Sample viewer

vx.netlux.org/Virus.DOS.HLLP.Nover.8016

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:29:06.463652146Z 53 PC: 13a4a | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:29:06.4646113Z 53 PC: 13a4a | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:29:06.465470902Z 53 PC: 13a4a | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:29:06.466888529Z 53 PC: 13a4a | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:29:06.467887222Z 53 PC: 13a4a | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:29:06.468748249Z 53 PC: 13a4a | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:29:06.469605314Z 53 PC: 13a4a | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:29:06.470685883Z 53 PC: 13a4a | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:29:06.471541691Z 53 PC: 13a4a | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:29:06.472359406Z 53 PC: 13a4a | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:29:06.473770919Z 53 PC: 13a4a | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:29:06.474865656Z 53 PC: 13a4a | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:29:06.475757116Z 53 PC: 13a4a | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:29:06.477160085Z 53 PC: 13a4a | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:29:06.478126331Z 53 PC: 13a4a | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:29:06.479643881Z 53 PC: 13a4a | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:29:06.480889372Z 53 PC: 13a4a | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:29:06.482046375Z 53 PC: 13a4a | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:29:06.483203152Z 53 PC: 13a4a | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:29:06.484800915Z 37 PC: 13a5f | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:29:06.486695442Z 37 PC: 13a67 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:29:06.487599304Z 37 PC: 13a6f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:29:06.48891953Z 37 PC: 13a77 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:29:06.490462066Z 68 PC: 1454b | I/O control for devices (Set for = '')
2018-12-17T22:29:06.492408433Z 53 PC: 1388f | Get interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T22:29:06.494168627Z 37 PC: 138ab | Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T22:29:06.49549706Z 53 PC: 1388f | Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:29:06.496934207Z 37 PC: 138ab | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:29:06.499480586Z 53 PC: 1388f | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:29:06.502505038Z 37 PC: 138ab | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:29:06.503596714Z 51 PC: 1377d | Get or set Ctrl-Break
2018-12-17T22:29:06.505343142Z 48 PC: 1425e | Get DOS version
2018-12-17T22:29:06.506792405Z 26 PC: 1382e | Set disk transfer address
2018-12-17T22:29:06.507872374Z 78 PC: 1383a | Find first file
2018-12-17T22:29:06.512861947Z 67 PC: 137b7 | Get or set file attributes
2018-12-17T22:29:06.526353675Z 61 PC: 14110 | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:29:06.53092964Z 66 PC: 14242 | Move file pointer
2018-12-17T22:29:06.533055006Z 63 PC: 141e3 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:29:06.53614619Z 62 PC: 14160 | Close file
2018-12-17T22:29:06.538860736Z 61 PC: 14110 | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:29:06.547734193Z 63 PC: 141e3 | Read file or device (Read 8016 bytes on handle 5)
2018-12-17T22:29:06.554541052Z 62 PC: 14160 | Close file
2018-12-17T22:29:06.556383912Z 26 PC: 1382e | Set disk transfer address
2018-12-17T22:29:06.557726519Z 78 PC: 1383a | Find first file
2018-12-17T22:29:06.562062137Z 67 PC: 137b7 | Get or set file attributes
2018-12-17T22:29:06.569400022Z 61 PC: 14110 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:29:06.574594265Z 62 PC: 14160 | Close file
2018-12-17T22:29:06.576578814Z 67 PC: 137b7 | Get or set file attributes
2018-12-17T22:29:06.583734703Z 26 PC: 13852 | Set disk transfer address
2018-12-17T22:29:06.585047654Z 79 PC: 13857 | Find next file
2018-12-17T22:29:06.588136835Z 67 PC: 137b7 | Get or set file attributes
2018-12-17T22:29:06.595621575Z 61 PC: 14110 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:29:06.600589783Z 62 PC: 14160 | Close file
2018-12-17T22:29:06.604337417Z 67 PC: 137b7 | Get or set file attributes
2018-12-17T22:29:06.617254545Z 26 PC: 13852 | Set disk transfer address
2018-12-17T22:29:06.618560955Z 79 PC: 13857 | Find next file
2018-12-17T22:29:06.621994091Z 67 PC: 137b7 | Get or set file attributes
2018-12-17T22:29:06.635400013Z 61 PC: 14110 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:29:06.642441143Z 62 PC: 14160 | Close file
2018-12-17T22:29:06.64574625Z 67 PC: 137b7 | Get or set file attributes
2018-12-17T22:29:06.656082166Z 26 PC: 13852 | Set disk transfer address
2018-12-17T22:29:06.657305962Z 79 PC: 13857 | Find next file
2018-12-17T22:29:06.660674018Z 67 PC: 137b7 | Get or set file attributes
2018-12-17T22:29:06.671169978Z 61 PC: 14110 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:29:06.678448069Z 62 PC: 14160 | Close file
2018-12-17T22:29:06.682493782Z 67 PC: 137b7 | Get or set file attributes
2018-12-17T22:29:06.696412427Z 26 PC: 13852 | Set disk transfer address
2018-12-17T22:29:06.6978301Z 79 PC: 13857 | Find next file
2018-12-17T22:29:06.702012827Z 67 PC: 137b7 | Get or set file attributes
2018-12-17T22:29:06.712732464Z 61 PC: 14110 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:29:06.720035764Z 62 PC: 14160 | Close file
2018-12-17T22:29:06.724022417Z 67 PC: 137b7 | Get or set file attributes
2018-12-17T22:29:06.735418874Z 26 PC: 13852 | Set disk transfer address
2018-12-17T22:29:06.737127097Z 79 PC: 13857 | Find next file
2018-12-17T22:29:06.742223309Z 67 PC: 137b7 | Get or set file attributes
2018-12-17T22:29:06.750475652Z 61 PC: 14110 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:29:06.758262656Z 62 PC: 14160 | Close file
2018-12-17T22:29:06.761175982Z 67 PC: 137b7 | Get or set file attributes
2018-12-17T22:29:06.769872683Z 26 PC: 13852 | Set disk transfer address
2018-12-17T22:29:06.771466808Z 79 PC: 13857 | Find next file
2018-12-17T22:29:06.775989219Z 67 PC: 137b7 | Get or set file attributes
2018-12-17T22:29:06.789619537Z 61 PC: 14110 | Open file (Filename = 'PAH.COM')
2018-12-17T22:29:06.798337768Z 62 PC: 14160 | Close file
2018-12-17T22:29:06.803560247Z 67 PC: 137b7 | Get or set file attributes
2018-12-17T22:29:06.81551822Z 26 PC: 13852 | Set disk transfer address
2018-12-17T22:29:06.817394323Z 79 PC: 13857 | Find next file
2018-12-17T22:29:06.821602196Z 26 PC: 1382e | Set disk transfer address
2018-12-17T22:29:06.823548474Z 78 PC: 1383a | Find first file
2018-12-17T22:29:06.833102204Z 67 PC: 137b7 | Get or set file attributes
2018-12-17T22:29:06.8443771Z 61 PC: 14110 | Open file (Filename = 'TEST.EXE')
2018-12-17T22:29:06.852147566Z 66 PC: 14242 | Move file pointer
2018-12-17T22:29:06.854255761Z 63 PC: 141e3 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:29:06.862511734Z 62 PC: 14160 | Close file
2018-12-17T22:29:06.865753787Z 67 PC: 137b7 | Get or set file attributes
2018-12-17T22:29:06.877491197Z 26 PC: 13852 | Set disk transfer address
2018-12-17T22:29:06.880520676Z 79 PC: 13857 | Find next file
2018-12-17T22:29:06.884263001Z 26 PC: 1382e | Set disk transfer address
2018-12-17T22:29:06.886034314Z 78 PC: 1383a | Find first file
2018-12-17T22:29:06.893133928Z 67 PC: 137b7 | Get or set file attributes
2018-12-17T22:29:07.252671711Z 61 PC: 14110 | Open file (Filename = 'c:COMMAND.COM')
2018-12-17T22:29:07.260735493Z 66 PC: 14242 | Move file pointer
2018-12-17T22:29:07.263203681Z 63 PC: 141e3 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:29:07.271056953Z 62 PC: 14160 | Close file
2018-12-17T22:29:07.274166076Z 61 PC: 14110 | Open file (Filename = 'c:COMMAND.COM')
2018-12-17T22:29:07.281813221Z 66 PC: 14242 | Move file pointer
2018-12-17T22:29:07.284898141Z 63 PC: 141e3 | Read file or device (Read 13 bytes on handle 5)
2018-12-17T22:29:07.28829242Z 66 PC: 14242 | Move file pointer
2018-12-17T22:29:07.290415983Z 64 PC: 141e3 | Write file or device (Write 13 bytes on handle 5)
2018-12-17T22:29:07.295044596Z 66 PC: 14242 | Move file pointer
2018-12-17T22:29:07.297405861Z 66 PC: 14242 | Move file pointer
2018-12-17T22:29:07.299984593Z 63 PC: 141e3 | Read file or device (Read 13 bytes on handle 5)
2018-12-17T22:29:07.308809287Z 66 PC: 14242 | Move file pointer
2018-12-17T22:29:07.310799079Z 63 PC: 141e3 | Read file or device (Read 13 bytes on handle 5)
2018-12-17T22:29:07.314957415Z 66 PC: 14242 | Move file pointer
2018-12-17T22:29:07.317621382Z 64 PC: 141e3 | Write file or device (Write 13 bytes on handle 5)
2018-12-17T22:29:07.325463394Z 66 PC: 14242 | Move file pointer
2018-12-17T22:29:07.327938478Z 64 PC: 141e3 | Write file or device (Write 13 bytes on handle 5)
2018-12-17T22:29:07.332557397Z 66 PC: 14242 | Move file pointer
2018-12-17T22:29:07.335468704Z 63 PC: 141e3 | Read file or device (Read 8016 bytes on handle 5)
2018-12-17T22:29:07.345052056Z 66 PC: 14242 | Move file pointer
2018-12-17T22:29:07.347811135Z 64 PC: 141e3 | Write file or device (Write 8016 bytes on handle 5)
2018-12-17T22:29:07.356758716Z 66 PC: 14242 | Move file pointer
2018-12-17T22:29:07.358803903Z 64 PC: 141e3 | Write file or device (Write 8016 bytes on handle 5)
2018-12-17T22:29:07.372278509Z 87 PC: 137fe | Get or set file date and time
2018-12-17T22:29:07.37466106Z 67 PC: 137b7 | Get or set file attributes
2018-12-17T22:29:07.389147812Z 62 PC: 14160 | Close file
2018-12-17T22:29:07.396611054Z 26 PC: 13852 | Set disk transfer address
2018-12-17T22:29:07.398043867Z 79 PC: 13857 | Find next file
2018-12-17T22:29:07.401593004Z 26 PC: 1382e | Set disk transfer address
2018-12-17T22:29:07.405911088Z 78 PC: 1383a | Find first file
2018-12-17T22:29:07.413152928Z 26 PC: 1382e | Set disk transfer address
2018-12-17T22:29:07.415322418Z 78 PC: 1383a | Find first file
2018-12-17T22:29:07.421339377Z 26 PC: 1382e | Set disk transfer address
2018-12-17T22:29:07.423398754Z 78 PC: 1383a | Find first file
2018-12-17T22:29:07.428133113Z 37 PC: 138ab | Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T22:29:07.431198259Z 37 PC: 138ab | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:29:07.433176192Z 37 PC: 138ab | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:29:07.435230581Z 26 PC: 1382e | Set disk transfer address
2018-12-17T22:29:07.44578694Z 78 PC: 1383a | Find first file
2018-12-17T22:29:07.455143345Z 61 PC: 14110 | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:29:07.463599762Z 66 PC: 14242 | Move file pointer
2018-12-17T22:29:07.465771931Z 63 PC: 141e3 | Read file or device (Read 8016 bytes on handle 5)
2018-12-17T22:29:07.47515619Z 66 PC: 14242 | Move file pointer
2018-12-17T22:29:07.477096611Z 64 PC: 14141 | Write file or device (Write 0 bytes on handle 5)
2018-12-17T22:29:07.486512047Z 66 PC: 14242 | Move file pointer
2018-12-17T22:29:07.488563432Z 64 PC: 141e3 | Write file or device (Write 8016 bytes on handle 5)
2018-12-17T22:29:07.498900068Z 66 PC: 14242 | Move file pointer
2018-12-17T22:29:07.501151443Z 63 PC: 141e3 | Read file or device (Read 13 bytes on handle 5)
2018-12-17T22:29:07.509206732Z 66 PC: 14242 | Move file pointer
2018-12-17T22:29:07.511663443Z 63 PC: 141e3 | Read file or device (Read 13 bytes on handle 5)
2018-12-17T22:29:07.518729181Z 66 PC: 14242 | Move file pointer
2018-12-17T22:29:07.520405761Z 64 PC: 141e3 | Write file or device (Write 13 bytes on handle 5)
2018-12-17T22:29:07.529778426Z 66 PC: 14242 | Move file pointer
2018-12-17T22:29:07.531814958Z 64 PC: 141e3 | Write file or device (Write 13 bytes on handle 5)
2018-12-17T22:29:07.535408461Z 66 PC: 14242 | Move file pointer
2018-12-17T22:29:07.538079902Z 66 PC: 14242 | Move file pointer
2018-12-17T22:29:07.540141907Z 63 PC: 141e3 | Read file or device (Read 13 bytes on handle 5)
2018-12-17T22:29:07.54343539Z 66 PC: 14242 | Move file pointer
2018-12-17T22:29:07.546522006Z 64 PC: 141e3 | Write file or device (Write 13 bytes on handle 5)
2018-12-17T22:29:07.549815592Z 66 PC: 14242 | Move file pointer
2018-12-17T22:29:07.551722261Z 87 PC: 137fe | Get or set file date and time
2018-12-17T22:29:07.554613189Z 67 PC: 137b7 | Get or set file attributes
2018-12-17T22:29:07.567113364Z 62 PC: 14160 | Close file
2018-12-17T22:29:07.575142368Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:29:07.577600957Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:29:07.579491153Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:29:07.581121693Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:29:07.583539473Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:29:07.584972875Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:29:07.586285969Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:29:07.588446319Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:29:07.589777727Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:29:07.591183308Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:29:07.593521827Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:29:07.594858136Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:29:07.596136038Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:29:07.598471771Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:29:07.599764759Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:29:07.601109771Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:29:07.603929568Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:29:07.605593728Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:29:07.607237836Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:29:07.609651934Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:29:07.611327902Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:29:07.612967611Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:29:07.615144206Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:29:07.616858139Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:29:07.618180671Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:29:07.621131392Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:29:07.622537431Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:29:07.623882471Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:29:07.626603886Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:29:07.627997612Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:29:07.62934573Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:29:07.632416119Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:29:07.634068693Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:29:07.63577293Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:29:07.638534989Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:29:07.640200301Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:29:07.64183259Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:29:07.645424926Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:29:07.647564779Z 41 PC: 1397f | Parse filename
2018-12-17T22:29:07.650024042Z 41 PC: 1398d | Parse filename
2018-12-17T22:29:07.655133342Z 75 PC: 13998 | Execute program
2018-12-17T22:29:07.679680896Z 48 PC: 26806 | Get DOS version
2018-12-17T22:29:07.682048971Z 74 PC: 26887 | Reallocate memory
2018-12-17T22:29:07.68480728Z 72 PC: 2909f | Allocate memory
2018-12-17T22:29:07.68804649Z 74 PC: 28bf7 | Reallocate memory
2018-12-17T22:29:07.691860966Z 53 PC: 26919 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:29:07.694590682Z 37 PC: 2692b | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:29:07.696405753Z 68 PC: 269b2 | I/O control for devices (Set for = 'M
2018-12-17T22:29:07.699552158Z 68 PC: 269b2 | I/O control for devices (Set for = 'V���D*�P�x]&�GP� ')
2018-12-17T22:29:07.701608163Z 68 PC: 269b2 | I/O control for devices (Set for = '�t�F�P��!��3�P��^#[��^_��]ːU���WV�')
2018-12-17T22:29:07.703604395Z 68 PC: 269b2 | I/O control for devices (Set for = '��^#[��^_��]ːU���WV�')
2018-12-17T22:29:07.706086631Z 68 PC: 269b2 | I/O control for devices (Set for = '��^#[��^_��]ːU���WV�')
2018-12-17T22:29:07.70885281Z 42 PC: 29357 | Get date 0x29357: push ds
0x29358: lds bx, ptr [bp + 6]
0x2935b: mov word ptr [bx + 2], cx
0x2935e: mov byte ptr [bx + 1], dh
0x29361: mov byte ptr [bx], dl
0x29363: mov byte ptr [bx + 4], al
0x29366: pop ds
0x29367: xor ax, ax
0x29369: pop bp
0x2936a: retf
0x2936b: add byte ptr [di - 0x75], dl
0x2936e: in al, dx
0x2936f: mov ah, 0x2c
0x29371: int 0x21
0x29373: push ds
0x29374: lds bx, ptr [bp + 6]
0x29377: mov byte ptr [bx], ch
0x29379: mov byte ptr [bx + 1], cl
0x2937c: mov byte ptr [bx + 2], dh
0x2937f: mov byte ptr [bx + 3], dl
2018-12-17T22:29:07.711902763Z 44 PC: 29373 | Get time 0x29373: push ds
0x29374: lds bx, ptr [bp + 6]
0x29377: mov byte ptr [bx], ch
0x29379: mov byte ptr [bx + 1], cl
0x2937c: mov byte ptr [bx + 2], dh
0x2937f: mov byte ptr [bx + 3], dl
0x29382: pop ds
0x29383: xor ax, ax
0x29385: pop bp
0x29386: retf
0x29387: add byte ptr [0x8b57], al
0x2938b: clc
0x2938c: add di, bx
0x2938e: mov word ptr [bx + 4], di
0x29391: dec di
0x29392: dec di
0x29393: sub ax, 0x16
0x29396: lea si, word ptr [bx + 0x14]
0x29399: mov word ptr [di], 0xfffe
0x2939d: mov word ptr [bx + 0xa], di
2018-12-17T22:29:07.717466523Z 53 PC: 27c12 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:29:07.719596976Z 53 PC: 27c12 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:29:07.721669015Z 37 PC: 27c7e | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:29:07.72433889Z 37 PC: 27c7e | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:29:07.729044606Z 61 PC: 27153 | Open file (Filename = 'c:\msdos.sys')
2018-12-17T22:29:07.736811367Z 68 PC: 27185 | I/O control for devices (Set for = 'c:\msdos.sys')
2018-12-17T22:29:07.739540613Z 67 PC: 27285 | Get or set file attributes
2018-12-17T22:29:07.746590138Z 63 PC: 2730a | Read file or device (Read 512 bytes on handle 5)
2018-12-17T22:29:07.754455371Z 62 PC: 27078 | Close file
2018-12-17T22:29:07.762513363Z 61 PC: 27153 | Open file (Filename = 'dosrep.txt')
2018-12-17T22:29:07.770983707Z 60 PC: 2722e | Create or truncate file
2018-12-17T22:29:07.783999704Z 62 PC: 27246 | Close file
2018-12-17T22:29:07.787666531Z 61 PC: 27256 | Open file (Filename = 'dosrep.txt')
2018-12-17T22:29:07.79604663Z 67 PC: 27285 | Get or set file attributes
2018-12-17T22:29:07.805181945Z 64 PC: 274a2 | Write file or device (Write 11 bytes on handle 5)
2018-12-17T22:29:07.8122934Z 104 PC: 2934c | Commit file
2018-12-17T22:29:07.82314834Z 61 PC: 27153 | Open file (Filename = 'A:\dosrep.ini')
2018-12-17T22:29:07.835306389Z 74 PC: 28bf7 | Reallocate memory
2018-12-17T22:29:07.839020069Z 64 PC: 27508 | Write file or device (Write 37 bytes on handle 1)
2018-12-17T22:29:07.844166953Z 64 PC: 274a2 | Write file or device (Write 9 bytes on handle 5)
2018-12-17T22:29:07.848152348Z 104 PC: 2934c | Commit file
2018-12-17T22:29:07.858224551Z 62 PC: 27078 | Close file
2018-12-17T22:29:07.86688251Z 37 PC: 27c7e | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:29:07.868786241Z 37 PC: 27c7e | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:29:07.871279258Z 37 PC: 26a7b | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:29:07.87263708Z 76 PC: 26a60 | Terminate with return code (Return code = '0')
2018-12-17T22:29:07.876798776Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:29:07.878438602Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:29:07.879752514Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:29:07.881635137Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:29:07.883409297Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:29:07.884765399Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:29:07.887225209Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:29:07.888529943Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:29:07.889839743Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:29:07.892592266Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:29:07.893964286Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:29:07.895744835Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:29:07.898528236Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:29:07.900101684Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:29:07.901751907Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:29:07.904616013Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:29:07.910818868Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:29:07.912660786Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:29:07.915365245Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:29:07.917426776Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:29:07.920293618Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:29:07.923422654Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:29:07.925393784Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:29:07.927467752Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:29:07.930532574Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:29:07.946924243Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:29:07.949090291Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:29:07.952741222Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:29:07.954567443Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:29:07.95658417Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:29:07.958175187Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:29:07.959732776Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:29:07.962289485Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:29:07.964248237Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:29:07.966187344Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:29:07.968638994Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:29:07.970452832Z 53 PC: 139c8 | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:29:07.972426862Z 37 PC: 139d1 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:29:07.975432948Z 67 PC: 137b7 | Get or set file attributes
2018-12-17T22:29:07.987037485Z 61 PC: 14110 | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:29:07.995139947Z 66 PC: 14242 | Move file pointer
2018-12-17T22:29:07.998533578Z 63 PC: 141e3 | Read file or device (Read 13 bytes on handle 5)
2018-12-17T22:29:08.006578045Z 66 PC: 14242 | Move file pointer
2018-12-17T22:29:08.008807739Z 64 PC: 141e3 | Write file or device (Write 13 bytes on handle 5)
2018-12-17T22:29:08.012148048Z 66 PC: 14242 | Move file pointer
2018-12-17T22:29:08.013822078Z 66 PC: 14242 | Move file pointer
2018-12-17T22:29:08.016261764Z 63 PC: 141e3 | Read file or device (Read 13 bytes on handle 5)
2018-12-17T22:29:08.02423583Z 66 PC: 14242 | Move file pointer
2018-12-17T22:29:08.02660694Z 63 PC: 141e3 | Read file or device (Read 13 bytes on handle 5)
2018-12-17T22:29:08.030535681Z 66 PC: 14242 | Move file pointer
2018-12-17T22:29:08.032787785Z 64 PC: 141e3 | Write file or device (Write 13 bytes on handle 5)
2018-12-17T22:29:08.041037072Z 66 PC: 14242 | Move file pointer
2018-12-17T22:29:08.043924975Z 64 PC: 141e3 | Write file or device (Write 13 bytes on handle 5)
2018-12-17T22:29:08.04797505Z 66 PC: 14242 | Move file pointer
2018-12-17T22:29:08.049988343Z 64 PC: 141e3 | Write file or device (Write 8016 bytes on handle 5)
2018-12-17T22:29:08.060415963Z 66 PC: 14242 | Move file pointer
2018-12-17T22:29:08.062277391Z 64 PC: 141e3 | Write file or device (Write 8016 bytes on handle 5)
2018-12-17T22:29:08.072261537Z 87 PC: 137fe | Get or set file date and time
2018-12-17T22:29:08.07556876Z 67 PC: 137b7 | Get or set file attributes
2018-12-17T22:29:08.087569655Z 62 PC: 14160 | Close file
2018-12-17T22:29:08.096195942Z 77 PC: 139b6 | Get program return code
2018-12-17T22:29:08.098578773Z 64 PC: 13e68 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T22:29:08.100945888Z 37 PC: 13ba1 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:29:08.10346908Z 37 PC: 13ba1 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:29:08.104956317Z 37 PC: 13ba1 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:29:08.106524317Z 37 PC: 13ba1 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:29:08.109403154Z 37 PC: 13ba1 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:29:08.111001525Z 37 PC: 13ba1 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:29:08.112552284Z 37 PC: 13ba1 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:29:08.114856434Z 37 PC: 13ba1 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:29:08.116346637Z 37 PC: 13ba1 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:29:08.117919768Z 37 PC: 13ba1 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:29:08.119869473Z 37 PC: 13ba1 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:29:08.121410016Z 37 PC: 13ba1 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:29:08.123161791Z 37 PC: 13ba1 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:29:08.124954013Z 37 PC: 13ba1 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:29:08.126432646Z 37 PC: 13ba1 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:29:08.128669337Z 37 PC: 13ba1 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:29:08.130161951Z 37 PC: 13ba1 | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:29:08.131709303Z 37 PC: 13ba1 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:29:08.134014265Z 37 PC: 13ba1 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:29:08.135444852Z 76 PC: 13be0 | Terminate with return code (Return code = '0')