Sample viewer

vx.netlux.org/Virus.DOS.DeathDragon.499

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:51:50.623911853Z	255	PC: 12ad6 \| UNKNOWN!
2018-12-17T22:51:50.625037377Z	26	PC: 12b18 \| Set disk transfer address
2018-12-17T22:51:50.62737569Z	78	PC: 12b23 \| Find first file
2018-12-17T22:51:50.633760704Z	61	PC: 12bb6 \| Open file (Filename = 'c:\COMMAND.COM')
2018-12-17T22:51:50.640467263Z	63	PC: 12bc4 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:51:50.644819248Z	62	PC: 12bc8 \| Close file
2018-12-17T22:51:50.647121844Z	67	PC: 12c27 \| Get or set file attributes
2018-12-17T22:51:50.999708875Z	61	PC: 12c31 \| Open file (Filename = 'c:\COMMAND.COM')
2018-12-17T22:51:51.008604796Z	64	PC: 12c52 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:51:51.012290039Z	66	PC: 12c6e \| Move file pointer
2018-12-17T22:51:51.015056516Z	64	PC: 12c7c \| Write file or device (Write 499 bytes on handle 5)
2018-12-17T22:51:51.024074527Z	62	PC: 12c83 \| Close file
2018-12-17T22:51:51.032435523Z	67	PC: 12c93 \| Get or set file attributes
2018-12-17T22:51:51.046478323Z	78	PC: 12b3b \| Find first file
2018-12-17T22:51:51.053794527Z	61	PC: 12bb6 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:51:51.062006854Z	63	PC: 12bc4 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:51:51.069754118Z	62	PC: 12bc8 \| Close file
2018-12-17T22:51:51.072095436Z	67	PC: 12c27 \| Get or set file attributes
2018-12-17T22:51:51.091684064Z	61	PC: 12c31 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:51:51.099542025Z	64	PC: 12c52 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:51:51.103150194Z	66	PC: 12c6e \| Move file pointer
2018-12-17T22:51:51.1181121Z	64	PC: 12c7c \| Write file or device (Write 499 bytes on handle 5)
2018-12-17T22:51:51.128403272Z	62	PC: 12c83 \| Close file
2018-12-17T22:51:51.137704375Z	67	PC: 12c93 \| Get or set file attributes
2018-12-17T22:51:51.150532704Z	79	PC: 12b3b \| Find next file
2018-12-17T22:51:51.15343723Z	61	PC: 12bb6 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:51:51.161927389Z	63	PC: 12bc4 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:51:51.170393954Z	62	PC: 12bc8 \| Close file
2018-12-17T22:51:51.172580241Z	67	PC: 12c27 \| Get or set file attributes
2018-12-17T22:51:51.183929972Z	61	PC: 12c31 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:51:51.191704146Z	64	PC: 12c52 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:51:51.196117086Z	66	PC: 12c6e \| Move file pointer
2018-12-17T22:51:51.198245163Z	64	PC: 12c7c \| Write file or device (Write 499 bytes on handle 5)
2018-12-17T22:51:51.207184005Z	62	PC: 12c83 \| Close file
2018-12-17T22:51:51.216569847Z	67	PC: 12c93 \| Get or set file attributes
2018-12-17T22:51:51.227772462Z	79	PC: 12b3b \| Find next file
2018-12-17T22:51:51.231131792Z	61	PC: 12bb6 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:51:51.239236868Z	63	PC: 12bc4 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:51:51.247067238Z	62	PC: 12bc8 \| Close file
2018-12-17T22:51:51.249207889Z	67	PC: 12c27 \| Get or set file attributes
2018-12-17T22:51:51.260884033Z	61	PC: 12c31 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:51:51.268139763Z	64	PC: 12c52 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:51:51.271497861Z	66	PC: 12c6e \| Move file pointer
2018-12-17T22:51:51.27390342Z	64	PC: 12c7c \| Write file or device (Write 499 bytes on handle 5)
2018-12-17T22:51:51.283446507Z	62	PC: 12c83 \| Close file
2018-12-17T22:51:51.292980668Z	67	PC: 12c93 \| Get or set file attributes
2018-12-17T22:51:51.303771649Z	79	PC: 12b3b \| Find next file
2018-12-17T22:51:51.308015571Z	61	PC: 12bb6 \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:51:51.315354628Z	63	PC: 12bc4 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:51:51.322556988Z	62	PC: 12bc8 \| Close file
2018-12-17T22:51:51.32576257Z	67	PC: 12c27 \| Get or set file attributes
2018-12-17T22:51:51.337061305Z	61	PC: 12c31 \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:51:51.344173826Z	64	PC: 12c52 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:51:51.348164053Z	66	PC: 12c6e \| Move file pointer
2018-12-17T22:51:51.349981958Z	64	PC: 12c7c \| Write file or device (Write 499 bytes on handle 5)
2018-12-17T22:51:51.359296696Z	62	PC: 12c83 \| Close file
2018-12-17T22:51:51.368658332Z	67	PC: 12c93 \| Get or set file attributes
2018-12-17T22:51:51.379209714Z	79	PC: 12b3b \| Find next file
2018-12-17T22:51:51.383903411Z	61	PC: 12bb6 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:51:51.391895965Z	63	PC: 12bc4 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:51:51.399139362Z	62	PC: 12bc8 \| Close file
2018-12-17T22:51:51.401683091Z	67	PC: 12c27 \| Get or set file attributes
2018-12-17T22:51:51.413119675Z	61	PC: 12c31 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:51:51.421802035Z	64	PC: 12c52 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:51:51.425053874Z	66	PC: 12c6e \| Move file pointer
2018-12-17T22:51:51.427307066Z	64	PC: 12c7c \| Write file or device (Write 499 bytes on handle 5)
2018-12-17T22:51:51.437629037Z	62	PC: 12c83 \| Close file
2018-12-17T22:51:51.446888371Z	67	PC: 12c93 \| Get or set file attributes
2018-12-17T22:51:51.45793387Z	79	PC: 12b3b \| Find next file
2018-12-17T22:51:51.46228286Z	61	PC: 12bb6 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:51:51.470183241Z	63	PC: 12bc4 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:51:51.477512249Z	62	PC: 12bc8 \| Close file
2018-12-17T22:51:51.481232628Z	67	PC: 12c27 \| Get or set file attributes
2018-12-17T22:51:51.495214824Z	61	PC: 12c31 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:51:51.503498465Z	64	PC: 12c52 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:51:51.508312398Z	66	PC: 12c6e \| Move file pointer
2018-12-17T22:51:51.510800131Z	64	PC: 12c7c \| Write file or device (Write 499 bytes on handle 5)
2018-12-17T22:51:51.520238842Z	62	PC: 12c83 \| Close file
2018-12-17T22:51:51.53626042Z	67	PC: 12c93 \| Get or set file attributes
2018-12-17T22:51:51.55142129Z	79	PC: 12b3b \| Find next file
2018-12-17T22:51:51.555788544Z	61	PC: 12bb6 \| Open file (Filename = 'PAH.COM')
2018-12-17T22:51:51.563517353Z	63	PC: 12bc4 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:51:51.571940566Z	62	PC: 12bc8 \| Close file
2018-12-17T22:51:51.574986729Z	67	PC: 12c27 \| Get or set file attributes
2018-12-17T22:51:51.58672509Z	61	PC: 12c31 \| Open file (Filename = 'PAH.COM')
2018-12-17T22:51:51.59519439Z	64	PC: 12c52 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:51:51.599214001Z	66	PC: 12c6e \| Move file pointer
2018-12-17T22:51:51.601596206Z	64	PC: 12c7c \| Write file or device (Write 499 bytes on handle 5)
2018-12-17T22:51:51.62103405Z	62	PC: 12c83 \| Close file
2018-12-17T22:51:51.630442615Z	67	PC: 12c93 \| Get or set file attributes
2018-12-17T22:51:51.64146453Z	79	PC: 12b3b \| Find next file
2018-12-17T22:51:51.644892409Z	61	PC: 12bb6 \| Open file (Filename = 'TEST.COM')
2018-12-17T22:51:51.653746001Z	63	PC: 12bc4 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:51:51.657213355Z	62	PC: 12bc8 \| Close file
2018-12-17T22:51:51.660212068Z	79	PC: 12b3b \| Find next file
2018-12-17T22:51:51.664306239Z	42	PC: 12b4d \| Get date 0x12b4d: cmp al, 0 0x12b4f: jne 0x12b60 0x12b51: cmp dh, 4 0x12b54: jg 0x12b60 0x12b56: mov ah, 9 0x12b58: lea dx, word ptr [bp + 0x1c7] 0x12b5c: int 0x21 0x12b5e: jmp 0x12b5e 0x12b60: mov ah, 0x1a 0x12b62: mov dx, 0x80 0x12b65: int 0x21 0x12b67: ret 0x12b68: push di 0x12b69: popaw 0x12b6a: jb 0x12bda 0x12b6c: imul bp, word ptr [bp + 0x67], 0x3320 0x12b71: xor al, 0x35 0x12b73: cmp dh, byte ptr ss:[di] 0x12b76: xor al, 0x33 0x12b78: xor ah, byte ptr [bx + si]
2018-12-17T22:51:51.66763402Z	26	PC: 12b67 \| Set disk transfer address
2018-12-17T22:51:51.669429243Z	9	PC: 12aa2 \| Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')

{"DateBased":true,"Day":4,"Month":5,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10692,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:28:50.160663251Z	255	PC: 12ad6 \| UNKNOWN!
2018-12-25T12:28:50.162746083Z	26	PC: 12b18 \| Set disk transfer address
2018-12-25T12:28:50.163995611Z	78	PC: 12b23 \| Find first file
2018-12-25T12:28:50.167686035Z	61	PC: 12bb6 \| Open file (Filename = 'c:\COMMAND.COM')
2018-12-25T12:28:50.172317416Z	63	PC: 12bc4 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:28:50.17442241Z	62	PC: 12bc8 \| Close file
2018-12-25T12:28:50.176260806Z	67	PC: 12c27 \| Get or set file attributes
2018-12-25T12:28:51.170114023Z	61	PC: 12c31 \| Open file (Filename = 'c:\COMMAND.COM')
2018-12-25T12:28:51.178824699Z	64	PC: 12c52 \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:28:51.182517458Z	66	PC: 12c6e \| Move file pointer
2018-12-25T12:28:51.18475977Z	64	PC: 12c7c \| Write file or device (Write 499 bytes on handle 5)
2018-12-25T12:28:51.194014965Z	62	PC: 12c83 \| Close file
2018-12-25T12:28:51.202864168Z	67	PC: 12c93 \| Get or set file attributes
2018-12-25T12:28:51.213230807Z	78	PC: 12b3b \| Find first file
2018-12-25T12:28:51.221328802Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:51.230260515Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:51.237807492Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:51.240351371Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:51.256572161Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:51.261185605Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:51.263259414Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:51.265700635Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:51.282728547Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:51.295787069Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:51.311403495Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:51.315013498Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:51.329454449Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:51.337741829Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:51.339868853Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:51.351338625Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:51.361913554Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:51.36548173Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:51.367743161Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:51.379883293Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:51.389578971Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:51.40072131Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:51.404357829Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:51.412593019Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:51.416841372Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:51.418319928Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:51.425526242Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:51.433218704Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:51.438038128Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:51.44011047Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:51.446308622Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:51.452029129Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:51.460121081Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:51.463467808Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:51.470512956Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:51.478255257Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:51.480165429Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:51.490795879Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:51.505460505Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:51.512731236Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:51.515005014Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:51.523763249Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:51.532518842Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:51.543164087Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:51.546063629Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:51.553500722Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:51.560757547Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:51.562682042Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:51.573993284Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:51.581386968Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:51.584429073Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:51.587643998Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:51.59638382Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:51.605209626Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:51.617373329Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:51.620264799Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:51.628137439Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:51.635480734Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:51.637407407Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:51.648060857Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:51.65590897Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:51.659874767Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:51.662053118Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:51.67119192Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:51.680645493Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:51.691696975Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:51.694510695Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:51.702136486Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:51.709419847Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:51.711782514Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:51.723659179Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:51.73130896Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:51.734818107Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:51.737798357Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:51.747502512Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:51.757006806Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:51.768192693Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:51.771657056Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:51.778917447Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:51.786239674Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:51.789761115Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:51.79283592Z	42	PC: 12b4d \| Get date 0x12b4d: cmp al, 0 0x12b4f: jne 0x12b60 0x12b51: cmp dh, 4 0x12b54: jg 0x12b60 0x12b56: mov ah, 9 0x12b58: lea dx, word ptr [bp + 0x1c7] 0x12b5c: int 0x21 0x12b5e: jmp 0x12b5e 0x12b60: mov ah, 0x1a 0x12b62: mov dx, 0x80 0x12b65: int 0x21 0x12b67: ret 0x12b68: push di 0x12b69: popaw 0x12b6a: jb 0x12bda 0x12b6c: imul bp, word ptr [bp + 0x67], 0x3320 0x12b71: xor al, 0x35 0x12b73: cmp dh, byte ptr ss:[di] 0x12b76: xor al, 0x33 0x12b78: xor ah, byte ptr [bx + si]
2018-12-25T12:28:51.795595197Z	26	PC: 12b67 \| Set disk transfer address
2018-12-25T12:28:51.798010624Z	9	PC: 12aa2 \| Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10692,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:28:50.460825071Z	255	PC: 12ad6 \| UNKNOWN!
2018-12-25T12:28:50.462055283Z	26	PC: 12b18 \| Set disk transfer address
2018-12-25T12:28:50.463374251Z	78	PC: 12b23 \| Find first file
2018-12-25T12:28:50.467119335Z	61	PC: 12bb6 \| Open file (Filename = 'c:\COMMAND.COM')
2018-12-25T12:28:50.471083926Z	63	PC: 12bc4 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:28:50.473699785Z	62	PC: 12bc8 \| Close file
2018-12-25T12:28:50.47497884Z	67	PC: 12c27 \| Get or set file attributes
2018-12-25T12:28:51.169726121Z	61	PC: 12c31 \| Open file (Filename = 'c:\COMMAND.COM')
2018-12-25T12:28:51.177618228Z	64	PC: 12c52 \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:28:51.180828037Z	66	PC: 12c6e \| Move file pointer
2018-12-25T12:28:51.182660316Z	64	PC: 12c7c \| Write file or device (Write 499 bytes on handle 5)
2018-12-25T12:28:51.19249273Z	62	PC: 12c83 \| Close file
2018-12-25T12:28:51.21021814Z	67	PC: 12c93 \| Get or set file attributes
2018-12-25T12:28:51.228711046Z	78	PC: 12b3b \| Find first file
2018-12-25T12:28:51.240183562Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:51.248095454Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:51.255376938Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:51.258857199Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:51.282368837Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:51.290129389Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:51.292684287Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:51.29433472Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:51.299869372Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:51.306066783Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:51.313728862Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:51.317031113Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:51.324468753Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:51.332448762Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:51.334793415Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:51.345943963Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:51.359830654Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:51.367437462Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:51.36943622Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:51.379842711Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:51.389715488Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:51.400969574Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:51.405054759Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:51.413028559Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:51.420305689Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:51.42339377Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:51.435469278Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:51.444492683Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:51.44849424Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:51.450978603Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:51.460470339Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:51.469908507Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:51.482211346Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:51.485520459Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:51.493459652Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:51.501758443Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:51.503816103Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:51.514774322Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:51.522382724Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:51.52652331Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:51.528424975Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:51.537403163Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:51.547907102Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:51.55933142Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:51.562478536Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:51.571396242Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:51.578932993Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:51.581067041Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:51.609788854Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:51.618310403Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:51.622719399Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:51.626020169Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:51.633629347Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:51.64238983Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:51.65488767Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:51.658139678Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:51.665250194Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:51.672420142Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:51.675153262Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:51.68656248Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:51.695244367Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:51.699196339Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:51.70132387Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:51.710591967Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:51.720105615Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:51.731211135Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:51.734448578Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:51.742668166Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:51.749463723Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:51.750928764Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:51.758461474Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:51.763274117Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:51.765396142Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:51.766944075Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:51.779465591Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:51.790541833Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:51.797538034Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:51.800285831Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:51.808593167Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:51.813430587Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:51.815555161Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:51.817569117Z	42	PC: 12b4d \| Get date 0x12b4d: cmp al, 0 0x12b4f: jne 0x12b60 0x12b51: cmp dh, 4 0x12b54: jg 0x12b60 0x12b56: mov ah, 9 0x12b58: lea dx, word ptr [bp + 0x1c7] 0x12b5c: int 0x21 0x12b5e: jmp 0x12b5e 0x12b60: mov ah, 0x1a 0x12b62: mov dx, 0x80 0x12b65: int 0x21 0x12b67: ret 0x12b68: push di 0x12b69: popaw 0x12b6a: jb 0x12bda 0x12b6c: imul bp, word ptr [bp + 0x67], 0x3320 0x12b71: xor al, 0x35 0x12b73: cmp dh, byte ptr ss:[di] 0x12b76: xor al, 0x33 0x12b78: xor ah, byte ptr [bx + si]
2018-12-25T12:28:51.819272254Z	26	PC: 12b67 \| Set disk transfer address
2018-12-25T12:28:51.820894952Z	9	PC: 12aa2 \| Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')

{"DateBased":true,"Day":6,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10692,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:28:50.568608788Z	255	PC: 12ad6 \| UNKNOWN!
2018-12-25T12:28:50.570628765Z	26	PC: 12b18 \| Set disk transfer address
2018-12-25T12:28:50.571746015Z	78	PC: 12b23 \| Find first file
2018-12-25T12:28:50.578860487Z	61	PC: 12bb6 \| Open file (Filename = 'c:\COMMAND.COM')
2018-12-25T12:28:50.585921089Z	63	PC: 12bc4 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:28:50.588703522Z	62	PC: 12bc8 \| Close file
2018-12-25T12:28:50.590510422Z	67	PC: 12c27 \| Get or set file attributes
2018-12-25T12:28:51.177617915Z	61	PC: 12c31 \| Open file (Filename = 'c:\COMMAND.COM')
2018-12-25T12:28:51.186969231Z	64	PC: 12c52 \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:28:51.191234228Z	66	PC: 12c6e \| Move file pointer
2018-12-25T12:28:51.193484884Z	64	PC: 12c7c \| Write file or device (Write 499 bytes on handle 5)
2018-12-25T12:28:51.203062903Z	62	PC: 12c83 \| Close file
2018-12-25T12:28:51.211351894Z	67	PC: 12c93 \| Get or set file attributes
2018-12-25T12:28:51.228373423Z	78	PC: 12b3b \| Find first file
2018-12-25T12:28:51.236847852Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:51.244920093Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:51.252457609Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:51.256451115Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:51.282788644Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:51.296628733Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:51.300782039Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:51.303668904Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:51.320595879Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:51.329967687Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:51.341719165Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:51.345184646Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:51.352991267Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:51.361910295Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:51.365464367Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:51.378089297Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:51.388043016Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:51.391385536Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:51.393594513Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:51.403638573Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:51.425699814Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:51.434930521Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:51.437597176Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:51.443663156Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:51.44810568Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:51.449523955Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:51.456920156Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:51.464490242Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:51.467701505Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:51.47013829Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:51.479186195Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:51.488162729Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:51.499581634Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:51.501825455Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:51.510890062Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:51.516616837Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:51.518672416Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:51.52977183Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:51.537657077Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:51.540775297Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:51.542426566Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:51.551777824Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:51.560574386Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:51.571954714Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:51.575075015Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:51.581794594Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:51.588607693Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:51.590499269Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:51.601152896Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:51.608539737Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:51.611706249Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:51.614506289Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:51.623341689Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:51.632555342Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:51.643687524Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:51.645594169Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:51.652684916Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:51.660548476Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:51.663210428Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:51.674140516Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:51.682165266Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:51.684251081Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:51.685879607Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:51.695299192Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:51.704257094Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:51.71548026Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:51.718414946Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:51.732024572Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:51.739302132Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:51.741504743Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:51.759815402Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:51.76438926Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:51.766583639Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:51.768589906Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:51.778628569Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:51.788180274Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:51.799752835Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:51.803747801Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:51.811388357Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:51.819660955Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:51.82489138Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:51.838584361Z	42	PC: 12b4d \| Get date 0x12b4d: cmp al, 0 0x12b4f: jne 0x12b60 0x12b51: cmp dh, 4 0x12b54: jg 0x12b60 0x12b56: mov ah, 9 0x12b58: lea dx, word ptr [bp + 0x1c7] 0x12b5c: int 0x21 0x12b5e: jmp 0x12b5e 0x12b60: mov ah, 0x1a 0x12b62: mov dx, 0x80 0x12b65: int 0x21 0x12b67: ret 0x12b68: push di 0x12b69: popaw 0x12b6a: jb 0x12bda 0x12b6c: imul bp, word ptr [bp + 0x67], 0x3320 0x12b71: xor al, 0x35 0x12b73: cmp dh, byte ptr ss:[di] 0x12b76: xor al, 0x33 0x12b78: xor ah, byte ptr [bx + si]
2018-12-25T12:28:51.841474638Z	9	PC: 12b5e \| Display string (String= 'Warning 3456:5432 : computer over worked - Shut down for 24 hours ')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10692,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:28:50.627648843Z	255	PC: 12ad6 \| UNKNOWN!
2018-12-25T12:28:50.628834151Z	26	PC: 12b18 \| Set disk transfer address
2018-12-25T12:28:50.629815919Z	78	PC: 12b23 \| Find first file
2018-12-25T12:28:50.635147255Z	61	PC: 12bb6 \| Open file (Filename = 'c:\COMMAND.COM')
2018-12-25T12:28:50.641308454Z	63	PC: 12bc4 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:28:50.643694516Z	62	PC: 12bc8 \| Close file
2018-12-25T12:28:50.645308765Z	67	PC: 12c27 \| Get or set file attributes
2018-12-25T12:28:51.952626612Z	61	PC: 12c31 \| Open file (Filename = 'c:\COMMAND.COM')
2018-12-25T12:28:51.959890332Z	64	PC: 12c52 \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:28:51.963230155Z	66	PC: 12c6e \| Move file pointer
2018-12-25T12:28:51.96513997Z	64	PC: 12c7c \| Write file or device (Write 499 bytes on handle 5)
2018-12-25T12:28:51.97272022Z	62	PC: 12c83 \| Close file
2018-12-25T12:28:51.980931026Z	67	PC: 12c93 \| Get or set file attributes
2018-12-25T12:28:51.990561394Z	78	PC: 12b3b \| Find first file
2018-12-25T12:28:51.99775847Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:52.004455958Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:52.01053008Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:52.012972786Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:52.028341003Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:52.035058871Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:52.037606754Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:52.039752626Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:52.050755049Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:52.058327487Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:52.064571661Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:52.06634793Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:52.070899869Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:52.07751816Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:52.079351426Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:52.089877225Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:52.098685074Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:52.103376235Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:52.10506953Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:52.111552571Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:52.117913525Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:52.12868832Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:52.131524741Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:52.138352869Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:52.157208826Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:52.160265573Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:52.177346326Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:52.184294115Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:52.188364269Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:52.19021891Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:52.199194284Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:52.208253953Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:52.21867762Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:52.221576177Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:52.22904087Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:52.235865798Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:52.239132904Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:52.249315498Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:52.257342222Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:52.260446337Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:52.262583213Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:52.271488099Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:52.279776131Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:52.289343143Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:52.292432801Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:52.298967322Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:52.30550639Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:52.307909739Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:52.317366959Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:52.32398963Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:52.327319306Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:52.328986511Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:52.336910661Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:52.345873751Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:52.355852744Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:52.358711996Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:52.371299548Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:52.377647135Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:52.379701358Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:52.39011176Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:52.394241584Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:52.396091456Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:52.397545472Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:52.402731344Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:52.408628488Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:52.417131427Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:52.420220568Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:52.430441635Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:52.43649584Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:52.438297321Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:52.44690042Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:52.453811266Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:52.45569966Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:52.456826227Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:52.463287339Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:52.476405518Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:52.486208605Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:52.488549665Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:52.495744955Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:52.500164702Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:52.503063503Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:52.50592115Z	42	PC: 12b4d \| Get date 0x12b4d: cmp al, 0 0x12b4f: jne 0x12b60 0x12b51: cmp dh, 4 0x12b54: jg 0x12b60 0x12b56: mov ah, 9 0x12b58: lea dx, word ptr [bp + 0x1c7] 0x12b5c: int 0x21 0x12b5e: jmp 0x12b5e 0x12b60: mov ah, 0x1a 0x12b62: mov dx, 0x80 0x12b65: int 0x21 0x12b67: ret 0x12b68: push di 0x12b69: popaw 0x12b6a: jb 0x12bda 0x12b6c: imul bp, word ptr [bp + 0x67], 0x3320 0x12b71: xor al, 0x35 0x12b73: cmp dh, byte ptr ss:[di] 0x12b76: xor al, 0x33 0x12b78: xor ah, byte ptr [bx + si]
2018-12-25T12:28:52.508196223Z	26	PC: 12b67 \| Set disk transfer address
2018-12-25T12:28:52.509847377Z	9	PC: 12aa2 \| Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')

{"DateBased":true,"Day":6,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10692,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:28:50.939687546Z	255	PC: 12ad6 \| UNKNOWN!
2018-12-25T12:28:50.941501449Z	26	PC: 12b18 \| Set disk transfer address
2018-12-25T12:28:50.942841672Z	78	PC: 12b23 \| Find first file
2018-12-25T12:28:50.948424308Z	61	PC: 12bb6 \| Open file (Filename = 'c:\COMMAND.COM')
2018-12-25T12:28:50.954892874Z	63	PC: 12bc4 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:28:50.957300602Z	62	PC: 12bc8 \| Close file
2018-12-25T12:28:50.958877409Z	67	PC: 12c27 \| Get or set file attributes
2018-12-25T12:28:51.95290787Z	61	PC: 12c31 \| Open file (Filename = 'c:\COMMAND.COM')
2018-12-25T12:28:51.964403093Z	64	PC: 12c52 \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:28:51.966696636Z	66	PC: 12c6e \| Move file pointer
2018-12-25T12:28:51.968223131Z	64	PC: 12c7c \| Write file or device (Write 499 bytes on handle 5)
2018-12-25T12:28:51.973005224Z	62	PC: 12c83 \| Close file
2018-12-25T12:28:51.977699928Z	67	PC: 12c93 \| Get or set file attributes
2018-12-25T12:28:51.984177787Z	78	PC: 12b3b \| Find first file
2018-12-25T12:28:52.002990149Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:52.010975851Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:52.017809123Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:52.020165313Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:52.051406122Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:52.063423364Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:52.070005184Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:52.071887874Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:52.080371492Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:52.089006219Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:52.099080203Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:52.102034286Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:52.109344112Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:52.11664235Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:52.118778936Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:52.129300179Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:52.13589149Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:52.138819972Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:52.141155125Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:52.149309557Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:52.157491547Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:52.168586161Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:52.171736286Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:52.179094959Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:52.186797005Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:52.188836869Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:52.199503024Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:52.206668661Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:52.209918568Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:52.21145599Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:52.220222139Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:52.22974865Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:52.240145374Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:52.243123033Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:52.250656961Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:52.256905948Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:52.259485515Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:52.269932998Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:52.276643212Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:52.27959085Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:52.282300703Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:52.290649238Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:52.298666075Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:52.313081293Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:52.316276257Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:52.322955581Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:52.330928727Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:52.333220287Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:52.343088118Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:52.351174623Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:52.35387296Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:52.355348371Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:52.363474428Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:52.372742705Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:52.382700033Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:52.385157573Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:52.392678662Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:52.398968318Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:52.401071867Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:52.411817979Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:52.418730724Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:52.421674003Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:52.424357004Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:52.432932862Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:52.441072652Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:52.451967189Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:52.467776622Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:52.474206154Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:52.481259826Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:52.48307876Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:52.499927058Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:52.508260949Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:52.511285877Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:52.512534824Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:52.519963969Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:52.527554494Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:52.536066274Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:52.538978952Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:52.544349398Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:52.54964033Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:52.551824953Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:52.554101508Z	42	PC: 12b4d \| Get date 0x12b4d: cmp al, 0 0x12b4f: jne 0x12b60 0x12b51: cmp dh, 4 0x12b54: jg 0x12b60 0x12b56: mov ah, 9 0x12b58: lea dx, word ptr [bp + 0x1c7] 0x12b5c: int 0x21 0x12b5e: jmp 0x12b5e 0x12b60: mov ah, 0x1a 0x12b62: mov dx, 0x80 0x12b65: int 0x21 0x12b67: ret 0x12b68: push di 0x12b69: popaw 0x12b6a: jb 0x12bda 0x12b6c: imul bp, word ptr [bp + 0x67], 0x3320 0x12b71: xor al, 0x35 0x12b73: cmp dh, byte ptr ss:[di] 0x12b76: xor al, 0x33 0x12b78: xor ah, byte ptr [bx + si]
2018-12-25T12:28:52.555862302Z	9	PC: 12b5e \| Display string (String= 'Warning 3456:5432 : computer over worked - Shut down for 24 hours ')

{"DateBased":true,"Day":4,"Month":5,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10692,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:28:53.649162807Z	255	PC: 12ad6 \| UNKNOWN!
2018-12-25T12:28:53.650540265Z	26	PC: 12b18 \| Set disk transfer address
2018-12-25T12:28:53.651582465Z	78	PC: 12b23 \| Find first file
2018-12-25T12:28:53.655155491Z	61	PC: 12bb6 \| Open file (Filename = 'c:\COMMAND.COM')
2018-12-25T12:28:53.661459736Z	63	PC: 12bc4 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:28:53.663737385Z	62	PC: 12bc8 \| Close file
2018-12-25T12:28:53.66483976Z	67	PC: 12c27 \| Get or set file attributes
2018-12-25T12:28:53.99465851Z	61	PC: 12c31 \| Open file (Filename = 'c:\COMMAND.COM')
2018-12-25T12:28:54.000693591Z	64	PC: 12c52 \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:28:54.003375157Z	66	PC: 12c6e \| Move file pointer
2018-12-25T12:28:54.00503074Z	64	PC: 12c7c \| Write file or device (Write 499 bytes on handle 5)
2018-12-25T12:28:54.012253644Z	62	PC: 12c83 \| Close file
2018-12-25T12:28:54.019724963Z	67	PC: 12c93 \| Get or set file attributes
2018-12-25T12:28:54.028479962Z	78	PC: 12b3b \| Find first file
2018-12-25T12:28:54.035120188Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:54.041955719Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:54.048303211Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:54.050339686Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:54.075616361Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:54.082746054Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:54.086262187Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:54.087755153Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:54.096193565Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:54.104222318Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:54.113734562Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:54.116168885Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:54.122866763Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:54.129165786Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:54.130885577Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:54.141097532Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:54.152253783Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:54.159016139Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:54.16100871Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:54.169123026Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:54.177180062Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:54.187950948Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:54.190885998Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:54.197562591Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:54.205120349Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:54.20721498Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:54.217282269Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:54.224392205Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:54.228271377Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:54.230417371Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:54.23934549Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:54.258708112Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:54.268292457Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:54.270847554Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:54.278106851Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:54.284269645Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:54.286002152Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:54.296862736Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:54.303202888Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:54.305830256Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:54.307959545Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:54.315925594Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:54.323669727Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:54.334085117Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:54.336712438Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:54.343208465Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:54.350332869Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:54.352038949Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:54.364302246Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:54.371051406Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:54.377469181Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:54.378865665Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:54.682273265Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:54.691770432Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:54.701637843Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:54.705098728Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:54.711488718Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:54.7180065Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:54.720434923Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:54.73077242Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:54.737348815Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:54.741200312Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:54.74349716Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:54.752023369Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:54.760609301Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:54.771525632Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:54.774495409Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:54.786669157Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:54.794400368Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:54.796474045Z	67	PC: 12c27 \| Get or set file attributes (See above)
2018-12-25T12:28:54.806406869Z	61	PC: 12c31 \| Open file (See above)
2018-12-25T12:28:54.814133093Z	64	PC: 12c52 \| Write file or device (See above)
2018-12-25T12:28:54.817156088Z	66	PC: 12c6e \| Move file pointer (See above)
2018-12-25T12:28:54.818964927Z	64	PC: 12c7c \| Write file or device (See above)
2018-12-25T12:28:54.827714333Z	62	PC: 12c83 \| Close file (See above)
2018-12-25T12:28:54.835758967Z	67	PC: 12c93 \| Get or set file attributes (See above)
2018-12-25T12:28:54.845951104Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:54.849824376Z	61	PC: 12bb6 \| Open file (See above)
2018-12-25T12:28:54.856370954Z	63	PC: 12bc4 \| Read file or device (See above)
2018-12-25T12:28:54.862921142Z	62	PC: 12bc8 \| Close file (See above)
2018-12-25T12:28:54.866220907Z	79	PC: 12b3b \| Find next file (See above)
2018-12-25T12:28:54.869026167Z	42	PC: 12b4d \| Get date 0x12b4d: cmp al, 0 0x12b4f: jne 0x12b60 0x12b51: cmp dh, 4 0x12b54: jg 0x12b60 0x12b56: mov ah, 9 0x12b58: lea dx, word ptr [bp + 0x1c7] 0x12b5c: int 0x21 0x12b5e: jmp 0x12b5e 0x12b60: mov ah, 0x1a 0x12b62: mov dx, 0x80 0x12b65: int 0x21 0x12b67: ret 0x12b68: push di 0x12b69: popaw 0x12b6a: jb 0x12bda 0x12b6c: imul bp, word ptr [bp + 0x67], 0x3320 0x12b71: xor al, 0x35 0x12b73: cmp dh, byte ptr ss:[di] 0x12b76: xor al, 0x33 0x12b78: xor ah, byte ptr [bx + si]
2018-12-25T12:28:54.871073658Z	26	PC: 12b67 \| Set disk transfer address
2018-12-25T12:28:54.872937548Z	9	PC: 12aa2 \| Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')