Sample viewer

vx.netlux.org/Virus.DOS.Mahon.1364.b

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:52:34.915608296Z 71 PC: 12c87 | Get current directory
2018-12-17T22:52:34.919770648Z 53 PC: 12c8d | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:52:34.922668255Z 37 PC: 12c9e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:52:34.924351875Z 25 PC: 12a82 | Get default drive
2018-12-17T22:52:34.926238574Z 14 PC: 12a90 | Set default drive (Drive = 'C')
2018-12-17T22:52:34.928019135Z 59 PC: 12a98 | Change current directory
2018-12-17T22:52:34.93965955Z 26 PC: 12aa0 | Set disk transfer address
2018-12-17T22:52:34.94130958Z 78 PC: 12aab | Find first file
2018-12-17T22:52:34.948271786Z 78 PC: 12b33 | Find first file
2018-12-17T22:52:34.95468879Z 61 PC: 12b4a | Open file (Filename = '�!r%P�+£`��X�N�O������I�!��')
2018-12-17T22:52:34.96186675Z 87 PC: 12ca7 | Get or set file date and time
2018-12-17T22:52:34.964689013Z 87 PC: 12d14 | Get or set file date and time
2018-12-17T22:52:34.966816078Z 62 PC: 12bc9 | Close file
2018-12-17T22:52:35.298549811Z 79 PC: 12b3c | Find next file
2018-12-17T22:52:35.30321729Z 59 PC: 12bd4 | Change current directory
2018-12-17T22:52:35.308152463Z 25 PC: 12bdd | Get default drive
2018-12-17T22:52:35.309746068Z 14 PC: 12be7 | Set default drive (Drive = 'A')
2018-12-17T22:52:35.312123418Z 78 PC: 12aab | Find first file
2018-12-17T22:52:35.319141645Z 78 PC: 12b33 | Find first file
2018-12-17T22:52:35.325781221Z 61 PC: 12b4a | Open file (Filename = '�!r%P�+£`��X�N�O������I�!��')
2018-12-17T22:52:35.334259948Z 87 PC: 12ca7 | Get or set file date and time
2018-12-17T22:52:35.336070796Z 66 PC: 12b66 | Move file pointer
2018-12-17T22:52:35.338064063Z 66 PC: 12b75 | Move file pointer
2018-12-17T22:52:35.339923657Z 63 PC: 12b80 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:52:35.347765748Z 66 PC: 12b9f | Move file pointer
2018-12-17T22:52:35.349752142Z 64 PC: 12baa | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:52:35.353133801Z 66 PC: 12bb2 | Move file pointer
2018-12-17T22:52:35.361923959Z 64 PC: 12bc2 | Write file or device (Write 1364 bytes on handle 5)
2018-12-17T22:52:35.378832081Z 87 PC: 12d14 | Get or set file date and time
2018-12-17T22:52:35.381128175Z 62 PC: 12bc9 | Close file
2018-12-17T22:52:35.391220403Z 79 PC: 12b3c | Find next file
2018-12-17T22:52:35.394610336Z 61 PC: 12b4a | Open file (Filename = '�!r%P�+£`��X�N�O������I�!��')
2018-12-17T22:52:35.402148617Z 87 PC: 12ca7 | Get or set file date and time
2018-12-17T22:52:35.405230613Z 66 PC: 12b66 | Move file pointer
2018-12-17T22:52:35.406906878Z 66 PC: 12b75 | Move file pointer
2018-12-17T22:52:35.408609018Z 63 PC: 12b80 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:52:35.416831418Z 66 PC: 12b9f | Move file pointer
2018-12-17T22:52:35.421401879Z 64 PC: 12baa | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:52:35.427667753Z 66 PC: 12bb2 | Move file pointer
2018-12-17T22:52:35.433833151Z 64 PC: 12bc2 | Write file or device (Write 1364 bytes on handle 5)
2018-12-17T22:52:35.449698431Z 87 PC: 12d14 | Get or set file date and time
2018-12-17T22:52:35.455216105Z 62 PC: 12bc9 | Close file
2018-12-17T22:52:35.465126996Z 79 PC: 12b3c | Find next file
2018-12-17T22:52:35.468754948Z 61 PC: 12b4a | Open file (Filename = '�!r%P�+£`��X�N�O������I�!��')
2018-12-17T22:52:35.476216614Z 87 PC: 12ca7 | Get or set file date and time
2018-12-17T22:52:35.478186521Z 66 PC: 12b66 | Move file pointer
2018-12-17T22:52:35.48063631Z 66 PC: 12b75 | Move file pointer
2018-12-17T22:52:35.48208559Z 63 PC: 12b80 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:52:35.48930479Z 66 PC: 12b9f | Move file pointer
2018-12-17T22:52:35.491659525Z 64 PC: 12baa | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:52:35.495069814Z 66 PC: 12bb2 | Move file pointer
2018-12-17T22:52:35.49704Z 64 PC: 12bc2 | Write file or device (Write 1364 bytes on handle 5)
2018-12-17T22:52:35.507787339Z 87 PC: 12d14 | Get or set file date and time
2018-12-17T22:52:35.509655578Z 62 PC: 12bc9 | Close file
2018-12-17T22:52:35.518376486Z 79 PC: 12b3c | Find next file
2018-12-17T22:52:35.522817994Z 61 PC: 12b4a | Open file (Filename = '�!r%P�+£`��X�N�O������I�!��')
2018-12-17T22:52:35.531088284Z 87 PC: 12ca7 | Get or set file date and time
2018-12-17T22:52:35.532799407Z 66 PC: 12b66 | Move file pointer
2018-12-17T22:52:35.53479662Z 66 PC: 12b75 | Move file pointer
2018-12-17T22:52:35.536854855Z 63 PC: 12b80 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:52:35.544251536Z 66 PC: 12b9f | Move file pointer
2018-12-17T22:52:35.546076826Z 64 PC: 12baa | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:52:35.549538167Z 66 PC: 12bb2 | Move file pointer
2018-12-17T22:52:35.551543328Z 64 PC: 12bc2 | Write file or device (Write 1364 bytes on handle 5)
2018-12-17T22:52:35.56139775Z 87 PC: 12d14 | Get or set file date and time
2018-12-17T22:52:35.56412777Z 62 PC: 12bc9 | Close file
2018-12-17T22:52:35.57289941Z 79 PC: 12b3c | Find next file
2018-12-17T22:52:35.575987271Z 61 PC: 12b4a | Open file (Filename = '�!r%P�+£`��X�N�O������I�!��')
2018-12-17T22:52:35.584168668Z 87 PC: 12ca7 | Get or set file date and time
2018-12-17T22:52:35.585845081Z 66 PC: 12b66 | Move file pointer
2018-12-17T22:52:35.587532801Z 66 PC: 12b75 | Move file pointer
2018-12-17T22:52:35.589822017Z 63 PC: 12b80 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:52:35.597334339Z 66 PC: 12b9f | Move file pointer
2018-12-17T22:52:35.598905515Z 64 PC: 12baa | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:52:35.602432305Z 66 PC: 12bb2 | Move file pointer
2018-12-17T22:52:35.603944145Z 64 PC: 12bc2 | Write file or device (Write 1364 bytes on handle 5)
2018-12-17T22:52:35.613869781Z 87 PC: 12d14 | Get or set file date and time
2018-12-17T22:52:35.616126816Z 62 PC: 12bc9 | Close file
2018-12-17T22:52:35.624695443Z 79 PC: 12b3c | Find next file
2018-12-17T22:52:35.627610155Z 61 PC: 12b4a | Open file (Filename = '�!r%P�+£`��X�N�O������I�!��')
2018-12-17T22:52:35.635735164Z 87 PC: 12ca7 | Get or set file date and time
2018-12-17T22:52:35.636932449Z 66 PC: 12b66 | Move file pointer
2018-12-17T22:52:35.63866877Z 66 PC: 12b75 | Move file pointer
2018-12-17T22:52:35.640264637Z 63 PC: 12b80 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:52:35.64782726Z 66 PC: 12b9f | Move file pointer
2018-12-17T22:52:35.649697191Z 64 PC: 12baa | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:52:35.653365292Z 66 PC: 12bb2 | Move file pointer
2018-12-17T22:52:35.655482851Z 64 PC: 12bc2 | Write file or device (Write 1364 bytes on handle 5)
2018-12-17T22:52:35.666070822Z 87 PC: 12d14 | Get or set file date and time
2018-12-17T22:52:35.679339626Z 62 PC: 12bc9 | Close file
2018-12-17T22:52:35.689338054Z 79 PC: 12b3c | Find next file
2018-12-17T22:52:35.692911587Z 61 PC: 12b4a | Open file (Filename = '�!r%P�+£`��X�N�O������I�!��')
2018-12-17T22:52:35.699731454Z 87 PC: 12ca7 | Get or set file date and time
2018-12-17T22:52:35.701678738Z 66 PC: 12b66 | Move file pointer
2018-12-17T22:52:35.702947066Z 66 PC: 12b75 | Move file pointer
2018-12-17T22:52:35.704147081Z 63 PC: 12b80 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:52:35.710125531Z 66 PC: 12b9f | Move file pointer
2018-12-17T22:52:35.711491889Z 64 PC: 12baa | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:52:35.713630878Z 66 PC: 12bb2 | Move file pointer
2018-12-17T22:52:35.715777002Z 64 PC: 12bc2 | Write file or device (Write 1364 bytes on handle 5)
2018-12-17T22:52:35.726729561Z 87 PC: 12d14 | Get or set file date and time
2018-12-17T22:52:35.728694162Z 62 PC: 12bc9 | Close file
2018-12-17T22:52:35.738409426Z 79 PC: 12b3c | Find next file
2018-12-17T22:52:35.747706421Z 61 PC: 12b4a | Open file (Filename = '�!r%P�+£`��X�N�O������I�!��')
2018-12-17T22:52:35.755728251Z 87 PC: 12ca7 | Get or set file date and time
2018-12-17T22:52:35.758085652Z 66 PC: 12b66 | Move file pointer
2018-12-17T22:52:35.760059858Z 66 PC: 12b75 | Move file pointer
2018-12-17T22:52:35.761412699Z 63 PC: 12b80 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:52:35.764715707Z 87 PC: 12d14 | Get or set file date and time
2018-12-17T22:52:35.766373672Z 62 PC: 12bc9 | Close file
2018-12-17T22:52:35.774261438Z 79 PC: 12b3c | Find next file
2018-12-17T22:52:35.77727633Z 59 PC: 12bd4 | Change current directory
2018-12-17T22:52:35.781719358Z 25 PC: 12bdd | Get default drive
2018-12-17T22:52:35.782981197Z 42 PC: 12bee | Get date 0x12bee: cmp dh, 0xc
0x12bf1: jne 0x12c29
0x12bf3: cmp dl, 0x19
0x12bf6: jne 0x12c29
0x12bf8: mov ah, 9
0x12bfa: lea dx, word ptr [bp + 0x4c7]
0x12bfe: int 0x21
0x12c00: mov ah, 1
0x12c02: mov dx, 0
0x12c05: int 0x17
0x12c07: lea si, word ptr [bp + 0x543]
0x12c0b: mov cx, 0x115
0x12c0e: mov ah, 0
0x12c10: lodsb al, byte ptr [si]
0x12c11: int 0x17
0x12c13: loop 0x12c0e
0x12c15: mov ah, 3
0x12c17: mov al, 1
0x12c19: mov ch, 1
0x12c1b: mov cl, 1
2018-12-17T22:52:35.785817964Z 14 PC: 12c31 | Set default drive (Drive = 'A')
2018-12-17T22:52:35.78724477Z 59 PC: 12c39 | Change current directory
2018-12-17T22:52:35.789232623Z 37 PC: 12d1e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:52:35.791583205Z 26 PC: 12c79 | Set disk transfer address

{"DateBased":true,"Day":25,"Month":12,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10930,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:29:35.768139867Z 71 PC: 12c87 | Get current directory
2018-12-25T12:29:35.770757666Z 53 PC: 12c8d | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:29:35.771731597Z 37 PC: 12c9e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:29:35.772715035Z 25 PC: 12a82 | Get default drive
2018-12-25T12:29:35.77427731Z 14 PC: 12a90 | Set default drive (Drive = 'C')
2018-12-25T12:29:35.775397181Z 59 PC: 12a98 | Change current directory
2018-12-25T12:29:35.781726849Z 26 PC: 12aa0 | Set disk transfer address
2018-12-25T12:29:35.782874319Z 78 PC: 12aab | Find first file
2018-12-25T12:29:35.786502523Z 78 PC: 12b33 | Find first file
2018-12-25T12:29:35.789808788Z 61 PC: 12b4a | Open file (Filename = '�!r%P�+£`��X�N�O������I�!��')
2018-12-25T12:29:35.793567443Z 87 PC: 12ca7 | Get or set file date and time
2018-12-25T12:29:35.795033284Z 87 PC: 12d14 | Get or set file date and time
2018-12-25T12:29:35.796088071Z 62 PC: 12bc9 | Close file
2018-12-25T12:29:37.243177374Z 79 PC: 12b3c | Find next file
2018-12-25T12:29:37.249746138Z 59 PC: 12bd4 | Change current directory
2018-12-25T12:29:37.253834073Z 25 PC: 12bdd | Get default drive
2018-12-25T12:29:37.255566266Z 14 PC: 12be7 | Set default drive (Drive = 'A')
2018-12-25T12:29:37.258244317Z 78 PC: 12aab | Find first file (See above)
2018-12-25T12:29:37.26418103Z 78 PC: 12b33 | Find first file (See above)
2018-12-25T12:29:37.270606249Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:37.275601953Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:37.277178464Z 66 PC: 12b66 | Move file pointer
2018-12-25T12:29:37.278862647Z 66 PC: 12b75 | Move file pointer
2018-12-25T12:29:37.28134223Z 63 PC: 12b80 | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:29:37.285625001Z 66 PC: 12b9f | Move file pointer
2018-12-25T12:29:37.286734161Z 64 PC: 12baa | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:29:37.289025807Z 66 PC: 12bb2 | Move file pointer
2018-12-25T12:29:37.290869132Z 64 PC: 12bc2 | Write file or device (Write 1364 bytes on handle 5)
2018-12-25T12:29:37.414214354Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:37.416393305Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:37.4243734Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:37.427336889Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:37.435140167Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:37.437008137Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:29:37.438796418Z 66 PC: 12b75 | Move file pointer (See above)
2018-12-25T12:29:37.441643751Z 63 PC: 12b80 | Read file or device (See above)
2018-12-25T12:29:37.449456217Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:29:37.451020762Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:29:37.453913115Z 66 PC: 12bb2 | Move file pointer (See above)
2018-12-25T12:29:37.458825456Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T12:29:37.475561426Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:37.477141547Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:37.482894289Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:37.485815824Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:37.494357267Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:37.496568992Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:29:37.49820823Z 66 PC: 12b75 | Move file pointer (See above)
2018-12-25T12:29:37.509754131Z 63 PC: 12b80 | Read file or device (See above)
2018-12-25T12:29:37.517508913Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:29:37.518852557Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:29:37.521513317Z 66 PC: 12bb2 | Move file pointer (See above)
2018-12-25T12:29:37.523813155Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T12:29:37.53313843Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:37.534646998Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:37.543806212Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:37.546629819Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:37.553444807Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:37.555852916Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:29:37.557941521Z 66 PC: 12b75 | Move file pointer (See above)
2018-12-25T12:29:37.559607638Z 63 PC: 12b80 | Read file or device (See above)
2018-12-25T12:29:37.567550579Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:29:37.569573787Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:29:37.572537683Z 66 PC: 12bb2 | Move file pointer (See above)
2018-12-25T12:29:37.575433699Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T12:29:37.583450318Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:37.58529036Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:37.593725541Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:37.598440536Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:37.605281946Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:37.606880009Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:29:37.609498318Z 66 PC: 12b75 | Move file pointer (See above)
2018-12-25T12:29:37.611587301Z 63 PC: 12b80 | Read file or device (See above)
2018-12-25T12:29:37.618173297Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:29:37.620964931Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:29:37.623804867Z 66 PC: 12bb2 | Move file pointer (See above)
2018-12-25T12:29:37.625447152Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T12:29:37.635125061Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:37.636627201Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:37.64415848Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:37.648520222Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:37.655206137Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:37.657286804Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:29:37.659804121Z 66 PC: 12b75 | Move file pointer (See above)
2018-12-25T12:29:37.661671685Z 63 PC: 12b80 | Read file or device (See above)
2018-12-25T12:29:37.668556451Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:29:37.670993294Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:29:37.673821274Z 66 PC: 12bb2 | Move file pointer (See above)
2018-12-25T12:29:37.675832683Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T12:29:37.685350276Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:37.687294828Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:37.694853902Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:37.698479534Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:37.704903714Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:37.706213313Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:29:37.707737437Z 66 PC: 12b75 | Move file pointer (See above)
2018-12-25T12:29:37.709492495Z 63 PC: 12b80 | Read file or device (See above)
2018-12-25T12:29:37.718480157Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:29:37.721834137Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:29:37.72742733Z 66 PC: 12bb2 | Move file pointer (See above)
2018-12-25T12:29:37.729146424Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T12:29:37.738399022Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:37.741133739Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:37.74882476Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:37.751747426Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:37.759368964Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:37.761013996Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:29:37.762704061Z 66 PC: 12b75 | Move file pointer (See above)
2018-12-25T12:29:37.765266457Z 63 PC: 12b80 | Read file or device (See above)
2018-12-25T12:29:37.76800208Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:37.769734872Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:37.777638295Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:37.780539635Z 59 PC: 12bd4 | Change current directory (See above)
2018-12-25T12:29:37.78479978Z 25 PC: 12bdd | Get default drive (See above)
2018-12-25T12:29:37.786860055Z 42 PC: 12bee | Get date 0x12bee: cmp dh, 0xc
0x12bf1: jne 0x12c29
0x12bf3: cmp dl, 0x19
0x12bf6: jne 0x12c29
0x12bf8: mov ah, 9
0x12bfa: lea dx, word ptr [bp + 0x4c7]
0x12bfe: int 0x21
0x12c00: mov ah, 1
0x12c02: mov dx, 0
0x12c05: int 0x17
0x12c07: lea si, word ptr [bp + 0x543]
0x12c0b: mov cx, 0x115
0x12c0e: mov ah, 0
0x12c10: lodsb al, byte ptr [si]
0x12c11: int 0x17
0x12c13: loop 0x12c0e
0x12c15: mov ah, 3
0x12c17: mov al, 1
0x12c19: mov ch, 1
0x12c1b: mov cl, 1
2018-12-25T12:29:37.789490148Z 9 PC: 12c00 | Display string (Could not find end pointer)
2018-12-25T12:29:37.804805486Z 14 PC: 12c31 | Set default drive (Drive = 'A')
2018-12-25T12:29:37.807073865Z 59 PC: 12c39 | Change current directory
2018-12-25T12:29:37.809353375Z 37 PC: 12d1e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:29:37.810728318Z 26 PC: 12c79 | Set disk transfer address

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10930,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:29:35.794688585Z 71 PC: 12c87 | Get current directory
2018-12-25T12:29:35.79788989Z 53 PC: 12c8d | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:29:35.798915072Z 37 PC: 12c9e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:29:35.799861433Z 25 PC: 12a82 | Get default drive
2018-12-25T12:29:35.801165681Z 14 PC: 12a90 | Set default drive (Drive = 'C')
2018-12-25T12:29:35.80223217Z 59 PC: 12a98 | Change current directory
2018-12-25T12:29:35.811820814Z 26 PC: 12aa0 | Set disk transfer address
2018-12-25T12:29:35.813603016Z 78 PC: 12aab | Find first file
2018-12-25T12:29:35.818728044Z 78 PC: 12b33 | Find first file
2018-12-25T12:29:35.823730047Z 61 PC: 12b4a | Open file (Filename = '�!r%P�+£`��X�N�O������I�!��')
2018-12-25T12:29:35.82953208Z 87 PC: 12ca7 | Get or set file date and time
2018-12-25T12:29:35.831420914Z 87 PC: 12d14 | Get or set file date and time
2018-12-25T12:29:35.833420351Z 62 PC: 12bc9 | Close file
2018-12-25T12:29:37.242885048Z 79 PC: 12b3c | Find next file
2018-12-25T12:29:37.247641558Z 59 PC: 12bd4 | Change current directory
2018-12-25T12:29:37.251179235Z 25 PC: 12bdd | Get default drive
2018-12-25T12:29:37.25210698Z 14 PC: 12be7 | Set default drive (Drive = 'A')
2018-12-25T12:29:37.255047374Z 78 PC: 12aab | Find first file (See above)
2018-12-25T12:29:37.262013449Z 78 PC: 12b33 | Find first file (See above)
2018-12-25T12:29:37.268230624Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:37.275815598Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:37.277224738Z 66 PC: 12b66 | Move file pointer
2018-12-25T12:29:37.278964049Z 66 PC: 12b75 | Move file pointer
2018-12-25T12:29:37.281762419Z 63 PC: 12b80 | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:29:37.288363822Z 66 PC: 12b9f | Move file pointer
2018-12-25T12:29:37.290185995Z 64 PC: 12baa | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:29:37.294079391Z 66 PC: 12bb2 | Move file pointer
2018-12-25T12:29:37.296395847Z 64 PC: 12bc2 | Write file or device (Write 1364 bytes on handle 5)
2018-12-25T12:29:37.414473095Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:37.418787331Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:37.426882583Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:37.42970245Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:37.439990394Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:37.442323966Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:29:37.444077449Z 66 PC: 12b75 | Move file pointer (See above)
2018-12-25T12:29:37.447464696Z 63 PC: 12b80 | Read file or device (See above)
2018-12-25T12:29:37.456700418Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:29:37.460626957Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:29:37.466468914Z 66 PC: 12bb2 | Move file pointer (See above)
2018-12-25T12:29:37.468250234Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T12:29:37.47675578Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:37.479194163Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:37.496429564Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:37.499319005Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:37.506964331Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:37.509740527Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:29:37.511476634Z 66 PC: 12b75 | Move file pointer (See above)
2018-12-25T12:29:37.513156161Z 63 PC: 12b80 | Read file or device (See above)
2018-12-25T12:29:37.520666479Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:29:37.522815662Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:29:37.52634323Z 66 PC: 12bb2 | Move file pointer (See above)
2018-12-25T12:29:37.528841635Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T12:29:37.537326157Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:37.539095641Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:37.547523206Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:37.550731273Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:37.557253015Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:37.55956975Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:29:37.561519495Z 66 PC: 12b75 | Move file pointer (See above)
2018-12-25T12:29:37.563040628Z 63 PC: 12b80 | Read file or device (See above)
2018-12-25T12:29:37.570109771Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:29:37.572050698Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:29:37.574795939Z 66 PC: 12bb2 | Move file pointer (See above)
2018-12-25T12:29:37.576531752Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T12:29:37.58608428Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:37.587806072Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:37.595430596Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:37.598793888Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:37.605178422Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:37.606747138Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:29:37.608803201Z 66 PC: 12b75 | Move file pointer (See above)
2018-12-25T12:29:37.610297877Z 63 PC: 12b80 | Read file or device (See above)
2018-12-25T12:29:37.616539508Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:29:37.618743483Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:29:37.621540558Z 66 PC: 12bb2 | Move file pointer (See above)
2018-12-25T12:29:37.623127406Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T12:29:37.632243998Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:37.633671507Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:37.640904703Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:37.644315483Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:37.651713195Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:37.653346889Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:29:37.655617356Z 66 PC: 12b75 | Move file pointer (See above)
2018-12-25T12:29:37.65717157Z 63 PC: 12b80 | Read file or device (See above)
2018-12-25T12:29:37.66349714Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:29:37.66581764Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:29:37.668776076Z 66 PC: 12bb2 | Move file pointer (See above)
2018-12-25T12:29:37.670356788Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T12:29:37.679529738Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:37.681257079Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:37.689029058Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:37.692398025Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:37.698991667Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:37.700596857Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:29:37.70303951Z 66 PC: 12b75 | Move file pointer (See above)
2018-12-25T12:29:37.704851389Z 63 PC: 12b80 | Read file or device (See above)
2018-12-25T12:29:37.711099426Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:29:37.713030425Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:29:37.715245736Z 66 PC: 12bb2 | Move file pointer (See above)
2018-12-25T12:29:37.716763037Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T12:29:37.723108373Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:37.724312158Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:37.72934316Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:37.732008943Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:37.736173943Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:37.737368037Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:29:37.739071142Z 66 PC: 12b75 | Move file pointer (See above)
2018-12-25T12:29:37.740215784Z 63 PC: 12b80 | Read file or device (See above)
2018-12-25T12:29:37.742212063Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:37.743786245Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:37.748283264Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:37.749909527Z 59 PC: 12bd4 | Change current directory (See above)
2018-12-25T12:29:37.753340736Z 25 PC: 12bdd | Get default drive (See above)
2018-12-25T12:29:37.754431315Z 42 PC: 12bee | Get date 0x12bee: cmp dh, 0xc
0x12bf1: jne 0x12c29
0x12bf3: cmp dl, 0x19
0x12bf6: jne 0x12c29
0x12bf8: mov ah, 9
0x12bfa: lea dx, word ptr [bp + 0x4c7]
0x12bfe: int 0x21
0x12c00: mov ah, 1
0x12c02: mov dx, 0
0x12c05: int 0x17
0x12c07: lea si, word ptr [bp + 0x543]
0x12c0b: mov cx, 0x115
0x12c0e: mov ah, 0
0x12c10: lodsb al, byte ptr [si]
0x12c11: int 0x17
0x12c13: loop 0x12c0e
0x12c15: mov ah, 3
0x12c17: mov al, 1
0x12c19: mov ch, 1
0x12c1b: mov cl, 1
2018-12-25T12:29:37.755921226Z 14 PC: 12c31 | Set default drive (Drive = 'A')
2018-12-25T12:29:37.757469556Z 59 PC: 12c39 | Change current directory
2018-12-25T12:29:37.75883058Z 37 PC: 12d1e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:29:37.759825535Z 26 PC: 12c79 | Set disk transfer address

{"DateBased":true,"Day":1,"Month":12,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10930,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:29:36.345820268Z 71 PC: 12c87 | Get current directory
2018-12-25T12:29:36.349135097Z 53 PC: 12c8d | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:29:36.350499209Z 37 PC: 12c9e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:29:36.351773327Z 25 PC: 12a82 | Get default drive
2018-12-25T12:29:36.353566462Z 14 PC: 12a90 | Set default drive (Drive = 'C')
2018-12-25T12:29:36.355988934Z 59 PC: 12a98 | Change current directory
2018-12-25T12:29:36.366819117Z 26 PC: 12aa0 | Set disk transfer address
2018-12-25T12:29:36.368413097Z 78 PC: 12aab | Find first file
2018-12-25T12:29:36.374331777Z 78 PC: 12b33 | Find first file
2018-12-25T12:29:36.379916642Z 61 PC: 12b4a | Open file (Filename = '�!r%P�+£`��X�N�O������I�!��')
2018-12-25T12:29:36.386128657Z 87 PC: 12ca7 | Get or set file date and time
2018-12-25T12:29:36.387960619Z 87 PC: 12d14 | Get or set file date and time
2018-12-25T12:29:36.389449025Z 62 PC: 12bc9 | Close file
2018-12-25T12:29:37.402379871Z 79 PC: 12b3c | Find next file
2018-12-25T12:29:37.406000252Z 59 PC: 12bd4 | Change current directory
2018-12-25T12:29:37.409880794Z 25 PC: 12bdd | Get default drive
2018-12-25T12:29:37.411292699Z 14 PC: 12be7 | Set default drive (Drive = 'A')
2018-12-25T12:29:37.41434672Z 78 PC: 12aab | Find first file (See above)
2018-12-25T12:29:37.420179299Z 78 PC: 12b33 | Find first file (See above)
2018-12-25T12:29:37.425827043Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:37.43260472Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:37.435087934Z 66 PC: 12b66 | Move file pointer
2018-12-25T12:29:37.436667911Z 66 PC: 12b75 | Move file pointer
2018-12-25T12:29:37.439523336Z 63 PC: 12b80 | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:29:37.44618311Z 66 PC: 12b9f | Move file pointer
2018-12-25T12:29:37.447790953Z 64 PC: 12baa | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:29:37.451336477Z 66 PC: 12bb2 | Move file pointer
2018-12-25T12:29:37.452908925Z 64 PC: 12bc2 | Write file or device (Write 1364 bytes on handle 5)
2018-12-25T12:29:37.473101923Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:37.47578054Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:37.486629095Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:37.49086848Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:37.498787884Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:37.500889436Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:29:37.502850717Z 66 PC: 12b75 | Move file pointer (See above)
2018-12-25T12:29:37.504719151Z 63 PC: 12b80 | Read file or device (See above)
2018-12-25T12:29:37.523117382Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:29:37.524478567Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:29:37.527071479Z 66 PC: 12bb2 | Move file pointer (See above)
2018-12-25T12:29:37.538906777Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T12:29:37.54740526Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:37.54894205Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:37.557033145Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:37.559611292Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:37.566000752Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:37.56803381Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:29:37.569333647Z 66 PC: 12b75 | Move file pointer (See above)
2018-12-25T12:29:37.570574195Z 63 PC: 12b80 | Read file or device (See above)
2018-12-25T12:29:37.57822554Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:29:37.579594222Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:29:37.582119385Z 66 PC: 12bb2 | Move file pointer (See above)
2018-12-25T12:29:37.584162887Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T12:29:37.592907703Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:37.594964036Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:37.602498806Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:37.605551521Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:37.611968984Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:37.613389393Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:29:37.615367726Z 66 PC: 12b75 | Move file pointer (See above)
2018-12-25T12:29:37.61758788Z 63 PC: 12b80 | Read file or device (See above)
2018-12-25T12:29:37.624069459Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:29:37.626726096Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:29:37.629615369Z 66 PC: 12bb2 | Move file pointer (See above)
2018-12-25T12:29:37.631330122Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T12:29:37.640766182Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:37.642268003Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:37.649672911Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:37.653061847Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:37.660789241Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:37.662182055Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:29:37.664273814Z 66 PC: 12b75 | Move file pointer (See above)
2018-12-25T12:29:37.66591475Z 63 PC: 12b80 | Read file or device (See above)
2018-12-25T12:29:37.672223817Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:29:37.674600553Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:29:37.677581592Z 66 PC: 12bb2 | Move file pointer (See above)
2018-12-25T12:29:37.67921178Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T12:29:37.688480223Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:37.690173674Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:37.697863363Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:37.701541907Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:37.708369392Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:37.709979326Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:29:37.712069194Z 66 PC: 12b75 | Move file pointer (See above)
2018-12-25T12:29:37.714594716Z 63 PC: 12b80 | Read file or device (See above)
2018-12-25T12:29:37.720960895Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:29:37.723110537Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:29:37.726561503Z 66 PC: 12bb2 | Move file pointer (See above)
2018-12-25T12:29:37.728143899Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T12:29:37.737088372Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:37.739014496Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:37.746666855Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:37.749642773Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:37.756609308Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:37.758201337Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:29:37.759802667Z 66 PC: 12b75 | Move file pointer (See above)
2018-12-25T12:29:37.76178604Z 63 PC: 12b80 | Read file or device (See above)
2018-12-25T12:29:37.768137722Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:29:37.769698949Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:29:37.77308726Z 66 PC: 12bb2 | Move file pointer (See above)
2018-12-25T12:29:37.774655093Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T12:29:37.783040425Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:37.785661942Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:37.793177789Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:37.796467045Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:37.803694654Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:37.805360435Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:29:37.806995666Z 66 PC: 12b75 | Move file pointer (See above)
2018-12-25T12:29:37.809355754Z 63 PC: 12b80 | Read file or device (See above)
2018-12-25T12:29:37.812421808Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:37.814139414Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:37.821768891Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:37.824368717Z 59 PC: 12bd4 | Change current directory (See above)
2018-12-25T12:29:37.828711059Z 25 PC: 12bdd | Get default drive (See above)
2018-12-25T12:29:37.830826188Z 42 PC: 12bee | Get date 0x12bee: cmp dh, 0xc
0x12bf1: jne 0x12c29
0x12bf3: cmp dl, 0x19
0x12bf6: jne 0x12c29
0x12bf8: mov ah, 9
0x12bfa: lea dx, word ptr [bp + 0x4c7]
0x12bfe: int 0x21
0x12c00: mov ah, 1
0x12c02: mov dx, 0
0x12c05: int 0x17
0x12c07: lea si, word ptr [bp + 0x543]
0x12c0b: mov cx, 0x115
0x12c0e: mov ah, 0
0x12c10: lodsb al, byte ptr [si]
0x12c11: int 0x17
0x12c13: loop 0x12c0e
0x12c15: mov ah, 3
0x12c17: mov al, 1
0x12c19: mov ch, 1
0x12c1b: mov cl, 1
2018-12-25T12:29:37.832958841Z 14 PC: 12c31 | Set default drive (Drive = 'A')
2018-12-25T12:29:37.834149033Z 59 PC: 12c39 | Change current directory
2018-12-25T12:29:37.837087845Z 37 PC: 12d1e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:29:37.838198218Z 26 PC: 12c79 | Set disk transfer address

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10930,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:29:36.23728855Z 71 PC: 12c87 | Get current directory
2018-12-25T12:29:36.241622549Z 53 PC: 12c8d | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:29:36.242855323Z 37 PC: 12c9e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:29:36.243959615Z 25 PC: 12a82 | Get default drive
2018-12-25T12:29:36.245252536Z 14 PC: 12a90 | Set default drive (Drive = 'C')
2018-12-25T12:29:36.247309804Z 59 PC: 12a98 | Change current directory
2018-12-25T12:29:36.258360355Z 26 PC: 12aa0 | Set disk transfer address
2018-12-25T12:29:36.260124084Z 78 PC: 12aab | Find first file
2018-12-25T12:29:36.27222331Z 78 PC: 12b33 | Find first file
2018-12-25T12:29:36.277683007Z 61 PC: 12b4a | Open file (Filename = '�!r%P�+£`��X�N�O������I�!��')
2018-12-25T12:29:36.283617274Z 87 PC: 12ca7 | Get or set file date and time
2018-12-25T12:29:36.286140508Z 87 PC: 12d14 | Get or set file date and time
2018-12-25T12:29:36.287615982Z 62 PC: 12bc9 | Close file
2018-12-25T12:29:37.397661292Z 79 PC: 12b3c | Find next file
2018-12-25T12:29:37.401731884Z 59 PC: 12bd4 | Change current directory
2018-12-25T12:29:37.406206788Z 25 PC: 12bdd | Get default drive
2018-12-25T12:29:37.407668941Z 14 PC: 12be7 | Set default drive (Drive = 'A')
2018-12-25T12:29:37.410848896Z 78 PC: 12aab | Find first file (See above)
2018-12-25T12:29:37.417090337Z 78 PC: 12b33 | Find first file (See above)
2018-12-25T12:29:37.423360794Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:37.432944201Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:37.43503239Z 66 PC: 12b66 | Move file pointer
2018-12-25T12:29:37.436686312Z 66 PC: 12b75 | Move file pointer
2018-12-25T12:29:37.439300958Z 63 PC: 12b80 | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:29:37.447880902Z 66 PC: 12b9f | Move file pointer
2018-12-25T12:29:37.449500191Z 64 PC: 12baa | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:29:37.452395238Z 66 PC: 12bb2 | Move file pointer
2018-12-25T12:29:37.456690142Z 64 PC: 12bc2 | Write file or device (Write 1364 bytes on handle 5)
2018-12-25T12:29:37.473459158Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:37.475176428Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:37.484326907Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:37.487337772Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:37.497799848Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:37.500447046Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:29:37.502225183Z 66 PC: 12b75 | Move file pointer (See above)
2018-12-25T12:29:37.504718482Z 63 PC: 12b80 | Read file or device (See above)
2018-12-25T12:29:37.510665102Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:29:37.511816477Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:29:37.513678409Z 66 PC: 12bb2 | Move file pointer (See above)
2018-12-25T12:29:37.515525276Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T12:29:37.521156498Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:37.523292658Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:37.530908653Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:37.532931527Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:37.539461714Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:37.541584189Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:29:37.543440385Z 66 PC: 12b75 | Move file pointer (See above)
2018-12-25T12:29:37.545095676Z 63 PC: 12b80 | Read file or device (See above)
2018-12-25T12:29:37.552428579Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:29:37.55428817Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:29:37.557090979Z 66 PC: 12bb2 | Move file pointer (See above)
2018-12-25T12:29:37.558772349Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T12:29:37.568015968Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:37.569948394Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:37.579371662Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:37.583013271Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:37.589699808Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:37.591465972Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:29:37.59415989Z 66 PC: 12b75 | Move file pointer (See above)
2018-12-25T12:29:37.595881752Z 63 PC: 12b80 | Read file or device (See above)
2018-12-25T12:29:37.602550076Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:29:37.605005148Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:29:37.607698058Z 66 PC: 12bb2 | Move file pointer (See above)
2018-12-25T12:29:37.609211194Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T12:29:37.616377167Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:37.61749568Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:37.622820269Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:37.625144465Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:37.629404318Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:37.63054021Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:29:37.632181862Z 66 PC: 12b75 | Move file pointer (See above)
2018-12-25T12:29:37.633311433Z 63 PC: 12b80 | Read file or device (See above)
2018-12-25T12:29:37.637314228Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:29:37.638971594Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:29:37.641076297Z 66 PC: 12bb2 | Move file pointer (See above)
2018-12-25T12:29:37.642631848Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T12:29:37.64885757Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:37.650217677Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:37.655615225Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:37.658017951Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:37.663038737Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:37.66437067Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:29:37.665972252Z 66 PC: 12b75 | Move file pointer (See above)
2018-12-25T12:29:37.667016618Z 63 PC: 12b80 | Read file or device (See above)
2018-12-25T12:29:37.671170227Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:29:37.67256618Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:29:37.674386358Z 66 PC: 12bb2 | Move file pointer (See above)
2018-12-25T12:29:37.675452777Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T12:29:37.681543219Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:37.682659615Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:37.687395591Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:37.68981533Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:37.693929958Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:37.694981677Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:29:37.696628561Z 66 PC: 12b75 | Move file pointer (See above)
2018-12-25T12:29:37.697740939Z 63 PC: 12b80 | Read file or device (See above)
2018-12-25T12:29:37.701980632Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:29:37.703179974Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:29:37.705326905Z 66 PC: 12bb2 | Move file pointer (See above)
2018-12-25T12:29:37.706352627Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T12:29:37.712591924Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:37.714656343Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:37.722835277Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:37.725858633Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:37.733300126Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:37.734917542Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:29:37.736489257Z 66 PC: 12b75 | Move file pointer (See above)
2018-12-25T12:29:37.739033456Z 63 PC: 12b80 | Read file or device (See above)
2018-12-25T12:29:37.742306675Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:37.744023707Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:37.751719078Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:37.754042572Z 59 PC: 12bd4 | Change current directory (See above)
2018-12-25T12:29:37.75804265Z 25 PC: 12bdd | Get default drive (See above)
2018-12-25T12:29:37.759767841Z 42 PC: 12bee | Get date 0x12bee: cmp dh, 0xc
0x12bf1: jne 0x12c29
0x12bf3: cmp dl, 0x19
0x12bf6: jne 0x12c29
0x12bf8: mov ah, 9
0x12bfa: lea dx, word ptr [bp + 0x4c7]
0x12bfe: int 0x21
0x12c00: mov ah, 1
0x12c02: mov dx, 0
0x12c05: int 0x17
0x12c07: lea si, word ptr [bp + 0x543]
0x12c0b: mov cx, 0x115
0x12c0e: mov ah, 0
0x12c10: lodsb al, byte ptr [si]
0x12c11: int 0x17
0x12c13: loop 0x12c0e
0x12c15: mov ah, 3
0x12c17: mov al, 1
0x12c19: mov ch, 1
0x12c1b: mov cl, 1
2018-12-25T12:29:37.762139687Z 14 PC: 12c31 | Set default drive (Drive = 'A')
2018-12-25T12:29:37.763726201Z 59 PC: 12c39 | Change current directory
2018-12-25T12:29:37.766494829Z 37 PC: 12d1e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:29:37.76784787Z 26 PC: 12c79 | Set disk transfer address

{"DateBased":true,"Day":1,"Month":12,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10930,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:29:36.286972498Z 64 PC: 0 | Write file or device (Write 2 bytes on handle 1)
2018-12-25T12:29:36.293905716Z 41 PC: 94fae | Parse filename
2018-12-25T12:29:36.312473499Z 41 PC: 9502f | Parse filename
2018-12-25T12:29:36.315152251Z 41 PC: 9504c | Parse filename
2018-12-25T12:29:36.317702469Z 26 PC: 984f7 | Set disk transfer address
2018-12-25T12:29:36.320156067Z 71 PC: 986f3 | Get current directory
2018-12-25T12:29:36.323420806Z 78 PC: 986fe | Find first file
2018-12-25T12:29:36.33493713Z 71 PC: 986f3 | Get current directory (See above)
2018-12-25T12:29:36.343940112Z 78 PC: 986fe | Find first file (See above)
2018-12-25T12:29:36.362886338Z 64 PC: 9a848 | Write file or device (Write 26 bytes on handle 2)
2018-12-25T12:29:36.372282609Z 37 PC: 123c4 | Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-25T12:29:36.374312583Z 37 PC: 123cb | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-25T12:29:36.375431702Z 37 PC: 123d2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:29:36.376577453Z 62 PC: 122ab | Close file
2018-12-25T12:29:36.37876105Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:29:36.381359184Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:29:36.383798921Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:29:36.385889179Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:29:36.388579681Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:29:36.390002475Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:29:36.391500209Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:29:36.392903367Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:29:36.394756408Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:29:36.39610985Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:29:36.405569261Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:29:36.407671491Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:29:36.409054451Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:29:36.410282313Z 62 PC: 122ab | Close file (See above)
2018-12-25T12:29:36.412704072Z 99 PC: 9a5d7 | Get DBCS lead byte table pointer
2018-12-25T12:29:36.414059188Z 56 PC: 94df9 | Get or set country info
2018-12-25T12:29:36.416001327Z 64 PC: 9a848 | Write file or device (See above)
2018-12-25T12:29:36.422006791Z 25 PC: 94e62 | Get default drive
2018-12-25T12:29:36.423891011Z 71 PC: 970dd | Get current directory
2018-12-25T12:29:36.427699075Z 64 PC: 9a848 | Write file or device (See above)
2018-12-25T12:29:36.431283337Z 2 PC: 970b2 | Character output (Char = '3e')
2018-12-25T12:29:36.433467552Z 93 PC: 94f20 | File sharing functions
2018-12-25T12:29:36.434985424Z 93 PC: 94f27 | File sharing functions
2018-12-25T12:29:36.437227341Z 10 PC: 94f39 | Buffered keyboard input
2018-12-25T12:29:51.333766299Z 0 PC: 0 | Program terminate (See above)
2018-12-25T12:29:52.688098856Z 0 PC: 0 | Program terminate (See above)
2018-12-25T12:29:52.790275125Z 64 PC: 9a848 | Write file or device (See above)
2018-12-25T12:29:52.798926602Z 41 PC: 94fae | Parse filename (See above)
2018-12-25T12:29:52.802710927Z 41 PC: 9502f | Parse filename (See above)
2018-12-25T12:29:52.804347448Z 41 PC: 9504c | Parse filename (See above)
2018-12-25T12:29:52.806554047Z 26 PC: 984f7 | Set disk transfer address (See above)
2018-12-25T12:29:52.808909518Z 71 PC: 986f3 | Get current directory (See above)
2018-12-25T12:29:52.817091043Z 78 PC: 986fe | Find first file (See above)
2018-12-25T12:29:52.826352264Z 71 PC: 9856c | Get current directory
2018-12-25T12:29:52.830224262Z 73 PC: 97c09 | Release memory
2018-12-25T12:29:52.831565254Z 75 PC: 11821 | Execute program
2018-12-25T12:29:52.845195421Z 9 PC: 12a47 | Display string (String= 'Hello, World! ')
2018-12-25T12:29:52.849264954Z 76 PC: 12a4b | Terminate with return code (Return code = '36')

{"DateBased":true,"Day":25,"Month":12,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10930,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:29:37.723716834Z 71 PC: 12c87 | Get current directory
2018-12-25T12:29:37.727323435Z 53 PC: 12c8d | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:29:37.736202698Z 37 PC: 12c9e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:29:37.73739204Z 25 PC: 12a82 | Get default drive
2018-12-25T12:29:37.738479401Z 14 PC: 12a90 | Set default drive (Drive = 'C')
2018-12-25T12:29:37.740352012Z 59 PC: 12a98 | Change current directory
2018-12-25T12:29:37.752137913Z 26 PC: 12aa0 | Set disk transfer address
2018-12-25T12:29:37.753417316Z 78 PC: 12aab | Find first file
2018-12-25T12:29:37.760313751Z 78 PC: 12b33 | Find first file
2018-12-25T12:29:37.766434867Z 61 PC: 12b4a | Open file (Filename = '�!r%P�+£`��X�N�O������I�!��')
2018-12-25T12:29:37.774185828Z 87 PC: 12ca7 | Get or set file date and time
2018-12-25T12:29:37.78823671Z 87 PC: 12d14 | Get or set file date and time
2018-12-25T12:29:37.78941959Z 62 PC: 12bc9 | Close file
2018-12-25T12:29:38.132214575Z 79 PC: 12b3c | Find next file
2018-12-25T12:29:38.13646861Z 59 PC: 12bd4 | Change current directory
2018-12-25T12:29:38.14142505Z 25 PC: 12bdd | Get default drive
2018-12-25T12:29:38.142532732Z 14 PC: 12be7 | Set default drive (Drive = 'A')
2018-12-25T12:29:38.1439787Z 78 PC: 12aab | Find first file (See above)
2018-12-25T12:29:38.150849153Z 78 PC: 12b33 | Find first file (See above)
2018-12-25T12:29:38.156427116Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:38.163890247Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:38.166378779Z 66 PC: 12b66 | Move file pointer
2018-12-25T12:29:38.167881234Z 66 PC: 12b75 | Move file pointer
2018-12-25T12:29:38.169363276Z 63 PC: 12b80 | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:29:38.177013482Z 66 PC: 12b9f | Move file pointer
2018-12-25T12:29:38.179135006Z 64 PC: 12baa | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:29:38.182201254Z 66 PC: 12bb2 | Move file pointer
2018-12-25T12:29:38.189775298Z 64 PC: 12bc2 | Write file or device (Write 1364 bytes on handle 5)
2018-12-25T12:29:38.206762987Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:38.208037823Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:38.214110126Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:38.21618275Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:38.225426288Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:38.226981246Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:29:38.228960851Z 66 PC: 12b75 | Move file pointer (See above)
2018-12-25T12:29:38.230407017Z 63 PC: 12b80 | Read file or device (See above)
2018-12-25T12:29:38.237635589Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:29:38.239496715Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:29:38.24248Z 66 PC: 12bb2 | Move file pointer (See above)
2018-12-25T12:29:38.244007057Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T12:29:38.253710917Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:38.255398035Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:38.263798107Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:38.267449543Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:38.27479647Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:38.276794121Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:29:38.279566456Z 66 PC: 12b75 | Move file pointer (See above)
2018-12-25T12:29:38.281742997Z 63 PC: 12b80 | Read file or device (See above)
2018-12-25T12:29:38.289369939Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:29:38.292780398Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:29:38.296017047Z 66 PC: 12bb2 | Move file pointer (See above)
2018-12-25T12:29:38.298023353Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T12:29:38.308352528Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:38.310995639Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:38.319826574Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:38.323585178Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:38.331419781Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:38.333341701Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:29:38.335449487Z 66 PC: 12b75 | Move file pointer (See above)
2018-12-25T12:29:38.337824549Z 63 PC: 12b80 | Read file or device (See above)
2018-12-25T12:29:38.345451955Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:29:38.347951618Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:29:38.352578766Z 66 PC: 12bb2 | Move file pointer (See above)
2018-12-25T12:29:38.354588491Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T12:29:38.364967358Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:38.368236981Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:38.376665427Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:38.379526724Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:38.387909924Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:38.389531617Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:29:38.391315918Z 66 PC: 12b75 | Move file pointer (See above)
2018-12-25T12:29:38.393854781Z 63 PC: 12b80 | Read file or device (See above)
2018-12-25T12:29:38.401225711Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:29:38.403087879Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:29:38.406553904Z 66 PC: 12bb2 | Move file pointer (See above)
2018-12-25T12:29:38.408636599Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T12:29:38.41851148Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:38.420462309Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:38.43004253Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:38.433247108Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:38.440707433Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:38.443637327Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:29:38.445291394Z 66 PC: 12b75 | Move file pointer (See above)
2018-12-25T12:29:38.447105142Z 63 PC: 12b80 | Read file or device (See above)
2018-12-25T12:29:38.455688674Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:29:38.457561075Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:29:38.460757907Z 66 PC: 12bb2 | Move file pointer (See above)
2018-12-25T12:29:38.463447045Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T12:29:38.473454275Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:38.475439399Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:38.485873332Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:38.487976725Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:38.492324182Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:38.493703046Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:29:38.495298202Z 66 PC: 12b75 | Move file pointer (See above)
2018-12-25T12:29:38.496737673Z 63 PC: 12b80 | Read file or device (See above)
2018-12-25T12:29:38.504315566Z 66 PC: 12b9f | Move file pointer (See above)
2018-12-25T12:29:38.506486735Z 64 PC: 12baa | Write file or device (See above)
2018-12-25T12:29:38.509540341Z 66 PC: 12bb2 | Move file pointer (See above)
2018-12-25T12:29:38.511638255Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T12:29:38.522094154Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:38.524309485Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:38.533010906Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:38.536524362Z 61 PC: 12b4a | Open file (See above)
2018-12-25T12:29:38.543995934Z 87 PC: 12ca7 | Get or set file date and time (See above)
2018-12-25T12:29:38.54563893Z 66 PC: 12b66 | Move file pointer (See above)
2018-12-25T12:29:38.547794489Z 66 PC: 12b75 | Move file pointer (See above)
2018-12-25T12:29:38.549393486Z 63 PC: 12b80 | Read file or device (See above)
2018-12-25T12:29:38.552315854Z 87 PC: 12d14 | Get or set file date and time (See above)
2018-12-25T12:29:38.554982113Z 62 PC: 12bc9 | Close file (See above)
2018-12-25T12:29:38.562751051Z 79 PC: 12b3c | Find next file (See above)
2018-12-25T12:29:38.565565762Z 59 PC: 12bd4 | Change current directory (See above)
2018-12-25T12:29:38.571644587Z 25 PC: 12bdd | Get default drive (See above)
2018-12-25T12:29:38.573691084Z 42 PC: 12bee | Get date 0x12bee: cmp dh, 0xc
0x12bf1: jne 0x12c29
0x12bf3: cmp dl, 0x19
0x12bf6: jne 0x12c29
0x12bf8: mov ah, 9
0x12bfa: lea dx, word ptr [bp + 0x4c7]
0x12bfe: int 0x21
0x12c00: mov ah, 1
0x12c02: mov dx, 0
0x12c05: int 0x17
0x12c07: lea si, word ptr [bp + 0x543]
0x12c0b: mov cx, 0x115
0x12c0e: mov ah, 0
0x12c10: lodsb al, byte ptr [si]
0x12c11: int 0x17
0x12c13: loop 0x12c0e
0x12c15: mov ah, 3
0x12c17: mov al, 1
0x12c19: mov ch, 1
0x12c1b: mov cl, 1
2018-12-25T12:29:38.577838203Z 9 PC: 12c00 | Display string (Could not find end pointer)
2018-12-25T12:29:38.595555146Z 14 PC: 12c31 | Set default drive (Drive = 'A')
2018-12-25T12:29:38.597899135Z 59 PC: 12c39 | Change current directory
2018-12-25T12:29:38.600275764Z 37 PC: 12d1e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:29:38.602244406Z 26 PC: 12c79 | Set disk transfer address