Sample viewer

vx.netlux.org/Virus.DOS.Wit.Remor.1322

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:09:19.529656105Z 26 PC: 12ad9 | Set disk transfer address
2018-12-17T23:09:19.530983828Z 71 PC: 12aeb | Get current directory
2018-12-17T23:09:19.532854911Z 42 PC: 12af1 | Get date 0x12af1: cmp dh, 4
0x12af4: jne 0x12b0f
0x12af6: cmp dl, 0xf
0x12af9: jne 0x12b0f
0x12afb: mov ax, 0x1010
0x12afe: out 0x70, ax
0x12b00: mov dx, 0x507
0x12b03: mov ah, 9
0x12b05: int 0x21
0x12b07: mov ah, 8
0x12b09: int 0x21
0x12b0b: mov al, 0xfe
0x12b0d: out 0x64, al
0x12b0f: mov dx, 0x4f5
0x12b12: mov ah, byte ptr [0x5ec]
0x12b16: mov cl, 7
0x12b18: int 0x21
0x12b1a: jae 0x12b1f
0x12b1c: jmp 0x12d91
0x12b1f: mov dx, word ptr [0x52a]
2018-12-17T23:09:19.534205334Z 78 PC: 12b1a | Find first file
2018-12-17T23:09:19.538242348Z 67 PC: 12b36 | Get or set file attributes
2018-12-17T23:09:19.807894826Z 61 PC: 12b58 | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:09:19.81473423Z 63 PC: 12b74 | Read file or device (Read 1319 bytes on handle 5)
2018-12-17T23:09:19.821793157Z 66 PC: 12b9f | Move file pointer
2018-12-17T23:09:19.823316541Z 66 PC: 12bc2 | Move file pointer
2018-12-17T23:09:19.824721984Z 64 PC: 12bdd | Write file or device (Write 407 bytes on handle 5)
2018-12-17T23:09:19.833017086Z 64 PC: 12bed | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:09:19.835934567Z 66 PC: 12c33 | Move file pointer
2018-12-17T23:09:19.837673473Z 64 PC: 12c44 | Write file or device (Write 1319 bytes on handle 5)
2018-12-17T23:09:19.846545294Z 87 PC: 12c55 | Get or set file date and time
2018-12-17T23:09:19.848304132Z 67 PC: 12c67 | Get or set file attributes
2018-12-17T23:09:19.861360511Z 62 PC: 12c6d | Close file
2018-12-17T23:09:19.868798603Z 79 PC: 12b1a | Find next file
2018-12-17T23:09:19.872165428Z 67 PC: 12b36 | Get or set file attributes
2018-12-17T23:09:19.882790964Z 61 PC: 12b58 | Open file (Filename = 'PRINT.COM')
2018-12-17T23:09:19.889228757Z 63 PC: 12b74 | Read file or device (Read 1319 bytes on handle 5)
2018-12-17T23:09:19.895788368Z 66 PC: 12b9f | Move file pointer
2018-12-17T23:09:19.897236846Z 66 PC: 12bc2 | Move file pointer
2018-12-17T23:09:19.898547685Z 64 PC: 12bdd | Write file or device (Write 27 bytes on handle 5)
2018-12-17T23:09:19.901945793Z 64 PC: 12bed | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:09:19.904967552Z 66 PC: 12c33 | Move file pointer
2018-12-17T23:09:19.90662499Z 64 PC: 12c44 | Write file or device (Write 1319 bytes on handle 5)
2018-12-17T23:09:19.919362643Z 87 PC: 12c55 | Get or set file date and time
2018-12-17T23:09:19.921573793Z 67 PC: 12c67 | Get or set file attributes
2018-12-17T23:09:19.932202575Z 62 PC: 12c6d | Close file
2018-12-17T23:09:19.940059256Z 79 PC: 12b1a | Find next file
2018-12-17T23:09:19.94271406Z 67 PC: 12b36 | Get or set file attributes
2018-12-17T23:09:19.95219324Z 61 PC: 12b58 | Open file (Filename = 'HELLO.COM')
2018-12-17T23:09:19.959935565Z 63 PC: 12b74 | Read file or device (Read 1319 bytes on handle 5)
2018-12-17T23:09:19.966339854Z 66 PC: 12b9f | Move file pointer
2018-12-17T23:09:19.967960575Z 66 PC: 12bc2 | Move file pointer
2018-12-17T23:09:19.970218908Z 64 PC: 12bdd | Write file or device (Write 92 bytes on handle 5)
2018-12-17T23:09:19.973065857Z 64 PC: 12bed | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:09:19.976114734Z 66 PC: 12c33 | Move file pointer
2018-12-17T23:09:19.978551898Z 64 PC: 12c44 | Write file or device (Write 1319 bytes on handle 5)
2018-12-17T23:09:19.987473011Z 87 PC: 12c55 | Get or set file date and time
2018-12-17T23:09:19.988838229Z 67 PC: 12c67 | Get or set file attributes
2018-12-17T23:09:19.99945908Z 62 PC: 12c6d | Close file
2018-12-17T23:09:20.007173983Z 79 PC: 12b1a | Find next file
2018-12-17T23:09:20.010088103Z 67 PC: 12b36 | Get or set file attributes
2018-12-17T23:09:20.020056441Z 61 PC: 12b58 | Open file (Filename = 'PHANG.COM')
2018-12-17T23:09:20.02751448Z 63 PC: 12b74 | Read file or device (Read 1319 bytes on handle 5)
2018-12-17T23:09:20.033753745Z 66 PC: 12b9f | Move file pointer
2018-12-17T23:09:20.035043852Z 66 PC: 12bc2 | Move file pointer
2018-12-17T23:09:20.037229774Z 64 PC: 12bdd | Write file or device (Write 29 bytes on handle 5)
2018-12-17T23:09:20.039810442Z 64 PC: 12bed | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:09:20.043096937Z 66 PC: 12c33 | Move file pointer
2018-12-17T23:09:20.045478595Z 64 PC: 12c44 | Write file or device (Write 1319 bytes on handle 5)
2018-12-17T23:09:20.054402769Z 87 PC: 12c55 | Get or set file date and time
2018-12-17T23:09:20.056190191Z 67 PC: 12c67 | Get or set file attributes
2018-12-17T23:09:20.068198859Z 62 PC: 12c6d | Close file
2018-12-17T23:09:20.075308083Z 79 PC: 12b1a | Find next file
2018-12-17T23:09:20.078218816Z 67 PC: 12b36 | Get or set file attributes
2018-12-17T23:09:20.089285179Z 61 PC: 12b58 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T23:09:20.095910021Z 63 PC: 12b74 | Read file or device (Read 1319 bytes on handle 5)
2018-12-17T23:09:20.101945484Z 66 PC: 12b9f | Move file pointer
2018-12-17T23:09:20.103752853Z 66 PC: 12bc2 | Move file pointer
2018-12-17T23:09:20.104878624Z 64 PC: 12bdd | Write file or device (Write 29 bytes on handle 5)
2018-12-17T23:09:20.1067218Z 64 PC: 12bed | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:09:20.1091025Z 66 PC: 12c33 | Move file pointer
2018-12-17T23:09:20.110138902Z 64 PC: 12c44 | Write file or device (Write 1319 bytes on handle 5)
2018-12-17T23:09:20.115461346Z 87 PC: 12c55 | Get or set file date and time
2018-12-17T23:09:20.117098528Z 67 PC: 12c67 | Get or set file attributes
2018-12-17T23:09:20.124062159Z 62 PC: 12c6d | Close file
2018-12-17T23:09:20.130797672Z 78 PC: 12b1a | Find first file
2018-12-17T23:09:20.137077417Z 78 PC: 12cd2 | Find first file
2018-12-17T23:09:20.140713924Z 78 PC: 12cd2 | Find first file
2018-12-17T23:09:20.146488363Z 78 PC: 12cd2 | Find first file
2018-12-17T23:09:20.157602004Z 78 PC: 12cd2 | Find first file
2018-12-17T23:09:20.167868934Z 78 PC: 12cd2 | Find first file
2018-12-17T23:09:20.178464462Z 78 PC: 12cd2 | Find first file
2018-12-17T23:09:20.186030209Z 78 PC: 12cd2 | Find first file
2018-12-17T23:09:20.19203627Z 78 PC: 12cd2 | Find first file
2018-12-17T23:09:20.198066295Z 78 PC: 12cd2 | Find first file
2018-12-17T23:09:20.204941609Z 59 PC: 12db6 | Change current directory
2018-12-17T23:09:20.208982003Z 26 PC: 12dd3 | Set disk transfer address
2018-12-17T23:09:20.210205085Z 59 PC: 12dde | Change current directory

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16488,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:53:05.236159199Z 26 PC: 12ad9 | Set disk transfer address
2018-12-25T12:53:05.237177361Z 71 PC: 12aeb | Get current directory
2018-12-25T12:53:05.238954277Z 42 PC: 12af1 | Get date 0x12af1: cmp dh, 4
0x12af4: jne 0x12b0f
0x12af6: cmp dl, 0xf
0x12af9: jne 0x12b0f
0x12afb: mov ax, 0x1010
0x12afe: out 0x70, ax
0x12b00: mov dx, 0x507
0x12b03: mov ah, 9
0x12b05: int 0x21
0x12b07: mov ah, 8
0x12b09: int 0x21
0x12b0b: mov al, 0xfe
0x12b0d: out 0x64, al
0x12b0f: mov dx, 0x4f5
0x12b12: mov ah, byte ptr [0x5ec]
0x12b16: mov cl, 7
0x12b18: int 0x21
0x12b1a: jae 0x12b1f
0x12b1c: jmp 0x12d91
0x12b1f: mov dx, word ptr [0x52a]
2018-12-25T12:53:05.240243804Z 78 PC: 12b1a | Find first file
2018-12-25T12:53:05.244651311Z 67 PC: 12b36 | Get or set file attributes
2018-12-25T12:53:05.25670494Z 61 PC: 12b58 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:53:05.263033234Z 63 PC: 12b74 | Read file or device (Read 1319 bytes on handle 5)
2018-12-25T12:53:05.269407013Z 66 PC: 12b9f | Move file pointer
2018-12-25T12:53:05.27074936Z 66 PC: 12bc2 | Move file pointer
2018-12-25T12:53:05.272041906Z 64 PC: 12bdd | Write file or device (Write 407 bytes on handle 5)
2018-12-25T12:53:05.280200475Z 64 PC: 12bed | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:53:05.28662979Z 66 PC: 12c33 | Move file pointer
2018-12-25T12:53:05.287477181Z 64 PC: 12c44 | Write file or device (Write 1319 bytes on handle 5)
2018-12-25T12:53:05.294351733Z 87 PC: 12c55 | Get or set file date and time
2018-12-25T12:53:05.296012037Z 67 PC: 12c67 | Get or set file attributes
2018-12-25T12:53:05.306750471Z 62 PC: 12c6d | Close file
2018-12-25T12:53:05.313455808Z 79 PC: 12b1a | Find next file (See above)
2018-12-25T12:53:05.316089401Z 67 PC: 12b36 | Get or set file attributes (See above)
2018-12-25T12:53:05.326670614Z 61 PC: 12b58 | Open file (See above)
2018-12-25T12:53:05.333087232Z 63 PC: 12b74 | Read file or device (See above)
2018-12-25T12:53:05.33976603Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:53:05.341070075Z 66 PC: 12bc2 | Move file pointer (See above)
2018-12-25T12:53:05.342349589Z 64 PC: 12bdd | Write file or device (See above)
2018-12-25T12:53:05.345546849Z 64 PC: 12bed | Write file or device (See above)
2018-12-25T12:53:05.348218517Z 66 PC: 12c33 | Move file pointer (See above)
2018-12-25T12:53:05.349453353Z 64 PC: 12c44 | Write file or device (See above)
2018-12-25T12:53:05.364832323Z 87 PC: 12c55 | Get or set file date and time (See above)
2018-12-25T12:53:05.366343625Z 67 PC: 12c67 | Get or set file attributes (See above)
2018-12-25T12:53:05.376651623Z 62 PC: 12c6d | Close file (See above)
2018-12-25T12:53:05.384367407Z 79 PC: 12b1a | Find next file (See above)
2018-12-25T12:53:05.386945487Z 67 PC: 12b36 | Get or set file attributes (See above)
2018-12-25T12:53:05.396480869Z 61 PC: 12b58 | Open file (See above)
2018-12-25T12:53:05.40359603Z 63 PC: 12b74 | Read file or device (See above)
2018-12-25T12:53:05.409783708Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:53:05.411074299Z 66 PC: 12bc2 | Move file pointer (See above)
2018-12-25T12:53:05.413080562Z 64 PC: 12bdd | Write file or device (See above)
2018-12-25T12:53:05.415910405Z 64 PC: 12bed | Write file or device (See above)
2018-12-25T12:53:05.418526197Z 66 PC: 12c33 | Move file pointer (See above)
2018-12-25T12:53:05.419923283Z 64 PC: 12c44 | Write file or device (See above)
2018-12-25T12:53:05.442952833Z 87 PC: 12c55 | Get or set file date and time (See above)
2018-12-25T12:53:05.444644377Z 67 PC: 12c67 | Get or set file attributes (See above)
2018-12-25T12:53:05.455137546Z 62 PC: 12c6d | Close file (See above)
2018-12-25T12:53:05.46297964Z 79 PC: 12b1a | Find next file (See above)
2018-12-25T12:53:05.465769016Z 67 PC: 12b36 | Get or set file attributes (See above)
2018-12-25T12:53:05.475515758Z 61 PC: 12b58 | Open file (See above)
2018-12-25T12:53:05.482485901Z 63 PC: 12b74 | Read file or device (See above)
2018-12-25T12:53:05.488610053Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:53:05.489840195Z 66 PC: 12bc2 | Move file pointer (See above)
2018-12-25T12:53:05.49214752Z 64 PC: 12bdd | Write file or device (See above)
2018-12-25T12:53:05.494839465Z 64 PC: 12bed | Write file or device (See above)
2018-12-25T12:53:05.497936775Z 66 PC: 12c33 | Move file pointer (See above)
2018-12-25T12:53:05.499842241Z 64 PC: 12c44 | Write file or device (See above)
2018-12-25T12:53:05.505513655Z 87 PC: 12c55 | Get or set file date and time (See above)
2018-12-25T12:53:05.506654189Z 67 PC: 12c67 | Get or set file attributes (See above)
2018-12-25T12:53:05.514444083Z 62 PC: 12c6d | Close file (See above)
2018-12-25T12:53:05.519034593Z 79 PC: 12b1a | Find next file (See above)
2018-12-25T12:53:05.520983057Z 67 PC: 12b36 | Get or set file attributes (See above)
2018-12-25T12:53:05.527850457Z 61 PC: 12b58 | Open file (See above)
2018-12-25T12:53:05.531968741Z 63 PC: 12b74 | Read file or device (See above)
2018-12-25T12:53:05.536077508Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:53:05.537747293Z 66 PC: 12bc2 | Move file pointer (See above)
2018-12-25T12:53:05.538848735Z 64 PC: 12bdd | Write file or device (See above)
2018-12-25T12:53:05.540650726Z 64 PC: 12bed | Write file or device (See above)
2018-12-25T12:53:05.543037646Z 66 PC: 12c33 | Move file pointer (See above)
2018-12-25T12:53:05.544114236Z 64 PC: 12c44 | Write file or device (See above)
2018-12-25T12:53:05.549731477Z 87 PC: 12c55 | Get or set file date and time (See above)
2018-12-25T12:53:05.551393164Z 67 PC: 12c67 | Get or set file attributes (See above)
2018-12-25T12:53:05.55800191Z 62 PC: 12c6d | Close file (See above)
2018-12-25T12:53:05.564126544Z 78 PC: 12b1a | Find first file (See above)
2018-12-25T12:53:05.570908079Z 78 PC: 12cd2 | Find first file
2018-12-25T12:53:05.577724568Z 78 PC: 12cd2 | Find first file (See above)
2018-12-25T12:53:05.581080143Z 78 PC: 12cd2 | Find first file (See above)
2018-12-25T12:53:05.584984466Z 78 PC: 12cd2 | Find first file (See above)
2018-12-25T12:53:05.58848461Z 78 PC: 12cd2 | Find first file (See above)
2018-12-25T12:53:05.593141978Z 78 PC: 12cd2 | Find first file (See above)
2018-12-25T12:53:05.603834349Z 78 PC: 12cd2 | Find first file (See above)
2018-12-25T12:53:05.615412942Z 78 PC: 12cd2 | Find first file (See above)
2018-12-25T12:53:05.626258088Z 78 PC: 12cd2 | Find first file (See above)
2018-12-25T12:53:05.637463183Z 59 PC: 12db6 | Change current directory
2018-12-25T12:53:05.642463102Z 26 PC: 12dd3 | Set disk transfer address
2018-12-25T12:53:05.643721022Z 59 PC: 12dde | Change current directory

{"DateBased":true,"Day":1,"Month":4,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16488,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:53:05.519521622Z 26 PC: 12ad9 | Set disk transfer address
2018-12-25T12:53:05.520875721Z 71 PC: 12aeb | Get current directory
2018-12-25T12:53:05.523675081Z 42 PC: 12af1 | Get date 0x12af1: cmp dh, 4
0x12af4: jne 0x12b0f
0x12af6: cmp dl, 0xf
0x12af9: jne 0x12b0f
0x12afb: mov ax, 0x1010
0x12afe: out 0x70, ax
0x12b00: mov dx, 0x507
0x12b03: mov ah, 9
0x12b05: int 0x21
0x12b07: mov ah, 8
0x12b09: int 0x21
0x12b0b: mov al, 0xfe
0x12b0d: out 0x64, al
0x12b0f: mov dx, 0x4f5
0x12b12: mov ah, byte ptr [0x5ec]
0x12b16: mov cl, 7
0x12b18: int 0x21
0x12b1a: jae 0x12b1f
0x12b1c: jmp 0x12d91
0x12b1f: mov dx, word ptr [0x52a]
2018-12-25T12:53:05.525719048Z 78 PC: 12b1a | Find first file
2018-12-25T12:53:05.531796367Z 67 PC: 12b36 | Get or set file attributes
2018-12-25T12:53:05.547818067Z 61 PC: 12b58 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:53:05.554196354Z 63 PC: 12b74 | Read file or device (Read 1319 bytes on handle 5)
2018-12-25T12:53:05.560640161Z 66 PC: 12b9f | Move file pointer
2018-12-25T12:53:05.561941263Z 66 PC: 12bc2 | Move file pointer
2018-12-25T12:53:05.563193792Z 64 PC: 12bdd | Write file or device (Write 407 bytes on handle 5)
2018-12-25T12:53:05.570928696Z 64 PC: 12bed | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:53:05.573697457Z 66 PC: 12c33 | Move file pointer
2018-12-25T12:53:05.574849021Z 64 PC: 12c44 | Write file or device (Write 1319 bytes on handle 5)
2018-12-25T12:53:05.583391361Z 87 PC: 12c55 | Get or set file date and time
2018-12-25T12:53:05.585080698Z 67 PC: 12c67 | Get or set file attributes
2018-12-25T12:53:05.595552227Z 62 PC: 12c6d | Close file
2018-12-25T12:53:05.603628962Z 79 PC: 12b1a | Find next file (See above)
2018-12-25T12:53:05.606777677Z 67 PC: 12b36 | Get or set file attributes (See above)
2018-12-25T12:53:05.616560324Z 61 PC: 12b58 | Open file (See above)
2018-12-25T12:53:05.622934577Z 63 PC: 12b74 | Read file or device (See above)
2018-12-25T12:53:05.629469732Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:53:05.630770595Z 66 PC: 12bc2 | Move file pointer (See above)
2018-12-25T12:53:05.631984457Z 64 PC: 12bdd | Write file or device (See above)
2018-12-25T12:53:05.634906828Z 64 PC: 12bed | Write file or device (See above)
2018-12-25T12:53:05.637538194Z 66 PC: 12c33 | Move file pointer (See above)
2018-12-25T12:53:05.638798603Z 64 PC: 12c44 | Write file or device (See above)
2018-12-25T12:53:05.652024979Z 87 PC: 12c55 | Get or set file date and time (See above)
2018-12-25T12:53:05.65366689Z 67 PC: 12c67 | Get or set file attributes (See above)
2018-12-25T12:53:05.66414272Z 62 PC: 12c6d | Close file (See above)
2018-12-25T12:53:05.668986284Z 79 PC: 12b1a | Find next file (See above)
2018-12-25T12:53:05.670774698Z 67 PC: 12b36 | Get or set file attributes (See above)
2018-12-25T12:53:05.676804699Z 61 PC: 12b58 | Open file (See above)
2018-12-25T12:53:05.683499168Z 63 PC: 12b74 | Read file or device (See above)
2018-12-25T12:53:05.687461908Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:53:05.688410465Z 66 PC: 12bc2 | Move file pointer (See above)
2018-12-25T12:53:05.690091676Z 64 PC: 12bdd | Write file or device (See above)
2018-12-25T12:53:05.692625612Z 64 PC: 12bed | Write file or device (See above)
2018-12-25T12:53:05.695130777Z 66 PC: 12c33 | Move file pointer (See above)
2018-12-25T12:53:05.696546711Z 64 PC: 12c44 | Write file or device (See above)
2018-12-25T12:53:05.704359872Z 87 PC: 12c55 | Get or set file date and time (See above)
2018-12-25T12:53:05.705685182Z 67 PC: 12c67 | Get or set file attributes (See above)
2018-12-25T12:53:05.716252144Z 62 PC: 12c6d | Close file (See above)
2018-12-25T12:53:05.72510052Z 79 PC: 12b1a | Find next file (See above)
2018-12-25T12:53:05.728205577Z 67 PC: 12b36 | Get or set file attributes (See above)
2018-12-25T12:53:05.737885755Z 61 PC: 12b58 | Open file (See above)
2018-12-25T12:53:05.74403136Z 63 PC: 12b74 | Read file or device (See above)
2018-12-25T12:53:05.749934875Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:53:05.751854635Z 66 PC: 12bc2 | Move file pointer (See above)
2018-12-25T12:53:05.753035617Z 64 PC: 12bdd | Write file or device (See above)
2018-12-25T12:53:05.755964716Z 64 PC: 12bed | Write file or device (See above)
2018-12-25T12:53:05.759089576Z 66 PC: 12c33 | Move file pointer (See above)
2018-12-25T12:53:05.76028859Z 64 PC: 12c44 | Write file or device (See above)
2018-12-25T12:53:05.775187983Z 87 PC: 12c55 | Get or set file date and time (See above)
2018-12-25T12:53:05.77711804Z 67 PC: 12c67 | Get or set file attributes (See above)
2018-12-25T12:53:05.787366227Z 62 PC: 12c6d | Close file (See above)
2018-12-25T12:53:05.794425421Z 79 PC: 12b1a | Find next file (See above)
2018-12-25T12:53:05.797284296Z 67 PC: 12b36 | Get or set file attributes (See above)
2018-12-25T12:53:05.807033718Z 61 PC: 12b58 | Open file (See above)
2018-12-25T12:53:05.813783606Z 63 PC: 12b74 | Read file or device (See above)
2018-12-25T12:53:05.820786739Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:53:05.822150494Z 66 PC: 12bc2 | Move file pointer (See above)
2018-12-25T12:53:05.823389529Z 64 PC: 12bdd | Write file or device (See above)
2018-12-25T12:53:05.82773118Z 64 PC: 12bed | Write file or device (See above)
2018-12-25T12:53:05.830466029Z 66 PC: 12c33 | Move file pointer (See above)
2018-12-25T12:53:05.831661866Z 64 PC: 12c44 | Write file or device (See above)
2018-12-25T12:53:05.840491755Z 87 PC: 12c55 | Get or set file date and time (See above)
2018-12-25T12:53:05.841828374Z 67 PC: 12c67 | Get or set file attributes (See above)
2018-12-25T12:53:05.852019115Z 62 PC: 12c6d | Close file (See above)
2018-12-25T12:53:05.859558073Z 78 PC: 12b1a | Find first file (See above)
2018-12-25T12:53:05.865554833Z 78 PC: 12cd2 | Find first file
2018-12-25T12:53:05.8710073Z 78 PC: 12cd2 | Find first file (See above)
2018-12-25T12:53:05.876835621Z 78 PC: 12cd2 | Find first file (See above)
2018-12-25T12:53:05.882351288Z 78 PC: 12cd2 | Find first file (See above)
2018-12-25T12:53:05.892809594Z 78 PC: 12cd2 | Find first file (See above)
2018-12-25T12:53:05.903599088Z 78 PC: 12cd2 | Find first file (See above)
2018-12-25T12:53:05.913847232Z 78 PC: 12cd2 | Find first file (See above)
2018-12-25T12:53:05.920086022Z 78 PC: 12cd2 | Find first file (See above)
2018-12-25T12:53:05.934431548Z 78 PC: 12cd2 | Find first file (See above)
2018-12-25T12:53:05.940134054Z 59 PC: 12db6 | Change current directory
2018-12-25T12:53:05.944180627Z 26 PC: 12dd3 | Set disk transfer address
2018-12-25T12:53:05.945579255Z 59 PC: 12dde | Change current directory

{"DateBased":true,"Day":15,"Month":4,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16488,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:53:05.772764164Z 26 PC: 12ad9 | Set disk transfer address
2018-12-25T12:53:05.775000622Z 71 PC: 12aeb | Get current directory
2018-12-25T12:53:05.780014464Z 42 PC: 12af1 | Get date 0x12af1: cmp dh, 4
0x12af4: jne 0x12b0f
0x12af6: cmp dl, 0xf
0x12af9: jne 0x12b0f
0x12afb: mov ax, 0x1010
0x12afe: out 0x70, ax
0x12b00: mov dx, 0x507
0x12b03: mov ah, 9
0x12b05: int 0x21
0x12b07: mov ah, 8
0x12b09: int 0x21
0x12b0b: mov al, 0xfe
0x12b0d: out 0x64, al
0x12b0f: mov dx, 0x4f5
0x12b12: mov ah, byte ptr [0x5ec]
0x12b16: mov cl, 7
0x12b18: int 0x21
0x12b1a: jae 0x12b1f
0x12b1c: jmp 0x12d91
0x12b1f: mov dx, word ptr [0x52a]
2018-12-25T12:53:05.78295584Z 9 PC: 12b07 | Display string (String= '��ࠡ���� - rulez forever ! ')
2018-12-25T12:53:05.788241923Z 8 PC: 12b0b | Console input without echo