Sample viewer

vx.netlux.org/Virus.DOS.VCC.Mozart.573

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:39:02.377936218Z 26 PC: 15839 | Set disk transfer address
2018-12-17T22:39:02.379783187Z 37 PC: 15847 | Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T22:39:02.381074488Z 37 PC: 1584b | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:39:02.382443475Z 78 PC: 15896 | Find first file
2018-12-17T22:39:02.389965833Z 61 PC: 159d8 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:39:02.394785324Z 63 PC: 159e7 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:39:02.39962509Z 66 PC: 159f6 | Move file pointer
2018-12-17T22:39:02.414237812Z 66 PC: 15a05 | Move file pointer
2018-12-17T22:39:02.416509707Z 64 PC: 15a11 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:39:02.419744269Z 66 PC: 15a1d | Move file pointer
2018-12-17T22:39:02.422604927Z 44 PC: 15a21 | Get time 0x15a21: mov byte ptr [bp + 0x23d], dl
0x15a25: call 0x15a3b
0x15a28: mov ah, 0x40
0x15a2a: mov cx, 0x23d
0x15a2d: lea dx, word ptr [bp + 6]
0x15a31: int 0x21
0x15a33: call 0x15a3b
0x15a36: mov ah, 0x3e
0x15a38: int 0x21
0x15a3a: ret
0x15a3b: lea si, word ptr [bp + 0x1f]
0x15a3f: mov cx, 0x1ff
0x15a42: xor byte ptr [si], 0x18
0x15a45: inc si
0x15a46: dec cx
0x15a47: jne 0x15a42
0x15a49: ret
0x15a4a: add word ptr [bx], di
0x15a4c: aas
0x15a4d: aas
2018-12-17T22:39:02.430408314Z 64 PC: 15a33 | Write file or device (Write 573 bytes on handle 5)
2018-12-17T22:39:02.45447666Z 62 PC: 15a3a | Close file
2018-12-17T22:39:02.462546368Z 79 PC: 15896 | Find next file
2018-12-17T22:39:02.464859382Z 61 PC: 159d8 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:39:02.470151144Z 63 PC: 159e7 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:39:02.475001247Z 66 PC: 159f6 | Move file pointer
2018-12-17T22:39:02.476674976Z 66 PC: 15a05 | Move file pointer
2018-12-17T22:39:02.477949879Z 64 PC: 15a11 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:39:02.480631543Z 66 PC: 15a1d | Move file pointer
2018-12-17T22:39:02.485177767Z 44 PC: 15a21 | Get time 0x15a21: mov byte ptr [bp + 0x23d], dl
0x15a25: call 0x15a3b
0x15a28: mov ah, 0x40
0x15a2a: mov cx, 0x23d
0x15a2d: lea dx, word ptr [bp + 6]
0x15a31: int 0x21
0x15a33: call 0x15a3b
0x15a36: mov ah, 0x3e
0x15a38: int 0x21
0x15a3a: ret
0x15a3b: lea si, word ptr [bp + 0x1f]
0x15a3f: mov cx, 0x1ff
0x15a42: xor byte ptr [si], 0x41
0x15a45: inc si
0x15a46: dec cx
0x15a47: jne 0x15a42
0x15a49: ret
0x15a4a: add word ptr [bx], di
0x15a4c: aas
0x15a4d: aas
2018-12-17T22:39:02.487174437Z 64 PC: 15a33 | Write file or device (Write 573 bytes on handle 5)
2018-12-17T22:39:02.496819181Z 62 PC: 15a3a | Close file
2018-12-17T22:39:02.508824495Z 79 PC: 15896 | Find next file
2018-12-17T22:39:02.512739176Z 61 PC: 159d8 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:39:02.520501818Z 63 PC: 159e7 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:39:02.529249378Z 66 PC: 159f6 | Move file pointer
2018-12-17T22:39:02.530974968Z 66 PC: 15a05 | Move file pointer
2018-12-17T22:39:02.532805173Z 64 PC: 15a11 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:39:02.537583191Z 66 PC: 15a1d | Move file pointer
2018-12-17T22:39:02.539556892Z 44 PC: 15a21 | Get time 0x15a21: mov byte ptr [bp + 0x23d], dl
0x15a25: call 0x15a3b
0x15a28: mov ah, 0x40
0x15a2a: mov cx, 0x23d
0x15a2d: lea dx, word ptr [bp + 6]
0x15a31: int 0x21
0x15a33: call 0x15a3b
0x15a36: mov ah, 0x3e
0x15a38: int 0x21
0x15a3a: ret
0x15a3b: lea si, word ptr [bp + 0x1f]
0x15a3f: mov cx, 0x1ff
0x15a42: xor byte ptr [si], 0x41
0x15a45: inc si
0x15a46: dec cx
0x15a47: jne 0x15a42
0x15a49: ret
0x15a4a: add word ptr [bx], di
0x15a4c: aas
0x15a4d: aas
2018-12-17T22:39:02.542349342Z 64 PC: 15a33 | Write file or device (Write 573 bytes on handle 5)
2018-12-17T22:39:02.565272159Z 62 PC: 15a3a | Close file
2018-12-17T22:39:02.575546133Z 79 PC: 15896 | Find next file
2018-12-17T22:39:02.578966643Z 61 PC: 159d8 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:39:02.587095442Z 63 PC: 159e7 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:39:02.595421529Z 66 PC: 159f6 | Move file pointer
2018-12-17T22:39:02.597410623Z 66 PC: 15a05 | Move file pointer
2018-12-17T22:39:02.599375024Z 64 PC: 15a11 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:39:02.603740436Z 66 PC: 15a1d | Move file pointer
2018-12-17T22:39:02.605690238Z 44 PC: 15a21 | Get time 0x15a21: mov byte ptr [bp + 0x23d], dl
0x15a25: call 0x15a3b
0x15a28: mov ah, 0x40
0x15a2a: mov cx, 0x23d
0x15a2d: lea dx, word ptr [bp + 6]
0x15a31: int 0x21
0x15a33: call 0x15a3b
0x15a36: mov ah, 0x3e
0x15a38: int 0x21
0x15a3a: ret
0x15a3b: lea si, word ptr [bp + 0x1f]
0x15a3f: mov cx, 0x1ff
0x15a42: xor byte ptr [si], 0x47
0x15a45: inc si
0x15a46: dec cx
0x15a47: jne 0x15a42
0x15a49: ret
0x15a4a: add word ptr [bx], di
0x15a4c: aas
0x15a4d: aas
2018-12-17T22:39:02.608688715Z 64 PC: 15a33 | Write file or device (Write 573 bytes on handle 5)
2018-12-17T22:39:02.634633516Z 62 PC: 15a3a | Close file
2018-12-17T22:39:02.645020251Z 79 PC: 15896 | Find next file
2018-12-17T22:39:02.648405071Z 61 PC: 159d8 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:39:02.659435004Z 63 PC: 159e7 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:39:02.66725345Z 66 PC: 159f6 | Move file pointer
2018-12-17T22:39:02.669448744Z 66 PC: 15a05 | Move file pointer
2018-12-17T22:39:02.672362663Z 64 PC: 15a11 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:39:02.676356757Z 66 PC: 15a1d | Move file pointer
2018-12-17T22:39:02.678483022Z 44 PC: 15a21 | Get time 0x15a21: mov byte ptr [bp + 0x23d], dl
0x15a25: call 0x15a3b
0x15a28: mov ah, 0x40
0x15a2a: mov cx, 0x23d
0x15a2d: lea dx, word ptr [bp + 6]
0x15a31: int 0x21
0x15a33: call 0x15a3b
0x15a36: mov ah, 0x3e
0x15a38: int 0x21
0x15a3a: ret
0x15a3b: lea si, word ptr [bp + 0x1f]
0x15a3f: mov cx, 0x1ff
0x15a42: xor byte ptr [si], 0x4c
0x15a45: inc si
0x15a46: dec cx
0x15a47: jne 0x15a42
0x15a49: ret
0x15a4a: add word ptr [bx], di
0x15a4c: aas
0x15a4d: aas
2018-12-17T22:39:02.682614462Z 64 PC: 15a33 | Write file or device (Write 573 bytes on handle 5)
2018-12-17T22:39:02.692172247Z 62 PC: 15a3a | Close file
2018-12-17T22:39:02.702570291Z 79 PC: 15896 | Find next file
2018-12-17T22:39:02.706217404Z 61 PC: 159d8 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:39:02.715140923Z 63 PC: 159e7 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:39:02.73077315Z 66 PC: 159f6 | Move file pointer
2018-12-17T22:39:02.732860808Z 66 PC: 15a05 | Move file pointer
2018-12-17T22:39:02.735652283Z 64 PC: 15a11 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:39:02.73908298Z 66 PC: 15a1d | Move file pointer
2018-12-17T22:39:02.741101632Z 44 PC: 15a21 | Get time 0x15a21: mov byte ptr [bp + 0x23d], dl
0x15a25: call 0x15a3b
0x15a28: mov ah, 0x40
0x15a2a: mov cx, 0x23d
0x15a2d: lea dx, word ptr [bp + 6]
0x15a31: int 0x21
0x15a33: call 0x15a3b
0x15a36: mov ah, 0x3e
0x15a38: int 0x21
0x15a3a: ret
0x15a3b: lea si, word ptr [bp + 0x1f]
0x15a3f: mov cx, 0x1ff
0x15a42: xor byte ptr [si], 0x52
0x15a45: inc si
0x15a46: dec cx
0x15a47: jne 0x15a42
0x15a49: ret
0x15a4a: add word ptr [bx], di
0x15a4c: aas
0x15a4d: aas
2018-12-17T22:39:02.744585805Z 64 PC: 15a33 | Write file or device (Write 573 bytes on handle 5)
2018-12-17T22:39:02.754732663Z 62 PC: 15a3a | Close file
2018-12-17T22:39:02.764259282Z 79 PC: 15896 | Find next file
2018-12-17T22:39:02.768049559Z 61 PC: 159d8 | Open file (Filename = 'PAH.COM')
2018-12-17T22:39:02.775449024Z 63 PC: 159e7 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:39:02.782575559Z 66 PC: 159f6 | Move file pointer
2018-12-17T22:39:02.783986596Z 66 PC: 15a05 | Move file pointer
2018-12-17T22:39:02.785567758Z 64 PC: 15a11 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:39:02.787554479Z 66 PC: 15a1d | Move file pointer
2018-12-17T22:39:02.788817361Z 44 PC: 15a21 | Get time 0x15a21: mov byte ptr [bp + 0x23d], dl
0x15a25: call 0x15a3b
0x15a28: mov ah, 0x40
0x15a2a: mov cx, 0x23d
0x15a2d: lea dx, word ptr [bp + 6]
0x15a31: int 0x21
0x15a33: call 0x15a3b
0x15a36: mov ah, 0x3e
0x15a38: int 0x21
0x15a3a: ret
0x15a3b: lea si, word ptr [bp + 0x1f]
0x15a3f: mov cx, 0x1ff
0x15a42: xor byte ptr [si], 0x57
0x15a45: inc si
0x15a46: dec cx
0x15a47: jne 0x15a42
0x15a49: ret
0x15a4a: add word ptr [bx], di
0x15a4c: aas
0x15a4d: aas
2018-12-17T22:39:02.791047638Z 64 PC: 15a33 | Write file or device (Write 573 bytes on handle 5)
2018-12-17T22:39:02.796787037Z 62 PC: 15a3a | Close file
2018-12-17T22:39:02.802832812Z 79 PC: 15896 | Find next file
2018-12-17T22:39:02.805199138Z 61 PC: 159d8 | Open file (Filename = 'TEST.COM')
2018-12-17T22:39:02.810743605Z 63 PC: 159e7 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:39:02.812722571Z 62 PC: 15a3a | Close file
2018-12-17T22:39:02.814878896Z 79 PC: 15896 | Find next file
2018-12-17T22:39:02.81738423Z 59 PC: 158a7 | Change current directory
2018-12-17T22:39:02.820451624Z 26 PC: 158b0 | Set disk transfer address
2018-12-17T22:39:02.822399438Z 9 PC: 158c8 | Display string (String= ' win TEMP=C:\WINDOWS\TEMP �+������� �!�L�!This is a sample! (10.000 bytes)')
2018-12-17T22:39:02.827557351Z 9 PC: 158dd | Display string (String= '*** Free Version of Virus research center v1.0 *** 18687 virus detected ERROR: An Internal Error found, no Data File ! ')
2018-12-17T22:39:02.833787431Z 47 PC: 155e8 | Get disk transfer address
2018-12-17T22:39:02.835606195Z 26 PC: 155f7 | Set disk transfer address
2018-12-17T22:39:02.836720898Z 78 PC: 15673 | Find first file
2018-12-17T22:39:02.840789732Z 67 PC: 156ab | Get or set file attributes
2018-12-17T22:39:02.845229161Z 67 PC: 156bb | Get or set file attributes
2018-12-17T22:39:02.853297858Z 61 PC: 156c5 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:39:02.860232689Z 87 PC: 156d1 | Get or set file date and time
2018-12-17T22:39:02.863143593Z 63 PC: 156e3 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:39:02.869272794Z 66 PC: 156fc | Move file pointer
2018-12-17T22:39:02.870968089Z 64 PC: 1571f | Write file or device (Write 574 bytes on handle 5)
2018-12-17T22:39:02.881249656Z 66 PC: 15731 | Move file pointer
2018-12-17T22:39:02.883206357Z 64 PC: 1573f | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:39:02.886212769Z 87 PC: 15750 | Get or set file date and time
2018-12-17T22:39:02.888337672Z 62 PC: 15754 | Close file
2018-12-17T22:39:02.897319285Z 67 PC: 15761 | Get or set file attributes
2018-12-17T22:39:02.905206194Z 26 PC: 1576b | Set disk transfer address
2018-12-17T22:39:02.906942822Z 25 PC: 154d0 | Get default drive
2018-12-17T22:39:02.908547168Z 71 PC: 154e2 | Get current directory
2018-12-17T22:39:02.910690956Z 47 PC: 154c1 | Get disk transfer address
2018-12-17T22:39:02.911728646Z 26 PC: 153b6 | Set disk transfer address
2018-12-17T22:39:02.913734892Z 78 PC: 153c0 | Find first file
2018-12-17T22:39:02.918764069Z 61 PC: 153fa | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:39:02.923733092Z 66 PC: 15502 | Move file pointer
2018-12-17T22:39:02.926376281Z 63 PC: 15534 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:39:02.928629904Z 67 PC: 15525 | Get or set file attributes
2018-12-17T22:39:02.936852282Z 66 PC: 15502 | Move file pointer
2018-12-17T22:39:02.939933772Z 64 PC: 15577 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:39:02.942566686Z 66 PC: 154ec | Move file pointer
2018-12-17T22:39:02.944941129Z 64 PC: 155a9 | Write file or device (Write 575 bytes on handle 5)
2018-12-17T22:39:02.95399033Z 87 PC: 1558c | Get or set file date and time
2018-12-17T22:39:02.956113625Z 62 PC: 15590 | Close file
2018-12-17T22:39:02.964602351Z 67 PC: 15510 | Get or set file attributes
2018-12-17T22:39:02.975450833Z 59 PC: 1540b | Change current directory
2018-12-17T22:39:02.98090978Z 26 PC: 15419 | Set disk transfer address
2018-12-17T22:39:02.982197137Z 47 PC: 15172 | Get disk transfer address
2018-12-17T22:39:02.983374238Z 26 PC: 1517e | Set disk transfer address
2018-12-17T22:39:02.985246066Z 78 PC: 151f2 | Find first file
2018-12-17T22:39:02.9893395Z 67 PC: 15228 | Get or set file attributes
2018-12-17T22:39:02.993278662Z 67 PC: 15236 | Get or set file attributes
2018-12-17T22:39:03.000585801Z 61 PC: 1523e | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:39:03.008295504Z 87 PC: 1524a | Get or set file date and time
2018-12-17T22:39:03.009635245Z 44 PC: 15254 | Get time 0x15254: and dh, 7
0x15257: jne 0x15266
0x15259: mov ah, 0x40
0x1525b: mov cx, 0xc
0x1525e: lea dx, word ptr [si + 0x8a]
0x15262: int 0x21
0x15264: jmp 0x152b9
0x15266: mov ah, 0x3f
0x15268: mov cx, 3
0x1526b: lea dx, word ptr [si + 0xa]
0x1526e: int 0x21
0x15270: jb 0x152b9
0x15272: cmp ax, 3
0x15275: jne 0x152b9
0x15277: mov ax, 0x4202
0x1527a: xor cx, cx
0x1527c: xor dx, dx
0x1527e: int 0x21
0x15280: jb 0x152b9
0x15282: mov cx, ax
2018-12-17T22:39:03.013550956Z 63 PC: 15270 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:39:03.02165798Z 66 PC: 15280 | Move file pointer
2018-12-17T22:39:03.023878315Z 64 PC: 1529d | Write file or device (Write 576 bytes on handle 5)
2018-12-17T22:39:03.034844842Z 66 PC: 152ad | Move file pointer
2018-12-17T22:39:03.036832766Z 64 PC: 152b9 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:39:03.040612056Z 87 PC: 152ca | Get or set file date and time
2018-12-17T22:39:03.042718088Z 62 PC: 152ce | Close file
2018-12-17T22:39:03.048507348Z 67 PC: 152d9 | Get or set file attributes
2018-12-17T22:39:03.058061832Z 26 PC: 152e3 | Set disk transfer address
2018-12-17T22:39:03.060844384Z 9 PC: 12a51 | Display string (String= 'This is a sample! (10.000 bytes)')
2018-12-17T22:39:03.065626267Z 76 PC: 12a56 | Terminate with return code (Return code = '0')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":6706,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:00:10.787429143Z 26 PC: 15839 | Set disk transfer address
2018-12-25T12:00:10.789423333Z 37 PC: 15847 | Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-25T12:00:10.790793274Z 37 PC: 1584b | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T12:00:10.792071898Z 78 PC: 15896 | Find first file
2018-12-25T12:00:10.798962971Z 61 PC: 159d8 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:00:10.807277796Z 63 PC: 159e7 | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:00:10.814234256Z 66 PC: 159f6 | Move file pointer
2018-12-25T12:00:10.815528377Z 66 PC: 15a05 | Move file pointer
2018-12-25T12:00:10.8179641Z 64 PC: 15a11 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:00:10.820931768Z 66 PC: 15a1d | Move file pointer
2018-12-25T12:00:10.822255594Z 44 PC: 15a21 | Get time 0x15a21: mov byte ptr [bp + 0x23d], dl
0x15a25: call 0x15a3b
0x15a28: mov ah, 0x40
0x15a2a: mov cx, 0x23d
0x15a2d: lea dx, word ptr [bp + 6]
0x15a31: int 0x21
0x15a33: call 0x15a3b
0x15a36: mov ah, 0x3e
0x15a38: int 0x21
0x15a3a: ret
0x15a3b: lea si, word ptr [bp + 0x1f]
0x15a3f: mov cx, 0x1ff
0x15a42: xor byte ptr [si], 0x18
0x15a45: inc si
0x15a46: dec cx
0x15a47: jne 0x15a42
0x15a49: ret
0x15a4a: add word ptr [bx], di
0x15a4c: aas
0x15a4d: aas
2018-12-25T12:00:10.825851295Z 64 PC: 15a33 | Write file or device (Write 573 bytes on handle 5)
2018-12-25T12:00:11.040645901Z 62 PC: 15a3a | Close file
2018-12-25T12:00:11.049747931Z 79 PC: 15896 | Find next file (See above)
2018-12-25T12:00:11.053833476Z 61 PC: 159d8 | Open file (See above)
2018-12-25T12:00:11.061860196Z 63 PC: 159e7 | Read file or device (See above)
2018-12-25T12:00:11.069345828Z 66 PC: 159f6 | Move file pointer (See above)
2018-12-25T12:00:11.070999421Z 66 PC: 15a05 | Move file pointer (See above)
2018-12-25T12:00:11.072659671Z 64 PC: 15a11 | Write file or device (See above)
2018-12-25T12:00:11.075539482Z 66 PC: 15a1d | Move file pointer (See above)
2018-12-25T12:00:11.076940526Z 44 PC: 15a21 | Get time (See above)
2018-12-25T12:00:11.079849206Z 64 PC: 15a33 | Write file or device (See above)
2018-12-25T12:00:11.088951589Z 62 PC: 15a3a | Close file (See above)
2018-12-25T12:00:11.098037719Z 79 PC: 15896 | Find next file (See above)
2018-12-25T12:00:11.101288656Z 61 PC: 159d8 | Open file (See above)
2018-12-25T12:00:11.109362782Z 63 PC: 159e7 | Read file or device (See above)
2018-12-25T12:00:11.11688065Z 66 PC: 159f6 | Move file pointer (See above)
2018-12-25T12:00:11.120324177Z 66 PC: 15a05 | Move file pointer (See above)
2018-12-25T12:00:11.122914241Z 64 PC: 15a11 | Write file or device (See above)
2018-12-25T12:00:11.126240065Z 66 PC: 15a1d | Move file pointer (See above)
2018-12-25T12:00:11.128770019Z 44 PC: 15a21 | Get time (See above)
2018-12-25T12:00:11.131651413Z 64 PC: 15a33 | Write file or device (See above)
2018-12-25T12:00:11.141255575Z 62 PC: 15a3a | Close file (See above)
2018-12-25T12:00:11.151570733Z 79 PC: 15896 | Find next file (See above)
2018-12-25T12:00:11.154506652Z 61 PC: 159d8 | Open file (See above)
2018-12-25T12:00:11.161801095Z 63 PC: 159e7 | Read file or device (See above)
2018-12-25T12:00:11.169255993Z 66 PC: 159f6 | Move file pointer (See above)
2018-12-25T12:00:11.170917062Z 66 PC: 15a05 | Move file pointer (See above)
2018-12-25T12:00:11.172369997Z 64 PC: 15a11 | Write file or device (See above)
2018-12-25T12:00:11.175213882Z 66 PC: 15a1d | Move file pointer (See above)
2018-12-25T12:00:11.177210839Z 44 PC: 15a21 | Get time (See above)
2018-12-25T12:00:11.179763175Z 64 PC: 15a33 | Write file or device (See above)
2018-12-25T12:00:11.189249777Z 62 PC: 15a3a | Close file (See above)
2018-12-25T12:00:11.198361157Z 79 PC: 15896 | Find next file (See above)
2018-12-25T12:00:11.200161457Z 61 PC: 159d8 | Open file (See above)
2018-12-25T12:00:11.205887435Z 63 PC: 159e7 | Read file or device (See above)
2018-12-25T12:00:11.214157751Z 66 PC: 159f6 | Move file pointer (See above)
2018-12-25T12:00:11.215746492Z 66 PC: 15a05 | Move file pointer (See above)
2018-12-25T12:00:11.217276123Z 64 PC: 15a11 | Write file or device (See above)
2018-12-25T12:00:11.220758817Z 66 PC: 15a1d | Move file pointer (See above)
2018-12-25T12:00:11.222238897Z 44 PC: 15a21 | Get time (See above)
2018-12-25T12:00:11.224583896Z 64 PC: 15a33 | Write file or device (See above)
2018-12-25T12:00:11.234041119Z 62 PC: 15a3a | Close file (See above)
2018-12-25T12:00:11.243160908Z 79 PC: 15896 | Find next file (See above)
2018-12-25T12:00:11.245873222Z 61 PC: 159d8 | Open file (See above)
2018-12-25T12:00:11.259124065Z 63 PC: 159e7 | Read file or device (See above)
2018-12-25T12:00:11.263359453Z 66 PC: 159f6 | Move file pointer (See above)
2018-12-25T12:00:11.264763043Z 66 PC: 15a05 | Move file pointer (See above)
2018-12-25T12:00:11.266529398Z 64 PC: 15a11 | Write file or device (See above)
2018-12-25T12:00:11.269185195Z 66 PC: 15a1d | Move file pointer (See above)
2018-12-25T12:00:11.270605723Z 44 PC: 15a21 | Get time (See above)
2018-12-25T12:00:11.273464014Z 64 PC: 15a33 | Write file or device (See above)
2018-12-25T12:00:11.2810921Z 62 PC: 15a3a | Close file (See above)
2018-12-25T12:00:11.286376848Z 79 PC: 15896 | Find next file (See above)
2018-12-25T12:00:11.288675884Z 61 PC: 159d8 | Open file (See above)
2018-12-25T12:00:11.292880696Z 63 PC: 159e7 | Read file or device (See above)
2018-12-25T12:00:11.297206694Z 66 PC: 159f6 | Move file pointer (See above)
2018-12-25T12:00:11.298371987Z 66 PC: 15a05 | Move file pointer (See above)
2018-12-25T12:00:11.299649527Z 64 PC: 15a11 | Write file or device (See above)
2018-12-25T12:00:11.301403104Z 66 PC: 15a1d | Move file pointer (See above)
2018-12-25T12:00:11.302497787Z 44 PC: 15a21 | Get time (See above)
2018-12-25T12:00:11.304625448Z 64 PC: 15a33 | Write file or device (See above)
2018-12-25T12:00:11.310145867Z 62 PC: 15a3a | Close file (See above)
2018-12-25T12:00:11.31524563Z 79 PC: 15896 | Find next file (See above)
2018-12-25T12:00:11.317478041Z 61 PC: 159d8 | Open file (See above)
2018-12-25T12:00:11.322393093Z 63 PC: 159e7 | Read file or device (See above)
2018-12-25T12:00:11.326218318Z 62 PC: 15a3a | Close file (See above)
2018-12-25T12:00:11.332809452Z 79 PC: 15896 | Find next file (See above)
2018-12-25T12:00:11.33485822Z 59 PC: 158a7 | Change current directory
2018-12-25T12:00:11.338397562Z 26 PC: 158b0 | Set disk transfer address
2018-12-25T12:00:11.340774301Z 9 PC: 158c8 | Display string (String= ' win TEMP=C:\WINDOWS\TEMP �+������� �!�L�!This is a sample! (10.000 bytes)')
2018-12-25T12:00:11.349815473Z 9 PC: 158dd | Display string (String= '*** Free Version of Virus research center v1.0 *** 18687 virus detected ERROR: An Internal Error found, no Data File ! ')
2018-12-25T12:00:11.356106714Z 47 PC: 155e8 | Get disk transfer address
2018-12-25T12:00:11.357825521Z 26 PC: 155f7 | Set disk transfer address
2018-12-25T12:00:11.358928034Z 78 PC: 15673 | Find first file
2018-12-25T12:00:11.368058572Z 67 PC: 156ab | Get or set file attributes
2018-12-25T12:00:11.372562025Z 67 PC: 156bb | Get or set file attributes
2018-12-25T12:00:11.379628023Z 61 PC: 156c5 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:00:11.385140693Z 87 PC: 156d1 | Get or set file date and time
2018-12-25T12:00:11.387294596Z 63 PC: 156e3 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:00:11.392167117Z 66 PC: 156fc | Move file pointer
2018-12-25T12:00:11.394377089Z 64 PC: 1571f | Write file or device (Write 574 bytes on handle 5)
2018-12-25T12:00:11.406241201Z 66 PC: 15731 | Move file pointer
2018-12-25T12:00:11.408219142Z 64 PC: 1573f | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:00:11.41173208Z 87 PC: 15750 | Get or set file date and time
2018-12-25T12:00:11.415037374Z 62 PC: 15754 | Close file
2018-12-25T12:00:11.424197447Z 67 PC: 15761 | Get or set file attributes
2018-12-25T12:00:11.435797694Z 26 PC: 1576b | Set disk transfer address
2018-12-25T12:00:11.438652676Z 25 PC: 154d0 | Get default drive
2018-12-25T12:00:11.441679589Z 71 PC: 154e2 | Get current directory
2018-12-25T12:00:11.445488147Z 47 PC: 154c1 | Get disk transfer address
2018-12-25T12:00:11.447394783Z 26 PC: 153b6 | Set disk transfer address
2018-12-25T12:00:11.449900483Z 78 PC: 153c0 | Find first file
2018-12-25T12:00:11.456921151Z 61 PC: 153fa | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:00:11.470442169Z 66 PC: 15502 | Move file pointer
2018-12-25T12:00:11.47325391Z 63 PC: 15534 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:00:11.480933385Z 67 PC: 15525 | Get or set file attributes
2018-12-25T12:00:11.492455246Z 66 PC: 15502 | Move file pointer (See above)
2018-12-25T12:00:11.495270156Z 64 PC: 15577 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:00:11.499306496Z 66 PC: 154ec | Move file pointer
2018-12-25T12:00:11.501761651Z 64 PC: 155a9 | Write file or device (Write 575 bytes on handle 5)
2018-12-25T12:00:11.513047464Z 87 PC: 1558c | Get or set file date and time
2018-12-25T12:00:11.515508788Z 62 PC: 15590 | Close file
2018-12-25T12:00:11.525067933Z 67 PC: 15510 | Get or set file attributes
2018-12-25T12:00:11.532675617Z 59 PC: 1540b | Change current directory
2018-12-25T12:00:11.538388751Z 26 PC: 15419 | Set disk transfer address
2018-12-25T12:00:11.540252772Z 47 PC: 15172 | Get disk transfer address
2018-12-25T12:00:11.542807424Z 26 PC: 1517e | Set disk transfer address
2018-12-25T12:00:11.54504676Z 78 PC: 151f2 | Find first file
2018-12-25T12:00:11.551757682Z 67 PC: 15228 | Get or set file attributes
2018-12-25T12:00:11.558440718Z 67 PC: 15236 | Get or set file attributes
2018-12-25T12:00:11.570162664Z 61 PC: 1523e | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:00:11.57768576Z 87 PC: 1524a | Get or set file date and time
2018-12-25T12:00:11.579443537Z 44 PC: 15254 | Get time 0x15254: and dh, 7
0x15257: jne 0x15266
0x15259: mov ah, 0x40
0x1525b: mov cx, 0xc
0x1525e: lea dx, word ptr [si + 0x8a]
0x15262: int 0x21
0x15264: jmp 0x152b9
0x15266: mov ah, 0x3f
0x15268: mov cx, 3
0x1526b: lea dx, word ptr [si + 0xa]
0x1526e: int 0x21
0x15270: jb 0x152b9
0x15272: cmp ax, 3
0x15275: jne 0x152b9
0x15277: mov ax, 0x4202
0x1527a: xor cx, cx
0x1527c: xor dx, dx
0x1527e: int 0x21
0x15280: jb 0x152b9
0x15282: mov cx, ax
2018-12-25T12:00:11.583676991Z 63 PC: 15270 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:00:11.586715218Z 66 PC: 15280 | Move file pointer
2018-12-25T12:00:11.588449856Z 64 PC: 1529d | Write file or device (Write 576 bytes on handle 5)
2018-12-25T12:00:11.598530151Z 66 PC: 152ad | Move file pointer
2018-12-25T12:00:11.600116746Z 64 PC: 152b9 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:00:11.603714427Z 87 PC: 152ca | Get or set file date and time
2018-12-25T12:00:11.606520022Z 62 PC: 152ce | Close file
2018-12-25T12:00:11.616050612Z 67 PC: 152d9 | Get or set file attributes
2018-12-25T12:00:11.627189805Z 26 PC: 152e3 | Set disk transfer address
2018-12-25T12:00:11.629314849Z 9 PC: 12a51 | Display string (String= 'This is a sample! (10.000 bytes)')
2018-12-25T12:00:11.632007677Z 76 PC: 12a56 | Terminate with return code (Return code = '0')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":7,"TimeBased":true,"OriginalID":6706,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:00:11.379543993Z 26 PC: 15839 | Set disk transfer address
2018-12-25T12:00:11.382136159Z 37 PC: 15847 | Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-25T12:00:11.383676684Z 37 PC: 1584b | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T12:00:11.385176734Z 78 PC: 15896 | Find first file
2018-12-25T12:00:11.392635713Z 61 PC: 159d8 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:00:11.399909503Z 63 PC: 159e7 | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:00:11.407030513Z 66 PC: 159f6 | Move file pointer
2018-12-25T12:00:11.409651318Z 66 PC: 15a05 | Move file pointer
2018-12-25T12:00:11.411124344Z 64 PC: 15a11 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:00:11.414054478Z 66 PC: 15a1d | Move file pointer
2018-12-25T12:00:11.416202743Z 44 PC: 15a21 | Get time 0x15a21: mov byte ptr [bp + 0x23d], dl
0x15a25: call 0x15a3b
0x15a28: mov ah, 0x40
0x15a2a: mov cx, 0x23d
0x15a2d: lea dx, word ptr [bp + 6]
0x15a31: int 0x21
0x15a33: call 0x15a3b
0x15a36: mov ah, 0x3e
0x15a38: int 0x21
0x15a3a: ret
0x15a3b: lea si, word ptr [bp + 0x1f]
0x15a3f: mov cx, 0x1ff
0x15a42: xor byte ptr [si], 0x18
0x15a45: inc si
0x15a46: dec cx
0x15a47: jne 0x15a42
0x15a49: ret
0x15a4a: add word ptr [bx], di
0x15a4c: aas
0x15a4d: aas
2018-12-25T12:00:11.419238229Z 64 PC: 15a33 | Write file or device (Write 573 bytes on handle 5)
2018-12-25T12:00:11.442427615Z 62 PC: 15a3a | Close file
2018-12-25T12:00:11.4520733Z 79 PC: 15896 | Find next file (See above)
2018-12-25T12:00:11.45620657Z 61 PC: 159d8 | Open file (See above)
2018-12-25T12:00:11.46390171Z 63 PC: 159e7 | Read file or device (See above)
2018-12-25T12:00:11.472083484Z 66 PC: 159f6 | Move file pointer (See above)
2018-12-25T12:00:11.475165659Z 66 PC: 15a05 | Move file pointer (See above)
2018-12-25T12:00:11.476750731Z 64 PC: 15a11 | Write file or device (See above)
2018-12-25T12:00:11.479723612Z 66 PC: 15a1d | Move file pointer (See above)
2018-12-25T12:00:11.482365934Z 44 PC: 15a21 | Get time (See above)
2018-12-25T12:00:11.491910474Z 64 PC: 15a33 | Write file or device (See above)
2018-12-25T12:00:11.501272831Z 62 PC: 15a3a | Close file (See above)
2018-12-25T12:00:11.511802408Z 79 PC: 15896 | Find next file (See above)
2018-12-25T12:00:11.51494066Z 61 PC: 159d8 | Open file (See above)
2018-12-25T12:00:11.522528868Z 63 PC: 159e7 | Read file or device (See above)
2018-12-25T12:00:11.529944997Z 66 PC: 159f6 | Move file pointer (See above)
2018-12-25T12:00:11.532138564Z 66 PC: 15a05 | Move file pointer (See above)
2018-12-25T12:00:11.53370231Z 64 PC: 15a11 | Write file or device (See above)
2018-12-25T12:00:11.536517515Z 66 PC: 15a1d | Move file pointer (See above)
2018-12-25T12:00:11.539467249Z 44 PC: 15a21 | Get time (See above)
2018-12-25T12:00:11.542076015Z 64 PC: 15a33 | Write file or device (See above)
2018-12-25T12:00:11.551001881Z 62 PC: 15a3a | Close file (See above)
2018-12-25T12:00:11.560594583Z 79 PC: 15896 | Find next file (See above)
2018-12-25T12:00:11.563597976Z 61 PC: 159d8 | Open file (See above)
2018-12-25T12:00:11.571076649Z 63 PC: 159e7 | Read file or device (See above)
2018-12-25T12:00:11.579694118Z 66 PC: 159f6 | Move file pointer (See above)
2018-12-25T12:00:11.581613837Z 66 PC: 15a05 | Move file pointer (See above)
2018-12-25T12:00:11.583487457Z 64 PC: 15a11 | Write file or device (See above)
2018-12-25T12:00:11.587406102Z 66 PC: 15a1d | Move file pointer (See above)
2018-12-25T12:00:11.589385792Z 44 PC: 15a21 | Get time (See above)
2018-12-25T12:00:11.592334945Z 64 PC: 15a33 | Write file or device (See above)
2018-12-25T12:00:11.601643552Z 62 PC: 15a3a | Close file (See above)
2018-12-25T12:00:11.610898437Z 79 PC: 15896 | Find next file (See above)
2018-12-25T12:00:11.614042365Z 61 PC: 159d8 | Open file (See above)
2018-12-25T12:00:11.621875255Z 63 PC: 159e7 | Read file or device (See above)
2018-12-25T12:00:11.629627927Z 66 PC: 159f6 | Move file pointer (See above)
2018-12-25T12:00:11.631189172Z 66 PC: 15a05 | Move file pointer (See above)
2018-12-25T12:00:11.632922815Z 64 PC: 15a11 | Write file or device (See above)
2018-12-25T12:00:11.637141876Z 66 PC: 15a1d | Move file pointer (See above)
2018-12-25T12:00:11.638892361Z 44 PC: 15a21 | Get time (See above)
2018-12-25T12:00:11.641680831Z 64 PC: 15a33 | Write file or device (See above)
2018-12-25T12:00:11.651737912Z 62 PC: 15a3a | Close file (See above)
2018-12-25T12:00:11.660790356Z 79 PC: 15896 | Find next file (See above)
2018-12-25T12:00:11.66398691Z 61 PC: 159d8 | Open file (See above)
2018-12-25T12:00:11.672824188Z 63 PC: 159e7 | Read file or device (See above)
2018-12-25T12:00:11.680240581Z 66 PC: 159f6 | Move file pointer (See above)
2018-12-25T12:00:11.682083146Z 66 PC: 15a05 | Move file pointer (See above)
2018-12-25T12:00:11.68438503Z 64 PC: 15a11 | Write file or device (See above)
2018-12-25T12:00:11.687418056Z 66 PC: 15a1d | Move file pointer (See above)
2018-12-25T12:00:11.689277074Z 44 PC: 15a21 | Get time (See above)
2018-12-25T12:00:11.692834326Z 64 PC: 15a33 | Write file or device (See above)
2018-12-25T12:00:11.702893853Z 62 PC: 15a3a | Close file (See above)
2018-12-25T12:00:11.712688275Z 79 PC: 15896 | Find next file (See above)
2018-12-25T12:00:11.716906131Z 61 PC: 159d8 | Open file (See above)
2018-12-25T12:00:11.724264968Z 63 PC: 159e7 | Read file or device (See above)
2018-12-25T12:00:11.737441434Z 66 PC: 159f6 | Move file pointer (See above)
2018-12-25T12:00:11.740297803Z 66 PC: 15a05 | Move file pointer (See above)
2018-12-25T12:00:11.742175149Z 64 PC: 15a11 | Write file or device (See above)
2018-12-25T12:00:11.74546555Z 66 PC: 15a1d | Move file pointer (See above)
2018-12-25T12:00:11.748010269Z 44 PC: 15a21 | Get time (See above)
2018-12-25T12:00:11.750784391Z 64 PC: 15a33 | Write file or device (See above)
2018-12-25T12:00:11.760112659Z 62 PC: 15a3a | Close file (See above)
2018-12-25T12:00:11.769431248Z 79 PC: 15896 | Find next file (See above)
2018-12-25T12:00:11.773069991Z 61 PC: 159d8 | Open file (See above)
2018-12-25T12:00:11.781147462Z 63 PC: 159e7 | Read file or device (See above)
2018-12-25T12:00:11.784259095Z 62 PC: 15a3a | Close file (See above)
2018-12-25T12:00:11.787811856Z 79 PC: 15896 | Find next file (See above)
2018-12-25T12:00:11.791438332Z 59 PC: 158a7 | Change current directory
2018-12-25T12:00:11.796620047Z 26 PC: 158b0 | Set disk transfer address
2018-12-25T12:00:11.799649609Z 9 PC: 158c8 | Display string (String= ' win TEMP=C:\WINDOWS\TEMP �+������� �!�L�!This is a sample! (10.000 bytes)')
2018-12-25T12:00:11.809107003Z 9 PC: 158dd | Display string (String= '*** Free Version of Virus research center v1.0 *** 18687 virus detected ERROR: An Internal Error found, no Data File ! ')
2018-12-25T12:00:11.820583078Z 47 PC: 155e8 | Get disk transfer address
2018-12-25T12:00:11.822972933Z 26 PC: 155f7 | Set disk transfer address
2018-12-25T12:00:11.82475263Z 78 PC: 15673 | Find first file
2018-12-25T12:00:11.831352992Z 67 PC: 156ab | Get or set file attributes
2018-12-25T12:00:11.837780046Z 67 PC: 156bb | Get or set file attributes
2018-12-25T12:00:11.849425565Z 61 PC: 156c5 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:00:11.857066929Z 87 PC: 156d1 | Get or set file date and time
2018-12-25T12:00:11.858822613Z 63 PC: 156e3 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:00:11.866446004Z 66 PC: 156fc | Move file pointer
2018-12-25T12:00:11.867992883Z 64 PC: 1571f | Write file or device (Write 574 bytes on handle 5)
2018-12-25T12:00:11.877798015Z 66 PC: 15731 | Move file pointer
2018-12-25T12:00:11.880928334Z 64 PC: 1573f | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:00:11.884447291Z 87 PC: 15750 | Get or set file date and time
2018-12-25T12:00:11.886425436Z 62 PC: 15754 | Close file
2018-12-25T12:00:11.898827259Z 67 PC: 15761 | Get or set file attributes
2018-12-25T12:00:11.910620846Z 26 PC: 1576b | Set disk transfer address
2018-12-25T12:00:11.913440573Z 25 PC: 154d0 | Get default drive
2018-12-25T12:00:11.916026827Z 71 PC: 154e2 | Get current directory
2018-12-25T12:00:11.919635125Z 47 PC: 154c1 | Get disk transfer address
2018-12-25T12:00:11.921059692Z 26 PC: 153b6 | Set disk transfer address
2018-12-25T12:00:11.923259712Z 78 PC: 153c0 | Find first file
2018-12-25T12:00:11.929868461Z 61 PC: 153fa | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:00:11.937822283Z 66 PC: 15502 | Move file pointer
2018-12-25T12:00:11.942132653Z 63 PC: 15534 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:00:11.945182092Z 67 PC: 15525 | Get or set file attributes
2018-12-25T12:00:11.956158866Z 66 PC: 15502 | Move file pointer (See above)
2018-12-25T12:00:11.958814594Z 64 PC: 15577 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:00:11.961859905Z 66 PC: 154ec | Move file pointer
2018-12-25T12:00:11.963691033Z 64 PC: 155a9 | Write file or device (Write 575 bytes on handle 5)
2018-12-25T12:00:11.973644009Z 87 PC: 1558c | Get or set file date and time
2018-12-25T12:00:11.976039988Z 62 PC: 15590 | Close file
2018-12-25T12:00:11.992349962Z 67 PC: 15510 | Get or set file attributes
2018-12-25T12:00:11.999021412Z 59 PC: 1540b | Change current directory
2018-12-25T12:00:12.004656204Z 26 PC: 15419 | Set disk transfer address
2018-12-25T12:00:12.006389139Z 47 PC: 15172 | Get disk transfer address
2018-12-25T12:00:12.008080305Z 26 PC: 1517e | Set disk transfer address
2018-12-25T12:00:12.01014237Z 78 PC: 151f2 | Find first file
2018-12-25T12:00:12.016927714Z 67 PC: 15228 | Get or set file attributes
2018-12-25T12:00:12.023500581Z 67 PC: 15236 | Get or set file attributes
2018-12-25T12:00:12.037426772Z 61 PC: 1523e | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:00:12.051810671Z 87 PC: 1524a | Get or set file date and time
2018-12-25T12:00:12.05365728Z 44 PC: 15254 | Get time 0x15254: and dh, 7
0x15257: jne 0x15266
0x15259: mov ah, 0x40
0x1525b: mov cx, 0xc
0x1525e: lea dx, word ptr [si + 0x8a]
0x15262: int 0x21
0x15264: jmp 0x152b9
0x15266: mov ah, 0x3f
0x15268: mov cx, 3
0x1526b: lea dx, word ptr [si + 0xa]
0x1526e: int 0x21
0x15270: jb 0x152b9
0x15272: cmp ax, 3
0x15275: jne 0x152b9
0x15277: mov ax, 0x4202
0x1527a: xor cx, cx
0x1527c: xor dx, dx
0x1527e: int 0x21
0x15280: jb 0x152b9
0x15282: mov cx, ax
2018-12-25T12:00:12.057882312Z 63 PC: 15270 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:00:12.06635995Z 66 PC: 15280 | Move file pointer
2018-12-25T12:00:12.06804522Z 64 PC: 1529d | Write file or device (Write 576 bytes on handle 5)
2018-12-25T12:00:12.078591372Z 66 PC: 152ad | Move file pointer
2018-12-25T12:00:12.080684195Z 64 PC: 152b9 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:00:12.084132585Z 87 PC: 152ca | Get or set file date and time
2018-12-25T12:00:12.087790928Z 62 PC: 152ce | Close file
2018-12-25T12:00:12.109994496Z 67 PC: 152d9 | Get or set file attributes
2018-12-25T12:00:12.121064966Z 26 PC: 152e3 | Set disk transfer address
2018-12-25T12:00:12.124381508Z 9 PC: 12a51 | Display string (String= 'This is a sample! (10.000 bytes)')
2018-12-25T12:00:12.127563872Z 76 PC: 12a56 | Terminate with return code (Return code = '0')