Sample viewer

vx.netlux.org/Virus.DOS.Ohlala.1960

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:12:54.747343463Z	26	PC: 12eb4 \| Set disk transfer address
2018-12-17T23:12:54.750207049Z	71	PC: 12ec2 \| Get current directory
2018-12-17T23:12:54.754444571Z	78	PC: 133d3 \| Find first file
2018-12-17T23:12:54.760599322Z	78	PC: 133f2 \| Find first file
2018-12-17T23:12:54.771441249Z	78	PC: 12edd \| Find first file
2018-12-17T23:12:54.778718148Z	67	PC: 13371 \| Get or set file attributes
2018-12-17T23:12:54.790713271Z	67	PC: 1337d \| Get or set file attributes
2018-12-17T23:12:54.812791114Z	61	PC: 131e5 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T23:12:54.822041698Z	66	PC: 131ef \| Move file pointer
2018-12-17T23:12:54.824266578Z	66	PC: 13225 \| Move file pointer
2018-12-17T23:12:54.826394066Z	63	PC: 13232 \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T23:12:54.833165659Z	87	PC: 13391 \| Get or set file date and time
2018-12-17T23:12:54.834524586Z	66	PC: 131cf \| Move file pointer
2018-12-17T23:12:54.836133148Z	63	PC: 131d9 \| Read file or device (Read 256 bytes on handle 5)
2018-12-17T23:12:54.83867149Z	66	PC: 12f15 \| Move file pointer
2018-12-17T23:12:54.84040115Z	63	PC: 12f1f \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:12:54.842220589Z	66	PC: 12f28 \| Move file pointer
2018-12-17T23:12:54.843897751Z	64	PC: 12f38 \| Write file or device (Write 1 bytes on handle 5)
2018-12-17T23:12:54.846352728Z	64	PC: 12f43 \| Write file or device (Write 2 bytes on handle 5)
2018-12-17T23:12:54.848818096Z	66	PC: 12f57 \| Move file pointer
2018-12-17T23:12:54.850602386Z	64	PC: 12f6b \| Write file or device (Write 1958 bytes on handle 5)
2018-12-17T23:12:54.857619945Z	64	PC: 13422 \| Write file or device (Write 2 bytes on handle 5)
2018-12-17T23:12:54.859769855Z	87	PC: 133ab \| Get or set file date and time
2018-12-17T23:12:54.861389915Z	62	PC: 12f75 \| Close file
2018-12-17T23:12:54.866887324Z	67	PC: 1338b \| Get or set file attributes
2018-12-17T23:12:54.8857862Z	79	PC: 12edd \| Find next file
2018-12-17T23:12:54.8901998Z	67	PC: 13371 \| Get or set file attributes
2018-12-17T23:12:54.896530004Z	67	PC: 1337d \| Get or set file attributes
2018-12-17T23:12:54.907858887Z	61	PC: 131e5 \| Open file (Filename = 'PRINT.COM')
2018-12-17T23:12:54.917203517Z	66	PC: 131ef \| Move file pointer
2018-12-17T23:12:54.919035386Z	62	PC: 13242 \| Close file
2018-12-17T23:12:54.921160639Z	67	PC: 1338b \| Get or set file attributes
2018-12-17T23:12:54.935915755Z	79	PC: 12edd \| Find next file
2018-12-17T23:12:54.939052304Z	67	PC: 13371 \| Get or set file attributes
2018-12-17T23:12:54.95232885Z	67	PC: 1337d \| Get or set file attributes
2018-12-17T23:12:54.966993813Z	61	PC: 131e5 \| Open file (Filename = 'HELLO.COM')
2018-12-17T23:12:54.971667304Z	66	PC: 131ef \| Move file pointer
2018-12-17T23:12:54.973146837Z	62	PC: 13242 \| Close file
2018-12-17T23:12:54.975638671Z	67	PC: 1338b \| Get or set file attributes
2018-12-17T23:12:54.984217496Z	79	PC: 12edd \| Find next file
2018-12-17T23:12:54.987408025Z	67	PC: 13371 \| Get or set file attributes
2018-12-17T23:12:54.993711343Z	67	PC: 1337d \| Get or set file attributes
2018-12-17T23:12:55.00811825Z	61	PC: 131e5 \| Open file (Filename = 'PHANG.COM')
2018-12-17T23:12:55.016331141Z	66	PC: 131ef \| Move file pointer
2018-12-17T23:12:55.018006996Z	62	PC: 13242 \| Close file
2018-12-17T23:12:55.020699807Z	67	PC: 1338b \| Get or set file attributes
2018-12-17T23:12:55.031717593Z	79	PC: 12edd \| Find next file
2018-12-17T23:12:55.035040847Z	67	PC: 13371 \| Get or set file attributes
2018-12-17T23:12:55.042385052Z	67	PC: 1337d \| Get or set file attributes
2018-12-17T23:12:55.053653058Z	61	PC: 131e5 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T23:12:55.061449887Z	66	PC: 131ef \| Move file pointer
2018-12-17T23:12:55.064441897Z	62	PC: 13242 \| Close file
2018-12-17T23:12:55.067167044Z	67	PC: 1338b \| Get or set file attributes
2018-12-17T23:12:55.078968419Z	79	PC: 12edd \| Find next file
2018-12-17T23:12:55.082295593Z	67	PC: 13371 \| Get or set file attributes
2018-12-17T23:12:55.08924541Z	67	PC: 1337d \| Get or set file attributes
2018-12-17T23:12:55.100326575Z	61	PC: 131e5 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T23:12:55.10818658Z	66	PC: 131ef \| Move file pointer
2018-12-17T23:12:55.111474866Z	66	PC: 13225 \| Move file pointer
2018-12-17T23:12:55.113325487Z	63	PC: 13232 \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T23:12:55.120862407Z	87	PC: 13391 \| Get or set file date and time
2018-12-17T23:12:55.123236247Z	66	PC: 131cf \| Move file pointer
2018-12-17T23:12:55.124867525Z	63	PC: 131d9 \| Read file or device (Read 256 bytes on handle 5)
2018-12-17T23:12:55.127588369Z	66	PC: 12f15 \| Move file pointer
2018-12-17T23:12:55.130131364Z	63	PC: 12f1f \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:12:55.132854098Z	66	PC: 12f28 \| Move file pointer
2018-12-17T23:12:55.134312702Z	64	PC: 12f38 \| Write file or device (Write 1 bytes on handle 5)
2018-12-17T23:12:55.137764128Z	64	PC: 12f43 \| Write file or device (Write 2 bytes on handle 5)
2018-12-17T23:12:55.140595049Z	66	PC: 12f57 \| Move file pointer
2018-12-17T23:12:55.142164256Z	64	PC: 12f6b \| Write file or device (Write 1958 bytes on handle 5)
2018-12-17T23:12:55.368709059Z	64	PC: 13422 \| Write file or device (Write 2 bytes on handle 5)
2018-12-17T23:12:55.371936684Z	87	PC: 133ab \| Get or set file date and time
2018-12-17T23:12:55.373751403Z	62	PC: 12f75 \| Close file
2018-12-17T23:12:55.758905666Z	67	PC: 1338b \| Get or set file attributes
2018-12-17T23:12:55.777645049Z	79	PC: 12edd \| Find next file
2018-12-17T23:12:55.780905913Z	67	PC: 13371 \| Get or set file attributes
2018-12-17T23:12:55.787531147Z	67	PC: 1337d \| Get or set file attributes
2018-12-17T23:12:55.799110309Z	61	PC: 131e5 \| Open file (Filename = 'PAH.COM')
2018-12-17T23:12:55.812667228Z	66	PC: 131ef \| Move file pointer
2018-12-17T23:12:55.81455561Z	62	PC: 13242 \| Close file
2018-12-17T23:12:55.816940656Z	67	PC: 1338b \| Get or set file attributes
2018-12-17T23:12:55.827493353Z	79	PC: 12edd \| Find next file
2018-12-17T23:12:55.829487549Z	78	PC: 12f9a \| Find first file
2018-12-17T23:12:55.834065392Z	67	PC: 13371 \| Get or set file attributes
2018-12-17T23:12:55.83804315Z	67	PC: 1337d \| Get or set file attributes
2018-12-17T23:12:55.84439729Z	61	PC: 131e5 \| Open file (Filename = 'TEST.EXE')
2018-12-17T23:12:55.854903561Z	66	PC: 131ef \| Move file pointer
2018-12-17T23:12:55.856104042Z	66	PC: 13225 \| Move file pointer
2018-12-17T23:12:55.857358539Z	63	PC: 13232 \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T23:12:55.862864209Z	62	PC: 13242 \| Close file
2018-12-17T23:12:55.864395397Z	67	PC: 1338b \| Get or set file attributes
2018-12-17T23:12:55.873716972Z	79	PC: 12f9a \| Find next file
2018-12-17T23:12:55.877748402Z	59	PC: 1329a \| Change current directory
2018-12-17T23:12:55.881178827Z	78	PC: 133d3 \| Find first file
2018-12-17T23:12:55.885230326Z	78	PC: 133f2 \| Find first file
2018-12-17T23:12:55.889867882Z	78	PC: 12edd \| Find first file
2018-12-17T23:12:55.893935878Z	67	PC: 13371 \| Get or set file attributes
2018-12-17T23:12:55.897980951Z	67	PC: 1337d \| Get or set file attributes
2018-12-17T23:12:56.222221834Z	61	PC: 131e5 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T23:12:56.230601476Z	66	PC: 131ef \| Move file pointer
2018-12-17T23:12:56.23450449Z	66	PC: 13225 \| Move file pointer
2018-12-17T23:12:56.23673244Z	63	PC: 13232 \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T23:12:56.246061632Z	62	PC: 13242 \| Close file
2018-12-17T23:12:56.248886725Z	67	PC: 1338b \| Get or set file attributes
2018-12-17T23:12:56.260889507Z	79	PC: 12edd \| Find next file
2018-12-17T23:12:56.264812347Z	67	PC: 13371 \| Get or set file attributes
2018-12-17T23:12:56.27113085Z	67	PC: 1337d \| Get or set file attributes
2018-12-17T23:12:56.281994232Z	61	PC: 131e5 \| Open file (Filename = 'PRINT.COM')
2018-12-17T23:12:56.290992347Z	66	PC: 131ef \| Move file pointer
2018-12-17T23:12:56.292799517Z	62	PC: 13242 \| Close file
2018-12-17T23:12:56.294782263Z	67	PC: 1338b \| Get or set file attributes
2018-12-17T23:12:56.306570079Z	79	PC: 12edd \| Find next file
2018-12-17T23:12:56.309651425Z	67	PC: 13371 \| Get or set file attributes
2018-12-17T23:12:56.321665681Z	67	PC: 1337d \| Get or set file attributes
2018-12-17T23:12:56.333835035Z	61	PC: 131e5 \| Open file (Filename = 'HELLO.COM')
2018-12-17T23:12:56.341959166Z	66	PC: 131ef \| Move file pointer
2018-12-17T23:12:56.343783448Z	62	PC: 13242 \| Close file
2018-12-17T23:12:56.346695346Z	67	PC: 1338b \| Get or set file attributes
2018-12-17T23:12:56.358417577Z	79	PC: 12edd \| Find next file
2018-12-17T23:12:56.361791364Z	67	PC: 13371 \| Get or set file attributes
2018-12-17T23:12:56.369188871Z	67	PC: 1337d \| Get or set file attributes
2018-12-17T23:12:56.380433642Z	61	PC: 131e5 \| Open file (Filename = 'PHANG.COM')
2018-12-17T23:12:56.39371042Z	66	PC: 131ef \| Move file pointer
2018-12-17T23:12:56.396150861Z	62	PC: 13242 \| Close file
2018-12-17T23:12:56.398273572Z	67	PC: 1338b \| Get or set file attributes
2018-12-17T23:12:56.409310867Z	79	PC: 12edd \| Find next file
2018-12-17T23:12:56.412900777Z	67	PC: 13371 \| Get or set file attributes
2018-12-17T23:12:56.419352408Z	67	PC: 1337d \| Get or set file attributes
2018-12-17T23:12:56.429839876Z	61	PC: 131e5 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T23:12:56.437076767Z	66	PC: 131ef \| Move file pointer
2018-12-17T23:12:56.438826433Z	62	PC: 13242 \| Close file
2018-12-17T23:12:56.44070553Z	67	PC: 1338b \| Get or set file attributes
2018-12-17T23:12:56.462286956Z	79	PC: 12edd \| Find next file
2018-12-17T23:12:56.465279818Z	67	PC: 13371 \| Get or set file attributes
2018-12-17T23:12:56.471601694Z	67	PC: 1337d \| Get or set file attributes
2018-12-17T23:12:56.482751694Z	61	PC: 131e5 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T23:12:56.497930731Z	66	PC: 131ef \| Move file pointer
2018-12-17T23:12:56.526404002Z	66	PC: 13225 \| Move file pointer
2018-12-17T23:12:56.528743468Z	63	PC: 13232 \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T23:12:56.537052236Z	62	PC: 13242 \| Close file
2018-12-17T23:12:56.539277225Z	67	PC: 1338b \| Get or set file attributes
2018-12-17T23:12:56.550747513Z	79	PC: 12edd \| Find next file
2018-12-17T23:12:56.554522797Z	67	PC: 13371 \| Get or set file attributes
2018-12-17T23:12:56.560832651Z	67	PC: 1337d \| Get or set file attributes
2018-12-17T23:12:56.57164281Z	61	PC: 131e5 \| Open file (Filename = 'PAH.COM')
2018-12-17T23:12:56.580674509Z	66	PC: 131ef \| Move file pointer
2018-12-17T23:12:56.582192132Z	62	PC: 13242 \| Close file
2018-12-17T23:12:56.583990604Z	67	PC: 1338b \| Get or set file attributes
2018-12-17T23:12:56.595219636Z	79	PC: 12edd \| Find next file
2018-12-17T23:12:56.59808401Z	78	PC: 12f9a \| Find first file
2018-12-17T23:12:56.604628331Z	67	PC: 13371 \| Get or set file attributes
2018-12-17T23:12:56.612184246Z	67	PC: 1337d \| Get or set file attributes
2018-12-17T23:12:56.623657459Z	61	PC: 131e5 \| Open file (Filename = 'TEST.EXE')
2018-12-17T23:12:56.630938721Z	66	PC: 131ef \| Move file pointer
2018-12-17T23:12:56.633119441Z	66	PC: 13225 \| Move file pointer
2018-12-17T23:12:56.634648957Z	63	PC: 13232 \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T23:12:56.642848213Z	62	PC: 13242 \| Close file
2018-12-17T23:12:56.645322765Z	67	PC: 1338b \| Get or set file attributes
2018-12-17T23:12:56.656677462Z	79	PC: 12f9a \| Find next file
2018-12-17T23:12:56.659742238Z	78	PC: 132d1 \| Find first file
2018-12-17T23:12:56.667178079Z	67	PC: 132e9 \| Get or set file attributes
2018-12-17T23:12:56.674225108Z	79	PC: 132d1 \| Find next file
2018-12-17T23:12:56.677089258Z	67	PC: 132e9 \| Get or set file attributes
2018-12-17T23:12:56.684303794Z	79	PC: 132d1 \| Find next file
2018-12-17T23:12:56.687030511Z	67	PC: 132e9 \| Get or set file attributes
2018-12-17T23:12:56.693158233Z	79	PC: 132d1 \| Find next file
2018-12-17T23:12:56.696521729Z	67	PC: 132e9 \| Get or set file attributes
2018-12-17T23:12:56.708306546Z	79	PC: 132d1 \| Find next file
2018-12-17T23:12:56.710957016Z	67	PC: 132e9 \| Get or set file attributes
2018-12-17T23:12:56.7174925Z	79	PC: 132d1 \| Find next file
2018-12-17T23:12:56.720300074Z	67	PC: 132e9 \| Get or set file attributes
2018-12-17T23:12:56.726446801Z	79	PC: 132d1 \| Find next file
2018-12-17T23:12:56.729582866Z	67	PC: 132e9 \| Get or set file attributes
2018-12-17T23:12:56.735828742Z	79	PC: 132d1 \| Find next file
2018-12-17T23:12:56.738617148Z	67	PC: 132e9 \| Get or set file attributes
2018-12-17T23:12:56.745667337Z	79	PC: 132d1 \| Find next file
2018-12-17T23:12:56.748500002Z	67	PC: 132e9 \| Get or set file attributes
2018-12-17T23:12:56.760017564Z	79	PC: 132d1 \| Find next file
2018-12-17T23:12:56.762748676Z	59	PC: 1331d \| Change current directory
2018-12-17T23:12:56.773538052Z	59	PC: 13156 \| Change current directory
2018-12-17T23:12:56.77830056Z	42	PC: 1340c \| Get date 0x1340c: cmp dl, 0xd 0x1340f: je 0x13413 0x13411: clc 0x13412: ret 0x13413: stc 0x13414: ret 0x13415: push cs 0x13416: pop ds 0x13417: lea dx, word ptr [di + 0x7a4] 0x1341b: mov cx, 2 0x1341e: mov ah, 0x40 0x13420: int 0x21 0x13422: push es 0x13423: pop ds 0x13424: ret 0x13425: push si 0x13426: push di 0x13427: mov ax, di 0x13429: lea si, word ptr [di + 0x61f] 0x1342d: xchg si, di
2018-12-17T23:12:56.781785809Z	26	PC: 1317a \| Set disk transfer address
2018-12-17T23:12:56.78345722Z	74	PC: 13196 \| Reallocate memory
2018-12-17T23:12:56.785273338Z	74	PC: 13196 \| Reallocate memory

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17671,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:56:17.347551658Z	26	PC: 12eb4 \| Set disk transfer address
2018-12-25T12:56:17.348942833Z	71	PC: 12ec2 \| Get current directory
2018-12-25T12:56:17.351982238Z	78	PC: 133d3 \| Find first file
2018-12-25T12:56:17.358413659Z	78	PC: 133f2 \| Find first file
2018-12-25T12:56:17.36953172Z	78	PC: 12edd \| Find first file
2018-12-25T12:56:17.380008101Z	67	PC: 13371 \| Get or set file attributes
2018-12-25T12:56:17.390520824Z	67	PC: 1337d \| Get or set file attributes
2018-12-25T12:56:17.407919078Z	61	PC: 131e5 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T12:56:17.41417316Z	66	PC: 131ef \| Move file pointer
2018-12-25T12:56:17.415420378Z	66	PC: 13225 \| Move file pointer
2018-12-25T12:56:17.416880477Z	63	PC: 13232 \| Read file or device (Read 2 bytes on handle 5)
2018-12-25T12:56:17.422988802Z	87	PC: 13391 \| Get or set file date and time
2018-12-25T12:56:17.424143264Z	66	PC: 131cf \| Move file pointer
2018-12-25T12:56:17.425511796Z	63	PC: 131d9 \| Read file or device (Read 256 bytes on handle 5)
2018-12-25T12:56:17.4277773Z	66	PC: 12f15 \| Move file pointer
2018-12-25T12:56:17.428898848Z	63	PC: 12f1f \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:56:17.431613719Z	66	PC: 12f28 \| Move file pointer
2018-12-25T12:56:17.432629592Z	64	PC: 12f38 \| Write file or device (Write 1 bytes on handle 5)
2018-12-25T12:56:17.434178398Z	64	PC: 12f43 \| Write file or device (Write 2 bytes on handle 5)
2018-12-25T12:56:17.436081352Z	66	PC: 12f57 \| Move file pointer
2018-12-25T12:56:17.437712768Z	64	PC: 12f6b \| Write file or device (Write 1958 bytes on handle 5)
2018-12-25T12:56:17.445638496Z	64	PC: 13422 \| Write file or device (Write 2 bytes on handle 5)
2018-12-25T12:56:17.447908123Z	87	PC: 133ab \| Get or set file date and time
2018-12-25T12:56:17.4496967Z	62	PC: 12f75 \| Close file
2018-12-25T12:56:17.454405925Z	67	PC: 1338b \| Get or set file attributes
2018-12-25T12:56:17.460558469Z	79	PC: 12edd \| Find next file (See above)
2018-12-25T12:56:17.462393763Z	67	PC: 13371 \| Get or set file attributes (See above)
2018-12-25T12:56:17.465695995Z	67	PC: 1337d \| Get or set file attributes (See above)
2018-12-25T12:56:17.471531687Z	61	PC: 131e5 \| Open file (See above)
2018-12-25T12:56:17.479355995Z	66	PC: 131ef \| Move file pointer (See above)
2018-12-25T12:56:17.480380068Z	62	PC: 13242 \| Close file
2018-12-25T12:56:17.48149037Z	67	PC: 1338b \| Get or set file attributes (See above)
2018-12-25T12:56:17.488725247Z	79	PC: 12edd \| Find next file (See above)
2018-12-25T12:56:17.49035648Z	67	PC: 13371 \| Get or set file attributes (See above)
2018-12-25T12:56:17.49651783Z	67	PC: 1337d \| Get or set file attributes (See above)
2018-12-25T12:56:17.505192427Z	61	PC: 131e5 \| Open file (See above)
2018-12-25T12:56:17.512042111Z	66	PC: 131ef \| Move file pointer (See above)
2018-12-25T12:56:17.512953633Z	62	PC: 13242 \| Close file (See above)
2018-12-25T12:56:17.514533673Z	67	PC: 1338b \| Get or set file attributes (See above)
2018-12-25T12:56:17.522019611Z	79	PC: 12edd \| Find next file (See above)
2018-12-25T12:56:17.524131796Z	67	PC: 13371 \| Get or set file attributes (See above)
2018-12-25T12:56:17.527760344Z	67	PC: 1337d \| Get or set file attributes (See above)
2018-12-25T12:56:17.533920429Z	61	PC: 131e5 \| Open file (See above)
2018-12-25T12:56:17.540199119Z	66	PC: 131ef \| Move file pointer (See above)
2018-12-25T12:56:17.541845343Z	62	PC: 13242 \| Close file (See above)
2018-12-25T12:56:17.543599042Z	67	PC: 1338b \| Get or set file attributes (See above)
2018-12-25T12:56:17.553247296Z	79	PC: 12edd \| Find next file (See above)
2018-12-25T12:56:17.55629992Z	67	PC: 13371 \| Get or set file attributes (See above)
2018-12-25T12:56:17.562146075Z	67	PC: 1337d \| Get or set file attributes (See above)
2018-12-25T12:56:17.571850921Z	61	PC: 131e5 \| Open file (See above)
2018-12-25T12:56:17.583288922Z	66	PC: 131ef \| Move file pointer (See above)
2018-12-25T12:56:17.58470361Z	62	PC: 13242 \| Close file (See above)
2018-12-25T12:56:17.586342292Z	67	PC: 1338b \| Get or set file attributes (See above)
2018-12-25T12:56:17.596933177Z	79	PC: 12edd \| Find next file (See above)
2018-12-25T12:56:17.599322634Z	67	PC: 13371 \| Get or set file attributes (See above)
2018-12-25T12:56:17.604640903Z	67	PC: 1337d \| Get or set file attributes (See above)
2018-12-25T12:56:17.61486802Z	61	PC: 131e5 \| Open file (See above)
2018-12-25T12:56:17.621210956Z	66	PC: 131ef \| Move file pointer (See above)
2018-12-25T12:56:17.622534048Z	66	PC: 13225 \| Move file pointer (See above)
2018-12-25T12:56:17.624255587Z	63	PC: 13232 \| Read file or device (See above)
2018-12-25T12:56:17.630484933Z	87	PC: 13391 \| Get or set file date and time (See above)
2018-12-25T12:56:17.631883323Z	66	PC: 131cf \| Move file pointer (See above)
2018-12-25T12:56:17.633308445Z	63	PC: 131d9 \| Read file or device (See above)
2018-12-25T12:56:17.635521308Z	66	PC: 12f15 \| Move file pointer (See above)
2018-12-25T12:56:17.636669337Z	63	PC: 12f1f \| Read file or device (See above)
2018-12-25T12:56:17.639005995Z	66	PC: 12f28 \| Move file pointer (See above)
2018-12-25T12:56:17.640266722Z	64	PC: 12f38 \| Write file or device (See above)
2018-12-25T12:56:17.642632532Z	64	PC: 12f43 \| Write file or device (See above)
2018-12-25T12:56:17.645180457Z	66	PC: 12f57 \| Move file pointer (See above)
2018-12-25T12:56:17.646564179Z	64	PC: 12f6b \| Write file or device (See above)
2018-12-25T12:56:17.655830891Z	64	PC: 13422 \| Write file or device (See above)
2018-12-25T12:56:17.658404992Z	87	PC: 133ab \| Get or set file date and time (See above)
2018-12-25T12:56:17.659776338Z	62	PC: 12f75 \| Close file (See above)
2018-12-25T12:56:17.667289291Z	67	PC: 1338b \| Get or set file attributes (See above)
2018-12-25T12:56:17.677085932Z	79	PC: 12edd \| Find next file (See above)
2018-12-25T12:56:17.679842992Z	67	PC: 13371 \| Get or set file attributes (See above)
2018-12-25T12:56:17.685471635Z	67	PC: 1337d \| Get or set file attributes (See above)
2018-12-25T12:56:17.69481051Z	61	PC: 131e5 \| Open file (See above)
2018-12-25T12:56:17.705766068Z	66	PC: 131ef \| Move file pointer (See above)
2018-12-25T12:56:17.707347226Z	62	PC: 13242 \| Close file (See above)
2018-12-25T12:56:17.709179947Z	67	PC: 1338b \| Get or set file attributes (See above)
2018-12-25T12:56:17.72726006Z	79	PC: 12edd \| Find next file (See above)
2018-12-25T12:56:17.729954608Z	78	PC: 12f9a \| Find first file
2018-12-25T12:56:17.736217318Z	67	PC: 13371 \| Get or set file attributes (See above)
2018-12-25T12:56:17.745521786Z	67	PC: 1337d \| Get or set file attributes (See above)
2018-12-25T12:56:17.757041233Z	61	PC: 131e5 \| Open file (See above)
2018-12-25T12:56:17.763389497Z	66	PC: 131ef \| Move file pointer (See above)
2018-12-25T12:56:17.765536687Z	66	PC: 13225 \| Move file pointer (See above)
2018-12-25T12:56:17.767063426Z	63	PC: 13232 \| Read file or device (See above)
2018-12-25T12:56:17.775421709Z	62	PC: 13242 \| Close file (See above)
2018-12-25T12:56:17.777735Z	67	PC: 1338b \| Get or set file attributes (See above)
2018-12-25T12:56:17.789877375Z	79	PC: 12f9a \| Find next file (See above)
2018-12-25T12:56:17.792040085Z	59	PC: 1329a \| Change current directory
2018-12-25T12:56:17.796007813Z	78	PC: 133d3 \| Find first file (See above)
2018-12-25T12:56:17.801366738Z	78	PC: 133f2 \| Find first file (See above)
2018-12-25T12:56:17.806915788Z	78	PC: 12edd \| Find first file (See above)
2018-12-25T12:56:17.813660606Z	67	PC: 13371 \| Get or set file attributes (See above)
2018-12-25T12:56:17.824110756Z	67	PC: 1337d \| Get or set file attributes (See above)
2018-12-25T12:56:17.837073063Z	61	PC: 131e5 \| Open file (See above)
2018-12-25T12:56:17.849278979Z	66	PC: 131ef \| Move file pointer (See above)
2018-12-25T12:56:17.850586946Z	66	PC: 13225 \| Move file pointer (See above)
2018-12-25T12:56:17.851876173Z	63	PC: 13232 \| Read file or device (See above)
2018-12-25T12:56:17.859600348Z	62	PC: 13242 \| Close file (See above)
2018-12-25T12:56:17.861491904Z	67	PC: 1338b \| Get or set file attributes (See above)
2018-12-25T12:56:17.871359311Z	79	PC: 12edd \| Find next file (See above)
2018-12-25T12:56:17.875037069Z	67	PC: 13371 \| Get or set file attributes (See above)
2018-12-25T12:56:17.880475259Z	67	PC: 1337d \| Get or set file attributes (See above)
2018-12-25T12:56:17.886531459Z	61	PC: 131e5 \| Open file (See above)
2018-12-25T12:56:17.890887902Z	66	PC: 131ef \| Move file pointer (See above)
2018-12-25T12:56:17.892160213Z	62	PC: 13242 \| Close file (See above)
2018-12-25T12:56:17.89344583Z	67	PC: 1338b \| Get or set file attributes (See above)
2018-12-25T12:56:17.901610133Z	79	PC: 12edd \| Find next file (See above)
2018-12-25T12:56:17.903416142Z	67	PC: 13371 \| Get or set file attributes (See above)
2018-12-25T12:56:17.910004666Z	67	PC: 1337d \| Get or set file attributes (See above)
2018-12-25T12:56:17.916703623Z	61	PC: 131e5 \| Open file (See above)
2018-12-25T12:56:17.92080289Z	66	PC: 131ef \| Move file pointer (See above)
2018-12-25T12:56:17.921708832Z	62	PC: 13242 \| Close file (See above)
2018-12-25T12:56:17.923390437Z	67	PC: 1338b \| Get or set file attributes (See above)
2018-12-25T12:56:17.929379907Z	79	PC: 12edd \| Find next file (See above)
2018-12-25T12:56:17.931137532Z	67	PC: 13371 \| Get or set file attributes (See above)
2018-12-25T12:56:17.935263664Z	67	PC: 1337d \| Get or set file attributes (See above)
2018-12-25T12:56:17.942668227Z	61	PC: 131e5 \| Open file (See above)
2018-12-25T12:56:17.949565678Z	66	PC: 131ef \| Move file pointer (See above)
2018-12-25T12:56:17.950889186Z	62	PC: 13242 \| Close file (See above)
2018-12-25T12:56:17.952544879Z	67	PC: 1338b \| Get or set file attributes (See above)
2018-12-25T12:56:17.95980088Z	79	PC: 12edd \| Find next file (See above)
2018-12-25T12:56:17.961547256Z	67	PC: 13371 \| Get or set file attributes (See above)
2018-12-25T12:56:17.968079356Z	67	PC: 1337d \| Get or set file attributes (See above)
2018-12-25T12:56:17.975717607Z	61	PC: 131e5 \| Open file (See above)
2018-12-25T12:56:17.980074643Z	66	PC: 131ef \| Move file pointer (See above)
2018-12-25T12:56:17.981680118Z	62	PC: 13242 \| Close file (See above)
2018-12-25T12:56:17.982992656Z	67	PC: 1338b \| Get or set file attributes (See above)
2018-12-25T12:56:17.989698623Z	79	PC: 12edd \| Find next file (See above)
2018-12-25T12:56:17.991574823Z	67	PC: 13371 \| Get or set file attributes (See above)
2018-12-25T12:56:17.995396178Z	67	PC: 1337d \| Get or set file attributes (See above)
2018-12-25T12:56:18.001635466Z	61	PC: 131e5 \| Open file (See above)
2018-12-25T12:56:18.008967802Z	66	PC: 131ef \| Move file pointer (See above)
2018-12-25T12:56:18.010164381Z	66	PC: 13225 \| Move file pointer (See above)
2018-12-25T12:56:18.011460593Z	63	PC: 13232 \| Read file or device (See above)
2018-12-25T12:56:18.016119838Z	62	PC: 13242 \| Close file (See above)
2018-12-25T12:56:18.017406673Z	67	PC: 1338b \| Get or set file attributes (See above)
2018-12-25T12:56:18.025191648Z	79	PC: 12edd \| Find next file (See above)
2018-12-25T12:56:18.027395466Z	67	PC: 13371 \| Get or set file attributes (See above)
2018-12-25T12:56:18.033838142Z	67	PC: 1337d \| Get or set file attributes (See above)
2018-12-25T12:56:18.041679565Z	61	PC: 131e5 \| Open file (See above)
2018-12-25T12:56:18.046084646Z	66	PC: 131ef \| Move file pointer (See above)
2018-12-25T12:56:18.047108585Z	62	PC: 13242 \| Close file (See above)
2018-12-25T12:56:18.048470769Z	67	PC: 1338b \| Get or set file attributes (See above)
2018-12-25T12:56:18.054973167Z	79	PC: 12edd \| Find next file (See above)
2018-12-25T12:56:18.056742348Z	78	PC: 12f9a \| Find first file (See above)
2018-12-25T12:56:18.060574576Z	67	PC: 13371 \| Get or set file attributes (See above)
2018-12-25T12:56:18.06438936Z	67	PC: 1337d \| Get or set file attributes (See above)
2018-12-25T12:56:18.071695557Z	61	PC: 131e5 \| Open file (See above)
2018-12-25T12:56:18.079331446Z	66	PC: 131ef \| Move file pointer (See above)
2018-12-25T12:56:18.080535732Z	66	PC: 13225 \| Move file pointer (See above)
2018-12-25T12:56:18.08167006Z	63	PC: 13232 \| Read file or device (See above)
2018-12-25T12:56:18.086137176Z	62	PC: 13242 \| Close file (See above)
2018-12-25T12:56:18.087949349Z	67	PC: 1338b \| Get or set file attributes (See above)
2018-12-25T12:56:18.09868552Z	79	PC: 12f9a \| Find next file (See above)
2018-12-25T12:56:18.101598157Z	78	PC: 132d1 \| Find first file
2018-12-25T12:56:18.108857755Z	67	PC: 132e9 \| Get or set file attributes
2018-12-25T12:56:18.114532688Z	79	PC: 132d1 \| Find next file (See above)
2018-12-25T12:56:18.11683599Z	67	PC: 132e9 \| Get or set file attributes (See above)
2018-12-25T12:56:18.122386394Z	79	PC: 132d1 \| Find next file (See above)
2018-12-25T12:56:18.124686363Z	67	PC: 132e9 \| Get or set file attributes (See above)
2018-12-25T12:56:18.130000319Z	79	PC: 132d1 \| Find next file (See above)
2018-12-25T12:56:18.132781983Z	67	PC: 132e9 \| Get or set file attributes (See above)
2018-12-25T12:56:18.138018198Z	79	PC: 132d1 \| Find next file (See above)
2018-12-25T12:56:18.140251144Z	67	PC: 132e9 \| Get or set file attributes (See above)
2018-12-25T12:56:18.145825319Z	79	PC: 132d1 \| Find next file (See above)
2018-12-25T12:56:18.148164495Z	67	PC: 132e9 \| Get or set file attributes (See above)
2018-12-25T12:56:18.153372806Z	79	PC: 132d1 \| Find next file (See above)
2018-12-25T12:56:18.156166268Z	67	PC: 132e9 \| Get or set file attributes (See above)
2018-12-25T12:56:18.161415537Z	79	PC: 132d1 \| Find next file (See above)
2018-12-25T12:56:18.163645377Z	67	PC: 132e9 \| Get or set file attributes (See above)
2018-12-25T12:56:18.169687204Z	79	PC: 132d1 \| Find next file (See above)
2018-12-25T12:56:18.172009607Z	67	PC: 132e9 \| Get or set file attributes (See above)
2018-12-25T12:56:18.177312057Z	79	PC: 132d1 \| Find next file (See above)
2018-12-25T12:56:18.179497924Z	59	PC: 1331d \| Change current directory
2018-12-25T12:56:18.183363174Z	59	PC: 13156 \| Change current directory
2018-12-25T12:56:18.187090272Z	42	PC: 1340c \| Get date 0x1340c: cmp dl, 0xd 0x1340f: je 0x13413 0x13411: clc 0x13412: ret 0x13413: stc 0x13414: ret 0x13415: push cs 0x13416: pop ds 0x13417: lea dx, word ptr [di + 0x7a4] 0x1341b: mov cx, 2 0x1341e: mov ah, 0x40 0x13420: int 0x21 0x13422: push es 0x13423: pop ds 0x13424: ret 0x13425: push si 0x13426: push di 0x13427: mov ax, di 0x13429: lea si, word ptr [di + 0x61f] 0x1342d: xchg si, di
2018-12-25T12:56:18.18918487Z	26	PC: 1317a \| Set disk transfer address
2018-12-25T12:56:18.190155968Z	74	PC: 13196 \| Reallocate memory
2018-12-25T12:56:18.191577749Z	74	PC: 13196 \| Reallocate memory (See above)

{"DateBased":true,"Day":13,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17671,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:56:18.330886224Z	26	PC: 12eb4 \| Set disk transfer address
2018-12-25T12:56:18.333733236Z	71	PC: 12ec2 \| Get current directory
2018-12-25T12:56:18.337230789Z	78	PC: 133d3 \| Find first file
2018-12-25T12:56:18.344568187Z	78	PC: 133f2 \| Find first file
2018-12-25T12:56:18.356603119Z	78	PC: 12edd \| Find first file
2018-12-25T12:56:18.364297804Z	67	PC: 13371 \| Get or set file attributes
2018-12-25T12:56:18.370638937Z	67	PC: 1337d \| Get or set file attributes
2018-12-25T12:56:18.389178415Z	61	PC: 131e5 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T12:56:18.397656407Z	66	PC: 131ef \| Move file pointer
2018-12-25T12:56:18.3996207Z	66	PC: 13225 \| Move file pointer
2018-12-25T12:56:18.401281107Z	63	PC: 13232 \| Read file or device (Read 2 bytes on handle 5)
2018-12-25T12:56:18.410845311Z	87	PC: 13391 \| Get or set file date and time
2018-12-25T12:56:18.412758525Z	66	PC: 131cf \| Move file pointer
2018-12-25T12:56:18.414375287Z	63	PC: 131d9 \| Read file or device (Read 256 bytes on handle 5)
2018-12-25T12:56:18.417278484Z	66	PC: 12f15 \| Move file pointer
2018-12-25T12:56:18.430726374Z	63	PC: 12f1f \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:56:18.433475403Z	66	PC: 12f28 \| Move file pointer
2018-12-25T12:56:18.434988675Z	64	PC: 12f38 \| Write file or device (Write 1 bytes on handle 5)
2018-12-25T12:56:18.438508639Z	64	PC: 12f43 \| Write file or device (Write 2 bytes on handle 5)
2018-12-25T12:56:18.441788996Z	66	PC: 12f57 \| Move file pointer
2018-12-25T12:56:18.444854896Z	64	PC: 12f6b \| Write file or device (Write 1958 bytes on handle 5)
2018-12-25T12:56:18.455911133Z	64	PC: 13422 \| Write file or device (Write 2 bytes on handle 5)
2018-12-25T12:56:18.458884266Z	87	PC: 133ab \| Get or set file date and time
2018-12-25T12:56:18.460371744Z	62	PC: 12f75 \| Close file
2018-12-25T12:56:18.469944267Z	67	PC: 1338b \| Get or set file attributes
2018-12-25T12:56:18.481065477Z	79	PC: 12edd \| Find next file (See above)
2018-12-25T12:56:18.484298547Z	67	PC: 13371 \| Get or set file attributes (See above)
2018-12-25T12:56:18.491441123Z	67	PC: 1337d \| Get or set file attributes (See above)
2018-12-25T12:56:18.502199519Z	61	PC: 131e5 \| Open file (See above)
2018-12-25T12:56:18.51581592Z	66	PC: 131ef \| Move file pointer (See above)
2018-12-25T12:56:18.518182161Z	62	PC: 13242 \| Close file
2018-12-25T12:56:18.520243039Z	67	PC: 1338b \| Get or set file attributes (See above)
2018-12-25T12:56:18.531047119Z	79	PC: 12edd \| Find next file (See above)
2018-12-25T12:56:18.53422071Z	67	PC: 13371 \| Get or set file attributes (See above)
2018-12-25T12:56:18.54113283Z	67	PC: 1337d \| Get or set file attributes (See above)
2018-12-25T12:56:18.551760486Z	61	PC: 131e5 \| Open file (See above)
2018-12-25T12:56:18.559231521Z	66	PC: 131ef \| Move file pointer (See above)
2018-12-25T12:56:18.563245404Z	62	PC: 13242 \| Close file (See above)
2018-12-25T12:56:18.565297577Z	67	PC: 1338b \| Get or set file attributes (See above)
2018-12-25T12:56:18.580412532Z	79	PC: 12edd \| Find next file (See above)
2018-12-25T12:56:18.584126386Z	67	PC: 13371 \| Get or set file attributes (See above)
2018-12-25T12:56:18.588180261Z	67	PC: 1337d \| Get or set file attributes (See above)
2018-12-25T12:56:18.594775102Z	61	PC: 131e5 \| Open file (See above)
2018-12-25T12:56:18.604326975Z	66	PC: 131ef \| Move file pointer (See above)
2018-12-25T12:56:18.606366281Z	62	PC: 13242 \| Close file (See above)
2018-12-25T12:56:18.608748933Z	67	PC: 1338b \| Get or set file attributes (See above)
2018-12-25T12:56:18.620591372Z	79	PC: 12edd \| Find next file (See above)
2018-12-25T12:56:18.62378873Z	67	PC: 13371 \| Get or set file attributes (See above)
2018-12-25T12:56:18.635614341Z	67	PC: 1337d \| Get or set file attributes (See above)
2018-12-25T12:56:18.650981826Z	61	PC: 131e5 \| Open file (See above)
2018-12-25T12:56:18.658676232Z	66	PC: 131ef \| Move file pointer (See above)
2018-12-25T12:56:18.661327241Z	62	PC: 13242 \| Close file (See above)
2018-12-25T12:56:18.663803535Z	67	PC: 1338b \| Get or set file attributes (See above)
2018-12-25T12:56:18.676190734Z	79	PC: 12edd \| Find next file (See above)
2018-12-25T12:56:18.679629034Z	67	PC: 13371 \| Get or set file attributes (See above)
2018-12-25T12:56:18.686424631Z	67	PC: 1337d \| Get or set file attributes (See above)
2018-12-25T12:56:18.699018786Z	61	PC: 131e5 \| Open file (See above)
2018-12-25T12:56:18.713332935Z	66	PC: 131ef \| Move file pointer (See above)
2018-12-25T12:56:18.715260617Z	66	PC: 13225 \| Move file pointer (See above)
2018-12-25T12:56:18.717983034Z	63	PC: 13232 \| Read file or device (See above)
2018-12-25T12:56:18.725210265Z	87	PC: 13391 \| Get or set file date and time (See above)
2018-12-25T12:56:18.72677885Z	66	PC: 131cf \| Move file pointer (See above)
2018-12-25T12:56:18.729584213Z	63	PC: 131d9 \| Read file or device (See above)
2018-12-25T12:56:18.732528854Z	66	PC: 12f15 \| Move file pointer (See above)
2018-12-25T12:56:18.734405044Z	63	PC: 12f1f \| Read file or device (See above)
2018-12-25T12:56:18.737896284Z	66	PC: 12f28 \| Move file pointer (See above)
2018-12-25T12:56:18.739746287Z	64	PC: 12f38 \| Write file or device (See above)
2018-12-25T12:56:18.743506062Z	64	PC: 12f43 \| Write file or device (See above)
2018-12-25T12:56:18.746931424Z	66	PC: 12f57 \| Move file pointer (See above)
2018-12-25T12:56:18.748819583Z	64	PC: 12f6b \| Write file or device (See above)
2018-12-25T12:56:18.755464685Z	64	PC: 13422 \| Write file or device (See above)
2018-12-25T12:56:18.757553075Z	87	PC: 133ab \| Get or set file date and time (See above)
2018-12-25T12:56:18.759144287Z	62	PC: 12f75 \| Close file (See above)
2018-12-25T12:56:18.764344679Z	67	PC: 1338b \| Get or set file attributes (See above)
2018-12-25T12:56:18.771117718Z	79	PC: 12edd \| Find next file (See above)
2018-12-25T12:56:18.773702416Z	67	PC: 13371 \| Get or set file attributes (See above)
2018-12-25T12:56:18.778125644Z	67	PC: 1337d \| Get or set file attributes (See above)
2018-12-25T12:56:18.785218736Z	61	PC: 131e5 \| Open file (See above)
2018-12-25T12:56:18.789988173Z	66	PC: 131ef \| Move file pointer (See above)
2018-12-25T12:56:18.791446934Z	62	PC: 13242 \| Close file (See above)
2018-12-25T12:56:18.792897546Z	67	PC: 1338b \| Get or set file attributes (See above)
2018-12-25T12:56:18.800336411Z	79	PC: 12edd \| Find next file (See above)
2018-12-25T12:56:18.802282405Z	78	PC: 12f9a \| Find first file
2018-12-25T12:56:18.806434499Z	67	PC: 13371 \| Get or set file attributes (See above)
2018-12-25T12:56:18.81098014Z	67	PC: 1337d \| Get or set file attributes (See above)
2018-12-25T12:56:18.821420133Z	61	PC: 131e5 \| Open file (See above)
2018-12-25T12:56:18.834161793Z	66	PC: 131ef \| Move file pointer (See above)
2018-12-25T12:56:18.836257469Z	66	PC: 13225 \| Move file pointer (See above)
2018-12-25T12:56:18.838627064Z	63	PC: 13232 \| Read file or device (See above)
2018-12-25T12:56:18.846505685Z	62	PC: 13242 \| Close file (See above)
2018-12-25T12:56:18.848417459Z	67	PC: 1338b \| Get or set file attributes (See above)
2018-12-25T12:56:18.85969583Z	79	PC: 12f9a \| Find next file (See above)
2018-12-25T12:56:18.86236744Z	59	PC: 1329a \| Change current directory
2018-12-25T12:56:18.8673338Z	78	PC: 133d3 \| Find first file (See above)
2018-12-25T12:56:18.87490708Z	78	PC: 133f2 \| Find first file (See above)
2018-12-25T12:56:18.881728708Z	78	PC: 12edd \| Find first file (See above)
2018-12-25T12:56:18.888455748Z	67	PC: 13371 \| Get or set file attributes (See above)
2018-12-25T12:56:18.901696829Z	67	PC: 1337d \| Get or set file attributes (See above)
2018-12-25T12:56:18.915790326Z	61	PC: 131e5 \| Open file (See above)
2018-12-25T12:56:18.922984372Z	66	PC: 131ef \| Move file pointer (See above)
2018-12-25T12:56:18.92506189Z	66	PC: 13225 \| Move file pointer (See above)
2018-12-25T12:56:18.92647632Z	63	PC: 13232 \| Read file or device (See above)
2018-12-25T12:56:18.933734066Z	62	PC: 13242 \| Close file (See above)
2018-12-25T12:56:18.935876051Z	67	PC: 1338b \| Get or set file attributes (See above)
2018-12-25T12:56:18.947325078Z	79	PC: 12edd \| Find next file (See above)
2018-12-25T12:56:18.950311234Z	67	PC: 13371 \| Get or set file attributes (See above)
2018-12-25T12:56:18.957222783Z	67	PC: 1337d \| Get or set file attributes (See above)
2018-12-25T12:56:18.967851225Z	61	PC: 131e5 \| Open file (See above)
2018-12-25T12:56:18.976039305Z	66	PC: 131ef \| Move file pointer (See above)
2018-12-25T12:56:18.978281553Z	62	PC: 13242 \| Close file (See above)
2018-12-25T12:56:18.980305038Z	67	PC: 1338b \| Get or set file attributes (See above)
2018-12-25T12:56:18.99189302Z	79	PC: 12edd \| Find next file (See above)
2018-12-25T12:56:18.995108085Z	67	PC: 13371 \| Get or set file attributes (See above)
2018-12-25T12:56:19.002081784Z	67	PC: 1337d \| Get or set file attributes (See above)
2018-12-25T12:56:19.013797042Z	61	PC: 131e5 \| Open file (See above)
2018-12-25T12:56:19.022402535Z	66	PC: 131ef \| Move file pointer (See above)
2018-12-25T12:56:19.026796829Z	62	PC: 13242 \| Close file (See above)
2018-12-25T12:56:19.029355183Z	67	PC: 1338b \| Get or set file attributes (See above)
2018-12-25T12:56:19.042316671Z	79	PC: 12edd \| Find next file (See above)
2018-12-25T12:56:19.045025882Z	67	PC: 13371 \| Get or set file attributes (See above)
2018-12-25T12:56:19.049561337Z	67	PC: 1337d \| Get or set file attributes (See above)
2018-12-25T12:56:19.056577142Z	61	PC: 131e5 \| Open file (See above)
2018-12-25T12:56:19.062925697Z	66	PC: 131ef \| Move file pointer (See above)
2018-12-25T12:56:19.064601758Z	62	PC: 13242 \| Close file (See above)
2018-12-25T12:56:19.066845299Z	67	PC: 1338b \| Get or set file attributes (See above)
2018-12-25T12:56:19.07904169Z	79	PC: 12edd \| Find next file (See above)
2018-12-25T12:56:19.08205482Z	67	PC: 13371 \| Get or set file attributes (See above)
2018-12-25T12:56:19.091696741Z	67	PC: 1337d \| Get or set file attributes (See above)
2018-12-25T12:56:19.10093614Z	61	PC: 131e5 \| Open file (See above)
2018-12-25T12:56:19.109921006Z	66	PC: 131ef \| Move file pointer (See above)
2018-12-25T12:56:19.111327534Z	62	PC: 13242 \| Close file (See above)
2018-12-25T12:56:19.112864644Z	67	PC: 1338b \| Get or set file attributes (See above)
2018-12-25T12:56:19.120929919Z	79	PC: 12edd \| Find next file (See above)
2018-12-25T12:56:19.123582806Z	67	PC: 13371 \| Get or set file attributes (See above)
2018-12-25T12:56:19.127428404Z	67	PC: 1337d \| Get or set file attributes (See above)
2018-12-25T12:56:19.135288998Z	61	PC: 131e5 \| Open file (See above)
2018-12-25T12:56:19.141360344Z	66	PC: 131ef \| Move file pointer (See above)
2018-12-25T12:56:19.142594974Z	66	PC: 13225 \| Move file pointer (See above)
2018-12-25T12:56:19.145016787Z	63	PC: 13232 \| Read file or device (See above)
2018-12-25T12:56:19.150611569Z	62	PC: 13242 \| Close file (See above)
2018-12-25T12:56:19.152157647Z	67	PC: 1338b \| Get or set file attributes (See above)
2018-12-25T12:56:19.164302739Z	79	PC: 12edd \| Find next file (See above)
2018-12-25T12:56:19.166894953Z	67	PC: 13371 \| Get or set file attributes (See above)
2018-12-25T12:56:19.176558394Z	67	PC: 1337d \| Get or set file attributes (See above)
2018-12-25T12:56:19.185563537Z	61	PC: 131e5 \| Open file (See above)
2018-12-25T12:56:19.191300844Z	66	PC: 131ef \| Move file pointer (See above)
2018-12-25T12:56:19.193257757Z	62	PC: 13242 \| Close file (See above)
2018-12-25T12:56:19.19536002Z	67	PC: 1338b \| Get or set file attributes (See above)
2018-12-25T12:56:19.203228985Z	79	PC: 12edd \| Find next file (See above)
2018-12-25T12:56:19.205597653Z	78	PC: 12f9a \| Find first file (See above)
2018-12-25T12:56:19.212162533Z	67	PC: 13371 \| Get or set file attributes (See above)
2018-12-25T12:56:19.219929993Z	67	PC: 1337d \| Get or set file attributes (See above)
2018-12-25T12:56:19.228029268Z	61	PC: 131e5 \| Open file (See above)
2018-12-25T12:56:19.236732891Z	66	PC: 131ef \| Move file pointer (See above)
2018-12-25T12:56:19.244928138Z	66	PC: 13225 \| Move file pointer (See above)
2018-12-25T12:56:19.246612798Z	63	PC: 13232 \| Read file or device (See above)
2018-12-25T12:56:19.251874406Z	62	PC: 13242 \| Close file (See above)
2018-12-25T12:56:19.254459441Z	67	PC: 1338b \| Get or set file attributes (See above)
2018-12-25T12:56:19.263479891Z	79	PC: 12f9a \| Find next file (See above)
2018-12-25T12:56:19.265563434Z	78	PC: 132d1 \| Find first file
2018-12-25T12:56:19.270184751Z	67	PC: 132e9 \| Get or set file attributes
2018-12-25T12:56:19.274082135Z	79	PC: 132d1 \| Find next file (See above)
2018-12-25T12:56:19.276177892Z	67	PC: 132e9 \| Get or set file attributes (See above)
2018-12-25T12:56:19.280747655Z	79	PC: 132d1 \| Find next file (See above)
2018-12-25T12:56:19.282662248Z	67	PC: 132e9 \| Get or set file attributes (See above)
2018-12-25T12:56:19.289942055Z	79	PC: 132d1 \| Find next file (See above)
2018-12-25T12:56:19.292237806Z	67	PC: 132e9 \| Get or set file attributes (See above)
2018-12-25T12:56:19.300142737Z	79	PC: 132d1 \| Find next file (See above)
2018-12-25T12:56:19.302295129Z	67	PC: 132e9 \| Get or set file attributes (See above)
2018-12-25T12:56:19.306612594Z	79	PC: 132d1 \| Find next file (See above)
2018-12-25T12:56:19.308560011Z	67	PC: 132e9 \| Get or set file attributes (See above)
2018-12-25T12:56:19.312436583Z	79	PC: 132d1 \| Find next file (See above)
2018-12-25T12:56:19.315705476Z	67	PC: 132e9 \| Get or set file attributes (See above)
2018-12-25T12:56:19.319853245Z	79	PC: 132d1 \| Find next file (See above)
2018-12-25T12:56:19.322115753Z	67	PC: 132e9 \| Get or set file attributes (See above)
2018-12-25T12:56:19.326915284Z	79	PC: 132d1 \| Find next file (See above)
2018-12-25T12:56:19.32880319Z	67	PC: 132e9 \| Get or set file attributes (See above)
2018-12-25T12:56:19.336033613Z	79	PC: 132d1 \| Find next file (See above)
2018-12-25T12:56:19.338546266Z	59	PC: 1331d \| Change current directory
2018-12-25T12:56:19.344454793Z	59	PC: 13156 \| Change current directory
2018-12-25T12:56:19.350431709Z	42	PC: 1340c \| Get date 0x1340c: cmp dl, 0xd 0x1340f: je 0x13413 0x13411: clc 0x13412: ret 0x13413: stc 0x13414: ret 0x13415: push cs 0x13416: pop ds 0x13417: lea dx, word ptr [di + 0x7a4] 0x1341b: mov cx, 2 0x1341e: mov ah, 0x40 0x13420: int 0x21 0x13422: push es 0x13423: pop ds 0x13424: ret 0x13425: push si 0x13426: push di 0x13427: mov ax, di 0x13429: lea si, word ptr [di + 0x61f] 0x1342d: xchg si, di
2018-12-25T12:56:19.352493927Z	64	PC: 1316b \| Write file or device (Write 85 bytes on handle 1)
2018-12-25T12:56:25.242519429Z	26	PC: 1317a \| Set disk transfer address
2018-12-25T12:56:25.243719506Z	74	PC: 13196 \| Reallocate memory
2018-12-25T12:56:25.248093674Z	74	PC: 13196 \| Reallocate memory (See above)