Sample viewer

vx.netlux.org/Virus.DOS.Hider.2169

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:24:41.592879087Z	26	PC: 12bcd \| Set disk transfer address
2018-12-17T22:24:41.594998295Z	71	PC: 12bdb \| Get current directory
2018-12-17T22:24:41.599298936Z	78	PC: 130ec \| Find first file
2018-12-17T22:24:41.606242709Z	78	PC: 1310b \| Find first file
2018-12-17T22:24:41.613049713Z	78	PC: 12bf6 \| Find first file
2018-12-17T22:24:41.621105053Z	67	PC: 1308a \| Get or set file attributes
2018-12-17T22:24:41.627877508Z	67	PC: 13096 \| Get or set file attributes
2018-12-17T22:24:41.647179696Z	61	PC: 12efe \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:24:41.656238712Z	66	PC: 12f08 \| Move file pointer
2018-12-17T22:24:41.658452316Z	66	PC: 12f3e \| Move file pointer
2018-12-17T22:24:41.660577913Z	63	PC: 12f4b \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:24:41.669379022Z	87	PC: 130aa \| Get or set file date and time
2018-12-17T22:24:41.6767991Z	66	PC: 12ee8 \| Move file pointer
2018-12-17T22:24:41.678604515Z	63	PC: 12ef2 \| Read file or device (Read 256 bytes on handle 5)
2018-12-17T22:24:41.681538897Z	66	PC: 12c2e \| Move file pointer
2018-12-17T22:24:41.683514214Z	63	PC: 12c38 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:24:41.68631909Z	66	PC: 12c41 \| Move file pointer
2018-12-17T22:24:41.687938549Z	64	PC: 12c51 \| Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:24:41.691708733Z	64	PC: 12c5c \| Write file or device (Write 2 bytes on handle 5)
2018-12-17T22:24:41.699527355Z	66	PC: 12c70 \| Move file pointer
2018-12-17T22:24:41.70147524Z	64	PC: 12c84 \| Write file or device (Write 2167 bytes on handle 5)
2018-12-17T22:24:41.716797616Z	64	PC: 1313b \| Write file or device (Write 2 bytes on handle 5)
2018-12-17T22:24:41.720749927Z	87	PC: 130c4 \| Get or set file date and time
2018-12-17T22:24:41.728348461Z	62	PC: 12c8e \| Close file
2018-12-17T22:24:41.738408298Z	67	PC: 130a4 \| Get or set file attributes
2018-12-17T22:24:41.750896475Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:24:41.75426125Z	67	PC: 1308a \| Get or set file attributes
2018-12-17T22:24:41.762264463Z	67	PC: 13096 \| Get or set file attributes
2018-12-17T22:24:41.773542225Z	61	PC: 12efe \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:24:41.77807166Z	66	PC: 12f08 \| Move file pointer
2018-12-17T22:24:41.779609092Z	62	PC: 12f5b \| Close file
2018-12-17T22:24:41.781183665Z	67	PC: 130a4 \| Get or set file attributes
2018-12-17T22:24:41.788457582Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:24:41.791839465Z	67	PC: 1308a \| Get or set file attributes
2018-12-17T22:24:41.804327166Z	67	PC: 13096 \| Get or set file attributes
2018-12-17T22:24:41.817047973Z	61	PC: 12efe \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:24:41.823026933Z	66	PC: 12f08 \| Move file pointer
2018-12-17T22:24:41.825175009Z	62	PC: 12f5b \| Close file
2018-12-17T22:24:41.827404181Z	67	PC: 130a4 \| Get or set file attributes
2018-12-17T22:24:41.839115847Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:24:41.841818264Z	67	PC: 1308a \| Get or set file attributes
2018-12-17T22:24:41.848874536Z	67	PC: 13096 \| Get or set file attributes
2018-12-17T22:24:41.860211151Z	61	PC: 12efe \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:24:41.874051262Z	66	PC: 12f08 \| Move file pointer
2018-12-17T22:24:41.877356668Z	62	PC: 12f5b \| Close file
2018-12-17T22:24:41.879726936Z	67	PC: 130a4 \| Get or set file attributes
2018-12-17T22:24:41.892017262Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:24:41.895051734Z	67	PC: 1308a \| Get or set file attributes
2018-12-17T22:24:41.901437002Z	67	PC: 13096 \| Get or set file attributes
2018-12-17T22:24:41.912911345Z	61	PC: 12efe \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:24:41.920962172Z	66	PC: 12f08 \| Move file pointer
2018-12-17T22:24:41.923202307Z	62	PC: 12f5b \| Close file
2018-12-17T22:24:41.926244057Z	67	PC: 130a4 \| Get or set file attributes
2018-12-17T22:24:41.938951208Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:24:41.942215747Z	67	PC: 1308a \| Get or set file attributes
2018-12-17T22:24:41.948782213Z	67	PC: 13096 \| Get or set file attributes
2018-12-17T22:24:41.960619229Z	61	PC: 12efe \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:24:41.968663282Z	66	PC: 12f08 \| Move file pointer
2018-12-17T22:24:41.97065748Z	66	PC: 12f3e \| Move file pointer
2018-12-17T22:24:41.97329504Z	63	PC: 12f4b \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:24:41.980979171Z	87	PC: 130aa \| Get or set file date and time
2018-12-17T22:24:41.983043055Z	66	PC: 12ee8 \| Move file pointer
2018-12-17T22:24:41.985191371Z	63	PC: 12ef2 \| Read file or device (Read 256 bytes on handle 5)
2018-12-17T22:24:41.989065455Z	66	PC: 12c2e \| Move file pointer
2018-12-17T22:24:41.990971372Z	63	PC: 12c38 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:24:41.994034689Z	66	PC: 12c41 \| Move file pointer
2018-12-17T22:24:41.996532433Z	64	PC: 12c51 \| Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:24:41.999771109Z	64	PC: 12c5c \| Write file or device (Write 2 bytes on handle 5)
2018-12-17T22:24:42.002952104Z	66	PC: 12c70 \| Move file pointer
2018-12-17T22:24:42.005530001Z	64	PC: 12c84 \| Write file or device (Write 2167 bytes on handle 5)
2018-12-17T22:24:42.016812097Z	64	PC: 1313b \| Write file or device (Write 2 bytes on handle 5)
2018-12-17T22:24:42.019779851Z	87	PC: 130c4 \| Get or set file date and time
2018-12-17T22:24:42.022053852Z	62	PC: 12c8e \| Close file
2018-12-17T22:24:42.031073085Z	67	PC: 130a4 \| Get or set file attributes
2018-12-17T22:24:42.041806143Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:24:42.045318136Z	67	PC: 1308a \| Get or set file attributes
2018-12-17T22:24:42.051901581Z	67	PC: 13096 \| Get or set file attributes
2018-12-17T22:24:42.063278534Z	61	PC: 12efe \| Open file (Filename = 'PAH.COM')
2018-12-17T22:24:42.076546527Z	66	PC: 12f08 \| Move file pointer
2018-12-17T22:24:42.078787405Z	62	PC: 12f5b \| Close file
2018-12-17T22:24:42.080998569Z	67	PC: 130a4 \| Get or set file attributes
2018-12-17T22:24:42.09518866Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:24:42.097596565Z	67	PC: 1308a \| Get or set file attributes
2018-12-17T22:24:42.101534919Z	67	PC: 13096 \| Get or set file attributes
2018-12-17T22:24:42.111817884Z	61	PC: 12efe \| Open file (Filename = 'TEST.COM')
2018-12-17T22:24:42.119325945Z	66	PC: 12f08 \| Move file pointer
2018-12-17T22:24:42.120861748Z	66	PC: 12f3e \| Move file pointer
2018-12-17T22:24:42.12231526Z	63	PC: 12f4b \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:24:42.128967054Z	62	PC: 12f5b \| Close file
2018-12-17T22:24:42.130790949Z	67	PC: 130a4 \| Get or set file attributes
2018-12-17T22:24:42.142538792Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:24:42.145466779Z	78	PC: 12cb3 \| Find first file
2018-12-17T22:24:42.150969998Z	59	PC: 12fb3 \| Change current directory
2018-12-17T22:24:42.154977964Z	78	PC: 130ec \| Find first file
2018-12-17T22:24:42.161174067Z	78	PC: 1310b \| Find first file
2018-12-17T22:24:42.167018434Z	78	PC: 12bf6 \| Find first file
2018-12-17T22:24:42.176986183Z	67	PC: 1308a \| Get or set file attributes
2018-12-17T22:24:42.186766017Z	67	PC: 13096 \| Get or set file attributes
2018-12-17T22:24:42.19917103Z	61	PC: 12efe \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:24:42.210111561Z	66	PC: 12f08 \| Move file pointer
2018-12-17T22:24:42.211930805Z	66	PC: 12f3e \| Move file pointer
2018-12-17T22:24:42.214614051Z	63	PC: 12f4b \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:24:42.222945456Z	62	PC: 12f5b \| Close file
2018-12-17T22:24:42.226185334Z	67	PC: 130a4 \| Get or set file attributes
2018-12-17T22:24:42.238958972Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:24:42.242651385Z	67	PC: 1308a \| Get or set file attributes
2018-12-17T22:24:42.249368799Z	67	PC: 13096 \| Get or set file attributes
2018-12-17T22:24:42.261448535Z	61	PC: 12efe \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:24:42.270397037Z	66	PC: 12f08 \| Move file pointer
2018-12-17T22:24:42.272649404Z	62	PC: 12f5b \| Close file
2018-12-17T22:24:42.275115025Z	67	PC: 130a4 \| Get or set file attributes
2018-12-17T22:24:42.287180316Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:24:42.289741119Z	67	PC: 1308a \| Get or set file attributes
2018-12-17T22:24:42.295089576Z	67	PC: 13096 \| Get or set file attributes
2018-12-17T22:24:42.30664513Z	61	PC: 12efe \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:24:42.315252309Z	66	PC: 12f08 \| Move file pointer
2018-12-17T22:24:42.317287669Z	62	PC: 12f5b \| Close file
2018-12-17T22:24:42.320517538Z	67	PC: 130a4 \| Get or set file attributes
2018-12-17T22:24:42.331993451Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:24:42.336113665Z	67	PC: 1308a \| Get or set file attributes
2018-12-17T22:24:42.343553352Z	67	PC: 13096 \| Get or set file attributes
2018-12-17T22:24:42.355104969Z	61	PC: 12efe \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:24:42.3627748Z	66	PC: 12f08 \| Move file pointer
2018-12-17T22:24:42.364673515Z	62	PC: 12f5b \| Close file
2018-12-17T22:24:42.368032785Z	67	PC: 130a4 \| Get or set file attributes
2018-12-17T22:24:42.378964308Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:24:42.382221079Z	67	PC: 1308a \| Get or set file attributes
2018-12-17T22:24:42.390424168Z	67	PC: 13096 \| Get or set file attributes
2018-12-17T22:24:42.401539281Z	61	PC: 12efe \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:24:42.408951294Z	66	PC: 12f08 \| Move file pointer
2018-12-17T22:24:42.411578167Z	62	PC: 12f5b \| Close file
2018-12-17T22:24:42.414052537Z	67	PC: 130a4 \| Get or set file attributes
2018-12-17T22:24:42.425186412Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:24:42.429476305Z	67	PC: 1308a \| Get or set file attributes
2018-12-17T22:24:42.436388471Z	67	PC: 13096 \| Get or set file attributes
2018-12-17T22:24:42.447985506Z	61	PC: 12efe \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:24:42.465922091Z	66	PC: 12f08 \| Move file pointer
2018-12-17T22:24:42.468255561Z	66	PC: 12f3e \| Move file pointer
2018-12-17T22:24:42.470534128Z	63	PC: 12f4b \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:24:42.479832625Z	62	PC: 12f5b \| Close file
2018-12-17T22:24:42.482534503Z	67	PC: 130a4 \| Get or set file attributes
2018-12-17T22:24:42.494474016Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:24:42.498881294Z	67	PC: 1308a \| Get or set file attributes
2018-12-17T22:24:42.506053581Z	67	PC: 13096 \| Get or set file attributes
2018-12-17T22:24:42.540645253Z	61	PC: 12efe \| Open file (Filename = 'PAH.COM')
2018-12-17T22:24:42.549893289Z	66	PC: 12f08 \| Move file pointer
2018-12-17T22:24:42.553556228Z	62	PC: 12f5b \| Close file
2018-12-17T22:24:42.555346522Z	67	PC: 130a4 \| Get or set file attributes
2018-12-17T22:24:42.564926271Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:24:42.567876857Z	67	PC: 1308a \| Get or set file attributes
2018-12-17T22:24:42.5744056Z	67	PC: 13096 \| Get or set file attributes
2018-12-17T22:24:42.584385292Z	61	PC: 12efe \| Open file (Filename = 'TEST.COM')
2018-12-17T22:24:42.596545088Z	66	PC: 12f08 \| Move file pointer
2018-12-17T22:24:42.59875472Z	66	PC: 12f3e \| Move file pointer
2018-12-17T22:24:42.601399415Z	63	PC: 12f4b \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:24:42.609545742Z	62	PC: 12f5b \| Close file
2018-12-17T22:24:42.611660153Z	67	PC: 130a4 \| Get or set file attributes
2018-12-17T22:24:42.621075682Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:24:42.624598344Z	78	PC: 12cb3 \| Find first file
2018-12-17T22:24:42.630294735Z	78	PC: 12fea \| Find first file
2018-12-17T22:24:42.636941421Z	67	PC: 13002 \| Get or set file attributes
2018-12-17T22:24:42.644452113Z	79	PC: 12fea \| Find next file
2018-12-17T22:24:42.648186164Z	67	PC: 13002 \| Get or set file attributes
2018-12-17T22:24:42.6606646Z	79	PC: 12fea \| Find next file
2018-12-17T22:24:42.664882757Z	67	PC: 13002 \| Get or set file attributes
2018-12-17T22:24:42.671345068Z	79	PC: 12fea \| Find next file
2018-12-17T22:24:42.676021574Z	67	PC: 13002 \| Get or set file attributes
2018-12-17T22:24:42.683801638Z	79	PC: 12fea \| Find next file
2018-12-17T22:24:42.687667371Z	67	PC: 13002 \| Get or set file attributes
2018-12-17T22:24:42.694625839Z	79	PC: 12fea \| Find next file
2018-12-17T22:24:42.698898761Z	67	PC: 13002 \| Get or set file attributes
2018-12-17T22:24:42.706172936Z	79	PC: 12fea \| Find next file
2018-12-17T22:24:42.709520865Z	67	PC: 13002 \| Get or set file attributes
2018-12-17T22:24:42.723202257Z	79	PC: 12fea \| Find next file
2018-12-17T22:24:42.727842184Z	67	PC: 13002 \| Get or set file attributes
2018-12-17T22:24:42.732692308Z	79	PC: 12fea \| Find next file
2018-12-17T22:24:42.735185043Z	67	PC: 13002 \| Get or set file attributes
2018-12-17T22:24:42.742856912Z	79	PC: 12fea \| Find next file
2018-12-17T22:24:42.74581052Z	59	PC: 13036 \| Change current directory
2018-12-17T22:24:42.752173779Z	59	PC: 12e6f \| Change current directory
2018-12-17T22:24:42.758966688Z	42	PC: 13125 \| Get date 0x13125: cmp dl, 0xd 0x13128: je 0x1312c 0x1312a: clc 0x1312b: ret 0x1312c: stc 0x1312d: ret 0x1312e: push cs 0x1312f: pop ds 0x13130: lea dx, word ptr [di + 0x875] 0x13134: mov cx, 2 0x13137: mov ah, 0x40 0x13139: int 0x21 0x1313b: push es 0x1313c: pop ds 0x1313d: ret 0x1313e: push si 0x1313f: push di 0x13140: mov ax, di 0x13142: mov cx, 8 0x13145: lea si, word ptr [di + 0x628]
2018-12-17T22:24:42.762035072Z	26	PC: 12e93 \| Set disk transfer address

{"DateBased":true,"Day":13,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4351,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:51:26.764143408Z	26	PC: 12bcd \| Set disk transfer address
2018-12-25T11:51:26.772532288Z	71	PC: 12bdb \| Get current directory
2018-12-25T11:51:26.775790512Z	78	PC: 130ec \| Find first file
2018-12-25T11:51:26.783095779Z	78	PC: 1310b \| Find first file
2018-12-25T11:51:26.796755227Z	78	PC: 12bf6 \| Find first file
2018-12-25T11:51:26.803313984Z	67	PC: 1308a \| Get or set file attributes
2018-12-25T11:51:26.809622919Z	67	PC: 13096 \| Get or set file attributes
2018-12-25T11:51:26.828233675Z	61	PC: 12efe \| Open file (Filename = 'SLEEP.COM')
2018-12-25T11:51:26.835760675Z	66	PC: 12f08 \| Move file pointer
2018-12-25T11:51:26.837748566Z	66	PC: 12f3e \| Move file pointer
2018-12-25T11:51:26.839852741Z	63	PC: 12f4b \| Read file or device (Read 2 bytes on handle 5)
2018-12-25T11:51:26.858238421Z	87	PC: 130aa \| Get or set file date and time
2018-12-25T11:51:26.860776052Z	66	PC: 12ee8 \| Move file pointer
2018-12-25T11:51:26.862354041Z	63	PC: 12ef2 \| Read file or device (Read 256 bytes on handle 5)
2018-12-25T11:51:26.865728475Z	66	PC: 12c2e \| Move file pointer
2018-12-25T11:51:26.867178434Z	63	PC: 12c38 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:51:26.870791997Z	66	PC: 12c41 \| Move file pointer
2018-12-25T11:51:26.884803706Z	64	PC: 12c51 \| Write file or device (Write 1 bytes on handle 5)
2018-12-25T11:51:26.888318898Z	64	PC: 12c5c \| Write file or device (Write 2 bytes on handle 5)
2018-12-25T11:51:26.891761156Z	66	PC: 12c70 \| Move file pointer
2018-12-25T11:51:26.894602409Z	64	PC: 12c84 \| Write file or device (Write 2167 bytes on handle 5)
2018-12-25T11:51:26.904465035Z	64	PC: 1313b \| Write file or device (Write 2 bytes on handle 5)
2018-12-25T11:51:26.907928023Z	87	PC: 130c4 \| Get or set file date and time
2018-12-25T11:51:26.91119582Z	62	PC: 12c8e \| Close file
2018-12-25T11:51:26.9197819Z	67	PC: 130a4 \| Get or set file attributes
2018-12-25T11:51:26.930567612Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T11:51:26.93381828Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T11:51:26.940823472Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T11:51:26.952841684Z	61	PC: 12efe \| Open file (See above)
2018-12-25T11:51:26.960627662Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T11:51:26.963171041Z	62	PC: 12f5b \| Close file
2018-12-25T11:51:26.965675504Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T11:51:26.978429435Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T11:51:26.982956688Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T11:51:26.989702295Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T11:51:26.996506296Z	61	PC: 12efe \| Open file (See above)
2018-12-25T11:51:27.005238983Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T11:51:27.006563033Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T11:51:27.007989476Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T11:51:27.023981375Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T11:51:27.026019421Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T11:51:27.029922195Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T11:51:27.037552499Z	61	PC: 12efe \| Open file (See above)
2018-12-25T11:51:27.043692998Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T11:51:27.045561322Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T11:51:27.047981717Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T11:51:27.059499455Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T11:51:27.062473924Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T11:51:27.07424799Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T11:51:27.089179557Z	61	PC: 12efe \| Open file (See above)
2018-12-25T11:51:27.096439185Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T11:51:27.098234957Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T11:51:27.101320093Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T11:51:27.112182823Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T11:51:27.115244914Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T11:51:27.122523867Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T11:51:27.135071329Z	61	PC: 12efe \| Open file (See above)
2018-12-25T11:51:27.14874529Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T11:51:27.151393339Z	66	PC: 12f3e \| Move file pointer (See above)
2018-12-25T11:51:27.153437491Z	63	PC: 12f4b \| Read file or device (See above)
2018-12-25T11:51:27.161133254Z	87	PC: 130aa \| Get or set file date and time (See above)
2018-12-25T11:51:27.163562856Z	66	PC: 12ee8 \| Move file pointer (See above)
2018-12-25T11:51:27.166374935Z	63	PC: 12ef2 \| Read file or device (See above)
2018-12-25T11:51:27.169375408Z	66	PC: 12c2e \| Move file pointer (See above)
2018-12-25T11:51:27.170966813Z	63	PC: 12c38 \| Read file or device (See above)
2018-12-25T11:51:27.174529886Z	66	PC: 12c41 \| Move file pointer (See above)
2018-12-25T11:51:27.176434032Z	64	PC: 12c51 \| Write file or device (See above)
2018-12-25T11:51:27.179712419Z	64	PC: 12c5c \| Write file or device (See above)
2018-12-25T11:51:27.183987228Z	66	PC: 12c70 \| Move file pointer (See above)
2018-12-25T11:51:27.186463571Z	64	PC: 12c84 \| Write file or device (See above)
2018-12-25T11:51:27.196484693Z	64	PC: 1313b \| Write file or device (See above)
2018-12-25T11:51:27.200800732Z	87	PC: 130c4 \| Get or set file date and time (See above)
2018-12-25T11:51:27.20281584Z	62	PC: 12c8e \| Close file (See above)
2018-12-25T11:51:27.212248753Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T11:51:27.225154582Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T11:51:27.228843325Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T11:51:27.23546166Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T11:51:27.246509652Z	61	PC: 12efe \| Open file (See above)
2018-12-25T11:51:27.255775172Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T11:51:27.257755396Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T11:51:27.260112312Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T11:51:27.272572873Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T11:51:27.275768594Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T11:51:27.288203777Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T11:51:27.30762774Z	61	PC: 12efe \| Open file (See above)
2018-12-25T11:51:27.315407341Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T11:51:27.317544005Z	66	PC: 12f3e \| Move file pointer (See above)
2018-12-25T11:51:27.320526832Z	63	PC: 12f4b \| Read file or device (See above)
2018-12-25T11:51:27.328698Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T11:51:27.331120762Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T11:51:27.343260699Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T11:51:27.347265693Z	78	PC: 12cb3 \| Find first file
2018-12-25T11:51:27.354057268Z	59	PC: 12fb3 \| Change current directory
2018-12-25T11:51:27.359734573Z	78	PC: 130ec \| Find first file (See above)
2018-12-25T11:51:27.366655186Z	78	PC: 1310b \| Find first file (See above)
2018-12-25T11:51:27.373487618Z	78	PC: 12bf6 \| Find first file (See above)
2018-12-25T11:51:27.380311027Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T11:51:27.387984551Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T11:51:27.399088684Z	61	PC: 12efe \| Open file (See above)
2018-12-25T11:51:27.406896691Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T11:51:27.410756572Z	66	PC: 12f3e \| Move file pointer (See above)
2018-12-25T11:51:27.412800064Z	63	PC: 12f4b \| Read file or device (See above)
2018-12-25T11:51:27.420695592Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T11:51:27.423825033Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T11:51:27.435180669Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T11:51:27.438504281Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T11:51:27.44620341Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T11:51:27.457375164Z	61	PC: 12efe \| Open file (See above)
2018-12-25T11:51:27.4651283Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T11:51:27.467294258Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T11:51:27.46984182Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T11:51:27.484127463Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T11:51:27.487295325Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T11:51:27.496074114Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T11:51:27.507580179Z	61	PC: 12efe \| Open file (See above)
2018-12-25T11:51:27.515060955Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T11:51:27.518051286Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T11:51:27.52022562Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T11:51:27.531739134Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T11:51:27.535664067Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T11:51:27.547996951Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T11:51:27.558935069Z	61	PC: 12efe \| Open file (See above)
2018-12-25T11:51:27.56752324Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T11:51:27.569887554Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T11:51:27.572176526Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T11:51:27.583542849Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T11:51:27.587744384Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T11:51:27.59448264Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T11:51:27.608741294Z	61	PC: 12efe \| Open file (See above)
2018-12-25T11:51:27.617086218Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T11:51:27.618979269Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T11:51:27.621168776Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T11:51:27.632909517Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T11:51:27.636032111Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T11:51:27.642832725Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T11:51:27.654791849Z	61	PC: 12efe \| Open file (See above)
2018-12-25T11:51:27.668210688Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T11:51:27.669999624Z	66	PC: 12f3e \| Move file pointer (See above)
2018-12-25T11:51:27.672702364Z	63	PC: 12f4b \| Read file or device (See above)
2018-12-25T11:51:27.680466559Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T11:51:27.682572528Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T11:51:27.695181272Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T11:51:27.698198843Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T11:51:27.704673074Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T11:51:27.717065743Z	61	PC: 12efe \| Open file (See above)
2018-12-25T11:51:27.724827623Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T11:51:27.726839374Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T11:51:27.729776575Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T11:51:27.74407926Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T11:51:27.747464774Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T11:51:27.75476396Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T11:51:27.765831729Z	61	PC: 12efe \| Open file (See above)
2018-12-25T11:51:27.77339813Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T11:51:27.776005916Z	66	PC: 12f3e \| Move file pointer (See above)
2018-12-25T11:51:27.777762604Z	63	PC: 12f4b \| Read file or device (See above)
2018-12-25T11:51:27.785434437Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T11:51:27.788378779Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T11:51:27.800164102Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T11:51:27.803052111Z	78	PC: 12cb3 \| Find first file (See above)
2018-12-25T11:51:27.809838894Z	78	PC: 12fea \| Find first file
2018-12-25T11:51:27.81726982Z	67	PC: 13002 \| Get or set file attributes
2018-12-25T11:51:27.823648238Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T11:51:27.826729463Z	67	PC: 13002 \| Get or set file attributes (See above)
2018-12-25T11:51:27.834480965Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T11:51:27.837735263Z	67	PC: 13002 \| Get or set file attributes (See above)
2018-12-25T11:51:27.849555725Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T11:51:27.853073202Z	67	PC: 13002 \| Get or set file attributes (See above)
2018-12-25T11:51:27.865692472Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T11:51:27.86889465Z	67	PC: 13002 \| Get or set file attributes (See above)
2018-12-25T11:51:27.876171438Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T11:51:27.879177353Z	67	PC: 13002 \| Get or set file attributes (See above)
2018-12-25T11:51:27.885646871Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T11:51:27.88962484Z	67	PC: 13002 \| Get or set file attributes (See above)
2018-12-25T11:51:27.896060205Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T11:51:27.899036206Z	67	PC: 13002 \| Get or set file attributes (See above)
2018-12-25T11:51:27.905870396Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T11:51:27.908815858Z	67	PC: 13002 \| Get or set file attributes (See above)
2018-12-25T11:51:27.921085223Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T11:51:27.924847752Z	59	PC: 13036 \| Change current directory
2018-12-25T11:51:27.935265093Z	59	PC: 12e6f \| Change current directory
2018-12-25T11:51:27.939740231Z	42	PC: 13125 \| Get date 0x13125: cmp dl, 0xd 0x13128: je 0x1312c 0x1312a: clc 0x1312b: ret 0x1312c: stc 0x1312d: ret 0x1312e: push cs 0x1312f: pop ds 0x13130: lea dx, word ptr [di + 0x875] 0x13134: mov cx, 2 0x13137: mov ah, 0x40 0x13139: int 0x21 0x1313b: push es 0x1313c: pop ds 0x1313d: ret 0x1313e: push si 0x1313f: push di 0x13140: mov ax, di 0x13142: mov cx, 8 0x13145: lea si, word ptr [di + 0x628]
2018-12-25T11:51:27.943238305Z	64	PC: 12e84 \| Write file or device (Write 91 bytes on handle 1)

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4351,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:51:26.927004631Z	26	PC: 12bcd \| Set disk transfer address
2018-12-25T11:51:26.928417088Z	71	PC: 12bdb \| Get current directory
2018-12-25T11:51:26.931086461Z	78	PC: 130ec \| Find first file
2018-12-25T11:51:26.93663539Z	78	PC: 1310b \| Find first file
2018-12-25T11:51:26.942402685Z	78	PC: 12bf6 \| Find first file
2018-12-25T11:51:26.948047134Z	67	PC: 1308a \| Get or set file attributes
2018-12-25T11:51:26.958358357Z	67	PC: 13096 \| Get or set file attributes
2018-12-25T11:51:27.014384149Z	61	PC: 12efe \| Open file (Filename = 'SLEEP.COM')
2018-12-25T11:51:27.026388074Z	66	PC: 12f08 \| Move file pointer
2018-12-25T11:51:27.028143899Z	66	PC: 12f3e \| Move file pointer
2018-12-25T11:51:27.030536194Z	63	PC: 12f4b \| Read file or device (Read 2 bytes on handle 5)
2018-12-25T11:51:27.037311978Z	87	PC: 130aa \| Get or set file date and time
2018-12-25T11:51:27.038776008Z	66	PC: 12ee8 \| Move file pointer
2018-12-25T11:51:27.040431896Z	63	PC: 12ef2 \| Read file or device (Read 256 bytes on handle 5)
2018-12-25T11:51:27.044471056Z	66	PC: 12c2e \| Move file pointer
2018-12-25T11:51:27.045774792Z	63	PC: 12c38 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:51:27.048912296Z	66	PC: 12c41 \| Move file pointer
2018-12-25T11:51:27.051678605Z	64	PC: 12c51 \| Write file or device (Write 1 bytes on handle 5)
2018-12-25T11:51:27.056707959Z	64	PC: 12c5c \| Write file or device (Write 2 bytes on handle 5)
2018-12-25T11:51:27.059527591Z	66	PC: 12c70 \| Move file pointer
2018-12-25T11:51:27.062149002Z	64	PC: 12c84 \| Write file or device (Write 2167 bytes on handle 5)
2018-12-25T11:51:27.078634696Z	64	PC: 1313b \| Write file or device (Write 2 bytes on handle 5)
2018-12-25T11:51:27.0816978Z	87	PC: 130c4 \| Get or set file date and time
2018-12-25T11:51:27.084618608Z	62	PC: 12c8e \| Close file
2018-12-25T11:51:27.092386336Z	67	PC: 130a4 \| Get or set file attributes
2018-12-25T11:51:27.102754432Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T11:51:27.106232069Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T11:51:27.112493434Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T11:51:27.122353596Z	61	PC: 12efe \| Open file (See above)
2018-12-25T11:51:27.13029842Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T11:51:27.1320206Z	62	PC: 12f5b \| Close file
2018-12-25T11:51:27.134050104Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T11:51:27.14469996Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T11:51:27.147933549Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T11:51:27.172489292Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T11:51:27.182802941Z	61	PC: 12efe \| Open file (See above)
2018-12-25T11:51:27.189444058Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T11:51:27.191309542Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T11:51:27.193204626Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T11:51:27.203571721Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T11:51:27.20648117Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T11:51:27.212190471Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T11:51:27.249441057Z	61	PC: 12efe \| Open file (See above)
2018-12-25T11:51:27.256659638Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T11:51:27.258444428Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T11:51:27.261977099Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T11:51:27.271890251Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T11:51:27.274513145Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T11:51:27.281128593Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T11:51:27.291262063Z	61	PC: 12efe \| Open file (See above)
2018-12-25T11:51:27.297683933Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T11:51:27.299859469Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T11:51:27.301988021Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T11:51:27.311033979Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T11:51:27.313662952Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T11:51:27.319818955Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T11:51:27.32864525Z	61	PC: 12efe \| Open file (See above)
2018-12-25T11:51:27.339012475Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T11:51:27.341582332Z	66	PC: 12f3e \| Move file pointer (See above)
2018-12-25T11:51:27.343507236Z	63	PC: 12f4b \| Read file or device (See above)
2018-12-25T11:51:27.350353244Z	87	PC: 130aa \| Get or set file date and time (See above)
2018-12-25T11:51:27.352812336Z	66	PC: 12ee8 \| Move file pointer (See above)
2018-12-25T11:51:27.354178333Z	63	PC: 12ef2 \| Read file or device (See above)
2018-12-25T11:51:27.35648256Z	66	PC: 12c2e \| Move file pointer (See above)
2018-12-25T11:51:27.358591882Z	63	PC: 12c38 \| Read file or device (See above)
2018-12-25T11:51:27.361275788Z	66	PC: 12c41 \| Move file pointer (See above)
2018-12-25T11:51:27.362788267Z	64	PC: 12c51 \| Write file or device (See above)
2018-12-25T11:51:27.366093118Z	64	PC: 12c5c \| Write file or device (See above)
2018-12-25T11:51:27.368824887Z	66	PC: 12c70 \| Move file pointer (See above)
2018-12-25T11:51:27.370107806Z	64	PC: 12c84 \| Write file or device (See above)
2018-12-25T11:51:27.37991671Z	64	PC: 1313b \| Write file or device (See above)
2018-12-25T11:51:27.382823928Z	87	PC: 130c4 \| Get or set file date and time (See above)
2018-12-25T11:51:27.384660082Z	62	PC: 12c8e \| Close file (See above)
2018-12-25T11:51:27.393225913Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T11:51:27.404147843Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T11:51:27.406983926Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T11:51:27.412726523Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T11:51:27.424204937Z	61	PC: 12efe \| Open file (See above)
2018-12-25T11:51:27.43128589Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T11:51:27.433001021Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T11:51:27.43593077Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T11:51:27.446204484Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T11:51:27.44901186Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T11:51:27.455289083Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T11:51:27.464686625Z	61	PC: 12efe \| Open file (See above)
2018-12-25T11:51:27.475579865Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T11:51:27.477990473Z	66	PC: 12f3e \| Move file pointer (See above)
2018-12-25T11:51:27.479755417Z	63	PC: 12f4b \| Read file or device (See above)
2018-12-25T11:51:27.486996989Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T11:51:27.48963633Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T11:51:27.499618212Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T11:51:27.502231409Z	78	PC: 12cb3 \| Find first file
2018-12-25T11:51:27.509666354Z	59	PC: 12fb3 \| Change current directory
2018-12-25T11:51:27.513842106Z	78	PC: 130ec \| Find first file (See above)
2018-12-25T11:51:27.519628005Z	78	PC: 1310b \| Find first file (See above)
2018-12-25T11:51:27.530706174Z	78	PC: 12bf6 \| Find first file (See above)
2018-12-25T11:51:27.541473941Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T11:51:27.547755425Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T11:51:27.558261345Z	61	PC: 12efe \| Open file (See above)
2018-12-25T11:51:27.565272439Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T11:51:27.567028335Z	66	PC: 12f3e \| Move file pointer (See above)
2018-12-25T11:51:27.568863951Z	63	PC: 12f4b \| Read file or device (See above)
2018-12-25T11:51:27.576496533Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T11:51:27.578471866Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T11:51:27.58832995Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T11:51:27.59248264Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T11:51:27.598127709Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T11:51:27.608043976Z	61	PC: 12efe \| Open file (See above)
2018-12-25T11:51:27.616453532Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T11:51:27.618168453Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T11:51:27.620187029Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T11:51:27.630377149Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T11:51:27.63310208Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T11:51:27.638827117Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T11:51:27.648966809Z	61	PC: 12efe \| Open file (See above)
2018-12-25T11:51:27.655635722Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T11:51:27.65728126Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T11:51:27.659600281Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T11:51:27.669349387Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T11:51:27.672930492Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T11:51:27.679128187Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T11:51:27.689216493Z	61	PC: 12efe \| Open file (See above)
2018-12-25T11:51:27.695876067Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T11:51:27.698453785Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T11:51:27.700380391Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T11:51:27.710039892Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T11:51:27.713946834Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T11:51:27.719953004Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T11:51:27.729669839Z	61	PC: 12efe \| Open file (See above)
2018-12-25T11:51:27.742104084Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T11:51:27.743603319Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T11:51:27.745257723Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T11:51:27.756535861Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T11:51:27.759469829Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T11:51:27.765432476Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T11:51:27.776367892Z	61	PC: 12efe \| Open file (See above)
2018-12-25T11:51:27.784101514Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T11:51:27.785921119Z	66	PC: 12f3e \| Move file pointer (See above)
2018-12-25T11:51:27.788290935Z	63	PC: 12f4b \| Read file or device (See above)
2018-12-25T11:51:27.79644556Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T11:51:27.798740677Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T11:51:27.809295237Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T11:51:27.812980229Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T11:51:27.81878218Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T11:51:27.828511268Z	61	PC: 12efe \| Open file (See above)
2018-12-25T11:51:27.836203548Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T11:51:27.837802801Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T11:51:27.839956757Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T11:51:27.850660372Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T11:51:27.853548052Z	67	PC: 1308a \| Get or set file attributes (See above)
2018-12-25T11:51:27.864241494Z	67	PC: 13096 \| Get or set file attributes (See above)
2018-12-25T11:51:27.875251916Z	61	PC: 12efe \| Open file (See above)
2018-12-25T11:51:27.882447018Z	66	PC: 12f08 \| Move file pointer (See above)
2018-12-25T11:51:27.884252589Z	66	PC: 12f3e \| Move file pointer (See above)
2018-12-25T11:51:27.886859278Z	63	PC: 12f4b \| Read file or device (See above)
2018-12-25T11:51:27.894142165Z	62	PC: 12f5b \| Close file (See above)
2018-12-25T11:51:27.896254575Z	67	PC: 130a4 \| Get or set file attributes (See above)
2018-12-25T11:51:27.907008969Z	79	PC: 12bf6 \| Find next file (See above)
2018-12-25T11:51:27.909995308Z	78	PC: 12cb3 \| Find first file (See above)
2018-12-25T11:51:27.915897013Z	78	PC: 12fea \| Find first file
2018-12-25T11:51:27.922615546Z	67	PC: 13002 \| Get or set file attributes
2018-12-25T11:51:27.933745552Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T11:51:27.936521028Z	67	PC: 13002 \| Get or set file attributes (See above)
2018-12-25T11:51:27.942509939Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T11:51:27.946060992Z	67	PC: 13002 \| Get or set file attributes (See above)
2018-12-25T11:51:27.951879074Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T11:51:27.954655455Z	67	PC: 13002 \| Get or set file attributes (See above)
2018-12-25T11:51:27.961314119Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T11:51:27.96404924Z	67	PC: 13002 \| Get or set file attributes (See above)
2018-12-25T11:51:27.969855Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T11:51:27.973476292Z	67	PC: 13002 \| Get or set file attributes (See above)
2018-12-25T11:51:27.979147588Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T11:51:27.981793765Z	67	PC: 13002 \| Get or set file attributes (See above)
2018-12-25T11:51:27.987996964Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T11:51:27.990771364Z	67	PC: 13002 \| Get or set file attributes (See above)
2018-12-25T11:51:27.996536558Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T11:51:28.000264858Z	67	PC: 13002 \| Get or set file attributes (See above)
2018-12-25T11:51:28.00664845Z	79	PC: 12fea \| Find next file (See above)
2018-12-25T11:51:28.009185962Z	59	PC: 13036 \| Change current directory
2018-12-25T11:51:28.014291061Z	59	PC: 12e6f \| Change current directory
2018-12-25T11:51:28.018740472Z	42	PC: 13125 \| Get date 0x13125: cmp dl, 0xd 0x13128: je 0x1312c 0x1312a: clc 0x1312b: ret 0x1312c: stc 0x1312d: ret 0x1312e: push cs 0x1312f: pop ds 0x13130: lea dx, word ptr [di + 0x875] 0x13134: mov cx, 2 0x13137: mov ah, 0x40 0x13139: int 0x21 0x1313b: push es 0x1313c: pop ds 0x1313d: ret 0x1313e: push si 0x1313f: push di 0x13140: mov ax, di 0x13142: mov cx, 8 0x13145: lea si, word ptr [di + 0x628]
2018-12-25T11:51:28.021149497Z	26	PC: 12e93 \| Set disk transfer address