Sample viewer

vx.netlux.org/Virus.DOS.Mephisto.969

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:51:21.072978118Z	26	PC: 12a8b \| Set disk transfer address
2018-12-17T22:51:21.07458639Z	67	PC: 12b34 \| Get or set file attributes
2018-12-17T22:51:21.085851251Z	61	PC: 12b39 \| Open file (Filename = 'c:\dos\doskey.com')
2018-12-17T22:51:21.093426122Z	67	PC: 12b34 \| Get or set file attributes
2018-12-17T22:51:21.777809104Z	61	PC: 12b39 \| Open file (Filename = 'c:\dos\edit.com')
2018-12-17T22:51:21.786301698Z	87	PC: 12b41 \| Get or set file date and time
2018-12-17T22:51:21.788191859Z	63	PC: 12b4e \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:51:21.795887246Z	66	PC: 12b5e \| Move file pointer
2018-12-17T22:51:21.799002809Z	64	PC: 12a55 \| Write file or device (Write 969 bytes on handle 5)
2018-12-17T22:51:21.814644794Z	66	PC: 12b98 \| Move file pointer
2018-12-17T22:51:21.818458267Z	64	PC: 12ba3 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:51:21.829638471Z	87	PC: 12baa \| Get or set file date and time
2018-12-17T22:51:21.835212332Z	62	PC: 12bae \| Close file
2018-12-17T22:51:21.846674163Z	67	PC: 12b34 \| Get or set file attributes
2018-12-17T22:51:21.864084109Z	61	PC: 12b39 \| Open file (Filename = 'c:\windows\win.com')
2018-12-17T22:51:21.875094694Z	87	PC: 12b41 \| Get or set file date and time
2018-12-17T22:51:21.878804904Z	63	PC: 12b4e \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:51:21.885226297Z	66	PC: 12b5e \| Move file pointer
2018-12-17T22:51:21.888105867Z	64	PC: 12a55 \| Write file or device (Write 969 bytes on handle 5)
2018-12-17T22:51:21.900466437Z	66	PC: 12b98 \| Move file pointer
2018-12-17T22:51:21.902422612Z	64	PC: 12ba3 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:51:21.906396707Z	87	PC: 12baa \| Get or set file date and time
2018-12-17T22:51:21.908731284Z	62	PC: 12bae \| Close file
2018-12-17T22:51:21.916772109Z	78	PC: 12aa8 \| Find first file
2018-12-17T22:51:21.923759825Z	67	PC: 12b34 \| Get or set file attributes
2018-12-17T22:51:21.942023606Z	61	PC: 12b39 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:51:21.950011181Z	87	PC: 12b41 \| Get or set file date and time
2018-12-17T22:51:21.952120363Z	63	PC: 12b4e \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:51:21.959877005Z	66	PC: 12b5e \| Move file pointer
2018-12-17T22:51:21.961946242Z	64	PC: 12a55 \| Write file or device (Write 969 bytes on handle 5)
2018-12-17T22:51:21.971822025Z	66	PC: 12b98 \| Move file pointer
2018-12-17T22:51:21.9744648Z	64	PC: 12ba3 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:51:21.982047214Z	87	PC: 12baa \| Get or set file date and time
2018-12-17T22:51:21.983995634Z	62	PC: 12bae \| Close file
2018-12-17T22:51:21.993613632Z	79	PC: 12aa8 \| Find next file
2018-12-17T22:51:21.99775927Z	67	PC: 12b34 \| Get or set file attributes
2018-12-17T22:51:22.01357421Z	61	PC: 12b39 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:51:22.022233707Z	87	PC: 12b41 \| Get or set file date and time
2018-12-17T22:51:22.024264743Z	63	PC: 12b4e \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:51:22.031537936Z	66	PC: 12b5e \| Move file pointer
2018-12-17T22:51:22.033819513Z	87	PC: 12baa \| Get or set file date and time
2018-12-17T22:51:22.036080801Z	62	PC: 12bae \| Close file
2018-12-17T22:51:22.043930897Z	79	PC: 12aa8 \| Find next file
2018-12-17T22:51:22.047218764Z	67	PC: 12b34 \| Get or set file attributes
2018-12-17T22:51:22.059130241Z	61	PC: 12b39 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:51:22.06769464Z	87	PC: 12b41 \| Get or set file date and time
2018-12-17T22:51:22.06979201Z	63	PC: 12b4e \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:51:22.078132418Z	66	PC: 12b5e \| Move file pointer
2018-12-17T22:51:22.079795482Z	87	PC: 12baa \| Get or set file date and time
2018-12-17T22:51:22.081831888Z	62	PC: 12bae \| Close file
2018-12-17T22:51:22.092661462Z	79	PC: 12aa8 \| Find next file
2018-12-17T22:51:22.096264781Z	67	PC: 12b34 \| Get or set file attributes
2018-12-17T22:51:22.109752278Z	61	PC: 12b39 \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:51:22.119204736Z	87	PC: 12b41 \| Get or set file date and time
2018-12-17T22:51:22.120986573Z	63	PC: 12b4e \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:51:22.131045259Z	66	PC: 12b5e \| Move file pointer
2018-12-17T22:51:22.133302239Z	87	PC: 12baa \| Get or set file date and time
2018-12-17T22:51:22.136692798Z	62	PC: 12bae \| Close file
2018-12-17T22:51:22.146777524Z	79	PC: 12aa8 \| Find next file
2018-12-17T22:51:22.151247651Z	67	PC: 12b34 \| Get or set file attributes
2018-12-17T22:51:22.164748294Z	61	PC: 12b39 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:51:22.174436203Z	87	PC: 12b41 \| Get or set file date and time
2018-12-17T22:51:22.176212269Z	63	PC: 12b4e \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:51:22.184277791Z	66	PC: 12b5e \| Move file pointer
2018-12-17T22:51:22.186126715Z	87	PC: 12baa \| Get or set file date and time
2018-12-17T22:51:22.18810991Z	62	PC: 12bae \| Close file
2018-12-17T22:51:22.196720205Z	79	PC: 12aa8 \| Find next file
2018-12-17T22:51:22.199795081Z	67	PC: 12b34 \| Get or set file attributes
2018-12-17T22:51:22.210900224Z	61	PC: 12b39 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:51:22.219087494Z	87	PC: 12b41 \| Get or set file date and time
2018-12-17T22:51:22.220887034Z	63	PC: 12b4e \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:51:22.227897545Z	66	PC: 12b5e \| Move file pointer
2018-12-17T22:51:22.231053093Z	64	PC: 12a55 \| Write file or device (Write 969 bytes on handle 5)
2018-12-17T22:51:22.241569067Z	66	PC: 12b98 \| Move file pointer
2018-12-17T22:51:22.243337911Z	64	PC: 12ba3 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:51:22.250786343Z	87	PC: 12baa \| Get or set file date and time
2018-12-17T22:51:22.253082266Z	62	PC: 12bae \| Close file
2018-12-17T22:51:22.261610176Z	79	PC: 12aa8 \| Find next file
2018-12-17T22:51:22.26467819Z	67	PC: 12b34 \| Get or set file attributes
2018-12-17T22:51:22.27646358Z	61	PC: 12b39 \| Open file (Filename = 'PAH.COM')
2018-12-17T22:51:22.283621506Z	87	PC: 12b41 \| Get or set file date and time
2018-12-17T22:51:22.285398354Z	63	PC: 12b4e \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:51:22.293362586Z	66	PC: 12b5e \| Move file pointer
2018-12-17T22:51:22.295159853Z	87	PC: 12baa \| Get or set file date and time
2018-12-17T22:51:22.297034194Z	62	PC: 12bae \| Close file
2018-12-17T22:51:22.306410137Z	79	PC: 12aa8 \| Find next file
2018-12-17T22:51:22.309511544Z	67	PC: 12b34 \| Get or set file attributes
2018-12-17T22:51:22.3199539Z	61	PC: 12b39 \| Open file (Filename = 'TEST.COM')
2018-12-17T22:51:22.328006718Z	87	PC: 12b41 \| Get or set file date and time
2018-12-17T22:51:22.330288003Z	63	PC: 12b4e \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:51:22.334137085Z	66	PC: 12b5e \| Move file pointer
2018-12-17T22:51:22.337113326Z	64	PC: 12a55 \| Write file or device (Write 969 bytes on handle 5)
2018-12-17T22:51:22.348521907Z	66	PC: 12b98 \| Move file pointer
2018-12-17T22:51:22.350467312Z	64	PC: 12ba3 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:51:22.3540483Z	87	PC: 12baa \| Get or set file date and time
2018-12-17T22:51:22.356654365Z	62	PC: 12bae \| Close file
2018-12-17T22:51:22.366059814Z	79	PC: 12aa8 \| Find next file
2018-12-17T22:51:22.368992804Z	44	PC: 12aba \| Get time 0x12aba: cmp dl, 1 0x12abd: ja 0x12ac7 0x12abf: cmp dh, 0x10 0x12ac2: ja 0x12ac7 0x12ac4: call 0x12acf 0x12ac7: mov dx, 0x80 0x12aca: mov ah, 0x1a 0x12acc: int 0x21 0x12ace: ret 0x12acf: lea bx, word ptr [bp + 0x4c9] 0x12ad3: mov cx, 1 0x12ad6: mov dx, 0x80 0x12ad9: mov ax, 0x201 0x12adc: int 0x13 0x12ade: jb 0x12ace 0x12ae0: mov ax, 0x301 0x12ae3: mov dx, 0x80 0x12ae6: mov cx, 2 0x12ae9: lea bx, word ptr [bp + 0x4c9] 0x12aed: int 0x13
2018-12-17T22:51:22.372992749Z	26	PC: 12ace \| Set disk transfer address
2018-12-17T22:51:22.374978579Z	64	PC: 12a55 \| Write file or device (Write 969 bytes on handle 5)

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":10523,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:28:14.051065597Z	26	PC: 12a8b \| Set disk transfer address
2018-12-25T12:28:14.052671721Z	67	PC: 12b34 \| Get or set file attributes
2018-12-25T12:28:14.062344579Z	61	PC: 12b39 \| Open file (Filename = 'c:\dos\doskey.com')
2018-12-25T12:28:14.068993402Z	67	PC: 12b34 \| Get or set file attributes (See above)
2018-12-25T12:28:14.728150396Z	61	PC: 12b39 \| Open file (See above)
2018-12-25T12:28:14.733015212Z	87	PC: 12b41 \| Get or set file date and time
2018-12-25T12:28:14.734208129Z	63	PC: 12b4e \| Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:28:14.73910974Z	66	PC: 12b5e \| Move file pointer
2018-12-25T12:28:14.741362703Z	64	PC: 12a55 \| Write file or device (Write 969 bytes on handle 5)
2018-12-25T12:28:14.749746669Z	66	PC: 12b98 \| Move file pointer
2018-12-25T12:28:14.751254022Z	64	PC: 12ba3 \| Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:28:14.756659045Z	87	PC: 12baa \| Get or set file date and time
2018-12-25T12:28:14.758263113Z	62	PC: 12bae \| Close file
2018-12-25T12:28:14.765446668Z	67	PC: 12b34 \| Get or set file attributes (See above)
2018-12-25T12:28:14.777739018Z	61	PC: 12b39 \| Open file (See above)
2018-12-25T12:28:14.785490503Z	87	PC: 12b41 \| Get or set file date and time (See above)
2018-12-25T12:28:14.787058698Z	63	PC: 12b4e \| Read file or device (See above)
2018-12-25T12:28:14.793800606Z	66	PC: 12b5e \| Move file pointer (See above)
2018-12-25T12:28:14.795908852Z	64	PC: 12a55 \| Write file or device (See above)
2018-12-25T12:28:14.806738656Z	66	PC: 12b98 \| Move file pointer (See above)
2018-12-25T12:28:14.809322156Z	64	PC: 12ba3 \| Write file or device (See above)
2018-12-25T12:28:14.812624867Z	87	PC: 12baa \| Get or set file date and time (See above)
2018-12-25T12:28:14.814478237Z	62	PC: 12bae \| Close file (See above)
2018-12-25T12:28:14.823154489Z	78	PC: 12aa8 \| Find first file
2018-12-25T12:28:14.82922447Z	67	PC: 12b34 \| Get or set file attributes (See above)
2018-12-25T12:28:14.844567442Z	61	PC: 12b39 \| Open file (See above)
2018-12-25T12:28:14.849616692Z	87	PC: 12b41 \| Get or set file date and time (See above)
2018-12-25T12:28:14.850744541Z	63	PC: 12b4e \| Read file or device (See above)
2018-12-25T12:28:14.854878926Z	66	PC: 12b5e \| Move file pointer (See above)
2018-12-25T12:28:14.857531484Z	64	PC: 12a55 \| Write file or device (See above)
2018-12-25T12:28:14.866723907Z	66	PC: 12b98 \| Move file pointer (See above)
2018-12-25T12:28:14.868379164Z	64	PC: 12ba3 \| Write file or device (See above)
2018-12-25T12:28:14.877172026Z	87	PC: 12baa \| Get or set file date and time (See above)
2018-12-25T12:28:14.878428263Z	62	PC: 12bae \| Close file (See above)
2018-12-25T12:28:14.886081454Z	79	PC: 12aa8 \| Find next file (See above)
2018-12-25T12:28:14.893543372Z	67	PC: 12b34 \| Get or set file attributes (See above)
2018-12-25T12:28:14.905860759Z	61	PC: 12b39 \| Open file (See above)
2018-12-25T12:28:14.913441217Z	87	PC: 12b41 \| Get or set file date and time (See above)
2018-12-25T12:28:14.914635537Z	63	PC: 12b4e \| Read file or device (See above)
2018-12-25T12:28:14.921000877Z	66	PC: 12b5e \| Move file pointer (See above)
2018-12-25T12:28:14.922204121Z	87	PC: 12baa \| Get or set file date and time (See above)
2018-12-25T12:28:14.923490536Z	62	PC: 12bae \| Close file (See above)
2018-12-25T12:28:14.931130175Z	79	PC: 12aa8 \| Find next file (See above)
2018-12-25T12:28:14.933559795Z	67	PC: 12b34 \| Get or set file attributes (See above)
2018-12-25T12:28:14.943228916Z	61	PC: 12b39 \| Open file (See above)
2018-12-25T12:28:14.950442278Z	87	PC: 12b41 \| Get or set file date and time (See above)
2018-12-25T12:28:14.952182021Z	63	PC: 12b4e \| Read file or device (See above)
2018-12-25T12:28:14.960213606Z	66	PC: 12b5e \| Move file pointer (See above)
2018-12-25T12:28:14.962744596Z	87	PC: 12baa \| Get or set file date and time (See above)
2018-12-25T12:28:14.964454891Z	62	PC: 12bae \| Close file (See above)
2018-12-25T12:28:14.972040241Z	79	PC: 12aa8 \| Find next file (See above)
2018-12-25T12:28:14.976332776Z	67	PC: 12b34 \| Get or set file attributes (See above)
2018-12-25T12:28:14.986633476Z	61	PC: 12b39 \| Open file (See above)
2018-12-25T12:28:14.993094784Z	87	PC: 12b41 \| Get or set file date and time (See above)
2018-12-25T12:28:14.995194733Z	63	PC: 12b4e \| Read file or device (See above)
2018-12-25T12:28:15.001465819Z	66	PC: 12b5e \| Move file pointer (See above)
2018-12-25T12:28:15.002809212Z	87	PC: 12baa \| Get or set file date and time (See above)
2018-12-25T12:28:15.004883866Z	62	PC: 12bae \| Close file (See above)
2018-12-25T12:28:15.012293559Z	79	PC: 12aa8 \| Find next file (See above)
2018-12-25T12:28:15.014807235Z	67	PC: 12b34 \| Get or set file attributes (See above)
2018-12-25T12:28:15.025198863Z	61	PC: 12b39 \| Open file (See above)
2018-12-25T12:28:15.031919736Z	87	PC: 12b41 \| Get or set file date and time (See above)
2018-12-25T12:28:15.033222884Z	63	PC: 12b4e \| Read file or device (See above)
2018-12-25T12:28:15.039747085Z	66	PC: 12b5e \| Move file pointer (See above)
2018-12-25T12:28:15.041787299Z	87	PC: 12baa \| Get or set file date and time (See above)
2018-12-25T12:28:15.044248727Z	62	PC: 12bae \| Close file (See above)
2018-12-25T12:28:15.051274382Z	79	PC: 12aa8 \| Find next file (See above)
2018-12-25T12:28:15.054595384Z	67	PC: 12b34 \| Get or set file attributes (See above)
2018-12-25T12:28:15.064386329Z	61	PC: 12b39 \| Open file (See above)
2018-12-25T12:28:15.071334809Z	87	PC: 12b41 \| Get or set file date and time (See above)
2018-12-25T12:28:15.073536824Z	63	PC: 12b4e \| Read file or device (See above)
2018-12-25T12:28:15.079895365Z	66	PC: 12b5e \| Move file pointer (See above)
2018-12-25T12:28:15.081789415Z	64	PC: 12a55 \| Write file or device (See above)
2018-12-25T12:28:15.091625437Z	66	PC: 12b98 \| Move file pointer (See above)
2018-12-25T12:28:15.093009631Z	64	PC: 12ba3 \| Write file or device (See above)
2018-12-25T12:28:15.099941724Z	87	PC: 12baa \| Get or set file date and time (See above)
2018-12-25T12:28:15.102891215Z	62	PC: 12bae \| Close file (See above)
2018-12-25T12:28:15.11129323Z	79	PC: 12aa8 \| Find next file (See above)
2018-12-25T12:28:15.114326442Z	67	PC: 12b34 \| Get or set file attributes (See above)
2018-12-25T12:28:15.127242068Z	61	PC: 12b39 \| Open file (See above)
2018-12-25T12:28:15.13447409Z	87	PC: 12b41 \| Get or set file date and time (See above)
2018-12-25T12:28:15.136195046Z	63	PC: 12b4e \| Read file or device (See above)
2018-12-25T12:28:15.142840115Z	66	PC: 12b5e \| Move file pointer (See above)
2018-12-25T12:28:15.144112183Z	87	PC: 12baa \| Get or set file date and time (See above)
2018-12-25T12:28:15.14610625Z	62	PC: 12bae \| Close file (See above)
2018-12-25T12:28:15.169942903Z	79	PC: 12aa8 \| Find next file (See above)
2018-12-25T12:28:15.172421075Z	67	PC: 12b34 \| Get or set file attributes (See above)
2018-12-25T12:28:15.18240922Z	61	PC: 12b39 \| Open file (See above)
2018-12-25T12:28:15.189547278Z	87	PC: 12b41 \| Get or set file date and time (See above)
2018-12-25T12:28:15.190821707Z	63	PC: 12b4e \| Read file or device (See above)
2018-12-25T12:28:15.193217868Z	66	PC: 12b5e \| Move file pointer (See above)
2018-12-25T12:28:15.195707517Z	64	PC: 12a55 \| Write file or device (See above)
2018-12-25T12:28:15.204593172Z	66	PC: 12b98 \| Move file pointer (See above)
2018-12-25T12:28:15.205900044Z	64	PC: 12ba3 \| Write file or device (See above)
2018-12-25T12:28:15.211394586Z	87	PC: 12baa \| Get or set file date and time (See above)
2018-12-25T12:28:15.213120776Z	62	PC: 12bae \| Close file (See above)
2018-12-25T12:28:15.221093365Z	79	PC: 12aa8 \| Find next file (See above)
2018-12-25T12:28:15.224099489Z	44	PC: 12aba \| Get time 0x12aba: cmp dl, 1 0x12abd: ja 0x12ac7 0x12abf: cmp dh, 0x10 0x12ac2: ja 0x12ac7 0x12ac4: call 0x12acf 0x12ac7: mov dx, 0x80 0x12aca: mov ah, 0x1a 0x12acc: int 0x21 0x12ace: ret 0x12acf: lea bx, word ptr [bp + 0x4c9] 0x12ad3: mov cx, 1 0x12ad6: mov dx, 0x80 0x12ad9: mov ax, 0x201 0x12adc: int 0x13 0x12ade: jb 0x12ace 0x12ae0: mov ax, 0x301 0x12ae3: mov dx, 0x80 0x12ae6: mov cx, 2 0x12ae9: lea bx, word ptr [bp + 0x4c9] 0x12aed: int 0x13
2018-12-25T12:28:15.226400288Z	26	PC: 12ace \| Set disk transfer address
2018-12-25T12:28:15.228206425Z	64	PC: 12a55 \| Write file or device (See above)

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":17,"TimeBased":true,"OriginalID":10523,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:28:15.069987869Z	26	PC: 12a8b \| Set disk transfer address
2018-12-25T12:28:15.071387198Z	67	PC: 12b34 \| Get or set file attributes
2018-12-25T12:28:15.08707073Z	61	PC: 12b39 \| Open file (Filename = 'c:\dos\doskey.com')
2018-12-25T12:28:15.094989098Z	67	PC: 12b34 \| Get or set file attributes (See above)
2018-12-25T12:28:15.439828605Z	61	PC: 12b39 \| Open file (See above)
2018-12-25T12:28:15.449734293Z	87	PC: 12b41 \| Get or set file date and time
2018-12-25T12:28:15.452017038Z	63	PC: 12b4e \| Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:28:15.459856373Z	66	PC: 12b5e \| Move file pointer
2018-12-25T12:28:15.463096798Z	64	PC: 12a55 \| Write file or device (Write 969 bytes on handle 5)
2018-12-25T12:28:15.472686804Z	66	PC: 12b98 \| Move file pointer
2018-12-25T12:28:15.474944711Z	64	PC: 12ba3 \| Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:28:15.48332067Z	87	PC: 12baa \| Get or set file date and time
2018-12-25T12:28:15.48548527Z	62	PC: 12bae \| Close file
2018-12-25T12:28:15.49311249Z	67	PC: 12b34 \| Get or set file attributes (See above)
2018-12-25T12:28:15.505625791Z	61	PC: 12b39 \| Open file (See above)
2018-12-25T12:28:15.513863793Z	87	PC: 12b41 \| Get or set file date and time (See above)
2018-12-25T12:28:15.515668061Z	63	PC: 12b4e \| Read file or device (See above)
2018-12-25T12:28:15.522514407Z	66	PC: 12b5e \| Move file pointer (See above)
2018-12-25T12:28:15.526604391Z	64	PC: 12a55 \| Write file or device (See above)
2018-12-25T12:28:15.5381706Z	66	PC: 12b98 \| Move file pointer (See above)
2018-12-25T12:28:15.540008267Z	64	PC: 12ba3 \| Write file or device (See above)
2018-12-25T12:28:15.543766028Z	87	PC: 12baa \| Get or set file date and time (See above)
2018-12-25T12:28:15.545756094Z	62	PC: 12bae \| Close file (See above)
2018-12-25T12:28:15.553690625Z	78	PC: 12aa8 \| Find first file
2018-12-25T12:28:15.561273623Z	67	PC: 12b34 \| Get or set file attributes (See above)
2018-12-25T12:28:15.581413019Z	61	PC: 12b39 \| Open file (See above)
2018-12-25T12:28:15.589164751Z	87	PC: 12b41 \| Get or set file date and time (See above)
2018-12-25T12:28:15.592129466Z	63	PC: 12b4e \| Read file or device (See above)
2018-12-25T12:28:15.599838149Z	66	PC: 12b5e \| Move file pointer (See above)
2018-12-25T12:28:15.602585122Z	64	PC: 12a55 \| Write file or device (See above)
2018-12-25T12:28:15.613491911Z	66	PC: 12b98 \| Move file pointer (See above)
2018-12-25T12:28:15.615685967Z	64	PC: 12ba3 \| Write file or device (See above)
2018-12-25T12:28:15.623327636Z	87	PC: 12baa \| Get or set file date and time (See above)
2018-12-25T12:28:15.626472482Z	62	PC: 12bae \| Close file (See above)
2018-12-25T12:28:15.635195553Z	79	PC: 12aa8 \| Find next file (See above)
2018-12-25T12:28:15.638148757Z	67	PC: 12b34 \| Get or set file attributes (See above)
2018-12-25T12:28:15.649139413Z	61	PC: 12b39 \| Open file (See above)
2018-12-25T12:28:15.657394176Z	87	PC: 12b41 \| Get or set file date and time (See above)
2018-12-25T12:28:15.659316728Z	63	PC: 12b4e \| Read file or device (See above)
2018-12-25T12:28:15.667203006Z	66	PC: 12b5e \| Move file pointer (See above)
2018-12-25T12:28:15.669298052Z	87	PC: 12baa \| Get or set file date and time (See above)
2018-12-25T12:28:15.670942473Z	62	PC: 12bae \| Close file (See above)
2018-12-25T12:28:15.678935627Z	79	PC: 12aa8 \| Find next file (See above)
2018-12-25T12:28:15.683670176Z	67	PC: 12b34 \| Get or set file attributes (See above)
2018-12-25T12:28:15.694740262Z	61	PC: 12b39 \| Open file (See above)
2018-12-25T12:28:15.702446855Z	87	PC: 12b41 \| Get or set file date and time (See above)
2018-12-25T12:28:15.705208497Z	63	PC: 12b4e \| Read file or device (See above)
2018-12-25T12:28:15.713694502Z	66	PC: 12b5e \| Move file pointer (See above)
2018-12-25T12:28:15.715643662Z	87	PC: 12baa \| Get or set file date and time (See above)
2018-12-25T12:28:15.718157138Z	62	PC: 12bae \| Close file (See above)
2018-12-25T12:28:15.726282567Z	79	PC: 12aa8 \| Find next file (See above)
2018-12-25T12:28:15.730410232Z	67	PC: 12b34 \| Get or set file attributes (See above)
2018-12-25T12:28:15.742071215Z	61	PC: 12b39 \| Open file (See above)
2018-12-25T12:28:15.749875115Z	87	PC: 12b41 \| Get or set file date and time (See above)
2018-12-25T12:28:15.75181322Z	63	PC: 12b4e \| Read file or device (See above)
2018-12-25T12:28:15.759457809Z	66	PC: 12b5e \| Move file pointer (See above)
2018-12-25T12:28:15.761772103Z	87	PC: 12baa \| Get or set file date and time (See above)
2018-12-25T12:28:15.763441137Z	62	PC: 12bae \| Close file (See above)
2018-12-25T12:28:15.771493023Z	79	PC: 12aa8 \| Find next file (See above)
2018-12-25T12:28:15.775635887Z	67	PC: 12b34 \| Get or set file attributes (See above)
2018-12-25T12:28:15.787034708Z	61	PC: 12b39 \| Open file (See above)
2018-12-25T12:28:15.796097399Z	87	PC: 12b41 \| Get or set file date and time (See above)
2018-12-25T12:28:15.798551557Z	63	PC: 12b4e \| Read file or device (See above)
2018-12-25T12:28:15.80662858Z	66	PC: 12b5e \| Move file pointer (See above)
2018-12-25T12:28:15.808853044Z	87	PC: 12baa \| Get or set file date and time (See above)
2018-12-25T12:28:15.811537884Z	62	PC: 12bae \| Close file (See above)
2018-12-25T12:28:15.820094644Z	79	PC: 12aa8 \| Find next file (See above)
2018-12-25T12:28:15.823177039Z	67	PC: 12b34 \| Get or set file attributes (See above)
2018-12-25T12:28:15.835607488Z	61	PC: 12b39 \| Open file (See above)
2018-12-25T12:28:15.843315236Z	87	PC: 12b41 \| Get or set file date and time (See above)
2018-12-25T12:28:15.845290502Z	63	PC: 12b4e \| Read file or device (See above)
2018-12-25T12:28:15.852977727Z	66	PC: 12b5e \| Move file pointer (See above)
2018-12-25T12:28:15.856013904Z	64	PC: 12a55 \| Write file or device (See above)
2018-12-25T12:28:15.867133076Z	66	PC: 12b98 \| Move file pointer (See above)
2018-12-25T12:28:15.869456256Z	64	PC: 12ba3 \| Write file or device (See above)
2018-12-25T12:28:15.877653103Z	87	PC: 12baa \| Get or set file date and time (See above)
2018-12-25T12:28:15.879572803Z	62	PC: 12bae \| Close file (See above)
2018-12-25T12:28:15.888744022Z	79	PC: 12aa8 \| Find next file (See above)
2018-12-25T12:28:15.892502819Z	67	PC: 12b34 \| Get or set file attributes (See above)
2018-12-25T12:28:15.904594912Z	61	PC: 12b39 \| Open file (See above)
2018-12-25T12:28:15.912382555Z	87	PC: 12b41 \| Get or set file date and time (See above)
2018-12-25T12:28:15.915014399Z	63	PC: 12b4e \| Read file or device (See above)
2018-12-25T12:28:15.924034222Z	66	PC: 12b5e \| Move file pointer (See above)
2018-12-25T12:28:15.926948071Z	87	PC: 12baa \| Get or set file date and time (See above)
2018-12-25T12:28:15.931400119Z	62	PC: 12bae \| Close file (See above)
2018-12-25T12:28:15.939255336Z	79	PC: 12aa8 \| Find next file (See above)
2018-12-25T12:28:15.942806002Z	67	PC: 12b34 \| Get or set file attributes (See above)
2018-12-25T12:28:15.954977121Z	61	PC: 12b39 \| Open file (See above)
2018-12-25T12:28:15.963611807Z	87	PC: 12b41 \| Get or set file date and time (See above)
2018-12-25T12:28:15.96560966Z	63	PC: 12b4e \| Read file or device (See above)
2018-12-25T12:28:15.969048734Z	66	PC: 12b5e \| Move file pointer (See above)
2018-12-25T12:28:15.971938962Z	64	PC: 12a55 \| Write file or device (See above)
2018-12-25T12:28:15.982393115Z	66	PC: 12b98 \| Move file pointer (See above)
2018-12-25T12:28:15.984250562Z	64	PC: 12ba3 \| Write file or device (See above)
2018-12-25T12:28:15.988070257Z	87	PC: 12baa \| Get or set file date and time (See above)
2018-12-25T12:28:15.98997935Z	62	PC: 12bae \| Close file (See above)
2018-12-25T12:28:15.999500097Z	79	PC: 12aa8 \| Find next file (See above)
2018-12-25T12:28:16.003531204Z	44	PC: 12aba \| Get time 0x12aba: cmp dl, 1 0x12abd: ja 0x12ac7 0x12abf: cmp dh, 0x10 0x12ac2: ja 0x12ac7 0x12ac4: call 0x12acf 0x12ac7: mov dx, 0x80 0x12aca: mov ah, 0x1a 0x12acc: int 0x21 0x12ace: ret 0x12acf: lea bx, word ptr [bp + 0x4c9] 0x12ad3: mov cx, 1 0x12ad6: mov dx, 0x80 0x12ad9: mov ax, 0x201 0x12adc: int 0x13 0x12ade: jb 0x12ace 0x12ae0: mov ax, 0x301 0x12ae3: mov dx, 0x80 0x12ae6: mov cx, 2 0x12ae9: lea bx, word ptr [bp + 0x4c9] 0x12aed: int 0x13
2018-12-25T12:28:16.005923158Z	26	PC: 12ace \| Set disk transfer address
2018-12-25T12:28:16.009006958Z	64	PC: 12a55 \| Write file or device (See above)