Sample viewer

vx.netlux.org/Virus.DOS.Ohlala.1895

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:06:43.176989182Z	26	PC: 12bf8 \| Set disk transfer address
2018-12-17T23:06:43.178984814Z	71	PC: 12c06 \| Get current directory
2018-12-17T23:06:43.182848087Z	78	PC: 130af \| Find first file
2018-12-17T23:06:43.189998139Z	78	PC: 130ce \| Find first file
2018-12-17T23:06:43.196180261Z	78	PC: 12c21 \| Find first file
2018-12-17T23:06:43.203571557Z	67	PC: 1304d \| Get or set file attributes
2018-12-17T23:06:43.215244582Z	67	PC: 13059 \| Get or set file attributes
2018-12-17T23:06:43.235969855Z	61	PC: 12ec1 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T23:06:43.244097115Z	66	PC: 12ecb \| Move file pointer
2018-12-17T23:06:43.249079692Z	66	PC: 12f01 \| Move file pointer
2018-12-17T23:06:43.25105241Z	63	PC: 12f0e \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T23:06:43.259234993Z	87	PC: 1306d \| Get or set file date and time
2018-12-17T23:06:43.261331585Z	66	PC: 12eab \| Move file pointer
2018-12-17T23:06:43.263307991Z	63	PC: 12eb5 \| Read file or device (Read 256 bytes on handle 5)
2018-12-17T23:06:43.267367272Z	66	PC: 12c59 \| Move file pointer
2018-12-17T23:06:43.269264358Z	63	PC: 12c63 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:06:43.27193009Z	66	PC: 12c6c \| Move file pointer
2018-12-17T23:06:43.274968352Z	64	PC: 12c7c \| Write file or device (Write 1 bytes on handle 5)
2018-12-17T23:06:43.278248138Z	64	PC: 12c87 \| Write file or device (Write 2 bytes on handle 5)
2018-12-17T23:06:43.28148864Z	66	PC: 12c9b \| Move file pointer
2018-12-17T23:06:43.283257285Z	64	PC: 12caf \| Write file or device (Write 1893 bytes on handle 5)
2018-12-17T23:06:43.293977369Z	64	PC: 130fe \| Write file or device (Write 2 bytes on handle 5)
2018-12-17T23:06:43.297346533Z	87	PC: 13087 \| Get or set file date and time
2018-12-17T23:06:43.299475916Z	62	PC: 12cb9 \| Close file
2018-12-17T23:06:43.309991455Z	67	PC: 13067 \| Get or set file attributes
2018-12-17T23:06:43.320891407Z	79	PC: 12c21 \| Find next file
2018-12-17T23:06:43.325333608Z	67	PC: 1304d \| Get or set file attributes
2018-12-17T23:06:43.332463543Z	67	PC: 13059 \| Get or set file attributes
2018-12-17T23:06:43.345089309Z	61	PC: 12ec1 \| Open file (Filename = 'PRINT.COM')
2018-12-17T23:06:43.352922665Z	66	PC: 12ecb \| Move file pointer
2018-12-17T23:06:43.356048572Z	62	PC: 12f1e \| Close file
2018-12-17T23:06:43.358714303Z	67	PC: 13067 \| Get or set file attributes
2018-12-17T23:06:43.372942192Z	79	PC: 12c21 \| Find next file
2018-12-17T23:06:43.376528785Z	67	PC: 1304d \| Get or set file attributes
2018-12-17T23:06:43.383905262Z	67	PC: 13059 \| Get or set file attributes
2018-12-17T23:06:43.395033192Z	61	PC: 12ec1 \| Open file (Filename = 'HELLO.COM')
2018-12-17T23:06:43.402597334Z	66	PC: 12ecb \| Move file pointer
2018-12-17T23:06:43.405418137Z	62	PC: 12f1e \| Close file
2018-12-17T23:06:43.407709705Z	67	PC: 13067 \| Get or set file attributes
2018-12-17T23:06:43.418580461Z	79	PC: 12c21 \| Find next file
2018-12-17T23:06:43.422302959Z	67	PC: 1304d \| Get or set file attributes
2018-12-17T23:06:43.434526269Z	67	PC: 13059 \| Get or set file attributes
2018-12-17T23:06:43.445400914Z	61	PC: 12ec1 \| Open file (Filename = 'PHANG.COM')
2018-12-17T23:06:43.453823638Z	66	PC: 12ecb \| Move file pointer
2018-12-17T23:06:43.456248417Z	62	PC: 12f1e \| Close file
2018-12-17T23:06:43.458571805Z	67	PC: 13067 \| Get or set file attributes
2018-12-17T23:06:43.470471305Z	79	PC: 12c21 \| Find next file
2018-12-17T23:06:43.473924587Z	67	PC: 1304d \| Get or set file attributes
2018-12-17T23:06:43.480348985Z	67	PC: 13059 \| Get or set file attributes
2018-12-17T23:06:43.49407482Z	61	PC: 12ec1 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T23:06:43.503196929Z	66	PC: 12ecb \| Move file pointer
2018-12-17T23:06:43.505160571Z	62	PC: 12f1e \| Close file
2018-12-17T23:06:43.507471866Z	67	PC: 13067 \| Get or set file attributes
2018-12-17T23:06:43.526684045Z	79	PC: 12c21 \| Find next file
2018-12-17T23:06:43.529917484Z	67	PC: 1304d \| Get or set file attributes
2018-12-17T23:06:43.536361709Z	67	PC: 13059 \| Get or set file attributes
2018-12-17T23:06:43.548431129Z	61	PC: 12ec1 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T23:06:43.555905571Z	66	PC: 12ecb \| Move file pointer
2018-12-17T23:06:43.557951477Z	66	PC: 12f01 \| Move file pointer
2018-12-17T23:06:43.560652194Z	63	PC: 12f0e \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T23:06:43.568958841Z	87	PC: 1306d \| Get or set file date and time
2018-12-17T23:06:43.570950976Z	66	PC: 12eab \| Move file pointer
2018-12-17T23:06:43.573494047Z	63	PC: 12eb5 \| Read file or device (Read 256 bytes on handle 5)
2018-12-17T23:06:43.576830349Z	66	PC: 12c59 \| Move file pointer
2018-12-17T23:06:43.578664848Z	63	PC: 12c63 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:06:43.581679476Z	66	PC: 12c6c \| Move file pointer
2018-12-17T23:06:43.585224731Z	64	PC: 12c7c \| Write file or device (Write 1 bytes on handle 5)
2018-12-17T23:06:43.588375634Z	64	PC: 12c87 \| Write file or device (Write 2 bytes on handle 5)
2018-12-17T23:06:43.591477896Z	66	PC: 12c9b \| Move file pointer
2018-12-17T23:06:43.594580189Z	64	PC: 12caf \| Write file or device (Write 1893 bytes on handle 5)
2018-12-17T23:06:43.605017661Z	64	PC: 130fe \| Write file or device (Write 2 bytes on handle 5)
2018-12-17T23:06:43.608163325Z	87	PC: 13087 \| Get or set file date and time
2018-12-17T23:06:43.615030155Z	62	PC: 12cb9 \| Close file
2018-12-17T23:06:43.626146633Z	67	PC: 13067 \| Get or set file attributes
2018-12-17T23:06:43.637588183Z	79	PC: 12c21 \| Find next file
2018-12-17T23:06:43.64125129Z	67	PC: 1304d \| Get or set file attributes
2018-12-17T23:06:43.647753364Z	67	PC: 13059 \| Get or set file attributes
2018-12-17T23:06:43.658381976Z	61	PC: 12ec1 \| Open file (Filename = 'PAH.COM')
2018-12-17T23:06:43.666221113Z	66	PC: 12ecb \| Move file pointer
2018-12-17T23:06:43.668284452Z	62	PC: 12f1e \| Close file
2018-12-17T23:06:43.670657353Z	67	PC: 13067 \| Get or set file attributes
2018-12-17T23:06:43.681660508Z	79	PC: 12c21 \| Find next file
2018-12-17T23:06:43.686655539Z	67	PC: 1304d \| Get or set file attributes
2018-12-17T23:06:43.698066753Z	67	PC: 13059 \| Get or set file attributes
2018-12-17T23:06:43.71074115Z	61	PC: 12ec1 \| Open file (Filename = 'TEST.COM')
2018-12-17T23:06:43.720084716Z	66	PC: 12ecb \| Move file pointer
2018-12-17T23:06:43.722096708Z	66	PC: 12f01 \| Move file pointer
2018-12-17T23:06:43.724107729Z	63	PC: 12f0e \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T23:06:43.733119321Z	62	PC: 12f1e \| Close file
2018-12-17T23:06:43.73546422Z	67	PC: 13067 \| Get or set file attributes
2018-12-17T23:06:43.746813736Z	79	PC: 12c21 \| Find next file
2018-12-17T23:06:43.750615393Z	78	PC: 12cde \| Find first file
2018-12-17T23:06:43.757361145Z	59	PC: 12f76 \| Change current directory
2018-12-17T23:06:43.762067373Z	78	PC: 130af \| Find first file
2018-12-17T23:06:43.769845426Z	78	PC: 130ce \| Find first file
2018-12-17T23:06:43.776427781Z	78	PC: 12c21 \| Find first file
2018-12-17T23:06:43.784005927Z	67	PC: 1304d \| Get or set file attributes
2018-12-17T23:06:43.792328824Z	67	PC: 13059 \| Get or set file attributes
2018-12-17T23:06:43.803323634Z	61	PC: 12ec1 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T23:06:43.811380862Z	66	PC: 12ecb \| Move file pointer
2018-12-17T23:06:43.81355009Z	66	PC: 12f01 \| Move file pointer
2018-12-17T23:06:43.817377876Z	63	PC: 12f0e \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T23:06:43.825649206Z	62	PC: 12f1e \| Close file
2018-12-17T23:06:43.827815268Z	67	PC: 13067 \| Get or set file attributes
2018-12-17T23:06:43.840409154Z	79	PC: 12c21 \| Find next file
2018-12-17T23:06:43.844082159Z	67	PC: 1304d \| Get or set file attributes
2018-12-17T23:06:43.851201053Z	67	PC: 13059 \| Get or set file attributes
2018-12-17T23:06:43.863125331Z	61	PC: 12ec1 \| Open file (Filename = 'PRINT.COM')
2018-12-17T23:06:43.87183248Z	66	PC: 12ecb \| Move file pointer
2018-12-17T23:06:43.87529518Z	62	PC: 12f1e \| Close file
2018-12-17T23:06:43.878281123Z	67	PC: 13067 \| Get or set file attributes
2018-12-17T23:06:43.88993905Z	79	PC: 12c21 \| Find next file
2018-12-17T23:06:43.893406119Z	67	PC: 1304d \| Get or set file attributes
2018-12-17T23:06:43.906320076Z	67	PC: 13059 \| Get or set file attributes
2018-12-17T23:06:43.917590965Z	61	PC: 12ec1 \| Open file (Filename = 'HELLO.COM')
2018-12-17T23:06:43.925255314Z	66	PC: 12ecb \| Move file pointer
2018-12-17T23:06:43.928508159Z	62	PC: 12f1e \| Close file
2018-12-17T23:06:43.931084774Z	67	PC: 13067 \| Get or set file attributes
2018-12-17T23:06:43.942227442Z	79	PC: 12c21 \| Find next file
2018-12-17T23:06:43.94562558Z	67	PC: 1304d \| Get or set file attributes
2018-12-17T23:06:43.958089452Z	67	PC: 13059 \| Get or set file attributes
2018-12-17T23:06:43.973825987Z	61	PC: 12ec1 \| Open file (Filename = 'PHANG.COM')
2018-12-17T23:06:43.980922789Z	66	PC: 12ecb \| Move file pointer
2018-12-17T23:06:43.983304657Z	62	PC: 12f1e \| Close file
2018-12-17T23:06:43.985175915Z	67	PC: 13067 \| Get or set file attributes
2018-12-17T23:06:43.995780611Z	79	PC: 12c21 \| Find next file
2018-12-17T23:06:43.999342768Z	67	PC: 1304d \| Get or set file attributes
2018-12-17T23:06:44.005725367Z	67	PC: 13059 \| Get or set file attributes
2018-12-17T23:06:44.016463966Z	61	PC: 12ec1 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T23:06:44.036133404Z	66	PC: 12ecb \| Move file pointer
2018-12-17T23:06:44.038359038Z	62	PC: 12f1e \| Close file
2018-12-17T23:06:44.040863567Z	67	PC: 13067 \| Get or set file attributes
2018-12-17T23:06:44.053176324Z	79	PC: 12c21 \| Find next file
2018-12-17T23:06:44.056124236Z	67	PC: 1304d \| Get or set file attributes
2018-12-17T23:06:44.062268026Z	67	PC: 13059 \| Get or set file attributes
2018-12-17T23:06:44.074162588Z	61	PC: 12ec1 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T23:06:44.081412889Z	66	PC: 12ecb \| Move file pointer
2018-12-17T23:06:44.083593468Z	66	PC: 12f01 \| Move file pointer
2018-12-17T23:06:44.086373114Z	63	PC: 12f0e \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T23:06:44.094086845Z	62	PC: 12f1e \| Close file
2018-12-17T23:06:44.096331054Z	67	PC: 13067 \| Get or set file attributes
2018-12-17T23:06:44.108040097Z	79	PC: 12c21 \| Find next file
2018-12-17T23:06:44.112157938Z	67	PC: 1304d \| Get or set file attributes
2018-12-17T23:06:44.1185206Z	67	PC: 13059 \| Get or set file attributes
2018-12-17T23:06:44.129340502Z	61	PC: 12ec1 \| Open file (Filename = 'PAH.COM')
2018-12-17T23:06:44.137905684Z	66	PC: 12ecb \| Move file pointer
2018-12-17T23:06:44.139810555Z	62	PC: 12f1e \| Close file
2018-12-17T23:06:44.142051418Z	67	PC: 13067 \| Get or set file attributes
2018-12-17T23:06:44.153707341Z	79	PC: 12c21 \| Find next file
2018-12-17T23:06:44.156864767Z	67	PC: 1304d \| Get or set file attributes
2018-12-17T23:06:44.169235735Z	67	PC: 13059 \| Get or set file attributes
2018-12-17T23:06:44.180756603Z	61	PC: 12ec1 \| Open file (Filename = 'TEST.COM')
2018-12-17T23:06:44.188236556Z	66	PC: 12ecb \| Move file pointer
2018-12-17T23:06:44.190125537Z	66	PC: 12f01 \| Move file pointer
2018-12-17T23:06:44.193018856Z	63	PC: 12f0e \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T23:06:44.200580382Z	62	PC: 12f1e \| Close file
2018-12-17T23:06:44.202792801Z	67	PC: 13067 \| Get or set file attributes
2018-12-17T23:06:44.214536769Z	79	PC: 12c21 \| Find next file
2018-12-17T23:06:44.217049082Z	78	PC: 12cde \| Find first file
2018-12-17T23:06:44.223152107Z	78	PC: 12fad \| Find first file
2018-12-17T23:06:44.234605288Z	67	PC: 12fc5 \| Get or set file attributes
2018-12-17T23:06:44.239255881Z	79	PC: 12fad \| Find next file
2018-12-17T23:06:44.241399681Z	67	PC: 12fc5 \| Get or set file attributes
2018-12-17T23:06:44.246732296Z	79	PC: 12fad \| Find next file
2018-12-17T23:06:44.248854386Z	67	PC: 12fc5 \| Get or set file attributes
2018-12-17T23:06:44.253363994Z	79	PC: 12fad \| Find next file
2018-12-17T23:06:44.25632478Z	67	PC: 12fc5 \| Get or set file attributes
2018-12-17T23:06:44.263135554Z	79	PC: 12fad \| Find next file
2018-12-17T23:06:44.266135764Z	67	PC: 12fc5 \| Get or set file attributes
2018-12-17T23:06:44.278871478Z	79	PC: 12fad \| Find next file
2018-12-17T23:06:44.281775658Z	67	PC: 12fc5 \| Get or set file attributes
2018-12-17T23:06:44.293436249Z	79	PC: 12fad \| Find next file
2018-12-17T23:06:44.297388219Z	67	PC: 12fc5 \| Get or set file attributes
2018-12-17T23:06:44.303548199Z	79	PC: 12fad \| Find next file
2018-12-17T23:06:44.306328326Z	67	PC: 12fc5 \| Get or set file attributes
2018-12-17T23:06:44.313465834Z	79	PC: 12fad \| Find next file
2018-12-17T23:06:44.31621919Z	67	PC: 12fc5 \| Get or set file attributes
2018-12-17T23:06:44.322481283Z	79	PC: 12fad \| Find next file
2018-12-17T23:06:44.326099606Z	59	PC: 12ff9 \| Change current directory
2018-12-17T23:06:44.331022792Z	59	PC: 12e27 \| Change current directory
2018-12-17T23:06:44.34048465Z	42	PC: 130e8 \| Get date 0x130e8: cmp dl, 0xd 0x130eb: je 0x130ef 0x130ed: clc 0x130ee: ret 0x130ef: stc 0x130f0: ret 0x130f1: push cs 0x130f2: pop ds 0x130f3: lea dx, word ptr [di + 0x763] 0x130f7: mov cx, 2 0x130fa: mov ah, 0x40 0x130fc: int 0x21 0x130fe: push es 0x130ff: pop ds 0x13100: ret 0x13101: push si 0x13102: push di 0x13103: mov ax, di 0x13105: lea si, word ptr [di + 0x5e2] 0x13109: xchg si, di
2018-12-17T23:06:44.343730852Z	26	PC: 12e4d \| Set disk transfer address

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15630,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:44:02.030477135Z	26	PC: 12bf8 \| Set disk transfer address
2018-12-25T12:44:02.032178478Z	71	PC: 12c06 \| Get current directory
2018-12-25T12:44:02.035096511Z	78	PC: 130af \| Find first file
2018-12-25T12:44:02.040831866Z	78	PC: 130ce \| Find first file
2018-12-25T12:44:02.04782231Z	78	PC: 12c21 \| Find first file
2018-12-25T12:44:02.060532379Z	67	PC: 1304d \| Get or set file attributes
2018-12-25T12:44:02.08583976Z	67	PC: 13059 \| Get or set file attributes
2018-12-25T12:44:02.105223581Z	61	PC: 12ec1 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T12:44:02.111729106Z	66	PC: 12ecb \| Move file pointer
2018-12-25T12:44:02.113225236Z	66	PC: 12f01 \| Move file pointer
2018-12-25T12:44:02.114685502Z	63	PC: 12f0e \| Read file or device (Read 2 bytes on handle 5)
2018-12-25T12:44:02.121387978Z	87	PC: 1306d \| Get or set file date and time
2018-12-25T12:44:02.126570274Z	66	PC: 12eab \| Move file pointer
2018-12-25T12:44:02.146917793Z	63	PC: 12eb5 \| Read file or device (Read 256 bytes on handle 5)
2018-12-25T12:44:02.157208673Z	66	PC: 12c59 \| Move file pointer
2018-12-25T12:44:02.158455545Z	63	PC: 12c63 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:44:02.160684486Z	66	PC: 12c6c \| Move file pointer
2018-12-25T12:44:02.162484902Z	64	PC: 12c7c \| Write file or device (Write 1 bytes on handle 5)
2018-12-25T12:44:02.164898881Z	64	PC: 12c87 \| Write file or device (Write 2 bytes on handle 5)
2018-12-25T12:44:02.167285452Z	66	PC: 12c9b \| Move file pointer
2018-12-25T12:44:02.176026704Z	64	PC: 12caf \| Write file or device (Write 1893 bytes on handle 5)
2018-12-25T12:44:02.184868409Z	64	PC: 130fe \| Write file or device (Write 2 bytes on handle 5)
2018-12-25T12:44:02.187814353Z	87	PC: 13087 \| Get or set file date and time
2018-12-25T12:44:02.190745745Z	62	PC: 12cb9 \| Close file
2018-12-25T12:44:02.198643557Z	67	PC: 13067 \| Get or set file attributes
2018-12-25T12:44:02.209638049Z	79	PC: 12c21 \| Find next file (See above)
2018-12-25T12:44:02.214701384Z	67	PC: 1304d \| Get or set file attributes (See above)
2018-12-25T12:44:02.222093093Z	67	PC: 13059 \| Get or set file attributes (See above)
2018-12-25T12:44:02.543055829Z	61	PC: 12ec1 \| Open file (See above)
2018-12-25T12:44:02.550680545Z	66	PC: 12ecb \| Move file pointer (See above)
2018-12-25T12:44:02.552307106Z	62	PC: 12f1e \| Close file
2018-12-25T12:44:02.554394771Z	67	PC: 13067 \| Get or set file attributes (See above)
2018-12-25T12:44:02.564228243Z	79	PC: 12c21 \| Find next file (See above)
2018-12-25T12:44:02.568446291Z	67	PC: 1304d \| Get or set file attributes (See above)
2018-12-25T12:44:02.574727999Z	67	PC: 13059 \| Get or set file attributes (See above)
2018-12-25T12:44:02.58477369Z	61	PC: 12ec1 \| Open file (See above)
2018-12-25T12:44:02.597769551Z	66	PC: 12ecb \| Move file pointer (See above)
2018-12-25T12:44:02.599759196Z	62	PC: 12f1e \| Close file (See above)
2018-12-25T12:44:02.601936453Z	67	PC: 13067 \| Get or set file attributes (See above)
2018-12-25T12:44:02.612178072Z	79	PC: 12c21 \| Find next file (See above)
2018-12-25T12:44:02.614880615Z	67	PC: 1304d \| Get or set file attributes (See above)
2018-12-25T12:44:02.620284184Z	67	PC: 13059 \| Get or set file attributes (See above)
2018-12-25T12:44:02.630242926Z	61	PC: 12ec1 \| Open file (See above)
2018-12-25T12:44:02.636685833Z	66	PC: 12ecb \| Move file pointer (See above)
2018-12-25T12:44:02.638053315Z	62	PC: 12f1e \| Close file (See above)
2018-12-25T12:44:02.640375074Z	67	PC: 13067 \| Get or set file attributes (See above)
2018-12-25T12:44:02.652060498Z	79	PC: 12c21 \| Find next file (See above)
2018-12-25T12:44:02.654998081Z	67	PC: 1304d \| Get or set file attributes (See above)
2018-12-25T12:44:02.666044467Z	67	PC: 13059 \| Get or set file attributes (See above)
2018-12-25T12:44:02.675701055Z	61	PC: 12ec1 \| Open file (See above)
2018-12-25T12:44:02.682097898Z	66	PC: 12ecb \| Move file pointer (See above)
2018-12-25T12:44:02.684048162Z	62	PC: 12f1e \| Close file (See above)
2018-12-25T12:44:02.685752159Z	67	PC: 13067 \| Get or set file attributes (See above)
2018-12-25T12:44:02.702687641Z	79	PC: 12c21 \| Find next file (See above)
2018-12-25T12:44:02.706352811Z	67	PC: 1304d \| Get or set file attributes (See above)
2018-12-25T12:44:02.712478194Z	67	PC: 13059 \| Get or set file attributes (See above)
2018-12-25T12:44:02.725702239Z	61	PC: 12ec1 \| Open file (See above)
2018-12-25T12:44:02.733066936Z	66	PC: 12ecb \| Move file pointer (See above)
2018-12-25T12:44:02.735327543Z	66	PC: 12f01 \| Move file pointer (See above)
2018-12-25T12:44:02.737294638Z	63	PC: 12f0e \| Read file or device (See above)
2018-12-25T12:44:02.743809357Z	87	PC: 1306d \| Get or set file date and time (See above)
2018-12-25T12:44:02.746397589Z	66	PC: 12eab \| Move file pointer (See above)
2018-12-25T12:44:02.748108232Z	63	PC: 12eb5 \| Read file or device (See above)
2018-12-25T12:44:02.75062878Z	66	PC: 12c59 \| Move file pointer (See above)
2018-12-25T12:44:02.752515361Z	63	PC: 12c63 \| Read file or device (See above)
2018-12-25T12:44:02.760957958Z	66	PC: 12c6c \| Move file pointer (See above)
2018-12-25T12:44:02.762381693Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:44:02.766029078Z	64	PC: 12c87 \| Write file or device (See above)
2018-12-25T12:44:02.768781001Z	66	PC: 12c9b \| Move file pointer (See above)
2018-12-25T12:44:02.770495287Z	64	PC: 12caf \| Write file or device (See above)
2018-12-25T12:44:02.779769129Z	64	PC: 130fe \| Write file or device (See above)
2018-12-25T12:44:02.782332227Z	87	PC: 13087 \| Get or set file date and time (See above)
2018-12-25T12:44:02.783608379Z	62	PC: 12cb9 \| Close file (See above)
2018-12-25T12:44:02.792197469Z	67	PC: 13067 \| Get or set file attributes (See above)
2018-12-25T12:44:02.801900703Z	79	PC: 12c21 \| Find next file (See above)
2018-12-25T12:44:02.804433654Z	67	PC: 1304d \| Get or set file attributes (See above)
2018-12-25T12:44:02.810604755Z	67	PC: 13059 \| Get or set file attributes (See above)
2018-12-25T12:44:02.820025693Z	61	PC: 12ec1 \| Open file (See above)
2018-12-25T12:44:02.827087552Z	66	PC: 12ecb \| Move file pointer (See above)
2018-12-25T12:44:02.829100322Z	62	PC: 12f1e \| Close file (See above)
2018-12-25T12:44:02.830944582Z	67	PC: 13067 \| Get or set file attributes (See above)
2018-12-25T12:44:02.843232349Z	79	PC: 12c21 \| Find next file (See above)
2018-12-25T12:44:02.846712413Z	67	PC: 1304d \| Get or set file attributes (See above)
2018-12-25T12:44:02.857369583Z	67	PC: 13059 \| Get or set file attributes (See above)
2018-12-25T12:44:02.867020497Z	61	PC: 12ec1 \| Open file (See above)
2018-12-25T12:44:02.87461832Z	66	PC: 12ecb \| Move file pointer (See above)
2018-12-25T12:44:02.875997113Z	66	PC: 12f01 \| Move file pointer (See above)
2018-12-25T12:44:02.877389762Z	63	PC: 12f0e \| Read file or device (See above)
2018-12-25T12:44:02.885605611Z	62	PC: 12f1e \| Close file (See above)
2018-12-25T12:44:02.887509231Z	67	PC: 13067 \| Get or set file attributes (See above)
2018-12-25T12:44:02.897239178Z	79	PC: 12c21 \| Find next file (See above)
2018-12-25T12:44:02.89997346Z	78	PC: 12cde \| Find first file
2018-12-25T12:44:02.906489445Z	59	PC: 12f76 \| Change current directory
2018-12-25T12:44:02.915075482Z	78	PC: 130af \| Find first file (See above)
2018-12-25T12:44:02.925745421Z	78	PC: 130ce \| Find first file (See above)
2018-12-25T12:44:02.932428621Z	78	PC: 12c21 \| Find first file (See above)
2018-12-25T12:44:02.93849024Z	67	PC: 1304d \| Get or set file attributes (See above)
2018-12-25T12:44:02.943822648Z	67	PC: 13059 \| Get or set file attributes (See above)
2018-12-25T12:44:02.953938521Z	61	PC: 12ec1 \| Open file (See above)
2018-12-25T12:44:02.966033111Z	66	PC: 12ecb \| Move file pointer (See above)
2018-12-25T12:44:02.967483029Z	66	PC: 12f01 \| Move file pointer (See above)
2018-12-25T12:44:02.970493567Z	63	PC: 12f0e \| Read file or device (See above)
2018-12-25T12:44:02.977203227Z	62	PC: 12f1e \| Close file (See above)
2018-12-25T12:44:02.979027543Z	67	PC: 13067 \| Get or set file attributes (See above)
2018-12-25T12:44:02.992556645Z	79	PC: 12c21 \| Find next file (See above)
2018-12-25T12:44:02.995152733Z	67	PC: 1304d \| Get or set file attributes (See above)
2018-12-25T12:44:03.000932468Z	67	PC: 13059 \| Get or set file attributes (See above)
2018-12-25T12:44:03.012532287Z	61	PC: 12ec1 \| Open file (See above)
2018-12-25T12:44:03.019116893Z	66	PC: 12ecb \| Move file pointer (See above)
2018-12-25T12:44:03.020564911Z	62	PC: 12f1e \| Close file (See above)
2018-12-25T12:44:03.023737869Z	67	PC: 13067 \| Get or set file attributes (See above)
2018-12-25T12:44:03.033294362Z	79	PC: 12c21 \| Find next file (See above)
2018-12-25T12:44:03.035887579Z	67	PC: 1304d \| Get or set file attributes (See above)
2018-12-25T12:44:03.047041445Z	67	PC: 13059 \| Get or set file attributes (See above)
2018-12-25T12:44:03.057086841Z	61	PC: 12ec1 \| Open file (See above)
2018-12-25T12:44:03.063574293Z	66	PC: 12ecb \| Move file pointer (See above)
2018-12-25T12:44:03.066281975Z	62	PC: 12f1e \| Close file (See above)
2018-12-25T12:44:03.070630135Z	67	PC: 13067 \| Get or set file attributes (See above)
2018-12-25T12:44:03.080296958Z	79	PC: 12c21 \| Find next file (See above)
2018-12-25T12:44:03.084323612Z	67	PC: 1304d \| Get or set file attributes (See above)
2018-12-25T12:44:03.090169427Z	67	PC: 13059 \| Get or set file attributes (See above)
2018-12-25T12:44:03.100068397Z	61	PC: 12ec1 \| Open file (See above)
2018-12-25T12:44:03.112161928Z	66	PC: 12ecb \| Move file pointer (See above)
2018-12-25T12:44:03.113964731Z	62	PC: 12f1e \| Close file (See above)
2018-12-25T12:44:03.116761986Z	67	PC: 13067 \| Get or set file attributes (See above)
2018-12-25T12:44:03.128235636Z	79	PC: 12c21 \| Find next file (See above)
2018-12-25T12:44:03.131759901Z	67	PC: 1304d \| Get or set file attributes (See above)
2018-12-25T12:44:03.138963832Z	67	PC: 13059 \| Get or set file attributes (See above)
2018-12-25T12:44:03.149738264Z	61	PC: 12ec1 \| Open file (See above)
2018-12-25T12:44:03.156684116Z	66	PC: 12ecb \| Move file pointer (See above)
2018-12-25T12:44:03.158551531Z	62	PC: 12f1e \| Close file (See above)
2018-12-25T12:44:03.161561932Z	67	PC: 13067 \| Get or set file attributes (See above)
2018-12-25T12:44:03.171956815Z	79	PC: 12c21 \| Find next file (See above)
2018-12-25T12:44:03.174872351Z	67	PC: 1304d \| Get or set file attributes (See above)
2018-12-25T12:44:03.185052624Z	67	PC: 13059 \| Get or set file attributes (See above)
2018-12-25T12:44:03.191884808Z	61	PC: 12ec1 \| Open file (See above)
2018-12-25T12:44:03.19614518Z	66	PC: 12ecb \| Move file pointer (See above)
2018-12-25T12:44:03.197873143Z	66	PC: 12f01 \| Move file pointer (See above)
2018-12-25T12:44:03.198976979Z	63	PC: 12f0e \| Read file or device (See above)
2018-12-25T12:44:03.203175812Z	62	PC: 12f1e \| Close file (See above)
2018-12-25T12:44:03.204986406Z	67	PC: 13067 \| Get or set file attributes (See above)
2018-12-25T12:44:03.211220005Z	79	PC: 12c21 \| Find next file (See above)
2018-12-25T12:44:03.212966924Z	67	PC: 1304d \| Get or set file attributes (See above)
2018-12-25T12:44:03.218893706Z	67	PC: 13059 \| Get or set file attributes (See above)
2018-12-25T12:44:03.230966096Z	61	PC: 12ec1 \| Open file (See above)
2018-12-25T12:44:03.242286364Z	66	PC: 12ecb \| Move file pointer (See above)
2018-12-25T12:44:03.244143183Z	62	PC: 12f1e \| Close file (See above)
2018-12-25T12:44:03.2476342Z	67	PC: 13067 \| Get or set file attributes (See above)
2018-12-25T12:44:03.257231084Z	79	PC: 12c21 \| Find next file (See above)
2018-12-25T12:44:03.260021028Z	67	PC: 1304d \| Get or set file attributes (See above)
2018-12-25T12:44:03.266640927Z	67	PC: 13059 \| Get or set file attributes (See above)
2018-12-25T12:44:03.27621335Z	61	PC: 12ec1 \| Open file (See above)
2018-12-25T12:44:03.282804626Z	66	PC: 12ecb \| Move file pointer (See above)
2018-12-25T12:44:03.28542792Z	66	PC: 12f01 \| Move file pointer (See above)
2018-12-25T12:44:03.287098477Z	63	PC: 12f0e \| Read file or device (See above)
2018-12-25T12:44:03.293643879Z	62	PC: 12f1e \| Close file (See above)
2018-12-25T12:44:03.296191215Z	67	PC: 13067 \| Get or set file attributes (See above)
2018-12-25T12:44:03.305829878Z	79	PC: 12c21 \| Find next file (See above)
2018-12-25T12:44:03.308089661Z	78	PC: 12cde \| Find first file (See above)
2018-12-25T12:44:03.319743282Z	78	PC: 12fad \| Find first file
2018-12-25T12:44:03.325586035Z	67	PC: 12fc5 \| Get or set file attributes
2018-12-25T12:44:03.331360038Z	79	PC: 12fad \| Find next file (See above)
2018-12-25T12:44:03.334835395Z	67	PC: 12fc5 \| Get or set file attributes (See above)
2018-12-25T12:44:03.340742032Z	79	PC: 12fad \| Find next file (See above)
2018-12-25T12:44:03.343494779Z	67	PC: 12fc5 \| Get or set file attributes (See above)
2018-12-25T12:44:03.350266431Z	79	PC: 12fad \| Find next file (See above)
2018-12-25T12:44:03.352760392Z	67	PC: 12fc5 \| Get or set file attributes (See above)
2018-12-25T12:44:03.362934192Z	79	PC: 12fad \| Find next file (See above)
2018-12-25T12:44:03.366278004Z	67	PC: 12fc5 \| Get or set file attributes (See above)
2018-12-25T12:44:03.376993093Z	79	PC: 12fad \| Find next file (See above)
2018-12-25T12:44:03.379652633Z	67	PC: 12fc5 \| Get or set file attributes (See above)
2018-12-25T12:44:03.385798477Z	79	PC: 12fad \| Find next file (See above)
2018-12-25T12:44:03.388385767Z	67	PC: 12fc5 \| Get or set file attributes (See above)
2018-12-25T12:44:03.394048296Z	79	PC: 12fad \| Find next file (See above)
2018-12-25T12:44:03.397008636Z	67	PC: 12fc5 \| Get or set file attributes (See above)
2018-12-25T12:44:03.402518946Z	79	PC: 12fad \| Find next file (See above)
2018-12-25T12:44:03.404933979Z	67	PC: 12fc5 \| Get or set file attributes (See above)
2018-12-25T12:44:03.411212413Z	79	PC: 12fad \| Find next file (See above)
2018-12-25T12:44:03.413367062Z	59	PC: 12ff9 \| Change current directory
2018-12-25T12:44:03.4173036Z	59	PC: 12e27 \| Change current directory
2018-12-25T12:44:03.422210277Z	42	PC: 130e8 \| Get date 0x130e8: cmp dl, 0xd 0x130eb: je 0x130ef 0x130ed: clc 0x130ee: ret 0x130ef: stc 0x130f0: ret 0x130f1: push cs 0x130f2: pop ds 0x130f3: lea dx, word ptr [di + 0x763] 0x130f7: mov cx, 2 0x130fa: mov ah, 0x40 0x130fc: int 0x21 0x130fe: push es 0x130ff: pop ds 0x13100: ret 0x13101: push si 0x13102: push di 0x13103: mov ax, di 0x13105: lea si, word ptr [di + 0x5e2] 0x13109: xchg si, di
2018-12-25T12:44:03.424613291Z	26	PC: 12e4d \| Set disk transfer address

{"DateBased":true,"Day":13,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15630,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:44:02.118955309Z	26	PC: 12bf8 \| Set disk transfer address
2018-12-25T12:44:02.120931554Z	71	PC: 12c06 \| Get current directory
2018-12-25T12:44:02.123724034Z	78	PC: 130af \| Find first file
2018-12-25T12:44:02.129292649Z	78	PC: 130ce \| Find first file
2018-12-25T12:44:02.135137374Z	78	PC: 12c21 \| Find first file
2018-12-25T12:44:02.141004533Z	67	PC: 1304d \| Get or set file attributes
2018-12-25T12:44:02.151231076Z	67	PC: 13059 \| Get or set file attributes
2018-12-25T12:44:02.168821288Z	61	PC: 12ec1 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T12:44:02.18147322Z	66	PC: 12ecb \| Move file pointer
2018-12-25T12:44:02.183247136Z	66	PC: 12f01 \| Move file pointer
2018-12-25T12:44:02.184981976Z	63	PC: 12f0e \| Read file or device (Read 2 bytes on handle 5)
2018-12-25T12:44:02.192719279Z	87	PC: 1306d \| Get or set file date and time
2018-12-25T12:44:02.1945016Z	66	PC: 12eab \| Move file pointer
2018-12-25T12:44:02.196168013Z	63	PC: 12eb5 \| Read file or device (Read 256 bytes on handle 5)
2018-12-25T12:44:02.199999705Z	66	PC: 12c59 \| Move file pointer
2018-12-25T12:44:02.201627558Z	63	PC: 12c63 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:44:02.204372855Z	66	PC: 12c6c \| Move file pointer
2018-12-25T12:44:02.206860532Z	64	PC: 12c7c \| Write file or device (Write 1 bytes on handle 5)
2018-12-25T12:44:02.209626226Z	64	PC: 12c87 \| Write file or device (Write 2 bytes on handle 5)
2018-12-25T12:44:02.212280338Z	66	PC: 12c9b \| Move file pointer
2018-12-25T12:44:02.213868996Z	64	PC: 12caf \| Write file or device (Write 1893 bytes on handle 5)
2018-12-25T12:44:02.484455779Z	64	PC: 130fe \| Write file or device (Write 2 bytes on handle 5)
2018-12-25T12:44:02.487059133Z	87	PC: 13087 \| Get or set file date and time
2018-12-25T12:44:02.488372514Z	62	PC: 12cb9 \| Close file
2018-12-25T12:44:02.543385032Z	67	PC: 13067 \| Get or set file attributes
2018-12-25T12:44:02.549774805Z	79	PC: 12c21 \| Find next file (See above)
2018-12-25T12:44:02.551941374Z	67	PC: 1304d \| Get or set file attributes (See above)
2018-12-25T12:44:02.555738576Z	67	PC: 13059 \| Get or set file attributes (See above)
2018-12-25T12:44:02.562101678Z	61	PC: 12ec1 \| Open file (See above)
2018-12-25T12:44:02.570210451Z	66	PC: 12ecb \| Move file pointer (See above)
2018-12-25T12:44:02.572493792Z	62	PC: 12f1e \| Close file
2018-12-25T12:44:02.574605419Z	67	PC: 13067 \| Get or set file attributes (See above)
2018-12-25T12:44:02.584715409Z	79	PC: 12c21 \| Find next file (See above)
2018-12-25T12:44:02.588675921Z	67	PC: 1304d \| Get or set file attributes (See above)
2018-12-25T12:44:02.594182785Z	67	PC: 13059 \| Get or set file attributes (See above)
2018-12-25T12:44:02.603993315Z	61	PC: 12ec1 \| Open file (See above)
2018-12-25T12:44:02.611523616Z	66	PC: 12ecb \| Move file pointer (See above)
2018-12-25T12:44:02.613175612Z	62	PC: 12f1e \| Close file (See above)
2018-12-25T12:44:02.6152571Z	67	PC: 13067 \| Get or set file attributes (See above)
2018-12-25T12:44:02.628467742Z	79	PC: 12c21 \| Find next file (See above)
2018-12-25T12:44:02.631022084Z	67	PC: 1304d \| Get or set file attributes (See above)
2018-12-25T12:44:02.637197996Z	67	PC: 13059 \| Get or set file attributes (See above)
2018-12-25T12:44:02.647020096Z	61	PC: 12ec1 \| Open file (See above)
2018-12-25T12:44:02.654444641Z	66	PC: 12ecb \| Move file pointer (See above)
2018-12-25T12:44:02.656095785Z	62	PC: 12f1e \| Close file (See above)
2018-12-25T12:44:02.65803308Z	67	PC: 13067 \| Get or set file attributes (See above)
2018-12-25T12:44:02.66825995Z	79	PC: 12c21 \| Find next file (See above)
2018-12-25T12:44:02.671064544Z	67	PC: 1304d \| Get or set file attributes (See above)
2018-12-25T12:44:02.676808295Z	67	PC: 13059 \| Get or set file attributes (See above)
2018-12-25T12:44:02.686626054Z	61	PC: 12ec1 \| Open file (See above)
2018-12-25T12:44:02.698358869Z	66	PC: 12ecb \| Move file pointer (See above)
2018-12-25T12:44:02.700051693Z	62	PC: 12f1e \| Close file (See above)
2018-12-25T12:44:02.702491562Z	67	PC: 13067 \| Get or set file attributes (See above)
2018-12-25T12:44:02.710077621Z	79	PC: 12c21 \| Find next file (See above)
2018-12-25T12:44:02.711705449Z	67	PC: 1304d \| Get or set file attributes (See above)
2018-12-25T12:44:02.716432653Z	67	PC: 13059 \| Get or set file attributes (See above)
2018-12-25T12:44:02.726171364Z	61	PC: 12ec1 \| Open file (See above)
2018-12-25T12:44:02.732815443Z	66	PC: 12ecb \| Move file pointer (See above)
2018-12-25T12:44:02.734831178Z	66	PC: 12f01 \| Move file pointer (See above)
2018-12-25T12:44:02.7361466Z	63	PC: 12f0e \| Read file or device (See above)
2018-12-25T12:44:02.74268063Z	87	PC: 1306d \| Get or set file date and time (See above)
2018-12-25T12:44:02.744739016Z	66	PC: 12eab \| Move file pointer (See above)
2018-12-25T12:44:02.746362021Z	63	PC: 12eb5 \| Read file or device (See above)
2018-12-25T12:44:02.748969471Z	66	PC: 12c59 \| Move file pointer (See above)
2018-12-25T12:44:02.751023118Z	63	PC: 12c63 \| Read file or device (See above)
2018-12-25T12:44:02.753321659Z	66	PC: 12c6c \| Move file pointer (See above)
2018-12-25T12:44:02.754550557Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:44:02.757773365Z	64	PC: 12c87 \| Write file or device (See above)
2018-12-25T12:44:02.760277817Z	66	PC: 12c9b \| Move file pointer (See above)
2018-12-25T12:44:02.761742516Z	64	PC: 12caf \| Write file or device (See above)
2018-12-25T12:44:02.771775982Z	64	PC: 130fe \| Write file or device (See above)
2018-12-25T12:44:02.77479451Z	87	PC: 13087 \| Get or set file date and time (See above)
2018-12-25T12:44:02.776222594Z	62	PC: 12cb9 \| Close file (See above)
2018-12-25T12:44:02.784633348Z	67	PC: 13067 \| Get or set file attributes (See above)
2018-12-25T12:44:02.794525454Z	79	PC: 12c21 \| Find next file (See above)
2018-12-25T12:44:02.797407245Z	67	PC: 1304d \| Get or set file attributes (See above)
2018-12-25T12:44:02.804211214Z	67	PC: 13059 \| Get or set file attributes (See above)
2018-12-25T12:44:02.814898696Z	61	PC: 12ec1 \| Open file (See above)
2018-12-25T12:44:02.826393462Z	66	PC: 12ecb \| Move file pointer (See above)
2018-12-25T12:44:02.82912162Z	62	PC: 12f1e \| Close file (See above)
2018-12-25T12:44:02.830829217Z	67	PC: 13067 \| Get or set file attributes (See above)
2018-12-25T12:44:02.840353101Z	79	PC: 12c21 \| Find next file (See above)
2018-12-25T12:44:02.843564997Z	67	PC: 1304d \| Get or set file attributes (See above)
2018-12-25T12:44:02.849035064Z	67	PC: 13059 \| Get or set file attributes (See above)
2018-12-25T12:44:02.858469144Z	61	PC: 12ec1 \| Open file (See above)
2018-12-25T12:44:02.865124655Z	66	PC: 12ecb \| Move file pointer (See above)
2018-12-25T12:44:02.867010916Z	66	PC: 12f01 \| Move file pointer (See above)
2018-12-25T12:44:02.868310248Z	63	PC: 12f0e \| Read file or device (See above)
2018-12-25T12:44:02.874836429Z	62	PC: 12f1e \| Close file (See above)
2018-12-25T12:44:02.877149498Z	67	PC: 13067 \| Get or set file attributes (See above)
2018-12-25T12:44:02.886829751Z	79	PC: 12c21 \| Find next file (See above)
2018-12-25T12:44:02.889118663Z	78	PC: 12cde \| Find first file
2018-12-25T12:44:02.90125754Z	59	PC: 12f76 \| Change current directory
2018-12-25T12:44:02.905238819Z	78	PC: 130af \| Find first file (See above)
2018-12-25T12:44:02.910740388Z	78	PC: 130ce \| Find first file (See above)
2018-12-25T12:44:02.917391099Z	78	PC: 12c21 \| Find first file (See above)
2018-12-25T12:44:02.923202754Z	67	PC: 1304d \| Get or set file attributes (See above)
2018-12-25T12:44:02.93372854Z	67	PC: 13059 \| Get or set file attributes (See above)
2018-12-25T12:44:02.946810934Z	61	PC: 12ec1 \| Open file (See above)
2018-12-25T12:44:02.958640373Z	66	PC: 12ecb \| Move file pointer (See above)
2018-12-25T12:44:02.960425948Z	66	PC: 12f01 \| Move file pointer (See above)
2018-12-25T12:44:02.96296486Z	63	PC: 12f0e \| Read file or device (See above)
2018-12-25T12:44:02.969857501Z	62	PC: 12f1e \| Close file (See above)
2018-12-25T12:44:02.971692844Z	67	PC: 13067 \| Get or set file attributes (See above)
2018-12-25T12:44:02.982368464Z	79	PC: 12c21 \| Find next file (See above)
2018-12-25T12:44:02.985007972Z	67	PC: 1304d \| Get or set file attributes (See above)
2018-12-25T12:44:02.990575523Z	67	PC: 13059 \| Get or set file attributes (See above)
2018-12-25T12:44:03.001038659Z	61	PC: 12ec1 \| Open file (See above)
2018-12-25T12:44:03.007627595Z	66	PC: 12ecb \| Move file pointer (See above)
2018-12-25T12:44:03.009081018Z	62	PC: 12f1e \| Close file (See above)
2018-12-25T12:44:03.012236535Z	67	PC: 13067 \| Get or set file attributes (See above)
2018-12-25T12:44:03.025024045Z	79	PC: 12c21 \| Find next file (See above)
2018-12-25T12:44:03.027960089Z	67	PC: 1304d \| Get or set file attributes (See above)
2018-12-25T12:44:03.03453625Z	67	PC: 13059 \| Get or set file attributes (See above)
2018-12-25T12:44:03.044538368Z	61	PC: 12ec1 \| Open file (See above)
2018-12-25T12:44:03.051252572Z	66	PC: 12ecb \| Move file pointer (See above)
2018-12-25T12:44:03.053200436Z	62	PC: 12f1e \| Close file (See above)
2018-12-25T12:44:03.055997708Z	67	PC: 13067 \| Get or set file attributes (See above)
2018-12-25T12:44:03.066272315Z	79	PC: 12c21 \| Find next file (See above)
2018-12-25T12:44:03.069145557Z	67	PC: 1304d \| Get or set file attributes (See above)
2018-12-25T12:44:03.080820395Z	67	PC: 13059 \| Get or set file attributes (See above)
2018-12-25T12:44:03.093283411Z	61	PC: 12ec1 \| Open file (See above)
2018-12-25T12:44:03.099809916Z	66	PC: 12ecb \| Move file pointer (See above)
2018-12-25T12:44:03.102561755Z	62	PC: 12f1e \| Close file (See above)
2018-12-25T12:44:03.104508721Z	67	PC: 13067 \| Get or set file attributes (See above)
2018-12-25T12:44:03.114512044Z	79	PC: 12c21 \| Find next file (See above)
2018-12-25T12:44:03.117871222Z	67	PC: 1304d \| Get or set file attributes (See above)
2018-12-25T12:44:03.123670518Z	67	PC: 13059 \| Get or set file attributes (See above)
2018-12-25T12:44:03.133482798Z	61	PC: 12ec1 \| Open file (See above)
2018-12-25T12:44:03.145871046Z	66	PC: 12ecb \| Move file pointer (See above)
2018-12-25T12:44:03.1476735Z	62	PC: 12f1e \| Close file (See above)
2018-12-25T12:44:03.149749798Z	67	PC: 13067 \| Get or set file attributes (See above)
2018-12-25T12:44:03.160807839Z	79	PC: 12c21 \| Find next file (See above)
2018-12-25T12:44:03.16411096Z	67	PC: 1304d \| Get or set file attributes (See above)
2018-12-25T12:44:03.169957225Z	67	PC: 13059 \| Get or set file attributes (See above)
2018-12-25T12:44:03.180469511Z	61	PC: 12ec1 \| Open file (See above)
2018-12-25T12:44:03.187915358Z	66	PC: 12ecb \| Move file pointer (See above)
2018-12-25T12:44:03.18954701Z	66	PC: 12f01 \| Move file pointer (See above)
2018-12-25T12:44:03.191265766Z	63	PC: 12f0e \| Read file or device (See above)
2018-12-25T12:44:03.198372882Z	62	PC: 12f1e \| Close file (See above)
2018-12-25T12:44:03.200230181Z	67	PC: 13067 \| Get or set file attributes (See above)
2018-12-25T12:44:03.219255648Z	79	PC: 12c21 \| Find next file (See above)
2018-12-25T12:44:03.22192107Z	67	PC: 1304d \| Get or set file attributes (See above)
2018-12-25T12:44:03.228051168Z	67	PC: 13059 \| Get or set file attributes (See above)
2018-12-25T12:44:03.239363594Z	61	PC: 12ec1 \| Open file (See above)
2018-12-25T12:44:03.24718016Z	66	PC: 12ecb \| Move file pointer (See above)
2018-12-25T12:44:03.248657506Z	62	PC: 12f1e \| Close file (See above)
2018-12-25T12:44:03.25038287Z	67	PC: 13067 \| Get or set file attributes (See above)
2018-12-25T12:44:03.260592078Z	79	PC: 12c21 \| Find next file (See above)
2018-12-25T12:44:03.26322176Z	67	PC: 1304d \| Get or set file attributes (See above)
2018-12-25T12:44:03.273571844Z	67	PC: 13059 \| Get or set file attributes (See above)
2018-12-25T12:44:03.286922872Z	61	PC: 12ec1 \| Open file (See above)
2018-12-25T12:44:03.293882105Z	66	PC: 12ecb \| Move file pointer (See above)
2018-12-25T12:44:03.295780019Z	66	PC: 12f01 \| Move file pointer (See above)
2018-12-25T12:44:03.298568475Z	63	PC: 12f0e \| Read file or device (See above)
2018-12-25T12:44:03.305566917Z	62	PC: 12f1e \| Close file (See above)
2018-12-25T12:44:03.307720278Z	67	PC: 13067 \| Get or set file attributes (See above)
2018-12-25T12:44:03.318464913Z	79	PC: 12c21 \| Find next file (See above)
2018-12-25T12:44:03.321222998Z	78	PC: 12cde \| Find first file (See above)
2018-12-25T12:44:03.327139434Z	78	PC: 12fad \| Find first file
2018-12-25T12:44:03.33361083Z	67	PC: 12fc5 \| Get or set file attributes
2018-12-25T12:44:03.344375269Z	79	PC: 12fad \| Find next file (See above)
2018-12-25T12:44:03.347508537Z	67	PC: 12fc5 \| Get or set file attributes (See above)
2018-12-25T12:44:03.353841033Z	79	PC: 12fad \| Find next file (See above)
2018-12-25T12:44:03.356613465Z	67	PC: 12fc5 \| Get or set file attributes (See above)
2018-12-25T12:44:03.362114308Z	79	PC: 12fad \| Find next file (See above)
2018-12-25T12:44:03.366477567Z	67	PC: 12fc5 \| Get or set file attributes (See above)
2018-12-25T12:44:03.372280293Z	79	PC: 12fad \| Find next file (See above)
2018-12-25T12:44:03.37472327Z	67	PC: 12fc5 \| Get or set file attributes (See above)
2018-12-25T12:44:03.380754207Z	79	PC: 12fad \| Find next file (See above)
2018-12-25T12:44:03.383124932Z	67	PC: 12fc5 \| Get or set file attributes (See above)
2018-12-25T12:44:03.389303591Z	79	PC: 12fad \| Find next file (See above)
2018-12-25T12:44:03.392639761Z	67	PC: 12fc5 \| Get or set file attributes (See above)
2018-12-25T12:44:03.398632921Z	79	PC: 12fad \| Find next file (See above)
2018-12-25T12:44:03.400976132Z	67	PC: 12fc5 \| Get or set file attributes (See above)
2018-12-25T12:44:03.407791603Z	79	PC: 12fad \| Find next file (See above)
2018-12-25T12:44:03.410629704Z	67	PC: 12fc5 \| Get or set file attributes (See above)
2018-12-25T12:44:03.417071086Z	79	PC: 12fad \| Find next file (See above)
2018-12-25T12:44:03.420541082Z	59	PC: 12ff9 \| Change current directory
2018-12-25T12:44:03.424812691Z	59	PC: 12e27 \| Change current directory
2018-12-25T12:44:03.428948084Z	42	PC: 130e8 \| Get date 0x130e8: cmp dl, 0xd 0x130eb: je 0x130ef 0x130ed: clc 0x130ee: ret 0x130ef: stc 0x130f0: ret 0x130f1: push cs 0x130f2: pop ds 0x130f3: lea dx, word ptr [di + 0x763] 0x130f7: mov cx, 2 0x130fa: mov ah, 0x40 0x130fc: int 0x21 0x130fe: push es 0x130ff: pop ds 0x13100: ret 0x13101: push si 0x13102: push di 0x13103: mov ax, di 0x13105: lea si, word ptr [di + 0x5e2] 0x13109: xchg si, di
2018-12-25T12:44:03.432087493Z	64	PC: 12e3c \| Write file or device (Write 85 bytes on handle 1)
2018-12-25T12:44:09.350999435Z	26	PC: 12e4d \| Set disk transfer address