Sample viewer

vx.netlux.org/Virus.DOS.Mahon.1364.a

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T21:52:26.043776822Z	71	PC: 12d87 \| Get current directory
2018-12-17T21:52:26.04959726Z	53	PC: 12d8d \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:52:26.051379518Z	37	PC: 12d9e \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:52:26.05309446Z	25	PC: 12b82 \| Get default drive
2018-12-17T21:52:26.056467501Z	14	PC: 12b90 \| Set default drive (Drive = 'C')
2018-12-17T21:52:26.058294508Z	59	PC: 12b98 \| Change current directory
2018-12-17T21:52:26.068526056Z	26	PC: 12ba0 \| Set disk transfer address
2018-12-17T21:52:26.07097284Z	78	PC: 12bab \| Find first file
2018-12-17T21:52:26.076344084Z	78	PC: 12c33 \| Find first file
2018-12-17T21:52:26.081893873Z	61	PC: 12c4a \| Open file (Filename = '�!r%P�+£`��X�N�O��I�!��')
2018-12-17T21:52:26.089784412Z	87	PC: 12da7 \| Get or set file date and time
2018-12-17T21:52:26.091672537Z	87	PC: 12e14 \| Get or set file date and time
2018-12-17T21:52:26.093257118Z	62	PC: 12cc9 \| Close file
2018-12-17T21:52:26.419739088Z	79	PC: 12c3c \| Find next file
2018-12-17T21:52:26.423939536Z	59	PC: 12cd4 \| Change current directory
2018-12-17T21:52:26.428270417Z	25	PC: 12cdd \| Get default drive
2018-12-17T21:52:26.430193517Z	14	PC: 12ce7 \| Set default drive (Drive = 'A')
2018-12-17T21:52:26.431791918Z	78	PC: 12bab \| Find first file
2018-12-17T21:52:26.439357505Z	61	PC: 12bc2 \| Open file (Filename = '�!r%P�+£`��X�N�O��I�!��')
2018-12-17T21:52:26.448744832Z	87	PC: 12da7 \| Get or set file date and time
2018-12-17T21:52:26.450660549Z	63	PC: 12bd1 \| Read file or device (Read 28 bytes on handle 5)
2018-12-17T21:52:26.453209346Z	66	PC: 12bf2 \| Move file pointer
2018-12-17T21:52:26.454708495Z	64	PC: 12c0c \| Write file or device (Write 1364 bytes on handle 5)
2018-12-17T21:52:26.47022357Z	66	PC: 12c14 \| Move file pointer
2018-12-17T21:52:26.473550066Z	64	PC: 12c1f \| Write file or device (Write 28 bytes on handle 5)
2018-12-17T21:52:26.478851603Z	87	PC: 12e14 \| Get or set file date and time
2018-12-17T21:52:26.481639157Z	62	PC: 12c26 \| Close file
2018-12-17T21:52:26.489907729Z	79	PC: 12bb4 \| Find next file
2018-12-17T21:52:26.492801112Z	78	PC: 12c33 \| Find first file
2018-12-17T21:52:26.499463366Z	61	PC: 12c4a \| Open file (Filename = '�!r%P�+£`��X�N�O��I�!��')
2018-12-17T21:52:26.50621539Z	87	PC: 12da7 \| Get or set file date and time
2018-12-17T21:52:26.50762612Z	66	PC: 12c66 \| Move file pointer
2018-12-17T21:52:26.509852393Z	66	PC: 12c75 \| Move file pointer
2018-12-17T21:52:26.511309884Z	63	PC: 12c80 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T21:52:26.515544446Z	66	PC: 12c9f \| Move file pointer
2018-12-17T21:52:26.516908174Z	64	PC: 12caa \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T21:52:26.518762197Z	66	PC: 12cb2 \| Move file pointer
2018-12-17T21:52:26.519779573Z	64	PC: 12cc2 \| Write file or device (Write 1364 bytes on handle 5)
2018-12-17T21:52:26.526565531Z	87	PC: 12e14 \| Get or set file date and time
2018-12-17T21:52:26.528390624Z	62	PC: 12cc9 \| Close file
2018-12-17T21:52:26.537039915Z	79	PC: 12c3c \| Find next file
2018-12-17T21:52:26.540582637Z	61	PC: 12c4a \| Open file (Filename = '�!r%P�+£`��X�N�O��I�!��')
2018-12-17T21:52:26.549480149Z	87	PC: 12da7 \| Get or set file date and time
2018-12-17T21:52:26.550864521Z	66	PC: 12c66 \| Move file pointer
2018-12-17T21:52:26.562108343Z	66	PC: 12c75 \| Move file pointer
2018-12-17T21:52:26.563435678Z	63	PC: 12c80 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T21:52:26.569490512Z	66	PC: 12c9f \| Move file pointer
2018-12-17T21:52:26.570891262Z	64	PC: 12caa \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T21:52:26.57361475Z	66	PC: 12cb2 \| Move file pointer
2018-12-17T21:52:26.57476003Z	64	PC: 12cc2 \| Write file or device (Write 1364 bytes on handle 5)
2018-12-17T21:52:26.583694697Z	87	PC: 12e14 \| Get or set file date and time
2018-12-17T21:52:26.586314713Z	62	PC: 12cc9 \| Close file
2018-12-17T21:52:26.599867561Z	79	PC: 12c3c \| Find next file
2018-12-17T21:52:26.602449081Z	61	PC: 12c4a \| Open file (Filename = '�!r%P�+£`��X�N�O��I�!��')
2018-12-17T21:52:26.609040248Z	87	PC: 12da7 \| Get or set file date and time
2018-12-17T21:52:26.610348078Z	66	PC: 12c66 \| Move file pointer
2018-12-17T21:52:26.611553648Z	66	PC: 12c75 \| Move file pointer
2018-12-17T21:52:26.613052772Z	63	PC: 12c80 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T21:52:26.619027055Z	66	PC: 12c9f \| Move file pointer
2018-12-17T21:52:26.620338645Z	64	PC: 12caa \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T21:52:26.6238377Z	66	PC: 12cb2 \| Move file pointer
2018-12-17T21:52:26.6250314Z	64	PC: 12cc2 \| Write file or device (Write 1364 bytes on handle 5)
2018-12-17T21:52:26.633296574Z	87	PC: 12e14 \| Get or set file date and time
2018-12-17T21:52:26.635278286Z	62	PC: 12cc9 \| Close file
2018-12-17T21:52:26.644738969Z	79	PC: 12c3c \| Find next file
2018-12-17T21:52:26.64742972Z	61	PC: 12c4a \| Open file (Filename = '�!r%P�+£`��X�N�O��I�!��')
2018-12-17T21:52:26.654061061Z	87	PC: 12da7 \| Get or set file date and time
2018-12-17T21:52:26.655431378Z	66	PC: 12c66 \| Move file pointer
2018-12-17T21:52:26.656674389Z	66	PC: 12c75 \| Move file pointer
2018-12-17T21:52:26.65882885Z	63	PC: 12c80 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T21:52:26.665006733Z	66	PC: 12c9f \| Move file pointer
2018-12-17T21:52:26.666877736Z	64	PC: 12caa \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T21:52:26.670479828Z	66	PC: 12cb2 \| Move file pointer
2018-12-17T21:52:26.672051711Z	64	PC: 12cc2 \| Write file or device (Write 1364 bytes on handle 5)
2018-12-17T21:52:26.680591842Z	87	PC: 12e14 \| Get or set file date and time
2018-12-17T21:52:26.682878959Z	62	PC: 12cc9 \| Close file
2018-12-17T21:52:26.691112902Z	79	PC: 12c3c \| Find next file
2018-12-17T21:52:26.694384542Z	61	PC: 12c4a \| Open file (Filename = '�!r%P�+£`��X�N�O��I�!��')
2018-12-17T21:52:26.701236371Z	87	PC: 12da7 \| Get or set file date and time
2018-12-17T21:52:26.702481146Z	66	PC: 12c66 \| Move file pointer
2018-12-17T21:52:26.703746016Z	66	PC: 12c75 \| Move file pointer
2018-12-17T21:52:26.705652093Z	63	PC: 12c80 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T21:52:26.711857315Z	66	PC: 12c9f \| Move file pointer
2018-12-17T21:52:26.71306182Z	64	PC: 12caa \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T21:52:26.716066778Z	66	PC: 12cb2 \| Move file pointer
2018-12-17T21:52:26.717444601Z	64	PC: 12cc2 \| Write file or device (Write 1364 bytes on handle 5)
2018-12-17T21:52:26.72603357Z	87	PC: 12e14 \| Get or set file date and time
2018-12-17T21:52:26.72782574Z	62	PC: 12cc9 \| Close file
2018-12-17T21:52:26.735483763Z	79	PC: 12c3c \| Find next file
2018-12-17T21:52:26.738064765Z	61	PC: 12c4a \| Open file (Filename = '�!r%P�+£`��X�N�O��I�!��')
2018-12-17T21:52:26.744986789Z	87	PC: 12da7 \| Get or set file date and time
2018-12-17T21:52:26.746310631Z	66	PC: 12c66 \| Move file pointer
2018-12-17T21:52:26.747579258Z	66	PC: 12c75 \| Move file pointer
2018-12-17T21:52:26.749875363Z	63	PC: 12c80 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T21:52:26.756830428Z	66	PC: 12c9f \| Move file pointer
2018-12-17T21:52:26.758196315Z	64	PC: 12caa \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T21:52:26.762397849Z	66	PC: 12cb2 \| Move file pointer
2018-12-17T21:52:26.763817825Z	64	PC: 12cc2 \| Write file or device (Write 1364 bytes on handle 5)
2018-12-17T21:52:26.772782149Z	87	PC: 12e14 \| Get or set file date and time
2018-12-17T21:52:26.775108394Z	62	PC: 12cc9 \| Close file
2018-12-17T21:52:26.783122569Z	79	PC: 12c3c \| Find next file
2018-12-17T21:52:26.785803189Z	61	PC: 12c4a \| Open file (Filename = '�!r%P�+£`��X�N�O��I�!��')
2018-12-17T21:52:26.793117731Z	87	PC: 12da7 \| Get or set file date and time
2018-12-17T21:52:26.794504313Z	66	PC: 12c66 \| Move file pointer
2018-12-17T21:52:26.796327465Z	66	PC: 12c75 \| Move file pointer
2018-12-17T21:52:26.798738775Z	63	PC: 12c80 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T21:52:26.806907782Z	66	PC: 12c9f \| Move file pointer
2018-12-17T21:52:26.808638594Z	64	PC: 12caa \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T21:52:26.812381031Z	66	PC: 12cb2 \| Move file pointer
2018-12-17T21:52:26.813972591Z	64	PC: 12cc2 \| Write file or device (Write 1364 bytes on handle 5)
2018-12-17T21:52:26.822576212Z	87	PC: 12e14 \| Get or set file date and time
2018-12-17T21:52:26.825415231Z	62	PC: 12cc9 \| Close file
2018-12-17T21:52:26.833499599Z	79	PC: 12c3c \| Find next file
2018-12-17T21:52:26.837715381Z	59	PC: 12cd4 \| Change current directory
2018-12-17T21:52:26.842793595Z	25	PC: 12cdd \| Get default drive
2018-12-17T21:52:26.844257612Z	42	PC: 12cee \| Get date 0x12cee: cmp dh, 0xc 0x12cf1: jne 0x12d29 0x12cf3: cmp dl, 0x19 0x12cf6: jne 0x12d29 0x12cf8: mov ah, 9 0x12cfa: lea dx, word ptr [bp + 0x4c7] 0x12cfe: int 0x21 0x12d00: mov ah, 1 0x12d02: mov dx, 0 0x12d05: int 0x17 0x12d07: lea si, word ptr [bp + 0x543] 0x12d0b: mov cx, 0x115 0x12d0e: mov ah, 0 0x12d10: lodsb al, byte ptr [si] 0x12d11: int 0x17 0x12d13: loop 0x12d0e 0x12d15: mov ah, 3 0x12d17: mov al, 1 0x12d19: mov ch, 1 0x12d1b: mov cl, 1
2018-12-17T21:52:26.84669701Z	14	PC: 12d31 \| Set default drive (Drive = 'A')
2018-12-17T21:52:26.849200493Z	59	PC: 12d39 \| Change current directory
2018-12-17T21:52:26.851028934Z	37	PC: 12e1e \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:52:26.852241992Z	26	PC: 12d79 \| Set disk transfer address

{"DateBased":true,"Day":25,"Month":12,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":243,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:40:23.683877536Z	71	PC: 12d87 \| Get current directory
2018-12-25T11:40:23.68803595Z	53	PC: 12d8d \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:23.689477507Z	37	PC: 12d9e \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:23.690833445Z	25	PC: 12b82 \| Get default drive
2018-12-25T11:40:23.692540582Z	14	PC: 12b90 \| Set default drive (Drive = 'C')
2018-12-25T11:40:23.693857149Z	59	PC: 12b98 \| Change current directory
2018-12-25T11:40:23.705937079Z	26	PC: 12ba0 \| Set disk transfer address
2018-12-25T11:40:23.707077754Z	78	PC: 12bab \| Find first file
2018-12-25T11:40:23.713291015Z	78	PC: 12c33 \| Find first file
2018-12-25T11:40:23.719313331Z	61	PC: 12c4a \| Open file (Filename = '�!r%P�+£`��X�N�O��I�!��')
2018-12-25T11:40:23.725945097Z	87	PC: 12da7 \| Get or set file date and time
2018-12-25T11:40:23.728522054Z	87	PC: 12e14 \| Get or set file date and time
2018-12-25T11:40:23.729735504Z	62	PC: 12cc9 \| Close file
2018-12-25T11:40:24.386319271Z	79	PC: 12c3c \| Find next file
2018-12-25T11:40:24.390929761Z	59	PC: 12cd4 \| Change current directory
2018-12-25T11:40:24.394966731Z	25	PC: 12cdd \| Get default drive
2018-12-25T11:40:24.396081732Z	14	PC: 12ce7 \| Set default drive (Drive = 'A')
2018-12-25T11:40:24.397964627Z	78	PC: 12bab \| Find first file (See above)
2018-12-25T11:40:24.40479307Z	61	PC: 12bc2 \| Open file (Filename = '�!r%P�+£`��X�N�O��I�!��')
2018-12-25T11:40:24.412082185Z	87	PC: 12da7 \| Get or set file date and time (See above)
2018-12-25T11:40:24.414505444Z	63	PC: 12bd1 \| Read file or device (Read 28 bytes on handle 5)
2018-12-25T11:40:24.417501319Z	66	PC: 12bf2 \| Move file pointer
2018-12-25T11:40:24.419933615Z	64	PC: 12c0c \| Write file or device (Write 1364 bytes on handle 5)
2018-12-25T11:40:24.435844943Z	66	PC: 12c14 \| Move file pointer
2018-12-25T11:40:24.43767793Z	64	PC: 12c1f \| Write file or device (Write 28 bytes on handle 5)
2018-12-25T11:40:24.440836102Z	87	PC: 12e14 \| Get or set file date and time (See above)
2018-12-25T11:40:24.442580963Z	62	PC: 12c26 \| Close file
2018-12-25T11:40:24.45144389Z	79	PC: 12bb4 \| Find next file
2018-12-25T11:40:24.453884596Z	78	PC: 12c33 \| Find first file (See above)
2018-12-25T11:40:24.460250341Z	61	PC: 12c4a \| Open file (See above)
2018-12-25T11:40:24.467881Z	87	PC: 12da7 \| Get or set file date and time (See above)
2018-12-25T11:40:24.469604573Z	66	PC: 12c66 \| Move file pointer
2018-12-25T11:40:24.471267283Z	66	PC: 12c75 \| Move file pointer
2018-12-25T11:40:24.473368187Z	63	PC: 12c80 \| Read file or device (Read 4 bytes on handle 5)
2018-12-25T11:40:24.480497844Z	66	PC: 12c9f \| Move file pointer
2018-12-25T11:40:24.481956872Z	64	PC: 12caa \| Write file or device (Write 4 bytes on handle 5)
2018-12-25T11:40:24.485689373Z	66	PC: 12cb2 \| Move file pointer
2018-12-25T11:40:24.487228132Z	64	PC: 12cc2 \| Write file or device (Write 1364 bytes on handle 5)
2018-12-25T11:40:24.496922966Z	87	PC: 12e14 \| Get or set file date and time (See above)
2018-12-25T11:40:24.498649636Z	62	PC: 12cc9 \| Close file (See above)
2018-12-25T11:40:24.507720273Z	79	PC: 12c3c \| Find next file (See above)
2018-12-25T11:40:24.510601259Z	61	PC: 12c4a \| Open file (See above)
2018-12-25T11:40:24.517854569Z	87	PC: 12da7 \| Get or set file date and time (See above)
2018-12-25T11:40:24.519181725Z	66	PC: 12c66 \| Move file pointer (See above)
2018-12-25T11:40:24.520446657Z	66	PC: 12c75 \| Move file pointer (See above)
2018-12-25T11:40:24.521770862Z	63	PC: 12c80 \| Read file or device (See above)
2018-12-25T11:40:24.52889791Z	66	PC: 12c9f \| Move file pointer (See above)
2018-12-25T11:40:24.530246529Z	64	PC: 12caa \| Write file or device (See above)
2018-12-25T11:40:24.533448478Z	66	PC: 12cb2 \| Move file pointer (See above)
2018-12-25T11:40:24.53529167Z	64	PC: 12cc2 \| Write file or device (See above)
2018-12-25T11:40:24.544389615Z	87	PC: 12e14 \| Get or set file date and time (See above)
2018-12-25T11:40:24.545843347Z	62	PC: 12cc9 \| Close file (See above)
2018-12-25T11:40:24.554390278Z	79	PC: 12c3c \| Find next file (See above)
2018-12-25T11:40:24.556728527Z	61	PC: 12c4a \| Open file (See above)
2018-12-25T11:40:24.563755755Z	87	PC: 12da7 \| Get or set file date and time (See above)
2018-12-25T11:40:24.565571817Z	66	PC: 12c66 \| Move file pointer (See above)
2018-12-25T11:40:24.567176832Z	66	PC: 12c75 \| Move file pointer (See above)
2018-12-25T11:40:24.568610499Z	63	PC: 12c80 \| Read file or device (See above)
2018-12-25T11:40:24.576020741Z	66	PC: 12c9f \| Move file pointer (See above)
2018-12-25T11:40:24.577401923Z	64	PC: 12caa \| Write file or device (See above)
2018-12-25T11:40:24.580245191Z	66	PC: 12cb2 \| Move file pointer (See above)
2018-12-25T11:40:24.582133077Z	64	PC: 12cc2 \| Write file or device (See above)
2018-12-25T11:40:24.591479553Z	87	PC: 12e14 \| Get or set file date and time (See above)
2018-12-25T11:40:24.593201945Z	62	PC: 12cc9 \| Close file (See above)
2018-12-25T11:40:24.60232653Z	79	PC: 12c3c \| Find next file (See above)
2018-12-25T11:40:24.605200557Z	61	PC: 12c4a \| Open file (See above)
2018-12-25T11:40:24.612746369Z	87	PC: 12da7 \| Get or set file date and time (See above)
2018-12-25T11:40:24.614364251Z	66	PC: 12c66 \| Move file pointer (See above)
2018-12-25T11:40:24.616145682Z	66	PC: 12c75 \| Move file pointer (See above)
2018-12-25T11:40:24.617856268Z	63	PC: 12c80 \| Read file or device (See above)
2018-12-25T11:40:24.625402269Z	66	PC: 12c9f \| Move file pointer (See above)
2018-12-25T11:40:24.628732498Z	64	PC: 12caa \| Write file or device (See above)
2018-12-25T11:40:24.632723449Z	66	PC: 12cb2 \| Move file pointer (See above)
2018-12-25T11:40:24.63411716Z	64	PC: 12cc2 \| Write file or device (See above)
2018-12-25T11:40:24.644157055Z	87	PC: 12e14 \| Get or set file date and time (See above)
2018-12-25T11:40:24.646167262Z	62	PC: 12cc9 \| Close file (See above)
2018-12-25T11:40:24.655195099Z	79	PC: 12c3c \| Find next file (See above)
2018-12-25T11:40:24.659635423Z	61	PC: 12c4a \| Open file (See above)
2018-12-25T11:40:24.667319061Z	87	PC: 12da7 \| Get or set file date and time (See above)
2018-12-25T11:40:24.668802142Z	66	PC: 12c66 \| Move file pointer (See above)
2018-12-25T11:40:24.670791715Z	66	PC: 12c75 \| Move file pointer (See above)
2018-12-25T11:40:24.672293026Z	63	PC: 12c80 \| Read file or device (See above)
2018-12-25T11:40:24.679403975Z	66	PC: 12c9f \| Move file pointer (See above)
2018-12-25T11:40:24.681716067Z	64	PC: 12caa \| Write file or device (See above)
2018-12-25T11:40:24.685606182Z	66	PC: 12cb2 \| Move file pointer (See above)
2018-12-25T11:40:24.687408062Z	64	PC: 12cc2 \| Write file or device (See above)
2018-12-25T11:40:24.704194248Z	87	PC: 12e14 \| Get or set file date and time (See above)
2018-12-25T11:40:24.70621197Z	62	PC: 12cc9 \| Close file (See above)
2018-12-25T11:40:24.715492617Z	79	PC: 12c3c \| Find next file (See above)
2018-12-25T11:40:24.7190944Z	61	PC: 12c4a \| Open file (See above)
2018-12-25T11:40:24.728748781Z	87	PC: 12da7 \| Get or set file date and time (See above)
2018-12-25T11:40:24.731351215Z	66	PC: 12c66 \| Move file pointer (See above)
2018-12-25T11:40:24.73338762Z	66	PC: 12c75 \| Move file pointer (See above)
2018-12-25T11:40:24.73557332Z	63	PC: 12c80 \| Read file or device (See above)
2018-12-25T11:40:24.742762754Z	66	PC: 12c9f \| Move file pointer (See above)
2018-12-25T11:40:24.744826932Z	64	PC: 12caa \| Write file or device (See above)
2018-12-25T11:40:24.749332643Z	66	PC: 12cb2 \| Move file pointer (See above)
2018-12-25T11:40:24.751367732Z	64	PC: 12cc2 \| Write file or device (See above)
2018-12-25T11:40:24.761293395Z	87	PC: 12e14 \| Get or set file date and time (See above)
2018-12-25T11:40:24.764447122Z	62	PC: 12cc9 \| Close file (See above)
2018-12-25T11:40:24.77434139Z	79	PC: 12c3c \| Find next file (See above)
2018-12-25T11:40:24.777631421Z	61	PC: 12c4a \| Open file (See above)
2018-12-25T11:40:24.785763686Z	87	PC: 12da7 \| Get or set file date and time (See above)
2018-12-25T11:40:24.787426439Z	66	PC: 12c66 \| Move file pointer (See above)
2018-12-25T11:40:24.789047576Z	66	PC: 12c75 \| Move file pointer (See above)
2018-12-25T11:40:24.790792966Z	63	PC: 12c80 \| Read file or device (See above)
2018-12-25T11:40:24.798494066Z	66	PC: 12c9f \| Move file pointer (See above)
2018-12-25T11:40:24.800140988Z	64	PC: 12caa \| Write file or device (See above)
2018-12-25T11:40:24.803357797Z	66	PC: 12cb2 \| Move file pointer (See above)
2018-12-25T11:40:24.806125035Z	64	PC: 12cc2 \| Write file or device (See above)
2018-12-25T11:40:24.816478735Z	87	PC: 12e14 \| Get or set file date and time (See above)
2018-12-25T11:40:24.818258399Z	62	PC: 12cc9 \| Close file (See above)
2018-12-25T11:40:24.828092385Z	79	PC: 12c3c \| Find next file (See above)
2018-12-25T11:40:24.831095872Z	59	PC: 12cd4 \| Change current directory (See above)
2018-12-25T11:40:24.837321281Z	25	PC: 12cdd \| Get default drive (See above)
2018-12-25T11:40:24.839616935Z	42	PC: 12cee \| Get date 0x12cee: cmp dh, 0xc 0x12cf1: jne 0x12d29 0x12cf3: cmp dl, 0x19 0x12cf6: jne 0x12d29 0x12cf8: mov ah, 9 0x12cfa: lea dx, word ptr [bp + 0x4c7] 0x12cfe: int 0x21 0x12d00: mov ah, 1 0x12d02: mov dx, 0 0x12d05: int 0x17 0x12d07: lea si, word ptr [bp + 0x543] 0x12d0b: mov cx, 0x115 0x12d0e: mov ah, 0 0x12d10: lodsb al, byte ptr [si] 0x12d11: int 0x17 0x12d13: loop 0x12d0e 0x12d15: mov ah, 3 0x12d17: mov al, 1 0x12d19: mov ch, 1 0x12d1b: mov cl, 1
2018-12-25T11:40:24.842025415Z	9	PC: 12d00 \| Display string (Could not find end pointer)
2018-12-25T11:40:24.860079324Z	14	PC: 12d31 \| Set default drive (Drive = 'A')
2018-12-25T11:40:24.862581369Z	59	PC: 12d39 \| Change current directory
2018-12-25T11:40:24.865020959Z	37	PC: 12e1e \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:24.866338035Z	26	PC: 12d79 \| Set disk transfer address