Sample viewer

vx.netlux.org/Virus.DOS.Mainman.315

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:09:01.668347043Z 26 PC: 12c9e | Set disk transfer address
2018-12-17T23:09:01.670891477Z 78 PC: 12ca8 | Find first file
2018-12-17T23:09:01.677605794Z 61 PC: 12cb4 | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:09:01.684877391Z 87 PC: 12cba | Get or set file date and time
2018-12-17T23:09:01.686422749Z 63 PC: 12cc7 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:09:01.693919126Z 66 PC: 12cda | Move file pointer
2018-12-17T23:09:01.695764867Z 64 PC: 12ce5 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:09:01.699020917Z 66 PC: 12ced | Move file pointer
2018-12-17T23:09:01.706293686Z 64 PC: 12c30 | Write file or device (Write 306 bytes on handle 5)
2018-12-17T23:09:02.007778491Z 87 PC: 12cf7 | Get or set file date and time
2018-12-17T23:09:02.009556567Z 67 PC: 12d00 | Get or set file attributes
2018-12-17T23:09:02.022450426Z 62 PC: 12d04 | Close file
2018-12-17T23:09:02.030918185Z 79 PC: 12ca8 | Find next file
2018-12-17T23:09:02.034285615Z 61 PC: 12cb4 | Open file (Filename = 'PRINT.COM')
2018-12-17T23:09:02.042509023Z 87 PC: 12cba | Get or set file date and time
2018-12-17T23:09:02.044338331Z 63 PC: 12cc7 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:09:02.051870563Z 66 PC: 12cda | Move file pointer
2018-12-17T23:09:02.054596412Z 64 PC: 12ce5 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:09:02.057502029Z 66 PC: 12ced | Move file pointer
2018-12-17T23:09:02.062926895Z 64 PC: 12c30 | Write file or device (Write 306 bytes on handle 5)
2018-12-17T23:09:02.071854646Z 87 PC: 12cf7 | Get or set file date and time
2018-12-17T23:09:02.0748963Z 67 PC: 12d00 | Get or set file attributes
2018-12-17T23:09:02.088039972Z 62 PC: 12d04 | Close file
2018-12-17T23:09:02.09640105Z 79 PC: 12ca8 | Find next file
2018-12-17T23:09:02.100704728Z 61 PC: 12cb4 | Open file (Filename = 'HELLO.COM')
2018-12-17T23:09:02.108402938Z 87 PC: 12cba | Get or set file date and time
2018-12-17T23:09:02.110316871Z 63 PC: 12cc7 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:09:02.118239791Z 66 PC: 12cda | Move file pointer
2018-12-17T23:09:02.120115856Z 64 PC: 12ce5 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:09:02.123396604Z 66 PC: 12ced | Move file pointer
2018-12-17T23:09:02.12625635Z 64 PC: 12c30 | Write file or device (Write 306 bytes on handle 5)
2018-12-17T23:09:02.129756012Z 87 PC: 12cf7 | Get or set file date and time
2018-12-17T23:09:02.131475483Z 67 PC: 12d00 | Get or set file attributes
2018-12-17T23:09:02.144361549Z 62 PC: 12d04 | Close file
2018-12-17T23:09:02.153030185Z 79 PC: 12ca8 | Find next file
2018-12-17T23:09:02.156095284Z 61 PC: 12cb4 | Open file (Filename = 'PHANG.COM')
2018-12-17T23:09:02.16407039Z 87 PC: 12cba | Get or set file date and time
2018-12-17T23:09:02.166701517Z 63 PC: 12cc7 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:09:02.174012461Z 66 PC: 12cda | Move file pointer
2018-12-17T23:09:02.175740078Z 64 PC: 12ce5 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:09:02.178781458Z 66 PC: 12ced | Move file pointer
2018-12-17T23:09:02.180568441Z 64 PC: 12c30 | Write file or device (Write 306 bytes on handle 5)
2018-12-17T23:09:02.19004011Z 87 PC: 12cf7 | Get or set file date and time
2018-12-17T23:09:02.195338739Z 67 PC: 12d00 | Get or set file attributes
2018-12-17T23:09:02.206744805Z 62 PC: 12d04 | Close file
2018-12-17T23:09:02.214838411Z 79 PC: 12ca8 | Find next file
2018-12-17T23:09:02.218999746Z 61 PC: 12cb4 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T23:09:02.226402368Z 87 PC: 12cba | Get or set file date and time
2018-12-17T23:09:02.228104556Z 63 PC: 12cc7 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:09:02.236078201Z 66 PC: 12cda | Move file pointer
2018-12-17T23:09:02.237835974Z 64 PC: 12ce5 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:09:02.241382596Z 66 PC: 12ced | Move file pointer
2018-12-17T23:09:02.244136475Z 64 PC: 12c30 | Write file or device (Write 306 bytes on handle 5)
2018-12-17T23:09:02.247463313Z 87 PC: 12cf7 | Get or set file date and time
2018-12-17T23:09:02.249212997Z 67 PC: 12d00 | Get or set file attributes
2018-12-17T23:09:02.261427588Z 62 PC: 12d04 | Close file
2018-12-17T23:09:02.269237533Z 79 PC: 12ca8 | Find next file
2018-12-17T23:09:02.272579065Z 61 PC: 12cb4 | Open file (Filename = 'MANDEL.COM')
2018-12-17T23:09:02.280198065Z 87 PC: 12cba | Get or set file date and time
2018-12-17T23:09:02.282720833Z 63 PC: 12cc7 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:09:02.290414325Z 66 PC: 12cda | Move file pointer
2018-12-17T23:09:02.291960566Z 64 PC: 12ce5 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:09:02.295510928Z 66 PC: 12ced | Move file pointer
2018-12-17T23:09:02.29715278Z 64 PC: 12c30 | Write file or device (Write 306 bytes on handle 5)
2018-12-17T23:09:02.306336591Z 87 PC: 12cf7 | Get or set file date and time
2018-12-17T23:09:02.308935308Z 67 PC: 12d00 | Get or set file attributes
2018-12-17T23:09:02.320553689Z 62 PC: 12d04 | Close file
2018-12-17T23:09:02.327977498Z 79 PC: 12ca8 | Find next file
2018-12-17T23:09:02.331257022Z 61 PC: 12cb4 | Open file (Filename = 'PAH.COM')
2018-12-17T23:09:02.338585755Z 87 PC: 12cba | Get or set file date and time
2018-12-17T23:09:02.339996878Z 63 PC: 12cc7 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:09:02.348273338Z 66 PC: 12cda | Move file pointer
2018-12-17T23:09:02.349994206Z 64 PC: 12ce5 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:09:02.353060658Z 66 PC: 12ced | Move file pointer
2018-12-17T23:09:02.355466164Z 64 PC: 12c30 | Write file or device (Write 306 bytes on handle 5)
2018-12-17T23:09:02.358581873Z 87 PC: 12cf7 | Get or set file date and time
2018-12-17T23:09:02.360104729Z 67 PC: 12d00 | Get or set file attributes
2018-12-17T23:09:02.371784534Z 62 PC: 12d04 | Close file
2018-12-17T23:09:02.379332463Z 79 PC: 12ca8 | Find next file
2018-12-17T23:09:02.381962753Z 61 PC: 12cb4 | Open file (Filename = 'TEST.COM')
2018-12-17T23:09:02.389229423Z 87 PC: 12cba | Get or set file date and time
2018-12-17T23:09:02.390934679Z 63 PC: 12cc7 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:09:02.393639132Z 66 PC: 12cda | Move file pointer
2018-12-17T23:09:02.395037282Z 64 PC: 12ce5 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:09:02.397993869Z 66 PC: 12ced | Move file pointer
2018-12-17T23:09:02.399714973Z 64 PC: 12c30 | Write file or device (Write 306 bytes on handle 5)
2018-12-17T23:09:02.40890861Z 87 PC: 12cf7 | Get or set file date and time
2018-12-17T23:09:02.411454418Z 67 PC: 12d00 | Get or set file attributes
2018-12-17T23:09:02.424114869Z 62 PC: 12d04 | Close file
2018-12-17T23:09:02.432067505Z 79 PC: 12ca8 | Find next file
2018-12-17T23:09:02.435680381Z 26 PC: 12d0f | Set disk transfer address
2018-12-17T23:09:02.436944536Z 26 PC: 12a6d | Set disk transfer address
2018-12-17T23:09:02.438208297Z 71 PC: 12b54 | Get current directory
2018-12-17T23:09:02.442359413Z 78 PC: 12a7c | Find first file
2018-12-17T23:09:02.448801062Z 61 PC: 12a8f | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:09:02.455965308Z 63 PC: 12a9b | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:09:02.464385604Z 66 PC: 12abb | Move file pointer
2018-12-17T23:09:02.465979718Z 64 PC: 12ac8 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:09:02.469088796Z 66 PC: 12ad3 | Move file pointer
2018-12-17T23:09:02.471354298Z 64 PC: 12ae0 | Write file or device (Write 315 bytes on handle 5)
2018-12-17T23:09:02.480336157Z 62 PC: 12ae4 | Close file
2018-12-17T23:09:02.48997953Z 59 PC: 12aec | Change current directory
2018-12-17T23:09:02.495093114Z 59 PC: 12af6 | Change current directory
2018-12-17T23:09:02.497011347Z 42 PC: 12aff | Get date 0x12aff: mov dl, 0
0x12b01: cmp al, dl
0x12b03: jne 0x12b45
0x12b05: mov ax, cs
0x12b07: mov ds, ax
0x12b09: mov ah, 9
0x12b0b: mov dx, 0x222
0x12b0e: int 0x21
0x12b10: mov bx, 0x440d
0x12b13: mov ax, bx
0x12b15: mov bx, 0x84b
0x12b18: mov cx, bx
0x12b1a: xor bh, bh
0x12b1c: xor dx, dx
0x12b1e: int 0x21
0x12b20: mov dx, 0
0x12b23: mov cx, 2
0x12b26: mov bx, 0x311
0x12b29: mov dl, 0x80
0x12b2b: mov ax, bx
2018-12-17T23:09:02.499658597Z 26 PC: 12b49 | Set disk transfer address

{"DateBased":true,"Day":6,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16393,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:52:44.514349009Z 26 PC: 12c9e | Set disk transfer address
2018-12-25T12:52:44.516076369Z 78 PC: 12ca8 | Find first file
2018-12-25T12:52:44.521757812Z 61 PC: 12cb4 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:52:44.527968872Z 87 PC: 12cba | Get or set file date and time
2018-12-25T12:52:44.529707474Z 63 PC: 12cc7 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:52:44.53580462Z 66 PC: 12cda | Move file pointer
2018-12-25T12:52:44.537112065Z 64 PC: 12ce5 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:52:44.540669039Z 66 PC: 12ced | Move file pointer
2018-12-25T12:52:44.542133103Z 64 PC: 12c30 | Write file or device (Write 306 bytes on handle 5)
2018-12-25T12:52:44.556238806Z 87 PC: 12cf7 | Get or set file date and time
2018-12-25T12:52:44.558110389Z 67 PC: 12d00 | Get or set file attributes
2018-12-25T12:52:44.568630315Z 62 PC: 12d04 | Close file
2018-12-25T12:52:44.575280386Z 79 PC: 12ca8 | Find next file (See above)
2018-12-25T12:52:44.577855928Z 61 PC: 12cb4 | Open file (See above)
2018-12-25T12:52:44.584136622Z 87 PC: 12cba | Get or set file date and time (See above)
2018-12-25T12:52:44.585353847Z 63 PC: 12cc7 | Read file or device (See above)
2018-12-25T12:52:44.591473308Z 66 PC: 12cda | Move file pointer (See above)
2018-12-25T12:52:44.593044846Z 64 PC: 12ce5 | Write file or device (See above)
2018-12-25T12:52:44.595577749Z 66 PC: 12ced | Move file pointer (See above)
2018-12-25T12:52:44.597084818Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T12:52:44.600061636Z 87 PC: 12cf7 | Get or set file date and time (See above)
2018-12-25T12:52:44.601674983Z 67 PC: 12d00 | Get or set file attributes (See above)
2018-12-25T12:52:44.611369596Z 62 PC: 12d04 | Close file (See above)
2018-12-25T12:52:44.618309988Z 79 PC: 12ca8 | Find next file (See above)
2018-12-25T12:52:44.620597278Z 61 PC: 12cb4 | Open file (See above)
2018-12-25T12:52:44.631990435Z 87 PC: 12cba | Get or set file date and time (See above)
2018-12-25T12:52:44.634311237Z 63 PC: 12cc7 | Read file or device (See above)
2018-12-25T12:52:44.640661146Z 66 PC: 12cda | Move file pointer (See above)
2018-12-25T12:52:44.642284242Z 64 PC: 12ce5 | Write file or device (See above)
2018-12-25T12:52:44.650547782Z 66 PC: 12ced | Move file pointer (See above)
2018-12-25T12:52:44.652016445Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T12:52:44.654652418Z 87 PC: 12cf7 | Get or set file date and time (See above)
2018-12-25T12:52:44.65656099Z 67 PC: 12d00 | Get or set file attributes (See above)
2018-12-25T12:52:44.666601173Z 62 PC: 12d04 | Close file (See above)
2018-12-25T12:52:44.673301157Z 79 PC: 12ca8 | Find next file (See above)
2018-12-25T12:52:44.676354743Z 61 PC: 12cb4 | Open file (See above)
2018-12-25T12:52:44.682759495Z 87 PC: 12cba | Get or set file date and time (See above)
2018-12-25T12:52:44.684113601Z 63 PC: 12cc7 | Read file or device (See above)
2018-12-25T12:52:44.690453962Z 66 PC: 12cda | Move file pointer (See above)
2018-12-25T12:52:44.691585882Z 64 PC: 12ce5 | Write file or device (See above)
2018-12-25T12:52:44.693805905Z 66 PC: 12ced | Move file pointer (See above)
2018-12-25T12:52:44.696291427Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T12:52:44.69890802Z 87 PC: 12cf7 | Get or set file date and time (See above)
2018-12-25T12:52:44.700292242Z 67 PC: 12d00 | Get or set file attributes (See above)
2018-12-25T12:52:44.717859263Z 62 PC: 12d04 | Close file (See above)
2018-12-25T12:52:44.722271092Z 79 PC: 12ca8 | Find next file (See above)
2018-12-25T12:52:44.723902394Z 61 PC: 12cb4 | Open file (See above)
2018-12-25T12:52:44.728761381Z 87 PC: 12cba | Get or set file date and time (See above)
2018-12-25T12:52:44.729696779Z 63 PC: 12cc7 | Read file or device (See above)
2018-12-25T12:52:44.735558711Z 66 PC: 12cda | Move file pointer (See above)
2018-12-25T12:52:44.737153199Z 64 PC: 12ce5 | Write file or device (See above)
2018-12-25T12:52:44.739489468Z 66 PC: 12ced | Move file pointer (See above)
2018-12-25T12:52:44.740850277Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T12:52:44.743943986Z 87 PC: 12cf7 | Get or set file date and time (See above)
2018-12-25T12:52:44.745278539Z 67 PC: 12d00 | Get or set file attributes (See above)
2018-12-25T12:52:44.754773827Z 62 PC: 12d04 | Close file (See above)
2018-12-25T12:52:44.761735256Z 79 PC: 12ca8 | Find next file (See above)
2018-12-25T12:52:44.764079861Z 61 PC: 12cb4 | Open file (See above)
2018-12-25T12:52:44.770718005Z 87 PC: 12cba | Get or set file date and time (See above)
2018-12-25T12:52:44.772261974Z 63 PC: 12cc7 | Read file or device (See above)
2018-12-25T12:52:44.778149214Z 66 PC: 12cda | Move file pointer (See above)
2018-12-25T12:52:44.779278635Z 64 PC: 12ce5 | Write file or device (See above)
2018-12-25T12:52:44.781993844Z 66 PC: 12ced | Move file pointer (See above)
2018-12-25T12:52:44.783334688Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T12:52:44.790926584Z 87 PC: 12cf7 | Get or set file date and time (See above)
2018-12-25T12:52:44.792584743Z 67 PC: 12d00 | Get or set file attributes (See above)
2018-12-25T12:52:44.802443268Z 62 PC: 12d04 | Close file (See above)
2018-12-25T12:52:44.808923927Z 79 PC: 12ca8 | Find next file (See above)
2018-12-25T12:52:44.811809976Z 61 PC: 12cb4 | Open file (See above)
2018-12-25T12:52:44.818170733Z 87 PC: 12cba | Get or set file date and time (See above)
2018-12-25T12:52:44.819671309Z 63 PC: 12cc7 | Read file or device (See above)
2018-12-25T12:52:44.826484064Z 66 PC: 12cda | Move file pointer (See above)
2018-12-25T12:52:44.82763044Z 64 PC: 12ce5 | Write file or device (See above)
2018-12-25T12:52:44.829989407Z 66 PC: 12ced | Move file pointer (See above)
2018-12-25T12:52:44.832798994Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T12:52:44.835356656Z 87 PC: 12cf7 | Get or set file date and time (See above)
2018-12-25T12:52:44.836605008Z 67 PC: 12d00 | Get or set file attributes (See above)
2018-12-25T12:52:44.847423849Z 62 PC: 12d04 | Close file (See above)
2018-12-25T12:52:44.865724287Z 79 PC: 12ca8 | Find next file (See above)
2018-12-25T12:52:44.868395559Z 61 PC: 12cb4 | Open file (See above)
2018-12-25T12:52:44.875705667Z 87 PC: 12cba | Get or set file date and time (See above)
2018-12-25T12:52:44.87697586Z 63 PC: 12cc7 | Read file or device (See above)
2018-12-25T12:52:44.883096431Z 66 PC: 12cda | Move file pointer (See above)
2018-12-25T12:52:44.884878023Z 64 PC: 12ce5 | Write file or device (See above)
2018-12-25T12:52:44.887411453Z 66 PC: 12ced | Move file pointer (See above)
2018-12-25T12:52:44.889139754Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T12:52:44.898449589Z 87 PC: 12cf7 | Get or set file date and time (See above)
2018-12-25T12:52:44.900654524Z 67 PC: 12d00 | Get or set file attributes (See above)
2018-12-25T12:52:44.9112636Z 62 PC: 12d04 | Close file (See above)
2018-12-25T12:52:44.918558496Z 79 PC: 12ca8 | Find next file (See above)
2018-12-25T12:52:44.921195148Z 26 PC: 12d0f | Set disk transfer address
2018-12-25T12:52:44.922491861Z 26 PC: 12a6d | Set disk transfer address
2018-12-25T12:52:44.923887734Z 71 PC: 12b54 | Get current directory
2018-12-25T12:52:44.927550636Z 78 PC: 12a7c | Find first file
2018-12-25T12:52:44.933272645Z 61 PC: 12a8f | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:52:44.944576107Z 63 PC: 12a9b | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:52:44.950805265Z 66 PC: 12abb | Move file pointer
2018-12-25T12:52:44.951948392Z 64 PC: 12ac8 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:52:44.954314983Z 66 PC: 12ad3 | Move file pointer
2018-12-25T12:52:44.955985194Z 64 PC: 12ae0 | Write file or device (Write 315 bytes on handle 5)
2018-12-25T12:52:44.964447179Z 62 PC: 12ae4 | Close file
2018-12-25T12:52:44.972171922Z 59 PC: 12aec | Change current directory
2018-12-25T12:52:44.976348878Z 59 PC: 12af6 | Change current directory
2018-12-25T12:52:44.977849967Z 42 PC: 12aff | Get date 0x12aff: mov dl, 0
0x12b01: cmp al, dl
0x12b03: jne 0x12b45
0x12b05: mov ax, cs
0x12b07: mov ds, ax
0x12b09: mov ah, 9
0x12b0b: mov dx, 0x222
0x12b0e: int 0x21
0x12b10: mov bx, 0x440d
0x12b13: mov ax, bx
0x12b15: mov bx, 0x84b
0x12b18: mov cx, bx
0x12b1a: xor bh, bh
0x12b1c: xor dx, dx
0x12b1e: int 0x21
0x12b20: mov dx, 0
0x12b23: mov cx, 2
0x12b26: mov bx, 0x311
0x12b29: mov dl, 0x80
0x12b2b: mov ax, bx
2018-12-25T12:52:44.979797207Z 9 PC: 12b10 | Display string (String= 'pc infected mainmanIII.1997')
2018-12-25T12:52:44.982465218Z 68 PC: 12b20 | I/O control for devices (Set for = '� ��')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16393,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:52:44.743259679Z 26 PC: 12c9e | Set disk transfer address
2018-12-25T12:52:44.744814542Z 78 PC: 12ca8 | Find first file
2018-12-25T12:52:44.750474124Z 61 PC: 12cb4 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:52:44.756614187Z 87 PC: 12cba | Get or set file date and time
2018-12-25T12:52:44.758138658Z 63 PC: 12cc7 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:52:44.76453905Z 66 PC: 12cda | Move file pointer
2018-12-25T12:52:44.765720868Z 64 PC: 12ce5 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:52:44.768356167Z 66 PC: 12ced | Move file pointer
2018-12-25T12:52:44.769862805Z 64 PC: 12c30 | Write file or device (Write 306 bytes on handle 5)
2018-12-25T12:52:44.782721701Z 87 PC: 12cf7 | Get or set file date and time
2018-12-25T12:52:44.784184454Z 67 PC: 12d00 | Get or set file attributes
2018-12-25T12:52:44.796244827Z 62 PC: 12d04 | Close file
2018-12-25T12:52:44.802916104Z 79 PC: 12ca8 | Find next file (See above)
2018-12-25T12:52:44.805372756Z 61 PC: 12cb4 | Open file (See above)
2018-12-25T12:52:44.813300575Z 87 PC: 12cba | Get or set file date and time (See above)
2018-12-25T12:52:44.814584084Z 63 PC: 12cc7 | Read file or device (See above)
2018-12-25T12:52:44.820640218Z 66 PC: 12cda | Move file pointer (See above)
2018-12-25T12:52:44.822795518Z 64 PC: 12ce5 | Write file or device (See above)
2018-12-25T12:52:44.825270224Z 66 PC: 12ced | Move file pointer (See above)
2018-12-25T12:52:44.826841283Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T12:52:44.829969753Z 87 PC: 12cf7 | Get or set file date and time (See above)
2018-12-25T12:52:44.831544048Z 67 PC: 12d00 | Get or set file attributes (See above)
2018-12-25T12:52:44.84195454Z 62 PC: 12d04 | Close file (See above)
2018-12-25T12:52:44.849140037Z 79 PC: 12ca8 | Find next file (See above)
2018-12-25T12:52:44.851551303Z 61 PC: 12cb4 | Open file (See above)
2018-12-25T12:52:44.857635101Z 87 PC: 12cba | Get or set file date and time (See above)
2018-12-25T12:52:44.859114068Z 63 PC: 12cc7 | Read file or device (See above)
2018-12-25T12:52:44.865298534Z 66 PC: 12cda | Move file pointer (See above)
2018-12-25T12:52:44.866601065Z 64 PC: 12ce5 | Write file or device (See above)
2018-12-25T12:52:44.869200683Z 66 PC: 12ced | Move file pointer (See above)
2018-12-25T12:52:44.8709926Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T12:52:44.873210014Z 87 PC: 12cf7 | Get or set file date and time (See above)
2018-12-25T12:52:44.874240912Z 67 PC: 12d00 | Get or set file attributes (See above)
2018-12-25T12:52:44.880895402Z 62 PC: 12d04 | Close file (See above)
2018-12-25T12:52:44.885072565Z 79 PC: 12ca8 | Find next file (See above)
2018-12-25T12:52:44.886695583Z 61 PC: 12cb4 | Open file (See above)
2018-12-25T12:52:44.893691729Z 87 PC: 12cba | Get or set file date and time (See above)
2018-12-25T12:52:44.894573494Z 63 PC: 12cc7 | Read file or device (See above)
2018-12-25T12:52:44.898509769Z 66 PC: 12cda | Move file pointer (See above)
2018-12-25T12:52:44.900690814Z 64 PC: 12ce5 | Write file or device (See above)
2018-12-25T12:52:44.902462736Z 66 PC: 12ced | Move file pointer (See above)
2018-12-25T12:52:44.903442422Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T12:52:44.905661624Z 87 PC: 12cf7 | Get or set file date and time (See above)
2018-12-25T12:52:44.906798961Z 67 PC: 12d00 | Get or set file attributes (See above)
2018-12-25T12:52:44.913447624Z 62 PC: 12d04 | Close file (See above)
2018-12-25T12:52:44.918351157Z 79 PC: 12ca8 | Find next file (See above)
2018-12-25T12:52:44.920198194Z 61 PC: 12cb4 | Open file (See above)
2018-12-25T12:52:44.924280618Z 87 PC: 12cba | Get or set file date and time (See above)
2018-12-25T12:52:44.925858141Z 63 PC: 12cc7 | Read file or device (See above)
2018-12-25T12:52:44.929787292Z 66 PC: 12cda | Move file pointer (See above)
2018-12-25T12:52:44.930825581Z 64 PC: 12ce5 | Write file or device (See above)
2018-12-25T12:52:44.933117058Z 66 PC: 12ced | Move file pointer (See above)
2018-12-25T12:52:44.934093319Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T12:52:44.935837343Z 87 PC: 12cf7 | Get or set file date and time (See above)
2018-12-25T12:52:44.937550111Z 67 PC: 12d00 | Get or set file attributes (See above)
2018-12-25T12:52:44.943801294Z 62 PC: 12d04 | Close file (See above)
2018-12-25T12:52:44.948160008Z 79 PC: 12ca8 | Find next file (See above)
2018-12-25T12:52:44.950496237Z 61 PC: 12cb4 | Open file (See above)
2018-12-25T12:52:44.957625109Z 87 PC: 12cba | Get or set file date and time (See above)
2018-12-25T12:52:44.958666613Z 63 PC: 12cc7 | Read file or device (See above)
2018-12-25T12:52:44.963284267Z 66 PC: 12cda | Move file pointer (See above)
2018-12-25T12:52:44.964329675Z 64 PC: 12ce5 | Write file or device (See above)
2018-12-25T12:52:44.966080382Z 66 PC: 12ced | Move file pointer (See above)
2018-12-25T12:52:44.967695886Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T12:52:44.973028861Z 87 PC: 12cf7 | Get or set file date and time (See above)
2018-12-25T12:52:44.973978134Z 67 PC: 12d00 | Get or set file attributes (See above)
2018-12-25T12:52:44.981302184Z 62 PC: 12d04 | Close file (See above)
2018-12-25T12:52:44.985679583Z 79 PC: 12ca8 | Find next file (See above)
2018-12-25T12:52:44.987424493Z 61 PC: 12cb4 | Open file (See above)
2018-12-25T12:52:44.992170696Z 87 PC: 12cba | Get or set file date and time (See above)
2018-12-25T12:52:44.993262722Z 63 PC: 12cc7 | Read file or device (See above)
2018-12-25T12:52:44.997156189Z 66 PC: 12cda | Move file pointer (See above)
2018-12-25T12:52:44.998437354Z 64 PC: 12ce5 | Write file or device (See above)
2018-12-25T12:52:45.000275908Z 66 PC: 12ced | Move file pointer (See above)
2018-12-25T12:52:45.001266367Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T12:52:45.003535226Z 87 PC: 12cf7 | Get or set file date and time (See above)
2018-12-25T12:52:45.004639168Z 67 PC: 12d00 | Get or set file attributes (See above)
2018-12-25T12:52:45.010776112Z 62 PC: 12d04 | Close file (See above)
2018-12-25T12:52:45.020098176Z 79 PC: 12ca8 | Find next file (See above)
2018-12-25T12:52:45.022428586Z 61 PC: 12cb4 | Open file (See above)
2018-12-25T12:52:45.03306401Z 87 PC: 12cba | Get or set file date and time (See above)
2018-12-25T12:52:45.034201348Z 63 PC: 12cc7 | Read file or device (See above)
2018-12-25T12:52:45.040811084Z 66 PC: 12cda | Move file pointer (See above)
2018-12-25T12:52:45.04198472Z 64 PC: 12ce5 | Write file or device (See above)
2018-12-25T12:52:45.044347281Z 66 PC: 12ced | Move file pointer (See above)
2018-12-25T12:52:45.045736436Z 64 PC: 12c30 | Write file or device (See above)
2018-12-25T12:52:45.053932131Z 87 PC: 12cf7 | Get or set file date and time (See above)
2018-12-25T12:52:45.055307691Z 67 PC: 12d00 | Get or set file attributes (See above)
2018-12-25T12:52:45.06572435Z 62 PC: 12d04 | Close file (See above)
2018-12-25T12:52:45.072189205Z 79 PC: 12ca8 | Find next file (See above)
2018-12-25T12:52:45.074492612Z 26 PC: 12d0f | Set disk transfer address
2018-12-25T12:52:45.075541472Z 26 PC: 12a6d | Set disk transfer address
2018-12-25T12:52:45.076603487Z 71 PC: 12b54 | Get current directory
2018-12-25T12:52:45.079238143Z 78 PC: 12a7c | Find first file
2018-12-25T12:52:45.084854131Z 61 PC: 12a8f | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:52:45.09566325Z 63 PC: 12a9b | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:52:45.102091733Z 66 PC: 12abb | Move file pointer
2018-12-25T12:52:45.103361186Z 64 PC: 12ac8 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:52:45.105590362Z 66 PC: 12ad3 | Move file pointer
2018-12-25T12:52:45.106794736Z 64 PC: 12ae0 | Write file or device (Write 315 bytes on handle 5)
2018-12-25T12:52:45.115064863Z 62 PC: 12ae4 | Close file
2018-12-25T12:52:45.122900957Z 59 PC: 12aec | Change current directory
2018-12-25T12:52:45.126899251Z 59 PC: 12af6 | Change current directory
2018-12-25T12:52:45.128595031Z 42 PC: 12aff | Get date 0x12aff: mov dl, 0
0x12b01: cmp al, dl
0x12b03: jne 0x12b45
0x12b05: mov ax, cs
0x12b07: mov ds, ax
0x12b09: mov ah, 9
0x12b0b: mov dx, 0x222
0x12b0e: int 0x21
0x12b10: mov bx, 0x440d
0x12b13: mov ax, bx
0x12b15: mov bx, 0x84b
0x12b18: mov cx, bx
0x12b1a: xor bh, bh
0x12b1c: xor dx, dx
0x12b1e: int 0x21
0x12b20: mov dx, 0
0x12b23: mov cx, 2
0x12b26: mov bx, 0x311
0x12b29: mov dl, 0x80
0x12b2b: mov ax, bx
2018-12-25T12:52:45.130376723Z 26 PC: 12b49 | Set disk transfer address