Sample viewer

vx.netlux.org/Virus.DOS.DBF.1046

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:53:52.499893708Z 25 PC: 12af9 | Get default drive
2018-12-17T22:53:52.502195829Z 42 PC: 12b09 | Get date 0x12b09: xor ax, ax
0x12b0b: cmp cx, 0x7c9
0x12b0f: jb 0x12b23
0x12b11: je 0x12b15
0x12b13: jmp 0x12b24
0x12b15: cmp dh, 0xa
0x12b18: jb 0x12b23
0x12b1a: je 0x12b1e
0x12b1c: jmp 0x12b24
0x12b1e: cmp dl, 0xc
0x12b21: ja 0x12b24
0x12b23: inc ax
0x12b24: mov byte ptr [bp + 0x3d], al
0x12b27: push es
0x12b28: mov ax, 0x3524
0x12b2b: int 0x21
0x12b2d: mov word ptr [bp + 0x40], bx
0x12b30: mov bx, es
0x12b32: mov word ptr [bp + 0x42], bx
0x12b35: pop es
2018-12-17T22:53:52.507249169Z 53 PC: 12b2d | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:53:52.508425992Z 37 PC: 12b3e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:53:52.509777778Z 14 PC: 12b45 | Set default drive (Drive = 'A')
2018-12-17T22:53:52.512218358Z 25 PC: 12b49 | Get default drive
2018-12-17T22:53:52.513452491Z 62 PC: 12ddf | Close file
2018-12-17T22:53:52.515034879Z 78 PC: 12b84 | Find first file
2018-12-17T22:53:52.524639576Z 78 PC: 12b84 | Find first file
2018-12-17T22:53:52.530454141Z 78 PC: 12b84 | Find first file
2018-12-17T22:53:52.536377049Z 61 PC: 12bf4 | Open file (Filename = 'Z�������L�')
2018-12-17T22:53:52.543756654Z 63 PC: 12c07 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:53:52.550208568Z 66 PC: 12d68 | Move file pointer
2018-12-17T22:53:52.5517546Z 64 PC: 12d77 | Write file or device (Write 14 bytes on handle 5)
2018-12-17T22:53:52.55561407Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.558525022Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.561379197Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.57734623Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.5814512Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.584533508Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.588125976Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.591353115Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.593925603Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.597054405Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.601691622Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.604573935Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.607461416Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.611182Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.613810772Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.616374989Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.626094338Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.628748143Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.631337599Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.64006968Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.64268775Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.64532611Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.648919745Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.652344326Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.655052246Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.657837041Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.661079643Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.663624872Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.666364967Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.669746558Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.672573051Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.675396709Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.67885184Z 64 PC: 12d9f | Write file or device (Write 8 bytes on handle 5)
2018-12-17T22:53:52.681435111Z 66 PC: 12df1 | Move file pointer
2018-12-17T22:53:52.682730907Z 64 PC: 12dba | Write file or device (Write 28 bytes on handle 5)
2018-12-17T22:53:52.69010822Z 87 PC: 12dca | Get or set file date and time
2018-12-17T22:53:52.691767127Z 62 PC: 12ddf | Close file
2018-12-17T22:53:52.699459296Z 78 PC: 12b84 | Find first file
2018-12-17T22:53:52.705724139Z 78 PC: 12b84 | Find first file
2018-12-17T22:53:52.711992686Z 61 PC: 12bf4 | Open file (Filename = ' �"�e�� �L�')
2018-12-17T22:53:52.718397172Z 63 PC: 12c07 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:53:52.730350508Z 62 PC: 12ddf | Close file
2018-12-17T22:53:52.732047884Z 79 PC: 12b92 | Find next file
2018-12-17T22:53:52.734615106Z 79 PC: 12b92 | Find next file
2018-12-17T22:53:52.73762304Z 61 PC: 12bf4 | Open file (Filename = ' �"�e�� ���L`')
2018-12-17T22:53:52.743962243Z 63 PC: 12c07 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:53:52.750216946Z 66 PC: 12d68 | Move file pointer
2018-12-17T22:53:52.751724971Z 64 PC: 12d77 | Write file or device (Write 14 bytes on handle 5)
2018-12-17T22:53:52.754653933Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.757222931Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.760767759Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.763378987Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.765841675Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.768506674Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.771457557Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.773924879Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.776550624Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.779584762Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.78226824Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.784975027Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.790703317Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.798794531Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.80241232Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.80627998Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.809156449Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.812035097Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.815749453Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.81840395Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.821217995Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.826280718Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.82919879Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.832115009Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.836273639Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.838958664Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.841594266Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.84551139Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.848406958Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.856510674Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.860390851Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.86386606Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.866845919Z 64 PC: 12d9f | Write file or device (Write 8 bytes on handle 5)
2018-12-17T22:53:52.870422376Z 66 PC: 12df1 | Move file pointer
2018-12-17T22:53:52.872165861Z 64 PC: 12dba | Write file or device (Write 28 bytes on handle 5)
2018-12-17T22:53:52.879306563Z 87 PC: 12dca | Get or set file date and time
2018-12-17T22:53:52.881719306Z 62 PC: 12ddf | Close file
2018-12-17T22:53:52.889410327Z 78 PC: 12b84 | Find first file
2018-12-17T22:53:52.895399256Z 61 PC: 12bf4 | Open file (Filename = '�'��'l�L�')
2018-12-17T22:53:52.902979598Z 63 PC: 12c07 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:53:52.9063168Z 62 PC: 12ddf | Close file
2018-12-17T22:53:52.907987812Z 79 PC: 12b92 | Find next file
2018-12-17T22:53:52.91173411Z 79 PC: 12b92 | Find next file
2018-12-17T22:53:52.914381582Z 61 PC: 12bf4 | Open file (Filename = '�'��'l���L�')
2018-12-17T22:53:52.920738167Z 63 PC: 12c07 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:53:52.923960492Z 62 PC: 12ddf | Close file
2018-12-17T22:53:52.925742967Z 79 PC: 12b92 | Find next file
2018-12-17T22:53:52.939017579Z 61 PC: 12bf4 | Open file (Filename = '�'��'lr��L ')
2018-12-17T22:53:52.950816954Z 63 PC: 12c07 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:53:52.955391107Z 66 PC: 12d68 | Move file pointer
2018-12-17T22:53:52.956562423Z 64 PC: 12d77 | Write file or device (Write 14 bytes on handle 5)
2018-12-17T22:53:52.95881334Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.960984637Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.962825534Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.964760607Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.967065974Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.968887942Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.970723079Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.973046455Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.975145211Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.977044569Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.979312839Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.9811831Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.98303381Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.985262502Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.987501235Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.992507015Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.9950594Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.996922827Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:52.99869101Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:53.001272724Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:53.003110149Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:53.004961297Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:53.007633392Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:53.009603036Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:53.011538201Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:53.014345367Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:53.016718813Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:53.018541619Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:53.020861557Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:53.023019766Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:53.024907648Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:53.031153194Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:53:53.032962395Z 64 PC: 12d9f | Write file or device (Write 8 bytes on handle 5)
2018-12-17T22:53:53.034725731Z 66 PC: 12df1 | Move file pointer
2018-12-17T22:53:53.036371847Z 64 PC: 12dba | Write file or device (Write 28 bytes on handle 5)
2018-12-17T22:53:53.040530794Z 87 PC: 12dca | Get or set file date and time
2018-12-17T22:53:53.04168969Z 62 PC: 12ddf | Close file
2018-12-17T22:53:53.04730104Z 14 PC: 12b45 | Set default drive (Drive = 'C')
2018-12-17T22:53:53.048413969Z 25 PC: 12b49 | Get default drive
2018-12-17T22:53:53.049368235Z 14 PC: 12b45 | Set default drive (Drive = 'D')
2018-12-17T22:53:53.051294337Z 25 PC: 12b49 | Get default drive
2018-12-17T22:53:53.052158912Z 14 PC: 12e21 | Set default drive (Drive = 'A')
2018-12-17T22:53:53.053165755Z 37 PC: 12e44 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')

{"DateBased":true,"Day":13,"Month":10,"Year":1993,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11365,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:30:25.087504398Z 25 PC: 12af9 | Get default drive
2018-12-25T12:30:25.089032203Z 42 PC: 12b09 | Get date 0x12b09: xor ax, ax
0x12b0b: cmp cx, 0x7c9
0x12b0f: jb 0x12b23
0x12b11: je 0x12b15
0x12b13: jmp 0x12b24
0x12b15: cmp dh, 0xa
0x12b18: jb 0x12b23
0x12b1a: je 0x12b1e
0x12b1c: jmp 0x12b24
0x12b1e: cmp dl, 0xc
0x12b21: ja 0x12b24
0x12b23: inc ax
0x12b24: mov byte ptr [bp + 0x3d], al
0x12b27: push es
0x12b28: mov ax, 0x3524
0x12b2b: int 0x21
0x12b2d: mov word ptr [bp + 0x40], bx
0x12b30: mov bx, es
0x12b32: mov word ptr [bp + 0x42], bx
0x12b35: pop es
2018-12-25T12:30:25.091237414Z 53 PC: 12b2d | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:30:25.092335645Z 37 PC: 12b3e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:30:25.093398345Z 14 PC: 12b45 | Set default drive (Drive = 'A')
2018-12-25T12:30:25.095117861Z 25 PC: 12b49 | Get default drive
2018-12-25T12:30:25.09612689Z 62 PC: 12ddf | Close file
2018-12-25T12:30:25.097323484Z 78 PC: 12b84 | Find first file
2018-12-25T12:30:25.101875219Z 78 PC: 12b84 | Find first file (See above)
2018-12-25T12:30:25.106742877Z 78 PC: 12b84 | Find first file (See above)
2018-12-25T12:30:25.110750588Z 61 PC: 12bf4 | Open file (Filename = 'Z�������L�')
2018-12-25T12:30:25.11561468Z 63 PC: 12c07 | Read file or device (Read 28 bytes on handle 5)
2018-12-25T12:30:25.122988402Z 66 PC: 12d68 | Move file pointer
2018-12-25T12:30:25.124497377Z 64 PC: 12d77 | Write file or device (Write 14 bytes on handle 5)
2018-12-25T12:30:25.128098614Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-25T12:30:25.131430408Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.13483946Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.152130035Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.155648767Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.158859068Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.162669845Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.166503268Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.16945213Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.172320986Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.175700172Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.178732959Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.182172411Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.187049609Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.191536806Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.194981477Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.199195382Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.202687215Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.205795869Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.21590084Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.21896191Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.22207043Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.226177098Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.229951813Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.233111122Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.236092932Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.24023295Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.243317117Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.246348287Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.250036159Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.25314385Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.256102492Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.259789978Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.262771104Z 66 PC: 12df1 | Move file pointer
2018-12-25T12:30:25.264361202Z 64 PC: 12dba | Write file or device (Write 28 bytes on handle 5)
2018-12-25T12:30:25.272302046Z 87 PC: 12dca | Get or set file date and time
2018-12-25T12:30:25.274141823Z 62 PC: 12ddf | Close file (See above)
2018-12-25T12:30:25.282787256Z 78 PC: 12b84 | Find first file (See above)
2018-12-25T12:30:25.290947578Z 78 PC: 12b84 | Find first file (See above)
2018-12-25T12:30:25.298299509Z 61 PC: 12bf4 | Open file (See above)
2018-12-25T12:30:25.305723591Z 63 PC: 12c07 | Read file or device (See above)
2018-12-25T12:30:25.309131555Z 62 PC: 12ddf | Close file (See above)
2018-12-25T12:30:25.311548557Z 79 PC: 12b92 | Find next file
2018-12-25T12:30:25.314612359Z 79 PC: 12b92 | Find next file (See above)
2018-12-25T12:30:25.317800708Z 61 PC: 12bf4 | Open file (See above)
2018-12-25T12:30:25.326012043Z 63 PC: 12c07 | Read file or device (See above)
2018-12-25T12:30:25.333432078Z 66 PC: 12d68 | Move file pointer (See above)
2018-12-25T12:30:25.335072674Z 64 PC: 12d77 | Write file or device (See above)
2018-12-25T12:30:25.339562247Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.342738945Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.345862835Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.349980965Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.353543924Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.357339175Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.360967174Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.364822617Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.368678386Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.371683839Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.375013002Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.377779884Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.380545125Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.391175159Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.394722549Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.398229236Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.40222133Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.405474706Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.408591033Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.412291175Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.41566907Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.418704016Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.422334329Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.425363185Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.42850454Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.433238247Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.436462794Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.439818869Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.444167665Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.453375248Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.456379579Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.459498016Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.462537524Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.465399625Z 66 PC: 12df1 | Move file pointer (See above)
2018-12-25T12:30:25.466847823Z 64 PC: 12dba | Write file or device (See above)
2018-12-25T12:30:25.474986273Z 87 PC: 12dca | Get or set file date and time (See above)
2018-12-25T12:30:25.477046494Z 62 PC: 12ddf | Close file (See above)
2018-12-25T12:30:25.486034429Z 78 PC: 12b84 | Find first file (See above)
2018-12-25T12:30:25.493799643Z 61 PC: 12bf4 | Open file (See above)
2018-12-25T12:30:25.50197457Z 63 PC: 12c07 | Read file or device (See above)
2018-12-25T12:30:25.505224862Z 62 PC: 12ddf | Close file (See above)
2018-12-25T12:30:25.508346361Z 79 PC: 12b92 | Find next file (See above)
2018-12-25T12:30:25.512150086Z 79 PC: 12b92 | Find next file (See above)
2018-12-25T12:30:25.515498908Z 61 PC: 12bf4 | Open file (See above)
2018-12-25T12:30:25.523286809Z 63 PC: 12c07 | Read file or device (See above)
2018-12-25T12:30:25.527254837Z 62 PC: 12ddf | Close file (See above)
2018-12-25T12:30:25.529556344Z 79 PC: 12b92 | Find next file (See above)
2018-12-25T12:30:25.532900955Z 61 PC: 12bf4 | Open file (See above)
2018-12-25T12:30:25.541062581Z 63 PC: 12c07 | Read file or device (See above)
2018-12-25T12:30:25.548433566Z 66 PC: 12d68 | Move file pointer (See above)
2018-12-25T12:30:25.54998335Z 64 PC: 12d77 | Write file or device (See above)
2018-12-25T12:30:25.554543761Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.558118922Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.561790172Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.566260063Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.571020756Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.574693259Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.578986264Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.582909765Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.586294617Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.589523198Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.593335074Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.596540163Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.599644322Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.603845634Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.606905231Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.615895957Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.619929705Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.623041982Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.626448367Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.630472524Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.63382412Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.637238272Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.64135619Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.645520388Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.649002611Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.6533702Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.657584177Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.661072222Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.665260737Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.669067675Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.67208913Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.681603114Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.684916863Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.687929025Z 66 PC: 12df1 | Move file pointer (See above)
2018-12-25T12:30:25.689700368Z 64 PC: 12dba | Write file or device (See above)
2018-12-25T12:30:25.697979823Z 87 PC: 12dca | Get or set file date and time (See above)
2018-12-25T12:30:25.700271273Z 62 PC: 12ddf | Close file (See above)
2018-12-25T12:30:25.709413959Z 14 PC: 12b45 | Set default drive (See above)
2018-12-25T12:30:25.712312126Z 25 PC: 12b49 | Get default drive (See above)
2018-12-25T12:30:25.71411122Z 14 PC: 12b45 | Set default drive (See above)
2018-12-25T12:30:25.716859689Z 25 PC: 12b49 | Get default drive (See above)
2018-12-25T12:30:25.719545347Z 14 PC: 12e21 | Set default drive (Drive = 'A')
2018-12-25T12:30:25.721620276Z 37 PC: 12e44 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')

{"DateBased":true,"Day":1,"Month":11,"Year":1993,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11365,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:30:25.442877066Z 25 PC: 12af9 | Get default drive
2018-12-25T12:30:25.444116751Z 42 PC: 12b09 | Get date 0x12b09: xor ax, ax
0x12b0b: cmp cx, 0x7c9
0x12b0f: jb 0x12b23
0x12b11: je 0x12b15
0x12b13: jmp 0x12b24
0x12b15: cmp dh, 0xa
0x12b18: jb 0x12b23
0x12b1a: je 0x12b1e
0x12b1c: jmp 0x12b24
0x12b1e: cmp dl, 0xc
0x12b21: ja 0x12b24
0x12b23: inc ax
0x12b24: mov byte ptr [bp + 0x3d], al
0x12b27: push es
0x12b28: mov ax, 0x3524
0x12b2b: int 0x21
0x12b2d: mov word ptr [bp + 0x40], bx
0x12b30: mov bx, es
0x12b32: mov word ptr [bp + 0x42], bx
0x12b35: pop es
2018-12-25T12:30:25.446940952Z 53 PC: 12b2d | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:30:25.448313695Z 37 PC: 12b3e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:30:25.449615725Z 14 PC: 12b45 | Set default drive (Drive = 'A')
2018-12-25T12:30:25.451893325Z 25 PC: 12b49 | Get default drive
2018-12-25T12:30:25.453435002Z 62 PC: 12ddf | Close file
2018-12-25T12:30:25.455406861Z 78 PC: 12b84 | Find first file
2018-12-25T12:30:25.463399254Z 78 PC: 12b84 | Find first file (See above)
2018-12-25T12:30:25.47022031Z 78 PC: 12b84 | Find first file (See above)
2018-12-25T12:30:25.482860108Z 61 PC: 12bf4 | Open file (Filename = 'Z�������L�')
2018-12-25T12:30:25.490319684Z 63 PC: 12c07 | Read file or device (Read 28 bytes on handle 5)
2018-12-25T12:30:25.497855789Z 66 PC: 12d68 | Move file pointer
2018-12-25T12:30:25.499263972Z 64 PC: 12d77 | Write file or device (Write 14 bytes on handle 5)
2018-12-25T12:30:25.502284994Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-25T12:30:25.505584663Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.52338518Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.538874748Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.542540807Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.545440018Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.548317923Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.553013031Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.555986105Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.55801719Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.560510255Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.562545262Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.564508314Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.567223692Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.571497533Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.575663786Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.584602581Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.587631425Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.590618242Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.599843278Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.603510954Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.606417722Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.609146321Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.612222838Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.615082769Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.617937065Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.621641847Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.62473854Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.628002836Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.632996322Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.636090785Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.640179211Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.644475957Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.647588746Z 66 PC: 12df1 | Move file pointer
2018-12-25T12:30:25.649717059Z 64 PC: 12dba | Write file or device (Write 28 bytes on handle 5)
2018-12-25T12:30:25.657858247Z 87 PC: 12dca | Get or set file date and time
2018-12-25T12:30:25.660977756Z 62 PC: 12ddf | Close file (See above)
2018-12-25T12:30:25.669584775Z 78 PC: 12b84 | Find first file (See above)
2018-12-25T12:30:25.675922777Z 78 PC: 12b84 | Find first file (See above)
2018-12-25T12:30:25.682758775Z 61 PC: 12bf4 | Open file (See above)
2018-12-25T12:30:25.689382839Z 63 PC: 12c07 | Read file or device (See above)
2018-12-25T12:30:25.691349627Z 62 PC: 12ddf | Close file (See above)
2018-12-25T12:30:25.700531086Z 79 PC: 12b92 | Find next file
2018-12-25T12:30:25.702892975Z 79 PC: 12b92 | Find next file (See above)
2018-12-25T12:30:25.70484115Z 61 PC: 12bf4 | Open file (See above)
2018-12-25T12:30:25.711287731Z 63 PC: 12c07 | Read file or device (See above)
2018-12-25T12:30:25.716573473Z 66 PC: 12d68 | Move file pointer (See above)
2018-12-25T12:30:25.71799872Z 64 PC: 12d77 | Write file or device (See above)
2018-12-25T12:30:25.721367464Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.7242482Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.727261485Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.730995859Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.734013445Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.737019889Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.741264902Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.745084388Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.755404046Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.758892375Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.762423046Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.765276188Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.76802566Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.778986282Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.782012686Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.785060553Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.788698175Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.79199649Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.795274584Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.79912822Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.802495962Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.805643958Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.809499171Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.812535709Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.815670074Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.819158573Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.82248587Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.825532997Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.828925802Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.837574526Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.840479975Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.844283627Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.847535205Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.85046504Z 66 PC: 12df1 | Move file pointer (See above)
2018-12-25T12:30:25.852071597Z 64 PC: 12dba | Write file or device (See above)
2018-12-25T12:30:25.859451437Z 87 PC: 12dca | Get or set file date and time (See above)
2018-12-25T12:30:25.861125392Z 62 PC: 12ddf | Close file (See above)
2018-12-25T12:30:25.874291049Z 78 PC: 12b84 | Find first file (See above)
2018-12-25T12:30:25.88150902Z 61 PC: 12bf4 | Open file (See above)
2018-12-25T12:30:25.888578721Z 63 PC: 12c07 | Read file or device (See above)
2018-12-25T12:30:25.891486371Z 62 PC: 12ddf | Close file (See above)
2018-12-25T12:30:25.894398806Z 79 PC: 12b92 | Find next file (See above)
2018-12-25T12:30:25.897815324Z 79 PC: 12b92 | Find next file (See above)
2018-12-25T12:30:25.90075773Z 61 PC: 12bf4 | Open file (See above)
2018-12-25T12:30:25.908322103Z 63 PC: 12c07 | Read file or device (See above)
2018-12-25T12:30:25.912129583Z 62 PC: 12ddf | Close file (See above)
2018-12-25T12:30:25.914061953Z 79 PC: 12b92 | Find next file (See above)
2018-12-25T12:30:25.917546848Z 61 PC: 12bf4 | Open file (See above)
2018-12-25T12:30:25.924476253Z 63 PC: 12c07 | Read file or device (See above)
2018-12-25T12:30:25.931520847Z 66 PC: 12d68 | Move file pointer (See above)
2018-12-25T12:30:25.933145595Z 64 PC: 12d77 | Write file or device (See above)
2018-12-25T12:30:25.935465153Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.938598659Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.941677448Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.944576985Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.947454533Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.950468633Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.953399671Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.956299581Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.95923667Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.962275649Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.964356268Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.966448096Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.970099194Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.973074994Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.976451017Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.986189432Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.989165339Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.995873658Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.999486792Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.005565445Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.012896117Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.016760447Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.020148598Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.023642511Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.028123009Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.03192426Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.035412935Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.039699658Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.043464602Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.048213592Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.052478008Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.061993672Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.065443692Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.068998217Z 66 PC: 12df1 | Move file pointer (See above)
2018-12-25T12:30:26.071827149Z 64 PC: 12dba | Write file or device (See above)
2018-12-25T12:30:26.079459795Z 87 PC: 12dca | Get or set file date and time (See above)
2018-12-25T12:30:26.081541406Z 62 PC: 12ddf | Close file (See above)
2018-12-25T12:30:26.091725606Z 14 PC: 12b45 | Set default drive (See above)
2018-12-25T12:30:26.093545294Z 25 PC: 12b49 | Get default drive (See above)
2018-12-25T12:30:26.095220566Z 14 PC: 12b45 | Set default drive (See above)
2018-12-25T12:30:26.098082416Z 25 PC: 12b49 | Get default drive (See above)
2018-12-25T12:30:26.099716553Z 14 PC: 12e21 | Set default drive (Drive = 'A')
2018-12-25T12:30:26.101629337Z 37 PC: 12e44 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')

{"DateBased":true,"Day":1,"Month":1,"Year":1994,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11365,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:30:25.796852663Z 25 PC: 12af9 | Get default drive
2018-12-25T12:30:25.799420624Z 42 PC: 12b09 | Get date 0x12b09: xor ax, ax
0x12b0b: cmp cx, 0x7c9
0x12b0f: jb 0x12b23
0x12b11: je 0x12b15
0x12b13: jmp 0x12b24
0x12b15: cmp dh, 0xa
0x12b18: jb 0x12b23
0x12b1a: je 0x12b1e
0x12b1c: jmp 0x12b24
0x12b1e: cmp dl, 0xc
0x12b21: ja 0x12b24
0x12b23: inc ax
0x12b24: mov byte ptr [bp + 0x3d], al
0x12b27: push es
0x12b28: mov ax, 0x3524
0x12b2b: int 0x21
0x12b2d: mov word ptr [bp + 0x40], bx
0x12b30: mov bx, es
0x12b32: mov word ptr [bp + 0x42], bx
0x12b35: pop es
2018-12-25T12:30:25.80260178Z 53 PC: 12b2d | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:30:25.80435616Z 37 PC: 12b3e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:30:25.80627015Z 14 PC: 12b45 | Set default drive (Drive = 'A')
2018-12-25T12:30:25.808113302Z 25 PC: 12b49 | Get default drive
2018-12-25T12:30:25.809560639Z 62 PC: 12ddf | Close file
2018-12-25T12:30:25.81142309Z 78 PC: 12b84 | Find first file
2018-12-25T12:30:25.818522635Z 78 PC: 12b84 | Find first file (See above)
2018-12-25T12:30:25.825106006Z 78 PC: 12b84 | Find first file (See above)
2018-12-25T12:30:25.831885772Z 61 PC: 12bf4 | Open file (Filename = 'Z�������L�')
2018-12-25T12:30:25.839772884Z 63 PC: 12c07 | Read file or device (Read 28 bytes on handle 5)
2018-12-25T12:30:25.84689828Z 66 PC: 12d68 | Move file pointer
2018-12-25T12:30:25.848348068Z 64 PC: 12d77 | Write file or device (Write 14 bytes on handle 5)
2018-12-25T12:30:25.851776409Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-25T12:30:25.855003887Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.858786015Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.874894776Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.877927129Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.881221851Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.884505344Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.887422794Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.89023627Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.893135266Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.896280552Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.899119812Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.901801457Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.904958625Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.907754574Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.910648637Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.914617883Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.917837025Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.920837731Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.930531418Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.933532055Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.936467288Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.940067823Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.94312976Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.946081647Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.94955426Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.954230414Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.970904263Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.974513099Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.977593336Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.98052416Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.991774685Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.998538905Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.004350808Z 66 PC: 12df1 | Move file pointer
2018-12-25T12:30:26.006101817Z 64 PC: 12dba | Write file or device (Write 28 bytes on handle 5)
2018-12-25T12:30:26.015130578Z 87 PC: 12dca | Get or set file date and time
2018-12-25T12:30:26.016686615Z 62 PC: 12ddf | Close file (See above)
2018-12-25T12:30:26.022326535Z 78 PC: 12b84 | Find first file (See above)
2018-12-25T12:30:26.026941609Z 78 PC: 12b84 | Find first file (See above)
2018-12-25T12:30:26.030968556Z 61 PC: 12bf4 | Open file (See above)
2018-12-25T12:30:26.035301075Z 63 PC: 12c07 | Read file or device (See above)
2018-12-25T12:30:26.038373625Z 62 PC: 12ddf | Close file (See above)
2018-12-25T12:30:26.039889828Z 79 PC: 12b92 | Find next file
2018-12-25T12:30:26.041984259Z 79 PC: 12b92 | Find next file (See above)
2018-12-25T12:30:26.045192862Z 61 PC: 12bf4 | Open file (See above)
2018-12-25T12:30:26.053447484Z 63 PC: 12c07 | Read file or device (See above)
2018-12-25T12:30:26.058430951Z 66 PC: 12d68 | Move file pointer (See above)
2018-12-25T12:30:26.060360326Z 64 PC: 12d77 | Write file or device (See above)
2018-12-25T12:30:26.062539407Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.064766252Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.067179349Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.069611973Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.071719258Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.073958307Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.077242455Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.0794503Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.081487308Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.089119218Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.09134388Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.093793281Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.096285349Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.101622829Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.103558898Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.106031237Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.112223973Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.115237138Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.119094153Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.122639054Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.126000339Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.130590386Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.133743507Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.137023698Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.141103128Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.144964478Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.148914713Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.153146822Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.157424641Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.16731876Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.170308962Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.173929484Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.176967522Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.180079742Z 66 PC: 12df1 | Move file pointer (See above)
2018-12-25T12:30:26.182732611Z 64 PC: 12dba | Write file or device (See above)
2018-12-25T12:30:26.189625259Z 87 PC: 12dca | Get or set file date and time (See above)
2018-12-25T12:30:26.191139258Z 62 PC: 12ddf | Close file (See above)
2018-12-25T12:30:26.200806955Z 78 PC: 12b84 | Find first file (See above)
2018-12-25T12:30:26.207461023Z 61 PC: 12bf4 | Open file (See above)
2018-12-25T12:30:26.214577386Z 63 PC: 12c07 | Read file or device (See above)
2018-12-25T12:30:26.222399408Z 62 PC: 12ddf | Close file (See above)
2018-12-25T12:30:26.224438082Z 79 PC: 12b92 | Find next file (See above)
2018-12-25T12:30:26.227409293Z 79 PC: 12b92 | Find next file (See above)
2018-12-25T12:30:26.230551951Z 61 PC: 12bf4 | Open file (See above)
2018-12-25T12:30:26.238689342Z 63 PC: 12c07 | Read file or device (See above)
2018-12-25T12:30:26.241894635Z 62 PC: 12ddf | Close file (See above)
2018-12-25T12:30:26.24422409Z 79 PC: 12b92 | Find next file (See above)
2018-12-25T12:30:26.248542261Z 61 PC: 12bf4 | Open file (See above)
2018-12-25T12:30:26.255892113Z 63 PC: 12c07 | Read file or device (See above)
2018-12-25T12:30:26.263170146Z 66 PC: 12d68 | Move file pointer (See above)
2018-12-25T12:30:26.265777203Z 64 PC: 12d77 | Write file or device (See above)
2018-12-25T12:30:26.270078183Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.273244969Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.2769707Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.280232413Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.283718952Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.287881328Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.291665739Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.29507301Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.298629093Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.30269363Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.305972827Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.309281864Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.313534098Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.316809612Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.320066428Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.329935067Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.33355997Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.337049161Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.341986959Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.345623284Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.348899304Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.353267681Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.356840151Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.360109483Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.363557619Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.367416749Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.370939084Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.374075062Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.378236917Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.381451288Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.384647197Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.394376226Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.397628949Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.400779137Z 66 PC: 12df1 | Move file pointer (See above)
2018-12-25T12:30:26.403528815Z 64 PC: 12dba | Write file or device (See above)
2018-12-25T12:30:26.411632858Z 87 PC: 12dca | Get or set file date and time (See above)
2018-12-25T12:30:26.413680556Z 62 PC: 12ddf | Close file (See above)
2018-12-25T12:30:26.422866037Z 14 PC: 12b45 | Set default drive (See above)
2018-12-25T12:30:26.424839447Z 25 PC: 12b49 | Get default drive (See above)
2018-12-25T12:30:26.426361156Z 14 PC: 12b45 | Set default drive (See above)
2018-12-25T12:30:26.428801726Z 25 PC: 12b49 | Get default drive (See above)
2018-12-25T12:30:26.430593754Z 14 PC: 12e21 | Set default drive (Drive = 'A')
2018-12-25T12:30:26.432349561Z 37 PC: 12e44 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11365,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:30:25.904699431Z 25 PC: 12af9 | Get default drive
2018-12-25T12:30:25.908558877Z 42 PC: 12b09 | Get date 0x12b09: xor ax, ax
0x12b0b: cmp cx, 0x7c9
0x12b0f: jb 0x12b23
0x12b11: je 0x12b15
0x12b13: jmp 0x12b24
0x12b15: cmp dh, 0xa
0x12b18: jb 0x12b23
0x12b1a: je 0x12b1e
0x12b1c: jmp 0x12b24
0x12b1e: cmp dl, 0xc
0x12b21: ja 0x12b24
0x12b23: inc ax
0x12b24: mov byte ptr [bp + 0x3d], al
0x12b27: push es
0x12b28: mov ax, 0x3524
0x12b2b: int 0x21
0x12b2d: mov word ptr [bp + 0x40], bx
0x12b30: mov bx, es
0x12b32: mov word ptr [bp + 0x42], bx
0x12b35: pop es
2018-12-25T12:30:25.912981539Z 53 PC: 12b2d | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:30:25.915110972Z 37 PC: 12b3e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:30:25.92024783Z 14 PC: 12b45 | Set default drive (Drive = 'A')
2018-12-25T12:30:25.922396797Z 25 PC: 12b49 | Get default drive
2018-12-25T12:30:25.923703543Z 62 PC: 12ddf | Close file
2018-12-25T12:30:25.925395669Z 78 PC: 12b84 | Find first file
2018-12-25T12:30:25.93304831Z 78 PC: 12b84 | Find first file (See above)
2018-12-25T12:30:25.941895975Z 61 PC: 12bf4 | Open file (Filename = 'Z�������L�')
2018-12-25T12:30:25.949951277Z 63 PC: 12c07 | Read file or device (Read 28 bytes on handle 5)
2018-12-25T12:30:25.972602251Z 66 PC: 12d68 | Move file pointer
2018-12-25T12:30:25.975400612Z 64 PC: 12d77 | Write file or device (Write 14 bytes on handle 5)
2018-12-25T12:30:25.978872212Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-25T12:30:25.983313326Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.987260836Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.012607943Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.018488554Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.021698515Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.02512205Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.028452394Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.032083654Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.0352272Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.038557687Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.0427192Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.046167778Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.049643821Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.0537452Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.056855627Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.060776881Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.064501303Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.068684229Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.078304337Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.082879191Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.086298289Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.089395728Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.093124052Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.09617437Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.099176946Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.102308723Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.105526021Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.108414286Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.111342971Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.114631818Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.118177076Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.121205463Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.124384334Z 66 PC: 12df1 | Move file pointer
2018-12-25T12:30:26.125652344Z 64 PC: 12dba | Write file or device (Write 28 bytes on handle 5)
2018-12-25T12:30:26.13326292Z 87 PC: 12dca | Get or set file date and time
2018-12-25T12:30:26.136328719Z 62 PC: 12ddf | Close file (See above)
2018-12-25T12:30:26.145606771Z 78 PC: 12b84 | Find first file (See above)
2018-12-25T12:30:26.153826867Z 61 PC: 12bf4 | Open file (See above)
2018-12-25T12:30:26.161834017Z 63 PC: 12c07 | Read file or device (See above)
2018-12-25T12:30:26.179025094Z 62 PC: 12ddf | Close file (See above)
2018-12-25T12:30:26.181534104Z 79 PC: 12b92 | Find next file
2018-12-25T12:30:26.185880177Z 79 PC: 12b92 | Find next file (See above)
2018-12-25T12:30:26.189516185Z 61 PC: 12bf4 | Open file (See above)
2018-12-25T12:30:26.197939812Z 63 PC: 12c07 | Read file or device (See above)
2018-12-25T12:30:26.205562417Z 66 PC: 12d68 | Move file pointer (See above)
2018-12-25T12:30:26.207906069Z 64 PC: 12d77 | Write file or device (See above)
2018-12-25T12:30:26.210999388Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.214308951Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.218421727Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.221831297Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.225247704Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.229383785Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.232653568Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.236067577Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.240293277Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.243485726Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.246520365Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.250365243Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.253569289Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.262736152Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.267335857Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.270967767Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.274260119Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.277613169Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.281977913Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.285423128Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.288877174Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.293397581Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.296869905Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.300321062Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.3045873Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.30842706Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.311859812Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.316039937Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.319604419Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.328766627Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.331931257Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.336374331Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.34063053Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.344005851Z 66 PC: 12df1 | Move file pointer (See above)
2018-12-25T12:30:26.346974714Z 64 PC: 12dba | Write file or device (See above)
2018-12-25T12:30:26.354599599Z 87 PC: 12dca | Get or set file date and time (See above)
2018-12-25T12:30:26.356724389Z 62 PC: 12ddf | Close file (See above)
2018-12-25T12:30:26.366505354Z 14 PC: 12b45 | Set default drive (See above)
2018-12-25T12:30:26.368692213Z 25 PC: 12b49 | Get default drive (See above)
2018-12-25T12:30:26.370424171Z 14 PC: 12b45 | Set default drive (See above)
2018-12-25T12:30:26.373285345Z 25 PC: 12b49 | Get default drive (See above)
2018-12-25T12:30:26.375255742Z 14 PC: 12e21 | Set default drive (Drive = 'A')
2018-12-25T12:30:26.377174359Z 37 PC: 12e44 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')

{"DateBased":true,"Day":1,"Month":1,"Year":1993,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11365,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:30:25.931481306Z 25 PC: 12af9 | Get default drive
2018-12-25T12:30:25.934099243Z 42 PC: 12b09 | Get date 0x12b09: xor ax, ax
0x12b0b: cmp cx, 0x7c9
0x12b0f: jb 0x12b23
0x12b11: je 0x12b15
0x12b13: jmp 0x12b24
0x12b15: cmp dh, 0xa
0x12b18: jb 0x12b23
0x12b1a: je 0x12b1e
0x12b1c: jmp 0x12b24
0x12b1e: cmp dl, 0xc
0x12b21: ja 0x12b24
0x12b23: inc ax
0x12b24: mov byte ptr [bp + 0x3d], al
0x12b27: push es
0x12b28: mov ax, 0x3524
0x12b2b: int 0x21
0x12b2d: mov word ptr [bp + 0x40], bx
0x12b30: mov bx, es
0x12b32: mov word ptr [bp + 0x42], bx
0x12b35: pop es
2018-12-25T12:30:25.936601559Z 53 PC: 12b2d | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:30:25.937990184Z 37 PC: 12b3e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:30:25.939316452Z 14 PC: 12b45 | Set default drive (Drive = 'A')
2018-12-25T12:30:25.941503529Z 25 PC: 12b49 | Get default drive
2018-12-25T12:30:25.942791283Z 62 PC: 12ddf | Close file
2018-12-25T12:30:25.944441964Z 78 PC: 12b84 | Find first file
2018-12-25T12:30:25.952080698Z 78 PC: 12b84 | Find first file (See above)
2018-12-25T12:30:25.959648016Z 61 PC: 12bf4 | Open file (Filename = 'Z�������L�')
2018-12-25T12:30:25.968245445Z 63 PC: 12c07 | Read file or device (Read 28 bytes on handle 5)
2018-12-25T12:30:25.976699573Z 66 PC: 12d68 | Move file pointer
2018-12-25T12:30:25.978323833Z 64 PC: 12d77 | Write file or device (Write 14 bytes on handle 5)
2018-12-25T12:30:25.981876867Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-25T12:30:25.985409136Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:25.989483395Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.011304344Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.017793541Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.021851625Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.025343319Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.029148421Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.035296943Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.039418606Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.042946944Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.047694094Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.051318215Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.055025196Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.05967208Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.06295257Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.066087775Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.069267214Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.073229936Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.08271852Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.09289592Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.097440821Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.108505991Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.112863981Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.115853775Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.118262492Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.120699748Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.123494252Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.12665566Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.129645325Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.138094382Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.142525701Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.145555995Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.148673693Z 66 PC: 12df1 | Move file pointer
2018-12-25T12:30:26.151442209Z 64 PC: 12dba | Write file or device (Write 28 bytes on handle 5)
2018-12-25T12:30:26.1588546Z 87 PC: 12dca | Get or set file date and time
2018-12-25T12:30:26.160674133Z 62 PC: 12ddf | Close file (See above)
2018-12-25T12:30:26.170223689Z 78 PC: 12b84 | Find first file (See above)
2018-12-25T12:30:26.178617171Z 61 PC: 12bf4 | Open file (See above)
2018-12-25T12:30:26.186412803Z 63 PC: 12c07 | Read file or device (See above)
2018-12-25T12:30:26.190297242Z 62 PC: 12ddf | Close file (See above)
2018-12-25T12:30:26.192592093Z 79 PC: 12b92 | Find next file
2018-12-25T12:30:26.195871862Z 79 PC: 12b92 | Find next file (See above)
2018-12-25T12:30:26.199483079Z 61 PC: 12bf4 | Open file (See above)
2018-12-25T12:30:26.207284267Z 63 PC: 12c07 | Read file or device (See above)
2018-12-25T12:30:26.214892481Z 66 PC: 12d68 | Move file pointer (See above)
2018-12-25T12:30:26.21742979Z 64 PC: 12d77 | Write file or device (See above)
2018-12-25T12:30:26.221387295Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.224916942Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.228566113Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.232889773Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.236317054Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.240420338Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.24517342Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.248501436Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.251834803Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.255993257Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.259040535Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.262054495Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.265862306Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.275108368Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.278402058Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.282831701Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.286552143Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.289936159Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.294137243Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.29783172Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.301209363Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.304831919Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.309181931Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.31261491Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.317369387Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.321829186Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.325855615Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.329270806Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.333538767Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.343200202Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.346664399Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.35088721Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.354605262Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.358030811Z 66 PC: 12df1 | Move file pointer (See above)
2018-12-25T12:30:26.360115113Z 64 PC: 12dba | Write file or device (See above)
2018-12-25T12:30:26.368556763Z 87 PC: 12dca | Get or set file date and time (See above)
2018-12-25T12:30:26.370537649Z 62 PC: 12ddf | Close file (See above)
2018-12-25T12:30:26.379663091Z 14 PC: 12b45 | Set default drive (See above)
2018-12-25T12:30:26.389267269Z 25 PC: 12b49 | Get default drive (See above)
2018-12-25T12:30:26.390769823Z 14 PC: 12b45 | Set default drive (See above)
2018-12-25T12:30:26.391827185Z 25 PC: 12b49 | Get default drive (See above)
2018-12-25T12:30:26.39327507Z 14 PC: 12e21 | Set default drive (Drive = 'A')
2018-12-25T12:30:26.394387201Z 37 PC: 12e44 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')

{"DateBased":true,"Day":1,"Month":10,"Year":1993,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11365,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:30:26.329223037Z 25 PC: 12af9 | Get default drive
2018-12-25T12:30:26.331155972Z 42 PC: 12b09 | Get date 0x12b09: xor ax, ax
0x12b0b: cmp cx, 0x7c9
0x12b0f: jb 0x12b23
0x12b11: je 0x12b15
0x12b13: jmp 0x12b24
0x12b15: cmp dh, 0xa
0x12b18: jb 0x12b23
0x12b1a: je 0x12b1e
0x12b1c: jmp 0x12b24
0x12b1e: cmp dl, 0xc
0x12b21: ja 0x12b24
0x12b23: inc ax
0x12b24: mov byte ptr [bp + 0x3d], al
0x12b27: push es
0x12b28: mov ax, 0x3524
0x12b2b: int 0x21
0x12b2d: mov word ptr [bp + 0x40], bx
0x12b30: mov bx, es
0x12b32: mov word ptr [bp + 0x42], bx
0x12b35: pop es
2018-12-25T12:30:26.334876905Z 53 PC: 12b2d | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:30:26.33658587Z 37 PC: 12b3e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:30:26.338270038Z 14 PC: 12b45 | Set default drive (Drive = 'A')
2018-12-25T12:30:26.340929115Z 25 PC: 12b49 | Get default drive
2018-12-25T12:30:26.3421777Z 62 PC: 12ddf | Close file
2018-12-25T12:30:26.343867301Z 78 PC: 12b84 | Find first file
2018-12-25T12:30:26.355541879Z 78 PC: 12b84 | Find first file (See above)
2018-12-25T12:30:26.362220221Z 61 PC: 12bf4 | Open file (Filename = 'Z�������L�')
2018-12-25T12:30:26.371855911Z 63 PC: 12c07 | Read file or device (Read 28 bytes on handle 5)
2018-12-25T12:30:26.379725747Z 66 PC: 12d68 | Move file pointer
2018-12-25T12:30:26.381759155Z 64 PC: 12d77 | Write file or device (Write 14 bytes on handle 5)
2018-12-25T12:30:26.385249674Z 64 PC: 12d9f | Write file or device (Write 32 bytes on handle 5)
2018-12-25T12:30:26.395199438Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.39878521Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.41417845Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.41630084Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.418928782Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.420864982Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.423122549Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.425825956Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.427823752Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.429770951Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.432471852Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.45124341Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.454542124Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.458162576Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.46123812Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.464224302Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.468352871Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.471636641Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.480602839Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.48466306Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.488468654Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.491902538Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.495367901Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.499764408Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.503189841Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.506609991Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.510970697Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.514413822Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.517842893Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.522193552Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.526003329Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.529413706Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.533510892Z 66 PC: 12df1 | Move file pointer
2018-12-25T12:30:26.535728855Z 64 PC: 12dba | Write file or device (Write 28 bytes on handle 5)
2018-12-25T12:30:26.546540429Z 87 PC: 12dca | Get or set file date and time
2018-12-25T12:30:26.548578513Z 62 PC: 12ddf | Close file (See above)
2018-12-25T12:30:26.559497098Z 78 PC: 12b84 | Find first file (See above)
2018-12-25T12:30:26.566380045Z 61 PC: 12bf4 | Open file (See above)
2018-12-25T12:30:26.573614716Z 63 PC: 12c07 | Read file or device (See above)
2018-12-25T12:30:26.577539773Z 62 PC: 12ddf | Close file (See above)
2018-12-25T12:30:26.593863255Z 79 PC: 12b92 | Find next file
2018-12-25T12:30:26.596999255Z 79 PC: 12b92 | Find next file (See above)
2018-12-25T12:30:26.602130363Z 61 PC: 12bf4 | Open file (See above)
2018-12-25T12:30:26.609483011Z 63 PC: 12c07 | Read file or device (See above)
2018-12-25T12:30:26.616883669Z 66 PC: 12d68 | Move file pointer (See above)
2018-12-25T12:30:26.619680562Z 64 PC: 12d77 | Write file or device (See above)
2018-12-25T12:30:26.623217049Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.626769876Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.630407318Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.634122016Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.637263113Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.640527648Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.644179719Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.647510671Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.651000999Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.655672961Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.659170923Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.662682259Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.666376337Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.677183002Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.680372332Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.684248776Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.687413387Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.690991932Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.694619967Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.698822169Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.702311276Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.705734602Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.710218446Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.713686755Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.71711962Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.721581714Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.724810263Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.727981172Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.731770301Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.740983451Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.74414467Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.748897791Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.752078809Z 64 PC: 12d9f | Write file or device (See above)
2018-12-25T12:30:26.755206602Z 66 PC: 12df1 | Move file pointer (See above)
2018-12-25T12:30:26.756871239Z 64 PC: 12dba | Write file or device (See above)
2018-12-25T12:30:26.765757835Z 87 PC: 12dca | Get or set file date and time (See above)
2018-12-25T12:30:26.767818956Z 62 PC: 12ddf | Close file (See above)
2018-12-25T12:30:26.777254529Z 14 PC: 12b45 | Set default drive (See above)
2018-12-25T12:30:26.780031574Z 25 PC: 12b49 | Get default drive (See above)
2018-12-25T12:30:26.781757235Z 14 PC: 12b45 | Set default drive (See above)
2018-12-25T12:30:26.783938195Z 25 PC: 12b49 | Get default drive (See above)
2018-12-25T12:30:26.78635263Z 14 PC: 12e21 | Set default drive (Drive = 'A')
2018-12-25T12:30:26.788420616Z 37 PC: 12e44 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')