Sample viewer

vx.netlux.org/Virus.DOS.Friday13.623

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:24:33.498214795Z 26 PC: 12eb4 | Set disk transfer address
2018-12-17T22:24:33.500426088Z 78 PC: 12ebe | Find first file
2018-12-17T22:24:33.507558529Z 61 PC: 12f1f | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:24:33.515199328Z 63 PC: 12f35 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:24:33.522447804Z 66 PC: 12f65 | Move file pointer
2018-12-17T22:24:33.524945666Z 64 PC: 12f71 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:24:33.528694292Z 66 PC: 12f81 | Move file pointer
2018-12-17T22:24:33.530957445Z 64 PC: 12f8d | Write file or device (Write 623 bytes on handle 5)
2018-12-17T22:24:33.634770243Z 87 PC: 12f9a | Get or set file date and time
2018-12-17T22:24:33.636912087Z 62 PC: 12f9e | Close file
2018-12-17T22:24:33.64577239Z 79 PC: 12ec7 | Find next file
2018-12-17T22:24:33.649991359Z 61 PC: 12f1f | Open file (Filename = 'PRINT.COM')
2018-12-17T22:24:33.657733556Z 63 PC: 12f35 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:24:33.665446263Z 66 PC: 12f65 | Move file pointer
2018-12-17T22:24:33.681771888Z 64 PC: 12f71 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:24:33.686802326Z 66 PC: 12f81 | Move file pointer
2018-12-17T22:24:33.688377058Z 64 PC: 12f8d | Write file or device (Write 623 bytes on handle 5)
2018-12-17T22:24:33.697877841Z 87 PC: 12f9a | Get or set file date and time
2018-12-17T22:24:33.700251415Z 62 PC: 12f9e | Close file
2018-12-17T22:24:33.710750044Z 79 PC: 12ec7 | Find next file
2018-12-17T22:24:33.714664711Z 61 PC: 12f1f | Open file (Filename = 'HELLO.COM')
2018-12-17T22:24:33.722865216Z 63 PC: 12f35 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:24:33.730490005Z 66 PC: 12f65 | Move file pointer
2018-12-17T22:24:33.732508978Z 64 PC: 12f71 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:24:33.73696745Z 66 PC: 12f81 | Move file pointer
2018-12-17T22:24:33.738883289Z 64 PC: 12f8d | Write file or device (Write 623 bytes on handle 5)
2018-12-17T22:24:33.748143607Z 87 PC: 12f9a | Get or set file date and time
2018-12-17T22:24:33.751266907Z 62 PC: 12f9e | Close file
2018-12-17T22:24:33.762399362Z 79 PC: 12ec7 | Find next file
2018-12-17T22:24:33.767004574Z 61 PC: 12f1f | Open file (Filename = 'PHANG.COM')
2018-12-17T22:24:33.786365597Z 63 PC: 12f35 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:24:33.79402857Z 66 PC: 12f65 | Move file pointer
2018-12-17T22:24:33.796170088Z 64 PC: 12f71 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:24:33.800804975Z 66 PC: 12f81 | Move file pointer
2018-12-17T22:24:33.802499369Z 64 PC: 12f8d | Write file or device (Write 623 bytes on handle 5)
2018-12-17T22:24:33.811557681Z 87 PC: 12f9a | Get or set file date and time
2018-12-17T22:24:33.814079409Z 62 PC: 12f9e | Close file
2018-12-17T22:24:33.822821326Z 79 PC: 12ec7 | Find next file
2018-12-17T22:24:33.842890403Z 61 PC: 12f1f | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:24:33.851316582Z 63 PC: 12f35 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:24:33.874280713Z 66 PC: 12f65 | Move file pointer
2018-12-17T22:24:33.876021337Z 64 PC: 12f71 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:24:33.879453286Z 66 PC: 12f81 | Move file pointer
2018-12-17T22:24:33.88248669Z 64 PC: 12f8d | Write file or device (Write 623 bytes on handle 5)
2018-12-17T22:24:33.892031467Z 87 PC: 12f9a | Get or set file date and time
2018-12-17T22:24:33.894193135Z 62 PC: 12f9e | Close file
2018-12-17T22:24:33.904535885Z 79 PC: 12ec7 | Find next file
2018-12-17T22:24:33.909299315Z 61 PC: 12f1f | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:24:33.917073977Z 63 PC: 12f35 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:24:33.925475643Z 66 PC: 12f65 | Move file pointer
2018-12-17T22:24:33.927943556Z 64 PC: 12f71 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:24:33.931416192Z 66 PC: 12f81 | Move file pointer
2018-12-17T22:24:33.934462088Z 64 PC: 12f8d | Write file or device (Write 623 bytes on handle 5)
2018-12-17T22:24:33.944125806Z 87 PC: 12f9a | Get or set file date and time
2018-12-17T22:24:33.946314319Z 62 PC: 12f9e | Close file
2018-12-17T22:24:33.955666438Z 79 PC: 12ec7 | Find next file
2018-12-17T22:24:33.959999819Z 61 PC: 12f1f | Open file (Filename = 'PAH.COM')
2018-12-17T22:24:33.967597369Z 63 PC: 12f35 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:24:33.975288974Z 66 PC: 12f65 | Move file pointer
2018-12-17T22:24:33.977779456Z 64 PC: 12f71 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:24:33.981391685Z 66 PC: 12f81 | Move file pointer
2018-12-17T22:24:33.983381761Z 64 PC: 12f8d | Write file or device (Write 623 bytes on handle 5)
2018-12-17T22:24:33.993407586Z 87 PC: 12f9a | Get or set file date and time
2018-12-17T22:24:33.995879384Z 62 PC: 12f9e | Close file
2018-12-17T22:24:34.004980861Z 79 PC: 12ec7 | Find next file
2018-12-17T22:24:34.008594603Z 61 PC: 12f1f | Open file (Filename = 'TEST.COM')
2018-12-17T22:24:34.017139365Z 63 PC: 12f35 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:24:34.0205308Z 62 PC: 12f9e | Close file
2018-12-17T22:24:34.022990968Z 79 PC: 12ec7 | Find next file
2018-12-17T22:24:34.027191483Z 26 PC: 12ed5 | Set disk transfer address
2018-12-17T22:24:34.028843994Z 42 PC: 12fc4 | Get date 0x12fc4: cmp dl, 0xd
0x12fc7: jne 0x13006
0x12fc9: cmp al, 5
0x12fcb: jne 0x13006
0x12fcd: xor ax, ax
0x12fcf: mov cx, 0x7fff
0x12fd2: xor di, di
0x12fd4: mov es, word ptr es:[0x2c]
0x12fd9: cld
0x12fda: repne scasd eax, dword ptr es:[di]
0x12fdc: jne 0x13006
0x12fde: add di, 2
0x12fe1: push ds
0x12fe2: push es
0x12fe3: pop ds
0x12fe4: mov ax, 0x4300
0x12fe7: mov dx, di
0x12fe9: int 0x21
0x12feb: jb 0x13005
0x12fed: test cl, 1
2018-12-17T22:24:34.031700412Z 9 PC: 12e26 | Display string (String= 'Hello - Copyright S & S International, 1990 ')

{"DateBased":true,"Day":13,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4319,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:51:24.641628801Z 64 PC: 0 | Write file or device (Write 2 bytes on handle 1)
2018-12-25T11:51:24.646895055Z 41 PC: 94fae | Parse filename
2018-12-25T11:51:24.650938894Z 41 PC: 9502f | Parse filename
2018-12-25T11:51:24.65269385Z 41 PC: 9504c | Parse filename
2018-12-25T11:51:24.656258156Z 26 PC: 984f7 | Set disk transfer address
2018-12-25T11:51:24.658268116Z 71 PC: 986f3 | Get current directory
2018-12-25T11:51:24.661362874Z 78 PC: 986fe | Find first file
2018-12-25T11:51:24.668124992Z 71 PC: 986f3 | Get current directory (See above)
2018-12-25T11:51:24.669971456Z 78 PC: 986fe | Find first file (See above)
2018-12-25T11:51:24.676446961Z 64 PC: 9a848 | Write file or device (Write 26 bytes on handle 2)
2018-12-25T11:51:24.679183857Z 37 PC: 123c4 | Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-25T11:51:24.68044683Z 37 PC: 123cb | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-25T11:51:24.6813546Z 37 PC: 123d2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:51:24.682260967Z 62 PC: 122ab | Close file
2018-12-25T11:51:24.683763998Z 62 PC: 122ab | Close file (See above)
2018-12-25T11:51:24.684775468Z 62 PC: 122ab | Close file (See above)
2018-12-25T11:51:24.685817914Z 62 PC: 122ab | Close file (See above)
2018-12-25T11:51:24.687397773Z 62 PC: 122ab | Close file (See above)
2018-12-25T11:51:24.688542203Z 62 PC: 122ab | Close file (See above)
2018-12-25T11:51:24.689488287Z 62 PC: 122ab | Close file (See above)
2018-12-25T11:51:24.701051916Z 62 PC: 122ab | Close file (See above)
2018-12-25T11:51:24.702461178Z 62 PC: 122ab | Close file (See above)
2018-12-25T11:51:24.703754519Z 62 PC: 122ab | Close file (See above)
2018-12-25T11:51:24.705589704Z 62 PC: 122ab | Close file (See above)
2018-12-25T11:51:24.706641663Z 62 PC: 122ab | Close file (See above)
2018-12-25T11:51:24.707567445Z 62 PC: 122ab | Close file (See above)
2018-12-25T11:51:24.708836304Z 62 PC: 122ab | Close file (See above)
2018-12-25T11:51:24.710109471Z 62 PC: 122ab | Close file (See above)
2018-12-25T11:51:24.711704964Z 99 PC: 9a5d7 | Get DBCS lead byte table pointer
2018-12-25T11:51:24.713060429Z 56 PC: 94df9 | Get or set country info
2018-12-25T11:51:24.715609612Z 64 PC: 9a848 | Write file or device (See above)
2018-12-25T11:51:24.719482005Z 25 PC: 94e62 | Get default drive
2018-12-25T11:51:24.72121713Z 71 PC: 970dd | Get current directory
2018-12-25T11:51:24.72571961Z 64 PC: 9a848 | Write file or device (See above)
2018-12-25T11:51:24.728236864Z 2 PC: 970b2 | Character output (Char = '3e')
2018-12-25T11:51:24.730742872Z 93 PC: 94f20 | File sharing functions
2018-12-25T11:51:24.742850078Z 93 PC: 94f27 | File sharing functions
2018-12-25T11:51:24.744365459Z 10 PC: 94f39 | Buffered keyboard input
2018-12-25T11:51:39.688745491Z 0 PC: 0 | Program terminate (See above)
2018-12-25T11:51:41.043260974Z 0 PC: 0 | Program terminate (See above)
2018-12-25T11:51:41.145346683Z 64 PC: 9a848 | Write file or device (See above)
2018-12-25T11:51:41.15047027Z 41 PC: 94fae | Parse filename (See above)
2018-12-25T11:51:41.151879274Z 41 PC: 9502f | Parse filename (See above)
2018-12-25T11:51:41.15302856Z 41 PC: 9504c | Parse filename (See above)
2018-12-25T11:51:41.156579247Z 26 PC: 984f7 | Set disk transfer address (See above)
2018-12-25T11:51:41.158365988Z 71 PC: 986f3 | Get current directory (See above)
2018-12-25T11:51:41.164464333Z 78 PC: 986fe | Find first file (See above)
2018-12-25T11:51:41.171855024Z 71 PC: 9856c | Get current directory
2018-12-25T11:51:41.173784543Z 73 PC: 97c09 | Release memory
2018-12-25T11:51:41.175049277Z 75 PC: 11821 | Execute program
2018-12-25T11:51:41.198923365Z 9 PC: 12a47 | Display string (String= 'Hello, World! ')
2018-12-25T11:51:41.20457226Z 76 PC: 12a4b | Terminate with return code (Return code = '36')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4319,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:51:24.845194719Z 26 PC: 12eb4 | Set disk transfer address
2018-12-25T11:51:24.846599882Z 78 PC: 12ebe | Find first file
2018-12-25T11:51:24.852014355Z 61 PC: 12f1f | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:51:24.858463182Z 63 PC: 12f35 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:51:24.864809121Z 66 PC: 12f65 | Move file pointer
2018-12-25T11:51:24.866611021Z 64 PC: 12f71 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:51:24.86975986Z 66 PC: 12f81 | Move file pointer
2018-12-25T11:51:24.87438977Z 64 PC: 12f8d | Write file or device (Write 623 bytes on handle 5)
2018-12-25T11:51:25.934880825Z 87 PC: 12f9a | Get or set file date and time
2018-12-25T11:51:25.936341847Z 62 PC: 12f9e | Close file
2018-12-25T11:51:26.154271926Z 79 PC: 12ec7 | Find next file
2018-12-25T11:51:26.157051284Z 61 PC: 12f1f | Open file (See above)
2018-12-25T11:51:26.164000962Z 63 PC: 12f35 | Read file or device (See above)
2018-12-25T11:51:26.170149672Z 66 PC: 12f65 | Move file pointer (See above)
2018-12-25T11:51:26.172040739Z 64 PC: 12f71 | Write file or device (See above)
2018-12-25T11:51:26.174985511Z 66 PC: 12f81 | Move file pointer (See above)
2018-12-25T11:51:26.176382737Z 64 PC: 12f8d | Write file or device (See above)
2018-12-25T11:51:26.664074796Z 87 PC: 12f9a | Get or set file date and time (See above)
2018-12-25T11:51:26.665829074Z 62 PC: 12f9e | Close file (See above)
2018-12-25T11:51:26.803934542Z 79 PC: 12ec7 | Find next file (See above)
2018-12-25T11:51:26.808097527Z 61 PC: 12f1f | Open file (See above)
2018-12-25T11:51:26.814959598Z 63 PC: 12f35 | Read file or device (See above)
2018-12-25T11:51:26.82208279Z 66 PC: 12f65 | Move file pointer (See above)
2018-12-25T11:51:26.824801943Z 64 PC: 12f71 | Write file or device (See above)
2018-12-25T11:51:26.82766583Z 66 PC: 12f81 | Move file pointer (See above)
2018-12-25T11:51:26.829096545Z 64 PC: 12f8d | Write file or device (See above)
2018-12-25T11:51:26.844850797Z 87 PC: 12f9a | Get or set file date and time (See above)
2018-12-25T11:51:26.847183715Z 62 PC: 12f9e | Close file (See above)
2018-12-25T11:51:26.885263291Z 79 PC: 12ec7 | Find next file (See above)
2018-12-25T11:51:26.888920446Z 61 PC: 12f1f | Open file (See above)
2018-12-25T11:51:26.902893038Z 63 PC: 12f35 | Read file or device (See above)
2018-12-25T11:51:26.910442724Z 66 PC: 12f65 | Move file pointer (See above)
2018-12-25T11:51:26.912527252Z 64 PC: 12f71 | Write file or device (See above)
2018-12-25T11:51:26.915970547Z 66 PC: 12f81 | Move file pointer (See above)
2018-12-25T11:51:26.917922943Z 64 PC: 12f8d | Write file or device (See above)
2018-12-25T11:51:26.936023169Z 87 PC: 12f9a | Get or set file date and time (See above)
2018-12-25T11:51:26.938220671Z 62 PC: 12f9e | Close file (See above)
2018-12-25T11:51:26.965636833Z 79 PC: 12ec7 | Find next file (See above)
2018-12-25T11:51:26.968254037Z 61 PC: 12f1f | Open file (See above)
2018-12-25T11:51:26.97578454Z 63 PC: 12f35 | Read file or device (See above)
2018-12-25T11:51:26.979790925Z 66 PC: 12f65 | Move file pointer (See above)
2018-12-25T11:51:26.980722555Z 64 PC: 12f71 | Write file or device (See above)
2018-12-25T11:51:26.983136294Z 66 PC: 12f81 | Move file pointer (See above)
2018-12-25T11:51:26.984184582Z 64 PC: 12f8d | Write file or device (See above)
2018-12-25T11:51:27.014395661Z 87 PC: 12f9a | Get or set file date and time (See above)
2018-12-25T11:51:27.018672998Z 62 PC: 12f9e | Close file (See above)
2018-12-25T11:51:27.029806957Z 79 PC: 12ec7 | Find next file (See above)
2018-12-25T11:51:27.033435108Z 61 PC: 12f1f | Open file (See above)
2018-12-25T11:51:27.044398306Z 63 PC: 12f35 | Read file or device (See above)
2018-12-25T11:51:27.052492774Z 66 PC: 12f65 | Move file pointer (See above)
2018-12-25T11:51:27.054164745Z 64 PC: 12f71 | Write file or device (See above)
2018-12-25T11:51:27.059114307Z 66 PC: 12f81 | Move file pointer (See above)
2018-12-25T11:51:27.06071289Z 64 PC: 12f8d | Write file or device (See above)
2018-12-25T11:51:27.069326334Z 87 PC: 12f9a | Get or set file date and time (See above)
2018-12-25T11:51:27.071519823Z 62 PC: 12f9e | Close file (See above)
2018-12-25T11:51:27.080162468Z 79 PC: 12ec7 | Find next file (See above)
2018-12-25T11:51:27.083489881Z 61 PC: 12f1f | Open file (See above)
2018-12-25T11:51:27.090658788Z 63 PC: 12f35 | Read file or device (See above)
2018-12-25T11:51:27.096996894Z 66 PC: 12f65 | Move file pointer (See above)
2018-12-25T11:51:27.099644077Z 64 PC: 12f71 | Write file or device (See above)
2018-12-25T11:51:27.10275617Z 66 PC: 12f81 | Move file pointer (See above)
2018-12-25T11:51:27.104733016Z 64 PC: 12f8d | Write file or device (See above)
2018-12-25T11:51:27.113024293Z 87 PC: 12f9a | Get or set file date and time (See above)
2018-12-25T11:51:27.115459286Z 62 PC: 12f9e | Close file (See above)
2018-12-25T11:51:27.12413207Z 79 PC: 12ec7 | Find next file (See above)
2018-12-25T11:51:27.126828447Z 61 PC: 12f1f | Open file (See above)
2018-12-25T11:51:27.134304335Z 63 PC: 12f35 | Read file or device (See above)
2018-12-25T11:51:27.137505005Z 62 PC: 12f9e | Close file (See above)
2018-12-25T11:51:27.139556155Z 79 PC: 12ec7 | Find next file (See above)
2018-12-25T11:51:27.142226306Z 26 PC: 12ed5 | Set disk transfer address
2018-12-25T11:51:27.143574894Z 42 PC: 12fc4 | Get date 0x12fc4: cmp dl, 0xd
0x12fc7: jne 0x13006
0x12fc9: cmp al, 5
0x12fcb: jne 0x13006
0x12fcd: xor ax, ax
0x12fcf: mov cx, 0x7fff
0x12fd2: xor di, di
0x12fd4: mov es, word ptr es:[0x2c]
0x12fd9: cld
0x12fda: repne scasd eax, dword ptr es:[di]
0x12fdc: jne 0x13006
0x12fde: add di, 2
0x12fe1: push ds
0x12fe2: push es
0x12fe3: pop ds
0x12fe4: mov ax, 0x4300
0x12fe7: mov dx, di
0x12fe9: int 0x21
0x12feb: jb 0x13005
0x12fed: test cl, 1
2018-12-25T11:51:27.145636575Z 9 PC: 12e26 | Display string (String= 'Hello - Copyright S & S International, 1990 ')

{"DateBased":true,"Day":13,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4319,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:51:24.90222004Z 26 PC: 12eb4 | Set disk transfer address
2018-12-25T11:51:24.903832474Z 78 PC: 12ebe | Find first file
2018-12-25T11:51:24.909619395Z 61 PC: 12f1f | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:51:24.91579315Z 63 PC: 12f35 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:51:24.922199435Z 66 PC: 12f65 | Move file pointer
2018-12-25T11:51:24.923152283Z 64 PC: 12f71 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:51:24.924728659Z 66 PC: 12f81 | Move file pointer
2018-12-25T11:51:24.925938384Z 64 PC: 12f8d | Write file or device (Write 623 bytes on handle 5)
2018-12-25T11:51:25.935668506Z 87 PC: 12f9a | Get or set file date and time
2018-12-25T11:51:25.93731644Z 62 PC: 12f9e | Close file
2018-12-25T11:51:26.174680231Z 79 PC: 12ec7 | Find next file
2018-12-25T11:51:26.177424596Z 61 PC: 12f1f | Open file (See above)
2018-12-25T11:51:26.184076793Z 63 PC: 12f35 | Read file or device (See above)
2018-12-25T11:51:26.190822297Z 66 PC: 12f65 | Move file pointer (See above)
2018-12-25T11:51:26.192218377Z 64 PC: 12f71 | Write file or device (See above)
2018-12-25T11:51:26.194680376Z 66 PC: 12f81 | Move file pointer (See above)
2018-12-25T11:51:26.202367956Z 64 PC: 12f8d | Write file or device (See above)
2018-12-25T11:51:26.663580606Z 87 PC: 12f9a | Get or set file date and time (See above)
2018-12-25T11:51:26.66554013Z 62 PC: 12f9e | Close file (See above)
2018-12-25T11:51:26.831078524Z 79 PC: 12ec7 | Find next file (See above)
2018-12-25T11:51:26.834945166Z 61 PC: 12f1f | Open file (See above)
2018-12-25T11:51:26.841861031Z 63 PC: 12f35 | Read file or device (See above)
2018-12-25T11:51:26.846228162Z 66 PC: 12f65 | Move file pointer (See above)
2018-12-25T11:51:26.852420854Z 64 PC: 12f71 | Write file or device (See above)
2018-12-25T11:51:26.855285686Z 66 PC: 12f81 | Move file pointer (See above)
2018-12-25T11:51:26.856905853Z 64 PC: 12f8d | Write file or device (See above)
2018-12-25T11:51:26.890488977Z 87 PC: 12f9a | Get or set file date and time (See above)
2018-12-25T11:51:26.892148355Z 62 PC: 12f9e | Close file (See above)
2018-12-25T11:51:26.914161261Z 79 PC: 12ec7 | Find next file (See above)
2018-12-25T11:51:26.917488864Z 61 PC: 12f1f | Open file (See above)
2018-12-25T11:51:26.924525767Z 63 PC: 12f35 | Read file or device (See above)
2018-12-25T11:51:26.931226805Z 66 PC: 12f65 | Move file pointer (See above)
2018-12-25T11:51:26.933918962Z 64 PC: 12f71 | Write file or device (See above)
2018-12-25T11:51:26.93669395Z 66 PC: 12f81 | Move file pointer (See above)
2018-12-25T11:51:26.938303441Z 64 PC: 12f8d | Write file or device (See above)
2018-12-25T11:51:27.013891156Z 87 PC: 12f9a | Get or set file date and time (See above)
2018-12-25T11:51:27.015852831Z 62 PC: 12f9e | Close file (See above)
2018-12-25T11:51:27.02350016Z 79 PC: 12ec7 | Find next file (See above)
2018-12-25T11:51:27.028114646Z 61 PC: 12f1f | Open file (See above)
2018-12-25T11:51:27.034867321Z 63 PC: 12f35 | Read file or device (See above)
2018-12-25T11:51:27.041235109Z 66 PC: 12f65 | Move file pointer (See above)
2018-12-25T11:51:27.043087393Z 64 PC: 12f71 | Write file or device (See above)
2018-12-25T11:51:27.047391516Z 66 PC: 12f81 | Move file pointer (See above)
2018-12-25T11:51:27.049019478Z 64 PC: 12f8d | Write file or device (See above)
2018-12-25T11:51:27.057529794Z 87 PC: 12f9a | Get or set file date and time (See above)
2018-12-25T11:51:27.060169676Z 62 PC: 12f9e | Close file (See above)
2018-12-25T11:51:27.067923957Z 79 PC: 12ec7 | Find next file (See above)
2018-12-25T11:51:27.070773012Z 61 PC: 12f1f | Open file (See above)
2018-12-25T11:51:27.07842493Z 63 PC: 12f35 | Read file or device (See above)
2018-12-25T11:51:27.084868043Z 66 PC: 12f65 | Move file pointer (See above)
2018-12-25T11:51:27.086203773Z 64 PC: 12f71 | Write file or device (See above)
2018-12-25T11:51:27.089707933Z 66 PC: 12f81 | Move file pointer (See above)
2018-12-25T11:51:27.091363045Z 64 PC: 12f8d | Write file or device (See above)
2018-12-25T11:51:27.100335112Z 87 PC: 12f9a | Get or set file date and time (See above)
2018-12-25T11:51:27.102979733Z 62 PC: 12f9e | Close file (See above)
2018-12-25T11:51:27.111592175Z 79 PC: 12ec7 | Find next file (See above)
2018-12-25T11:51:27.114889337Z 61 PC: 12f1f | Open file (See above)
2018-12-25T11:51:27.121835133Z 63 PC: 12f35 | Read file or device (See above)
2018-12-25T11:51:27.129526257Z 66 PC: 12f65 | Move file pointer (See above)
2018-12-25T11:51:27.131250536Z 64 PC: 12f71 | Write file or device (See above)
2018-12-25T11:51:27.133435522Z 66 PC: 12f81 | Move file pointer (See above)
2018-12-25T11:51:27.135012594Z 64 PC: 12f8d | Write file or device (See above)
2018-12-25T11:51:27.142888043Z 87 PC: 12f9a | Get or set file date and time (See above)
2018-12-25T11:51:27.14480429Z 62 PC: 12f9e | Close file (See above)
2018-12-25T11:51:27.152643324Z 79 PC: 12ec7 | Find next file (See above)
2018-12-25T11:51:27.155474109Z 61 PC: 12f1f | Open file (See above)
2018-12-25T11:51:27.162251729Z 63 PC: 12f35 | Read file or device (See above)
2018-12-25T11:51:27.167621506Z 62 PC: 12f9e | Close file (See above)
2018-12-25T11:51:27.169860628Z 79 PC: 12ec7 | Find next file (See above)
2018-12-25T11:51:27.172644208Z 26 PC: 12ed5 | Set disk transfer address
2018-12-25T11:51:27.175115079Z 42 PC: 12fc4 | Get date 0x12fc4: cmp dl, 0xd
0x12fc7: jne 0x13006
0x12fc9: cmp al, 5
0x12fcb: jne 0x13006
0x12fcd: xor ax, ax
0x12fcf: mov cx, 0x7fff
0x12fd2: xor di, di
0x12fd4: mov es, word ptr es:[0x2c]
0x12fd9: cld
0x12fda: repne scasd eax, dword ptr es:[di]
0x12fdc: jne 0x13006
0x12fde: add di, 2
0x12fe1: push ds
0x12fe2: push es
0x12fe3: pop ds
0x12fe4: mov ax, 0x4300
0x12fe7: mov dx, di
0x12fe9: int 0x21
0x12feb: jb 0x13005
0x12fed: test cl, 1
2018-12-25T11:51:27.177609062Z 9 PC: 12e26 | Display string (String= 'Hello - Copyright S & S International, 1990 ')

{"DateBased":true,"Day":13,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4319,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:51:25.056335432Z 26 PC: 12eb4 | Set disk transfer address
2018-12-25T11:51:25.057658735Z 78 PC: 12ebe | Find first file
2018-12-25T11:51:25.063291777Z 61 PC: 12f1f | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:51:25.069574243Z 63 PC: 12f35 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:51:25.076464691Z 66 PC: 12f65 | Move file pointer
2018-12-25T11:51:25.07780503Z 64 PC: 12f71 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:51:25.080284965Z 66 PC: 12f81 | Move file pointer
2018-12-25T11:51:25.081888084Z 64 PC: 12f8d | Write file or device (Write 623 bytes on handle 5)
2018-12-25T11:51:27.013061778Z 87 PC: 12f9a | Get or set file date and time
2018-12-25T11:51:27.01637832Z 62 PC: 12f9e | Close file
2018-12-25T11:51:27.025797383Z 79 PC: 12ec7 | Find next file
2018-12-25T11:51:27.03252963Z 61 PC: 12f1f | Open file (See above)
2018-12-25T11:51:27.03912336Z 63 PC: 12f35 | Read file or device (See above)
2018-12-25T11:51:27.046449719Z 66 PC: 12f65 | Move file pointer (See above)
2018-12-25T11:51:27.051117694Z 64 PC: 12f71 | Write file or device (See above)
2018-12-25T11:51:27.054471433Z 66 PC: 12f81 | Move file pointer (See above)
2018-12-25T11:51:27.056010167Z 64 PC: 12f8d | Write file or device (See above)
2018-12-25T11:51:27.090508651Z 87 PC: 12f9a | Get or set file date and time (See above)
2018-12-25T11:51:27.092140159Z 62 PC: 12f9e | Close file (See above)
2018-12-25T11:51:27.110841203Z 79 PC: 12ec7 | Find next file (See above)
2018-12-25T11:51:27.115246467Z 61 PC: 12f1f | Open file (See above)
2018-12-25T11:51:27.120569062Z 63 PC: 12f35 | Read file or device (See above)
2018-12-25T11:51:27.127031625Z 66 PC: 12f65 | Move file pointer (See above)
2018-12-25T11:51:27.128854007Z 64 PC: 12f71 | Write file or device (See above)
2018-12-25T11:51:27.131526176Z 66 PC: 12f81 | Move file pointer (See above)
2018-12-25T11:51:27.13281091Z 64 PC: 12f8d | Write file or device (See above)
2018-12-25T11:51:27.141508267Z 87 PC: 12f9a | Get or set file date and time (See above)
2018-12-25T11:51:27.143035549Z 62 PC: 12f9e | Close file (See above)
2018-12-25T11:51:27.150531172Z 79 PC: 12ec7 | Find next file (See above)
2018-12-25T11:51:27.154106496Z 61 PC: 12f1f | Open file (See above)
2018-12-25T11:51:27.159052739Z 63 PC: 12f35 | Read file or device (See above)
2018-12-25T11:51:27.165344325Z 66 PC: 12f65 | Move file pointer (See above)
2018-12-25T11:51:27.16726024Z 64 PC: 12f71 | Write file or device (See above)
2018-12-25T11:51:27.169167862Z 66 PC: 12f81 | Move file pointer (See above)
2018-12-25T11:51:27.170704542Z 64 PC: 12f8d | Write file or device (See above)
2018-12-25T11:51:27.176892503Z 87 PC: 12f9a | Get or set file date and time (See above)
2018-12-25T11:51:27.178813988Z 62 PC: 12f9e | Close file (See above)
2018-12-25T11:51:27.187914743Z 79 PC: 12ec7 | Find next file (See above)
2018-12-25T11:51:27.191107647Z 61 PC: 12f1f | Open file (See above)
2018-12-25T11:51:27.198486965Z 63 PC: 12f35 | Read file or device (See above)
2018-12-25T11:51:27.204599015Z 66 PC: 12f65 | Move file pointer (See above)
2018-12-25T11:51:27.207086317Z 64 PC: 12f71 | Write file or device (See above)
2018-12-25T11:51:27.209984563Z 66 PC: 12f81 | Move file pointer (See above)
2018-12-25T11:51:27.211746286Z 64 PC: 12f8d | Write file or device (See above)
2018-12-25T11:51:27.220115107Z 87 PC: 12f9a | Get or set file date and time (See above)
2018-12-25T11:51:27.222135601Z 62 PC: 12f9e | Close file (See above)
2018-12-25T11:51:27.230009094Z 79 PC: 12ec7 | Find next file (See above)
2018-12-25T11:51:27.233159057Z 61 PC: 12f1f | Open file (See above)
2018-12-25T11:51:27.240424502Z 63 PC: 12f35 | Read file or device (See above)
2018-12-25T11:51:27.247768453Z 66 PC: 12f65 | Move file pointer (See above)
2018-12-25T11:51:27.249583502Z 64 PC: 12f71 | Write file or device (See above)
2018-12-25T11:51:27.253309406Z 66 PC: 12f81 | Move file pointer (See above)
2018-12-25T11:51:27.254935378Z 64 PC: 12f8d | Write file or device (See above)
2018-12-25T11:51:27.263201798Z 87 PC: 12f9a | Get or set file date and time (See above)
2018-12-25T11:51:27.26540045Z 62 PC: 12f9e | Close file (See above)
2018-12-25T11:51:27.273029983Z 79 PC: 12ec7 | Find next file (See above)
2018-12-25T11:51:27.277888001Z 61 PC: 12f1f | Open file (See above)
2018-12-25T11:51:27.285064356Z 63 PC: 12f35 | Read file or device (See above)
2018-12-25T11:51:27.291602804Z 66 PC: 12f65 | Move file pointer (See above)
2018-12-25T11:51:27.293288286Z 64 PC: 12f71 | Write file or device (See above)
2018-12-25T11:51:27.297269535Z 66 PC: 12f81 | Move file pointer (See above)
2018-12-25T11:51:27.29893201Z 64 PC: 12f8d | Write file or device (See above)
2018-12-25T11:51:27.306740844Z 87 PC: 12f9a | Get or set file date and time (See above)
2018-12-25T11:51:27.30929094Z 62 PC: 12f9e | Close file (See above)
2018-12-25T11:51:27.317443393Z 79 PC: 12ec7 | Find next file (See above)
2018-12-25T11:51:27.320340024Z 61 PC: 12f1f | Open file (See above)
2018-12-25T11:51:27.327967945Z 63 PC: 12f35 | Read file or device (See above)
2018-12-25T11:51:27.330859997Z 62 PC: 12f9e | Close file (See above)
2018-12-25T11:51:27.332946732Z 79 PC: 12ec7 | Find next file (See above)
2018-12-25T11:51:27.336505681Z 26 PC: 12ed5 | Set disk transfer address
2018-12-25T11:51:27.338272208Z 42 PC: 12fc4 | Get date 0x12fc4: cmp dl, 0xd
0x12fc7: jne 0x13006
0x12fc9: cmp al, 5
0x12fcb: jne 0x13006
0x12fcd: xor ax, ax
0x12fcf: mov cx, 0x7fff
0x12fd2: xor di, di
0x12fd4: mov es, word ptr es:[0x2c]
0x12fd9: cld
0x12fda: repne scasd eax, dword ptr es:[di]
0x12fdc: jne 0x13006
0x12fde: add di, 2
0x12fe1: push ds
0x12fe2: push es
0x12fe3: pop ds
0x12fe4: mov ax, 0x4300
0x12fe7: mov dx, di
0x12fe9: int 0x21
0x12feb: jb 0x13005
0x12fed: test cl, 1
2018-12-25T11:51:27.340803239Z 9 PC: 12e26 | Display string (String= 'Hello - Copyright S & S International, 1990 ')

{"DateBased":true,"Day":13,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4319,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:51:25.257518676Z 26 PC: 12eb4 | Set disk transfer address
2018-12-25T11:51:25.258856354Z 78 PC: 12ebe | Find first file
2018-12-25T11:51:25.26472279Z 61 PC: 12f1f | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:51:25.270998406Z 63 PC: 12f35 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:51:25.277836844Z 66 PC: 12f65 | Move file pointer
2018-12-25T11:51:25.279184492Z 64 PC: 12f71 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:51:25.281693918Z 66 PC: 12f81 | Move file pointer
2018-12-25T11:51:25.283742285Z 64 PC: 12f8d | Write file or device (Write 623 bytes on handle 5)
2018-12-25T11:51:27.012814159Z 87 PC: 12f9a | Get or set file date and time
2018-12-25T11:51:27.014395115Z 62 PC: 12f9e | Close file
2018-12-25T11:51:27.023023275Z 79 PC: 12ec7 | Find next file
2018-12-25T11:51:27.026525818Z 61 PC: 12f1f | Open file (See above)
2018-12-25T11:51:27.033370527Z 63 PC: 12f35 | Read file or device (See above)
2018-12-25T11:51:27.040386737Z 66 PC: 12f65 | Move file pointer (See above)
2018-12-25T11:51:27.04342863Z 64 PC: 12f71 | Write file or device (See above)
2018-12-25T11:51:27.046146572Z 66 PC: 12f81 | Move file pointer (See above)
2018-12-25T11:51:27.047479622Z 64 PC: 12f8d | Write file or device (See above)
2018-12-25T11:51:27.056529156Z 87 PC: 12f9a | Get or set file date and time (See above)
2018-12-25T11:51:27.058299647Z 62 PC: 12f9e | Close file (See above)
2018-12-25T11:51:27.066131166Z 79 PC: 12ec7 | Find next file (See above)
2018-12-25T11:51:27.069590118Z 61 PC: 12f1f | Open file (See above)
2018-12-25T11:51:27.075952777Z 63 PC: 12f35 | Read file or device (See above)
2018-12-25T11:51:27.082099172Z 66 PC: 12f65 | Move file pointer (See above)
2018-12-25T11:51:27.083841413Z 64 PC: 12f71 | Write file or device (See above)
2018-12-25T11:51:27.086740899Z 66 PC: 12f81 | Move file pointer (See above)
2018-12-25T11:51:27.088426214Z 64 PC: 12f8d | Write file or device (See above)
2018-12-25T11:51:27.096941946Z 87 PC: 12f9a | Get or set file date and time (See above)
2018-12-25T11:51:27.098486312Z 62 PC: 12f9e | Close file (See above)
2018-12-25T11:51:27.106541006Z 79 PC: 12ec7 | Find next file (See above)
2018-12-25T11:51:27.110244739Z 61 PC: 12f1f | Open file (See above)
2018-12-25T11:51:27.116769351Z 63 PC: 12f35 | Read file or device (See above)
2018-12-25T11:51:27.123251524Z 66 PC: 12f65 | Move file pointer (See above)
2018-12-25T11:51:27.125921067Z 64 PC: 12f71 | Write file or device (See above)
2018-12-25T11:51:27.128859288Z 66 PC: 12f81 | Move file pointer (See above)
2018-12-25T11:51:27.130519377Z 64 PC: 12f8d | Write file or device (See above)
2018-12-25T11:51:27.139946269Z 87 PC: 12f9a | Get or set file date and time (See above)
2018-12-25T11:51:27.141940379Z 62 PC: 12f9e | Close file (See above)
2018-12-25T11:51:27.149625062Z 79 PC: 12ec7 | Find next file (See above)
2018-12-25T11:51:27.152841313Z 61 PC: 12f1f | Open file (See above)
2018-12-25T11:51:27.160335939Z 63 PC: 12f35 | Read file or device (See above)
2018-12-25T11:51:27.166823119Z 66 PC: 12f65 | Move file pointer (See above)
2018-12-25T11:51:27.168420835Z 64 PC: 12f71 | Write file or device (See above)
2018-12-25T11:51:27.172220127Z 66 PC: 12f81 | Move file pointer (See above)
2018-12-25T11:51:27.174255573Z 64 PC: 12f8d | Write file or device (See above)
2018-12-25T11:51:27.194891151Z 87 PC: 12f9a | Get or set file date and time (See above)
2018-12-25T11:51:27.197307786Z 62 PC: 12f9e | Close file (See above)
2018-12-25T11:51:27.205423993Z 79 PC: 12ec7 | Find next file (See above)
2018-12-25T11:51:27.208151602Z 61 PC: 12f1f | Open file (See above)
2018-12-25T11:51:27.222221013Z 63 PC: 12f35 | Read file or device (See above)
2018-12-25T11:51:27.228563476Z 66 PC: 12f65 | Move file pointer (See above)
2018-12-25T11:51:27.229890486Z 64 PC: 12f71 | Write file or device (See above)
2018-12-25T11:51:27.233032Z 66 PC: 12f81 | Move file pointer (See above)
2018-12-25T11:51:27.234455822Z 64 PC: 12f8d | Write file or device (See above)
2018-12-25T11:51:27.242780661Z 87 PC: 12f9a | Get or set file date and time (See above)
2018-12-25T11:51:27.244695667Z 62 PC: 12f9e | Close file (See above)
2018-12-25T11:51:27.252300054Z 79 PC: 12ec7 | Find next file (See above)
2018-12-25T11:51:27.2553905Z 61 PC: 12f1f | Open file (See above)
2018-12-25T11:51:27.263105472Z 63 PC: 12f35 | Read file or device (See above)
2018-12-25T11:51:27.269323431Z 66 PC: 12f65 | Move file pointer (See above)
2018-12-25T11:51:27.270775697Z 64 PC: 12f71 | Write file or device (See above)
2018-12-25T11:51:27.274029524Z 66 PC: 12f81 | Move file pointer (See above)
2018-12-25T11:51:27.27572114Z 64 PC: 12f8d | Write file or device (See above)
2018-12-25T11:51:27.284105081Z 87 PC: 12f9a | Get or set file date and time (See above)
2018-12-25T11:51:27.286228433Z 62 PC: 12f9e | Close file (See above)
2018-12-25T11:51:27.295297692Z 79 PC: 12ec7 | Find next file (See above)
2018-12-25T11:51:27.298433838Z 61 PC: 12f1f | Open file (See above)
2018-12-25T11:51:27.305672692Z 63 PC: 12f35 | Read file or device (See above)
2018-12-25T11:51:27.309710162Z 62 PC: 12f9e | Close file (See above)
2018-12-25T11:51:27.311785937Z 79 PC: 12ec7 | Find next file (See above)
2018-12-25T11:51:27.314417659Z 26 PC: 12ed5 | Set disk transfer address
2018-12-25T11:51:27.316740461Z 42 PC: 12fc4 | Get date 0x12fc4: cmp dl, 0xd
0x12fc7: jne 0x13006
0x12fc9: cmp al, 5
0x12fcb: jne 0x13006
0x12fcd: xor ax, ax
0x12fcf: mov cx, 0x7fff
0x12fd2: xor di, di
0x12fd4: mov es, word ptr es:[0x2c]
0x12fd9: cld
0x12fda: repne scasd eax, dword ptr es:[di]
0x12fdc: jne 0x13006
0x12fde: add di, 2
0x12fe1: push ds
0x12fe2: push es
0x12fe3: pop ds
0x12fe4: mov ax, 0x4300
0x12fe7: mov dx, di
0x12fe9: int 0x21
0x12feb: jb 0x13005
0x12fed: test cl, 1
2018-12-25T11:51:27.319222827Z 67 PC: 12feb | Get or set file attributes
2018-12-25T11:51:27.324976278Z 65 PC: 13005 | Delete file (Filename = 'A:\TEST.COM')
2018-12-25T11:51:27.336919626Z 9 PC: 12e26 | Display string (String= 'Hello - Copyright S & S International, 1990 ')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4319,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:51:25.316228879Z 26 PC: 12eb4 | Set disk transfer address
2018-12-25T11:51:25.323105875Z 78 PC: 12ebe | Find first file
2018-12-25T11:51:25.328816527Z 61 PC: 12f1f | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:51:25.334986776Z 63 PC: 12f35 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:51:25.341459432Z 66 PC: 12f65 | Move file pointer
2018-12-25T11:51:25.342655858Z 64 PC: 12f71 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:51:25.345039429Z 66 PC: 12f81 | Move file pointer
2018-12-25T11:51:25.346584991Z 64 PC: 12f8d | Write file or device (Write 623 bytes on handle 5)
2018-12-25T11:51:27.012451986Z 87 PC: 12f9a | Get or set file date and time
2018-12-25T11:51:27.014429606Z 62 PC: 12f9e | Close file
2018-12-25T11:51:27.023378675Z 79 PC: 12ec7 | Find next file
2018-12-25T11:51:27.026627542Z 61 PC: 12f1f | Open file (See above)
2018-12-25T11:51:27.036748906Z 63 PC: 12f35 | Read file or device (See above)
2018-12-25T11:51:27.044175237Z 66 PC: 12f65 | Move file pointer (See above)
2018-12-25T11:51:27.046975949Z 64 PC: 12f71 | Write file or device (See above)
2018-12-25T11:51:27.049628703Z 66 PC: 12f81 | Move file pointer (See above)
2018-12-25T11:51:27.050659278Z 64 PC: 12f8d | Write file or device (See above)
2018-12-25T11:51:27.057148357Z 87 PC: 12f9a | Get or set file date and time (See above)
2018-12-25T11:51:27.05874564Z 62 PC: 12f9e | Close file (See above)
2018-12-25T11:51:27.06485663Z 79 PC: 12ec7 | Find next file (See above)
2018-12-25T11:51:27.068534299Z 61 PC: 12f1f | Open file (See above)
2018-12-25T11:51:27.075070361Z 63 PC: 12f35 | Read file or device (See above)
2018-12-25T11:51:27.081296917Z 66 PC: 12f65 | Move file pointer (See above)
2018-12-25T11:51:27.084516984Z 64 PC: 12f71 | Write file or device (See above)
2018-12-25T11:51:27.087738078Z 66 PC: 12f81 | Move file pointer (See above)
2018-12-25T11:51:27.089279128Z 64 PC: 12f8d | Write file or device (See above)
2018-12-25T11:51:27.097789295Z 87 PC: 12f9a | Get or set file date and time (See above)
2018-12-25T11:51:27.099318497Z 62 PC: 12f9e | Close file (See above)
2018-12-25T11:51:27.105473267Z 79 PC: 12ec7 | Find next file (See above)
2018-12-25T11:51:27.108664327Z 61 PC: 12f1f | Open file (See above)
2018-12-25T11:51:27.115055297Z 63 PC: 12f35 | Read file or device (See above)
2018-12-25T11:51:27.119465632Z 66 PC: 12f65 | Move file pointer (See above)
2018-12-25T11:51:27.120888181Z 64 PC: 12f71 | Write file or device (See above)
2018-12-25T11:51:27.12512508Z 66 PC: 12f81 | Move file pointer (See above)
2018-12-25T11:51:27.127086661Z 64 PC: 12f8d | Write file or device (See above)
2018-12-25T11:51:27.136267604Z 87 PC: 12f9a | Get or set file date and time (See above)
2018-12-25T11:51:27.138623877Z 62 PC: 12f9e | Close file (See above)
2018-12-25T11:51:27.147114888Z 79 PC: 12ec7 | Find next file (See above)
2018-12-25T11:51:27.150389453Z 61 PC: 12f1f | Open file (See above)
2018-12-25T11:51:27.158626745Z 63 PC: 12f35 | Read file or device (See above)
2018-12-25T11:51:27.180797034Z 66 PC: 12f65 | Move file pointer (See above)
2018-12-25T11:51:27.182155012Z 64 PC: 12f71 | Write file or device (See above)
2018-12-25T11:51:27.185236317Z 66 PC: 12f81 | Move file pointer (See above)
2018-12-25T11:51:27.186507519Z 64 PC: 12f8d | Write file or device (See above)
2018-12-25T11:51:27.206898408Z 87 PC: 12f9a | Get or set file date and time (See above)
2018-12-25T11:51:27.208987114Z 62 PC: 12f9e | Close file (See above)
2018-12-25T11:51:27.215279711Z 79 PC: 12ec7 | Find next file (See above)
2018-12-25T11:51:27.217120851Z 61 PC: 12f1f | Open file (See above)
2018-12-25T11:51:27.223036313Z 63 PC: 12f35 | Read file or device (See above)
2018-12-25T11:51:27.227739938Z 66 PC: 12f65 | Move file pointer (See above)
2018-12-25T11:51:27.228942049Z 64 PC: 12f71 | Write file or device (See above)
2018-12-25T11:51:27.231506178Z 66 PC: 12f81 | Move file pointer (See above)
2018-12-25T11:51:27.23282596Z 64 PC: 12f8d | Write file or device (See above)
2018-12-25T11:51:27.238413767Z 87 PC: 12f9a | Get or set file date and time (See above)
2018-12-25T11:51:27.24017359Z 62 PC: 12f9e | Close file (See above)
2018-12-25T11:51:27.245487793Z 79 PC: 12ec7 | Find next file (See above)
2018-12-25T11:51:27.247904541Z 61 PC: 12f1f | Open file (See above)
2018-12-25T11:51:27.25388807Z 63 PC: 12f35 | Read file or device (See above)
2018-12-25T11:51:27.260581838Z 66 PC: 12f65 | Move file pointer (See above)
2018-12-25T11:51:27.2622079Z 64 PC: 12f71 | Write file or device (See above)
2018-12-25T11:51:27.266132496Z 66 PC: 12f81 | Move file pointer (See above)
2018-12-25T11:51:27.268027818Z 64 PC: 12f8d | Write file or device (See above)
2018-12-25T11:51:27.276093236Z 87 PC: 12f9a | Get or set file date and time (See above)
2018-12-25T11:51:27.278542446Z 62 PC: 12f9e | Close file (See above)
2018-12-25T11:51:27.286478441Z 79 PC: 12ec7 | Find next file (See above)
2018-12-25T11:51:27.289321252Z 61 PC: 12f1f | Open file (See above)
2018-12-25T11:51:27.296770381Z 63 PC: 12f35 | Read file or device (See above)
2018-12-25T11:51:27.300395897Z 62 PC: 12f9e | Close file (See above)
2018-12-25T11:51:27.302463049Z 79 PC: 12ec7 | Find next file (See above)
2018-12-25T11:51:27.304870987Z 26 PC: 12ed5 | Set disk transfer address
2018-12-25T11:51:27.306797122Z 42 PC: 12fc4 | Get date 0x12fc4: cmp dl, 0xd
0x12fc7: jne 0x13006
0x12fc9: cmp al, 5
0x12fcb: jne 0x13006
0x12fcd: xor ax, ax
0x12fcf: mov cx, 0x7fff
0x12fd2: xor di, di
0x12fd4: mov es, word ptr es:[0x2c]
0x12fd9: cld
0x12fda: repne scasd eax, dword ptr es:[di]
0x12fdc: jne 0x13006
0x12fde: add di, 2
0x12fe1: push ds
0x12fe2: push es
0x12fe3: pop ds
0x12fe4: mov ax, 0x4300
0x12fe7: mov dx, di
0x12fe9: int 0x21
0x12feb: jb 0x13005
0x12fed: test cl, 1
2018-12-25T11:51:27.309080962Z 9 PC: 12e26 | Display string (String= 'Hello - Copyright S & S International, 1990 ')