Sample viewer

vx.netlux.org/Virus.DOS.Paraguay.834

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T21:50:39.922384289Z 250 PC: 13a39 | UNKNOWN!
2018-12-17T21:50:39.924204743Z 67 PC: 13a48 | Get or set file attributes
2018-12-17T21:50:39.929883488Z 65 PC: 13a50 | Delete file (Filename = 'ANTI-VIR.DAT')
2018-12-17T21:50:39.935535989Z 65 PC: 13a58 | Delete file (Filename = 'CHKLIST.MS')
2018-12-17T21:50:39.947248025Z 51 PC: 13a5d | Get or set Ctrl-Break
2018-12-17T21:50:39.948241464Z 51 PC: 13a68 | Get or set Ctrl-Break
2018-12-17T21:50:39.949144637Z 53 PC: 13a6d | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:50:39.950506025Z 37 PC: 13a7e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:50:39.951689417Z 71 PC: 13a8a | Get current directory
2018-12-17T21:50:39.95496342Z 42 PC: 13a8e | Get date 0x13a8e: cmp dh, 5
0x13a91: jne 0x13aab
0x13a93: cmp dl, 0xf
0x13a96: jne 0x13aab
0x13a98: mov cx, 0x20
0x13a9b: lea dx, word ptr [bp + 0x398]
0x13a9f: mov ah, 9
0x13aa1: int 0x21
0x13aa3: mov ah, 2
0x13aa5: mov dl, 7
0x13aa7: int 0x21
0x13aa9: loop 0x13a9b
0x13aab: mov ah, 0x1a
0x13aad: lea dx, word ptr [bp + 0x442]
0x13ab1: int 0x21
0x13ab3: jmp 0x13b09
0x13ab5: lea dx, word ptr [bp + 0x393]
0x13ab9: mov ah, 0x3b
0x13abb: int 0x21
0x13abd: jae 0x13ab3
2018-12-17T21:50:39.957143326Z 26 PC: 13ab3 | Set disk transfer address
2018-12-17T21:50:39.958803378Z 78 PC: 13b14 | Find first file
2018-12-17T21:50:39.964930205Z 67 PC: 13b46 | Get or set file attributes
2018-12-17T21:50:39.970856647Z 67 PC: 13b52 | Get or set file attributes
2018-12-17T21:50:39.988840567Z 61 PC: 13b5c | Open file (Filename = 'SLEEP.COM')
2018-12-17T21:50:40.000154794Z 63 PC: 13b86 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T21:50:40.006652869Z 87 PC: 13ba5 | Get or set file date and time
2018-12-17T21:50:40.021777627Z 66 PC: 13bb4 | Move file pointer
2018-12-17T21:50:40.023523842Z 44 PC: 13bc3 | Get time 0x13bc3: cmp dl, 0
0x13bc6: je 0x13bbf
0x13bc8: cmp dl, 0x10
0x13bcb: je 0x13bbf
0x13bcd: xor ax, ax
0x13bcf: mov ah, dl
0x13bd1: mul word ptr [0x396]
0x13bd5: mov byte ptr [bp + 0x36e], dl
0x13bd9: lea bx, word ptr [bp + 0x36f]
0x13bdd: mov byte ptr [bp + 0x4b6], 0
0x13be2: call 0x13c5b
0x13be5: mov bx, word ptr [bp + 0x4b7]
0x13be9: cli
0x13bea: mov ah, 0x40
0x13bec: mov cx, 0x342
0x13bef: lea dx, word ptr [bp + 0x100]
0x13bf3: int 0x21
0x13bf5: sti
0x13bf6: lea bx, word ptr [bp + 0x36f]
0x13bfa: mov byte ptr [bp + 0x4b6], 0
2018-12-17T21:50:40.026135565Z 64 PC: 13bf5 | Write file or device (Write 834 bytes on handle 5)
2018-12-17T21:50:40.036674771Z 66 PC: 13c17 | Move file pointer
2018-12-17T21:50:40.039041625Z 64 PC: 13c22 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T21:50:40.045562615Z 87 PC: 13c29 | Get or set file date and time
2018-12-17T21:50:40.048112321Z 62 PC: 13c2d | Close file
2018-12-17T21:50:40.057624301Z 67 PC: 13c41 | Get or set file attributes
2018-12-17T21:50:40.067444619Z 79 PC: 13c51 | Find next file
2018-12-17T21:50:40.07077061Z 67 PC: 13b46 | Get or set file attributes
2018-12-17T21:50:40.081568483Z 67 PC: 13b52 | Get or set file attributes
2018-12-17T21:50:40.094082385Z 61 PC: 13b5c | Open file (Filename = 'PRINT.COM')
2018-12-17T21:50:40.115109188Z 63 PC: 13b86 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T21:50:40.122308008Z 87 PC: 13ba5 | Get or set file date and time
2018-12-17T21:50:40.124074192Z 66 PC: 13bb4 | Move file pointer
2018-12-17T21:50:40.126525069Z 62 PC: 13c2d | Close file
2018-12-17T21:50:40.128393831Z 67 PC: 13c41 | Get or set file attributes
2018-12-17T21:50:40.139105209Z 79 PC: 13c51 | Find next file
2018-12-17T21:50:40.142581949Z 67 PC: 13b46 | Get or set file attributes
2018-12-17T21:50:40.148423481Z 67 PC: 13b52 | Get or set file attributes
2018-12-17T21:50:40.158214386Z 61 PC: 13b5c | Open file (Filename = 'HELLO.COM')
2018-12-17T21:50:40.165243128Z 63 PC: 13b86 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T21:50:40.172695156Z 87 PC: 13ba5 | Get or set file date and time
2018-12-17T21:50:40.174570666Z 66 PC: 13bb4 | Move file pointer
2018-12-17T21:50:40.176228746Z 62 PC: 13c2d | Close file
2018-12-17T21:50:40.179937637Z 67 PC: 13c41 | Get or set file attributes
2018-12-17T21:50:40.189872105Z 79 PC: 13c51 | Find next file
2018-12-17T21:50:40.192509049Z 67 PC: 13b46 | Get or set file attributes
2018-12-17T21:50:40.198821882Z 67 PC: 13b52 | Get or set file attributes
2018-12-17T21:50:40.20848739Z 61 PC: 13b5c | Open file (Filename = 'PHANG.COM')
2018-12-17T21:50:40.215013651Z 63 PC: 13b86 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T21:50:40.221641069Z 87 PC: 13ba5 | Get or set file date and time
2018-12-17T21:50:40.223309778Z 66 PC: 13bb4 | Move file pointer
2018-12-17T21:50:40.224697594Z 62 PC: 13c2d | Close file
2018-12-17T21:50:40.226689546Z 67 PC: 13c41 | Get or set file attributes
2018-12-17T21:50:40.234195185Z 79 PC: 13c51 | Find next file
2018-12-17T21:50:40.235951079Z 67 PC: 13b46 | Get or set file attributes
2018-12-17T21:50:40.244088017Z 67 PC: 13b52 | Get or set file attributes
2018-12-17T21:50:40.253478795Z 61 PC: 13b5c | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T21:50:40.259692804Z 63 PC: 13b86 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T21:50:40.266994107Z 87 PC: 13ba5 | Get or set file date and time
2018-12-17T21:50:40.268733496Z 66 PC: 13bb4 | Move file pointer
2018-12-17T21:50:40.270195111Z 62 PC: 13c2d | Close file
2018-12-17T21:50:40.273310169Z 67 PC: 13c41 | Get or set file attributes
2018-12-17T21:50:40.283185296Z 79 PC: 13c51 | Find next file
2018-12-17T21:50:40.28602199Z 67 PC: 13b46 | Get or set file attributes
2018-12-17T21:50:40.292626934Z 67 PC: 13b52 | Get or set file attributes
2018-12-17T21:50:40.305400655Z 61 PC: 13b5c | Open file (Filename = 'MANDEL.COM')
2018-12-17T21:50:40.312503142Z 63 PC: 13b86 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T21:50:40.319983557Z 87 PC: 13ba5 | Get or set file date and time
2018-12-17T21:50:40.322527754Z 66 PC: 13bb4 | Move file pointer
2018-12-17T21:50:40.324177957Z 44 PC: 13bc3 | Get time 0x13bc3: cmp dl, 0
0x13bc6: je 0x13bbf
0x13bc8: cmp dl, 0x10
0x13bcb: je 0x13bbf
0x13bcd: xor ax, ax
0x13bcf: mov ah, dl
0x13bd1: mul word ptr [0x396]
0x13bd5: mov byte ptr [bp + 0x36e], dl
0x13bd9: lea bx, word ptr [bp + 0x36f]
0x13bdd: mov byte ptr [bp + 0x4b6], 0
0x13be2: call 0x13c5b
0x13be5: mov bx, word ptr [bp + 0x4b7]
0x13be9: cli
0x13bea: mov ah, 0x40
0x13bec: mov cx, 0x342
0x13bef: lea dx, word ptr [bp + 0x100]
0x13bf3: int 0x21
0x13bf5: sti
0x13bf6: lea bx, word ptr [bp + 0x36f]
0x13bfa: mov byte ptr [bp + 0x4b6], 0
2018-12-17T21:50:40.326980017Z 64 PC: 13bf5 | Write file or device (Write 834 bytes on handle 5)
2018-12-17T21:50:40.336108818Z 66 PC: 13c17 | Move file pointer
2018-12-17T21:50:40.337545216Z 64 PC: 13c22 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T21:50:40.344500645Z 87 PC: 13c29 | Get or set file date and time
2018-12-17T21:50:40.345990259Z 62 PC: 13c2d | Close file
2018-12-17T21:50:40.35363318Z 67 PC: 13c41 | Get or set file attributes
2018-12-17T21:50:40.363813624Z 79 PC: 13c51 | Find next file
2018-12-17T21:50:40.366876554Z 67 PC: 13b46 | Get or set file attributes
2018-12-17T21:50:40.372331369Z 67 PC: 13b52 | Get or set file attributes
2018-12-17T21:50:40.382290075Z 61 PC: 13b5c | Open file (Filename = 'PAH.COM')
2018-12-17T21:50:40.3897017Z 63 PC: 13b86 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T21:50:40.395753002Z 87 PC: 13ba5 | Get or set file date and time
2018-12-17T21:50:40.39695925Z 66 PC: 13bb4 | Move file pointer
2018-12-17T21:50:40.399275548Z 62 PC: 13c2d | Close file
2018-12-17T21:50:40.401001182Z 67 PC: 13c41 | Get or set file attributes
2018-12-17T21:50:40.411067654Z 250 PC: 13ace | UNKNOWN!
2018-12-17T21:50:40.412986844Z 59 PC: 13ad6 | Change current directory
2018-12-17T21:50:40.415024883Z 51 PC: 13adf | Get or set Ctrl-Break
2018-12-17T21:50:40.416176219Z 37 PC: 13ae8 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:50:40.418169638Z 26 PC: 13af1 | Set disk transfer address
2018-12-17T21:50:40.420028817Z 53 PC: 12a55 | Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T21:50:40.420926908Z 53 PC: 12a62 | Get interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T21:50:40.422456108Z 37 PC: 12a75 | Set interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T21:50:40.423455143Z 37 PC: 12a7d | Set interrupt vector (Interrupt = '8' AKA 'Console input without echo')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":31,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:39:45.854387104Z 250 PC: 13a39 | UNKNOWN!
2018-12-25T11:39:45.855025239Z 67 PC: 13a48 | Get or set file attributes
2018-12-25T11:39:45.861726357Z 65 PC: 13a50 | Delete file (Filename = 'ANTI-VIR.DAT')
2018-12-25T11:39:45.867965679Z 65 PC: 13a58 | Delete file (Filename = 'CHKLIST.MS')
2018-12-25T11:39:45.874228196Z 51 PC: 13a5d | Get or set Ctrl-Break
2018-12-25T11:39:45.875663752Z 51 PC: 13a68 | Get or set Ctrl-Break
2018-12-25T11:39:45.876825595Z 53 PC: 13a6d | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:39:45.878329917Z 37 PC: 13a7e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:39:45.880171564Z 71 PC: 13a8a | Get current directory
2018-12-25T11:39:45.899024391Z 42 PC: 13a8e | Get date 0x13a8e: cmp dh, 5
0x13a91: jne 0x13aab
0x13a93: cmp dl, 0xf
0x13a96: jne 0x13aab
0x13a98: mov cx, 0x20
0x13a9b: lea dx, word ptr [bp + 0x398]
0x13a9f: mov ah, 9
0x13aa1: int 0x21
0x13aa3: mov ah, 2
0x13aa5: mov dl, 7
0x13aa7: int 0x21
0x13aa9: loop 0x13a9b
0x13aab: mov ah, 0x1a
0x13aad: lea dx, word ptr [bp + 0x442]
0x13ab1: int 0x21
0x13ab3: jmp 0x13b09
0x13ab5: lea dx, word ptr [bp + 0x393]
0x13ab9: mov ah, 0x3b
0x13abb: int 0x21
0x13abd: jae 0x13ab3
2018-12-25T11:39:45.901331134Z 26 PC: 13ab3 | Set disk transfer address
2018-12-25T11:39:45.903367473Z 78 PC: 13b14 | Find first file
2018-12-25T11:39:45.910701948Z 67 PC: 13b46 | Get or set file attributes
2018-12-25T11:39:45.916970647Z 67 PC: 13b52 | Get or set file attributes
2018-12-25T11:39:46.194599995Z 61 PC: 13b5c | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:39:46.202314343Z 63 PC: 13b86 | Read file or device (Read 4 bytes on handle 5)
2018-12-25T11:39:46.209568111Z 87 PC: 13ba5 | Get or set file date and time
2018-12-25T11:39:46.211240736Z 66 PC: 13bb4 | Move file pointer
2018-12-25T11:39:46.213597038Z 44 PC: 13bc3 | Get time 0x13bc3: cmp dl, 0
0x13bc6: je 0x13bbf
0x13bc8: cmp dl, 0x10
0x13bcb: je 0x13bbf
0x13bcd: xor ax, ax
0x13bcf: mov ah, dl
0x13bd1: mul word ptr [0x396]
0x13bd5: mov byte ptr [bp + 0x36e], dl
0x13bd9: lea bx, word ptr [bp + 0x36f]
0x13bdd: mov byte ptr [bp + 0x4b6], 0
0x13be2: call 0x13c5b
0x13be5: mov bx, word ptr [bp + 0x4b7]
0x13be9: cli
0x13bea: mov ah, 0x40
0x13bec: mov cx, 0x342
0x13bef: lea dx, word ptr [bp + 0x100]
0x13bf3: int 0x21
0x13bf5: sti
0x13bf6: lea bx, word ptr [bp + 0x36f]
0x13bfa: mov byte ptr [bp + 0x4b6], 0
2018-12-25T11:39:46.217391641Z 64 PC: 13bf5 | Write file or device (Write 834 bytes on handle 5)
2018-12-25T11:39:46.275148887Z 66 PC: 13c17 | Move file pointer
2018-12-25T11:39:46.282466618Z 64 PC: 13c22 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T11:39:46.29087628Z 87 PC: 13c29 | Get or set file date and time
2018-12-25T11:39:46.293060118Z 62 PC: 13c2d | Close file
2018-12-25T11:39:46.325954332Z 67 PC: 13c41 | Get or set file attributes
2018-12-25T11:39:46.369109225Z 79 PC: 13c51 | Find next file
2018-12-25T11:39:46.370954777Z 67 PC: 13b46 | Get or set file attributes (See above)
2018-12-25T11:39:46.375076398Z 67 PC: 13b52 | Get or set file attributes (See above)
2018-12-25T11:39:46.395280475Z 61 PC: 13b5c | Open file (See above)
2018-12-25T11:39:46.402786184Z 63 PC: 13b86 | Read file or device (See above)
2018-12-25T11:39:46.410459886Z 87 PC: 13ba5 | Get or set file date and time (See above)
2018-12-25T11:39:46.41185606Z 66 PC: 13bb4 | Move file pointer (See above)
2018-12-25T11:39:46.41308505Z 62 PC: 13c2d | Close file (See above)
2018-12-25T11:39:46.415637066Z 67 PC: 13c41 | Get or set file attributes (See above)
2018-12-25T11:39:46.452783565Z 79 PC: 13c51 | Find next file (See above)
2018-12-25T11:39:46.45491455Z 67 PC: 13b46 | Get or set file attributes (See above)
2018-12-25T11:39:46.459311075Z 67 PC: 13b52 | Get or set file attributes (See above)
2018-12-25T11:39:46.48957171Z 61 PC: 13b5c | Open file (See above)
2018-12-25T11:39:46.495007881Z 63 PC: 13b86 | Read file or device (See above)
2018-12-25T11:39:46.501497439Z 87 PC: 13ba5 | Get or set file date and time (See above)
2018-12-25T11:39:46.506098652Z 66 PC: 13bb4 | Move file pointer (See above)
2018-12-25T11:39:46.507541461Z 62 PC: 13c2d | Close file (See above)
2018-12-25T11:39:46.509550262Z 67 PC: 13c41 | Get or set file attributes (See above)
2018-12-25T11:39:46.539339208Z 79 PC: 13c51 | Find next file (See above)
2018-12-25T11:39:46.541269401Z 67 PC: 13b46 | Get or set file attributes (See above)
2018-12-25T11:39:46.548443271Z 67 PC: 13b52 | Get or set file attributes (See above)
2018-12-25T11:39:46.588962043Z 61 PC: 13b5c | Open file (See above)
2018-12-25T11:39:46.597376371Z 63 PC: 13b86 | Read file or device (See above)
2018-12-25T11:39:46.604998607Z 87 PC: 13ba5 | Get or set file date and time (See above)
2018-12-25T11:39:46.607061826Z 66 PC: 13bb4 | Move file pointer (See above)
2018-12-25T11:39:46.610113646Z 62 PC: 13c2d | Close file (See above)
2018-12-25T11:39:46.612477259Z 67 PC: 13c41 | Get or set file attributes (See above)
2018-12-25T11:39:46.646318685Z 79 PC: 13c51 | Find next file (See above)
2018-12-25T11:39:46.651371875Z 67 PC: 13b46 | Get or set file attributes (See above)
2018-12-25T11:39:46.658352521Z 67 PC: 13b52 | Get or set file attributes (See above)
2018-12-25T11:39:46.722005157Z 61 PC: 13b5c | Open file (See above)
2018-12-25T11:39:46.730583896Z 63 PC: 13b86 | Read file or device (See above)
2018-12-25T11:39:46.738110975Z 87 PC: 13ba5 | Get or set file date and time (See above)
2018-12-25T11:39:46.740361649Z 66 PC: 13bb4 | Move file pointer (See above)
2018-12-25T11:39:46.74285777Z 62 PC: 13c2d | Close file (See above)
2018-12-25T11:39:46.74517654Z 67 PC: 13c41 | Get or set file attributes (See above)
2018-12-25T11:39:46.802764628Z 79 PC: 13c51 | Find next file (See above)
2018-12-25T11:39:46.80663805Z 67 PC: 13b46 | Get or set file attributes (See above)
2018-12-25T11:39:46.814338977Z 67 PC: 13b52 | Get or set file attributes (See above)
2018-12-25T11:39:46.868139448Z 61 PC: 13b5c | Open file (See above)
2018-12-25T11:39:46.874210424Z 63 PC: 13b86 | Read file or device (See above)
2018-12-25T11:39:46.882536244Z 87 PC: 13ba5 | Get or set file date and time (See above)
2018-12-25T11:39:46.884441354Z 66 PC: 13bb4 | Move file pointer (See above)
2018-12-25T11:39:46.886426957Z 44 PC: 13bc3 | Get time (See above)
2018-12-25T11:39:46.89045906Z 64 PC: 13bf5 | Write file or device (See above)
2018-12-25T11:39:46.957410451Z 66 PC: 13c17 | Move file pointer (See above)
2018-12-25T11:39:46.958886539Z 64 PC: 13c22 | Write file or device (See above)
2018-12-25T11:39:46.966915954Z 87 PC: 13c29 | Get or set file date and time (See above)
2018-12-25T11:39:46.96898895Z 62 PC: 13c2d | Close file (See above)
2018-12-25T11:39:47.044813729Z 67 PC: 13c41 | Get or set file attributes (See above)
2018-12-25T11:39:47.140965506Z 79 PC: 13c51 | Find next file (See above)
2018-12-25T11:39:47.144362771Z 67 PC: 13b46 | Get or set file attributes (See above)
2018-12-25T11:39:47.151096845Z 67 PC: 13b52 | Get or set file attributes (See above)
2018-12-25T11:39:47.230370507Z 61 PC: 13b5c | Open file (See above)
2018-12-25T11:39:47.245665181Z 63 PC: 13b86 | Read file or device (See above)
2018-12-25T11:39:47.253395129Z 87 PC: 13ba5 | Get or set file date and time (See above)
2018-12-25T11:39:47.254834697Z 66 PC: 13bb4 | Move file pointer (See above)
2018-12-25T11:39:47.257264428Z 62 PC: 13c2d | Close file (See above)
2018-12-25T11:39:47.259191293Z 67 PC: 13c41 | Get or set file attributes (See above)
2018-12-25T11:39:47.359863624Z 250 PC: 13ace | UNKNOWN!
2018-12-25T11:39:47.368300825Z 59 PC: 13ad6 | Change current directory
2018-12-25T11:39:47.37071513Z 51 PC: 13adf | Get or set Ctrl-Break
2018-12-25T11:39:47.37199597Z 37 PC: 13ae8 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:39:47.37412115Z 26 PC: 13af1 | Set disk transfer address
2018-12-25T11:39:47.377934797Z 53 PC: 12a55 | Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-25T11:39:47.379271225Z 53 PC: 12a62 | Get interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-25T11:39:47.381407591Z 37 PC: 12a75 | Set interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-25T11:39:47.382801342Z 37 PC: 12a7d | Set interrupt vector (Interrupt = '8' AKA 'Console input without echo')

{"DateBased":true,"Day":1,"Month":5,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":31,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:39:46.051208136Z 250 PC: 13a39 | UNKNOWN!
2018-12-25T11:39:46.052131817Z 67 PC: 13a48 | Get or set file attributes
2018-12-25T11:39:46.058572488Z 65 PC: 13a50 | Delete file (Filename = 'ANTI-VIR.DAT')
2018-12-25T11:39:46.064642034Z 65 PC: 13a58 | Delete file (Filename = 'CHKLIST.MS')
2018-12-25T11:39:46.070873656Z 51 PC: 13a5d | Get or set Ctrl-Break
2018-12-25T11:39:46.071922187Z 51 PC: 13a68 | Get or set Ctrl-Break
2018-12-25T11:39:46.072569922Z 53 PC: 13a6d | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:39:46.073555437Z 37 PC: 13a7e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:39:46.074940322Z 71 PC: 13a8a | Get current directory
2018-12-25T11:39:46.07695841Z 42 PC: 13a8e | Get date 0x13a8e: cmp dh, 5
0x13a91: jne 0x13aab
0x13a93: cmp dl, 0xf
0x13a96: jne 0x13aab
0x13a98: mov cx, 0x20
0x13a9b: lea dx, word ptr [bp + 0x398]
0x13a9f: mov ah, 9
0x13aa1: int 0x21
0x13aa3: mov ah, 2
0x13aa5: mov dl, 7
0x13aa7: int 0x21
0x13aa9: loop 0x13a9b
0x13aab: mov ah, 0x1a
0x13aad: lea dx, word ptr [bp + 0x442]
0x13ab1: int 0x21
0x13ab3: jmp 0x13b09
0x13ab5: lea dx, word ptr [bp + 0x393]
0x13ab9: mov ah, 0x3b
0x13abb: int 0x21
0x13abd: jae 0x13ab3
2018-12-25T11:39:46.078408072Z 26 PC: 13ab3 | Set disk transfer address
2018-12-25T11:39:46.079869365Z 78 PC: 13b14 | Find first file
2018-12-25T11:39:46.088674999Z 67 PC: 13b46 | Get or set file attributes
2018-12-25T11:39:46.100165324Z 67 PC: 13b52 | Get or set file attributes
2018-12-25T11:39:46.276024964Z 61 PC: 13b5c | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:39:46.283733891Z 63 PC: 13b86 | Read file or device (Read 4 bytes on handle 5)
2018-12-25T11:39:46.304492496Z 87 PC: 13ba5 | Get or set file date and time
2018-12-25T11:39:46.306601339Z 66 PC: 13bb4 | Move file pointer
2018-12-25T11:39:46.308520169Z 44 PC: 13bc3 | Get time 0x13bc3: cmp dl, 0
0x13bc6: je 0x13bbf
0x13bc8: cmp dl, 0x10
0x13bcb: je 0x13bbf
0x13bcd: xor ax, ax
0x13bcf: mov ah, dl
0x13bd1: mul word ptr [0x396]
0x13bd5: mov byte ptr [bp + 0x36e], dl
0x13bd9: lea bx, word ptr [bp + 0x36f]
0x13bdd: mov byte ptr [bp + 0x4b6], 0
0x13be2: call 0x13c5b
0x13be5: mov bx, word ptr [bp + 0x4b7]
0x13be9: cli
0x13bea: mov ah, 0x40
0x13bec: mov cx, 0x342
0x13bef: lea dx, word ptr [bp + 0x100]
0x13bf3: int 0x21
0x13bf5: sti
0x13bf6: lea bx, word ptr [bp + 0x36f]
0x13bfa: mov byte ptr [bp + 0x4b6], 0
2018-12-25T11:39:46.311437686Z 64 PC: 13bf5 | Write file or device (Write 834 bytes on handle 5)
2018-12-25T11:39:46.331741169Z 66 PC: 13c17 | Move file pointer
2018-12-25T11:39:46.333438433Z 64 PC: 13c22 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T11:39:46.3412221Z 87 PC: 13c29 | Get or set file date and time
2018-12-25T11:39:46.343836395Z 62 PC: 13c2d | Close file
2018-12-25T11:39:46.422858752Z 67 PC: 13c41 | Get or set file attributes
2018-12-25T11:39:46.4524845Z 79 PC: 13c51 | Find next file
2018-12-25T11:39:46.45577657Z 67 PC: 13b46 | Get or set file attributes (See above)
2018-12-25T11:39:46.464005555Z 67 PC: 13b52 | Get or set file attributes (See above)
2018-12-25T11:39:46.526635099Z 61 PC: 13b5c | Open file (See above)
2018-12-25T11:39:46.540084087Z 63 PC: 13b86 | Read file or device (See above)
2018-12-25T11:39:46.555630797Z 87 PC: 13ba5 | Get or set file date and time (See above)
2018-12-25T11:39:46.557433257Z 66 PC: 13bb4 | Move file pointer (See above)
2018-12-25T11:39:46.559243102Z 62 PC: 13c2d | Close file (See above)
2018-12-25T11:39:46.562437411Z 67 PC: 13c41 | Get or set file attributes (See above)
2018-12-25T11:39:46.607811805Z 79 PC: 13c51 | Find next file (See above)
2018-12-25T11:39:46.61087516Z 67 PC: 13b46 | Get or set file attributes (See above)
2018-12-25T11:39:46.61905439Z 67 PC: 13b52 | Get or set file attributes (See above)
2018-12-25T11:39:46.665695551Z 61 PC: 13b5c | Open file (See above)
2018-12-25T11:39:46.673392116Z 63 PC: 13b86 | Read file or device (See above)
2018-12-25T11:39:46.68194697Z 87 PC: 13ba5 | Get or set file date and time (See above)
2018-12-25T11:39:46.68368903Z 66 PC: 13bb4 | Move file pointer (See above)
2018-12-25T11:39:46.685306637Z 62 PC: 13c2d | Close file (See above)
2018-12-25T11:39:46.688122477Z 67 PC: 13c41 | Get or set file attributes (See above)
2018-12-25T11:39:46.739797289Z 79 PC: 13c51 | Find next file (See above)
2018-12-25T11:39:46.743019743Z 67 PC: 13b46 | Get or set file attributes (See above)
2018-12-25T11:39:46.749550859Z 67 PC: 13b52 | Get or set file attributes (See above)
2018-12-25T11:39:46.802391668Z 61 PC: 13b5c | Open file (See above)
2018-12-25T11:39:46.809737828Z 63 PC: 13b86 | Read file or device (See above)
2018-12-25T11:39:46.816667321Z 87 PC: 13ba5 | Get or set file date and time (See above)
2018-12-25T11:39:46.819085771Z 66 PC: 13bb4 | Move file pointer (See above)
2018-12-25T11:39:46.820572088Z 62 PC: 13c2d | Close file (See above)
2018-12-25T11:39:46.82243429Z 67 PC: 13c41 | Get or set file attributes (See above)
2018-12-25T11:39:46.869874953Z 79 PC: 13c51 | Find next file (See above)
2018-12-25T11:39:46.873748293Z 67 PC: 13b46 | Get or set file attributes (See above)
2018-12-25T11:39:46.881168804Z 67 PC: 13b52 | Get or set file attributes (See above)
2018-12-25T11:39:46.95841114Z 61 PC: 13b5c | Open file (See above)
2018-12-25T11:39:46.965627878Z 63 PC: 13b86 | Read file or device (See above)
2018-12-25T11:39:46.97273228Z 87 PC: 13ba5 | Get or set file date and time (See above)
2018-12-25T11:39:46.975212957Z 66 PC: 13bb4 | Move file pointer (See above)
2018-12-25T11:39:46.976819054Z 62 PC: 13c2d | Close file (See above)
2018-12-25T11:39:46.978847764Z 67 PC: 13c41 | Get or set file attributes (See above)
2018-12-25T11:39:47.047614211Z 79 PC: 13c51 | Find next file (See above)
2018-12-25T11:39:47.057013462Z 67 PC: 13b46 | Get or set file attributes (See above)
2018-12-25T11:39:47.06352389Z 67 PC: 13b52 | Get or set file attributes (See above)
2018-12-25T11:39:47.139603758Z 61 PC: 13b5c | Open file (See above)
2018-12-25T11:39:47.147448618Z 63 PC: 13b86 | Read file or device (See above)
2018-12-25T11:39:47.1544963Z 87 PC: 13ba5 | Get or set file date and time (See above)
2018-12-25T11:39:47.156034679Z 66 PC: 13bb4 | Move file pointer (See above)
2018-12-25T11:39:47.158265688Z 44 PC: 13bc3 | Get time (See above)
2018-12-25T11:39:47.160822685Z 64 PC: 13bf5 | Write file or device (See above)
2018-12-25T11:39:47.230021268Z 66 PC: 13c17 | Move file pointer (See above)
2018-12-25T11:39:47.233834702Z 64 PC: 13c22 | Write file or device (See above)
2018-12-25T11:39:47.242183744Z 87 PC: 13c29 | Get or set file date and time (See above)
2018-12-25T11:39:47.244263188Z 62 PC: 13c2d | Close file (See above)
2018-12-25T11:39:47.36101265Z 67 PC: 13c41 | Get or set file attributes (See above)
2018-12-25T11:39:47.444670868Z 79 PC: 13c51 | Find next file (See above)
2018-12-25T11:39:47.447624721Z 67 PC: 13b46 | Get or set file attributes (See above)
2018-12-25T11:39:47.454509995Z 67 PC: 13b52 | Get or set file attributes (See above)
2018-12-25T11:39:47.568320628Z 61 PC: 13b5c | Open file (See above)
2018-12-25T11:39:47.581390656Z 63 PC: 13b86 | Read file or device (See above)
2018-12-25T11:39:47.588981086Z 87 PC: 13ba5 | Get or set file date and time (See above)
2018-12-25T11:39:47.591019303Z 66 PC: 13bb4 | Move file pointer (See above)
2018-12-25T11:39:47.593019488Z 62 PC: 13c2d | Close file (See above)
2018-12-25T11:39:47.595936547Z 67 PC: 13c41 | Get or set file attributes (See above)
2018-12-25T11:39:47.697665252Z 250 PC: 13ace | UNKNOWN!
2018-12-25T11:39:47.698489093Z 59 PC: 13ad6 | Change current directory
2018-12-25T11:39:47.700515974Z 51 PC: 13adf | Get or set Ctrl-Break
2018-12-25T11:39:47.702379Z 37 PC: 13ae8 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:39:47.703707934Z 26 PC: 13af1 | Set disk transfer address
2018-12-25T11:39:47.706802686Z 53 PC: 12a55 | Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-25T11:39:47.709072732Z 53 PC: 12a62 | Get interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-25T11:39:47.710807724Z 37 PC: 12a75 | Set interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-25T11:39:47.712155876Z 37 PC: 12a7d | Set interrupt vector (Interrupt = '8' AKA 'Console input without echo')

{"DateBased":true,"Day":15,"Month":5,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":31,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:39:46.265714019Z 250 PC: 13a39 | UNKNOWN!
2018-12-25T11:39:46.26797242Z 67 PC: 13a48 | Get or set file attributes
2018-12-25T11:39:46.274311862Z 65 PC: 13a50 | Delete file (Filename = 'ANTI-VIR.DAT')
2018-12-25T11:39:46.28056064Z 65 PC: 13a58 | Delete file (Filename = 'CHKLIST.MS')
2018-12-25T11:39:46.287467104Z 51 PC: 13a5d | Get or set Ctrl-Break
2018-12-25T11:39:46.288684461Z 51 PC: 13a68 | Get or set Ctrl-Break
2018-12-25T11:39:46.289951043Z 53 PC: 13a6d | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:39:46.292205151Z 37 PC: 13a7e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:39:46.293882438Z 71 PC: 13a8a | Get current directory
2018-12-25T11:39:46.29707964Z 42 PC: 13a8e | Get date 0x13a8e: cmp dh, 5
0x13a91: jne 0x13aab
0x13a93: cmp dl, 0xf
0x13a96: jne 0x13aab
0x13a98: mov cx, 0x20
0x13a9b: lea dx, word ptr [bp + 0x398]
0x13a9f: mov ah, 9
0x13aa1: int 0x21
0x13aa3: mov ah, 2
0x13aa5: mov dl, 7
0x13aa7: int 0x21
0x13aa9: loop 0x13a9b
0x13aab: mov ah, 0x1a
0x13aad: lea dx, word ptr [bp + 0x442]
0x13ab1: int 0x21
0x13ab3: jmp 0x13b09
0x13ab5: lea dx, word ptr [bp + 0x393]
0x13ab9: mov ah, 0x3b
0x13abb: int 0x21
0x13abd: jae 0x13ab3
2018-12-25T11:39:46.300145525Z 9 PC: 13aa3 | Display string (String= ' �� VIRUS PARAGUAY �� ��> Written by Int13h <ij � �VIVA LA INDEPENDENCIA! � [ DIABOLICAL KREATIONS ] �=- First paraguayan virus group. Up the virus-scene! ')
2018-12-25T11:39:46.309757657Z 2 PC: 13aa9 | Character output (Char = '07')
2018-12-25T11:39:46.313833131Z 9 PC: 13aa3 | Display string (See above)
2018-12-25T11:39:46.323601154Z 2 PC: 13aa9 | Character output (See above)
2018-12-25T11:39:46.326760024Z 9 PC: 13aa3 | Display string (See above)
2018-12-25T11:39:46.337325977Z 2 PC: 13aa9 | Character output (See above)
2018-12-25T11:39:46.339613508Z 9 PC: 13aa3 | Display string (See above)
2018-12-25T11:39:46.350758957Z 2 PC: 13aa9 | Character output (See above)
2018-12-25T11:39:46.352966575Z 9 PC: 13aa3 | Display string (See above)
2018-12-25T11:39:46.362304183Z 2 PC: 13aa9 | Character output (See above)
2018-12-25T11:39:46.365070729Z 9 PC: 13aa3 | Display string (See above)
2018-12-25T11:39:46.374814363Z 2 PC: 13aa9 | Character output (See above)
2018-12-25T11:39:46.377399527Z 9 PC: 13aa3 | Display string (See above)
2018-12-25T11:39:46.386416444Z 2 PC: 13aa9 | Character output (See above)
2018-12-25T11:39:46.388784252Z 9 PC: 13aa3 | Display string (See above)
2018-12-25T11:39:46.394251748Z 2 PC: 13aa9 | Character output (See above)
2018-12-25T11:39:46.408132364Z 9 PC: 13aa3 | Display string (See above)
2018-12-25T11:39:46.413720326Z 2 PC: 13aa9 | Character output (See above)
2018-12-25T11:39:46.415123118Z 9 PC: 13aa3 | Display string (See above)
2018-12-25T11:39:46.425602998Z 2 PC: 13aa9 | Character output (See above)
2018-12-25T11:39:46.427894574Z 9 PC: 13aa3 | Display string (See above)
2018-12-25T11:39:46.437235823Z 2 PC: 13aa9 | Character output (See above)
2018-12-25T11:39:46.439532923Z 9 PC: 13aa3 | Display string (See above)
2018-12-25T11:39:46.458551038Z 2 PC: 13aa9 | Character output (See above)
2018-12-25T11:39:46.460768091Z 9 PC: 13aa3 | Display string (See above)
2018-12-25T11:39:46.471069457Z 2 PC: 13aa9 | Character output (See above)
2018-12-25T11:39:46.474374719Z 9 PC: 13aa3 | Display string (See above)
2018-12-25T11:39:46.485349184Z 2 PC: 13aa9 | Character output (See above)
2018-12-25T11:39:46.487922787Z 9 PC: 13aa3 | Display string (See above)
2018-12-25T11:39:46.498528333Z 2 PC: 13aa9 | Character output (See above)
2018-12-25T11:39:46.50117025Z 9 PC: 13aa3 | Display string (See above)
2018-12-25T11:39:46.510985051Z 2 PC: 13aa9 | Character output (See above)
2018-12-25T11:39:46.514457065Z 9 PC: 13aa3 | Display string (See above)
2018-12-25T11:39:46.524213342Z 2 PC: 13aa9 | Character output (See above)
2018-12-25T11:39:46.528476531Z 9 PC: 13aa3 | Display string (See above)
2018-12-25T11:39:46.539898247Z 2 PC: 13aa9 | Character output (See above)
2018-12-25T11:39:46.542674043Z 9 PC: 13aa3 | Display string (See above)
2018-12-25T11:39:46.552940731Z 2 PC: 13aa9 | Character output (See above)
2018-12-25T11:39:46.555686154Z 9 PC: 13aa3 | Display string (See above)
2018-12-25T11:39:46.56620655Z 2 PC: 13aa9 | Character output (See above)
2018-12-25T11:39:46.582349227Z 9 PC: 13aa3 | Display string (See above)
2018-12-25T11:39:46.591961042Z 2 PC: 13aa9 | Character output (See above)
2018-12-25T11:39:46.5954508Z 9 PC: 13aa3 | Display string (See above)
2018-12-25T11:39:46.605581941Z 2 PC: 13aa9 | Character output (See above)
2018-12-25T11:39:46.607737078Z 9 PC: 13aa3 | Display string (See above)
2018-12-25T11:39:46.617571037Z 2 PC: 13aa9 | Character output (See above)
2018-12-25T11:39:46.620008941Z 9 PC: 13aa3 | Display string (See above)
2018-12-25T11:39:46.629922598Z 2 PC: 13aa9 | Character output (See above)
2018-12-25T11:39:46.63293646Z 9 PC: 13aa3 | Display string (See above)
2018-12-25T11:39:46.643243227Z 2 PC: 13aa9 | Character output (See above)
2018-12-25T11:39:46.646337Z 9 PC: 13aa3 | Display string (See above)
2018-12-25T11:39:46.656445151Z 2 PC: 13aa9 | Character output (See above)
2018-12-25T11:39:46.658575786Z 9 PC: 13aa3 | Display string (See above)
2018-12-25T11:39:46.668588577Z 2 PC: 13aa9 | Character output (See above)
2018-12-25T11:39:46.670581629Z 9 PC: 13aa3 | Display string (See above)
2018-12-25T11:39:46.680082513Z 2 PC: 13aa9 | Character output (See above)
2018-12-25T11:39:46.68220097Z 9 PC: 13aa3 | Display string (See above)
2018-12-25T11:39:46.695524313Z 2 PC: 13aa9 | Character output (See above)
2018-12-25T11:39:46.702765158Z 9 PC: 13aa3 | Display string (See above)
2018-12-25T11:39:46.712172102Z 2 PC: 13aa9 | Character output (See above)
2018-12-25T11:39:46.714227677Z 9 PC: 13aa3 | Display string (See above)
2018-12-25T11:39:46.723907437Z 2 PC: 13aa9 | Character output (See above)
2018-12-25T11:39:46.726027188Z 9 PC: 13aa3 | Display string (See above)
2018-12-25T11:39:46.735935447Z 2 PC: 13aa9 | Character output (See above)
2018-12-25T11:39:46.742272259Z 26 PC: 13ab3 | Set disk transfer address
2018-12-25T11:39:46.744051722Z 78 PC: 13b14 | Find first file
2018-12-25T11:39:46.750287382Z 67 PC: 13b46 | Get or set file attributes
2018-12-25T11:39:46.759713083Z 67 PC: 13b52 | Get or set file attributes
2018-12-25T11:39:46.802652781Z 61 PC: 13b5c | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:39:46.810589442Z 63 PC: 13b86 | Read file or device (Read 4 bytes on handle 5)
2018-12-25T11:39:46.818622716Z 87 PC: 13ba5 | Get or set file date and time
2018-12-25T11:39:46.821691Z 66 PC: 13bb4 | Move file pointer
2018-12-25T11:39:46.824687567Z 44 PC: 13bc3 | Get time 0x13bc3: cmp dl, 0
0x13bc6: je 0x13bbf
0x13bc8: cmp dl, 0x10
0x13bcb: je 0x13bbf
0x13bcd: xor ax, ax
0x13bcf: mov ah, dl
0x13bd1: mul word ptr [0x396]
0x13bd5: mov byte ptr [bp + 0x36e], dl
0x13bd9: lea bx, word ptr [bp + 0x36f]
0x13bdd: mov byte ptr [bp + 0x4b6], 0
0x13be2: call 0x13c5b
0x13be5: mov bx, word ptr [bp + 0x4b7]
0x13be9: cli
0x13bea: mov ah, 0x40
0x13bec: mov cx, 0x342
0x13bef: lea dx, word ptr [bp + 0x100]
0x13bf3: int 0x21
0x13bf5: sti
0x13bf6: lea bx, word ptr [bp + 0x36f]
0x13bfa: mov byte ptr [bp + 0x4b6], 0
2018-12-25T11:39:46.827681229Z 64 PC: 13bf5 | Write file or device (Write 834 bytes on handle 5)
2018-12-25T11:39:46.868378342Z 66 PC: 13c17 | Move file pointer
2018-12-25T11:39:46.870531772Z 64 PC: 13c22 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T11:39:46.877993881Z 87 PC: 13c29 | Get or set file date and time
2018-12-25T11:39:46.880928117Z 62 PC: 13c2d | Close file
2018-12-25T11:39:46.957350925Z 67 PC: 13c41 | Get or set file attributes
2018-12-25T11:39:47.044218848Z 79 PC: 13c51 | Find next file
2018-12-25T11:39:47.048346912Z 67 PC: 13b46 | Get or set file attributes (See above)
2018-12-25T11:39:47.054705188Z 67 PC: 13b52 | Get or set file attributes (See above)
2018-12-25T11:39:47.139994854Z 61 PC: 13b5c | Open file (See above)
2018-12-25T11:39:47.148175355Z 63 PC: 13b86 | Read file or device (See above)
2018-12-25T11:39:47.155840957Z 87 PC: 13ba5 | Get or set file date and time (See above)
2018-12-25T11:39:47.157486661Z 66 PC: 13bb4 | Move file pointer (See above)
2018-12-25T11:39:47.158941025Z 62 PC: 13c2d | Close file (See above)
2018-12-25T11:39:47.161090384Z 67 PC: 13c41 | Get or set file attributes (See above)
2018-12-25T11:39:47.230058169Z 79 PC: 13c51 | Find next file (See above)
2018-12-25T11:39:47.233289366Z 67 PC: 13b46 | Get or set file attributes (See above)
2018-12-25T11:39:47.240543607Z 67 PC: 13b52 | Get or set file attributes (See above)
2018-12-25T11:39:47.366394509Z 61 PC: 13b5c | Open file (See above)
2018-12-25T11:39:47.374606465Z 63 PC: 13b86 | Read file or device (See above)
2018-12-25T11:39:47.380137605Z 87 PC: 13ba5 | Get or set file date and time (See above)
2018-12-25T11:39:47.381338203Z 66 PC: 13bb4 | Move file pointer (See above)
2018-12-25T11:39:47.38253533Z 62 PC: 13c2d | Close file (See above)
2018-12-25T11:39:47.392625096Z 67 PC: 13c41 | Get or set file attributes (See above)
2018-12-25T11:39:47.444443511Z 79 PC: 13c51 | Find next file (See above)
2018-12-25T11:39:47.447565121Z 67 PC: 13b46 | Get or set file attributes (See above)
2018-12-25T11:39:47.455444259Z 67 PC: 13b52 | Get or set file attributes (See above)
2018-12-25T11:39:47.568227965Z 61 PC: 13b5c | Open file (See above)
2018-12-25T11:39:47.575619928Z 63 PC: 13b86 | Read file or device (See above)
2018-12-25T11:39:47.583414266Z 87 PC: 13ba5 | Get or set file date and time (See above)
2018-12-25T11:39:47.585460675Z 66 PC: 13bb4 | Move file pointer (See above)
2018-12-25T11:39:47.587274511Z 62 PC: 13c2d | Close file (See above)
2018-12-25T11:39:47.589447716Z 67 PC: 13c41 | Get or set file attributes (See above)
2018-12-25T11:39:47.697735964Z 79 PC: 13c51 | Find next file (See above)
2018-12-25T11:39:47.700569863Z 67 PC: 13b46 | Get or set file attributes (See above)
2018-12-25T11:39:47.70665429Z 67 PC: 13b52 | Get or set file attributes (See above)
2018-12-25T11:39:47.82950385Z 61 PC: 13b5c | Open file (See above)
2018-12-25T11:39:47.836875179Z 63 PC: 13b86 | Read file or device (See above)
2018-12-25T11:39:47.875915919Z 87 PC: 13ba5 | Get or set file date and time (See above)
2018-12-25T11:39:47.87870347Z 66 PC: 13bb4 | Move file pointer (See above)
2018-12-25T11:39:47.880346248Z 62 PC: 13c2d | Close file (See above)
2018-12-25T11:39:47.882338581Z 67 PC: 13c41 | Get or set file attributes (See above)
2018-12-25T11:39:48.012061217Z 79 PC: 13c51 | Find next file (See above)
2018-12-25T11:39:48.015747135Z 67 PC: 13b46 | Get or set file attributes (See above)
2018-12-25T11:39:48.025204545Z 67 PC: 13b52 | Get or set file attributes (See above)
2018-12-25T11:39:48.15882106Z 61 PC: 13b5c | Open file (See above)
2018-12-25T11:39:48.166736305Z 63 PC: 13b86 | Read file or device (See above)
2018-12-25T11:39:48.173831692Z 87 PC: 13ba5 | Get or set file date and time (See above)
2018-12-25T11:39:48.175756394Z 66 PC: 13bb4 | Move file pointer (See above)
2018-12-25T11:39:48.177794218Z 44 PC: 13bc3 | Get time (See above)
2018-12-25T11:39:48.180162608Z 64 PC: 13bf5 | Write file or device (See above)
2018-12-25T11:39:48.334431361Z 66 PC: 13c17 | Move file pointer (See above)
2018-12-25T11:39:48.336399291Z 64 PC: 13c22 | Write file or device (See above)
2018-12-25T11:39:48.343889341Z 87 PC: 13c29 | Get or set file date and time (See above)
2018-12-25T11:39:48.346061582Z 62 PC: 13c2d | Close file (See above)
2018-12-25T11:39:48.504285449Z 67 PC: 13c41 | Get or set file attributes (See above)
2018-12-25T11:39:48.52320065Z 79 PC: 13c51 | Find next file (See above)
2018-12-25T11:39:48.527759611Z 67 PC: 13b46 | Get or set file attributes (See above)
2018-12-25T11:39:48.53421858Z 67 PC: 13b52 | Get or set file attributes (See above)
2018-12-25T11:39:48.555654292Z 61 PC: 13b5c | Open file (See above)
2018-12-25T11:39:48.569154779Z 63 PC: 13b86 | Read file or device (See above)
2018-12-25T11:39:48.576942026Z 87 PC: 13ba5 | Get or set file date and time (See above)
2018-12-25T11:39:48.578896049Z 66 PC: 13bb4 | Move file pointer (See above)
2018-12-25T11:39:48.581035362Z 62 PC: 13c2d | Close file (See above)
2018-12-25T11:39:48.584327164Z 67 PC: 13c41 | Get or set file attributes (See above)
2018-12-25T11:39:48.611303916Z 250 PC: 13ace | UNKNOWN!
2018-12-25T11:39:48.612119479Z 59 PC: 13ad6 | Change current directory
2018-12-25T11:39:48.61407561Z 51 PC: 13adf | Get or set Ctrl-Break
2018-12-25T11:39:48.614890723Z 37 PC: 13ae8 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:39:48.61683514Z 26 PC: 13af1 | Set disk transfer address
2018-12-25T11:39:48.619780631Z 53 PC: 12a55 | Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-25T11:39:48.620964342Z 53 PC: 12a62 | Get interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-25T11:39:48.622120333Z 37 PC: 12a75 | Set interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-25T11:39:48.623407083Z 37 PC: 12a7d | Set interrupt vector (Interrupt = '8' AKA 'Console input without echo')