Sample viewer

vx.netlux.org/Virus.DOS.Wit.Remor.1272

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:07:27.76419067Z 26 PC: 12ad9 | Set disk transfer address
2018-12-17T23:07:27.767411615Z 71 PC: 12aeb | Get current directory
2018-12-17T23:07:27.77037485Z 42 PC: 12af1 | Get date 0x12af1: cmp dh, 4
0x12af4: jne 0x12b0f
0x12af6: cmp dl, 0xf
0x12af9: jne 0x12b0f
0x12afb: mov ax, 0x1010
0x12afe: out 0x70, ax
0x12b00: mov dx, 0x505
0x12b03: mov ah, 9
0x12b05: int 0x21
0x12b07: mov ah, 8
0x12b09: int 0x21
0x12b0b: mov al, 0xfe
0x12b0d: out 0x64, al
0x12b0f: mov dx, 0x4f3
0x12b12: mov ah, byte ptr [0x5ea]
0x12b16: mov cl, 7
0x12b18: int 0x21
0x12b1a: jae 0x12b1f
0x12b1c: jmp 0x12d8f
0x12b1f: mov dx, word ptr [0x528]
2018-12-17T23:07:27.772552305Z 78 PC: 12b1a | Find first file
2018-12-17T23:07:27.779513779Z 67 PC: 12b36 | Get or set file attributes
2018-12-17T23:07:27.796050941Z 61 PC: 12b58 | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:07:27.802656761Z 63 PC: 12b74 | Read file or device (Read 1269 bytes on handle 5)
2018-12-17T23:07:27.810592319Z 66 PC: 12b9f | Move file pointer
2018-12-17T23:07:27.812295709Z 66 PC: 12bc0 | Move file pointer
2018-12-17T23:07:27.813668738Z 64 PC: 12bdb | Write file or device (Write 407 bytes on handle 5)
2018-12-17T23:07:27.821863487Z 64 PC: 12beb | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:07:27.825278981Z 66 PC: 12c31 | Move file pointer
2018-12-17T23:07:27.826711812Z 64 PC: 12c42 | Write file or device (Write 1269 bytes on handle 5)
2018-12-17T23:07:27.835214729Z 87 PC: 12c53 | Get or set file date and time
2018-12-17T23:07:27.838285321Z 67 PC: 12c65 | Get or set file attributes
2018-12-17T23:07:27.849955242Z 62 PC: 12c6b | Close file
2018-12-17T23:07:27.857061325Z 79 PC: 12b1a | Find next file
2018-12-17T23:07:27.860862358Z 67 PC: 12b36 | Get or set file attributes
2018-12-17T23:07:27.870732462Z 61 PC: 12b58 | Open file (Filename = 'PRINT.COM')
2018-12-17T23:07:27.877425365Z 63 PC: 12b74 | Read file or device (Read 1269 bytes on handle 5)
2018-12-17T23:07:27.884734775Z 66 PC: 12b9f | Move file pointer
2018-12-17T23:07:27.886176525Z 66 PC: 12bc0 | Move file pointer
2018-12-17T23:07:27.887468892Z 64 PC: 12bdb | Write file or device (Write 27 bytes on handle 5)
2018-12-17T23:07:27.891946511Z 64 PC: 12beb | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:07:27.894708253Z 66 PC: 12c31 | Move file pointer
2018-12-17T23:07:27.896002265Z 64 PC: 12c42 | Write file or device (Write 1269 bytes on handle 5)
2018-12-17T23:07:27.904828102Z 87 PC: 12c53 | Get or set file date and time
2018-12-17T23:07:27.907467186Z 67 PC: 12c65 | Get or set file attributes
2018-12-17T23:07:27.91830695Z 62 PC: 12c6b | Close file
2018-12-17T23:07:27.937497121Z 79 PC: 12b1a | Find next file
2018-12-17T23:07:27.940145764Z 67 PC: 12b36 | Get or set file attributes
2018-12-17T23:07:27.950173865Z 61 PC: 12b58 | Open file (Filename = 'HELLO.COM')
2018-12-17T23:07:27.957655647Z 63 PC: 12b74 | Read file or device (Read 1269 bytes on handle 5)
2018-12-17T23:07:27.963968748Z 66 PC: 12b9f | Move file pointer
2018-12-17T23:07:27.965263144Z 66 PC: 12bc0 | Move file pointer
2018-12-17T23:07:27.967215816Z 64 PC: 12bdb | Write file or device (Write 92 bytes on handle 5)
2018-12-17T23:07:27.971087953Z 64 PC: 12beb | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:07:27.973960424Z 66 PC: 12c31 | Move file pointer
2018-12-17T23:07:27.976121535Z 64 PC: 12c42 | Write file or device (Write 1269 bytes on handle 5)
2018-12-17T23:07:27.984416216Z 87 PC: 12c53 | Get or set file date and time
2018-12-17T23:07:27.986134061Z 67 PC: 12c65 | Get or set file attributes
2018-12-17T23:07:27.997162132Z 62 PC: 12c6b | Close file
2018-12-17T23:07:28.004201961Z 79 PC: 12b1a | Find next file
2018-12-17T23:07:28.006959195Z 67 PC: 12b36 | Get or set file attributes
2018-12-17T23:07:28.016737233Z 61 PC: 12b58 | Open file (Filename = 'PHANG.COM')
2018-12-17T23:07:28.023631912Z 63 PC: 12b74 | Read file or device (Read 1269 bytes on handle 5)
2018-12-17T23:07:28.030032336Z 66 PC: 12b9f | Move file pointer
2018-12-17T23:07:28.031784043Z 66 PC: 12bc0 | Move file pointer
2018-12-17T23:07:28.033393625Z 64 PC: 12bdb | Write file or device (Write 29 bytes on handle 5)
2018-12-17T23:07:28.037016946Z 64 PC: 12beb | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:07:28.039889989Z 66 PC: 12c31 | Move file pointer
2018-12-17T23:07:28.041764538Z 64 PC: 12c42 | Write file or device (Write 1269 bytes on handle 5)
2018-12-17T23:07:28.049269956Z 87 PC: 12c53 | Get or set file date and time
2018-12-17T23:07:28.051698286Z 67 PC: 12c65 | Get or set file attributes
2018-12-17T23:07:28.062317448Z 62 PC: 12c6b | Close file
2018-12-17T23:07:28.069207616Z 79 PC: 12b1a | Find next file
2018-12-17T23:07:28.072311416Z 67 PC: 12b36 | Get or set file attributes
2018-12-17T23:07:28.082663195Z 61 PC: 12b58 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T23:07:28.089158116Z 63 PC: 12b74 | Read file or device (Read 1269 bytes on handle 5)
2018-12-17T23:07:28.09542987Z 66 PC: 12b9f | Move file pointer
2018-12-17T23:07:28.09789875Z 66 PC: 12bc0 | Move file pointer
2018-12-17T23:07:28.099696073Z 64 PC: 12bdb | Write file or device (Write 29 bytes on handle 5)
2018-12-17T23:07:28.103357185Z 64 PC: 12beb | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:07:28.10732752Z 66 PC: 12c31 | Move file pointer
2018-12-17T23:07:28.108671357Z 64 PC: 12c42 | Write file or device (Write 1269 bytes on handle 5)
2018-12-17T23:07:28.116649523Z 87 PC: 12c53 | Get or set file date and time
2018-12-17T23:07:28.119352645Z 67 PC: 12c65 | Get or set file attributes
2018-12-17T23:07:28.130309889Z 62 PC: 12c6b | Close file
2018-12-17T23:07:28.137247064Z 78 PC: 12b1a | Find first file
2018-12-17T23:07:28.144356628Z 78 PC: 12cd0 | Find first file
2018-12-17T23:07:28.150241528Z 78 PC: 12cd0 | Find first file
2018-12-17T23:07:28.156080212Z 78 PC: 12cd0 | Find first file
2018-12-17T23:07:28.178143808Z 78 PC: 12cd0 | Find first file
2018-12-17T23:07:28.189557791Z 78 PC: 12cd0 | Find first file
2018-12-17T23:07:28.200377216Z 78 PC: 12cd0 | Find first file
2018-12-17T23:07:28.207037592Z 78 PC: 12cd0 | Find first file
2018-12-17T23:07:28.212748156Z 78 PC: 12cd0 | Find first file
2018-12-17T23:07:28.218659874Z 78 PC: 12cd0 | Find first file
2018-12-17T23:07:28.22529794Z 59 PC: 12db4 | Change current directory
2018-12-17T23:07:28.234245851Z 26 PC: 12dd1 | Set disk transfer address
2018-12-17T23:07:28.235623724Z 59 PC: 12ddc | Change current directory
2018-12-17T23:07:28.23892009Z 76 PC: 14595 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15865,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:44:45.381459143Z 26 PC: 12ad9 | Set disk transfer address
2018-12-25T12:44:45.383805759Z 71 PC: 12aeb | Get current directory
2018-12-25T12:44:45.386585794Z 42 PC: 12af1 | Get date 0x12af1: cmp dh, 4
0x12af4: jne 0x12b0f
0x12af6: cmp dl, 0xf
0x12af9: jne 0x12b0f
0x12afb: mov ax, 0x1010
0x12afe: out 0x70, ax
0x12b00: mov dx, 0x505
0x12b03: mov ah, 9
0x12b05: int 0x21
0x12b07: mov ah, 8
0x12b09: int 0x21
0x12b0b: mov al, 0xfe
0x12b0d: out 0x64, al
0x12b0f: mov dx, 0x4f3
0x12b12: mov ah, byte ptr [0x5ea]
0x12b16: mov cl, 7
0x12b18: int 0x21
0x12b1a: jae 0x12b1f
0x12b1c: jmp 0x12d8f
0x12b1f: mov dx, word ptr [0x528]
2018-12-25T12:44:45.388632229Z 78 PC: 12b1a | Find first file
2018-12-25T12:44:45.394815486Z 67 PC: 12b36 | Get or set file attributes
2018-12-25T12:44:45.41181119Z 61 PC: 12b58 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:44:45.427003463Z 63 PC: 12b74 | Read file or device (Read 1269 bytes on handle 5)
2018-12-25T12:44:45.435284612Z 66 PC: 12b9f | Move file pointer
2018-12-25T12:44:45.437196954Z 66 PC: 12bc0 | Move file pointer
2018-12-25T12:44:45.439142289Z 64 PC: 12bdb | Write file or device (Write 407 bytes on handle 5)
2018-12-25T12:44:45.448192824Z 64 PC: 12beb | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:44:45.452214281Z 66 PC: 12c31 | Move file pointer
2018-12-25T12:44:45.454019217Z 64 PC: 12c42 | Write file or device (Write 1269 bytes on handle 5)
2018-12-25T12:44:45.464985047Z 87 PC: 12c53 | Get or set file date and time
2018-12-25T12:44:45.469246268Z 67 PC: 12c65 | Get or set file attributes
2018-12-25T12:44:45.479352118Z 62 PC: 12c6b | Close file
2018-12-25T12:44:45.497669134Z 79 PC: 12b1a | Find next file (See above)
2018-12-25T12:44:45.501843731Z 67 PC: 12b36 | Get or set file attributes (See above)
2018-12-25T12:44:45.513163781Z 61 PC: 12b58 | Open file (See above)
2018-12-25T12:44:45.521738934Z 63 PC: 12b74 | Read file or device (See above)
2018-12-25T12:44:45.529619699Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:44:45.531891609Z 66 PC: 12bc0 | Move file pointer (See above)
2018-12-25T12:44:45.533764591Z 64 PC: 12bdb | Write file or device (See above)
2018-12-25T12:44:45.542593425Z 64 PC: 12beb | Write file or device (See above)
2018-12-25T12:44:45.546143844Z 66 PC: 12c31 | Move file pointer (See above)
2018-12-25T12:44:45.548048529Z 64 PC: 12c42 | Write file or device (See above)
2018-12-25T12:44:45.558483635Z 87 PC: 12c53 | Get or set file date and time (See above)
2018-12-25T12:44:45.56043683Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T12:44:45.572142633Z 62 PC: 12c6b | Close file (See above)
2018-12-25T12:44:45.579790809Z 79 PC: 12b1a | Find next file (See above)
2018-12-25T12:44:45.582434497Z 67 PC: 12b36 | Get or set file attributes (See above)
2018-12-25T12:44:45.592299069Z 61 PC: 12b58 | Open file (See above)
2018-12-25T12:44:45.59932891Z 63 PC: 12b74 | Read file or device (See above)
2018-12-25T12:44:45.60575741Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:44:45.607595457Z 66 PC: 12bc0 | Move file pointer (See above)
2018-12-25T12:44:45.610269121Z 64 PC: 12bdb | Write file or device (See above)
2018-12-25T12:44:45.614095366Z 64 PC: 12beb | Write file or device (See above)
2018-12-25T12:44:45.616710535Z 66 PC: 12c31 | Move file pointer (See above)
2018-12-25T12:44:45.618316278Z 64 PC: 12c42 | Write file or device (See above)
2018-12-25T12:44:45.643985938Z 87 PC: 12c53 | Get or set file date and time (See above)
2018-12-25T12:44:45.645628798Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T12:44:45.656572026Z 62 PC: 12c6b | Close file (See above)
2018-12-25T12:44:45.66339694Z 79 PC: 12b1a | Find next file (See above)
2018-12-25T12:44:45.665892836Z 67 PC: 12b36 | Get or set file attributes (See above)
2018-12-25T12:44:45.675383151Z 61 PC: 12b58 | Open file (See above)
2018-12-25T12:44:45.681919381Z 63 PC: 12b74 | Read file or device (See above)
2018-12-25T12:44:45.688081135Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:44:45.690010636Z 66 PC: 12bc0 | Move file pointer (See above)
2018-12-25T12:44:45.691430275Z 64 PC: 12bdb | Write file or device (See above)
2018-12-25T12:44:45.695098937Z 64 PC: 12beb | Write file or device (See above)
2018-12-25T12:44:45.69808006Z 66 PC: 12c31 | Move file pointer (See above)
2018-12-25T12:44:45.699954735Z 64 PC: 12c42 | Write file or device (See above)
2018-12-25T12:44:45.70731326Z 87 PC: 12c53 | Get or set file date and time (See above)
2018-12-25T12:44:45.708839239Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T12:44:45.720170058Z 62 PC: 12c6b | Close file (See above)
2018-12-25T12:44:45.726954066Z 79 PC: 12b1a | Find next file (See above)
2018-12-25T12:44:45.729672074Z 67 PC: 12b36 | Get or set file attributes (See above)
2018-12-25T12:44:45.741547402Z 61 PC: 12b58 | Open file (See above)
2018-12-25T12:44:45.746006214Z 63 PC: 12b74 | Read file or device (See above)
2018-12-25T12:44:45.750090245Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:44:45.7520221Z 66 PC: 12bc0 | Move file pointer (See above)
2018-12-25T12:44:45.753222927Z 64 PC: 12bdb | Write file or device (See above)
2018-12-25T12:44:45.756080681Z 64 PC: 12beb | Write file or device (See above)
2018-12-25T12:44:45.758806697Z 66 PC: 12c31 | Move file pointer (See above)
2018-12-25T12:44:45.760066492Z 64 PC: 12c42 | Write file or device (See above)
2018-12-25T12:44:45.765124751Z 87 PC: 12c53 | Get or set file date and time (See above)
2018-12-25T12:44:45.767217112Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T12:44:45.778062639Z 62 PC: 12c6b | Close file (See above)
2018-12-25T12:44:45.787699632Z 78 PC: 12b1a | Find first file (See above)
2018-12-25T12:44:45.79388802Z 78 PC: 12cd0 | Find first file
2018-12-25T12:44:45.799411205Z 78 PC: 12cd0 | Find first file (See above)
2018-12-25T12:44:45.804946875Z 78 PC: 12cd0 | Find first file (See above)
2018-12-25T12:44:45.810905502Z 78 PC: 12cd0 | Find first file (See above)
2018-12-25T12:44:45.821334786Z 78 PC: 12cd0 | Find first file (See above)
2018-12-25T12:44:45.831653027Z 78 PC: 12cd0 | Find first file (See above)
2018-12-25T12:44:45.842641285Z 78 PC: 12cd0 | Find first file (See above)
2018-12-25T12:44:45.848867573Z 78 PC: 12cd0 | Find first file (See above)
2018-12-25T12:44:45.854440461Z 78 PC: 12cd0 | Find first file (See above)
2018-12-25T12:44:45.860667103Z 59 PC: 12db4 | Change current directory
2018-12-25T12:44:45.864770637Z 26 PC: 12dd1 | Set disk transfer address
2018-12-25T12:44:45.865809488Z 59 PC: 12ddc | Change current directory
2018-12-25T12:44:45.868694686Z 76 PC: 14595 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":4,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15865,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:44:45.448822064Z 26 PC: 12ad9 | Set disk transfer address
2018-12-25T12:44:45.45042113Z 71 PC: 12aeb | Get current directory
2018-12-25T12:44:45.453272429Z 42 PC: 12af1 | Get date 0x12af1: cmp dh, 4
0x12af4: jne 0x12b0f
0x12af6: cmp dl, 0xf
0x12af9: jne 0x12b0f
0x12afb: mov ax, 0x1010
0x12afe: out 0x70, ax
0x12b00: mov dx, 0x505
0x12b03: mov ah, 9
0x12b05: int 0x21
0x12b07: mov ah, 8
0x12b09: int 0x21
0x12b0b: mov al, 0xfe
0x12b0d: out 0x64, al
0x12b0f: mov dx, 0x4f3
0x12b12: mov ah, byte ptr [0x5ea]
0x12b16: mov cl, 7
0x12b18: int 0x21
0x12b1a: jae 0x12b1f
0x12b1c: jmp 0x12d8f
0x12b1f: mov dx, word ptr [0x528]
2018-12-25T12:44:45.4553958Z 78 PC: 12b1a | Find first file
2018-12-25T12:44:45.463686548Z 67 PC: 12b36 | Get or set file attributes
2018-12-25T12:44:45.479987355Z 61 PC: 12b58 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:44:45.491307258Z 63 PC: 12b74 | Read file or device (Read 1269 bytes on handle 5)
2018-12-25T12:44:45.498882745Z 66 PC: 12b9f | Move file pointer
2018-12-25T12:44:45.501007945Z 66 PC: 12bc0 | Move file pointer
2018-12-25T12:44:45.502766548Z 64 PC: 12bdb | Write file or device (Write 407 bytes on handle 5)
2018-12-25T12:44:45.511218818Z 64 PC: 12beb | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:44:45.514984278Z 66 PC: 12c31 | Move file pointer
2018-12-25T12:44:45.516360213Z 64 PC: 12c42 | Write file or device (Write 1269 bytes on handle 5)
2018-12-25T12:44:45.526986276Z 87 PC: 12c53 | Get or set file date and time
2018-12-25T12:44:45.530005298Z 67 PC: 12c65 | Get or set file attributes
2018-12-25T12:44:45.542674446Z 62 PC: 12c6b | Close file
2018-12-25T12:44:45.566759226Z 79 PC: 12b1a | Find next file (See above)
2018-12-25T12:44:45.570507826Z 67 PC: 12b36 | Get or set file attributes (See above)
2018-12-25T12:44:45.580285714Z 61 PC: 12b58 | Open file (See above)
2018-12-25T12:44:45.587053405Z 63 PC: 12b74 | Read file or device (See above)
2018-12-25T12:44:45.594136288Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:44:45.595679809Z 66 PC: 12bc0 | Move file pointer (See above)
2018-12-25T12:44:45.597118625Z 64 PC: 12bdb | Write file or device (See above)
2018-12-25T12:44:45.602467356Z 64 PC: 12beb | Write file or device (See above)
2018-12-25T12:44:45.605381562Z 66 PC: 12c31 | Move file pointer (See above)
2018-12-25T12:44:45.606707666Z 64 PC: 12c42 | Write file or device (See above)
2018-12-25T12:44:45.622427041Z 87 PC: 12c53 | Get or set file date and time (See above)
2018-12-25T12:44:45.627261166Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T12:44:45.63778247Z 62 PC: 12c6b | Close file (See above)
2018-12-25T12:44:45.644841585Z 79 PC: 12b1a | Find next file (See above)
2018-12-25T12:44:45.647902169Z 67 PC: 12b36 | Get or set file attributes (See above)
2018-12-25T12:44:45.657657574Z 61 PC: 12b58 | Open file (See above)
2018-12-25T12:44:45.664597249Z 63 PC: 12b74 | Read file or device (See above)
2018-12-25T12:44:45.671955166Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:44:45.674423627Z 66 PC: 12bc0 | Move file pointer (See above)
2018-12-25T12:44:45.67613755Z 64 PC: 12bdb | Write file or device (See above)
2018-12-25T12:44:45.68101035Z 64 PC: 12beb | Write file or device (See above)
2018-12-25T12:44:45.683774973Z 66 PC: 12c31 | Move file pointer (See above)
2018-12-25T12:44:45.685073419Z 64 PC: 12c42 | Write file or device (See above)
2018-12-25T12:44:45.69299243Z 87 PC: 12c53 | Get or set file date and time (See above)
2018-12-25T12:44:45.694555672Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T12:44:45.70506772Z 62 PC: 12c6b | Close file (See above)
2018-12-25T12:44:45.711808367Z 79 PC: 12b1a | Find next file (See above)
2018-12-25T12:44:45.714276358Z 67 PC: 12b36 | Get or set file attributes (See above)
2018-12-25T12:44:45.723444383Z 61 PC: 12b58 | Open file (See above)
2018-12-25T12:44:45.731304101Z 63 PC: 12b74 | Read file or device (See above)
2018-12-25T12:44:45.737398841Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:44:45.739385381Z 66 PC: 12bc0 | Move file pointer (See above)
2018-12-25T12:44:45.741943347Z 64 PC: 12bdb | Write file or device (See above)
2018-12-25T12:44:45.745498255Z 64 PC: 12beb | Write file or device (See above)
2018-12-25T12:44:45.748081933Z 66 PC: 12c31 | Move file pointer (See above)
2018-12-25T12:44:45.749918149Z 64 PC: 12c42 | Write file or device (See above)
2018-12-25T12:44:45.7571266Z 87 PC: 12c53 | Get or set file date and time (See above)
2018-12-25T12:44:45.758488895Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T12:44:45.769262708Z 62 PC: 12c6b | Close file (See above)
2018-12-25T12:44:45.775910965Z 79 PC: 12b1a | Find next file (See above)
2018-12-25T12:44:45.778469199Z 67 PC: 12b36 | Get or set file attributes (See above)
2018-12-25T12:44:45.78831795Z 61 PC: 12b58 | Open file (See above)
2018-12-25T12:44:45.794670677Z 63 PC: 12b74 | Read file or device (See above)
2018-12-25T12:44:45.800688589Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:44:45.803355426Z 66 PC: 12bc0 | Move file pointer (See above)
2018-12-25T12:44:45.805108868Z 64 PC: 12bdb | Write file or device (See above)
2018-12-25T12:44:45.809815561Z 64 PC: 12beb | Write file or device (See above)
2018-12-25T12:44:45.813687591Z 66 PC: 12c31 | Move file pointer (See above)
2018-12-25T12:44:45.815540988Z 64 PC: 12c42 | Write file or device (See above)
2018-12-25T12:44:45.823384412Z 87 PC: 12c53 | Get or set file date and time (See above)
2018-12-25T12:44:45.825475982Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T12:44:45.835824028Z 62 PC: 12c6b | Close file (See above)
2018-12-25T12:44:45.842757071Z 78 PC: 12b1a | Find first file (See above)
2018-12-25T12:44:45.849651642Z 78 PC: 12cd0 | Find first file
2018-12-25T12:44:45.856005071Z 78 PC: 12cd0 | Find first file (See above)
2018-12-25T12:44:45.866726129Z 78 PC: 12cd0 | Find first file (See above)
2018-12-25T12:44:45.879255979Z 78 PC: 12cd0 | Find first file (See above)
2018-12-25T12:44:45.885265084Z 78 PC: 12cd0 | Find first file (See above)
2018-12-25T12:44:45.890981041Z 78 PC: 12cd0 | Find first file (See above)
2018-12-25T12:44:45.896687683Z 78 PC: 12cd0 | Find first file (See above)
2018-12-25T12:44:45.902559949Z 78 PC: 12cd0 | Find first file (See above)
2018-12-25T12:44:45.912759129Z 78 PC: 12cd0 | Find first file (See above)
2018-12-25T12:44:45.92384458Z 59 PC: 12db4 | Change current directory
2018-12-25T12:44:45.933265561Z 26 PC: 12dd1 | Set disk transfer address
2018-12-25T12:44:45.934277142Z 59 PC: 12ddc | Change current directory
2018-12-25T12:44:45.937365417Z 76 PC: 14595 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":15,"Month":4,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15865,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:44:45.560472725Z 26 PC: 12ad9 | Set disk transfer address
2018-12-25T12:44:45.562548283Z 71 PC: 12aeb | Get current directory
2018-12-25T12:44:45.565201244Z 42 PC: 12af1 | Get date 0x12af1: cmp dh, 4
0x12af4: jne 0x12b0f
0x12af6: cmp dl, 0xf
0x12af9: jne 0x12b0f
0x12afb: mov ax, 0x1010
0x12afe: out 0x70, ax
0x12b00: mov dx, 0x505
0x12b03: mov ah, 9
0x12b05: int 0x21
0x12b07: mov ah, 8
0x12b09: int 0x21
0x12b0b: mov al, 0xfe
0x12b0d: out 0x64, al
0x12b0f: mov dx, 0x4f3
0x12b12: mov ah, byte ptr [0x5ea]
0x12b16: mov cl, 7
0x12b18: int 0x21
0x12b1a: jae 0x12b1f
0x12b1c: jmp 0x12d8f
0x12b1f: mov dx, word ptr [0x528]
2018-12-25T12:44:45.567204344Z 9 PC: 12b07 | Display string (String= '��ࠡ���� - rulez forever ! ')
2018-12-25T12:44:45.571976723Z 8 PC: 12b0b | Console input without echo