Sample viewer

vx.netlux.org/Virus.DOS.ShyDemon.1551

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:28:09.160085031Z 53 PC: 12a7c | Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:28:09.162409594Z 53 PC: 12a8b | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:28:09.164647016Z 37 PC: 12a94 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:28:09.165884169Z 53 PC: 12a9a | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:28:09.167096819Z 37 PC: 12ab0 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:28:09.168873196Z 26 PC: 12ac1 | Set disk transfer address
2018-12-17T22:28:09.170572099Z 71 PC: 12aca | Get current directory
2018-12-17T22:28:09.174708934Z 59 PC: 12ad1 | Change current directory
2018-12-17T22:28:09.181748231Z 78 PC: 12b93 | Find first file
2018-12-17T22:28:09.188076712Z 59 PC: 12ae4 | Change current directory
2018-12-17T22:28:09.193235457Z 78 PC: 12b93 | Find first file
2018-12-17T22:28:09.208466699Z 67 PC: 12bab | Get or set file attributes
2018-12-17T22:28:09.225780235Z 67 PC: 12bba | Get or set file attributes
2018-12-17T22:28:09.243455584Z 61 PC: 12bc2 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:28:09.251176678Z 87 PC: 12bc7 | Get or set file date and time
2018-12-17T22:28:09.252708493Z 63 PC: 12bdb | Read file or device (Read 6 bytes on handle 5)
2018-12-17T22:28:09.260226174Z 66 PC: 12e58 | Move file pointer
2018-12-17T22:28:09.263014837Z 64 PC: 12bfb | Write file or device (Write 6 bytes on handle 5)
2018-12-17T22:28:09.265768917Z 42 PC: 12c0f | Get date 0x12c0f: mov word ptr ds:[bp + 0x710], dx
0x12c14: rol dx, 8
0x12c17: mov word ptr ds:[bp + 0x712], dx
0x12c1c: call 0x12c3c
0x12c1f: mov al, 2
0x12c21: call 0x12e52
0x12c24: call 0x13010
0x12c27: pop cx
0x12c28: mov byte ptr ds:[bp + 0x6c4], ch
0x12c2d: push bx
0x12c2e: pop bx
0x12c2f: call 0x12e33
0x12c32: mov ah, 0x4f
0x12c34: mov cx, 7
0x12c37: jmp 0x12b92
0x12c3a: jmp 0x12c2e
0x12c3c: mov ax, word ptr cs:[bp + 0x107]
0x12c41: mov word ptr cs:[bp + 0x6c5], ax
0x12c46: mov al, byte ptr cs:[bp + 0x109]
0x12c4b: mov byte ptr cs:[bp + 0x6c7], al
2018-12-17T22:28:09.267601325Z 66 PC: 12e58 | Move file pointer
2018-12-17T22:28:09.269380959Z 64 PC: 13024 | Write file or device (Write 1551 bytes on handle 5)
2018-12-17T22:28:09.27596901Z 87 PC: 12e41 | Get or set file date and time
2018-12-17T22:28:09.277207758Z 62 PC: 12e44 | Close file
2018-12-17T22:28:09.282895637Z 67 PC: 12e51 | Get or set file attributes
2018-12-17T22:28:09.290577736Z 79 PC: 12b93 | Find next file
2018-12-17T22:28:09.293585031Z 67 PC: 12bab | Get or set file attributes
2018-12-17T22:28:09.300435975Z 67 PC: 12bba | Get or set file attributes
2018-12-17T22:28:09.310326968Z 61 PC: 12bc2 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:28:09.317894758Z 87 PC: 12bc7 | Get or set file date and time
2018-12-17T22:28:09.320222993Z 63 PC: 12bdb | Read file or device (Read 6 bytes on handle 5)
2018-12-17T22:28:09.328295892Z 87 PC: 12e41 | Get or set file date and time
2018-12-17T22:28:09.329924684Z 62 PC: 12e44 | Close file
2018-12-17T22:28:09.331505436Z 67 PC: 12e51 | Get or set file attributes
2018-12-17T22:28:09.345140314Z 79 PC: 12b93 | Find next file
2018-12-17T22:28:09.348091877Z 67 PC: 12bab | Get or set file attributes
2018-12-17T22:28:09.355001384Z 67 PC: 12bba | Get or set file attributes
2018-12-17T22:28:09.366083138Z 61 PC: 12bc2 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:28:09.374173985Z 87 PC: 12bc7 | Get or set file date and time
2018-12-17T22:28:09.375759414Z 63 PC: 12bdb | Read file or device (Read 6 bytes on handle 6)
2018-12-17T22:28:09.384134153Z 87 PC: 12e41 | Get or set file date and time
2018-12-17T22:28:09.387210927Z 62 PC: 12e44 | Close file
2018-12-17T22:28:09.391858793Z 67 PC: 12e51 | Get or set file attributes
2018-12-17T22:28:09.403889883Z 79 PC: 12b93 | Find next file
2018-12-17T22:28:09.407501581Z 67 PC: 12bab | Get or set file attributes
2018-12-17T22:28:09.41443517Z 67 PC: 12bba | Get or set file attributes
2018-12-17T22:28:09.426205166Z 61 PC: 12bc2 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:28:09.435009153Z 87 PC: 12bc7 | Get or set file date and time
2018-12-17T22:28:09.436677347Z 63 PC: 12bdb | Read file or device (Read 6 bytes on handle 7)
2018-12-17T22:28:09.444822397Z 87 PC: 12e41 | Get or set file date and time
2018-12-17T22:28:09.449246583Z 62 PC: 12e44 | Close file
2018-12-17T22:28:09.451372539Z 67 PC: 12e51 | Get or set file attributes
2018-12-17T22:28:09.462856439Z 79 PC: 12b93 | Find next file
2018-12-17T22:28:09.46654178Z 67 PC: 12bab | Get or set file attributes
2018-12-17T22:28:09.472923417Z 67 PC: 12bba | Get or set file attributes
2018-12-17T22:28:09.483716326Z 61 PC: 12bc2 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:28:09.492459908Z 87 PC: 12bc7 | Get or set file date and time
2018-12-17T22:28:09.494140388Z 63 PC: 12bdb | Read file or device (Read 6 bytes on handle 8)
2018-12-17T22:28:09.50126123Z 87 PC: 12e41 | Get or set file date and time
2018-12-17T22:28:09.503392496Z 62 PC: 12e44 | Close file
2018-12-17T22:28:09.505791117Z 67 PC: 12e51 | Get or set file attributes
2018-12-17T22:28:09.518160154Z 79 PC: 12b93 | Find next file
2018-12-17T22:28:09.521129742Z 67 PC: 12bab | Get or set file attributes
2018-12-17T22:28:09.528225969Z 67 PC: 12bba | Get or set file attributes
2018-12-17T22:28:09.539472086Z 61 PC: 12bc2 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:28:09.547079347Z 87 PC: 12bc7 | Get or set file date and time
2018-12-17T22:28:09.549935316Z 63 PC: 12bdb | Read file or device (Read 6 bytes on handle 9)
2018-12-17T22:28:09.5581337Z 66 PC: 12e58 | Move file pointer
2018-12-17T22:28:09.560288135Z 64 PC: 12bfb | Write file or device (Write 6 bytes on handle 9)
2018-12-17T22:28:09.56486274Z 42 PC: 12c0f | Get date 0x12c0f: mov word ptr ds:[bp + 0x710], dx
0x12c14: rol dx, 8
0x12c17: mov word ptr ds:[bp + 0x712], dx
0x12c1c: call 0x12c3c
0x12c1f: mov al, 2
0x12c21: call 0x12e52
0x12c24: call 0x13010
0x12c27: pop cx
0x12c28: mov byte ptr ds:[bp + 0x6c4], ch
0x12c2d: push bx
0x12c2e: pop bx
0x12c2f: call 0x12e33
0x12c32: mov ah, 0x4f
0x12c34: mov cx, 7
0x12c37: jmp 0x12b92
0x12c3a: jmp 0x12c2e
0x12c3c: mov ax, word ptr cs:[bp + 0x107]
0x12c41: mov word ptr cs:[bp + 0x6c5], ax
0x12c46: mov al, byte ptr cs:[bp + 0x109]
0x12c4b: mov byte ptr cs:[bp + 0x6c7], al
2018-12-17T22:28:09.568462587Z 66 PC: 12e58 | Move file pointer
2018-12-17T22:28:09.571273643Z 64 PC: 13024 | Write file or device (Write 1551 bytes on handle 9)
2018-12-17T22:28:09.581923356Z 87 PC: 12e41 | Get or set file date and time
2018-12-17T22:28:09.583714429Z 62 PC: 12e44 | Close file
2018-12-17T22:28:09.592160433Z 67 PC: 12e51 | Get or set file attributes
2018-12-17T22:28:09.60265354Z 79 PC: 12b93 | Find next file
2018-12-17T22:28:09.606808327Z 67 PC: 12bab | Get or set file attributes
2018-12-17T22:28:09.613295273Z 67 PC: 12bba | Get or set file attributes
2018-12-17T22:28:09.624709518Z 61 PC: 12bc2 | Open file (Filename = 'PAH.COM')
2018-12-17T22:28:09.632843271Z 87 PC: 12bc7 | Get or set file date and time
2018-12-17T22:28:09.634448141Z 63 PC: 12bdb | Read file or device (Read 6 bytes on handle 9)
2018-12-17T22:28:09.641711965Z 87 PC: 12e41 | Get or set file date and time
2018-12-17T22:28:09.643707445Z 62 PC: 12e44 | Close file
2018-12-17T22:28:09.645182106Z 67 PC: 12e51 | Get or set file attributes
2018-12-17T22:28:09.656082323Z 79 PC: 12b93 | Find next file
2018-12-17T22:28:09.659440274Z 67 PC: 12bab | Get or set file attributes
2018-12-17T22:28:09.665685247Z 67 PC: 12bba | Get or set file attributes
2018-12-17T22:28:09.678837197Z 61 PC: 12bc2 | Open file (Filename = 'TEST.COM')
2018-12-17T22:28:09.688072625Z 87 PC: 12bc7 | Get or set file date and time
2018-12-17T22:28:09.689851773Z 63 PC: 12bdb | Read file or device (Read 6 bytes on handle 10)
2018-12-17T22:28:09.697362368Z 87 PC: 12e41 | Get or set file date and time
2018-12-17T22:28:09.70035474Z 62 PC: 12e44 | Close file
2018-12-17T22:28:09.708700889Z 67 PC: 12e51 | Get or set file attributes
2018-12-17T22:28:09.719872351Z 79 PC: 12b93 | Find next file
2018-12-17T22:28:09.723877132Z 59 PC: 12af6 | Change current directory
2018-12-17T22:28:09.729422547Z 59 PC: 12b01 | Change current directory
2018-12-17T22:28:09.734072129Z 37 PC: 12b0f | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:28:09.736866986Z 37 PC: 12b1d | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:28:09.743772835Z 42 PC: 12b25 | Get date 0x12b25: cmp dx, 0x31e
0x12b29: jne 0x12b4d
0x12b2b: mov ah, 0xf
0x12b2d: int 0x10
0x12b2f: mov ah, 0
0x12b31: int 0x10
0x12b33: mov ah, 1
0x12b35: mov cx, 0xca0
0x12b38: int 0x10
0x12b3a: mov ah, 9
0x12b3c: lea dx, word ptr [bp + 0x547]
0x12b40: int 0x21
0x12b42: mov ah, 0
0x12b44: int 0x16
0x12b46: mov ah, 1
0x12b48: mov cx, 0x130
0x12b4b: int 0x10
0x12b4d: push es
0x12b4e: cli
0x12b4f: mov ax, ss

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":5022,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:53:29.060305368Z 53 PC: 12a7c | Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T11:53:29.061446482Z 53 PC: 12a8b | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:53:29.063198004Z 37 PC: 12a94 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T11:53:29.065789318Z 53 PC: 12a9a | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:53:29.067328832Z 37 PC: 12ab0 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:53:29.069310374Z 26 PC: 12ac1 | Set disk transfer address
2018-12-25T11:53:29.07051023Z 71 PC: 12aca | Get current directory
2018-12-25T11:53:29.073254698Z 59 PC: 12ad1 | Change current directory
2018-12-25T11:53:29.078970694Z 78 PC: 12b93 | Find first file
2018-12-25T11:53:29.082512511Z 59 PC: 12ae4 | Change current directory
2018-12-25T11:53:29.084958678Z 78 PC: 12b93 | Find first file (See above)
2018-12-25T11:53:29.09161565Z 67 PC: 12bab | Get or set file attributes
2018-12-25T11:53:29.098593927Z 67 PC: 12bba | Get or set file attributes
2018-12-25T11:53:29.11222333Z 61 PC: 12bc2 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:53:29.118703144Z 87 PC: 12bc7 | Get or set file date and time
2018-12-25T11:53:29.120590763Z 63 PC: 12bdb | Read file or device (Read 6 bytes on handle 5)
2018-12-25T11:53:29.124583327Z 66 PC: 12e58 | Move file pointer
2018-12-25T11:53:29.125534911Z 64 PC: 12bfb | Write file or device (Write 6 bytes on handle 5)
2018-12-25T11:53:29.128251761Z 42 PC: 12c0f | Get date 0x12c0f: mov word ptr ds:[bp + 0x710], dx
0x12c14: rol dx, 8
0x12c17: mov word ptr ds:[bp + 0x712], dx
0x12c1c: call 0x12c3c
0x12c1f: mov al, 2
0x12c21: call 0x12e52
0x12c24: call 0x13010
0x12c27: pop cx
0x12c28: mov byte ptr ds:[bp + 0x6c4], ch
0x12c2d: push bx
0x12c2e: pop bx
0x12c2f: call 0x12e33
0x12c32: mov ah, 0x4f
0x12c34: mov cx, 7
0x12c37: jmp 0x12b92
0x12c3a: jmp 0x12c2e
0x12c3c: mov ax, word ptr cs:[bp + 0x107]
0x12c41: mov word ptr cs:[bp + 0x6c5], ax
0x12c46: mov al, byte ptr cs:[bp + 0x109]
0x12c4b: mov byte ptr cs:[bp + 0x6c7], al
2018-12-25T11:53:29.130567854Z 66 PC: 12e58 | Move file pointer (See above)
2018-12-25T11:53:29.132322431Z 64 PC: 13024 | Write file or device (Write 1551 bytes on handle 5)
2018-12-25T11:53:29.141106644Z 87 PC: 12e41 | Get or set file date and time
2018-12-25T11:53:29.142665558Z 62 PC: 12e44 | Close file
2018-12-25T11:53:29.150270121Z 67 PC: 12e51 | Get or set file attributes
2018-12-25T11:53:29.161855204Z 79 PC: 12b93 | Find next file (See above)
2018-12-25T11:53:29.164495145Z 67 PC: 12bab | Get or set file attributes (See above)
2018-12-25T11:53:29.16837296Z 67 PC: 12bba | Get or set file attributes (See above)
2018-12-25T11:53:29.179674899Z 61 PC: 12bc2 | Open file (See above)
2018-12-25T11:53:29.186035354Z 87 PC: 12bc7 | Get or set file date and time (See above)
2018-12-25T11:53:29.187874494Z 63 PC: 12bdb | Read file or device (See above)
2018-12-25T11:53:29.1947378Z 87 PC: 12e41 | Get or set file date and time (See above)
2018-12-25T11:53:29.196370839Z 62 PC: 12e44 | Close file (See above)
2018-12-25T11:53:29.197697439Z 67 PC: 12e51 | Get or set file attributes (See above)
2018-12-25T11:53:29.207476624Z 79 PC: 12b93 | Find next file (See above)
2018-12-25T11:53:29.210159516Z 67 PC: 12bab | Get or set file attributes (See above)
2018-12-25T11:53:29.215611169Z 67 PC: 12bba | Get or set file attributes (See above)
2018-12-25T11:53:29.234296783Z 61 PC: 12bc2 | Open file (See above)
2018-12-25T11:53:29.246916922Z 87 PC: 12bc7 | Get or set file date and time (See above)
2018-12-25T11:53:29.248518024Z 63 PC: 12bdb | Read file or device (See above)
2018-12-25T11:53:29.254945797Z 87 PC: 12e41 | Get or set file date and time (See above)
2018-12-25T11:53:29.257089677Z 62 PC: 12e44 | Close file (See above)
2018-12-25T11:53:29.258501768Z 67 PC: 12e51 | Get or set file attributes (See above)
2018-12-25T11:53:29.268149797Z 79 PC: 12b93 | Find next file (See above)
2018-12-25T11:53:29.271452541Z 67 PC: 12bab | Get or set file attributes (See above)
2018-12-25T11:53:29.276857866Z 67 PC: 12bba | Get or set file attributes (See above)
2018-12-25T11:53:29.286415294Z 61 PC: 12bc2 | Open file (See above)
2018-12-25T11:53:29.294419997Z 87 PC: 12bc7 | Get or set file date and time (See above)
2018-12-25T11:53:29.295774712Z 63 PC: 12bdb | Read file or device (See above)
2018-12-25T11:53:29.301905041Z 87 PC: 12e41 | Get or set file date and time (See above)
2018-12-25T11:53:29.304173265Z 62 PC: 12e44 | Close file (See above)
2018-12-25T11:53:29.305523813Z 67 PC: 12e51 | Get or set file attributes (See above)
2018-12-25T11:53:29.315683888Z 79 PC: 12b93 | Find next file (See above)
2018-12-25T11:53:29.318984334Z 67 PC: 12bab | Get or set file attributes (See above)
2018-12-25T11:53:29.324432205Z 67 PC: 12bba | Get or set file attributes (See above)
2018-12-25T11:53:29.3338391Z 61 PC: 12bc2 | Open file (See above)
2018-12-25T11:53:29.340796086Z 87 PC: 12bc7 | Get or set file date and time (See above)
2018-12-25T11:53:29.342067164Z 63 PC: 12bdb | Read file or device (See above)
2018-12-25T11:53:29.348318977Z 87 PC: 12e41 | Get or set file date and time (See above)
2018-12-25T11:53:29.35022105Z 62 PC: 12e44 | Close file (See above)
2018-12-25T11:53:29.351582906Z 67 PC: 12e51 | Get or set file attributes (See above)
2018-12-25T11:53:29.361059252Z 79 PC: 12b93 | Find next file (See above)
2018-12-25T11:53:29.364005394Z 67 PC: 12bab | Get or set file attributes (See above)
2018-12-25T11:53:29.375991392Z 67 PC: 12bba | Get or set file attributes (See above)
2018-12-25T11:53:29.386436616Z 61 PC: 12bc2 | Open file (See above)
2018-12-25T11:53:29.393768512Z 87 PC: 12bc7 | Get or set file date and time (See above)
2018-12-25T11:53:29.395330473Z 63 PC: 12bdb | Read file or device (See above)
2018-12-25T11:53:29.40222916Z 66 PC: 12e58 | Move file pointer (See above)
2018-12-25T11:53:29.404825779Z 64 PC: 12bfb | Write file or device (See above)
2018-12-25T11:53:29.407497313Z 42 PC: 12c0f | Get date (See above)
2018-12-25T11:53:29.409865571Z 66 PC: 12e58 | Move file pointer (See above)
2018-12-25T11:53:29.412357768Z 64 PC: 13024 | Write file or device (See above)
2018-12-25T11:53:29.421699247Z 87 PC: 12e41 | Get or set file date and time (See above)
2018-12-25T11:53:29.423508657Z 62 PC: 12e44 | Close file (See above)
2018-12-25T11:53:29.444111772Z 67 PC: 12e51 | Get or set file attributes (See above)
2018-12-25T11:53:29.45443496Z 79 PC: 12b93 | Find next file (See above)
2018-12-25T11:53:29.457322729Z 67 PC: 12bab | Get or set file attributes (See above)
2018-12-25T11:53:29.463351112Z 67 PC: 12bba | Get or set file attributes (See above)
2018-12-25T11:53:29.470096801Z 61 PC: 12bc2 | Open file (See above)
2018-12-25T11:53:29.476426064Z 87 PC: 12bc7 | Get or set file date and time (See above)
2018-12-25T11:53:29.477646878Z 63 PC: 12bdb | Read file or device (See above)
2018-12-25T11:53:29.484138531Z 87 PC: 12e41 | Get or set file date and time (See above)
2018-12-25T11:53:29.485541393Z 62 PC: 12e44 | Close file (See above)
2018-12-25T11:53:29.486922947Z 67 PC: 12e51 | Get or set file attributes (See above)
2018-12-25T11:53:29.499645513Z 79 PC: 12b93 | Find next file (See above)
2018-12-25T11:53:29.503180233Z 67 PC: 12bab | Get or set file attributes (See above)
2018-12-25T11:53:29.508839507Z 67 PC: 12bba | Get or set file attributes (See above)
2018-12-25T11:53:29.519598935Z 61 PC: 12bc2 | Open file (See above)
2018-12-25T11:53:29.526242256Z 87 PC: 12bc7 | Get or set file date and time (See above)
2018-12-25T11:53:29.527880685Z 63 PC: 12bdb | Read file or device (See above)
2018-12-25T11:53:29.535305458Z 87 PC: 12e41 | Get or set file date and time (See above)
2018-12-25T11:53:29.537200655Z 62 PC: 12e44 | Close file (See above)
2018-12-25T11:53:29.544369349Z 67 PC: 12e51 | Get or set file attributes (See above)
2018-12-25T11:53:29.554869964Z 79 PC: 12b93 | Find next file (See above)
2018-12-25T11:53:29.557241868Z 59 PC: 12af6 | Change current directory
2018-12-25T11:53:29.561332011Z 59 PC: 12b01 | Change current directory
2018-12-25T11:53:29.570645535Z 37 PC: 12b0f | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T11:53:29.571783099Z 37 PC: 12b1d | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:53:29.572869245Z 42 PC: 12b25 | Get date 0x12b25: cmp dx, 0x31e
0x12b29: jne 0x12b4d
0x12b2b: mov ah, 0xf
0x12b2d: int 0x10
0x12b2f: mov ah, 0
0x12b31: int 0x10
0x12b33: mov ah, 1
0x12b35: mov cx, 0xca0
0x12b38: int 0x10
0x12b3a: mov ah, 9
0x12b3c: lea dx, word ptr [bp + 0x547]
0x12b40: int 0x21
0x12b42: mov ah, 0
0x12b44: int 0x16
0x12b46: mov ah, 1
0x12b48: mov cx, 0x130
0x12b4b: int 0x10
0x12b4d: push es
0x12b4e: cli
0x12b4f: mov ax, ss

{"DateBased":true,"Day":30,"Month":3,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":5022,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:53:29.065005196Z 53 PC: 12a7c | Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T11:53:29.067218387Z 53 PC: 12a8b | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:53:29.068411488Z 37 PC: 12a94 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T11:53:29.069628408Z 53 PC: 12a9a | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:53:29.071508244Z 37 PC: 12ab0 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:53:29.072950525Z 26 PC: 12ac1 | Set disk transfer address
2018-12-25T11:53:29.074254598Z 71 PC: 12aca | Get current directory
2018-12-25T11:53:29.077742565Z 59 PC: 12ad1 | Change current directory
2018-12-25T11:53:29.082654556Z 78 PC: 12b93 | Find first file
2018-12-25T11:53:29.089056Z 59 PC: 12ae4 | Change current directory
2018-12-25T11:53:29.093389282Z 78 PC: 12b93 | Find first file (See above)
2018-12-25T11:53:29.106343158Z 67 PC: 12bab | Get or set file attributes
2018-12-25T11:53:29.118714055Z 67 PC: 12bba | Get or set file attributes
2018-12-25T11:53:29.136836355Z 61 PC: 12bc2 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:53:29.145477035Z 87 PC: 12bc7 | Get or set file date and time
2018-12-25T11:53:29.147310189Z 63 PC: 12bdb | Read file or device (Read 6 bytes on handle 5)
2018-12-25T11:53:29.154669035Z 66 PC: 12e58 | Move file pointer
2018-12-25T11:53:29.157777752Z 64 PC: 12bfb | Write file or device (Write 6 bytes on handle 5)
2018-12-25T11:53:29.161182523Z 42 PC: 12c0f | Get date 0x12c0f: mov word ptr ds:[bp + 0x710], dx
0x12c14: rol dx, 8
0x12c17: mov word ptr ds:[bp + 0x712], dx
0x12c1c: call 0x12c3c
0x12c1f: mov al, 2
0x12c21: call 0x12e52
0x12c24: call 0x13010
0x12c27: pop cx
0x12c28: mov byte ptr ds:[bp + 0x6c4], ch
0x12c2d: push bx
0x12c2e: pop bx
0x12c2f: call 0x12e33
0x12c32: mov ah, 0x4f
0x12c34: mov cx, 7
0x12c37: jmp 0x12b92
0x12c3a: jmp 0x12c2e
0x12c3c: mov ax, word ptr cs:[bp + 0x107]
0x12c41: mov word ptr cs:[bp + 0x6c5], ax
0x12c46: mov al, byte ptr cs:[bp + 0x109]
0x12c4b: mov byte ptr cs:[bp + 0x6c7], al
2018-12-25T11:53:29.164350954Z 66 PC: 12e58 | Move file pointer (See above)
2018-12-25T11:53:29.168115236Z 64 PC: 13024 | Write file or device (Write 1551 bytes on handle 5)
2018-12-25T11:53:29.179389525Z 87 PC: 12e41 | Get or set file date and time
2018-12-25T11:53:29.181268663Z 62 PC: 12e44 | Close file
2018-12-25T11:53:29.190323647Z 67 PC: 12e51 | Get or set file attributes
2018-12-25T11:53:29.201973629Z 79 PC: 12b93 | Find next file (See above)
2018-12-25T11:53:29.205048435Z 67 PC: 12bab | Get or set file attributes (See above)
2018-12-25T11:53:29.211996921Z 67 PC: 12bba | Get or set file attributes (See above)
2018-12-25T11:53:29.223888507Z 61 PC: 12bc2 | Open file (See above)
2018-12-25T11:53:29.232160173Z 87 PC: 12bc7 | Get or set file date and time (See above)
2018-12-25T11:53:29.234318657Z 63 PC: 12bdb | Read file or device (See above)
2018-12-25T11:53:29.242833634Z 87 PC: 12e41 | Get or set file date and time (See above)
2018-12-25T11:53:29.244897459Z 62 PC: 12e44 | Close file (See above)
2018-12-25T11:53:29.24690634Z 67 PC: 12e51 | Get or set file attributes (See above)
2018-12-25T11:53:29.259958606Z 79 PC: 12b93 | Find next file (See above)
2018-12-25T11:53:29.263394667Z 67 PC: 12bab | Get or set file attributes (See above)
2018-12-25T11:53:29.270179448Z 67 PC: 12bba | Get or set file attributes (See above)
2018-12-25T11:53:29.282195828Z 61 PC: 12bc2 | Open file (See above)
2018-12-25T11:53:29.289177982Z 87 PC: 12bc7 | Get or set file date and time (See above)
2018-12-25T11:53:29.290497314Z 63 PC: 12bdb | Read file or device (See above)
2018-12-25T11:53:29.295538754Z 87 PC: 12e41 | Get or set file date and time (See above)
2018-12-25T11:53:29.29717707Z 62 PC: 12e44 | Close file (See above)
2018-12-25T11:53:29.298420135Z 67 PC: 12e51 | Get or set file attributes (See above)
2018-12-25T11:53:29.30533539Z 79 PC: 12b93 | Find next file (See above)
2018-12-25T11:53:29.307567334Z 67 PC: 12bab | Get or set file attributes (See above)
2018-12-25T11:53:29.314857655Z 67 PC: 12bba | Get or set file attributes (See above)
2018-12-25T11:53:29.323498931Z 61 PC: 12bc2 | Open file (See above)
2018-12-25T11:53:29.332572045Z 87 PC: 12bc7 | Get or set file date and time (See above)
2018-12-25T11:53:29.334570686Z 63 PC: 12bdb | Read file or device (See above)
2018-12-25T11:53:29.34264755Z 87 PC: 12e41 | Get or set file date and time (See above)
2018-12-25T11:53:29.345501813Z 62 PC: 12e44 | Close file (See above)
2018-12-25T11:53:29.347064984Z 67 PC: 12e51 | Get or set file attributes (See above)
2018-12-25T11:53:29.358220841Z 79 PC: 12b93 | Find next file (See above)
2018-12-25T11:53:29.363809832Z 67 PC: 12bab | Get or set file attributes (See above)
2018-12-25T11:53:29.3704216Z 67 PC: 12bba | Get or set file attributes (See above)
2018-12-25T11:53:29.382414353Z 61 PC: 12bc2 | Open file (See above)
2018-12-25T11:53:29.396747066Z 87 PC: 12bc7 | Get or set file date and time (See above)
2018-12-25T11:53:29.398788777Z 63 PC: 12bdb | Read file or device (See above)
2018-12-25T11:53:29.406307247Z 87 PC: 12e41 | Get or set file date and time (See above)
2018-12-25T11:53:29.409181232Z 62 PC: 12e44 | Close file (See above)
2018-12-25T11:53:29.411383962Z 67 PC: 12e51 | Get or set file attributes (See above)
2018-12-25T11:53:29.422353316Z 79 PC: 12b93 | Find next file (See above)
2018-12-25T11:53:29.425524857Z 67 PC: 12bab | Get or set file attributes (See above)
2018-12-25T11:53:29.432355449Z 67 PC: 12bba | Get or set file attributes (See above)
2018-12-25T11:53:29.443570294Z 61 PC: 12bc2 | Open file (See above)
2018-12-25T11:53:29.452993152Z 87 PC: 12bc7 | Get or set file date and time (See above)
2018-12-25T11:53:29.456434342Z 63 PC: 12bdb | Read file or device (See above)
2018-12-25T11:53:29.463995765Z 66 PC: 12e58 | Move file pointer (See above)
2018-12-25T11:53:29.465210194Z 64 PC: 12bfb | Write file or device (See above)
2018-12-25T11:53:29.468481129Z 42 PC: 12c0f | Get date (See above)
2018-12-25T11:53:29.470982457Z 66 PC: 12e58 | Move file pointer (See above)
2018-12-25T11:53:29.473085828Z 64 PC: 13024 | Write file or device (See above)
2018-12-25T11:53:29.484398057Z 87 PC: 12e41 | Get or set file date and time (See above)
2018-12-25T11:53:29.486930855Z 62 PC: 12e44 | Close file (See above)
2018-12-25T11:53:29.495946263Z 67 PC: 12e51 | Get or set file attributes (See above)
2018-12-25T11:53:29.508918575Z 79 PC: 12b93 | Find next file (See above)
2018-12-25T11:53:29.512849231Z 67 PC: 12bab | Get or set file attributes (See above)
2018-12-25T11:53:29.520037466Z 67 PC: 12bba | Get or set file attributes (See above)
2018-12-25T11:53:29.531445515Z 61 PC: 12bc2 | Open file (See above)
2018-12-25T11:53:29.540461424Z 87 PC: 12bc7 | Get or set file date and time (See above)
2018-12-25T11:53:29.542487311Z 63 PC: 12bdb | Read file or device (See above)
2018-12-25T11:53:29.549907775Z 87 PC: 12e41 | Get or set file date and time (See above)
2018-12-25T11:53:29.55310658Z 62 PC: 12e44 | Close file (See above)
2018-12-25T11:53:29.555157173Z 67 PC: 12e51 | Get or set file attributes (See above)
2018-12-25T11:53:29.565688637Z 79 PC: 12b93 | Find next file (See above)
2018-12-25T11:53:29.568215449Z 67 PC: 12bab | Get or set file attributes (See above)
2018-12-25T11:53:29.572060943Z 67 PC: 12bba | Get or set file attributes (See above)
2018-12-25T11:53:29.578716484Z 61 PC: 12bc2 | Open file (See above)
2018-12-25T11:53:29.590513067Z 87 PC: 12bc7 | Get or set file date and time (See above)
2018-12-25T11:53:29.592475874Z 63 PC: 12bdb | Read file or device (See above)
2018-12-25T11:53:29.599796062Z 87 PC: 12e41 | Get or set file date and time (See above)
2018-12-25T11:53:29.602355469Z 62 PC: 12e44 | Close file (See above)
2018-12-25T11:53:29.609869906Z 67 PC: 12e51 | Get or set file attributes (See above)
2018-12-25T11:53:29.621131116Z 79 PC: 12b93 | Find next file (See above)
2018-12-25T11:53:29.625000382Z 59 PC: 12af6 | Change current directory
2018-12-25T11:53:29.629651561Z 59 PC: 12b01 | Change current directory
2018-12-25T11:53:29.634305637Z 37 PC: 12b0f | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T11:53:29.636434011Z 37 PC: 12b1d | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:53:29.637824391Z 42 PC: 12b25 | Get date 0x12b25: cmp dx, 0x31e
0x12b29: jne 0x12b4d
0x12b2b: mov ah, 0xf
0x12b2d: int 0x10
0x12b2f: mov ah, 0
0x12b31: int 0x10
0x12b33: mov ah, 1
0x12b35: mov cx, 0xca0
0x12b38: int 0x10
0x12b3a: mov ah, 9
0x12b3c: lea dx, word ptr [bp + 0x547]
0x12b40: int 0x21
0x12b42: mov ah, 0
0x12b44: int 0x16
0x12b46: mov ah, 1
0x12b48: mov cx, 0x130
0x12b4b: int 0x10
0x12b4d: push es
0x12b4e: cli
0x12b4f: mov ax, ss
2018-12-25T11:53:29.652935922Z 9 PC: 12b42 | Display string (Could not find end pointer)