Sample viewer

vx.netlux.org/Virus.DOS.Sirius.Annihilator.596

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:18:21.453625944Z 53 PC: 15311 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:18:21.456570445Z 37 PC: 15322 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:18:21.458289929Z 26 PC: 15197 | Set disk transfer address
2018-12-17T22:18:21.459657282Z 25 PC: 151a5 | Get default drive
2018-12-17T22:18:21.462168671Z 14 PC: 151ae | Set default drive (Drive = 'A')
2018-12-17T22:18:21.46370259Z 14 PC: 151b9 | Set default drive (Drive = 'F')
2018-12-17T22:18:21.469524882Z 78 PC: 15215 | Find first file
2018-12-17T22:18:21.476838185Z 61 PC: 15222 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:18:21.486986334Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:21.488315045Z 62 PC: 15242 | Close file
2018-12-17T22:18:21.49117237Z 79 PC: 15215 | Find next file
2018-12-17T22:18:21.49398163Z 61 PC: 15222 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:18:21.500925395Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:21.503010104Z 62 PC: 15242 | Close file
2018-12-17T22:18:21.504827702Z 79 PC: 15215 | Find next file
2018-12-17T22:18:21.507327642Z 61 PC: 15222 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:18:21.516411666Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:21.518369034Z 62 PC: 15242 | Close file
2018-12-17T22:18:21.520139781Z 79 PC: 15215 | Find next file
2018-12-17T22:18:21.523151344Z 61 PC: 15222 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:18:21.529934247Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:21.531708398Z 62 PC: 15242 | Close file
2018-12-17T22:18:21.534322125Z 79 PC: 15215 | Find next file
2018-12-17T22:18:21.537882714Z 61 PC: 15222 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:18:21.550329565Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:21.552333122Z 62 PC: 15242 | Close file
2018-12-17T22:18:21.554125886Z 79 PC: 15215 | Find next file
2018-12-17T22:18:21.555927518Z 61 PC: 15222 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:18:21.561971431Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:21.563169505Z 62 PC: 15242 | Close file
2018-12-17T22:18:21.564391235Z 79 PC: 15215 | Find next file
2018-12-17T22:18:21.566938065Z 61 PC: 15222 | Open file (Filename = 'PAH.COM')
2018-12-17T22:18:21.573328021Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:21.575553912Z 62 PC: 15242 | Close file
2018-12-17T22:18:21.580017316Z 79 PC: 15215 | Find next file
2018-12-17T22:18:21.584157251Z 61 PC: 15222 | Open file (Filename = 'TEST.COM')
2018-12-17T22:18:21.598205875Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:21.600182235Z 44 PC: 15254 | Get time 0x15254: cmp dx, 0x100
0x15258: jbe 0x15250
0x1525a: mov word ptr ds:[bp + 0x19f], dx
0x1525f: and dx, 7
0x15262: add dx, dx
0x15264: mov word ptr [0xfa8e], dx
0x15268: mov ax, 0x4200
0x1526b: call 0x152e6
0x1526e: mov ah, 0x3f
0x15270: lea dx, word ptr [bp + 0x3d0]
0x15274: mov di, dx
0x15276: mov cx, 4
0x15279: int 0x21
0x1527b: mov al, 0x4d
0x1527d: repne scasb al, byte ptr es:[di]
0x1527f: je 0x1523e
0x15281: mov ax, 0x4202
0x15284: call 0x152e6
0x15287: sub ax, 3
0x1528a: mov word ptr ds:[bp + 0x3cd], ax
2018-12-17T22:18:21.603471672Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:21.604491479Z 63 PC: 1527b | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:18:21.608575303Z 62 PC: 15242 | Close file
2018-12-17T22:18:21.610938822Z 79 PC: 15215 | Find next file
2018-12-17T22:18:21.614841502Z 14 PC: 151b9 | Set default drive (Drive = 'E')
2018-12-17T22:18:21.616421886Z 78 PC: 15215 | Find first file
2018-12-17T22:18:21.623591885Z 61 PC: 15222 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:18:21.628104819Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:21.629180706Z 62 PC: 15242 | Close file
2018-12-17T22:18:21.630932998Z 79 PC: 15215 | Find next file
2018-12-17T22:18:21.632664059Z 61 PC: 15222 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:18:21.636679737Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:21.638496154Z 62 PC: 15242 | Close file
2018-12-17T22:18:21.639856058Z 79 PC: 15215 | Find next file
2018-12-17T22:18:21.641787552Z 61 PC: 15222 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:18:21.64860371Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:21.650094319Z 62 PC: 15242 | Close file
2018-12-17T22:18:21.651664864Z 79 PC: 15215 | Find next file
2018-12-17T22:18:21.654268622Z 61 PC: 15222 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:18:21.658407462Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:21.661954098Z 62 PC: 15242 | Close file
2018-12-17T22:18:21.664736102Z 79 PC: 15215 | Find next file
2018-12-17T22:18:21.666740365Z 61 PC: 15222 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:18:21.67097295Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:21.672627346Z 62 PC: 15242 | Close file
2018-12-17T22:18:21.674103508Z 79 PC: 15215 | Find next file
2018-12-17T22:18:21.675888598Z 61 PC: 15222 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:18:21.680957121Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:21.682080012Z 62 PC: 15242 | Close file
2018-12-17T22:18:21.683342954Z 79 PC: 15215 | Find next file
2018-12-17T22:18:21.686057334Z 61 PC: 15222 | Open file (Filename = 'PAH.COM')
2018-12-17T22:18:21.691181026Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:21.692710167Z 62 PC: 15242 | Close file
2018-12-17T22:18:21.69817275Z 79 PC: 15215 | Find next file
2018-12-17T22:18:21.700611508Z 61 PC: 15222 | Open file (Filename = 'TEST.COM')
2018-12-17T22:18:21.704575756Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:21.706290751Z 44 PC: 15254 | Get time 0x15254: cmp dx, 0x100
0x15258: jbe 0x15250
0x1525a: mov word ptr ds:[bp + 0x19f], dx
0x1525f: and dx, 7
0x15262: add dx, dx
0x15264: mov word ptr [0xfa8e], dx
0x15268: mov ax, 0x4200
0x1526b: call 0x152e6
0x1526e: mov ah, 0x3f
0x15270: lea dx, word ptr [bp + 0x3d0]
0x15274: mov di, dx
0x15276: mov cx, 4
0x15279: int 0x21
0x1527b: mov al, 0x4d
0x1527d: repne scasb al, byte ptr es:[di]
0x1527f: je 0x1523e
0x15281: mov ax, 0x4202
0x15284: call 0x152e6
0x15287: sub ax, 3
0x1528a: mov word ptr ds:[bp + 0x3cd], ax
2018-12-17T22:18:21.707783878Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:21.708811529Z 63 PC: 1527b | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:18:21.711497107Z 62 PC: 15242 | Close file
2018-12-17T22:18:21.71278432Z 79 PC: 15215 | Find next file
2018-12-17T22:18:21.714494304Z 14 PC: 151b9 | Set default drive (Drive = 'D')
2018-12-17T22:18:21.716050887Z 78 PC: 15215 | Find first file
2018-12-17T22:18:21.719647291Z 61 PC: 15222 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:18:21.723690172Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:21.725307104Z 62 PC: 15242 | Close file
2018-12-17T22:18:21.726845044Z 79 PC: 15215 | Find next file
2018-12-17T22:18:21.728581255Z 61 PC: 15222 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:18:21.733932078Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:21.735119325Z 62 PC: 15242 | Close file
2018-12-17T22:18:21.736444174Z 79 PC: 15215 | Find next file
2018-12-17T22:18:21.738482998Z 61 PC: 15222 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:18:21.742622737Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:21.743642201Z 62 PC: 15242 | Close file
2018-12-17T22:18:21.74544731Z 79 PC: 15215 | Find next file
2018-12-17T22:18:21.747274756Z 61 PC: 15222 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:18:21.751352423Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:21.752938974Z 62 PC: 15242 | Close file
2018-12-17T22:18:21.754147717Z 79 PC: 15215 | Find next file
2018-12-17T22:18:21.755824013Z 61 PC: 15222 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:18:21.760440388Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:21.761483858Z 62 PC: 15242 | Close file
2018-12-17T22:18:21.76316628Z 79 PC: 15215 | Find next file
2018-12-17T22:18:21.765409565Z 61 PC: 15222 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:18:21.769464683Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:21.770466631Z 62 PC: 15242 | Close file
2018-12-17T22:18:21.77224357Z 79 PC: 15215 | Find next file
2018-12-17T22:18:21.774223892Z 61 PC: 15222 | Open file (Filename = 'PAH.COM')
2018-12-17T22:18:21.778366013Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:21.779972385Z 62 PC: 15242 | Close file
2018-12-17T22:18:21.781262115Z 79 PC: 15215 | Find next file
2018-12-17T22:18:21.782956306Z 61 PC: 15222 | Open file (Filename = 'TEST.COM')
2018-12-17T22:18:21.787767624Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:21.788978806Z 44 PC: 15254 | Get time 0x15254: cmp dx, 0x100
0x15258: jbe 0x15250
0x1525a: mov word ptr ds:[bp + 0x19f], dx
0x1525f: and dx, 7
0x15262: add dx, dx
0x15264: mov word ptr [0xfa8e], dx
0x15268: mov ax, 0x4200
0x1526b: call 0x152e6
0x1526e: mov ah, 0x3f
0x15270: lea dx, word ptr [bp + 0x3d0]
0x15274: mov di, dx
0x15276: mov cx, 4
0x15279: int 0x21
0x1527b: mov al, 0x4d
0x1527d: repne scasb al, byte ptr es:[di]
0x1527f: je 0x1523e
0x15281: mov ax, 0x4202
0x15284: call 0x152e6
0x15287: sub ax, 3
0x1528a: mov word ptr ds:[bp + 0x3cd], ax
2018-12-17T22:18:21.790478631Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:21.791643747Z 63 PC: 1527b | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:18:21.794257046Z 62 PC: 15242 | Close file
2018-12-17T22:18:21.795797836Z 79 PC: 15215 | Find next file
2018-12-17T22:18:21.797946234Z 14 PC: 151b9 | Set default drive (Drive = 'C')
2018-12-17T22:18:21.800260405Z 78 PC: 15215 | Find first file
2018-12-17T22:18:21.804539098Z 61 PC: 15222 | Open file (Filename = 'COMMAND.COM')
2018-12-17T22:18:21.808437941Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:21.810084616Z 44 PC: 15254 | Get time 0x15254: cmp dx, 0x100
0x15258: jbe 0x15250
0x1525a: mov word ptr ds:[bp + 0x19f], dx
0x1525f: and dx, 7
0x15262: add dx, dx
0x15264: mov word ptr [0xfa8e], dx
0x15268: mov ax, 0x4200
0x1526b: call 0x152e6
0x1526e: mov ah, 0x3f
0x15270: lea dx, word ptr [bp + 0x3d0]
0x15274: mov di, dx
0x15276: mov cx, 4
0x15279: int 0x21
0x1527b: mov al, 0x4d
0x1527d: repne scasb al, byte ptr es:[di]
0x1527f: je 0x1523e
0x15281: mov ax, 0x4202
0x15284: call 0x152e6
0x15287: sub ax, 3
0x1528a: mov word ptr ds:[bp + 0x3cd], ax
2018-12-17T22:18:21.812115032Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:21.813416851Z 63 PC: 1527b | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:18:21.817378355Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:21.819286454Z 64 PC: 152c1 | Write file or device (Write 596 bytes on handle 5)
2018-12-17T22:18:22.363195925Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:22.366114291Z 64 PC: 152d4 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:18:22.369846589Z 87 PC: 152e1 | Get or set file date and time
2018-12-17T22:18:22.371855478Z 62 PC: 152e5 | Close file
2018-12-17T22:18:22.380273081Z 14 PC: 151cf | Set default drive (Drive = 'A')
2018-12-17T22:18:22.381843964Z 78 PC: 15215 | Find first file
2018-12-17T22:18:22.385688328Z 61 PC: 15222 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:18:22.390411527Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:22.391560129Z 62 PC: 15242 | Close file
2018-12-17T22:18:22.392865909Z 79 PC: 15215 | Find next file
2018-12-17T22:18:22.395174147Z 61 PC: 15222 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:18:22.399214371Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:22.400319415Z 62 PC: 15242 | Close file
2018-12-17T22:18:22.402105209Z 79 PC: 15215 | Find next file
2018-12-17T22:18:22.403790661Z 61 PC: 15222 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:18:22.407805163Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:22.409345572Z 62 PC: 15242 | Close file
2018-12-17T22:18:22.410751174Z 79 PC: 15215 | Find next file
2018-12-17T22:18:22.412412253Z 61 PC: 15222 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:18:22.41683303Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:22.417868634Z 62 PC: 15242 | Close file
2018-12-17T22:18:22.419054222Z 79 PC: 15215 | Find next file
2018-12-17T22:18:22.421165741Z 61 PC: 15222 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:18:22.425132361Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:22.426188889Z 62 PC: 15242 | Close file
2018-12-17T22:18:22.427816345Z 79 PC: 15215 | Find next file
2018-12-17T22:18:22.429480031Z 61 PC: 15222 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:18:22.433417727Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:22.434930937Z 62 PC: 15242 | Close file
2018-12-17T22:18:22.436110237Z 79 PC: 15215 | Find next file
2018-12-17T22:18:22.437790037Z 61 PC: 15222 | Open file (Filename = 'PAH.COM')
2018-12-17T22:18:22.4421153Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:22.44311763Z 62 PC: 15242 | Close file
2018-12-17T22:18:22.444326482Z 79 PC: 15215 | Find next file
2018-12-17T22:18:22.446433199Z 61 PC: 15222 | Open file (Filename = 'TEST.COM')
2018-12-17T22:18:22.45074283Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:22.451788152Z 44 PC: 15254 | Get time 0x15254: cmp dx, 0x100
0x15258: jbe 0x15250
0x1525a: mov word ptr ds:[bp + 0x19f], dx
0x1525f: and dx, 7
0x15262: add dx, dx
0x15264: mov word ptr [0xfa8e], dx
0x15268: mov ax, 0x4200
0x1526b: call 0x152e6
0x1526e: mov ah, 0x3f
0x15270: lea dx, word ptr [bp + 0x3d0]
0x15274: mov di, dx
0x15276: mov cx, 4
0x15279: int 0x21
0x1527b: mov al, 0x4d
0x1527d: repne scasb al, byte ptr es:[di]
0x1527f: je 0x1523e
0x15281: mov ax, 0x4202
0x15284: call 0x152e6
0x15287: sub ax, 3
0x1528a: mov word ptr ds:[bp + 0x3cd], ax
2018-12-17T22:18:22.453835743Z 66 PC: 152ec | Move file pointer
2018-12-17T22:18:22.454820305Z 63 PC: 1527b | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:18:22.456517775Z 62 PC: 15242 | Close file
2018-12-17T22:18:22.45816657Z 79 PC: 15215 | Find next file
2018-12-17T22:18:22.459775348Z 26 PC: 151d9 | Set disk transfer address
2018-12-17T22:18:22.460572724Z 42 PC: 151dd | Get date 0x151dd: test dh, 1
0x151e0: jne 0x151fe
0x151e2: cmp dh, dl
0x151e4: jne 0x151fe
0x151e6: cmp cx, 0x7ca
0x151ea: jbe 0x151fe
0x151ec: cmp al, 4
0x151ee: jbe 0x151fe
0x151f0: xor ax, ax
0x151f2: int 0x10
0x151f4: mov ah, 9
0x151f6: lea dx, word ptr [bp + 0x370]
0x151fa: int 0x21
0x151fc: cli
0x151fd: hlt
0x151fe: call 0x15326
0x15201: call 0x152ed
0x15204: mov ax, 0x100
0x15207: push ax
0x15208: xor ax, ax
2018-12-17T22:18:22.462495986Z 37 PC: 15332 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:18:22.464496857Z 9 PC: 12bb5 | Display string (String= '')
2018-12-17T22:18:22.465862229Z 9 PC: 12bbc | Display string (Could not find end pointer)
2018-12-17T22:18:22.472147589Z 76 PC: 12bd2 | Terminate with return code (Return code = '0')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":3154,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:48:39.456228926Z 53 PC: 15311 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:48:39.458893542Z 37 PC: 15322 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:48:39.460876791Z 26 PC: 15197 | Set disk transfer address
2018-12-25T11:48:39.462357678Z 25 PC: 151a5 | Get default drive
2018-12-25T11:48:39.464946212Z 14 PC: 151ae | Set default drive (Drive = 'A')
2018-12-25T11:48:39.466373821Z 14 PC: 151b9 | Set default drive (Drive = 'F')
2018-12-25T11:48:39.467649355Z 78 PC: 15215 | Find first file
2018-12-25T11:48:39.474637271Z 61 PC: 15222 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:48:39.482630326Z 66 PC: 152ec | Move file pointer
2018-12-25T11:48:39.484357901Z 62 PC: 15242 | Close file
2018-12-25T11:48:39.486456359Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.497886678Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.505781922Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.507891265Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.512067177Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.515217816Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.522822951Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.533609482Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.535705541Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.538868744Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.547853501Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.549607Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.551630774Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.554761225Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.569585905Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.571695535Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.574773488Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.578533714Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.585142554Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.58628403Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.588860041Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.591184502Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.595868961Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.59741834Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.598773864Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.600641866Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.605590936Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.606774156Z 44 PC: 15254 | Get time 0x15254: cmp dx, 0x100
0x15258: jbe 0x15250
0x1525a: mov word ptr ds:[bp + 0x19f], dx
0x1525f: and dx, 7
0x15262: add dx, dx
0x15264: mov word ptr [0xfa8e], dx
0x15268: mov ax, 0x4200
0x1526b: call 0x152e6
0x1526e: mov ah, 0x3f
0x15270: lea dx, word ptr [bp + 0x3d0]
0x15274: mov di, dx
0x15276: mov cx, 4
0x15279: int 0x21
0x1527b: mov al, 0x4d
0x1527d: repne scasb al, byte ptr es:[di]
0x1527f: je 0x1523e
0x15281: mov ax, 0x4202
0x15284: call 0x152e6
0x15287: sub ax, 3
0x1528a: mov word ptr ds:[bp + 0x3cd], ax
2018-12-25T11:48:39.608411053Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.610206645Z 63 PC: 1527b | Read file or device (Read 4 bytes on handle 5)
2018-12-25T11:48:39.61217859Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.613612755Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.615913342Z 14 PC: 151b9 | Set default drive (See above)
2018-12-25T11:48:39.616912492Z 78 PC: 15215 | Find first file (See above)
2018-12-25T11:48:39.620884765Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.625803577Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.627268435Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.629083114Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.63186465Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.639608548Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.641553399Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.64329127Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.646570903Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.653512187Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.655172926Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.659487182Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.662650007Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.67082557Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.672838265Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.67453599Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.677141737Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.687899753Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.689332667Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.690929599Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.694076014Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.69836473Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.69946327Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.701793056Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.704339819Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.7114631Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.720040001Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.721930449Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.724468826Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.731386193Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.73323054Z 44 PC: 15254 | Get time (See above)
2018-12-25T11:48:39.735468545Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.736856874Z 63 PC: 1527b | Read file or device (See above)
2018-12-25T11:48:39.740285664Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.743043628Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.745688174Z 14 PC: 151b9 | Set default drive (See above)
2018-12-25T11:48:39.747583253Z 78 PC: 15215 | Find first file (See above)
2018-12-25T11:48:39.75405329Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.761326675Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.763861499Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.7656608Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.768440694Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.775975958Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.777564934Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.779512624Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.782825965Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.790004394Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.79138755Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.79360592Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.796433209Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.80396331Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.806678335Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.809971469Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.812739166Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.821194508Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.822803806Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.824780783Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.827576529Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.835151984Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.836826537Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.839172048Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.842309493Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.849248115Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.850879494Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.853145924Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.855578595Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.862766196Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.864732329Z 44 PC: 15254 | Get time (See above)
2018-12-25T11:48:39.867034534Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.868573989Z 63 PC: 1527b | Read file or device (See above)
2018-12-25T11:48:39.872247807Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.873965554Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.8774002Z 14 PC: 151b9 | Set default drive (See above)
2018-12-25T11:48:39.879035444Z 78 PC: 15215 | Find first file (See above)
2018-12-25T11:48:39.88477337Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.891142957Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.893230479Z 44 PC: 15254 | Get time (See above)
2018-12-25T11:48:39.895463479Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.896775927Z 63 PC: 1527b | Read file or device (See above)
2018-12-25T11:48:39.899886375Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.901531339Z 64 PC: 152c1 | Write file or device (Write 596 bytes on handle 5)
2018-12-25T11:48:40.594629316Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:40.596741842Z 64 PC: 152d4 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T11:48:40.600328743Z 87 PC: 152e1 | Get or set file date and time
2018-12-25T11:48:40.602368265Z 62 PC: 152e5 | Close file
2018-12-25T11:48:40.609866116Z 14 PC: 151cf | Set default drive (Drive = 'A')
2018-12-25T11:48:40.611350774Z 78 PC: 15215 | Find first file (See above)
2018-12-25T11:48:40.615746935Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:40.620719616Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:40.621906918Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:40.623409864Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:40.625874021Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:40.630991065Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:40.632030567Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:40.633810172Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:40.636659532Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:40.643893713Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:40.646239949Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:40.648720528Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:40.651622108Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:40.659486727Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:40.661125789Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:40.663153842Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:40.666506898Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:40.673672383Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:40.675170194Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:40.678459689Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:40.680269267Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:40.684475061Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:40.686470596Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:40.688260258Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:40.690529329Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:40.698970275Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:40.700961321Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:40.704170001Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:40.70809648Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:40.716014537Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:40.718018219Z 44 PC: 15254 | Get time (See above)
2018-12-25T11:48:40.721184893Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:40.72252487Z 63 PC: 1527b | Read file or device (See above)
2018-12-25T11:48:40.725009135Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:40.727252989Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:40.729251229Z 26 PC: 151d9 | Set disk transfer address
2018-12-25T11:48:40.730310943Z 42 PC: 151dd | Get date 0x151dd: test dh, 1
0x151e0: jne 0x151fe
0x151e2: cmp dh, dl
0x151e4: jne 0x151fe
0x151e6: cmp cx, 0x7ca
0x151ea: jbe 0x151fe
0x151ec: cmp al, 4
0x151ee: jbe 0x151fe
0x151f0: xor ax, ax
0x151f2: int 0x10
0x151f4: mov ah, 9
0x151f6: lea dx, word ptr [bp + 0x370]
0x151fa: int 0x21
0x151fc: cli
0x151fd: hlt
0x151fe: call 0x15326
0x15201: call 0x152ed
0x15204: mov ax, 0x100
0x15207: push ax
0x15208: xor ax, ax
2018-12-25T11:48:40.732686616Z 37 PC: 15332 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:48:40.736461633Z 9 PC: 12bb5 | Display string (String= '')
2018-12-25T11:48:40.739298403Z 9 PC: 12bbc | Display string (Could not find end pointer)
2018-12-25T11:48:40.746607541Z 76 PC: 12bd2 | Terminate with return code (Return code = '0')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":1,"TimeBased":true,"OriginalID":3154,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:48:39.487110393Z 53 PC: 15311 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:48:39.489181892Z 37 PC: 15322 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:48:39.490817969Z 26 PC: 15197 | Set disk transfer address
2018-12-25T11:48:39.492336655Z 25 PC: 151a5 | Get default drive
2018-12-25T11:48:39.494086597Z 14 PC: 151ae | Set default drive (Drive = 'A')
2018-12-25T11:48:39.49577066Z 14 PC: 151b9 | Set default drive (Drive = 'F')
2018-12-25T11:48:39.496841685Z 78 PC: 15215 | Find first file
2018-12-25T11:48:39.503390004Z 61 PC: 15222 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:48:39.510810807Z 66 PC: 152ec | Move file pointer
2018-12-25T11:48:39.512103086Z 62 PC: 15242 | Close file
2018-12-25T11:48:39.513843874Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.517311815Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.524631275Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.526174253Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.5286295Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.533932517Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.541532941Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.543272805Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.545069351Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.547790957Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.556081836Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.558412402Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.560765774Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.56426968Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.572677977Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.574427255Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.576687647Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.579860038Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.587492601Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.589074548Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.591262355Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.594095715Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.602408589Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.605090261Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.607148249Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.6100724Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.617989484Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.61959404Z 44 PC: 15254 | Get time 0x15254: cmp dx, 0x100
0x15258: jbe 0x15250
0x1525a: mov word ptr ds:[bp + 0x19f], dx
0x1525f: and dx, 7
0x15262: add dx, dx
0x15264: mov word ptr [0xfa8e], dx
0x15268: mov ax, 0x4200
0x1526b: call 0x152e6
0x1526e: mov ah, 0x3f
0x15270: lea dx, word ptr [bp + 0x3d0]
0x15274: mov di, dx
0x15276: mov cx, 4
0x15279: int 0x21
0x1527b: mov al, 0x4d
0x1527d: repne scasb al, byte ptr es:[di]
0x1527f: je 0x1523e
0x15281: mov ax, 0x4202
0x15284: call 0x152e6
0x15287: sub ax, 3
0x1528a: mov word ptr ds:[bp + 0x3cd], ax
2018-12-25T11:48:39.62201615Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.627142187Z 63 PC: 1527b | Read file or device (Read 4 bytes on handle 5)
2018-12-25T11:48:39.630093018Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.631710804Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.63472651Z 14 PC: 151b9 | Set default drive (See above)
2018-12-25T11:48:39.635885665Z 78 PC: 15215 | Find first file (See above)
2018-12-25T11:48:39.639632355Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.644171661Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.646026216Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.647917773Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.650851333Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.660136854Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.662313449Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.665044206Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.66938803Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.677453274Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.679008123Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.68216219Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.685241016Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.693403271Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.6963233Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.699153074Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.703166275Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.71085601Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.713802922Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.716153367Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.719281758Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.727846491Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.729636384Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.7316036Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.735198852Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.742366956Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.744035471Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.746483738Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.75005901Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.757241512Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.759041301Z 44 PC: 15254 | Get time (See above)
2018-12-25T11:48:39.76198866Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.763501943Z 63 PC: 1527b | Read file or device (See above)
2018-12-25T11:48:39.766243819Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.769334239Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.772398136Z 14 PC: 151b9 | Set default drive (See above)
2018-12-25T11:48:39.774076376Z 78 PC: 15215 | Find first file (See above)
2018-12-25T11:48:39.781882159Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.788955994Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.7902479Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.792639337Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.795296924Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.802600151Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.80865161Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.811080132Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.814529608Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.826605769Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.828984619Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.831345989Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.834560119Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.84348944Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.845235502Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.847215498Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.851649274Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.859512689Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.861325126Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.864287229Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.86767622Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.875027108Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.877414918Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.879488072Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.882291319Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.890690588Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.893107833Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.895114218Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.899196444Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.906888488Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.908856148Z 44 PC: 15254 | Get time (See above)
2018-12-25T11:48:39.910975578Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.92068439Z 63 PC: 1527b | Read file or device (See above)
2018-12-25T11:48:39.923771848Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:39.925785279Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:39.929625078Z 14 PC: 151b9 | Set default drive (See above)
2018-12-25T11:48:39.931335241Z 78 PC: 15215 | Find first file (See above)
2018-12-25T11:48:39.937720348Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:39.945731123Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.947610086Z 44 PC: 15254 | Get time (See above)
2018-12-25T11:48:39.950302455Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.952875066Z 63 PC: 1527b | Read file or device (See above)
2018-12-25T11:48:39.955878443Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:39.957565136Z 64 PC: 152c1 | Write file or device (Write 596 bytes on handle 5)
2018-12-25T11:48:40.596858266Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:40.599288554Z 64 PC: 152d4 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T11:48:40.602700613Z 87 PC: 152e1 | Get or set file date and time
2018-12-25T11:48:40.605684066Z 62 PC: 152e5 | Close file
2018-12-25T11:48:40.614498552Z 14 PC: 151cf | Set default drive (Drive = 'A')
2018-12-25T11:48:40.616299344Z 78 PC: 15215 | Find first file (See above)
2018-12-25T11:48:40.623815777Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:40.633942392Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:40.636565691Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:40.642229995Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:40.645451298Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:40.653074173Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:40.655317141Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:40.657296767Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:40.660368544Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:40.668988101Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:40.671244939Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:40.674450766Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:40.678281878Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:40.685802678Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:40.687832527Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:40.690772625Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:40.69368457Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:40.701366438Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:40.703900903Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:40.705948617Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:40.708753784Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:40.716657655Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:40.718450135Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:40.720837896Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:40.72452601Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:40.732051394Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:40.734845425Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:40.738279764Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:40.741210709Z 61 PC: 15222 | Open file (See above)
2018-12-25T11:48:40.749786848Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:40.751750022Z 44 PC: 15254 | Get time (See above)
2018-12-25T11:48:40.754703763Z 66 PC: 152ec | Move file pointer (See above)
2018-12-25T11:48:40.756625447Z 63 PC: 1527b | Read file or device (See above)
2018-12-25T11:48:40.759864601Z 62 PC: 15242 | Close file (See above)
2018-12-25T11:48:40.762531571Z 79 PC: 15215 | Find next file (See above)
2018-12-25T11:48:40.76552399Z 26 PC: 151d9 | Set disk transfer address
2018-12-25T11:48:40.767048968Z 42 PC: 151dd | Get date 0x151dd: test dh, 1
0x151e0: jne 0x151fe
0x151e2: cmp dh, dl
0x151e4: jne 0x151fe
0x151e6: cmp cx, 0x7ca
0x151ea: jbe 0x151fe
0x151ec: cmp al, 4
0x151ee: jbe 0x151fe
0x151f0: xor ax, ax
0x151f2: int 0x10
0x151f4: mov ah, 9
0x151f6: lea dx, word ptr [bp + 0x370]
0x151fa: int 0x21
0x151fc: cli
0x151fd: hlt
0x151fe: call 0x15326
0x15201: call 0x152ed
0x15204: mov ax, 0x100
0x15207: push ax
0x15208: xor ax, ax
2018-12-25T11:48:40.76970667Z 37 PC: 15332 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:48:40.773169324Z 9 PC: 12bb5 | Display string (String= '')
2018-12-25T11:48:40.775397119Z 9 PC: 12bbc | Display string (Could not find end pointer)
2018-12-25T11:48:40.788431851Z 76 PC: 12bd2 | Terminate with return code (Return code = '0')