Sample viewer

vx.netlux.org/Virus.DOS.HLLP.Heth.3837

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:11:41.122928658Z	53	PC: 130ba \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:11:41.125673369Z	53	PC: 130ba \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:11:41.127544472Z	53	PC: 130ba \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:11:41.129464752Z	53	PC: 130ba \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:11:41.132195265Z	53	PC: 130ba \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:11:41.133717148Z	53	PC: 130ba \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:11:41.135245991Z	53	PC: 130ba \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:11:41.137210326Z	53	PC: 130ba \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:11:41.138615356Z	53	PC: 130ba \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:11:41.139984523Z	53	PC: 130ba \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:11:41.142437151Z	53	PC: 130ba \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:11:41.143682862Z	53	PC: 130ba \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:11:41.144910241Z	53	PC: 130ba \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:11:41.146142985Z	53	PC: 130ba \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:11:41.148076648Z	53	PC: 130ba \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:11:41.149388774Z	53	PC: 130ba \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:11:41.150722633Z	53	PC: 130ba \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:11:41.15302365Z	53	PC: 130ba \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:11:41.154495699Z	53	PC: 130ba \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:11:41.15611438Z	37	PC: 130cf \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:11:41.159298257Z	37	PC: 130d7 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:11:41.160560181Z	37	PC: 130df \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:11:41.162192012Z	37	PC: 130e7 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:11:41.164811507Z	68	PC: 139ee \| I/O control for devices (Set for = '&�}')
2018-12-17T23:11:41.166460082Z	42	PC: 12a4d \| Get date 0x12a4d: cmp cx, 0x7cb 0x12a51: jbe 0x12a84 0x12a53: in al, 0x40 0x12a55: xchg ax, cx 0x12a56: and cx, 0xff 0x12a5a: inc cx 0x12a5b: cld 0x12a5c: lea si, word ptr [0x24] 0x12a60: lodsb al, byte ptr [si] 0x12a61: cmp al, 0x24 0x12a63: jne 0x12a60 0x12a65: cmp byte ptr [si], 0 0x12a68: jne 0x12a6e 0x12a6a: lea si, word ptr [0x24] 0x12a6e: loop 0x12a60 0x12a70: mov dx, si 0x12a72: mov ah, 9 0x12a74: int 0x21 0x12a76: mov ax, 0xe0d 0x12a79: int 0x10
2018-12-17T23:11:41.168974226Z	9	PC: 12a76 \| Display string (String= 'Formating drive C:...')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17273,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:55:18.399769097Z	53	PC: 130ba \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-25T12:55:18.401358863Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.402668727Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.403877667Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.406026244Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.407247294Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.408724348Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.41028379Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.4119608Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.413418171Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.414819337Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.428888901Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.430431951Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.431789798Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.433729116Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.436102224Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.437528342Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.439387913Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.440630061Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.441808968Z	37	PC: 130cf \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-25T12:55:18.443347154Z	37	PC: 130d7 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-25T12:55:18.445219306Z	37	PC: 130df \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:55:18.447291161Z	37	PC: 130e7 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-25T12:55:18.457972539Z	68	PC: 139ee \| I/O control for devices (Set for = '&�}')
2018-12-25T12:55:18.459833267Z	42	PC: 12a4d \| Get date 0x12a4d: cmp cx, 0x7cb 0x12a51: jbe 0x12a84 0x12a53: in al, 0x40 0x12a55: xchg ax, cx 0x12a56: and cx, 0xff 0x12a5a: inc cx 0x12a5b: cld 0x12a5c: lea si, word ptr [0x24] 0x12a60: lodsb al, byte ptr [si] 0x12a61: cmp al, 0x24 0x12a63: jne 0x12a60 0x12a65: cmp byte ptr [si], 0 0x12a68: jne 0x12a6e 0x12a6a: lea si, word ptr [0x24] 0x12a6e: loop 0x12a60 0x12a70: mov dx, si 0x12a72: mov ah, 9 0x12a74: int 0x21 0x12a76: mov ax, 0xe0d 0x12a79: int 0x10
2018-12-25T12:55:18.462334375Z	48	PC: 12df6 \| Get DOS version
2018-12-25T12:55:18.464054256Z	67	PC: 12f12 \| Get or set file attributes
2018-12-25T12:55:18.47069015Z	67	PC: 12f01 \| Get or set file attributes
2018-12-25T12:55:18.488932293Z	61	PC: 12ed7 \| Open file (Filename = 'A:\TEST.EXE')
2018-12-25T12:55:18.496326059Z	63	PC: 12eed \| Read file or device (Read 3837 bytes on handle 5)
2018-12-25T12:55:18.505393133Z	66	PC: 12f48 \| Move file pointer
2018-12-25T12:55:18.506872436Z	66	PC: 12f2f \| Move file pointer
2018-12-25T12:55:18.508300234Z	63	PC: 12eed \| Read file or device (See above)
2018-12-25T12:55:18.517329468Z	66	PC: 12f2f \| Move file pointer (See above)
2018-12-25T12:55:18.51919918Z	87	PC: 12d9b \| Get or set file date and time
2018-12-25T12:55:18.521118241Z	64	PC: 12eb6 \| Write file or device (Write 3837 bytes on handle 5)
2018-12-25T12:55:18.530520629Z	87	PC: 12db0 \| Get or set file date and time
2018-12-25T12:55:18.53170779Z	62	PC: 12ec5 \| Close file
2018-12-25T12:55:18.538094377Z	67	PC: 12f01 \| Get or set file attributes (See above)
2018-12-25T12:55:18.54955039Z	53	PC: 1302a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-25T12:55:18.55075952Z	37	PC: 13033 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-25T12:55:18.551740154Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.553065841Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.554198979Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.555269292Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.556629111Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.558011489Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.559252075Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.560690597Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.562125482Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.563323722Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.564352534Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.5657965Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.567086443Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.56841776Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.571383058Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.572657743Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.573889292Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.576054918Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.577242735Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.578472583Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.580057065Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.581176328Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.582187457Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.583986401Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.585336423Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.586730918Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.588486641Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.589827922Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.591114497Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.592928527Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.594266674Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.595587381Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.597795225Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.599161926Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.600374241Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.601729142Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.603367096Z	41	PC: 12fe1 \| Parse filename
2018-12-25T12:55:18.604957718Z	41	PC: 12fef \| Parse filename
2018-12-25T12:55:18.606620298Z	75	PC: 12ffa \| Execute program
2018-12-25T12:55:18.625065332Z	76	PC: 18be0 \| Terminate with return code (Return code = '0')
2018-12-25T12:55:18.628033409Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.629063503Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.630700257Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.631880181Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.633035356Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.634894344Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.636229165Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.637472762Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.646829084Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.648072592Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.649227015Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.660400777Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.661577952Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.662613498Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.664322972Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.666201507Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.667907706Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.6762246Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.67747465Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.67879826Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.681797329Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.683049598Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.684246268Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.686540031Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.688277158Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.689985027Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.692113421Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.693677615Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.694873618Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.69649884Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.697628763Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.698682143Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.700525414Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.702204282Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.703727098Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.706115183Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.707546277Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.708798157Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.710433048Z	67	PC: 12f01 \| Get or set file attributes (See above)
2018-12-25T12:55:18.724891781Z	61	PC: 12ed7 \| Open file (See above)
2018-12-25T12:55:18.733350686Z	64	PC: 12eb6 \| Write file or device (See above)
2018-12-25T12:55:18.742627199Z	87	PC: 12db0 \| Get or set file date and time (See above)
2018-12-25T12:55:18.745071744Z	62	PC: 12ec5 \| Close file (See above)
2018-12-25T12:55:18.753307998Z	67	PC: 12f01 \| Get or set file attributes (See above)
2018-12-25T12:55:18.764758782Z	47	PC: 12e4c \| Get disk transfer address
2018-12-25T12:55:18.765933432Z	26	PC: 12e55 \| Set disk transfer address
2018-12-25T12:55:18.766974132Z	78	PC: 12e5f \| Find first file
2018-12-25T12:55:18.773416709Z	26	PC: 12e67 \| Set disk transfer address
2018-12-25T12:55:18.775356539Z	67	PC: 12f01 \| Get or set file attributes (See above)
2018-12-25T12:55:18.785829112Z	61	PC: 12ed7 \| Open file (See above)
2018-12-25T12:55:18.79353769Z	66	PC: 12f2f \| Move file pointer (See above)
2018-12-25T12:55:18.796096389Z	63	PC: 12eed \| Read file or device (See above)
2018-12-25T12:55:18.803655468Z	87	PC: 12db0 \| Get or set file date and time (See above)
2018-12-25T12:55:18.805387191Z	62	PC: 12ec5 \| Close file (See above)
2018-12-25T12:55:18.813669784Z	67	PC: 12f01 \| Get or set file attributes (See above)
2018-12-25T12:55:18.828700053Z	47	PC: 12e83 \| Get disk transfer address
2018-12-25T12:55:18.829779903Z	26	PC: 12e8c \| Set disk transfer address
2018-12-25T12:55:18.83134841Z	79	PC: 12e90 \| Find next file
2018-12-25T12:55:18.833849112Z	26	PC: 12e98 \| Set disk transfer address
2018-12-25T12:55:18.835552031Z	64	PC: 136e0 \| Write file or device (Write 0 bytes on handle 1)
2018-12-25T12:55:18.837563209Z	37	PC: 13211 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-25T12:55:18.838686048Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.839694272Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.841893411Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.843013682Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.844134144Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.84653728Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.847680062Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.848705013Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.85050995Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.852075946Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.853618301Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.855812905Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.856985313Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.858165003Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.859968872Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.861111573Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.862199893Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.86389252Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.865022456Z	76	PC: 13250 \| Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1995,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17273,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:55:18.616891684Z	53	PC: 130ba \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-25T12:55:18.618254799Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.619285396Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.620277239Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.621920325Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.622893975Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.62384169Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.63361212Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.634641873Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.635587177Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.63689537Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.637932266Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.638882134Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.6399212Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.640972475Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.641928614Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.643027514Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.644245176Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.645219821Z	53	PC: 130ba \| Get interrupt vector (See above)
2018-12-25T12:55:18.646302838Z	37	PC: 130cf \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-25T12:55:18.647330858Z	37	PC: 130d7 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-25T12:55:18.64806255Z	37	PC: 130df \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:55:18.648975626Z	37	PC: 130e7 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-25T12:55:18.650418274Z	68	PC: 139ee \| I/O control for devices (Set for = '&�}')
2018-12-25T12:55:18.651281276Z	42	PC: 12a4d \| Get date 0x12a4d: cmp cx, 0x7cb 0x12a51: jbe 0x12a84 0x12a53: in al, 0x40 0x12a55: xchg ax, cx 0x12a56: and cx, 0xff 0x12a5a: inc cx 0x12a5b: cld 0x12a5c: lea si, word ptr [0x24] 0x12a60: lodsb al, byte ptr [si] 0x12a61: cmp al, 0x24 0x12a63: jne 0x12a60 0x12a65: cmp byte ptr [si], 0 0x12a68: jne 0x12a6e 0x12a6a: lea si, word ptr [0x24] 0x12a6e: loop 0x12a60 0x12a70: mov dx, si 0x12a72: mov ah, 9 0x12a74: int 0x21 0x12a76: mov ax, 0xe0d 0x12a79: int 0x10
2018-12-25T12:55:18.65296872Z	48	PC: 12df6 \| Get DOS version
2018-12-25T12:55:18.654117601Z	67	PC: 12f12 \| Get or set file attributes
2018-12-25T12:55:18.657951522Z	67	PC: 12f01 \| Get or set file attributes
2018-12-25T12:55:18.671187587Z	61	PC: 12ed7 \| Open file (Filename = 'A:\TEST.EXE')
2018-12-25T12:55:18.675450687Z	63	PC: 12eed \| Read file or device (Read 3837 bytes on handle 5)
2018-12-25T12:55:18.679970698Z	66	PC: 12f48 \| Move file pointer
2018-12-25T12:55:18.680946885Z	66	PC: 12f2f \| Move file pointer
2018-12-25T12:55:18.682020287Z	63	PC: 12eed \| Read file or device (See above)
2018-12-25T12:55:18.686491825Z	66	PC: 12f2f \| Move file pointer (See above)
2018-12-25T12:55:18.687467401Z	87	PC: 12d9b \| Get or set file date and time
2018-12-25T12:55:18.688573766Z	64	PC: 12eb6 \| Write file or device (Write 3837 bytes on handle 5)
2018-12-25T12:55:18.695074354Z	87	PC: 12db0 \| Get or set file date and time
2018-12-25T12:55:18.696092376Z	62	PC: 12ec5 \| Close file
2018-12-25T12:55:18.700808507Z	67	PC: 12f01 \| Get or set file attributes (See above)
2018-12-25T12:55:18.722657167Z	53	PC: 1302a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-25T12:55:18.723781323Z	37	PC: 13033 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-25T12:55:18.725274122Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.726649886Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.728171754Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.729667554Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.730847303Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.732406088Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.734435651Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.74050782Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.74189329Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.744000502Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.7453193Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.746696792Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.74851006Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.749572995Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.750607413Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.752395775Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.753344397Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.754205728Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.755694511Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.756690684Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.757511243Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.759355759Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.760197673Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.761056667Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.762677153Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.763652619Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.764480906Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.766558242Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.767560258Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.768601794Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.770017529Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.771016247Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.771854712Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.773197903Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.774145626Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.775031433Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.776357507Z	41	PC: 12fe1 \| Parse filename
2018-12-25T12:55:18.777545328Z	41	PC: 12fef \| Parse filename
2018-12-25T12:55:18.778672475Z	75	PC: 12ffa \| Execute program
2018-12-25T12:55:18.794820333Z	76	PC: 18be0 \| Terminate with return code (Return code = '0')
2018-12-25T12:55:18.797558102Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.798433596Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.800274859Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.801542943Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.802787345Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.804394766Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.805399764Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.806447233Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.808037045Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.809393392Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.81069293Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.812632347Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.813817956Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.815080481Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.816839915Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.817743578Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.818605056Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.820166117Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.821376659Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.822643639Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.824475407Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.825914578Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.82686856Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.828344946Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.82930284Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.830170599Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.832239691Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.833214582Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.834044295Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.835702933Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.836661447Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.837545961Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.839094836Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.840049406Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.840905483Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.842785475Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.844166841Z	53	PC: 1302a \| Get interrupt vector (See above)
2018-12-25T12:55:18.845138524Z	37	PC: 13033 \| Set interrupt vector (See above)
2018-12-25T12:55:18.846881776Z	67	PC: 12f01 \| Get or set file attributes (See above)
2018-12-25T12:55:18.857052007Z	61	PC: 12ed7 \| Open file (See above)
2018-12-25T12:55:18.863293817Z	64	PC: 12eb6 \| Write file or device (See above)
2018-12-25T12:55:18.871564123Z	87	PC: 12db0 \| Get or set file date and time (See above)
2018-12-25T12:55:18.873253725Z	62	PC: 12ec5 \| Close file (See above)
2018-12-25T12:55:18.880570237Z	67	PC: 12f01 \| Get or set file attributes (See above)
2018-12-25T12:55:18.891379203Z	47	PC: 12e4c \| Get disk transfer address
2018-12-25T12:55:18.892307931Z	26	PC: 12e55 \| Set disk transfer address
2018-12-25T12:55:18.893206115Z	78	PC: 12e5f \| Find first file
2018-12-25T12:55:18.899733205Z	26	PC: 12e67 \| Set disk transfer address
2018-12-25T12:55:18.901009647Z	67	PC: 12f01 \| Get or set file attributes (See above)
2018-12-25T12:55:18.913000019Z	61	PC: 12ed7 \| Open file (See above)
2018-12-25T12:55:18.921020379Z	66	PC: 12f2f \| Move file pointer (See above)
2018-12-25T12:55:18.922222452Z	63	PC: 12eed \| Read file or device (See above)
2018-12-25T12:55:18.92830987Z	87	PC: 12db0 \| Get or set file date and time (See above)
2018-12-25T12:55:18.930258349Z	62	PC: 12ec5 \| Close file (See above)
2018-12-25T12:55:18.9373383Z	67	PC: 12f01 \| Get or set file attributes (See above)
2018-12-25T12:55:18.947116684Z	47	PC: 12e83 \| Get disk transfer address
2018-12-25T12:55:18.948513448Z	26	PC: 12e8c \| Set disk transfer address
2018-12-25T12:55:18.94950913Z	79	PC: 12e90 \| Find next file
2018-12-25T12:55:18.951714529Z	26	PC: 12e98 \| Set disk transfer address
2018-12-25T12:55:18.953789988Z	64	PC: 136e0 \| Write file or device (Write 0 bytes on handle 1)
2018-12-25T12:55:18.955340739Z	37	PC: 13211 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-25T12:55:18.956283551Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.957839335Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.959237019Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.960511314Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.962366945Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.963574607Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.965153202Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.967348334Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.968289699Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.969225577Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.970900641Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.971823429Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.97275696Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.974469982Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.975380722Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.976409085Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.977746978Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.978741678Z	37	PC: 13211 \| Set interrupt vector (See above)
2018-12-25T12:55:18.97988114Z	76	PC: 13250 \| Terminate with return code (Return code = '0')