Sample viewer

vx.netlux.org/Virus.DOS.Yanush.982

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:41:52.760919885Z 26 PC: 12aa9 | Set disk transfer address
2018-12-17T22:41:52.763653348Z 71 PC: 12ac1 | Get current directory
2018-12-17T22:41:52.767069494Z 59 PC: 12aca | Change current directory
2018-12-17T22:41:52.771626179Z 47 PC: 12bba | Get disk transfer address
2018-12-17T22:41:52.773469985Z 26 PC: 12bc7 | Set disk transfer address
2018-12-17T22:41:52.777371953Z 78 PC: 12bd2 | Find first file
2018-12-17T22:41:52.784112336Z 67 PC: 12bfa | Get or set file attributes
2018-12-17T22:41:52.79038004Z 67 PC: 12c0c | Get or set file attributes
2018-12-17T22:41:52.810151441Z 61 PC: 12c18 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:41:52.817609438Z 87 PC: 12c25 | Get or set file date and time
2018-12-17T22:41:52.819170941Z 63 PC: 12c38 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:41:52.827124018Z 66 PC: 12c74 | Move file pointer
2018-12-17T22:41:52.829184537Z 64 PC: 12c8d | Write file or device (Write 982 bytes on handle 5)
2018-12-17T22:41:52.839087979Z 66 PC: 12c9c | Move file pointer
2018-12-17T22:41:52.841749314Z 64 PC: 12ca7 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:41:52.849923013Z 87 PC: 12cb9 | Get or set file date and time
2018-12-17T22:41:52.852005213Z 67 PC: 12cc7 | Get or set file attributes
2018-12-17T22:41:52.865053293Z 62 PC: 12ccb | Close file
2018-12-17T22:41:52.873606279Z 79 PC: 12bd2 | Find next file
2018-12-17T22:41:52.877184081Z 67 PC: 12bfa | Get or set file attributes
2018-12-17T22:41:52.883602466Z 67 PC: 12c0c | Get or set file attributes
2018-12-17T22:41:52.895679514Z 61 PC: 12c18 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:41:52.908710049Z 87 PC: 12c25 | Get or set file date and time
2018-12-17T22:41:52.91039838Z 63 PC: 12c38 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:41:52.918743866Z 66 PC: 12c74 | Move file pointer
2018-12-17T22:41:52.920782613Z 64 PC: 12c8d | Write file or device (Write 982 bytes on handle 5)
2018-12-17T22:41:52.930047211Z 66 PC: 12c9c | Move file pointer
2018-12-17T22:41:52.932556536Z 64 PC: 12ca7 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:41:52.94081594Z 87 PC: 12cb9 | Get or set file date and time
2018-12-17T22:41:52.943199359Z 67 PC: 12cc7 | Get or set file attributes
2018-12-17T22:41:52.95663428Z 62 PC: 12ccb | Close file
2018-12-17T22:41:52.964678005Z 79 PC: 12bd2 | Find next file
2018-12-17T22:41:52.96778592Z 67 PC: 12bfa | Get or set file attributes
2018-12-17T22:41:52.975344021Z 67 PC: 12c0c | Get or set file attributes
2018-12-17T22:41:52.987373582Z 61 PC: 12c18 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:41:52.995557564Z 87 PC: 12c25 | Get or set file date and time
2018-12-17T22:41:52.998198779Z 63 PC: 12c38 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:41:53.006544261Z 66 PC: 12c74 | Move file pointer
2018-12-17T22:41:53.008550278Z 64 PC: 12c8d | Write file or device (Write 982 bytes on handle 5)
2018-12-17T22:41:53.019630823Z 66 PC: 12c9c | Move file pointer
2018-12-17T22:41:53.021781499Z 64 PC: 12ca7 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:41:53.029064912Z 87 PC: 12cb9 | Get or set file date and time
2018-12-17T22:41:53.03062755Z 67 PC: 12cc7 | Get or set file attributes
2018-12-17T22:41:53.042622072Z 62 PC: 12ccb | Close file
2018-12-17T22:41:53.050776649Z 79 PC: 12bd2 | Find next file
2018-12-17T22:41:53.053830623Z 67 PC: 12bfa | Get or set file attributes
2018-12-17T22:41:53.060946204Z 67 PC: 12c0c | Get or set file attributes
2018-12-17T22:41:53.071659057Z 61 PC: 12c18 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:41:53.078941235Z 87 PC: 12c25 | Get or set file date and time
2018-12-17T22:41:53.081093266Z 63 PC: 12c38 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:41:53.087999308Z 66 PC: 12c74 | Move file pointer
2018-12-17T22:41:53.089941287Z 64 PC: 12c8d | Write file or device (Write 982 bytes on handle 5)
2018-12-17T22:41:53.102248919Z 66 PC: 12c9c | Move file pointer
2018-12-17T22:41:53.103858615Z 64 PC: 12ca7 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:41:53.111067819Z 87 PC: 12cb9 | Get or set file date and time
2018-12-17T22:41:53.113949589Z 67 PC: 12cc7 | Get or set file attributes
2018-12-17T22:41:53.126201404Z 62 PC: 12ccb | Close file
2018-12-17T22:41:53.133817295Z 26 PC: 12bf0 | Set disk transfer address
2018-12-17T22:41:53.135595254Z 59 PC: 12ad5 | Change current directory
2018-12-17T22:41:53.137777256Z 26 PC: 12ade | Set disk transfer address
2018-12-17T22:41:53.139179727Z 42 PC: 12ae2 | Get date 0x12ae2: cmp dh, 6
0x12ae5: je 0x12afa
0x12ae7: nop
0x12ae8: nop
0x12ae9: cmp dh, 9
0x12aec: je 0x12b04
0x12aee: nop
0x12aef: nop
0x12af0: cmp dh, 4
0x12af3: je 0x12b0e
0x12af5: nop
0x12af6: nop
0x12af7: jmp 0x12b52
0x12af9: nop
0x12afa: cmp dl, 2
0x12afd: je 0x12b18
0x12aff: nop
0x12b00: nop
0x12b01: jmp 0x12b52
0x12b03: nop

{"DateBased":true,"Day":3,"Month":9,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7354,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:01:22.321898367Z 26 PC: 12aa9 | Set disk transfer address
2018-12-25T12:01:22.323611507Z 71 PC: 12ac1 | Get current directory
2018-12-25T12:01:22.326361195Z 59 PC: 12aca | Change current directory
2018-12-25T12:01:22.330245006Z 47 PC: 12bba | Get disk transfer address
2018-12-25T12:01:22.331512507Z 26 PC: 12bc7 | Set disk transfer address
2018-12-25T12:01:22.33317963Z 78 PC: 12bd2 | Find first file
2018-12-25T12:01:22.339573228Z 67 PC: 12bfa | Get or set file attributes
2018-12-25T12:01:22.34504914Z 67 PC: 12c0c | Get or set file attributes
2018-12-25T12:01:22.360870041Z 61 PC: 12c18 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:01:22.372001577Z 87 PC: 12c25 | Get or set file date and time
2018-12-25T12:01:22.373338891Z 63 PC: 12c38 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T12:01:22.380401844Z 66 PC: 12c74 | Move file pointer
2018-12-25T12:01:22.381930327Z 64 PC: 12c8d | Write file or device (Write 982 bytes on handle 5)
2018-12-25T12:01:22.387535477Z 66 PC: 12c9c | Move file pointer
2018-12-25T12:01:22.388840352Z 64 PC: 12ca7 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:01:22.392989145Z 87 PC: 12cb9 | Get or set file date and time
2018-12-25T12:01:22.393992027Z 67 PC: 12cc7 | Get or set file attributes
2018-12-25T12:01:22.401464297Z 62 PC: 12ccb | Close file
2018-12-25T12:01:22.4081997Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:22.410316471Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:22.41406137Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:22.423451162Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:22.429751372Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:22.431225668Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:22.437444559Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:22.438958689Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:22.447104799Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:22.448506609Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:22.455034618Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:22.456945317Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:22.463703636Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:22.469923287Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:22.473734733Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:22.479539338Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:22.488814987Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:22.495116076Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:22.496896989Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:22.503192247Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:22.504819658Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:22.513995871Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:22.51568178Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:22.522187761Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:22.524538383Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:22.535460641Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:22.542644108Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:22.546458588Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:22.55197255Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:22.561625298Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:22.569115612Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:22.570887229Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:22.577306039Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:22.580385581Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:22.588598527Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:22.589996668Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:22.597046711Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:22.598623561Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:22.609820517Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:22.616675338Z 26 PC: 12bf0 | Set disk transfer address
2018-12-25T12:01:22.619460248Z 59 PC: 12ad5 | Change current directory
2018-12-25T12:01:22.621118831Z 26 PC: 12ade | Set disk transfer address
2018-12-25T12:01:22.622174061Z 42 PC: 12ae2 | Get date 0x12ae2: cmp dh, 6
0x12ae5: je 0x12afa
0x12ae7: nop
0x12ae8: nop
0x12ae9: cmp dh, 9
0x12aec: je 0x12b04
0x12aee: nop
0x12aef: nop
0x12af0: cmp dh, 4
0x12af3: je 0x12b0e
0x12af5: nop
0x12af6: nop
0x12af7: jmp 0x12b52
0x12af9: nop
0x12afa: cmp dl, 2
0x12afd: je 0x12b18
0x12aff: nop
0x12b00: nop
0x12b01: jmp 0x12b52
0x12b03: nop
2018-12-25T12:01:22.625256892Z 9 PC: 12b33 | Display string (String= 'Relax man ... relax ... ')
2018-12-25T12:01:22.629047224Z 9 PC: 12b3b | Display string (String= '[VivatNadym] v.2.0 [1998] ')
2018-12-25T12:01:22.634107719Z 0 PC: 12b52 | Program terminate

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7354,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:01:22.342641781Z 26 PC: 12aa9 | Set disk transfer address
2018-12-25T12:01:22.344241334Z 71 PC: 12ac1 | Get current directory
2018-12-25T12:01:22.346571958Z 59 PC: 12aca | Change current directory
2018-12-25T12:01:22.349366274Z 47 PC: 12bba | Get disk transfer address
2018-12-25T12:01:22.351741445Z 26 PC: 12bc7 | Set disk transfer address
2018-12-25T12:01:22.353145169Z 78 PC: 12bd2 | Find first file
2018-12-25T12:01:22.357588818Z 67 PC: 12bfa | Get or set file attributes
2018-12-25T12:01:22.361625854Z 67 PC: 12c0c | Get or set file attributes
2018-12-25T12:01:22.373417927Z 61 PC: 12c18 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:01:22.379821198Z 87 PC: 12c25 | Get or set file date and time
2018-12-25T12:01:22.381552808Z 63 PC: 12c38 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T12:01:22.388538815Z 66 PC: 12c74 | Move file pointer
2018-12-25T12:01:22.390213505Z 64 PC: 12c8d | Write file or device (Write 982 bytes on handle 5)
2018-12-25T12:01:22.398772783Z 66 PC: 12c9c | Move file pointer
2018-12-25T12:01:22.400486606Z 64 PC: 12ca7 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:01:22.406980392Z 87 PC: 12cb9 | Get or set file date and time
2018-12-25T12:01:22.408431255Z 67 PC: 12cc7 | Get or set file attributes
2018-12-25T12:01:22.419626466Z 62 PC: 12ccb | Close file
2018-12-25T12:01:22.42678118Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:22.42978246Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:22.438828465Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:22.448378528Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:22.452493081Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:22.454556706Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:22.460835357Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:22.462515737Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:22.471244972Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:22.472498553Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:22.479250456Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:22.481285123Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:22.492095297Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:22.49885755Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:22.502371327Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:22.507880738Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:22.517337327Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:22.524259019Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:22.525760197Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:22.532027934Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:22.534205927Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:22.543314591Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:22.545024459Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:22.552152563Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:22.553981249Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:22.564221006Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:22.570957329Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:22.573522329Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:22.578943093Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:22.588596227Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:22.599864098Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:22.600907895Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:22.605037338Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:22.60735295Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:22.612948611Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:22.613900664Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:22.620231718Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:22.621526546Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:22.631733818Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:22.638665668Z 26 PC: 12bf0 | Set disk transfer address
2018-12-25T12:01:22.639615875Z 59 PC: 12ad5 | Change current directory
2018-12-25T12:01:22.641161533Z 26 PC: 12ade | Set disk transfer address
2018-12-25T12:01:22.642383682Z 42 PC: 12ae2 | Get date 0x12ae2: cmp dh, 6
0x12ae5: je 0x12afa
0x12ae7: nop
0x12ae8: nop
0x12ae9: cmp dh, 9
0x12aec: je 0x12b04
0x12aee: nop
0x12aef: nop
0x12af0: cmp dh, 4
0x12af3: je 0x12b0e
0x12af5: nop
0x12af6: nop
0x12af7: jmp 0x12b52
0x12af9: nop
0x12afa: cmp dl, 2
0x12afd: je 0x12b18
0x12aff: nop
0x12b00: nop
0x12b01: jmp 0x12b52
0x12b03: nop

{"DateBased":true,"Day":1,"Month":4,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7354,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:01:22.731991293Z 26 PC: 12aa9 | Set disk transfer address
2018-12-25T12:01:22.734105815Z 71 PC: 12ac1 | Get current directory
2018-12-25T12:01:22.739825036Z 59 PC: 12aca | Change current directory
2018-12-25T12:01:22.743985538Z 47 PC: 12bba | Get disk transfer address
2018-12-25T12:01:22.745543193Z 26 PC: 12bc7 | Set disk transfer address
2018-12-25T12:01:22.747192103Z 78 PC: 12bd2 | Find first file
2018-12-25T12:01:22.752150446Z 67 PC: 12bfa | Get or set file attributes
2018-12-25T12:01:22.755865851Z 67 PC: 12c0c | Get or set file attributes
2018-12-25T12:01:22.993151856Z 61 PC: 12c18 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:01:23.002024787Z 87 PC: 12c25 | Get or set file date and time
2018-12-25T12:01:23.004063755Z 63 PC: 12c38 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T12:01:23.012894476Z 66 PC: 12c74 | Move file pointer
2018-12-25T12:01:23.015414551Z 64 PC: 12c8d | Write file or device (Write 982 bytes on handle 5)
2018-12-25T12:01:23.026933457Z 66 PC: 12c9c | Move file pointer
2018-12-25T12:01:23.030102311Z 64 PC: 12ca7 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:01:23.037647007Z 87 PC: 12cb9 | Get or set file date and time
2018-12-25T12:01:23.039777611Z 67 PC: 12cc7 | Get or set file attributes
2018-12-25T12:01:23.05359083Z 62 PC: 12ccb | Close file
2018-12-25T12:01:23.062520673Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.065934888Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.072705541Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.084681542Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.093045652Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.094735486Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.102884042Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.105292756Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.114983834Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.118199538Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.126130985Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.128285885Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.141747191Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.150371878Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.154663317Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.161927345Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.173219351Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.181131591Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.18337659Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.191773747Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.194086993Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.204270393Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.206813578Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.214486083Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.216497132Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.23054177Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.238617351Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.242000767Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.249790887Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.265826879Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.273938226Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.276380018Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.284515298Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.28683213Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.297299262Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.299696395Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.307460512Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.309639701Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.322590069Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.330678596Z 26 PC: 12bf0 | Set disk transfer address
2018-12-25T12:01:23.33240588Z 59 PC: 12ad5 | Change current directory
2018-12-25T12:01:23.335973249Z 26 PC: 12ade | Set disk transfer address
2018-12-25T12:01:23.337648333Z 42 PC: 12ae2 | Get date 0x12ae2: cmp dh, 6
0x12ae5: je 0x12afa
0x12ae7: nop
0x12ae8: nop
0x12ae9: cmp dh, 9
0x12aec: je 0x12b04
0x12aee: nop
0x12aef: nop
0x12af0: cmp dh, 4
0x12af3: je 0x12b0e
0x12af5: nop
0x12af6: nop
0x12af7: jmp 0x12b52
0x12af9: nop
0x12afa: cmp dl, 2
0x12afd: je 0x12b18
0x12aff: nop
0x12b00: nop
0x12b01: jmp 0x12b52
0x12b03: nop
2018-12-25T12:01:23.340500087Z 9 PC: 12b46 | Display string (String= 'Hello, Welcome to the Psychiatric Hotline. ')
2018-12-25T12:01:23.347907634Z 9 PC: 12b4e | Display string (String= '[VivatNadym] v.2.0 [1998] ')
2018-12-25T12:01:23.354152335Z 0 PC: 12b52 | Program terminate

{"DateBased":true,"Day":2,"Month":4,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7354,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:01:22.796420356Z 26 PC: 12aa9 | Set disk transfer address
2018-12-25T12:01:22.798569592Z 71 PC: 12ac1 | Get current directory
2018-12-25T12:01:22.802818419Z 59 PC: 12aca | Change current directory
2018-12-25T12:01:22.807307454Z 47 PC: 12bba | Get disk transfer address
2018-12-25T12:01:22.808682415Z 26 PC: 12bc7 | Set disk transfer address
2018-12-25T12:01:22.811869022Z 78 PC: 12bd2 | Find first file
2018-12-25T12:01:22.81882785Z 67 PC: 12bfa | Get or set file attributes
2018-12-25T12:01:22.825152104Z 67 PC: 12c0c | Get or set file attributes
2018-12-25T12:01:22.993171834Z 61 PC: 12c18 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:01:23.002279181Z 87 PC: 12c25 | Get or set file date and time
2018-12-25T12:01:23.004187904Z 63 PC: 12c38 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T12:01:23.012999145Z 66 PC: 12c74 | Move file pointer
2018-12-25T12:01:23.016389011Z 64 PC: 12c8d | Write file or device (Write 982 bytes on handle 5)
2018-12-25T12:01:23.026261123Z 66 PC: 12c9c | Move file pointer
2018-12-25T12:01:23.028138908Z 64 PC: 12ca7 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:01:23.03623708Z 87 PC: 12cb9 | Get or set file date and time
2018-12-25T12:01:23.038362256Z 67 PC: 12cc7 | Get or set file attributes
2018-12-25T12:01:23.050892929Z 62 PC: 12ccb | Close file
2018-12-25T12:01:23.059611234Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.063805016Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.070269367Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.082280837Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.090141158Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.092628297Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.101406952Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.104224274Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.114049223Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.116980021Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.125025812Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.127988033Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.140659738Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.150039504Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.153543598Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.160804518Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.170788859Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.178222285Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.180068781Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.188538257Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.191760773Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.202134528Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.205001333Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.213077998Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.21520106Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.228377467Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.237025708Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.240930323Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.247675751Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.260713363Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.269720721Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.271773424Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.280581054Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.282929597Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.292643205Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.295078067Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.302472075Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.304260417Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.316944478Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.32701382Z 26 PC: 12bf0 | Set disk transfer address
2018-12-25T12:01:23.328732033Z 59 PC: 12ad5 | Change current directory
2018-12-25T12:01:23.331134684Z 26 PC: 12ade | Set disk transfer address
2018-12-25T12:01:23.333233684Z 42 PC: 12ae2 | Get date 0x12ae2: cmp dh, 6
0x12ae5: je 0x12afa
0x12ae7: nop
0x12ae8: nop
0x12ae9: cmp dh, 9
0x12aec: je 0x12b04
0x12aee: nop
0x12aef: nop
0x12af0: cmp dh, 4
0x12af3: je 0x12b0e
0x12af5: nop
0x12af6: nop
0x12af7: jmp 0x12b52
0x12af9: nop
0x12afa: cmp dl, 2
0x12afd: je 0x12b18
0x12aff: nop
0x12b00: nop
0x12b01: jmp 0x12b52
0x12b03: nop

{"DateBased":true,"Day":1,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7354,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:01:22.892419178Z 26 PC: 12aa9 | Set disk transfer address
2018-12-25T12:01:22.89461724Z 71 PC: 12ac1 | Get current directory
2018-12-25T12:01:22.898122621Z 59 PC: 12aca | Change current directory
2018-12-25T12:01:22.903293495Z 47 PC: 12bba | Get disk transfer address
2018-12-25T12:01:22.905055984Z 26 PC: 12bc7 | Set disk transfer address
2018-12-25T12:01:22.906897096Z 78 PC: 12bd2 | Find first file
2018-12-25T12:01:22.914111185Z 67 PC: 12bfa | Get or set file attributes
2018-12-25T12:01:22.920891149Z 67 PC: 12c0c | Get or set file attributes
2018-12-25T12:01:23.00145955Z 61 PC: 12c18 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:01:23.009074081Z 87 PC: 12c25 | Get or set file date and time
2018-12-25T12:01:23.010974117Z 63 PC: 12c38 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T12:01:23.019210004Z 66 PC: 12c74 | Move file pointer
2018-12-25T12:01:23.021304253Z 64 PC: 12c8d | Write file or device (Write 982 bytes on handle 5)
2018-12-25T12:01:23.031128022Z 66 PC: 12c9c | Move file pointer
2018-12-25T12:01:23.033769796Z 64 PC: 12ca7 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:01:23.041409791Z 87 PC: 12cb9 | Get or set file date and time
2018-12-25T12:01:23.043523826Z 67 PC: 12cc7 | Get or set file attributes
2018-12-25T12:01:23.05733299Z 62 PC: 12ccb | Close file
2018-12-25T12:01:23.065164037Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.068584753Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.076458988Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.088221005Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.111658836Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.113714879Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.122608707Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.124409482Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.133489014Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.136056105Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.143696215Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.145772349Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.161293257Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.169512082Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.172969276Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.180314605Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.191980299Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.200262249Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.214717399Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.222387397Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.224809425Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.235114369Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.238007838Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.245698596Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.247805824Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.261302469Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.269775868Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.27310786Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.280822317Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.292612894Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.300459614Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.303368824Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.311271667Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.313652068Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.323787998Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.326708288Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.334719603Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.336875054Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.35058572Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.358445788Z 26 PC: 12bf0 | Set disk transfer address
2018-12-25T12:01:23.359799214Z 59 PC: 12ad5 | Change current directory
2018-12-25T12:01:23.362758732Z 26 PC: 12ade | Set disk transfer address
2018-12-25T12:01:23.364408151Z 42 PC: 12ae2 | Get date 0x12ae2: cmp dh, 6
0x12ae5: je 0x12afa
0x12ae7: nop
0x12ae8: nop
0x12ae9: cmp dh, 9
0x12aec: je 0x12b04
0x12aee: nop
0x12aef: nop
0x12af0: cmp dh, 4
0x12af3: je 0x12b0e
0x12af5: nop
0x12af6: nop
0x12af7: jmp 0x12b52
0x12af9: nop
0x12afa: cmp dl, 2
0x12afd: je 0x12b18
0x12aff: nop
0x12b00: nop
0x12b01: jmp 0x12b52
0x12b03: nop

{"DateBased":true,"Day":2,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7354,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:01:22.909955255Z 26 PC: 12aa9 | Set disk transfer address
2018-12-25T12:01:22.91210375Z 71 PC: 12ac1 | Get current directory
2018-12-25T12:01:22.915284447Z 59 PC: 12aca | Change current directory
2018-12-25T12:01:22.919567353Z 47 PC: 12bba | Get disk transfer address
2018-12-25T12:01:22.921946876Z 26 PC: 12bc7 | Set disk transfer address
2018-12-25T12:01:22.923251283Z 78 PC: 12bd2 | Find first file
2018-12-25T12:01:22.928948759Z 67 PC: 12bfa | Get or set file attributes
2018-12-25T12:01:22.934720791Z 67 PC: 12c0c | Get or set file attributes
2018-12-25T12:01:22.950231863Z 61 PC: 12c18 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:01:22.956603013Z 87 PC: 12c25 | Get or set file date and time
2018-12-25T12:01:22.957932952Z 63 PC: 12c38 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T12:01:22.965569991Z 66 PC: 12c74 | Move file pointer
2018-12-25T12:01:22.967499909Z 64 PC: 12c8d | Write file or device (Write 982 bytes on handle 5)
2018-12-25T12:01:22.976341825Z 66 PC: 12c9c | Move file pointer
2018-12-25T12:01:22.979156942Z 64 PC: 12ca7 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:01:22.986311074Z 87 PC: 12cb9 | Get or set file date and time
2018-12-25T12:01:22.988061508Z 67 PC: 12cc7 | Get or set file attributes
2018-12-25T12:01:22.998128274Z 62 PC: 12ccb | Close file
2018-12-25T12:01:23.00945097Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.012102018Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.018540862Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.028087937Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.039000065Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.040985146Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.047736278Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.049390755Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.058239687Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.059975704Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.066583196Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.069415337Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.079793524Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.086912279Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.089798797Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.0974863Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.107679504Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.115162113Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.120420775Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.126903431Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.128892594Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.138172271Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.139871356Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.146570035Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.14901584Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.164395873Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.182812762Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.186875218Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.192718547Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.202480001Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.209818478Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.211279929Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.218154725Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.223558449Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.247009913Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.249195944Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.256493179Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.257994216Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.271964933Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.279247322Z 26 PC: 12bf0 | Set disk transfer address
2018-12-25T12:01:23.280336316Z 59 PC: 12ad5 | Change current directory
2018-12-25T12:01:23.282145107Z 26 PC: 12ade | Set disk transfer address
2018-12-25T12:01:23.283983582Z 42 PC: 12ae2 | Get date 0x12ae2: cmp dh, 6
0x12ae5: je 0x12afa
0x12ae7: nop
0x12ae8: nop
0x12ae9: cmp dh, 9
0x12aec: je 0x12b04
0x12aee: nop
0x12aef: nop
0x12af0: cmp dh, 4
0x12af3: je 0x12b0e
0x12af5: nop
0x12af6: nop
0x12af7: jmp 0x12b52
0x12af9: nop
0x12afa: cmp dl, 2
0x12afd: je 0x12b18
0x12aff: nop
0x12b00: nop
0x12b01: jmp 0x12b52
0x12b03: nop
2018-12-25T12:01:23.286120157Z 9 PC: 12b20 | Display string (String= 'Thanks to Yana Diagileva for their songs Thanks to Shunya for their love and hate And Thanks You Stupid User for using our virus ')
2018-12-25T12:01:23.29443979Z 9 PC: 12b28 | Display string (String= '[VivatNadym] v.2.0 [1998] ')
2018-12-25T12:01:23.29925033Z 0 PC: 12b52 | Program terminate

{"DateBased":true,"Day":1,"Month":9,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7354,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:01:22.943670543Z 26 PC: 12aa9 | Set disk transfer address
2018-12-25T12:01:22.946061509Z 71 PC: 12ac1 | Get current directory
2018-12-25T12:01:22.948141574Z 59 PC: 12aca | Change current directory
2018-12-25T12:01:22.950903024Z 47 PC: 12bba | Get disk transfer address
2018-12-25T12:01:22.952046119Z 26 PC: 12bc7 | Set disk transfer address
2018-12-25T12:01:22.953401897Z 78 PC: 12bd2 | Find first file
2018-12-25T12:01:22.957788049Z 67 PC: 12bfa | Get or set file attributes
2018-12-25T12:01:22.961464049Z 67 PC: 12c0c | Get or set file attributes
2018-12-25T12:01:22.973820326Z 61 PC: 12c18 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:01:22.992601213Z 87 PC: 12c25 | Get or set file date and time
2018-12-25T12:01:22.9938488Z 63 PC: 12c38 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T12:01:23.000606283Z 66 PC: 12c74 | Move file pointer
2018-12-25T12:01:23.002261666Z 64 PC: 12c8d | Write file or device (Write 982 bytes on handle 5)
2018-12-25T12:01:23.01084073Z 66 PC: 12c9c | Move file pointer
2018-12-25T12:01:23.013708247Z 64 PC: 12ca7 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:01:23.020335465Z 87 PC: 12cb9 | Get or set file date and time
2018-12-25T12:01:23.021680667Z 67 PC: 12cc7 | Get or set file attributes
2018-12-25T12:01:23.046589695Z 62 PC: 12ccb | Close file
2018-12-25T12:01:23.053375527Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.056303205Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.066927505Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.077455221Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.088661737Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.091364753Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.09869677Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.100512299Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.11531616Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.1298377Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.136551252Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.138197549Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.148712212Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.156878104Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.159462898Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.165877165Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.175837087Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.182323605Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.185046657Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.191677839Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.193650698Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.202957991Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.204295974Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.210664494Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.21270436Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.223334452Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.238055655Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.242629127Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.251053967Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.261359384Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.26906528Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.2705757Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.276943525Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.279496125Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.28774599Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.289433499Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.296894215Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.298876871Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.309917271Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.31706598Z 26 PC: 12bf0 | Set disk transfer address
2018-12-25T12:01:23.318968407Z 59 PC: 12ad5 | Change current directory
2018-12-25T12:01:23.320976595Z 26 PC: 12ade | Set disk transfer address
2018-12-25T12:01:23.322402577Z 42 PC: 12ae2 | Get date 0x12ae2: cmp dh, 6
0x12ae5: je 0x12afa
0x12ae7: nop
0x12ae8: nop
0x12ae9: cmp dh, 9
0x12aec: je 0x12b04
0x12aee: nop
0x12aef: nop
0x12af0: cmp dh, 4
0x12af3: je 0x12b0e
0x12af5: nop
0x12af6: nop
0x12af7: jmp 0x12b52
0x12af9: nop
0x12afa: cmp dl, 2
0x12afd: je 0x12b18
0x12aff: nop
0x12b00: nop
0x12b01: jmp 0x12b52
0x12b03: nop

{"DateBased":true,"Day":2,"Month":4,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7354,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:01:22.953948174Z 26 PC: 12aa9 | Set disk transfer address
2018-12-25T12:01:22.956056782Z 71 PC: 12ac1 | Get current directory
2018-12-25T12:01:22.95899055Z 59 PC: 12aca | Change current directory
2018-12-25T12:01:22.963158091Z 47 PC: 12bba | Get disk transfer address
2018-12-25T12:01:22.965077043Z 26 PC: 12bc7 | Set disk transfer address
2018-12-25T12:01:22.966221629Z 78 PC: 12bd2 | Find first file
2018-12-25T12:01:22.97212558Z 67 PC: 12bfa | Get or set file attributes
2018-12-25T12:01:22.978788783Z 67 PC: 12c0c | Get or set file attributes
2018-12-25T12:01:22.994549133Z 61 PC: 12c18 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:01:23.001638771Z 87 PC: 12c25 | Get or set file date and time
2018-12-25T12:01:23.003591036Z 63 PC: 12c38 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T12:01:23.012244215Z 66 PC: 12c74 | Move file pointer
2018-12-25T12:01:23.014258197Z 64 PC: 12c8d | Write file or device (Write 982 bytes on handle 5)
2018-12-25T12:01:23.023387936Z 66 PC: 12c9c | Move file pointer
2018-12-25T12:01:23.025041673Z 64 PC: 12ca7 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:01:23.029400138Z 87 PC: 12cb9 | Get or set file date and time
2018-12-25T12:01:23.030498415Z 67 PC: 12cc7 | Get or set file attributes
2018-12-25T12:01:23.04426501Z 62 PC: 12ccb | Close file
2018-12-25T12:01:23.051538441Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.054186058Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.06049892Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.070150454Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.081220684Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.083760575Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.090350512Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.09195028Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.101335073Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.103116972Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.109765867Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.112483103Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.123182697Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.130185533Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.133285845Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.141384481Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.156371874Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.163563332Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.165711475Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.171915927Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.173496389Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.182405628Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.183814298Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.190290599Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.192769206Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.203254875Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.210317112Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.213841308Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.21973839Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.229875126Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.237017967Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.238684065Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.245000642Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.24813007Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.256836137Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.258334299Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.266002899Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.267566222Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.278596553Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.287376093Z 26 PC: 12bf0 | Set disk transfer address
2018-12-25T12:01:23.289026003Z 59 PC: 12ad5 | Change current directory
2018-12-25T12:01:23.291853423Z 26 PC: 12ade | Set disk transfer address
2018-12-25T12:01:23.293939609Z 42 PC: 12ae2 | Get date 0x12ae2: cmp dh, 6
0x12ae5: je 0x12afa
0x12ae7: nop
0x12ae8: nop
0x12ae9: cmp dh, 9
0x12aec: je 0x12b04
0x12aee: nop
0x12aef: nop
0x12af0: cmp dh, 4
0x12af3: je 0x12b0e
0x12af5: nop
0x12af6: nop
0x12af7: jmp 0x12b52
0x12af9: nop
0x12afa: cmp dl, 2
0x12afd: je 0x12b18
0x12aff: nop
0x12b00: nop
0x12b01: jmp 0x12b52
0x12b03: nop

{"DateBased":true,"Day":1,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7354,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:01:23.114553055Z 26 PC: 12aa9 | Set disk transfer address
2018-12-25T12:01:23.116423497Z 71 PC: 12ac1 | Get current directory
2018-12-25T12:01:23.120053841Z 59 PC: 12aca | Change current directory
2018-12-25T12:01:23.12430872Z 47 PC: 12bba | Get disk transfer address
2018-12-25T12:01:23.126455682Z 26 PC: 12bc7 | Set disk transfer address
2018-12-25T12:01:23.127780622Z 78 PC: 12bd2 | Find first file
2018-12-25T12:01:23.13381933Z 67 PC: 12bfa | Get or set file attributes
2018-12-25T12:01:23.140877293Z 67 PC: 12c0c | Get or set file attributes
2018-12-25T12:01:23.157262514Z 61 PC: 12c18 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:01:23.163760466Z 87 PC: 12c25 | Get or set file date and time
2018-12-25T12:01:23.164946369Z 63 PC: 12c38 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T12:01:23.16916371Z 66 PC: 12c74 | Move file pointer
2018-12-25T12:01:23.170339132Z 64 PC: 12c8d | Write file or device (Write 982 bytes on handle 5)
2018-12-25T12:01:23.176090652Z 66 PC: 12c9c | Move file pointer
2018-12-25T12:01:23.182788794Z 64 PC: 12ca7 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:01:23.188348595Z 87 PC: 12cb9 | Get or set file date and time
2018-12-25T12:01:23.190447325Z 67 PC: 12cc7 | Get or set file attributes
2018-12-25T12:01:23.202206254Z 62 PC: 12ccb | Close file
2018-12-25T12:01:23.209544662Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.21262736Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.219166244Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.228928028Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.235728464Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.237876972Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.244253677Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.246008725Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.255079999Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.256979463Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.264049177Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.266741469Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.277421155Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.284638177Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.287918636Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.293755013Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.303610365Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.315548545Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.318305036Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.325283404Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.327272709Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.33902249Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.340688203Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.347302379Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.349847092Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.358797855Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.36500312Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.367551722Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.372050548Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.378464788Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.386341754Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.387339505Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.391947953Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.394154669Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.399307616Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.400572324Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.421590051Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.4229177Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.433300685Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.440238119Z 26 PC: 12bf0 | Set disk transfer address
2018-12-25T12:01:23.442740495Z 59 PC: 12ad5 | Change current directory
2018-12-25T12:01:23.444599566Z 26 PC: 12ade | Set disk transfer address
2018-12-25T12:01:23.445834691Z 42 PC: 12ae2 | Get date 0x12ae2: cmp dh, 6
0x12ae5: je 0x12afa
0x12ae7: nop
0x12ae8: nop
0x12ae9: cmp dh, 9
0x12aec: je 0x12b04
0x12aee: nop
0x12aef: nop
0x12af0: cmp dh, 4
0x12af3: je 0x12b0e
0x12af5: nop
0x12af6: nop
0x12af7: jmp 0x12b52
0x12af9: nop
0x12afa: cmp dl, 2
0x12afd: je 0x12b18
0x12aff: nop
0x12b00: nop
0x12b01: jmp 0x12b52
0x12b03: nop

{"DateBased":true,"Day":2,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7354,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:01:23.229704339Z 26 PC: 12aa9 | Set disk transfer address
2018-12-25T12:01:23.231924794Z 71 PC: 12ac1 | Get current directory
2018-12-25T12:01:23.235403788Z 59 PC: 12aca | Change current directory
2018-12-25T12:01:23.239610954Z 47 PC: 12bba | Get disk transfer address
2018-12-25T12:01:23.241803521Z 26 PC: 12bc7 | Set disk transfer address
2018-12-25T12:01:23.242892355Z 78 PC: 12bd2 | Find first file
2018-12-25T12:01:23.248697187Z 67 PC: 12bfa | Get or set file attributes
2018-12-25T12:01:23.256304094Z 67 PC: 12c0c | Get or set file attributes
2018-12-25T12:01:23.2764523Z 61 PC: 12c18 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:01:23.283083281Z 87 PC: 12c25 | Get or set file date and time
2018-12-25T12:01:23.284751691Z 63 PC: 12c38 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T12:01:23.292121242Z 66 PC: 12c74 | Move file pointer
2018-12-25T12:01:23.294458803Z 64 PC: 12c8d | Write file or device (Write 982 bytes on handle 5)
2018-12-25T12:01:23.303993901Z 66 PC: 12c9c | Move file pointer
2018-12-25T12:01:23.306746602Z 64 PC: 12ca7 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:01:23.313480987Z 87 PC: 12cb9 | Get or set file date and time
2018-12-25T12:01:23.315245892Z 67 PC: 12cc7 | Get or set file attributes
2018-12-25T12:01:23.327080301Z 62 PC: 12ccb | Close file
2018-12-25T12:01:23.338789884Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.341703678Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.348727887Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.358392081Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.371330346Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.373253916Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.380104753Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.381766998Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.390429007Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.392189787Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.398814176Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.400909156Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.411223921Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.417853198Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.420918626Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.426560512Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.436157368Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.443668741Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.445176763Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.451987183Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.454153974Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.462438009Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.463660547Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.470304936Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.472072777Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.48227181Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.489726863Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.492605979Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.498347069Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.508506905Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.515549991Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.51720588Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.523734026Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.526757283Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.535567113Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.53718748Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.544947728Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.546739463Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.557370502Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.565608109Z 26 PC: 12bf0 | Set disk transfer address
2018-12-25T12:01:23.566697408Z 59 PC: 12ad5 | Change current directory
2018-12-25T12:01:23.568578183Z 26 PC: 12ade | Set disk transfer address
2018-12-25T12:01:23.571249849Z 42 PC: 12ae2 | Get date 0x12ae2: cmp dh, 6
0x12ae5: je 0x12afa
0x12ae7: nop
0x12ae8: nop
0x12ae9: cmp dh, 9
0x12aec: je 0x12b04
0x12aee: nop
0x12aef: nop
0x12af0: cmp dh, 4
0x12af3: je 0x12b0e
0x12af5: nop
0x12af6: nop
0x12af7: jmp 0x12b52
0x12af9: nop
0x12afa: cmp dl, 2
0x12afd: je 0x12b18
0x12aff: nop
0x12b00: nop
0x12b01: jmp 0x12b52
0x12b03: nop
2018-12-25T12:01:23.574117816Z 9 PC: 12b20 | Display string (String= 'Thanks to Yana Diagileva for their songs Thanks to Shunya for their love and hate And Thanks You Stupid User for using our virus ')
2018-12-25T12:01:23.582308952Z 9 PC: 12b28 | Display string (String= '[VivatNadym] v.2.0 [1998] ')
2018-12-25T12:01:23.586844555Z 0 PC: 12b52 | Program terminate

{"DateBased":true,"Day":1,"Month":9,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7354,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:01:23.253826592Z 26 PC: 12aa9 | Set disk transfer address
2018-12-25T12:01:23.256092267Z 71 PC: 12ac1 | Get current directory
2018-12-25T12:01:23.260119283Z 59 PC: 12aca | Change current directory
2018-12-25T12:01:23.26435247Z 47 PC: 12bba | Get disk transfer address
2018-12-25T12:01:23.266086653Z 26 PC: 12bc7 | Set disk transfer address
2018-12-25T12:01:23.2687777Z 78 PC: 12bd2 | Find first file
2018-12-25T12:01:23.275037802Z 67 PC: 12bfa | Get or set file attributes
2018-12-25T12:01:23.280906272Z 67 PC: 12c0c | Get or set file attributes
2018-12-25T12:01:23.296375153Z 61 PC: 12c18 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:01:23.303012847Z 87 PC: 12c25 | Get or set file date and time
2018-12-25T12:01:23.304211142Z 63 PC: 12c38 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T12:01:23.310046244Z 66 PC: 12c74 | Move file pointer
2018-12-25T12:01:23.311897902Z 64 PC: 12c8d | Write file or device (Write 982 bytes on handle 5)
2018-12-25T12:01:23.320499467Z 66 PC: 12c9c | Move file pointer
2018-12-25T12:01:23.328553574Z 64 PC: 12ca7 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:01:23.33498986Z 87 PC: 12cb9 | Get or set file date and time
2018-12-25T12:01:23.336690859Z 67 PC: 12cc7 | Get or set file attributes
2018-12-25T12:01:23.34967767Z 62 PC: 12ccb | Close file
2018-12-25T12:01:23.356608257Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.359501718Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.365772785Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.375483942Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.381953441Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.383519395Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.390041613Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.391955915Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.400395619Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.402270791Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.409001441Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.410768218Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.427669504Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.434268552Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.44148795Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.44708224Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.456471344Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.467658829Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.469588449Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.476512043Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.478112751Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.486531614Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.487826459Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.494338528Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.497198968Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.507522636Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.5142707Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.517838295Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.523706602Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.533536036Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.546312953Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.548172883Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.554711508Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.55686539Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.575570576Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.577186541Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.584039537Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.586329074Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.597271511Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.604540104Z 26 PC: 12bf0 | Set disk transfer address
2018-12-25T12:01:23.606450335Z 59 PC: 12ad5 | Change current directory
2018-12-25T12:01:23.608259115Z 26 PC: 12ade | Set disk transfer address
2018-12-25T12:01:23.609422403Z 42 PC: 12ae2 | Get date 0x12ae2: cmp dh, 6
0x12ae5: je 0x12afa
0x12ae7: nop
0x12ae8: nop
0x12ae9: cmp dh, 9
0x12aec: je 0x12b04
0x12aee: nop
0x12aef: nop
0x12af0: cmp dh, 4
0x12af3: je 0x12b0e
0x12af5: nop
0x12af6: nop
0x12af7: jmp 0x12b52
0x12af9: nop
0x12afa: cmp dl, 2
0x12afd: je 0x12b18
0x12aff: nop
0x12b00: nop
0x12b01: jmp 0x12b52
0x12b03: nop

{"DateBased":true,"Day":3,"Month":9,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7354,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:01:23.29889584Z 26 PC: 12aa9 | Set disk transfer address
2018-12-25T12:01:23.301440537Z 71 PC: 12ac1 | Get current directory
2018-12-25T12:01:23.304615088Z 59 PC: 12aca | Change current directory
2018-12-25T12:01:23.309105527Z 47 PC: 12bba | Get disk transfer address
2018-12-25T12:01:23.31085149Z 26 PC: 12bc7 | Set disk transfer address
2018-12-25T12:01:23.312188536Z 78 PC: 12bd2 | Find first file
2018-12-25T12:01:23.318049898Z 67 PC: 12bfa | Get or set file attributes
2018-12-25T12:01:23.323772004Z 67 PC: 12c0c | Get or set file attributes
2018-12-25T12:01:23.338990048Z 61 PC: 12c18 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:01:23.346434432Z 87 PC: 12c25 | Get or set file date and time
2018-12-25T12:01:23.348125027Z 63 PC: 12c38 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T12:01:23.355220394Z 66 PC: 12c74 | Move file pointer
2018-12-25T12:01:23.356956426Z 64 PC: 12c8d | Write file or device (Write 982 bytes on handle 5)
2018-12-25T12:01:23.365843074Z 66 PC: 12c9c | Move file pointer
2018-12-25T12:01:23.368212304Z 64 PC: 12ca7 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:01:23.374983994Z 87 PC: 12cb9 | Get or set file date and time
2018-12-25T12:01:23.37678637Z 67 PC: 12cc7 | Get or set file attributes
2018-12-25T12:01:23.38824308Z 62 PC: 12ccb | Close file
2018-12-25T12:01:23.395388595Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.39832845Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.405117486Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.414890646Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.427579191Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.429987484Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.436615083Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.43842899Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.447521197Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.449165878Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.455799359Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.457761165Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.469061361Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.488482479Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.492294528Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.498988188Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.513630333Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.523524892Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.526166115Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.532487942Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.534046051Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.54331463Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.544711534Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.551046339Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.553389135Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.565381333Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.572308811Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.575845189Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.58135576Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.591295293Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.59868487Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.600291798Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.606811484Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.608913784Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.617672073Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.619040601Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.625972158Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.628334317Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.638803836Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.645865071Z 26 PC: 12bf0 | Set disk transfer address
2018-12-25T12:01:23.647572122Z 59 PC: 12ad5 | Change current directory
2018-12-25T12:01:23.64941026Z 26 PC: 12ade | Set disk transfer address
2018-12-25T12:01:23.650765164Z 42 PC: 12ae2 | Get date 0x12ae2: cmp dh, 6
0x12ae5: je 0x12afa
0x12ae7: nop
0x12ae8: nop
0x12ae9: cmp dh, 9
0x12aec: je 0x12b04
0x12aee: nop
0x12aef: nop
0x12af0: cmp dh, 4
0x12af3: je 0x12b0e
0x12af5: nop
0x12af6: nop
0x12af7: jmp 0x12b52
0x12af9: nop
0x12afa: cmp dl, 2
0x12afd: je 0x12b18
0x12aff: nop
0x12b00: nop
0x12b01: jmp 0x12b52
0x12b03: nop
2018-12-25T12:01:23.653472Z 9 PC: 12b33 | Display string (String= 'Relax man ... relax ... ')
2018-12-25T12:01:23.657210247Z 9 PC: 12b3b | Display string (String= '[VivatNadym] v.2.0 [1998] ')
2018-12-25T12:01:23.662315612Z 0 PC: 12b52 | Program terminate

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7354,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:01:23.32352104Z 26 PC: 12aa9 | Set disk transfer address
2018-12-25T12:01:23.325825241Z 71 PC: 12ac1 | Get current directory
2018-12-25T12:01:23.329695995Z 59 PC: 12aca | Change current directory
2018-12-25T12:01:23.335259223Z 47 PC: 12bba | Get disk transfer address
2018-12-25T12:01:23.336986209Z 26 PC: 12bc7 | Set disk transfer address
2018-12-25T12:01:23.340798133Z 78 PC: 12bd2 | Find first file
2018-12-25T12:01:23.348781144Z 67 PC: 12bfa | Get or set file attributes
2018-12-25T12:01:23.35609917Z 67 PC: 12c0c | Get or set file attributes
2018-12-25T12:01:23.375814426Z 61 PC: 12c18 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:01:23.389357019Z 87 PC: 12c25 | Get or set file date and time
2018-12-25T12:01:23.39112233Z 63 PC: 12c38 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T12:01:23.399936542Z 66 PC: 12c74 | Move file pointer
2018-12-25T12:01:23.401221381Z 64 PC: 12c8d | Write file or device (Write 982 bytes on handle 5)
2018-12-25T12:01:23.407838546Z 66 PC: 12c9c | Move file pointer
2018-12-25T12:01:23.409544018Z 64 PC: 12ca7 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:01:23.414136993Z 87 PC: 12cb9 | Get or set file date and time
2018-12-25T12:01:23.415377573Z 67 PC: 12cc7 | Get or set file attributes
2018-12-25T12:01:23.423091779Z 62 PC: 12ccb | Close file
2018-12-25T12:01:23.428790897Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.430897535Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.435449062Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.444160085Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.452458877Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.453742586Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.459643568Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.461263369Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.467298186Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.476838126Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.484789625Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.487016461Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.50421577Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.512956358Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.51638189Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.523976135Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.538463119Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.54635901Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.54860534Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.557396955Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.559675816Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.569608584Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.572542657Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.580240321Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.58228733Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.595263255Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.604142579Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.607497684Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.614896733Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.626284368Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.634065817Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.63629148Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.645832641Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.648311872Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.659052892Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.661963833Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.670086795Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.672234876Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.68810867Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.696457727Z 26 PC: 12bf0 | Set disk transfer address
2018-12-25T12:01:23.698116415Z 59 PC: 12ad5 | Change current directory
2018-12-25T12:01:23.701214774Z 26 PC: 12ade | Set disk transfer address
2018-12-25T12:01:23.703153868Z 42 PC: 12ae2 | Get date 0x12ae2: cmp dh, 6
0x12ae5: je 0x12afa
0x12ae7: nop
0x12ae8: nop
0x12ae9: cmp dh, 9
0x12aec: je 0x12b04
0x12aee: nop
0x12aef: nop
0x12af0: cmp dh, 4
0x12af3: je 0x12b0e
0x12af5: nop
0x12af6: nop
0x12af7: jmp 0x12b52
0x12af9: nop
0x12afa: cmp dl, 2
0x12afd: je 0x12b18
0x12aff: nop
0x12b00: nop
0x12b01: jmp 0x12b52
0x12b03: nop

{"DateBased":true,"Day":1,"Month":4,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7354,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:01:23.413359468Z 26 PC: 12aa9 | Set disk transfer address
2018-12-25T12:01:23.415097852Z 71 PC: 12ac1 | Get current directory
2018-12-25T12:01:23.419511221Z 59 PC: 12aca | Change current directory
2018-12-25T12:01:23.424689971Z 47 PC: 12bba | Get disk transfer address
2018-12-25T12:01:23.426569961Z 26 PC: 12bc7 | Set disk transfer address
2018-12-25T12:01:23.448163482Z 78 PC: 12bd2 | Find first file
2018-12-25T12:01:23.460540556Z 67 PC: 12bfa | Get or set file attributes
2018-12-25T12:01:23.467582263Z 67 PC: 12c0c | Get or set file attributes
2018-12-25T12:01:23.498371994Z 61 PC: 12c18 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:01:23.506581496Z 87 PC: 12c25 | Get or set file date and time
2018-12-25T12:01:23.508290692Z 63 PC: 12c38 | Read file or device (Read 5 bytes on handle 5)
2018-12-25T12:01:23.515581481Z 66 PC: 12c74 | Move file pointer
2018-12-25T12:01:23.517654044Z 64 PC: 12c8d | Write file or device (Write 982 bytes on handle 5)
2018-12-25T12:01:23.527422173Z 66 PC: 12c9c | Move file pointer
2018-12-25T12:01:23.529064071Z 64 PC: 12ca7 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:01:23.536557205Z 87 PC: 12cb9 | Get or set file date and time
2018-12-25T12:01:23.538144179Z 67 PC: 12cc7 | Get or set file attributes
2018-12-25T12:01:23.550283239Z 62 PC: 12ccb | Close file
2018-12-25T12:01:23.558328219Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.561179336Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.567548116Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.579058755Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.586440175Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.587835157Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.595366986Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.597311285Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.606428946Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.608277487Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.615218673Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.616918712Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.629405228Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.638028991Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.640885212Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.646927661Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.658287996Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.673042339Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.674710401Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.683713483Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.685452122Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.6971218Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.699221991Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.707309408Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.709032759Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.722149915Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.740303544Z 79 PC: 12bd2 | Find next file (See above)
2018-12-25T12:01:23.743269316Z 67 PC: 12bfa | Get or set file attributes (See above)
2018-12-25T12:01:23.750665115Z 67 PC: 12c0c | Get or set file attributes (See above)
2018-12-25T12:01:23.761339256Z 61 PC: 12c18 | Open file (See above)
2018-12-25T12:01:23.768433017Z 87 PC: 12c25 | Get or set file date and time (See above)
2018-12-25T12:01:23.769783631Z 63 PC: 12c38 | Read file or device (See above)
2018-12-25T12:01:23.777101352Z 66 PC: 12c74 | Move file pointer (See above)
2018-12-25T12:01:23.779138963Z 64 PC: 12c8d | Write file or device (See above)
2018-12-25T12:01:23.788058905Z 66 PC: 12c9c | Move file pointer (See above)
2018-12-25T12:01:23.789635126Z 64 PC: 12ca7 | Write file or device (See above)
2018-12-25T12:01:23.796659559Z 87 PC: 12cb9 | Get or set file date and time (See above)
2018-12-25T12:01:23.798206234Z 67 PC: 12cc7 | Get or set file attributes (See above)
2018-12-25T12:01:23.810989801Z 62 PC: 12ccb | Close file (See above)
2018-12-25T12:01:23.818642591Z 26 PC: 12bf0 | Set disk transfer address
2018-12-25T12:01:23.819845995Z 59 PC: 12ad5 | Change current directory
2018-12-25T12:01:23.822518414Z 26 PC: 12ade | Set disk transfer address
2018-12-25T12:01:23.823735981Z 42 PC: 12ae2 | Get date 0x12ae2: cmp dh, 6
0x12ae5: je 0x12afa
0x12ae7: nop
0x12ae8: nop
0x12ae9: cmp dh, 9
0x12aec: je 0x12b04
0x12aee: nop
0x12aef: nop
0x12af0: cmp dh, 4
0x12af3: je 0x12b0e
0x12af5: nop
0x12af6: nop
0x12af7: jmp 0x12b52
0x12af9: nop
0x12afa: cmp dl, 2
0x12afd: je 0x12b18
0x12aff: nop
0x12b00: nop
0x12b01: jmp 0x12b52
0x12b03: nop
2018-12-25T12:01:23.826024062Z 9 PC: 12b46 | Display string (String= 'Hello, Welcome to the Psychiatric Hotline. ')
2018-12-25T12:01:23.832848275Z 9 PC: 12b4e | Display string (String= '[VivatNadym] v.2.0 [1998] ')
2018-12-25T12:01:23.83881741Z 0 PC: 12b52 | Program terminate