401 | Read file or device (See above)
2018-12-25T12:42:20.51323116Z 66 PC: 15408 | Move file pointer (See above)
2018-12-25T12:42:20.515060563Z 87 PC: 1555e | Get or set file date and time (See above)
2018-12-25T12:42:20.51724853Z 62 PC: 15561 | Close file (See above)
2018-12-25T12:42:20.526224231Z 67 PC: 15565 | Get or set file attributes (See above)
2018-12-25T12:42:20.537159319Z 79 PC: 153d3 | Find next file (See above)
2018-12-25T12:42:20.540418509Z 67 PC: 153dd | Get or set file attributes (See above)
2018-12-25T12:42:20.548216034Z 67 PC: 153e8 | Get or set file attributes (See above)
2018-12-25T12:42:20.559036496Z 61 PC: 153f0 | Open file (See above)
2018-12-25T12:42:20.566163044Z 87 PC: 153f5 | Get or set file date and time (See above)
2018-12-25T12:42:20.568247998Z 63 PC: 15401 | Read file or device (See above)
2018-12-25T12:42:20.575316472Z 66 PC: 15408 | Move file pointer (See above)
2018-12-25T12:42:20.576878312Z 87 PC: 1555e | Get or set file date and time (See above)
2018-12-25T12:42:20.579232367Z 62 PC: 15561 | Close file (See above)
2018-12-25T12:42:20.58871871Z 67 PC: 15565 | Get or set file attributes (See above)
2018-12-25T12:42:20.599736779Z 79 PC: 153d3 | Find next file (See above)
2018-12-25T12:42:20.603239465Z 67 PC: 153dd | Get or set file attributes (See above)
2018-12-25T12:42:20.609857621Z 67 PC: 153e8 | Get or set file attributes (See above)
2018-12-25T12:42:20.620128578Z 61 PC: 153f0 | Open file (See above)
2018-12-25T12:42:20.628494589Z 87 PC: 153f5 | Get or set file date and time (See above)
2018-12-25T12:42:20.630336399Z 63 PC: 15401 | Read file or device (See above)
2018-12-25T12:42:20.638286732Z 66 PC: 15408 | Move file pointer (See above)
2018-12-25T12:42:20.641252211Z 87 PC: 1555e | Get or set file date and time (See above)
2018-12-25T12:42:20.64351331Z 62 PC: 15561 | Close file (See above)
2018-12-25T12:42:20.651638758Z 67 PC: 15565 | Get or set file attributes (See above)
2018-12-25T12:42:20.660483535Z 79 PC: 153d3 | Find next file (See above)
2018-12-25T12:42:20.66337672Z 67 PC: 153dd | Get or set file attributes (See above)
2018-12-25T12:42:20.669825515Z 67 PC: 153e8 | Get or set file attributes (See above)
2018-12-25T12:42:20.683911497Z 61 PC: 153f0 | Open file (See above)
2018-12-25T12:42:20.691586353Z 87 PC: 153f5 | Get or set file date and time (See above)
2018-12-25T12:42:20.693013985Z 63 PC: 15401 | Read file or device (See above)
2018-12-25T12:42:20.700001043Z 66 PC: 15408 | Move file pointer (See above)
2018-12-25T12:42:20.702151985Z 87 PC: 1555e | Get or set file date and time (See above)
2018-12-25T12:42:20.70370452Z 62 PC: 15561 | Close file (See above)
2018-12-25T12:42:20.711294887Z 67 PC: 15565 | Get or set file attributes (See above)
2018-12-25T12:42:20.722526424Z 79 PC: 153d3 | Find next file (See above)
2018-12-25T12:42:20.725447305Z 67 PC: 153dd | Get or set file attributes (See above)
2018-12-25T12:42:20.731928641Z 67 PC: 153e8 | Get or set file attributes (See above)
2018-12-25T12:42:20.746186337Z 61 PC: 153f0 | Open file (See above)
2018-12-25T12:42:20.753372524Z 87 PC: 153f5 | Get or set file date and time (See above)
2018-12-25T12:42:20.755428725Z 63 PC: 15401 | Read file or device (See above)
2018-12-25T12:42:20.762882404Z 66 PC: 15408 | Move file pointer (See above)
2018-12-25T12:42:20.770032087Z 87 PC: 1555e | Get or set file date and time (See above)
2018-12-25T12:42:20.771904927Z 62 PC: 15561 | Close file (See above)
2018-12-25T12:42:20.778802949Z 67 PC: 15565 | Get or set file attributes (See above)
2018-12-25T12:42:20.789621422Z 79 PC: 153d3 | Find next file (See above)
2018-12-25T12:42:20.792436453Z 59 PC: 1532f | Change current directory
2018-12-25T12:42:20.797406744Z 59 PC: 1533d | Change current directory
2018-12-25T12:42:20.810205286Z 37 PC: 15343 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:42:20.811673198Z 26 PC: 1534b | Set disk transfer address
2018-12-25T12:42:20.813082274Z 42 PC: 1534e | Get date 0x1534e: cmp cx, 0x7cb
0x15352: jb 0x15370
0x15354: and dx, 0xf0f
0x15358: add dl, 8
0x1535b: cmp dh, dl
0x1535d: jne 0x15370
0x1535f: cmp al, 3
0x15361: ja 0x15370
0x15363: xor ax, ax
0x15365: int 0x10
0x15367: mov ah, 9
0x15369: lea dx, word ptr [bp + 0x242]
0x1536d: int3
0x1536e: cli
0x1536f: hlt
0x15370: cmp word ptr cs:[bp + 0x4fd], -4
0x15376: je 0x153a0
0x15378: mov di, 0x100
0x1537b: lea si, word ptr [bp + 0x274]
0x1537f: movsw word ptr es:[di], word ptr [si]
2018-12-25T12:42:20.816012784Z 9 PC: 12a54 | Display string (String= '� ������WJWUWW���������������~�')
2018-12-25T12:42:20.818620359Z 76 PC: 12a59 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":16,"Month":8,"Year":1995,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14991,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:42:22.32908567Z 53 PC: 152c5 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:42:22.332115467Z 37 PC: 152d2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:42:22.333937089Z 26 PC: 152e0 | Set disk transfer address
2018-12-25T12:42:22.335424279Z 71 PC: 152e9 | Get current directory
2018-12-25T12:42:22.339022738Z 53 PC: 152f0 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:42:22.349572976Z 37 PC: 152f9 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T12:42:22.35171153Z 78 PC: 153d3 | Find first file
2018-12-25T12:42:22.3589318Z 67 PC: 153dd | Get or set file attributes
2018-12-25T12:42:22.366839764Z 67 PC: 153e8 | Get or set file attributes
2018-12-25T12:42:22.392766974Z 61 PC: 153f0 | Open file (Filename = 'TEST.EXE')
2018-12-25T12:42:22.403426368Z 87 PC: 153f5 | Get or set file date and time
2018-12-25T12:42:22.40655338Z 63 PC: 15401 | Read file or device (Read 26 bytes on handle 5)
2018-12-25T12:42:22.410282264Z 66 PC: 15408 | Move file pointer
2018-12-25T12:42:22.41238744Z 87 PC: 1555e | Get or set file date and time
2018-12-25T12:42:22.42154993Z 62 PC: 15561 | Close file
2018-12-25T12:42:22.444192044Z 67 PC: 15565 | Get or set file attributes
2018-12-25T12:42:22.460365288Z 79 PC: 153d3 | Find next file (See above)
2018-12-25T12:42:22.465290548Z 78 PC: 153d3 | Find first file (See above)
2018-12-25T12:42:22.472320355Z 67 PC: 153dd | Get or set file attributes (See above)
2018-12-25T12:42:22.478854884Z 67 PC: 153e8 | Get or set file attributes (See above)
2018-12-25T12:42:22.490365682Z 61 PC: 153f0 | Open file (See above)
2018-12-25T12:42:22.498999678Z 87 PC: 153f5 | Get or set file date and time (See above)
2018-12-25T12:42:22.501276448Z 63 PC: 15401 | Read file or device (See above)
2018-12-25T12:42:22.509481492Z 66 PC: 15408 | Move file pointer (See above)
2018-12-25T12:42:22.511686989Z 87 PC: 1555e | Get or set file date and time (See above)
2018-12-25T12:42:22.513857202Z 62 PC: 15561 | Close file (See above)
2018-12-25T12:42:22.522110838Z 67 PC: 15565 | Get or set file attributes (See above)
2018-12-25T12:42:22.535048095Z 79 PC: 153d3 | Find next file (See above)
2018-12-25T12:42:22.538940588Z 67 PC: 153dd | Get or set file attributes (See above)
2018-12-25T12:42:22.545752576Z 67 PC: 153e8 | Get or set file attributes (See above)
2018-12-25T12:42:22.558441901Z 61 PC: 153f0 | Open file (See above)
2018-12-25T12:42:22.56711906Z 87 PC: 153f5 | Get or set file date and time (See above)
2018-12-25T12:42:22.56912891Z 63 PC: 15401 | Read file or device (See above)
2018-12-25T12:42:22.577678093Z 66 PC: 15408 | Move file pointer (See above)
2018-12-25T12:42:22.579280726Z 87 PC: 1555e | Get or set file date and time (See above)
2018-12-25T12:42:22.581227574Z 62 PC: 15561 | Close file (See above)
2018-12-25T12:42:22.589816843Z 67 PC: 15565 | Get or set file attributes (See above)
2018-12-25T12:42:22.605970877Z 79 PC: 153d3 | Find next file (See above)
2018-12-25T12:42:22.608954936Z 67 PC: 153dd | Get or set file attributes (See above)
2018-12-25T12:42:22.615657745Z 67 PC: 153e8 | Get or set file attributes (See above)
2018-12-25T12:42:22.627554656Z 61 PC: 153f0 | Open file (See above)
2018-12-25T12:42:22.63540256Z 87 PC: 153f5 | Get or set file date and time (See above)
2018-12-25T12:42:22.637421004Z 63 PC: 15401 | Read file or device (See above)
2018-12-25T12:42:22.64620397Z 66 PC: 15408 | Move file pointer (See above)
2018-12-25T12:42:22.648116469Z 87 PC: 1555e | Get or set file date and time (See above)
2018-12-25T12:42:22.650241297Z 62 PC: 15561 | Close file (See above)
2018-12-25T12:42:22.659347564Z 67 PC: 15565 | Get or set file attributes (See above)
2018-12-25T12:42:22.671019366Z 79 PC: 153d3 | Find next file (See above)
2018-12-25T12:42:22.674294017Z 67 PC: 153dd | Get or set file attributes (See above)
2018-12-25T12:42:22.681281497Z 67 PC: 153e8 | Get or set file attributes (See above)
2018-12-25T12:42:22.692501371Z 61 PC: 153f0 | Open file (See above)
2018-12-25T12:42:22.700784259Z 87 PC: 153f5 | Get or set file date and time (See above)
2018-12-25T12:42:22.703529853Z 63 PC: 15401 | Read file or device (See above)
2018-12-25T12:42:22.712061285Z 66 PC: 15408 | Move file pointer (See above)
2018-12-25T12:42:22.714205774Z 87 PC: 1555e | Get or set file date and time (See above)
2018-12-25T12:42:22.716520154Z 62 PC: 15561 | Close file (See above)
2018-12-25T12:42:22.725275256Z 67 PC: 15565 | Get or set file attributes (See above)
2018-12-25T12:42:22.737148999Z 79 PC: 153d3 | Find next file (See above)
2018-12-25T12:42:22.740667791Z 67 PC: 153dd | Get or set file attributes (See above)
2018-12-25T12:42:22.748665878Z 67 PC: 153e8 | Get or set file attributes (See above)
2018-12-25T12:42:22.759993722Z 61 PC: 153f0 | Open file (See above)
2018-12-25T12:42:22.767602235Z 87 PC: 153f5 | Get or set file date and time (See above)
2018-12-25T12:42:22.770148645Z 63 PC: 15401 | Read file or device (See above)
2018-12-25T12:42:22.777786392Z 66 PC: 15408 | Move file pointer (See above)
2018-12-25T12:42:22.780026259Z 87 PC: 1555e | Get or set file date and time (See above)
2018-12-25T12:42:22.782537953Z 62 PC: 15561 | Close file (See above)
2018-12-25T12:42:22.791556242Z 67 PC: 15565 | Get or set file attributes (See above)
2018-12-25T12:42:22.804706975Z 79 PC: 153d3 | Find next file (See above)
2018-12-25T12:42:22.808115713Z 67 PC: 153dd | Get or set file attributes (See above)
2018-12-25T12:42:22.815772178Z 67 PC: 153e8 | Get or set file attributes (See above)
2018-12-25T12:42:22.8279865Z 61 PC: 153f0 | Open file (See above)
2018-12-25T12:42:22.836409275Z 87 PC: 153f5 | Get or set file date and time (See above)
2018-12-25T12:42:22.839095437Z 63 PC: 15401 | Read file or device (See above)
2018-12-25T12:42:22.8467993Z 66 PC: 15408 | Move file pointer (See above)
2018-12-25T12:42:22.849345828Z 87 PC: 1555e | Get or set file date and time (See above)
2018-12-25T12:42:22.852400673Z 62 PC: 15561 | Close file (See above)
2018-12-25T12:42:22.861346043Z 67 PC: 15565 | Get or set file attributes (See above)
2018-12-25T12:42:22.872815065Z 79 PC: 153d3 | Find next file (See above)
2018-12-25T12:42:22.877044644Z 67 PC: 153dd | Get or set file attributes (See above)
2018-12-25T12:42:22.884412779Z 67 PC: 153e8 | Get or set file attributes (See above)
2018-12-25T12:42:22.895720281Z 61 PC: 153f0 | Open file (See above)
2018-12-25T12:42:22.903786595Z 87 PC: 153f5 | Get or set file date and time (See above)
2018-12-25T12:42:22.905942682Z 63 PC: 15401 | Read file or device (See above)
2018-12-25T12:42:22.913490599Z 66 PC: 15408 | Move file pointer (See above)
2018-12-25T12:42:22.915256994Z 87 PC: 1555e | Get or set file date and time (See above)
2018-12-25T12:42:22.918177482Z 62 PC: 15561 | Close file (See above)
2018-12-25T12:42:22.929352707Z 67 PC: 15565 | Get or set file attributes (See above)
2018-12-25T12:42:22.940502126Z 79 PC: 153d3 | Find next file (See above)
2018-12-25T12:42:22.944208737Z 59 PC: 1532f | Change current directory
2018-12-25T12:42:22.94898563Z 59 PC: 1533d | Change current directory
2018-12-25T12:42:22.953663166Z 37 PC: 15343 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:42:22.956170131Z 26 PC: 1534b | Set disk transfer address
2018-12-25T12:42:22.957844102Z 42 PC: 1534e | Get date 0x1534e: cmp cx, 0x7cb
0x15352: jb 0x15370
0x15354: and dx, 0xf0f
0x15358: add dl, 8
0x1535b: cmp dh, dl
0x1535d: jne 0x15370
0x1535f: cmp al, 3
0x15361: ja 0x15370
0x15363: xor ax, ax
0x15365: int 0x10
0x15367: mov ah, 9
0x15369: lea dx, word ptr [bp + 0x242]
0x1536d: int3
0x1536e: cli
0x1536f: hlt
0x15370: cmp word ptr cs:[bp + 0x4fd], -4
0x15376: je 0x153a0
0x15378: mov di, 0x100
0x1537b: lea si, word ptr [bp + 0x274]
0x1537f: movsw word ptr es:[di], word ptr [si]
2018-12-25T12:42:22.969216652Z 9 PC: 1536e | Display string (Could not find end pointer)

{"DateBased":true,"Day":1,"Month":9,"Year":1995,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14991,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:42:22.373570759Z 53 PC: 152c5 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:42:22.37565398Z 37 PC: 152d2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:42:22.376837094Z 26 PC: 152e0 | Set disk transfer address
2018-12-25T12:42:22.377937392Z 71 PC: 152e9 | Get current directory
2018-12-25T12:42:22.381191458Z 53 PC: 152f0 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:42:22.382892215Z 37 PC: 152f9 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T12:42:22.383963049Z 78 PC: 153d3 | Find first file
2018-12-25T12:42:22.389909466Z 67 PC: 153dd | Get or set file attributes
2018-12-25T12:42:22.394150213Z 67 PC: 153e8 | Get or set file attributes
2018-12-25T12:42:22.407633431Z 61 PC: 153f0 | Open file (Filename = 'TEST.EXE')
2018-12-25T12:42:22.419031568Z 87 PC: 153f5 | Get or set file date and time
2018-12-25T12:42:22.421963469Z 63 PC: 15401 | Read file or device (Read 26 bytes on handle 5)
2018-12-25T12:42:22.428922412Z 66 PC: 15408 | Move file pointer
2018-12-25T12:42:22.430789304Z 87 PC: 1555e | Get or set file date and time
2018-12-25T12:42:22.433656667Z 62 PC: 15561 | Close file
2018-12-25T12:42:22.441019119Z 67 PC: 15565 | Get or set file attributes
2018-12-25T12:42:22.4511382Z 79 PC: 153d3 | Find next file (See above)
2018-12-25T12:42:22.454470556Z 78 PC: 153d3 | Find first file (See above)
2018-12-25T12:42:22.458156942Z 67 PC: 153dd | Get or set file attributes (See above)
2018-12-25T12:42:22.463941011Z 67 PC: 153e8 | Get or set file attributes (See above)
2018-12-25T12:42:22.4769673Z 61 PC: 153f0 | Open file (See above)
2018-12-25T12:42:22.489207845Z 87 PC: 153f5 | Get or set file date and time (See above)
2018-12-25T12:42:22.49084333Z 63 PC: 15401 | Read file or device (See above)
2018-12-25T12:42:22.497752482Z 66 PC: 15408 | Move file pointer (See above)
2018-12-25T12:42:22.499595317Z 87 PC: 1555e | Get or set file date and time (See above)
2018-12-25T12:42:22.50133192Z 62 PC: 15561 | Close file (See above)
2018-12-25T12:42:22.50931411Z 67 PC: 15565 | Get or set file attributes (See above)
2018-12-25T12:42:22.519547178Z 79 PC: 153d3 | Find next file (See above)
2018-12-25T12:42:22.522219296Z 67 PC: 153dd | Get or set file attributes (See above)
2018-12-25T12:42:22.527950607Z 67 PC: 153e8 | Get or set file attributes (See above)
2018-12-25T12:42:22.537794845Z 61 PC: 153f0 | Open file (See above)
2018-12-25T12:42:22.549121468Z 87 PC: 153f5 | Get or set file date and time (See above)
2018-12-25T12:42:22.550954999Z 63 PC: 15401 | Read file or device (See above)
2018-12-25T12:42:22.557884059Z 66 PC: 15408 | Move file pointer (See above)
2018-12-25T12:42:22.559218888Z 87 PC: 1555e | Get or set file date and time (See above)
2018-12-25T12:42:22.560802202Z 62 PC: 15561 | Close file (See above)
2018-12-25T12:42:22.568550005Z 67 PC: 15565 | Get or set file attributes (See above)
2018-12-25T12:42:22.57824144Z 79 PC: 153d3 | Find next file (See above)
2018-12-25T12:42:22.580747637Z 67 PC: 153dd | Get or set file attributes (See above)
2018-12-25T12:42:22.587232577Z 67 PC: 153e8 | Get or set file attributes (See above)
2018-12-25T12:42:22.601107377Z 61 PC: 153f0 | Open file (See above)
2018-12-25T12:42:22.612483168Z 87 PC: 153f5 | Get or set file date and time (See above)
2018-12-25T12:42:22.615070692Z 63 PC: 15401 | Read file or device (See above)
2018-12-25T12:42:22.628747362Z 66 PC: 15408 | Move file pointer (See above)
2018-12-25T12:42:22.630152714Z 87 PC: 1555e | Get or set file date and time (See above)
2018-12-25T12:42:22.632440454Z 62 PC: 15561 | Close file (See above)
2018-12-25T12:42:22.639349088Z 67 PC: 15565 | Get or set file attributes (See above)
2018-12-25T12:42:22.648924222Z 79 PC: 153d3 | Find next file (See above)
2018-12-25T12:42:22.652074168Z 67 PC: 153dd | Get or set file attributes (See above)
2018-12-25T12:42:22.661023858Z 67 PC: 153e8 | Get or set file attributes (See above)
2018-12-25T12:42:22.673266893Z 61 PC: 153f0 | Open file (See above)
2018-12-25T12:42:22.694189235Z 87 PC: 153f5 | Get or set file date and time (See above)
2018-12-25T12:42:22.696187289Z 63 PC: 15401 | Read file or device (See above)
2018-12-25T12:42:22.7118194Z 66 PC: 15408 | Move file pointer (See above)
2018-12-25T12:42:22.714072925Z 87 PC: 1555e | Get or set file date and time (See above)
2018-12-25T12:42:22.716077228Z 62 PC: 15561 | Close file (See above)
2018-12-25T12:42:22.723420988Z 67 PC: 15565 | Get or set file attributes (See above)
2018-12-25T12:42:22.733277315Z 79 PC: 153d3 | Find next file (See above)
2018-12-25T12:42:22.736414396Z 67 PC: 153dd | Get or set file attributes (See above)
2018-12-25T12:42:22.741882101Z 67 PC: 153e8 | Get or set file attributes (See above)
2018-12-25T12:42:22.765368464Z 61 PC: 153f0 | Open file (See above)
2018-12-25T12:42:22.785441363Z 87 PC: 153f5 | Get or set file date and time (See above)
2018-12-25T12:42:22.786964254Z 63 PC: 15401 | Read file or device (See above)
2018-12-25T12:42:22.793677043Z 66 PC: 15408 | Move file pointer (See above)
2018-12-25T12:42:22.795958841Z 87 PC: 1555e | Get or set file date and time (See above)
2018-12-25T12:42:22.797775033Z 62 PC: 15561 | Close file (See above)
2018-12-25T12:42:22.804886405Z 67 PC: 15565 | Get or set file attributes (See above)
2018-12-25T12:42:22.816114052Z 79 PC: 153d3 | Find next file (See above)
2018-12-25T12:42:22.818578836Z 67 PC: 153dd | Get or set file attributes (See above)
2018-12-25T12:42:22.824059939Z 67 PC: 153e8 | Get or set file attributes (See above)
2018-12-25T12:42:22.834499706Z 61 PC: 153f0 | Open file (See above)
2018-12-25T12:42:22.84777544Z 87 PC: 153f5 | Get or set file date and time (See above)
2018-12-25T12:42:22.8494865Z 63 PC: 15401 | Read file or device (See above)
2018-12-25T12:42:22.856729415Z 66 PC: 15408 | Move file pointer (See above)
2018-12-25T12:42:22.858340738Z 87 PC: 1555e | Get or set file date and time (See above)
2018-12-25T12:42:22.8600104Z 62 PC: 15561 | Close file (See above)
2018-12-25T12:42:22.867808992Z 67 PC: 15565 | Get or set file attributes (See above)
2018-12-25T12:42:22.878129447Z 79 PC: 153d3 | Find next file (See above)
2018-12-25T12:42:22.880909249Z 67 PC: 153dd | Get or set file attributes (See above)
2018-12-25T12:42:22.887304544Z 67 PC: 153e8 | Get or set file attributes (See above)
2018-12-25T12:42:22.897177734Z 61 PC: 153f0 | Open file (See above)
2018-12-25T12:42:22.904015497Z 87 PC: 153f5 | Get or set file date and time (See above)
2018-12-25T12:42:22.906640044Z 63 PC: 15401 | Read file or device (See above)
2018-12-25T12:42:22.913574932Z 66 PC: 15408 | Move file pointer (See above)
2018-12-25T12:42:22.915276138Z 87 PC: 1555e | Get or set file date and time (See above)
2018-12-25T12:42:22.9176211Z 62 PC: 15561 | Close file (See above)
2018-12-25T12:42:22.925292943Z 67 PC: 15565 | Get or set file attributes (See above)
2018-12-25T12:42:22.937585593Z 79 PC: 153d3 | Find next file (See above)
2018-12-25T12:42:22.940428768Z 59 PC: 1532f | Change current directory
2018-12-25T12:42:22.945401231Z 59 PC: 1533d | Change current directory
2018-12-25T12:42:22.949694511Z 37 PC: 15343 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:42:22.95103023Z 26 PC: 1534b | Set disk transfer address
2018-12-25T12:42:22.953205512Z 42 PC: 1534e | Get date 0x1534e: cmp cx, 0x7cb
0x15352: jb 0x15370
0x15354: and dx, 0xf0f
0x15358: add dl, 8
0x1535b: cmp dh, dl
0x1535d: jne 0x15370
0x1535f: cmp al, 3
0x15361: ja 0x15370
0x15363: xor ax, ax
0x15365: int 0x10
0x15367: mov ah, 9
0x15369: lea dx, word ptr [bp + 0x242]
0x1536d: int3
0x1536e: cli
0x1536f: hlt
0x15370: cmp word ptr cs:[bp + 0x4fd], -4
0x15376: je 0x153a0
0x15378: mov di, 0x100
0x1537b: lea si, word ptr [bp + 0x274]
0x1537f: movsw word ptr es:[di], word ptr [si]
2018-12-25T12:42:22.955607726Z 9 PC: 12a54 | Display string (String= '� ������WJWUWW���������������~�')
2018-12-25T12:42:22.958010803Z 76 PC: 12a59 | Terminate with return code (Return code = '0')