Sample viewer

vx.netlux.org/Virus.DOS.HLLP.Hefu.4108

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:38:28.308035337Z	53	PC: 13226 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:38:28.313504858Z	53	PC: 13226 \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:38:28.314549966Z	53	PC: 13226 \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:38:28.3155447Z	53	PC: 13226 \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:38:28.316954806Z	53	PC: 13226 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:38:28.317924633Z	53	PC: 13226 \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:38:28.318872188Z	53	PC: 13226 \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:38:28.320173269Z	53	PC: 13226 \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:38:28.321212459Z	53	PC: 13226 \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:38:28.322168527Z	53	PC: 13226 \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:38:28.323439418Z	53	PC: 13226 \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:38:28.32447903Z	53	PC: 13226 \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:38:28.325330063Z	53	PC: 13226 \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:38:28.326393894Z	53	PC: 13226 \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:38:28.328482456Z	53	PC: 13226 \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:38:28.329500049Z	53	PC: 13226 \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:38:28.330581236Z	53	PC: 13226 \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:38:28.331690036Z	53	PC: 13226 \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:38:28.332748474Z	37	PC: 1323b \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:38:28.333698998Z	37	PC: 13243 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:38:28.334783408Z	37	PC: 1324b \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:38:28.335679312Z	37	PC: 13253 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:38:28.337006464Z	68	PC: 137fd \| I/O control for devices (Set for = '')
2018-12-17T22:38:28.338941653Z	48	PC: 13cf9 \| Get DOS version
2018-12-17T22:38:28.340338016Z	61	PC: 13b1f \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:38:28.347386488Z	63	PC: 13bf2 \| Read file or device (Read 4108 bytes on handle 5)
2018-12-17T22:38:28.35555771Z	26	PC: 13041 \| Set disk transfer address
2018-12-17T22:38:28.356498031Z	78	PC: 1304d \| Find first file
2018-12-17T22:38:28.361956838Z	61	PC: 13b1f \| Open file (Filename = 'C:\COMMAND.COM')
2018-12-17T22:38:28.368261288Z	63	PC: 13bf2 \| Read file or device (Read 4108 bytes on handle 6)
2018-12-17T22:38:28.375138273Z	66	PC: 13c51 \| Move file pointer
2018-12-17T22:38:28.376477206Z	64	PC: 13bf2 \| Write file or device (Write 4108 bytes on handle 6)
2018-12-17T22:38:28.756721313Z	66	PC: 13c51 \| Move file pointer
2018-12-17T22:38:28.758301318Z	64	PC: 13bf2 \| Write file or device (Write 4109 bytes on handle 6)
2018-12-17T22:38:28.76811148Z	62	PC: 13b6f \| Close file
2018-12-17T22:38:28.775758313Z	26	PC: 13065 \| Set disk transfer address
2018-12-17T22:38:28.776723701Z	79	PC: 1306a \| Find next file
2018-12-17T22:38:28.779433448Z	26	PC: 13041 \| Set disk transfer address
2018-12-17T22:38:28.780862458Z	78	PC: 1304d \| Find first file
2018-12-17T22:38:28.787638981Z	61	PC: 13b1f \| Open file (Filename = 'TEST.EXE')
2018-12-17T22:38:28.803943266Z	63	PC: 13bf2 \| Read file or device (Read 4108 bytes on handle 6)
2018-12-17T22:38:28.814319475Z	62	PC: 13b6f \| Close file
2018-12-17T22:38:28.816260164Z	26	PC: 13065 \| Set disk transfer address
2018-12-17T22:38:28.817242091Z	79	PC: 1306a \| Find next file
2018-12-17T22:38:28.820249876Z	26	PC: 13041 \| Set disk transfer address
2018-12-17T22:38:28.821262273Z	78	PC: 1304d \| Find first file
2018-12-17T22:38:28.82734489Z	61	PC: 13b1f \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:38:28.834074781Z	63	PC: 13bf2 \| Read file or device (Read 4108 bytes on handle 6)
2018-12-17T22:38:28.840463865Z	66	PC: 13c51 \| Move file pointer
2018-12-17T22:38:28.841748676Z	64	PC: 13bf2 \| Write file or device (Write 4108 bytes on handle 6)
2018-12-17T22:38:28.858525954Z	66	PC: 13c51 \| Move file pointer
2018-12-17T22:38:28.859853404Z	64	PC: 13bf2 \| Write file or device (Write 4109 bytes on handle 6)
2018-12-17T22:38:28.867936458Z	62	PC: 13b6f \| Close file
2018-12-17T22:38:28.876224556Z	26	PC: 13065 \| Set disk transfer address
2018-12-17T22:38:28.877142833Z	79	PC: 1306a \| Find next file
2018-12-17T22:38:28.880092223Z	61	PC: 13b1f \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:38:28.887277293Z	63	PC: 13bf2 \| Read file or device (Read 4108 bytes on handle 6)
2018-12-17T22:38:28.893641331Z	66	PC: 13c51 \| Move file pointer
2018-12-17T22:38:28.895037488Z	64	PC: 13bf2 \| Write file or device (Write 4108 bytes on handle 6)
2018-12-17T22:38:28.912208999Z	66	PC: 13c51 \| Move file pointer
2018-12-17T22:38:28.914494034Z	64	PC: 13bf2 \| Write file or device (Write 4109 bytes on handle 6)
2018-12-17T22:38:28.922838689Z	62	PC: 13b6f \| Close file
2018-12-17T22:38:28.931328041Z	26	PC: 13065 \| Set disk transfer address
2018-12-17T22:38:28.932587961Z	79	PC: 1306a \| Find next file
2018-12-17T22:38:28.935772638Z	61	PC: 13b1f \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:38:28.942916801Z	63	PC: 13bf2 \| Read file or device (Read 4108 bytes on handle 6)
2018-12-17T22:38:28.949460715Z	66	PC: 13c51 \| Move file pointer
2018-12-17T22:38:28.95122394Z	64	PC: 13bf2 \| Write file or device (Write 4108 bytes on handle 6)
2018-12-17T22:38:28.960791548Z	66	PC: 13c51 \| Move file pointer
2018-12-17T22:38:28.962304042Z	64	PC: 13bf2 \| Write file or device (Write 4109 bytes on handle 6)
2018-12-17T22:38:28.970448855Z	62	PC: 13b6f \| Close file
2018-12-17T22:38:28.979309156Z	26	PC: 13065 \| Set disk transfer address
2018-12-17T22:38:28.980516298Z	79	PC: 1306a \| Find next file
2018-12-17T22:38:28.983503715Z	61	PC: 13b1f \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:38:28.990633437Z	63	PC: 13bf2 \| Read file or device (Read 4108 bytes on handle 6)
2018-12-17T22:38:28.997295668Z	66	PC: 13c51 \| Move file pointer
2018-12-17T22:38:28.998716094Z	64	PC: 13bf2 \| Write file or device (Write 4108 bytes on handle 6)
2018-12-17T22:38:29.013758132Z	66	PC: 13c51 \| Move file pointer
2018-12-17T22:38:29.015501414Z	64	PC: 13bf2 \| Write file or device (Write 4109 bytes on handle 6)
2018-12-17T22:38:29.024210644Z	62	PC: 13b6f \| Close file
2018-12-17T22:38:29.032940434Z	26	PC: 13065 \| Set disk transfer address
2018-12-17T22:38:29.034059143Z	79	PC: 1306a \| Find next file
2018-12-17T22:38:29.036898938Z	61	PC: 13b1f \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:38:29.04404788Z	63	PC: 13bf2 \| Read file or device (Read 4108 bytes on handle 6)
2018-12-17T22:38:29.051681575Z	66	PC: 13c51 \| Move file pointer
2018-12-17T22:38:29.053041691Z	64	PC: 13bf2 \| Write file or device (Write 4108 bytes on handle 6)
2018-12-17T22:38:29.062171441Z	66	PC: 13c51 \| Move file pointer
2018-12-17T22:38:29.064060428Z	64	PC: 13bf2 \| Write file or device (Write 4109 bytes on handle 6)
2018-12-17T22:38:29.072454497Z	62	PC: 13b6f \| Close file
2018-12-17T22:38:29.080556422Z	26	PC: 13065 \| Set disk transfer address
2018-12-17T22:38:29.082079918Z	79	PC: 1306a \| Find next file
2018-12-17T22:38:29.085241928Z	61	PC: 13b1f \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:38:29.092005052Z	63	PC: 13bf2 \| Read file or device (Read 4108 bytes on handle 6)
2018-12-17T22:38:29.099067867Z	66	PC: 13c51 \| Move file pointer
2018-12-17T22:38:29.100765088Z	64	PC: 13bf2 \| Write file or device (Write 4108 bytes on handle 6)
2018-12-17T22:38:29.109989214Z	66	PC: 13c51 \| Move file pointer
2018-12-17T22:38:29.112039068Z	64	PC: 13bf2 \| Write file or device (Write 4109 bytes on handle 6)
2018-12-17T22:38:29.120142849Z	62	PC: 13b6f \| Close file
2018-12-17T22:38:29.126394526Z	26	PC: 13065 \| Set disk transfer address
2018-12-17T22:38:29.12772804Z	79	PC: 1306a \| Find next file
2018-12-17T22:38:29.145749759Z	61	PC: 13b1f \| Open file (Filename = 'PAH.COM')
2018-12-17T22:38:29.152338298Z	63	PC: 13bf2 \| Read file or device (Read 4108 bytes on handle 6)
2018-12-17T22:38:29.159670351Z	66	PC: 13c51 \| Move file pointer
2018-12-17T22:38:29.161156723Z	64	PC: 13bf2 \| Write file or device (Write 4108 bytes on handle 6)
2018-12-17T22:38:29.169992804Z	66	PC: 13c51 \| Move file pointer
2018-12-17T22:38:29.172287967Z	64	PC: 13bf2 \| Write file or device (Write 4109 bytes on handle 6)
2018-12-17T22:38:29.180851771Z	62	PC: 13b6f \| Close file
2018-12-17T22:38:29.191001657Z	26	PC: 13065 \| Set disk transfer address
2018-12-17T22:38:29.1926115Z	79	PC: 1306a \| Find next file
2018-12-17T22:38:29.196033986Z	42	PC: 12ff5 \| Get date 0x12ff5: pushf 0x12ff6: push es 0x12ff7: push di 0x12ff8: push bp 0x12ff9: mov bp, sp 0x12ffb: les di, ptr [bp + 0x10] 0x12ffe: cld 0x12fff: stosw word ptr es:[di], ax 0x13000: mov ax, bx 0x13002: stosw word ptr es:[di], ax 0x13003: mov ax, cx 0x13005: stosw word ptr es:[di], ax 0x13006: mov ax, dx 0x13008: stosw word ptr es:[di], ax 0x13009: pop ax 0x1300a: stosw word ptr es:[di], ax 0x1300b: mov ax, si 0x1300d: stosw word ptr es:[di], ax 0x1300e: pop ax 0x1300f: stosw word ptr es:[di], ax
2018-12-17T22:38:29.198277927Z	66	PC: 13cbb \| Move file pointer
2018-12-17T22:38:29.200160755Z	66	PC: 13cc9 \| Move file pointer
2018-12-17T22:38:29.201270655Z	66	PC: 13cd7 \| Move file pointer
2018-12-17T22:38:29.202283184Z	66	PC: 13c51 \| Move file pointer
2018-12-17T22:38:29.20403963Z	63	PC: 13bf2 \| Read file or device (Read 4108 bytes on handle 5)
2018-12-17T22:38:29.212437803Z	66	PC: 13c51 \| Move file pointer
2018-12-17T22:38:29.213935594Z	64	PC: 13bf2 \| Write file or device (Write 4108 bytes on handle 5)
2018-12-17T22:38:29.221838771Z	62	PC: 13b6f \| Close file
2018-12-17T22:38:29.230397554Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:38:29.231522699Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:38:29.233875877Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:38:29.234989528Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:38:29.236047574Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:38:29.24558515Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:38:29.246797522Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:38:29.247855162Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:38:29.249823618Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:38:29.250960304Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:38:29.252005387Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:38:29.253804027Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:38:29.255069756Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:38:29.256160053Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:38:29.264790903Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:38:29.266136246Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:38:29.267310959Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:38:29.269196026Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:38:29.270550576Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:38:29.271645093Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:38:29.273243477Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:38:29.274246447Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:38:29.275284539Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:38:29.276510769Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:38:29.27752036Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:38:29.278545843Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:38:29.279814293Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:38:29.280817723Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:38:29.281913387Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:38:29.283124309Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:38:29.284067673Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:38:29.285294703Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:38:29.286831576Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:38:29.288144725Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:38:29.299505728Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:38:29.30128851Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:38:29.302292302Z	48	PC: 13cf9 \| Get DOS version
2018-12-17T22:38:29.304584335Z	41	PC: 13130 \| Parse filename
2018-12-17T22:38:29.312629029Z	41	PC: 1313e \| Parse filename
2018-12-17T22:38:29.314065854Z	75	PC: 13149 \| Execute program
2018-12-17T22:38:29.329527735Z	9	PC: 1a5a5 \| Display string (String= 'Sophos Ltd, Oxford sacrificial COM goat 1400H bytes long ')
2018-12-17T22:38:29.334898308Z	0	PC: 1a5a9 \| Program terminate
2018-12-17T22:38:29.336819417Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:38:29.341269589Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:38:29.342105468Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:38:29.342903584Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:38:29.353204998Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:38:29.354393263Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:38:29.355455727Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:38:29.357501369Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:38:29.358743743Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:38:29.360354128Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:38:29.362369773Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:38:29.363653384Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:38:29.364980317Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:38:29.366847818Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:38:29.367801443Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:38:29.368729137Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:38:29.370983878Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:38:29.372294703Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:38:29.374206386Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:38:29.375992454Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:38:29.376923436Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:38:29.378031898Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:38:29.379729006Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:38:29.380652473Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:38:29.38153661Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:38:29.382969466Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:38:29.38455744Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:38:29.385476937Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:38:29.386811124Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:38:29.387760926Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:38:29.388766053Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:38:29.390186111Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:38:29.391313535Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:38:29.393383711Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:38:29.3944783Z	53	PC: 130a8 \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:38:29.395505182Z	37	PC: 130b1 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:38:29.397124385Z	61	PC: 13b1f \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:38:29.403770216Z	66	PC: 13c51 \| Move file pointer
2018-12-17T22:38:29.405192528Z	64	PC: 13bf2 \| Write file or device (Write 4108 bytes on handle 5)
2018-12-17T22:38:29.413845168Z	62	PC: 13b6f \| Close file
2018-12-17T22:38:29.421922381Z	64	PC: 13900 \| Write file or device (Write 0 bytes on handle 1)
2018-12-17T22:38:29.423464006Z	37	PC: 13335 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:38:29.424974423Z	37	PC: 13335 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:38:29.426155404Z	37	PC: 13335 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:38:29.42725361Z	37	PC: 13335 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:38:29.429010593Z	37	PC: 13335 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:38:29.430444225Z	37	PC: 13335 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:38:29.431460503Z	37	PC: 13335 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:38:29.433316301Z	37	PC: 13335 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:38:29.434540182Z	37	PC: 13335 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:38:29.435667901Z	37	PC: 13335 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:38:29.437732748Z	37	PC: 13335 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:38:29.438855546Z	37	PC: 13335 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:38:29.439791713Z	37	PC: 13335 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:38:29.441518507Z	37	PC: 13335 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:38:29.44248547Z	37	PC: 13335 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:38:29.44342217Z	37	PC: 13335 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:38:29.444771975Z	37	PC: 13335 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:38:29.445698137Z	37	PC: 13335 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:38:29.44678317Z	76	PC: 13374 \| Terminate with return code (Return code = '0')