Sample viewer

vx.netlux.org/Virus.DOS.AK.365

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:06:40.535136673Z 78 PC: 13277 | Find first file
2018-12-17T23:06:40.543052888Z 67 PC: 13290 | Get or set file attributes
2018-12-17T23:06:40.559204526Z 67 PC: 132a0 | Get or set file attributes
2018-12-17T23:06:40.813555721Z 61 PC: 132a8 | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:06:40.822144993Z 66 PC: 132ba | Move file pointer
2018-12-17T23:06:40.824779474Z 63 PC: 132c7 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T23:06:40.832438522Z 66 PC: 132f9 | Move file pointer
2018-12-17T23:06:40.841891654Z 64 PC: 13306 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T23:06:40.851201792Z 66 PC: 13311 | Move file pointer
2018-12-17T23:06:40.853274545Z 64 PC: 1331b | Write file or device (Write 365 bytes on handle 5)
2018-12-17T23:06:40.863190858Z 67 PC: 1332a | Get or set file attributes
2018-12-17T23:06:40.876351567Z 62 PC: 1332e | Close file
2018-12-17T23:06:40.885478806Z 42 PC: 13349 | Get date 0x13349: cmp al, 5
0x1334b: jne 0x1336d
0x1334d: xor ah, ah
0x1334f: mov al, 3
0x13351: int 0x10
0x13353: mov ah, 0x35
0x13355: mov al, 0x1c
0x13357: int 0x21
0x13359: mov ah, 0x25
0x1335b: mov al, 5
0x1335d: mov dx, bx
0x1335f: mov bx, es
0x13361: mov ds, bx
0x13363: int 0x21
0x13365: mov al, 0x14
0x13367: int 0x21
0x13369: mov al, 0x1e
0x1336b: int 0x21
0x1336d: jmp 0x1327b
0x13370: mov ah, 0x43
2018-12-17T23:06:40.888380492Z 79 PC: 13285 | Find next file
2018-12-17T23:06:40.892139659Z 67 PC: 13290 | Get or set file attributes
2018-12-17T23:06:40.900066363Z 67 PC: 132a0 | Get or set file attributes
2018-12-17T23:06:40.911407534Z 61 PC: 132a8 | Open file (Filename = 'PRINT.COM')
2018-12-17T23:06:40.925167264Z 66 PC: 132ba | Move file pointer
2018-12-17T23:06:40.928500708Z 63 PC: 132c7 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T23:06:40.936157453Z 66 PC: 132f9 | Move file pointer
2018-12-17T23:06:40.938138986Z 64 PC: 13306 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T23:06:40.942616799Z 66 PC: 13311 | Move file pointer
2018-12-17T23:06:40.944459367Z 64 PC: 1331b | Write file or device (Write 365 bytes on handle 5)
2018-12-17T23:06:40.947829306Z 67 PC: 1332a | Get or set file attributes
2018-12-17T23:06:40.960572493Z 62 PC: 1332e | Close file
2018-12-17T23:06:40.969581416Z 42 PC: 13349 | Get date 0x13349: cmp al, 5
0x1334b: jne 0x1336d
0x1334d: xor ah, ah
0x1334f: mov al, 3
0x13351: int 0x10
0x13353: mov ah, 0x35
0x13355: mov al, 0x1c
0x13357: int 0x21
0x13359: mov ah, 0x25
0x1335b: mov al, 5
0x1335d: mov dx, bx
0x1335f: mov bx, es
0x13361: mov ds, bx
0x13363: int 0x21
0x13365: mov al, 0x14
0x13367: int 0x21
0x13369: mov al, 0x1e
0x1336b: int 0x21
0x1336d: jmp 0x1327b
0x13370: mov ah, 0x43
2018-12-17T23:06:40.972450377Z 79 PC: 13285 | Find next file
2018-12-17T23:06:40.976080284Z 67 PC: 13290 | Get or set file attributes
2018-12-17T23:06:40.98816189Z 67 PC: 132a0 | Get or set file attributes
2018-12-17T23:06:40.999687041Z 61 PC: 132a8 | Open file (Filename = 'HELLO.COM')
2018-12-17T23:06:41.007134912Z 66 PC: 132ba | Move file pointer
2018-12-17T23:06:41.01002204Z 63 PC: 132c7 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T23:06:41.0171988Z 66 PC: 132f9 | Move file pointer
2018-12-17T23:06:41.019075151Z 64 PC: 13306 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T23:06:41.023320637Z 66 PC: 13311 | Move file pointer
2018-12-17T23:06:41.025330996Z 64 PC: 1331b | Write file or device (Write 365 bytes on handle 5)
2018-12-17T23:06:41.028749248Z 67 PC: 1332a | Get or set file attributes
2018-12-17T23:06:41.041384946Z 62 PC: 1332e | Close file
2018-12-17T23:06:41.050296501Z 42 PC: 13349 | Get date 0x13349: cmp al, 5
0x1334b: jne 0x1336d
0x1334d: xor ah, ah
0x1334f: mov al, 3
0x13351: int 0x10
0x13353: mov ah, 0x35
0x13355: mov al, 0x1c
0x13357: int 0x21
0x13359: mov ah, 0x25
0x1335b: mov al, 5
0x1335d: mov dx, bx
0x1335f: mov bx, es
0x13361: mov ds, bx
0x13363: int 0x21
0x13365: mov al, 0x14
0x13367: int 0x21
0x13369: mov al, 0x1e
0x1336b: int 0x21
0x1336d: jmp 0x1327b
0x13370: mov ah, 0x43
2018-12-17T23:06:41.053097517Z 79 PC: 13285 | Find next file
2018-12-17T23:06:41.057037756Z 67 PC: 13290 | Get or set file attributes
2018-12-17T23:06:41.0651848Z 67 PC: 132a0 | Get or set file attributes
2018-12-17T23:06:41.076322062Z 61 PC: 132a8 | Open file (Filename = 'PHANG.COM')
2018-12-17T23:06:41.085777563Z 66 PC: 132ba | Move file pointer
2018-12-17T23:06:41.087791139Z 63 PC: 132c7 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T23:06:41.095265137Z 66 PC: 132f9 | Move file pointer
2018-12-17T23:06:41.097143533Z 64 PC: 13306 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T23:06:41.101432827Z 66 PC: 13311 | Move file pointer
2018-12-17T23:06:41.10338155Z 64 PC: 1331b | Write file or device (Write 365 bytes on handle 5)
2018-12-17T23:06:41.106727676Z 67 PC: 1332a | Get or set file attributes
2018-12-17T23:06:41.118766807Z 62 PC: 1332e | Close file
2018-12-17T23:06:41.127443796Z 42 PC: 13349 | Get date 0x13349: cmp al, 5
0x1334b: jne 0x1336d
0x1334d: xor ah, ah
0x1334f: mov al, 3
0x13351: int 0x10
0x13353: mov ah, 0x35
0x13355: mov al, 0x1c
0x13357: int 0x21
0x13359: mov ah, 0x25
0x1335b: mov al, 5
0x1335d: mov dx, bx
0x1335f: mov bx, es
0x13361: mov ds, bx
0x13363: int 0x21
0x13365: mov al, 0x14
0x13367: int 0x21
0x13369: mov al, 0x1e
0x1336b: int 0x21
0x1336d: jmp 0x1327b
0x13370: mov ah, 0x43
2018-12-17T23:06:41.12990011Z 79 PC: 13285 | Find next file
2018-12-17T23:06:41.133648705Z 67 PC: 13290 | Get or set file attributes
2018-12-17T23:06:41.140003645Z 67 PC: 132a0 | Get or set file attributes
2018-12-17T23:06:41.151091803Z 61 PC: 132a8 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T23:06:41.15882624Z 66 PC: 132ba | Move file pointer
2018-12-17T23:06:41.160960568Z 63 PC: 132c7 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T23:06:41.169125285Z 66 PC: 132f9 | Move file pointer
2018-12-17T23:06:41.172129883Z 64 PC: 13306 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T23:06:41.175826849Z 66 PC: 13311 | Move file pointer
2018-12-17T23:06:41.17787532Z 64 PC: 1331b | Write file or device (Write 365 bytes on handle 5)
2018-12-17T23:06:41.18136513Z 67 PC: 1332a | Get or set file attributes
2018-12-17T23:06:41.193769989Z 62 PC: 1332e | Close file
2018-12-17T23:06:41.202241413Z 42 PC: 13349 | Get date 0x13349: cmp al, 5
0x1334b: jne 0x1336d
0x1334d: xor ah, ah
0x1334f: mov al, 3
0x13351: int 0x10
0x13353: mov ah, 0x35
0x13355: mov al, 0x1c
0x13357: int 0x21
0x13359: mov ah, 0x25
0x1335b: mov al, 5
0x1335d: mov dx, bx
0x1335f: mov bx, es
0x13361: mov ds, bx
0x13363: int 0x21
0x13365: mov al, 0x14
0x13367: int 0x21
0x13369: mov al, 0x1e
0x1336b: int 0x21
0x1336d: jmp 0x1327b
0x13370: mov ah, 0x43
2018-12-17T23:06:41.205024955Z 79 PC: 13285 | Find next file
2018-12-17T23:06:41.208678258Z 67 PC: 13290 | Get or set file attributes
2018-12-17T23:06:41.215352484Z 67 PC: 132a0 | Get or set file attributes
2018-12-17T23:06:41.22647285Z 61 PC: 132a8 | Open file (Filename = 'MANDEL.COM')
2018-12-17T23:06:41.23509064Z 66 PC: 132ba | Move file pointer
2018-12-17T23:06:41.2370445Z 63 PC: 132c7 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T23:06:41.244515004Z 66 PC: 132f9 | Move file pointer
2018-12-17T23:06:41.24724402Z 64 PC: 13306 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T23:06:41.250742527Z 66 PC: 13311 | Move file pointer
2018-12-17T23:06:41.252677987Z 64 PC: 1331b | Write file or device (Write 365 bytes on handle 5)
2018-12-17T23:06:41.263147467Z 67 PC: 1332a | Get or set file attributes
2018-12-17T23:06:41.2752944Z 62 PC: 1332e | Close file
2018-12-17T23:06:41.283758629Z 42 PC: 13349 | Get date 0x13349: cmp al, 5
0x1334b: jne 0x1336d
0x1334d: xor ah, ah
0x1334f: mov al, 3
0x13351: int 0x10
0x13353: mov ah, 0x35
0x13355: mov al, 0x1c
0x13357: int 0x21
0x13359: mov ah, 0x25
0x1335b: mov al, 5
0x1335d: mov dx, bx
0x1335f: mov bx, es
0x13361: mov ds, bx
0x13363: int 0x21
0x13365: mov al, 0x14
0x13367: int 0x21
0x13369: mov al, 0x1e
0x1336b: int 0x21
0x1336d: jmp 0x1327b
0x13370: mov ah, 0x43
2018-12-17T23:06:41.28655068Z 79 PC: 13285 | Find next file
2018-12-17T23:06:41.290185363Z 67 PC: 13290 | Get or set file attributes
2018-12-17T23:06:41.296739889Z 67 PC: 132a0 | Get or set file attributes
2018-12-17T23:06:41.307817213Z 61 PC: 132a8 | Open file (Filename = 'PAH.COM')
2018-12-17T23:06:41.322275367Z 66 PC: 132ba | Move file pointer
2018-12-17T23:06:41.324207667Z 63 PC: 132c7 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T23:06:41.331716522Z 66 PC: 132f9 | Move file pointer
2018-12-17T23:06:41.334473063Z 64 PC: 13306 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T23:06:41.337958879Z 66 PC: 13311 | Move file pointer
2018-12-17T23:06:41.339885724Z 64 PC: 1331b | Write file or device (Write 365 bytes on handle 5)
2018-12-17T23:06:41.343994741Z 67 PC: 1332a | Get or set file attributes
2018-12-17T23:06:41.355759833Z 62 PC: 1332e | Close file
2018-12-17T23:06:41.364241298Z 42 PC: 13349 | Get date 0x13349: cmp al, 5
0x1334b: jne 0x1336d
0x1334d: xor ah, ah
0x1334f: mov al, 3
0x13351: int 0x10
0x13353: mov ah, 0x35
0x13355: mov al, 0x1c
0x13357: int 0x21
0x13359: mov ah, 0x25
0x1335b: mov al, 5
0x1335d: mov dx, bx
0x1335f: mov bx, es
0x13361: mov ds, bx
0x13363: int 0x21
0x13365: mov al, 0x14
0x13367: int 0x21
0x13369: mov al, 0x1e
0x1336b: int 0x21
0x1336d: jmp 0x1327b
0x13370: mov ah, 0x43
2018-12-17T23:06:41.367244024Z 79 PC: 13285 | Find next file
2018-12-17T23:06:41.371067245Z 67 PC: 1337d | Get or set file attributes
2018-12-17T23:06:41.382214717Z 62 PC: 13386 | Close file
2018-12-17T23:06:41.38430497Z 9 PC: 12b18 | Display string (String= ' SC Virus Collection. ***** WARNING ***** This program is infected with a parasitic virus The uninfected length of this file is 2048 bytes This program is copyright 1994 West Coast Publishing Ltd ')
2018-12-17T23:06:41.401239397Z 76 PC: 12b1d | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15617,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:44:01.150444253Z 78 PC: 13277 | Find first file
2018-12-25T12:44:01.156501782Z 67 PC: 13290 | Get or set file attributes
2018-12-25T12:44:01.161879009Z 67 PC: 132a0 | Get or set file attributes
2018-12-25T12:44:01.417390126Z 61 PC: 132a8 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:44:01.422279245Z 66 PC: 132ba | Move file pointer
2018-12-25T12:44:01.423585502Z 63 PC: 132c7 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T12:44:01.429862043Z 66 PC: 132f9 | Move file pointer
2018-12-25T12:44:01.431434378Z 64 PC: 13306 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:44:01.433912595Z 66 PC: 13311 | Move file pointer
2018-12-25T12:44:01.435113822Z 64 PC: 1331b | Write file or device (Write 365 bytes on handle 5)
2018-12-25T12:44:01.442912185Z 67 PC: 1332a | Get or set file attributes
2018-12-25T12:44:01.453574282Z 62 PC: 1332e | Close file
2018-12-25T12:44:01.460816268Z 42 PC: 13349 | Get date 0x13349: cmp al, 5
0x1334b: jne 0x1336d
0x1334d: xor ah, ah
0x1334f: mov al, 3
0x13351: int 0x10
0x13353: mov ah, 0x35
0x13355: mov al, 0x1c
0x13357: int 0x21
0x13359: mov ah, 0x25
0x1335b: mov al, 5
0x1335d: mov dx, bx
0x1335f: mov bx, es
0x13361: mov ds, bx
0x13363: int 0x21
0x13365: mov al, 0x14
0x13367: int 0x21
0x13369: mov al, 0x1e
0x1336b: int 0x21
0x1336d: jmp 0x1327b
0x13370: mov ah, 0x43
2018-12-25T12:44:01.462843499Z 79 PC: 13285 | Find next file
2018-12-25T12:44:01.466342202Z 67 PC: 13290 | Get or set file attributes (See above)
2018-12-25T12:44:01.485149712Z 67 PC: 132a0 | Get or set file attributes (See above)
2018-12-25T12:44:01.494719065Z 61 PC: 132a8 | Open file (See above)
2018-12-25T12:44:01.502640677Z 66 PC: 132ba | Move file pointer (See above)
2018-12-25T12:44:01.504069242Z 63 PC: 132c7 | Read file or device (See above)
2018-12-25T12:44:01.510777289Z 66 PC: 132f9 | Move file pointer (See above)
2018-12-25T12:44:01.512650623Z 64 PC: 13306 | Write file or device (See above)
2018-12-25T12:44:01.515419994Z 66 PC: 13311 | Move file pointer (See above)
2018-12-25T12:44:01.516758524Z 64 PC: 1331b | Write file or device (See above)
2018-12-25T12:44:01.520159904Z 67 PC: 1332a | Get or set file attributes (See above)
2018-12-25T12:44:01.530407742Z 62 PC: 1332e | Close file (See above)
2018-12-25T12:44:01.535014986Z 42 PC: 13349 | Get date (See above)
2018-12-25T12:44:01.537200988Z 79 PC: 13285 | Find next file (See above)
2018-12-25T12:44:01.539024965Z 67 PC: 13290 | Get or set file attributes (See above)
2018-12-25T12:44:01.542524657Z 67 PC: 132a0 | Get or set file attributes (See above)
2018-12-25T12:44:01.550160244Z 61 PC: 132a8 | Open file (See above)
2018-12-25T12:44:01.561787768Z 66 PC: 132ba | Move file pointer (See above)
2018-12-25T12:44:01.563512699Z 63 PC: 132c7 | Read file or device (See above)
2018-12-25T12:44:01.57069591Z 66 PC: 132f9 | Move file pointer (See above)
2018-12-25T12:44:01.572023466Z 64 PC: 13306 | Write file or device (See above)
2018-12-25T12:44:01.574666528Z 66 PC: 13311 | Move file pointer (See above)
2018-12-25T12:44:01.57635763Z 64 PC: 1331b | Write file or device (See above)
2018-12-25T12:44:01.580648483Z 67 PC: 1332a | Get or set file attributes (See above)
2018-12-25T12:44:01.590870034Z 62 PC: 1332e | Close file (See above)
2018-12-25T12:44:01.598398465Z 42 PC: 13349 | Get date (See above)
2018-12-25T12:44:01.601981835Z 79 PC: 13285 | Find next file (See above)
2018-12-25T12:44:01.604916423Z 67 PC: 13290 | Get or set file attributes (See above)
2018-12-25T12:44:01.610328673Z 67 PC: 132a0 | Get or set file attributes (See above)
2018-12-25T12:44:01.620521004Z 61 PC: 132a8 | Open file (See above)
2018-12-25T12:44:01.626873376Z 66 PC: 132ba | Move file pointer (See above)
2018-12-25T12:44:01.628095618Z 63 PC: 132c7 | Read file or device (See above)
2018-12-25T12:44:01.635409077Z 66 PC: 132f9 | Move file pointer (See above)
2018-12-25T12:44:01.636708507Z 64 PC: 13306 | Write file or device (See above)
2018-12-25T12:44:01.640125538Z 66 PC: 13311 | Move file pointer (See above)
2018-12-25T12:44:01.642175878Z 64 PC: 1331b | Write file or device (See above)
2018-12-25T12:44:01.644750624Z 67 PC: 1332a | Get or set file attributes (See above)
2018-12-25T12:44:01.655125893Z 62 PC: 1332e | Close file (See above)
2018-12-25T12:44:01.662472348Z 42 PC: 13349 | Get date (See above)
2018-12-25T12:44:01.664933233Z 79 PC: 13285 | Find next file (See above)
2018-12-25T12:44:01.667485928Z 67 PC: 13290 | Get or set file attributes (See above)
2018-12-25T12:44:01.673825127Z 67 PC: 132a0 | Get or set file attributes (See above)
2018-12-25T12:44:01.683705233Z 61 PC: 132a8 | Open file (See above)
2018-12-25T12:44:01.690520542Z 66 PC: 132ba | Move file pointer (See above)
2018-12-25T12:44:01.691901182Z 63 PC: 132c7 | Read file or device (See above)
2018-12-25T12:44:01.700061296Z 66 PC: 132f9 | Move file pointer (See above)
2018-12-25T12:44:01.701772814Z 64 PC: 13306 | Write file or device (See above)
2018-12-25T12:44:01.704719082Z 66 PC: 13311 | Move file pointer (See above)
2018-12-25T12:44:01.712373718Z 64 PC: 1331b | Write file or device (See above)
2018-12-25T12:44:01.7152762Z 67 PC: 1332a | Get or set file attributes (See above)
2018-12-25T12:44:01.725681807Z 62 PC: 1332e | Close file (See above)
2018-12-25T12:44:01.733963141Z 42 PC: 13349 | Get date (See above)
2018-12-25T12:44:01.73685678Z 79 PC: 13285 | Find next file (See above)
2018-12-25T12:44:01.739782683Z 67 PC: 13290 | Get or set file attributes (See above)
2018-12-25T12:44:01.746938061Z 67 PC: 132a0 | Get or set file attributes (See above)
2018-12-25T12:44:01.756655844Z 61 PC: 132a8 | Open file (See above)
2018-12-25T12:44:01.763473549Z 66 PC: 132ba | Move file pointer (See above)
2018-12-25T12:44:01.76644184Z 63 PC: 132c7 | Read file or device (See above)
2018-12-25T12:44:01.773121749Z 66 PC: 132f9 | Move file pointer (See above)
2018-12-25T12:44:01.774813695Z 64 PC: 13306 | Write file or device (See above)
2018-12-25T12:44:01.778185992Z 66 PC: 13311 | Move file pointer (See above)
2018-12-25T12:44:01.77945931Z 64 PC: 1331b | Write file or device (See above)
2018-12-25T12:44:01.788196961Z 67 PC: 1332a | Get or set file attributes (See above)
2018-12-25T12:44:01.798847515Z 62 PC: 1332e | Close file (See above)
2018-12-25T12:44:01.805975074Z 42 PC: 13349 | Get date (See above)
2018-12-25T12:44:01.80801194Z 79 PC: 13285 | Find next file (See above)
2018-12-25T12:44:01.810992355Z 67 PC: 13290 | Get or set file attributes (See above)
2018-12-25T12:44:01.816362556Z 67 PC: 132a0 | Get or set file attributes (See above)
2018-12-25T12:44:01.825844321Z 61 PC: 132a8 | Open file (See above)
2018-12-25T12:44:01.832518332Z 66 PC: 132ba | Move file pointer (See above)
2018-12-25T12:44:01.834231748Z 63 PC: 132c7 | Read file or device (See above)
2018-12-25T12:44:01.841100724Z 66 PC: 132f9 | Move file pointer (See above)
2018-12-25T12:44:01.84322381Z 64 PC: 13306 | Write file or device (See above)
2018-12-25T12:44:01.845625417Z 66 PC: 13311 | Move file pointer (See above)
2018-12-25T12:44:01.846870993Z 64 PC: 1331b | Write file or device (See above)
2018-12-25T12:44:01.849853592Z 67 PC: 1332a | Get or set file attributes (See above)
2018-12-25T12:44:01.860470206Z 62 PC: 1332e | Close file (See above)
2018-12-25T12:44:01.868441082Z 42 PC: 13349 | Get date (See above)
2018-12-25T12:44:01.871829729Z 79 PC: 13285 | Find next file (See above)
2018-12-25T12:44:01.87463828Z 67 PC: 1337d | Get or set file attributes
2018-12-25T12:44:01.884472168Z 62 PC: 13386 | Close file
2018-12-25T12:44:01.888765889Z 9 PC: 12b18 | Display string (String= ' SC Virus Collection. ***** WARNING ***** This program is infected with a parasitic virus The uninfected length of this file is 2048 bytes This program is copyright 1994 West Coast Publishing Ltd ')
2018-12-25T12:44:01.902845212Z 76 PC: 12b1d | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":4,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15617,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:44:01.162552637Z 78 PC: 13277 | Find first file
2018-12-25T12:44:01.168588895Z 67 PC: 13290 | Get or set file attributes
2018-12-25T12:44:01.174122167Z 67 PC: 132a0 | Get or set file attributes
2018-12-25T12:44:01.417324238Z 61 PC: 132a8 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:44:01.425488956Z 66 PC: 132ba | Move file pointer
2018-12-25T12:44:01.426861159Z 63 PC: 132c7 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T12:44:01.433087439Z 66 PC: 132f9 | Move file pointer
2018-12-25T12:44:01.434942849Z 64 PC: 13306 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:44:01.437378569Z 66 PC: 13311 | Move file pointer
2018-12-25T12:44:01.438621273Z 64 PC: 1331b | Write file or device (Write 365 bytes on handle 5)
2018-12-25T12:44:01.448072356Z 67 PC: 1332a | Get or set file attributes
2018-12-25T12:44:01.458397939Z 62 PC: 1332e | Close file
2018-12-25T12:44:01.465357082Z 42 PC: 13349 | Get date 0x13349: cmp al, 5
0x1334b: jne 0x1336d
0x1334d: xor ah, ah
0x1334f: mov al, 3
0x13351: int 0x10
0x13353: mov ah, 0x35
0x13355: mov al, 0x1c
0x13357: int 0x21
0x13359: mov ah, 0x25
0x1335b: mov al, 5
0x1335d: mov dx, bx
0x1335f: mov bx, es
0x13361: mov ds, bx
0x13363: int 0x21
0x13365: mov al, 0x14
0x13367: int 0x21
0x13369: mov al, 0x1e
0x1336b: int 0x21
0x1336d: jmp 0x1327b
0x13370: mov ah, 0x43
2018-12-25T12:44:01.474154633Z 53 PC: 13359 | Get interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-25T12:44:01.47685915Z 37 PC: 13365 | Set interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-25T12:44:01.478055318Z 37 PC: 13369 | Set interrupt vector (Interrupt = '20' AKA 'Sequential read')
2018-12-25T12:44:01.479478334Z 37 PC: 1336d | Set interrupt vector (Interrupt = '30' AKA 'Reserved')
2018-12-25T12:44:01.481388058Z 79 PC: 13285 | Find next file
2018-12-25T12:44:01.484200005Z 67 PC: 13290 | Get or set file attributes (See above)
2018-12-25T12:44:01.485739676Z 67 PC: 132a0 | Get or set file attributes (See above)
2018-12-25T12:44:01.490909914Z 61 PC: 132a8 | Open file (See above)
2018-12-25T12:44:01.493274935Z 67 PC: 1337d | Get or set file attributes
2018-12-25T12:44:01.494893267Z 62 PC: 13386 | Close file
2018-12-25T12:44:01.499403185Z 9 PC: 12b18 | Display string (String= '������u)���|')
2018-12-25T12:44:01.501505051Z 76 PC: 12b1d | Terminate with return code (Return code = '0')