Sample viewer

vx.netlux.org/Virus.DOS.Dead.1981

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:45:49.365672192Z	75	PC: 1591e \| Execute program
2018-12-17T22:45:49.368044598Z	42	PC: 15932 \| Get date 0x15932: cmp dh, 0xb 0x15935: jne 0x15943 0x15937: cmp al, 1 0x15939: jne 0x15943 0x1593b: mov ah, 9 0x1593d: lea dx, word ptr [bp + 0x55d] 0x15941: int 0x21 0x15943: mov ax, 0xffff 0x15946: mov ds, ax 0x15948: push cs 0x15949: pop es 0x1594a: xor si, si 0x1594c: mov di, 0x90 0x1594f: mov cx, 0x10 0x15952: cld 0x15953: repe cmpsb byte ptr [si], byte ptr es:[di] 0x15955: je 0x15972 0x15957: mov ax, word ptr cs:[0x8e] 0x1595b: inc ax 0x1595c: cmp ax, 0x100
2018-12-17T22:45:49.371712136Z	74	PC: 159bd \| Reallocate memory
2018-12-17T22:45:49.374090814Z	74	PC: 157a2 \| Reallocate memory
2018-12-17T22:45:49.376108273Z	72	PC: 157ab \| Allocate memory
2018-12-17T22:45:49.379095232Z	67	PC: 159c4 \| Get or set file attributes
2018-12-17T22:45:49.3937842Z	61	PC: 159c4 \| Open file (Filename = 'C:\COMMAND.COM')
2018-12-17T22:45:49.401087948Z	87	PC: 159c4 \| Get or set file date and time
2018-12-17T22:45:49.405394526Z	63	PC: 159c4 \| Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:45:49.409280194Z	66	PC: 159c4 \| Move file pointer
2018-12-17T22:45:49.410990225Z	64	PC: 159c4 \| Write file or device (Write 11 bytes on handle 5)
2018-12-17T22:45:49.415441115Z	64	PC: 159c4 \| Write file or device (Write 1981 bytes on handle 5)
2018-12-17T22:45:49.757459885Z	66	PC: 159c4 \| Move file pointer
2018-12-17T22:45:49.759422632Z	64	PC: 159c4 \| Write file or device (Write 13 bytes on handle 5)
2018-12-17T22:45:49.763938012Z	87	PC: 159c4 \| Get or set file date and time
2018-12-17T22:45:49.765782326Z	62	PC: 159c4 \| Close file
2018-12-17T22:45:49.773339279Z	53	PC: 14f1a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:45:49.776201484Z	53	PC: 14f1a \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:45:49.778757225Z	53	PC: 14f1a \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:45:49.780860265Z	53	PC: 14f1a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:45:49.78365845Z	53	PC: 14f1a \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:45:49.791194163Z	53	PC: 14f1a \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:45:49.794384014Z	53	PC: 14f1a \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:45:49.796241924Z	53	PC: 14f1a \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:45:49.799015462Z	53	PC: 14f1a \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:45:49.800802338Z	53	PC: 14f1a \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:45:49.802573445Z	53	PC: 14f1a \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:45:49.805071777Z	53	PC: 14f1a \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:45:49.806825551Z	53	PC: 14f1a \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:45:49.808256999Z	53	PC: 14f1a \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:45:49.81098322Z	53	PC: 14f1a \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:45:49.812734669Z	53	PC: 14f1a \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:45:49.814575957Z	53	PC: 14f1a \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:45:49.817404439Z	53	PC: 14f1a \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:45:49.81921511Z	53	PC: 14f1a \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:45:49.82090816Z	37	PC: 14f2f \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:45:49.823051305Z	37	PC: 14f37 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:45:49.82495457Z	37	PC: 14f3f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:45:49.826457623Z	37	PC: 14f47 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:45:49.828385493Z	68	PC: 15636 \| I/O control for devices (Set for = '��t=')
2018-12-17T22:45:49.953224919Z	64	PC: 15338 \| Write file or device (Write 0 bytes on handle 1)
2018-12-17T22:45:49.954933318Z	37	PC: 15071 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:45:49.956221307Z	37	PC: 15071 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:45:49.958095678Z	37	PC: 15071 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:45:49.95927339Z	37	PC: 15071 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:45:49.960498891Z	37	PC: 15071 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:45:49.962594657Z	37	PC: 15071 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:45:49.963742824Z	37	PC: 15071 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:45:49.965102868Z	37	PC: 15071 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:45:49.966918127Z	37	PC: 15071 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:45:49.968131927Z	37	PC: 15071 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:45:49.969297256Z	37	PC: 15071 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:45:49.971535189Z	37	PC: 15071 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:45:49.972791388Z	37	PC: 15071 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:45:49.974021458Z	37	PC: 15071 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:45:49.975273289Z	37	PC: 15071 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:45:49.977607163Z	37	PC: 15071 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:45:49.979148959Z	37	PC: 15071 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:45:49.980617257Z	37	PC: 15071 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:45:49.9834568Z	37	PC: 15071 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:45:49.985322844Z	6	PC: 150f8 \| Direct console I/O
2018-12-17T22:45:49.988125378Z	6	PC: 150f8 \| Direct console I/O
2018-12-17T22:45:49.991926938Z	6	PC: 150f8 \| Direct console I/O
2018-12-17T22:45:49.994576224Z	6	PC: 150f8 \| Direct console I/O
2018-12-17T22:45:49.997221011Z	6	PC: 150f8 \| Direct console I/O
2018-12-17T22:45:50.000990841Z	6	PC: 150f8 \| Direct console I/O
2018-12-17T22:45:50.003741307Z	6	PC: 150f8 \| Direct console I/O
2018-12-17T22:45:50.006434054Z	6	PC: 150f8 \| Direct console I/O
2018-12-17T22:45:50.009123746Z	6	PC: 150f8 \| Direct console I/O
2018-12-17T22:45:50.012364532Z	6	PC: 150f8 \| Direct console I/O
2018-12-17T22:45:50.014832477Z	6	PC: 150f8 \| Direct console I/O
2018-12-17T22:45:50.017638718Z	6	PC: 150f8 \| Direct console I/O
2018-12-17T22:45:50.020677135Z	6	PC: 150f8 \| Direct console I/O
2018-12-17T22:45:50.023213268Z	6	PC: 150f8 \| Direct console I/O
2018-12-17T22:45:50.026149542Z	6	PC: 150f8 \| Direct console I/O
2018-12-17T22:45:50.030028969Z	6	PC: 150f8 \| Direct console I/O
2018-12-17T22:45:50.033126647Z	6	PC: 150f8 \| Direct console I/O
2018-12-17T22:45:50.035533657Z	6	PC: 150f8 \| Direct console I/O
2018-12-17T22:45:50.038171201Z	6	PC: 150f8 \| Direct console I/O
2018-12-17T22:45:50.04059294Z	6	PC: 150f8 \| Direct console I/O
2018-12-17T22:45:50.043323478Z	6	PC: 150f8 \| Direct console I/O
2018-12-17T22:45:50.047388172Z	6	PC: 150f8 \| Direct console I/O
2018-12-17T22:45:50.050803336Z	6	PC: 150f8 \| Direct console I/O
2018-12-17T22:45:50.053404712Z	6	PC: 150f8 \| Direct console I/O
2018-12-17T22:45:50.056298166Z	6	PC: 150f8 \| Direct console I/O
2018-12-17T22:45:50.059650863Z	6	PC: 150f8 \| Direct console I/O
2018-12-17T22:45:50.062295349Z	6	PC: 150f8 \| Direct console I/O
2018-12-17T22:45:50.064912585Z	6	PC: 150f8 \| Direct console I/O
2018-12-17T22:45:50.067642012Z	6	PC: 150f8 \| Direct console I/O
2018-12-17T22:45:50.069839689Z	6	PC: 150f8 \| Direct console I/O
2018-12-17T22:45:50.072113119Z	6	PC: 150f8 \| Direct console I/O
2018-12-17T22:45:50.075316886Z	6	PC: 150f8 \| Direct console I/O
2018-12-17T22:45:50.077334014Z	6	PC: 150f8 \| Direct console I/O
2018-12-17T22:45:50.080326084Z	76	PC: 150b0 \| Terminate with return code (Return code = '200')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8671,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:21:40.052690078Z	75	PC: 1591e \| Execute program
2018-12-25T12:21:40.054906368Z	42	PC: 15932 \| Get date 0x15932: cmp dh, 0xb 0x15935: jne 0x15943 0x15937: cmp al, 1 0x15939: jne 0x15943 0x1593b: mov ah, 9 0x1593d: lea dx, word ptr [bp + 0x55d] 0x15941: int 0x21 0x15943: mov ax, 0xffff 0x15946: mov ds, ax 0x15948: push cs 0x15949: pop es 0x1594a: xor si, si 0x1594c: mov di, 0x90 0x1594f: mov cx, 0x10 0x15952: cld 0x15953: repe cmpsb byte ptr [si], byte ptr es:[di] 0x15955: je 0x15972 0x15957: mov ax, word ptr cs:[0x8e] 0x1595b: inc ax 0x1595c: cmp ax, 0x100
2018-12-25T12:21:40.057634942Z	74	PC: 159bd \| Reallocate memory
2018-12-25T12:21:40.059653122Z	74	PC: 157a2 \| Reallocate memory
2018-12-25T12:21:40.061673257Z	72	PC: 157ab \| Allocate memory
2018-12-25T12:21:40.063747651Z	67	PC: 159c4 \| Get or set file attributes
2018-12-25T12:21:40.069449418Z	61	PC: 159c4 \| Open file (See above)
2018-12-25T12:21:40.076401713Z	87	PC: 159c4 \| Get or set file date and time (See above)
2018-12-25T12:21:40.07846868Z	63	PC: 159c4 \| Read file or device (See above)
2018-12-25T12:21:40.081760304Z	66	PC: 159c4 \| Move file pointer (See above)
2018-12-25T12:21:40.083959795Z	64	PC: 159c4 \| Write file or device (See above)
2018-12-25T12:21:40.088581284Z	64	PC: 159c4 \| Write file or device (See above)
2018-12-25T12:21:40.952660438Z	66	PC: 159c4 \| Move file pointer (See above)
2018-12-25T12:21:40.956688757Z	64	PC: 159c4 \| Write file or device (See above)
2018-12-25T12:21:40.960571315Z	87	PC: 159c4 \| Get or set file date and time (See above)
2018-12-25T12:21:40.962272598Z	62	PC: 159c4 \| Close file (See above)
2018-12-25T12:21:41.114496605Z	53	PC: 14f1a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-25T12:21:41.120482022Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.122208433Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.124007586Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.126629675Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.128060076Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.129439783Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.131385501Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.13297705Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.134501779Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.137047965Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.139234026Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.141356388Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.143238675Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.145903705Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.147684657Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.149338971Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.151462678Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.152982323Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.154758049Z	37	PC: 14f2f \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-25T12:21:41.157004648Z	37	PC: 14f37 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-25T12:21:41.15829461Z	37	PC: 14f3f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:21:41.160008465Z	37	PC: 14f47 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-25T12:21:41.16339558Z	68	PC: 15636 \| I/O control for devices (Set for = '��t=')
2018-12-25T12:21:41.33915308Z	64	PC: 15338 \| Write file or device (Write 0 bytes on handle 1)
2018-12-25T12:21:41.341439843Z	37	PC: 15071 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-25T12:21:41.343990387Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.345510489Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.347008078Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.348728395Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.350985232Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.352468185Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.353949806Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.35651189Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.357964446Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.359264295Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.361036752Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.362250578Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.36342737Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.365833511Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.367643019Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.369312888Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.371970131Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.373769774Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.375380764Z	6	PC: 150f8 \| Direct console I/O
2018-12-25T12:21:41.378228988Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.381998387Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.384791542Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.387018084Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.389631303Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.391853725Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.394182197Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.396779231Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.398963653Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.401180765Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.404223822Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.406569009Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.408926132Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.412514164Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.414833428Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.417226223Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.420697299Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.428218229Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.429938544Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.431494843Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.434293952Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.436723405Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.43935088Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.442075626Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.44383091Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.445421099Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.447332866Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.449001502Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.450450991Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.453135782Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.455042187Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.456399414Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.459202468Z	76	PC: 150b0 \| Terminate with return code (Return code = '200')

{"DateBased":true,"Day":1,"Month":11,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8671,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:21:40.252597843Z	75	PC: 1591e \| Execute program
2018-12-25T12:21:40.255292467Z	42	PC: 15932 \| Get date 0x15932: cmp dh, 0xb 0x15935: jne 0x15943 0x15937: cmp al, 1 0x15939: jne 0x15943 0x1593b: mov ah, 9 0x1593d: lea dx, word ptr [bp + 0x55d] 0x15941: int 0x21 0x15943: mov ax, 0xffff 0x15946: mov ds, ax 0x15948: push cs 0x15949: pop es 0x1594a: xor si, si 0x1594c: mov di, 0x90 0x1594f: mov cx, 0x10 0x15952: cld 0x15953: repe cmpsb byte ptr [si], byte ptr es:[di] 0x15955: je 0x15972 0x15957: mov ax, word ptr cs:[0x8e] 0x1595b: inc ax 0x1595c: cmp ax, 0x100
2018-12-25T12:21:40.258638712Z	74	PC: 159bd \| Reallocate memory
2018-12-25T12:21:40.260964551Z	74	PC: 157a2 \| Reallocate memory
2018-12-25T12:21:40.262849621Z	72	PC: 157ab \| Allocate memory
2018-12-25T12:21:40.265291516Z	67	PC: 159c4 \| Get or set file attributes
2018-12-25T12:21:40.271378507Z	61	PC: 159c4 \| Open file (See above)
2018-12-25T12:21:40.278136888Z	87	PC: 159c4 \| Get or set file date and time (See above)
2018-12-25T12:21:40.280662584Z	63	PC: 159c4 \| Read file or device (See above)
2018-12-25T12:21:40.283511038Z	66	PC: 159c4 \| Move file pointer (See above)
2018-12-25T12:21:40.285109474Z	64	PC: 159c4 \| Write file or device (See above)
2018-12-25T12:21:40.289584115Z	64	PC: 159c4 \| Write file or device (See above)
2018-12-25T12:21:40.951624904Z	66	PC: 159c4 \| Move file pointer (See above)
2018-12-25T12:21:40.953366098Z	64	PC: 159c4 \| Write file or device (See above)
2018-12-25T12:21:40.957804588Z	87	PC: 159c4 \| Get or set file date and time (See above)
2018-12-25T12:21:40.959484477Z	62	PC: 159c4 \| Close file (See above)
2018-12-25T12:21:41.114295144Z	53	PC: 14f1a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-25T12:21:41.117274965Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.119740617Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.121704001Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.124470276Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.127389094Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.12917322Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.130926855Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.133771438Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.135633123Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.137327756Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.139913829Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.141292123Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.142615344Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.145135268Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.146887277Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.148605788Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.150491269Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.152599685Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.153615328Z	37	PC: 14f2f \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-25T12:21:41.154594498Z	37	PC: 14f37 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-25T12:21:41.156350915Z	37	PC: 14f3f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:21:41.15746842Z	37	PC: 14f47 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-25T12:21:41.158832421Z	68	PC: 15636 \| I/O control for devices (Set for = '��t=')
2018-12-25T12:21:41.359556522Z	64	PC: 15338 \| Write file or device (Write 0 bytes on handle 1)
2018-12-25T12:21:41.361523127Z	37	PC: 15071 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-25T12:21:41.362766108Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.365183646Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.366498731Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.36825546Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.370482514Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.371843205Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.373197945Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.375083581Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.376553294Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.377956106Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.37955788Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.381147163Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.382509061Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.383955704Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.386020742Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.387238864Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.388406529Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.39059301Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.391882635Z	6	PC: 150f8 \| Direct console I/O
2018-12-25T12:21:41.39438345Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.397771352Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.400502337Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.403320282Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.40717259Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.410266834Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.413111626Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.416247412Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.419978844Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.422740592Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.425529846Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.429308217Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.432096126Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.434894829Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.438454292Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.441135967Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.443578102Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.446971046Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.450542441Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.453345038Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.456788233Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.459232471Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.461549754Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.464057905Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.468117825Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.470658934Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.473188103Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.475972808Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.478406555Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.480875174Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.484226682Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.486483916Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.491230281Z	76	PC: 150b0 \| Terminate with return code (Return code = '200')

{"DateBased":true,"Day":3,"Month":11,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8671,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:21:40.47485229Z	75	PC: 1591e \| Execute program
2018-12-25T12:21:40.477041219Z	42	PC: 15932 \| Get date 0x15932: cmp dh, 0xb 0x15935: jne 0x15943 0x15937: cmp al, 1 0x15939: jne 0x15943 0x1593b: mov ah, 9 0x1593d: lea dx, word ptr [bp + 0x55d] 0x15941: int 0x21 0x15943: mov ax, 0xffff 0x15946: mov ds, ax 0x15948: push cs 0x15949: pop es 0x1594a: xor si, si 0x1594c: mov di, 0x90 0x1594f: mov cx, 0x10 0x15952: cld 0x15953: repe cmpsb byte ptr [si], byte ptr es:[di] 0x15955: je 0x15972 0x15957: mov ax, word ptr cs:[0x8e] 0x1595b: inc ax 0x1595c: cmp ax, 0x100
2018-12-25T12:21:40.479356153Z	9	PC: 15943 \| Display string (Could not find end pointer)
2018-12-25T12:21:40.499604417Z	74	PC: 159bd \| Reallocate memory
2018-12-25T12:21:40.501339609Z	74	PC: 157a2 \| Reallocate memory
2018-12-25T12:21:40.503066056Z	72	PC: 157ab \| Allocate memory
2018-12-25T12:21:40.505162446Z	67	PC: 159c4 \| Get or set file attributes
2018-12-25T12:21:40.510955963Z	61	PC: 159c4 \| Open file (See above)
2018-12-25T12:21:40.518207466Z	87	PC: 159c4 \| Get or set file date and time (See above)
2018-12-25T12:21:40.519838409Z	63	PC: 159c4 \| Read file or device (See above)
2018-12-25T12:21:40.52358981Z	66	PC: 159c4 \| Move file pointer (See above)
2018-12-25T12:21:40.525504672Z	64	PC: 159c4 \| Write file or device (See above)
2018-12-25T12:21:40.529162299Z	64	PC: 159c4 \| Write file or device (See above)
2018-12-25T12:21:41.115333145Z	66	PC: 159c4 \| Move file pointer (See above)
2018-12-25T12:21:41.121471802Z	64	PC: 159c4 \| Write file or device (See above)
2018-12-25T12:21:41.124690589Z	87	PC: 159c4 \| Get or set file date and time (See above)
2018-12-25T12:21:41.126320391Z	62	PC: 159c4 \| Close file (See above)
2018-12-25T12:21:41.135718197Z	53	PC: 14f1a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-25T12:21:41.137471647Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.13920811Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.14130903Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.143077765Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.144852884Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.147508643Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.149417909Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.151113284Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.153086739Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.155164554Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.157032377Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.158863102Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.161032791Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.1628049Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.164733358Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.167302075Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.169239772Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.17117111Z	53	PC: 14f1a \| Get interrupt vector (See above)
2018-12-25T12:21:41.173825531Z	37	PC: 14f2f \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-25T12:21:41.175858707Z	37	PC: 14f37 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-25T12:21:41.177120676Z	37	PC: 14f3f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:21:41.179875585Z	37	PC: 14f47 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-25T12:21:41.182503441Z	68	PC: 15636 \| I/O control for devices (Set for = '��t=')
2018-12-25T12:21:41.399190781Z	64	PC: 15338 \| Write file or device (Write 0 bytes on handle 1)
2018-12-25T12:21:41.402330207Z	37	PC: 15071 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-25T12:21:41.405187282Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.406855749Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.408696788Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.41008537Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.411049147Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.412190613Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.413666187Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.414649355Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.415629362Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.41742832Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.418544292Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.419720543Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.421845154Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.423304507Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.42440648Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.42627767Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.427738754Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.429343654Z	37	PC: 15071 \| Set interrupt vector (See above)
2018-12-25T12:21:41.431025675Z	6	PC: 150f8 \| Direct console I/O
2018-12-25T12:21:41.434570604Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.437114869Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.43951879Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.443754955Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.446355975Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.448795322Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.453790342Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.456737126Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.459614126Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.465952142Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.468635279Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.470950011Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.474325633Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.476912196Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.47936307Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.482143361Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.485010234Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.487416709Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.489803646Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.492694929Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.49537904Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.498657492Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.502742235Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.505157621Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.507517478Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.511184592Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.515675642Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.518286225Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.521117956Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.52384605Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.526275628Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.529674685Z	6	PC: 150f8 \| Direct console I/O (See above)
2018-12-25T12:21:41.534430272Z	76	PC: 150b0 \| Terminate with return code (Return code = '200')