Sample viewer

vx.netlux.org/Virus.DOS.Nucleii.1388

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:56:54.478385224Z 26 PC: 12a9c | Set disk transfer address
2018-12-17T22:56:54.479691861Z 78 PC: 12aa7 | Find first file
2018-12-17T22:56:54.496645952Z 67 PC: 12ae8 | Get or set file attributes
2018-12-17T22:56:54.526380519Z 61 PC: 12aee | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:56:54.535456786Z 87 PC: 12af4 | Get or set file date and time
2018-12-17T22:56:54.538146351Z 63 PC: 12b01 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:56:54.545747848Z 66 PC: 12be9 | Move file pointer
2018-12-17T22:56:54.547869717Z 64 PC: 12b31 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:56:54.551734379Z 66 PC: 12b39 | Move file pointer
2018-12-17T22:56:54.553862455Z 64 PC: 12b4e | Write file or device (Write 71 bytes on handle 5)
2018-12-17T22:56:54.557621768Z 64 PC: 12b67 | Write file or device (Write 1317 bytes on handle 5)
2018-12-17T22:56:54.568570168Z 87 PC: 12b6e | Get or set file date and time
2018-12-17T22:56:54.570372747Z 62 PC: 12b72 | Close file
2018-12-17T22:56:54.579154613Z 79 PC: 12aa7 | Find next file
2018-12-17T22:56:54.582442778Z 67 PC: 12ae8 | Get or set file attributes
2018-12-17T22:56:54.59365981Z 61 PC: 12aee | Open file (Filename = 'PRINT.COM')
2018-12-17T22:56:54.601897681Z 87 PC: 12af4 | Get or set file date and time
2018-12-17T22:56:54.603537986Z 63 PC: 12b01 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:56:54.611787726Z 66 PC: 12be9 | Move file pointer
2018-12-17T22:56:54.613885161Z 64 PC: 12b31 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:56:54.617356721Z 66 PC: 12b39 | Move file pointer
2018-12-17T22:56:54.620539562Z 64 PC: 12b4e | Write file or device (Write 71 bytes on handle 5)
2018-12-17T22:56:54.624162677Z 64 PC: 12b67 | Write file or device (Write 1317 bytes on handle 5)
2018-12-17T22:56:54.63384668Z 87 PC: 12b6e | Get or set file date and time
2018-12-17T22:56:54.636217779Z 62 PC: 12b72 | Close file
2018-12-17T22:56:54.65927481Z 79 PC: 12aa7 | Find next file
2018-12-17T22:56:54.662542557Z 67 PC: 12ae8 | Get or set file attributes
2018-12-17T22:56:54.674148609Z 61 PC: 12aee | Open file (Filename = 'HELLO.COM')
2018-12-17T22:56:54.702711889Z 87 PC: 12af4 | Get or set file date and time
2018-12-17T22:56:54.704456856Z 63 PC: 12b01 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:56:54.711850495Z 66 PC: 12be9 | Move file pointer
2018-12-17T22:56:54.714261849Z 64 PC: 12b31 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:56:54.730015416Z 66 PC: 12b39 | Move file pointer
2018-12-17T22:56:54.731758021Z 64 PC: 12b4e | Write file or device (Write 71 bytes on handle 5)
2018-12-17T22:56:54.735690663Z 64 PC: 12b67 | Write file or device (Write 1317 bytes on handle 5)
2018-12-17T22:56:54.757839024Z 87 PC: 12b6e | Get or set file date and time
2018-12-17T22:56:54.759683842Z 62 PC: 12b72 | Close file
2018-12-17T22:56:54.769103471Z 79 PC: 12aa7 | Find next file
2018-12-17T22:56:54.780038075Z 67 PC: 12ae8 | Get or set file attributes
2018-12-17T22:56:54.802215728Z 61 PC: 12aee | Open file (Filename = 'PHANG.COM')
2018-12-17T22:56:54.823882567Z 87 PC: 12af4 | Get or set file date and time
2018-12-17T22:56:54.825650036Z 63 PC: 12b01 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:56:54.842593052Z 66 PC: 12be9 | Move file pointer
2018-12-17T22:56:54.845069648Z 64 PC: 12b31 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:56:54.848460255Z 66 PC: 12b39 | Move file pointer
2018-12-17T22:56:54.850417392Z 64 PC: 12b4e | Write file or device (Write 71 bytes on handle 5)
2018-12-17T22:56:54.855503496Z 64 PC: 12b67 | Write file or device (Write 1317 bytes on handle 5)
2018-12-17T22:56:54.885669127Z 87 PC: 12b6e | Get or set file date and time
2018-12-17T22:56:54.887330599Z 62 PC: 12b72 | Close file
2018-12-17T22:56:54.898859453Z 79 PC: 12aa7 | Find next file
2018-12-17T22:56:54.902374984Z 67 PC: 12ae8 | Get or set file attributes
2018-12-17T22:56:54.914156768Z 61 PC: 12aee | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:56:54.922012263Z 87 PC: 12af4 | Get or set file date and time
2018-12-17T22:56:54.924828014Z 63 PC: 12b01 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:56:54.932279832Z 66 PC: 12be9 | Move file pointer
2018-12-17T22:56:54.934302544Z 64 PC: 12b31 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:56:54.938600387Z 66 PC: 12b39 | Move file pointer
2018-12-17T22:56:54.940590251Z 64 PC: 12b4e | Write file or device (Write 71 bytes on handle 5)
2018-12-17T22:56:54.944205606Z 64 PC: 12b67 | Write file or device (Write 1317 bytes on handle 5)
2018-12-17T22:56:54.955065593Z 87 PC: 12b6e | Get or set file date and time
2018-12-17T22:56:54.957240077Z 62 PC: 12b72 | Close file
2018-12-17T22:56:54.966133649Z 79 PC: 12aa7 | Find next file
2018-12-17T22:56:54.970032172Z 67 PC: 12ae8 | Get or set file attributes
2018-12-17T22:56:54.981830606Z 61 PC: 12aee | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:56:54.98970832Z 87 PC: 12af4 | Get or set file date and time
2018-12-17T22:56:54.992469496Z 63 PC: 12b01 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:56:55.000058691Z 66 PC: 12be9 | Move file pointer
2018-12-17T22:56:55.002041826Z 64 PC: 12b31 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:56:55.006248349Z 66 PC: 12b39 | Move file pointer
2018-12-17T22:56:55.008516929Z 64 PC: 12b4e | Write file or device (Write 71 bytes on handle 5)
2018-12-17T22:56:55.018008173Z 64 PC: 12b67 | Write file or device (Write 1317 bytes on handle 5)
2018-12-17T22:56:55.029331237Z 87 PC: 12b6e | Get or set file date and time
2018-12-17T22:56:55.031282385Z 62 PC: 12b72 | Close file
2018-12-17T22:56:55.040217963Z 79 PC: 12aa7 | Find next file
2018-12-17T22:56:55.043222656Z 67 PC: 12ae8 | Get or set file attributes
2018-12-17T22:56:55.055133449Z 61 PC: 12aee | Open file (Filename = 'PAH.COM')
2018-12-17T22:56:55.063304854Z 87 PC: 12af4 | Get or set file date and time
2018-12-17T22:56:55.065288717Z 63 PC: 12b01 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:56:55.073373886Z 66 PC: 12be9 | Move file pointer
2018-12-17T22:56:55.0752981Z 64 PC: 12b31 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:56:55.078879511Z 66 PC: 12b39 | Move file pointer
2018-12-17T22:56:55.081819507Z 64 PC: 12b4e | Write file or device (Write 71 bytes on handle 5)
2018-12-17T22:56:55.085772322Z 64 PC: 12b67 | Write file or device (Write 1317 bytes on handle 5)
2018-12-17T22:56:55.095743293Z 87 PC: 12b6e | Get or set file date and time
2018-12-17T22:56:55.098761176Z 62 PC: 12b72 | Close file
2018-12-17T22:56:55.108842021Z 79 PC: 12aa7 | Find next file
2018-12-17T22:56:55.112268612Z 67 PC: 12ae8 | Get or set file attributes
2018-12-17T22:56:55.125055423Z 61 PC: 12aee | Open file (Filename = 'TEST.COM')
2018-12-17T22:56:55.132868589Z 87 PC: 12af4 | Get or set file date and time
2018-12-17T22:56:55.134805619Z 63 PC: 12b01 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:56:55.138455975Z 66 PC: 12be9 | Move file pointer
2018-12-17T22:56:55.140630569Z 64 PC: 12b31 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:56:55.14395457Z 66 PC: 12b39 | Move file pointer
2018-12-17T22:56:55.146617419Z 64 PC: 12b4e | Write file or device (Write 71 bytes on handle 5)
2018-12-17T22:56:55.151229605Z 64 PC: 12b67 | Write file or device (Write 1317 bytes on handle 5)
2018-12-17T22:56:55.162195197Z 87 PC: 12b6e | Get or set file date and time
2018-12-17T22:56:55.164338044Z 62 PC: 12b72 | Close file
2018-12-17T22:56:55.173634427Z 79 PC: 12aa7 | Find next file
2018-12-17T22:56:55.176906011Z 59 PC: 12ab1 | Change current directory
2018-12-17T22:56:55.183402799Z 42 PC: 12ab7 | Get date 0x12ab7: cmp dl, 0x1e
0x12aba: jne 0x12ad4
0x12abc: push cs
0x12abd: pop ds
0x12abe: mov ax, 0xb800
0x12ac1: mov es, ax
0x12ac3: xor di, di
0x12ac5: lea si, word ptr [bp + 0x2aa]
0x12ac9: mov cx, 0x36c
0x12acc: nop
0x12acd: call 0x12b77
0x12ad0: xor ax, ax
0x12ad2: int 0x16
0x12ad4: mov dx, 0x80
0x12ad7: mov ah, 0x1a
0x12ad9: int 0x21
0x12adb: ret
0x12adc: lea dx, word ptr [bp + 0x663]
0x12ae0: push dx
0x12ae1: mov ax, 0x4301
2018-12-17T22:56:55.187072062Z 26 PC: 12adb | Set disk transfer address

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12379,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:32:34.742173826Z 26 PC: 12a9c | Set disk transfer address
2018-12-25T12:32:34.744275866Z 78 PC: 12aa7 | Find first file
2018-12-25T12:32:34.755176397Z 67 PC: 12ae8 | Get or set file attributes
2018-12-25T12:32:35.086401456Z 61 PC: 12aee | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:32:35.094855078Z 87 PC: 12af4 | Get or set file date and time
2018-12-25T12:32:35.097101801Z 63 PC: 12b01 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:32:35.104362451Z 66 PC: 12be9 | Move file pointer
2018-12-25T12:32:35.10605747Z 64 PC: 12b31 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:32:35.109343625Z 66 PC: 12b39 | Move file pointer
2018-12-25T12:32:35.110967038Z 64 PC: 12b4e | Write file or device (Write 71 bytes on handle 5)
2018-12-25T12:32:35.114349289Z 64 PC: 12b67 | Write file or device (Write 1317 bytes on handle 5)
2018-12-25T12:32:35.124758861Z 87 PC: 12b6e | Get or set file date and time
2018-12-25T12:32:35.12700736Z 62 PC: 12b72 | Close file
2018-12-25T12:32:35.136646598Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T12:32:35.141197514Z 67 PC: 12ae8 | Get or set file attributes (See above)
2018-12-25T12:32:35.153028715Z 61 PC: 12aee | Open file (See above)
2018-12-25T12:32:35.16046746Z 87 PC: 12af4 | Get or set file date and time (See above)
2018-12-25T12:32:35.16256682Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:32:35.170181011Z 66 PC: 12be9 | Move file pointer (See above)
2018-12-25T12:32:35.171583247Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:32:35.174997992Z 66 PC: 12b39 | Move file pointer (See above)
2018-12-25T12:32:35.176790662Z 64 PC: 12b4e | Write file or device (See above)
2018-12-25T12:32:35.179994228Z 64 PC: 12b67 | Write file or device (See above)
2018-12-25T12:32:35.189511657Z 87 PC: 12b6e | Get or set file date and time (See above)
2018-12-25T12:32:35.191359948Z 62 PC: 12b72 | Close file (See above)
2018-12-25T12:32:35.19953919Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T12:32:35.202147342Z 67 PC: 12ae8 | Get or set file attributes (See above)
2018-12-25T12:32:35.213275752Z 61 PC: 12aee | Open file (See above)
2018-12-25T12:32:35.220306626Z 87 PC: 12af4 | Get or set file date and time (See above)
2018-12-25T12:32:35.22172055Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:32:35.229212929Z 66 PC: 12be9 | Move file pointer (See above)
2018-12-25T12:32:35.230809293Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:32:35.233569833Z 66 PC: 12b39 | Move file pointer (See above)
2018-12-25T12:32:35.235347982Z 64 PC: 12b4e | Write file or device (See above)
2018-12-25T12:32:35.238464024Z 64 PC: 12b67 | Write file or device (See above)
2018-12-25T12:32:35.247335797Z 87 PC: 12b6e | Get or set file date and time (See above)
2018-12-25T12:32:35.249860204Z 62 PC: 12b72 | Close file (See above)
2018-12-25T12:32:35.258147994Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T12:32:35.260868351Z 67 PC: 12ae8 | Get or set file attributes (See above)
2018-12-25T12:32:35.272068007Z 61 PC: 12aee | Open file (See above)
2018-12-25T12:32:35.279127493Z 87 PC: 12af4 | Get or set file date and time (See above)
2018-12-25T12:32:35.280517828Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:32:35.287710826Z 66 PC: 12be9 | Move file pointer (See above)
2018-12-25T12:32:35.289206209Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:32:35.292303142Z 66 PC: 12b39 | Move file pointer (See above)
2018-12-25T12:32:35.295008158Z 64 PC: 12b4e | Write file or device (See above)
2018-12-25T12:32:35.298223772Z 64 PC: 12b67 | Write file or device (See above)
2018-12-25T12:32:35.307242437Z 87 PC: 12b6e | Get or set file date and time (See above)
2018-12-25T12:32:35.309355038Z 62 PC: 12b72 | Close file (See above)
2018-12-25T12:32:35.31880837Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T12:32:35.321670597Z 67 PC: 12ae8 | Get or set file attributes (See above)
2018-12-25T12:32:35.332294955Z 61 PC: 12aee | Open file (See above)
2018-12-25T12:32:35.342572186Z 87 PC: 12af4 | Get or set file date and time (See above)
2018-12-25T12:32:35.344848476Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:32:35.351926013Z 66 PC: 12be9 | Move file pointer (See above)
2018-12-25T12:32:35.356634241Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:32:35.360051854Z 66 PC: 12b39 | Move file pointer (See above)
2018-12-25T12:32:35.362001254Z 64 PC: 12b4e | Write file or device (See above)
2018-12-25T12:32:35.366150612Z 64 PC: 12b67 | Write file or device (See above)
2018-12-25T12:32:35.375840358Z 87 PC: 12b6e | Get or set file date and time (See above)
2018-12-25T12:32:35.377436649Z 62 PC: 12b72 | Close file (See above)
2018-12-25T12:32:35.390576527Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T12:32:35.393551989Z 67 PC: 12ae8 | Get or set file attributes (See above)
2018-12-25T12:32:35.404304467Z 61 PC: 12aee | Open file (See above)
2018-12-25T12:32:35.417177232Z 87 PC: 12af4 | Get or set file date and time (See above)
2018-12-25T12:32:35.418758124Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:32:35.425826375Z 66 PC: 12be9 | Move file pointer (See above)
2018-12-25T12:32:35.42787842Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:32:35.430871632Z 66 PC: 12b39 | Move file pointer (See above)
2018-12-25T12:32:35.432509378Z 64 PC: 12b4e | Write file or device (See above)
2018-12-25T12:32:35.442073565Z 64 PC: 12b67 | Write file or device (See above)
2018-12-25T12:32:35.451622122Z 87 PC: 12b6e | Get or set file date and time (See above)
2018-12-25T12:32:35.453889895Z 62 PC: 12b72 | Close file (See above)
2018-12-25T12:32:35.463727923Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T12:32:35.466904073Z 67 PC: 12ae8 | Get or set file attributes (See above)
2018-12-25T12:32:35.478130937Z 61 PC: 12aee | Open file (See above)
2018-12-25T12:32:35.48589739Z 87 PC: 12af4 | Get or set file date and time (See above)
2018-12-25T12:32:35.488879304Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:32:35.496112293Z 66 PC: 12be9 | Move file pointer (See above)
2018-12-25T12:32:35.498052928Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:32:35.501734417Z 66 PC: 12b39 | Move file pointer (See above)
2018-12-25T12:32:35.503289575Z 64 PC: 12b4e | Write file or device (See above)
2018-12-25T12:32:35.506467455Z 64 PC: 12b67 | Write file or device (See above)
2018-12-25T12:32:35.51645337Z 87 PC: 12b6e | Get or set file date and time (See above)
2018-12-25T12:32:35.518570531Z 62 PC: 12b72 | Close file (See above)
2018-12-25T12:32:35.527314575Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T12:32:35.530757287Z 67 PC: 12ae8 | Get or set file attributes (See above)
2018-12-25T12:32:35.542148193Z 61 PC: 12aee | Open file (See above)
2018-12-25T12:32:35.549597901Z 87 PC: 12af4 | Get or set file date and time (See above)
2018-12-25T12:32:35.552099254Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:32:35.555350152Z 66 PC: 12be9 | Move file pointer (See above)
2018-12-25T12:32:35.55729003Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:32:35.561270064Z 66 PC: 12b39 | Move file pointer (See above)
2018-12-25T12:32:35.563034635Z 64 PC: 12b4e | Write file or device (See above)
2018-12-25T12:32:35.566842412Z 64 PC: 12b67 | Write file or device (See above)
2018-12-25T12:32:35.576933895Z 87 PC: 12b6e | Get or set file date and time (See above)
2018-12-25T12:32:35.579373808Z 62 PC: 12b72 | Close file (See above)
2018-12-25T12:32:35.588939927Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T12:32:35.591570192Z 59 PC: 12ab1 | Change current directory
2018-12-25T12:32:35.596706314Z 42 PC: 12ab7 | Get date 0x12ab7: cmp dl, 0x1e
0x12aba: jne 0x12ad4
0x12abc: push cs
0x12abd: pop ds
0x12abe: mov ax, 0xb800
0x12ac1: mov es, ax
0x12ac3: xor di, di
0x12ac5: lea si, word ptr [bp + 0x2aa]
0x12ac9: mov cx, 0x36c
0x12acc: nop
0x12acd: call 0x12b77
0x12ad0: xor ax, ax
0x12ad2: int 0x16
0x12ad4: mov dx, 0x80
0x12ad7: mov ah, 0x1a
0x12ad9: int 0x21
0x12adb: ret
0x12adc: lea dx, word ptr [bp + 0x663]
0x12ae0: push dx
0x12ae1: mov ax, 0x4301
2018-12-25T12:32:35.599157634Z 26 PC: 12adb | Set disk transfer address

{"DateBased":true,"Day":30,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12379,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:32:35.977444714Z 26 PC: 12a9c | Set disk transfer address
2018-12-25T12:32:35.97969512Z 78 PC: 12aa7 | Find first file
2018-12-25T12:32:35.986169448Z 67 PC: 12ae8 | Get or set file attributes
2018-12-25T12:32:36.002738101Z 61 PC: 12aee | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:32:36.018315104Z 87 PC: 12af4 | Get or set file date and time
2018-12-25T12:32:36.02040985Z 63 PC: 12b01 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:32:36.027424449Z 66 PC: 12be9 | Move file pointer
2018-12-25T12:32:36.02996174Z 64 PC: 12b31 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:32:36.042298634Z 66 PC: 12b39 | Move file pointer
2018-12-25T12:32:36.043759446Z 64 PC: 12b4e | Write file or device (Write 71 bytes on handle 5)
2018-12-25T12:32:36.046577236Z 64 PC: 12b67 | Write file or device (Write 1317 bytes on handle 5)
2018-12-25T12:32:36.057224018Z 87 PC: 12b6e | Get or set file date and time
2018-12-25T12:32:36.059147468Z 62 PC: 12b72 | Close file
2018-12-25T12:32:36.066886265Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T12:32:36.070425561Z 67 PC: 12ae8 | Get or set file attributes (See above)
2018-12-25T12:32:36.080265253Z 61 PC: 12aee | Open file (See above)
2018-12-25T12:32:36.087087122Z 87 PC: 12af4 | Get or set file date and time (See above)
2018-12-25T12:32:36.089625658Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:32:36.096683822Z 66 PC: 12be9 | Move file pointer (See above)
2018-12-25T12:32:36.098392314Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:32:36.101858277Z 66 PC: 12b39 | Move file pointer (See above)
2018-12-25T12:32:36.103764618Z 64 PC: 12b4e | Write file or device (See above)
2018-12-25T12:32:36.107232919Z 64 PC: 12b67 | Write file or device (See above)
2018-12-25T12:32:36.116242682Z 87 PC: 12b6e | Get or set file date and time (See above)
2018-12-25T12:32:36.118138853Z 62 PC: 12b72 | Close file (See above)
2018-12-25T12:32:36.125423054Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T12:32:36.128682798Z 67 PC: 12ae8 | Get or set file attributes (See above)
2018-12-25T12:32:36.138929803Z 61 PC: 12aee | Open file (See above)
2018-12-25T12:32:36.14529506Z 87 PC: 12af4 | Get or set file date and time (See above)
2018-12-25T12:32:36.147828895Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:32:36.154310381Z 66 PC: 12be9 | Move file pointer (See above)
2018-12-25T12:32:36.15675934Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:32:36.159501572Z 66 PC: 12b39 | Move file pointer (See above)
2018-12-25T12:32:36.161964242Z 64 PC: 12b4e | Write file or device (See above)
2018-12-25T12:32:36.164744827Z 64 PC: 12b67 | Write file or device (See above)
2018-12-25T12:32:36.173299909Z 87 PC: 12b6e | Get or set file date and time (See above)
2018-12-25T12:32:36.174991997Z 62 PC: 12b72 | Close file (See above)
2018-12-25T12:32:36.18240454Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T12:32:36.185109412Z 67 PC: 12ae8 | Get or set file attributes (See above)
2018-12-25T12:32:36.194879325Z 61 PC: 12aee | Open file (See above)
2018-12-25T12:32:36.201066881Z 87 PC: 12af4 | Get or set file date and time (See above)
2018-12-25T12:32:36.202327208Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:32:36.209205117Z 66 PC: 12be9 | Move file pointer (See above)
2018-12-25T12:32:36.210722235Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:32:36.213360384Z 66 PC: 12b39 | Move file pointer (See above)
2018-12-25T12:32:36.215333333Z 64 PC: 12b4e | Write file or device (See above)
2018-12-25T12:32:36.218152193Z 64 PC: 12b67 | Write file or device (See above)
2018-12-25T12:32:36.226349449Z 87 PC: 12b6e | Get or set file date and time (See above)
2018-12-25T12:32:36.229370632Z 62 PC: 12b72 | Close file (See above)
2018-12-25T12:32:36.236829327Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T12:32:36.239324547Z 67 PC: 12ae8 | Get or set file attributes (See above)
2018-12-25T12:32:36.250942812Z 61 PC: 12aee | Open file (See above)
2018-12-25T12:32:36.257505673Z 87 PC: 12af4 | Get or set file date and time (See above)
2018-12-25T12:32:36.259066887Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:32:36.266474145Z 66 PC: 12be9 | Move file pointer (See above)
2018-12-25T12:32:36.268193064Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:32:36.271228355Z 66 PC: 12b39 | Move file pointer (See above)
2018-12-25T12:32:36.273994807Z 64 PC: 12b4e | Write file or device (See above)
2018-12-25T12:32:36.276939717Z 64 PC: 12b67 | Write file or device (See above)
2018-12-25T12:32:36.28545069Z 87 PC: 12b6e | Get or set file date and time (See above)
2018-12-25T12:32:36.287908531Z 62 PC: 12b72 | Close file (See above)
2018-12-25T12:32:36.295605283Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T12:32:36.299154449Z 67 PC: 12ae8 | Get or set file attributes (See above)
2018-12-25T12:32:36.309139666Z 61 PC: 12aee | Open file (See above)
2018-12-25T12:32:36.31687849Z 87 PC: 12af4 | Get or set file date and time (See above)
2018-12-25T12:32:36.318338149Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:32:36.325096678Z 66 PC: 12be9 | Move file pointer (See above)
2018-12-25T12:32:36.327463931Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:32:36.330247697Z 66 PC: 12b39 | Move file pointer (See above)
2018-12-25T12:32:36.33190446Z 64 PC: 12b4e | Write file or device (See above)
2018-12-25T12:32:36.340856649Z 64 PC: 12b67 | Write file or device (See above)
2018-12-25T12:32:36.349355162Z 87 PC: 12b6e | Get or set file date and time (See above)
2018-12-25T12:32:36.351061948Z 62 PC: 12b72 | Close file (See above)
2018-12-25T12:32:36.359337676Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T12:32:36.362052911Z 67 PC: 12ae8 | Get or set file attributes (See above)
2018-12-25T12:32:36.372018798Z 61 PC: 12aee | Open file (See above)
2018-12-25T12:32:36.379528218Z 87 PC: 12af4 | Get or set file date and time (See above)
2018-12-25T12:32:36.380749346Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:32:36.386811134Z 66 PC: 12be9 | Move file pointer (See above)
2018-12-25T12:32:36.388490361Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:32:36.391028105Z 66 PC: 12b39 | Move file pointer (See above)
2018-12-25T12:32:36.392330328Z 64 PC: 12b4e | Write file or device (See above)
2018-12-25T12:32:36.396217017Z 64 PC: 12b67 | Write file or device (See above)
2018-12-25T12:32:36.404200638Z 87 PC: 12b6e | Get or set file date and time (See above)
2018-12-25T12:32:36.40545183Z 62 PC: 12b72 | Close file (See above)
2018-12-25T12:32:36.413972558Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T12:32:36.416517163Z 67 PC: 12ae8 | Get or set file attributes (See above)
2018-12-25T12:32:36.426661569Z 61 PC: 12aee | Open file (See above)
2018-12-25T12:32:36.434719204Z 87 PC: 12af4 | Get or set file date and time (See above)
2018-12-25T12:32:36.436091923Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:32:36.438647429Z 66 PC: 12be9 | Move file pointer (See above)
2018-12-25T12:32:36.440527942Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:32:36.443032285Z 66 PC: 12b39 | Move file pointer (See above)
2018-12-25T12:32:36.444336235Z 64 PC: 12b4e | Write file or device (See above)
2018-12-25T12:32:36.448174863Z 64 PC: 12b67 | Write file or device (See above)
2018-12-25T12:32:36.457049126Z 87 PC: 12b6e | Get or set file date and time (See above)
2018-12-25T12:32:36.458496958Z 62 PC: 12b72 | Close file (See above)
2018-12-25T12:32:36.466665584Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T12:32:36.468920003Z 59 PC: 12ab1 | Change current directory
2018-12-25T12:32:36.472845341Z 42 PC: 12ab7 | Get date 0x12ab7: cmp dl, 0x1e
0x12aba: jne 0x12ad4
0x12abc: push cs
0x12abd: pop ds
0x12abe: mov ax, 0xb800
0x12ac1: mov es, ax
0x12ac3: xor di, di
0x12ac5: lea si, word ptr [bp + 0x2aa]
0x12ac9: mov cx, 0x36c
0x12acc: nop
0x12acd: call 0x12b77
0x12ad0: xor ax, ax
0x12ad2: int 0x16
0x12ad4: mov dx, 0x80
0x12ad7: mov ah, 0x1a
0x12ad9: int 0x21
0x12adb: ret
0x12adc: lea dx, word ptr [bp + 0x663]
0x12ae0: push dx
0x12ae1: mov ax, 0x4301

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12379,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:32:36.258832473Z 26 PC: 12a9c | Set disk transfer address
2018-12-25T12:32:36.261153598Z 78 PC: 12aa7 | Find first file
2018-12-25T12:32:36.269071066Z 67 PC: 12ae8 | Get or set file attributes
2018-12-25T12:32:36.286508299Z 61 PC: 12aee | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:32:36.294193392Z 87 PC: 12af4 | Get or set file date and time
2018-12-25T12:32:36.296325534Z 63 PC: 12b01 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:32:36.303448247Z 66 PC: 12be9 | Move file pointer
2018-12-25T12:32:36.305355219Z 64 PC: 12b31 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:32:36.309394292Z 66 PC: 12b39 | Move file pointer
2018-12-25T12:32:36.31185921Z 64 PC: 12b4e | Write file or device (Write 71 bytes on handle 5)
2018-12-25T12:32:36.315050025Z 64 PC: 12b67 | Write file or device (Write 1317 bytes on handle 5)
2018-12-25T12:32:36.326430537Z 87 PC: 12b6e | Get or set file date and time
2018-12-25T12:32:36.32822155Z 62 PC: 12b72 | Close file
2018-12-25T12:32:36.33765514Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T12:32:36.341671836Z 67 PC: 12ae8 | Get or set file attributes (See above)
2018-12-25T12:32:36.352846425Z 61 PC: 12aee | Open file (See above)
2018-12-25T12:32:36.360718093Z 87 PC: 12af4 | Get or set file date and time (See above)
2018-12-25T12:32:36.362854489Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:32:36.370252554Z 66 PC: 12be9 | Move file pointer (See above)
2018-12-25T12:32:36.372184974Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:32:36.3751833Z 66 PC: 12b39 | Move file pointer (See above)
2018-12-25T12:32:36.377727823Z 64 PC: 12b4e | Write file or device (See above)
2018-12-25T12:32:36.380870673Z 64 PC: 12b67 | Write file or device (See above)
2018-12-25T12:32:36.390410854Z 87 PC: 12b6e | Get or set file date and time (See above)
2018-12-25T12:32:36.396343269Z 62 PC: 12b72 | Close file (See above)
2018-12-25T12:32:36.406670947Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T12:32:36.409736184Z 67 PC: 12ae8 | Get or set file attributes (See above)
2018-12-25T12:32:36.423340931Z 61 PC: 12aee | Open file (See above)
2018-12-25T12:32:36.431386397Z 87 PC: 12af4 | Get or set file date and time (See above)
2018-12-25T12:32:36.433690611Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:32:36.442354656Z 66 PC: 12be9 | Move file pointer (See above)
2018-12-25T12:32:36.444031115Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:32:36.447971267Z 66 PC: 12b39 | Move file pointer (See above)
2018-12-25T12:32:36.450502354Z 64 PC: 12b4e | Write file or device (See above)
2018-12-25T12:32:36.455166777Z 64 PC: 12b67 | Write file or device (See above)
2018-12-25T12:32:36.464377966Z 87 PC: 12b6e | Get or set file date and time (See above)
2018-12-25T12:32:36.466274963Z 62 PC: 12b72 | Close file (See above)
2018-12-25T12:32:36.475185397Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T12:32:36.478440793Z 67 PC: 12ae8 | Get or set file attributes (See above)
2018-12-25T12:32:36.489646184Z 61 PC: 12aee | Open file (See above)
2018-12-25T12:32:36.498231307Z 87 PC: 12af4 | Get or set file date and time (See above)
2018-12-25T12:32:36.500395831Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:32:36.507849241Z 66 PC: 12be9 | Move file pointer (See above)
2018-12-25T12:32:36.511165524Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:32:36.515439991Z 66 PC: 12b39 | Move file pointer (See above)
2018-12-25T12:32:36.51903274Z 64 PC: 12b4e | Write file or device (See above)
2018-12-25T12:32:36.523467845Z 64 PC: 12b67 | Write file or device (See above)
2018-12-25T12:32:36.532887638Z 87 PC: 12b6e | Get or set file date and time (See above)
2018-12-25T12:32:36.534944391Z 62 PC: 12b72 | Close file (See above)
2018-12-25T12:32:36.544647535Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T12:32:36.548252102Z 67 PC: 12ae8 | Get or set file attributes (See above)
2018-12-25T12:32:36.559060628Z 61 PC: 12aee | Open file (See above)
2018-12-25T12:32:36.567261422Z 87 PC: 12af4 | Get or set file date and time (See above)
2018-12-25T12:32:36.569311602Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:32:36.576526123Z 66 PC: 12be9 | Move file pointer (See above)
2018-12-25T12:32:36.578413129Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:32:36.58337594Z 66 PC: 12b39 | Move file pointer (See above)
2018-12-25T12:32:36.585217787Z 64 PC: 12b4e | Write file or device (See above)
2018-12-25T12:32:36.588711816Z 64 PC: 12b67 | Write file or device (See above)
2018-12-25T12:32:36.599473833Z 87 PC: 12b6e | Get or set file date and time (See above)
2018-12-25T12:32:36.601999736Z 62 PC: 12b72 | Close file (See above)
2018-12-25T12:32:36.610543906Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T12:32:36.614456989Z 67 PC: 12ae8 | Get or set file attributes (See above)
2018-12-25T12:32:36.625889153Z 61 PC: 12aee | Open file (See above)
2018-12-25T12:32:36.633552114Z 87 PC: 12af4 | Get or set file date and time (See above)
2018-12-25T12:32:36.636337558Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:32:36.643722956Z 66 PC: 12be9 | Move file pointer (See above)
2018-12-25T12:32:36.645945673Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:32:36.649886631Z 66 PC: 12b39 | Move file pointer (See above)
2018-12-25T12:32:36.653094428Z 64 PC: 12b4e | Write file or device (See above)
2018-12-25T12:32:36.662276764Z 64 PC: 12b67 | Write file or device (See above)
2018-12-25T12:32:36.672298008Z 87 PC: 12b6e | Get or set file date and time (See above)
2018-12-25T12:32:36.675804473Z 62 PC: 12b72 | Close file (See above)
2018-12-25T12:32:36.684720864Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T12:32:36.688302331Z 67 PC: 12ae8 | Get or set file attributes (See above)
2018-12-25T12:32:36.700927358Z 61 PC: 12aee | Open file (See above)
2018-12-25T12:32:36.708589533Z 87 PC: 12af4 | Get or set file date and time (See above)
2018-12-25T12:32:36.710161527Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:32:36.718339238Z 66 PC: 12be9 | Move file pointer (See above)
2018-12-25T12:32:36.719873328Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:32:36.722740523Z 66 PC: 12b39 | Move file pointer (See above)
2018-12-25T12:32:36.725834726Z 64 PC: 12b4e | Write file or device (See above)
2018-12-25T12:32:36.729035097Z 64 PC: 12b67 | Write file or device (See above)
2018-12-25T12:32:36.739010634Z 87 PC: 12b6e | Get or set file date and time (See above)
2018-12-25T12:32:36.740808035Z 62 PC: 12b72 | Close file (See above)
2018-12-25T12:32:36.749868925Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T12:32:36.754634398Z 67 PC: 12ae8 | Get or set file attributes (See above)
2018-12-25T12:32:36.776042861Z 61 PC: 12aee | Open file (See above)
2018-12-25T12:32:36.781575018Z 87 PC: 12af4 | Get or set file date and time (See above)
2018-12-25T12:32:36.78283013Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:32:36.785633591Z 66 PC: 12be9 | Move file pointer (See above)
2018-12-25T12:32:36.787521202Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T12:32:36.790364778Z 66 PC: 12b39 | Move file pointer (See above)
2018-12-25T12:32:36.792200565Z 64 PC: 12b4e | Write file or device (See above)
2018-12-25T12:32:36.796928887Z 64 PC: 12b67 | Write file or device (See above)
2018-12-25T12:32:36.806874353Z 87 PC: 12b6e | Get or set file date and time (See above)
2018-12-25T12:32:36.808488095Z 62 PC: 12b72 | Close file (See above)
2018-12-25T12:32:36.817749852Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T12:32:36.820363343Z 59 PC: 12ab1 | Change current directory
2018-12-25T12:32:36.824934108Z 42 PC: 12ab7 | Get date 0x12ab7: cmp dl, 0x1e
0x12aba: jne 0x12ad4
0x12abc: push cs
0x12abd: pop ds
0x12abe: mov ax, 0xb800
0x12ac1: mov es, ax
0x12ac3: xor di, di
0x12ac5: lea si, word ptr [bp + 0x2aa]
0x12ac9: mov cx, 0x36c
0x12acc: nop
0x12acd: call 0x12b77
0x12ad0: xor ax, ax
0x12ad2: int 0x16
0x12ad4: mov dx, 0x80
0x12ad7: mov ah, 0x1a
0x12ad9: int 0x21
0x12adb: ret
0x12adc: lea dx, word ptr [bp + 0x663]
0x12ae0: push dx
0x12ae1: mov ax, 0x4301
2018-12-25T12:32:36.827961852Z 26 PC: 12adb | Set disk transfer address

{"DateBased":true,"Day":30,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12379,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T13:07:19.364730289Z 26 PC: 12a9c | Set disk transfer address
2018-12-25T13:07:19.366632866Z 78 PC: 12aa7 | Find first file
2018-12-25T13:07:19.373277812Z 67 PC: 12ae8 | Get or set file attributes
2018-12-25T13:07:21.050012428Z 61 PC: 12aee | Open file (Filename = 'SLEEP.COM')
2018-12-25T13:07:21.071217003Z 87 PC: 12af4 | Get or set file date and time
2018-12-25T13:07:21.073562929Z 63 PC: 12b01 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T13:07:21.083021278Z 66 PC: 12be9 | Move file pointer
2018-12-25T13:07:21.084871562Z 64 PC: 12b31 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T13:07:21.088792807Z 66 PC: 12b39 | Move file pointer
2018-12-25T13:07:21.090440997Z 64 PC: 12b4e | Write file or device (Write 71 bytes on handle 5)
2018-12-25T13:07:21.094813554Z 64 PC: 12b67 | Write file or device (Write 1317 bytes on handle 5)
2018-12-25T13:07:21.106805682Z 87 PC: 12b6e | Get or set file date and time
2018-12-25T13:07:21.114434168Z 62 PC: 12b72 | Close file
2018-12-25T13:07:21.124854615Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T13:07:21.12954642Z 67 PC: 12ae8 | Get or set file attributes (See above)
2018-12-25T13:07:21.140797932Z 61 PC: 12aee | Open file (See above)
2018-12-25T13:07:21.148902302Z 87 PC: 12af4 | Get or set file date and time (See above)
2018-12-25T13:07:21.150776712Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T13:07:21.158187915Z 66 PC: 12be9 | Move file pointer (See above)
2018-12-25T13:07:21.159652398Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T13:07:21.162555578Z 66 PC: 12b39 | Move file pointer (See above)
2018-12-25T13:07:21.165182986Z 64 PC: 12b4e | Write file or device (See above)
2018-12-25T13:07:21.168624298Z 64 PC: 12b67 | Write file or device (See above)
2018-12-25T13:07:21.178367534Z 87 PC: 12b6e | Get or set file date and time (See above)
2018-12-25T13:07:21.181734822Z 62 PC: 12b72 | Close file (See above)
2018-12-25T13:07:21.190790423Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T13:07:21.194228603Z 67 PC: 12ae8 | Get or set file attributes (See above)
2018-12-25T13:07:21.206327883Z 61 PC: 12aee | Open file (See above)
2018-12-25T13:07:21.218937987Z 87 PC: 12af4 | Get or set file date and time (See above)
2018-12-25T13:07:21.222174904Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T13:07:21.234244614Z 66 PC: 12be9 | Move file pointer (See above)
2018-12-25T13:07:21.236613799Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T13:07:21.240151221Z 66 PC: 12b39 | Move file pointer (See above)
2018-12-25T13:07:21.242331165Z 64 PC: 12b4e | Write file or device (See above)
2018-12-25T13:07:21.247209376Z 64 PC: 12b67 | Write file or device (See above)
2018-12-25T13:07:21.258055409Z 87 PC: 12b6e | Get or set file date and time (See above)
2018-12-25T13:07:21.260257491Z 62 PC: 12b72 | Close file (See above)
2018-12-25T13:07:21.270112866Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T13:07:21.273652531Z 67 PC: 12ae8 | Get or set file attributes (See above)
2018-12-25T13:07:21.285749214Z 61 PC: 12aee | Open file (See above)
2018-12-25T13:07:21.296178905Z 87 PC: 12af4 | Get or set file date and time (See above)
2018-12-25T13:07:21.29772185Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T13:07:21.305035204Z 66 PC: 12be9 | Move file pointer (See above)
2018-12-25T13:07:21.314961885Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T13:07:21.318522927Z 66 PC: 12b39 | Move file pointer (See above)
2018-12-25T13:07:21.320391328Z 64 PC: 12b4e | Write file or device (See above)
2018-12-25T13:07:21.32493513Z 64 PC: 12b67 | Write file or device (See above)
2018-12-25T13:07:21.335133901Z 87 PC: 12b6e | Get or set file date and time (See above)
2018-12-25T13:07:21.337245106Z 62 PC: 12b72 | Close file (See above)
2018-12-25T13:07:21.347026458Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T13:07:21.350710215Z 67 PC: 12ae8 | Get or set file attributes (See above)
2018-12-25T13:07:21.361986839Z 61 PC: 12aee | Open file (See above)
2018-12-25T13:07:21.370036464Z 87 PC: 12af4 | Get or set file date and time (See above)
2018-12-25T13:07:21.373032283Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T13:07:21.380867545Z 66 PC: 12be9 | Move file pointer (See above)
2018-12-25T13:07:21.382667651Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T13:07:21.387293686Z 66 PC: 12b39 | Move file pointer (See above)
2018-12-25T13:07:21.389316014Z 64 PC: 12b4e | Write file or device (See above)
2018-12-25T13:07:21.393028572Z 64 PC: 12b67 | Write file or device (See above)
2018-12-25T13:07:21.404200857Z 87 PC: 12b6e | Get or set file date and time (See above)
2018-12-25T13:07:21.406831361Z 62 PC: 12b72 | Close file (See above)
2018-12-25T13:07:21.416423396Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T13:07:21.420711608Z 67 PC: 12ae8 | Get or set file attributes (See above)
2018-12-25T13:07:21.432428033Z 61 PC: 12aee | Open file (See above)
2018-12-25T13:07:21.440268761Z 87 PC: 12af4 | Get or set file date and time (See above)
2018-12-25T13:07:21.442537225Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T13:07:21.451150752Z 66 PC: 12be9 | Move file pointer (See above)
2018-12-25T13:07:21.453100096Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T13:07:21.456446415Z 66 PC: 12b39 | Move file pointer (See above)
2018-12-25T13:07:21.459630337Z 64 PC: 12b4e | Write file or device (See above)
2018-12-25T13:07:21.469127873Z 64 PC: 12b67 | Write file or device (See above)
2018-12-25T13:07:21.479575796Z 87 PC: 12b6e | Get or set file date and time (See above)
2018-12-25T13:07:21.490751483Z 62 PC: 12b72 | Close file (See above)
2018-12-25T13:07:21.500331368Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T13:07:21.503898336Z 67 PC: 12ae8 | Get or set file attributes (See above)
2018-12-25T13:07:21.515801735Z 61 PC: 12aee | Open file (See above)
2018-12-25T13:07:21.52382177Z 87 PC: 12af4 | Get or set file date and time (See above)
2018-12-25T13:07:21.525478549Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T13:07:21.53340496Z 66 PC: 12be9 | Move file pointer (See above)
2018-12-25T13:07:21.535383258Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T13:07:21.538764473Z 66 PC: 12b39 | Move file pointer (See above)
2018-12-25T13:07:21.540787483Z 64 PC: 12b4e | Write file or device (See above)
2018-12-25T13:07:21.544945231Z 64 PC: 12b67 | Write file or device (See above)
2018-12-25T13:07:21.555349741Z 87 PC: 12b6e | Get or set file date and time (See above)
2018-12-25T13:07:21.557403443Z 62 PC: 12b72 | Close file (See above)
2018-12-25T13:07:21.566874437Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T13:07:21.570222991Z 67 PC: 12ae8 | Get or set file attributes (See above)
2018-12-25T13:07:21.581435146Z 61 PC: 12aee | Open file (See above)
2018-12-25T13:07:21.590353165Z 87 PC: 12af4 | Get or set file date and time (See above)
2018-12-25T13:07:21.592345032Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T13:07:21.595630315Z 66 PC: 12be9 | Move file pointer (See above)
2018-12-25T13:07:21.598485397Z 64 PC: 12b31 | Write file or device (See above)
2018-12-25T13:07:21.602197782Z 66 PC: 12b39 | Move file pointer (See above)
2018-12-25T13:07:21.604191796Z 64 PC: 12b4e | Write file or device (See above)
2018-12-25T13:07:21.60970145Z 64 PC: 12b67 | Write file or device (See above)
2018-12-25T13:07:21.620600406Z 87 PC: 12b6e | Get or set file date and time (See above)
2018-12-25T13:07:21.622682555Z 62 PC: 12b72 | Close file (See above)
2018-12-25T13:07:21.63206768Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T13:07:21.635794439Z 59 PC: 12ab1 | Change current directory
2018-12-25T13:07:21.640735974Z 42 PC: 12ab7 | Get date 0x12ab7: cmp dl, 0x1e
0x12aba: jne 0x12ad4
0x12abc: push cs
0x12abd: pop ds
0x12abe: mov ax, 0xb800
0x12ac1: mov es, ax
0x12ac3: xor di, di
0x12ac5: lea si, word ptr [bp + 0x2aa]
0x12ac9: mov cx, 0x36c
0x12acc: nop
0x12acd: call 0x12b77
0x12ad0: xor ax, ax
0x12ad2: int 0x16
0x12ad4: mov dx, 0x80
0x12ad7: mov ah, 0x1a
0x12ad9: int 0x21
0x12adb: ret
0x12adc: lea dx, word ptr [bp + 0x663]
0x12ae0: push dx
0x12ae1: mov ax, 0x4301