Sample viewer

vx.netlux.org/Virus.DOS.Mpoc.792

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:57:28.719272318Z 26 PC: 12a55 | Set disk transfer address
2018-12-17T22:57:28.720583667Z 78 PC: 12ac4 | Find first file
2018-12-17T22:57:28.726653883Z 67 PC: 12ad4 | Get or set file attributes
2018-12-17T22:57:28.744582622Z 61 PC: 12ade | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:57:28.751137418Z 63 PC: 12aeb | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:57:28.758162623Z 63 PC: 12af6 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:57:28.760591243Z 63 PC: 12b01 | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:57:28.763005191Z 66 PC: 12b2a | Move file pointer
2018-12-17T22:57:28.764884167Z 64 PC: 12b35 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:57:28.76746059Z 64 PC: 12b40 | Write file or device (Write 2 bytes on handle 5)
2018-12-17T22:57:28.769988539Z 66 PC: 12b49 | Move file pointer
2018-12-17T22:57:28.772823888Z 64 PC: 12b54 | Write file or device (Write 792 bytes on handle 5)
2018-12-17T22:57:28.781564289Z 87 PC: 12b63 | Get or set file date and time
2018-12-17T22:57:28.782893753Z 67 PC: 12b71 | Get or set file attributes
2018-12-17T22:57:28.788125227Z 79 PC: 12ac4 | Find next file
2018-12-17T22:57:28.79065642Z 67 PC: 12ad4 | Get or set file attributes
2018-12-17T22:57:28.795168156Z 61 PC: 12ade | Open file (Filename = 'PRINT.COM')
2018-12-17T22:57:28.802527047Z 63 PC: 12aeb | Read file or device (Read 2 bytes on handle 6)
2018-12-17T22:57:28.808880285Z 63 PC: 12af6 | Read file or device (Read 1 bytes on handle 6)
2018-12-17T22:57:28.81116143Z 63 PC: 12b01 | Read file or device (Read 2 bytes on handle 6)
2018-12-17T22:57:28.813461355Z 66 PC: 12b2a | Move file pointer
2018-12-17T22:57:28.814889694Z 64 PC: 12b35 | Write file or device (Write 3 bytes on handle 6)
2018-12-17T22:57:28.817436486Z 64 PC: 12b40 | Write file or device (Write 2 bytes on handle 6)
2018-12-17T22:57:28.8199851Z 66 PC: 12b49 | Move file pointer
2018-12-17T22:57:28.82174808Z 64 PC: 12b54 | Write file or device (Write 792 bytes on handle 6)
2018-12-17T22:57:28.829467471Z 87 PC: 12b63 | Get or set file date and time
2018-12-17T22:57:28.830843702Z 67 PC: 12b71 | Get or set file attributes
2018-12-17T22:57:28.836042811Z 79 PC: 12ac4 | Find next file
2018-12-17T22:57:28.838769588Z 67 PC: 12ad4 | Get or set file attributes
2018-12-17T22:57:28.84420118Z 61 PC: 12ade | Open file (Filename = 'HELLO.COM')
2018-12-17T22:57:28.851609858Z 63 PC: 12aeb | Read file or device (Read 2 bytes on handle 7)
2018-12-17T22:57:28.862170723Z 63 PC: 12af6 | Read file or device (Read 1 bytes on handle 7)
2018-12-17T22:57:28.868837825Z 63 PC: 12b01 | Read file or device (Read 2 bytes on handle 7)
2018-12-17T22:57:28.875456397Z 66 PC: 12b2a | Move file pointer
2018-12-17T22:57:28.876892106Z 64 PC: 12b35 | Write file or device (Write 3 bytes on handle 7)
2018-12-17T22:57:28.879527894Z 64 PC: 12b40 | Write file or device (Write 2 bytes on handle 7)
2018-12-17T22:57:28.883106979Z 66 PC: 12b49 | Move file pointer
2018-12-17T22:57:28.884519963Z 64 PC: 12b54 | Write file or device (Write 792 bytes on handle 7)
2018-12-17T22:57:28.892541808Z 87 PC: 12b63 | Get or set file date and time
2018-12-17T22:57:28.894565295Z 67 PC: 12b71 | Get or set file attributes
2018-12-17T22:57:28.899644365Z 79 PC: 12ac4 | Find next file
2018-12-17T22:57:28.902958817Z 67 PC: 12ad4 | Get or set file attributes
2018-12-17T22:57:28.90891886Z 61 PC: 12ade | Open file (Filename = 'PHANG.COM')
2018-12-17T22:57:28.913576329Z 63 PC: 12aeb | Read file or device (Read 2 bytes on handle 8)
2018-12-17T22:57:28.917492603Z 63 PC: 12af6 | Read file or device (Read 1 bytes on handle 8)
2018-12-17T22:57:28.919532014Z 63 PC: 12b01 | Read file or device (Read 2 bytes on handle 8)
2018-12-17T22:57:28.921161065Z 66 PC: 12b2a | Move file pointer
2018-12-17T22:57:28.922373087Z 64 PC: 12b35 | Write file or device (Write 3 bytes on handle 8)
2018-12-17T22:57:28.925465398Z 64 PC: 12b40 | Write file or device (Write 2 bytes on handle 8)
2018-12-17T22:57:28.928323881Z 66 PC: 12b49 | Move file pointer
2018-12-17T22:57:28.930038237Z 64 PC: 12b54 | Write file or device (Write 792 bytes on handle 8)
2018-12-17T22:57:28.938753399Z 87 PC: 12b63 | Get or set file date and time
2018-12-17T22:57:28.940952056Z 67 PC: 12b71 | Get or set file attributes
2018-12-17T22:57:28.946169058Z 79 PC: 12ac4 | Find next file
2018-12-17T22:57:28.949673997Z 67 PC: 12ad4 | Get or set file attributes
2018-12-17T22:57:28.954278628Z 61 PC: 12ade | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:57:28.960542983Z 63 PC: 12aeb | Read file or device (Read 2 bytes on handle 9)
2018-12-17T22:57:28.971008235Z 63 PC: 12af6 | Read file or device (Read 1 bytes on handle 9)
2018-12-17T22:57:28.973395125Z 63 PC: 12b01 | Read file or device (Read 2 bytes on handle 9)
2018-12-17T22:57:28.975708398Z 66 PC: 12b2a | Move file pointer
2018-12-17T22:57:28.977211148Z 64 PC: 12b35 | Write file or device (Write 3 bytes on handle 9)
2018-12-17T22:57:28.980384093Z 64 PC: 12b40 | Write file or device (Write 2 bytes on handle 9)
2018-12-17T22:57:28.982806824Z 66 PC: 12b49 | Move file pointer
2018-12-17T22:57:28.984387224Z 64 PC: 12b54 | Write file or device (Write 792 bytes on handle 9)
2018-12-17T22:57:28.993118974Z 87 PC: 12b63 | Get or set file date and time
2018-12-17T22:57:28.994433304Z 67 PC: 12b71 | Get or set file attributes
2018-12-17T22:57:28.998967089Z 79 PC: 12ac4 | Find next file
2018-12-17T22:57:29.001986959Z 67 PC: 12ad4 | Get or set file attributes
2018-12-17T22:57:29.006845818Z 61 PC: 12ade | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:57:29.01314246Z 63 PC: 12aeb | Read file or device (Read 2 bytes on handle 10)
2018-12-17T22:57:29.019605494Z 63 PC: 12af6 | Read file or device (Read 1 bytes on handle 10)
2018-12-17T22:57:29.022209842Z 63 PC: 12b01 | Read file or device (Read 2 bytes on handle 10)
2018-12-17T22:57:29.024785748Z 66 PC: 12b2a | Move file pointer
2018-12-17T22:57:29.026752833Z 64 PC: 12b35 | Write file or device (Write 3 bytes on handle 10)
2018-12-17T22:57:29.029562708Z 64 PC: 12b40 | Write file or device (Write 2 bytes on handle 10)
2018-12-17T22:57:29.032428774Z 66 PC: 12b49 | Move file pointer
2018-12-17T22:57:29.034262404Z 64 PC: 12b54 | Write file or device (Write 792 bytes on handle 10)
2018-12-17T22:57:29.04276288Z 87 PC: 12b63 | Get or set file date and time
2018-12-17T22:57:29.044128864Z 67 PC: 12b71 | Get or set file attributes
2018-12-17T22:57:29.049425897Z 79 PC: 12ac4 | Find next file
2018-12-17T22:57:29.052752589Z 67 PC: 12ad4 | Get or set file attributes
2018-12-17T22:57:29.057184239Z 61 PC: 12ade | Open file (Filename = 'PAH.COM')
2018-12-17T22:57:29.06487147Z 63 PC: 12aeb | Read file or device (Read 2 bytes on handle 11)
2018-12-17T22:57:29.07278391Z 63 PC: 12af6 | Read file or device (Read 1 bytes on handle 11)
2018-12-17T22:57:29.075656024Z 63 PC: 12b01 | Read file or device (Read 2 bytes on handle 11)
2018-12-17T22:57:29.078783292Z 66 PC: 12b2a | Move file pointer
2018-12-17T22:57:29.080137719Z 64 PC: 12b35 | Write file or device (Write 3 bytes on handle 11)
2018-12-17T22:57:29.082840433Z 64 PC: 12b40 | Write file or device (Write 2 bytes on handle 11)
2018-12-17T22:57:29.085828995Z 66 PC: 12b49 | Move file pointer
2018-12-17T22:57:29.08764951Z 64 PC: 12b54 | Write file or device (Write 792 bytes on handle 11)
2018-12-17T22:57:29.096505028Z 87 PC: 12b63 | Get or set file date and time
2018-12-17T22:57:29.105227102Z 67 PC: 12b71 | Get or set file attributes
2018-12-17T22:57:29.115900434Z 79 PC: 12ac4 | Find next file
2018-12-17T22:57:29.118583385Z 67 PC: 12ad4 | Get or set file attributes
2018-12-17T22:57:29.125597353Z 61 PC: 12ade | Open file (Filename = 'TEST.COM')
2018-12-17T22:57:29.132475316Z 63 PC: 12aeb | Read file or device (Read 2 bytes on handle 12)
2018-12-17T22:57:29.134984491Z 63 PC: 12af6 | Read file or device (Read 1 bytes on handle 12)
2018-12-17T22:57:29.13829438Z 63 PC: 12b01 | Read file or device (Read 2 bytes on handle 12)
2018-12-17T22:57:29.14123298Z 79 PC: 12ac4 | Find next file
2018-12-17T22:57:29.143413676Z 42 PC: 12b7e | Get date 0x12b7e: cmp dx, 0x603
0x12b82: je 0x12b86
0x12b84: jmp 0x12b8e
0x12b86: mov ah, 9
0x12b88: lea dx, word ptr [bp + 0x253]
0x12b8c: int 0x21
0x12b8e: mov si, 0x100
0x12b91: jmp si
0x12b93: dec bp
0x12b94: jae 0x12c0a
0x12b97: popaw
0x12b98: and byte ptr gs:[edx + 0x65], dh
0x12b9d: arpl word ptr [bx + di + 0x65], bp
0x12ba0: jbe 0x12c07
0x12ba2: and byte ptr fs:[bp + 0x72], ah
0x12ba6: outsw dx, word ptr [si]
0x12ba7: insw word ptr es:[di], dx
0x12ba8: and byte ptr [di + 0x2d], cl
0x12bab: push ax
0x12bac: dec di

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12562,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:35:37.562557936Z 26 PC: 12a55 | Set disk transfer address
2018-12-25T12:35:37.56453466Z 78 PC: 12ac4 | Find first file
2018-12-25T12:35:37.570938036Z 67 PC: 12ad4 | Get or set file attributes
2018-12-25T12:35:37.58705415Z 61 PC: 12ade | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:35:37.594431395Z 63 PC: 12aeb | Read file or device (Read 2 bytes on handle 5)
2018-12-25T12:35:37.600766796Z 63 PC: 12af6 | Read file or device (Read 1 bytes on handle 5)
2018-12-25T12:35:37.603187648Z 63 PC: 12b01 | Read file or device (Read 2 bytes on handle 5)
2018-12-25T12:35:37.608093408Z 66 PC: 12b2a | Move file pointer
2018-12-25T12:35:37.616781682Z 64 PC: 12b35 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:35:37.620727233Z 64 PC: 12b40 | Write file or device (Write 2 bytes on handle 5)
2018-12-25T12:35:37.623921045Z 66 PC: 12b49 | Move file pointer
2018-12-25T12:35:37.626059973Z 64 PC: 12b54 | Write file or device (Write 792 bytes on handle 5)
2018-12-25T12:35:37.635361866Z 87 PC: 12b63 | Get or set file date and time
2018-12-25T12:35:37.638051737Z 67 PC: 12b71 | Get or set file attributes
2018-12-25T12:35:37.644803059Z 79 PC: 12ac4 | Find next file (See above)
2018-12-25T12:35:37.648676514Z 67 PC: 12ad4 | Get or set file attributes (See above)
2018-12-25T12:35:37.653843029Z 61 PC: 12ade | Open file (See above)
2018-12-25T12:35:37.661443303Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:35:37.686985507Z 63 PC: 12af6 | Read file or device (See above)
2018-12-25T12:35:37.689674813Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:35:37.693017422Z 66 PC: 12b2a | Move file pointer (See above)
2018-12-25T12:35:37.694734693Z 64 PC: 12b35 | Write file or device (See above)
2018-12-25T12:35:37.697601751Z 64 PC: 12b40 | Write file or device (See above)
2018-12-25T12:35:37.701642788Z 66 PC: 12b49 | Move file pointer (See above)
2018-12-25T12:35:37.703152745Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:35:37.711270802Z 87 PC: 12b63 | Get or set file date and time (See above)
2018-12-25T12:35:37.714418342Z 67 PC: 12b71 | Get or set file attributes (See above)
2018-12-25T12:35:37.720148765Z 79 PC: 12ac4 | Find next file (See above)
2018-12-25T12:35:37.723574024Z 67 PC: 12ad4 | Get or set file attributes (See above)
2018-12-25T12:35:37.728859915Z 61 PC: 12ade | Open file (See above)
2018-12-25T12:35:37.735699481Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:35:37.742390615Z 63 PC: 12af6 | Read file or device (See above)
2018-12-25T12:35:37.749128103Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:35:37.752397062Z 66 PC: 12b2a | Move file pointer (See above)
2018-12-25T12:35:37.754128002Z 64 PC: 12b35 | Write file or device (See above)
2018-12-25T12:35:37.757351058Z 64 PC: 12b40 | Write file or device (See above)
2018-12-25T12:35:37.760363707Z 66 PC: 12b49 | Move file pointer (See above)
2018-12-25T12:35:37.762192549Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:35:37.771208012Z 87 PC: 12b63 | Get or set file date and time (See above)
2018-12-25T12:35:37.772742214Z 67 PC: 12b71 | Get or set file attributes (See above)
2018-12-25T12:35:37.777501642Z 79 PC: 12ac4 | Find next file (See above)
2018-12-25T12:35:37.783508989Z 67 PC: 12ad4 | Get or set file attributes (See above)
2018-12-25T12:35:37.78954844Z 61 PC: 12ade | Open file (See above)
2018-12-25T12:35:37.796483809Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:35:37.80345911Z 63 PC: 12af6 | Read file or device (See above)
2018-12-25T12:35:37.807263941Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:35:37.809688928Z 66 PC: 12b2a | Move file pointer (See above)
2018-12-25T12:35:37.811044575Z 64 PC: 12b35 | Write file or device (See above)
2018-12-25T12:35:37.814216173Z 64 PC: 12b40 | Write file or device (See above)
2018-12-25T12:35:37.816866178Z 66 PC: 12b49 | Move file pointer (See above)
2018-12-25T12:35:37.818590436Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:35:37.829834412Z 87 PC: 12b63 | Get or set file date and time (See above)
2018-12-25T12:35:37.83136968Z 67 PC: 12b71 | Get or set file attributes (See above)
2018-12-25T12:35:37.836337917Z 79 PC: 12ac4 | Find next file (See above)
2018-12-25T12:35:37.840070678Z 67 PC: 12ad4 | Get or set file attributes (See above)
2018-12-25T12:35:37.845207001Z 61 PC: 12ade | Open file (See above)
2018-12-25T12:35:37.852896613Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:35:37.860525893Z 63 PC: 12af6 | Read file or device (See above)
2018-12-25T12:35:37.863344845Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:35:37.866175573Z 66 PC: 12b2a | Move file pointer (See above)
2018-12-25T12:35:37.868770697Z 64 PC: 12b35 | Write file or device (See above)
2018-12-25T12:35:37.871978967Z 64 PC: 12b40 | Write file or device (See above)
2018-12-25T12:35:37.874930505Z 66 PC: 12b49 | Move file pointer (See above)
2018-12-25T12:35:37.87732171Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:35:37.885943242Z 87 PC: 12b63 | Get or set file date and time (See above)
2018-12-25T12:35:37.887806389Z 67 PC: 12b71 | Get or set file attributes (See above)
2018-12-25T12:35:37.893612088Z 79 PC: 12ac4 | Find next file (See above)
2018-12-25T12:35:37.896428552Z 67 PC: 12ad4 | Get or set file attributes (See above)
2018-12-25T12:35:37.901507388Z 61 PC: 12ade | Open file (See above)
2018-12-25T12:35:37.909105716Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:35:37.916466078Z 63 PC: 12af6 | Read file or device (See above)
2018-12-25T12:35:37.919187981Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:35:37.923703315Z 66 PC: 12b2a | Move file pointer (See above)
2018-12-25T12:35:37.925845015Z 64 PC: 12b35 | Write file or device (See above)
2018-12-25T12:35:37.928951423Z 64 PC: 12b40 | Write file or device (See above)
2018-12-25T12:35:37.93234469Z 66 PC: 12b49 | Move file pointer (See above)
2018-12-25T12:35:37.934848574Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:35:37.944157577Z 87 PC: 12b63 | Get or set file date and time (See above)
2018-12-25T12:35:37.946738982Z 67 PC: 12b71 | Get or set file attributes (See above)
2018-12-25T12:35:37.953081193Z 79 PC: 12ac4 | Find next file (See above)
2018-12-25T12:35:37.95598606Z 67 PC: 12ad4 | Get or set file attributes (See above)
2018-12-25T12:35:37.960942385Z 61 PC: 12ade | Open file (See above)
2018-12-25T12:35:37.968920138Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:35:37.975606583Z 63 PC: 12af6 | Read file or device (See above)
2018-12-25T12:35:37.978785717Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:35:37.982194688Z 66 PC: 12b2a | Move file pointer (See above)
2018-12-25T12:35:37.983951904Z 64 PC: 12b35 | Write file or device (See above)
2018-12-25T12:35:37.986909516Z 64 PC: 12b40 | Write file or device (See above)
2018-12-25T12:35:37.990569008Z 66 PC: 12b49 | Move file pointer (See above)
2018-12-25T12:35:37.992339328Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:35:38.000897206Z 87 PC: 12b63 | Get or set file date and time (See above)
2018-12-25T12:35:38.003671963Z 67 PC: 12b71 | Get or set file attributes (See above)
2018-12-25T12:35:38.008737085Z 79 PC: 12ac4 | Find next file (See above)
2018-12-25T12:35:38.011671832Z 67 PC: 12ad4 | Get or set file attributes (See above)
2018-12-25T12:35:38.017166535Z 61 PC: 12ade | Open file (See above)
2018-12-25T12:35:38.023970291Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:35:38.026841407Z 63 PC: 12af6 | Read file or device (See above)
2018-12-25T12:35:38.029986507Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:35:38.033124226Z 79 PC: 12ac4 | Find next file (See above)
2018-12-25T12:35:38.035764197Z 42 PC: 12b7e | Get date 0x12b7e: cmp dx, 0x603
0x12b82: je 0x12b86
0x12b84: jmp 0x12b8e
0x12b86: mov ah, 9
0x12b88: lea dx, word ptr [bp + 0x253]
0x12b8c: int 0x21
0x12b8e: mov si, 0x100
0x12b91: jmp si
0x12b93: dec bp
0x12b94: jae 0x12c0a
0x12b97: popaw
0x12b98: and byte ptr gs:[edx + 0x65], dh
0x12b9d: arpl word ptr [bx + di + 0x65], bp
0x12ba0: jbe 0x12c07
0x12ba2: and byte ptr fs:[bp + 0x72], ah
0x12ba6: outsw dx, word ptr [si]
0x12ba7: insw word ptr es:[di], dx
0x12ba8: and byte ptr [di + 0x2d], cl
0x12bab: push ax
0x12bac: dec di

{"DateBased":true,"Day":3,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12562,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:35:39.679062018Z 26 PC: 12a55 | Set disk transfer address
2018-12-25T12:35:39.681649692Z 78 PC: 12ac4 | Find first file
2018-12-25T12:35:39.694056828Z 67 PC: 12ad4 | Get or set file attributes
2018-12-25T12:35:39.713159344Z 61 PC: 12ade | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:35:39.728697905Z 63 PC: 12aeb | Read file or device (Read 2 bytes on handle 5)
2018-12-25T12:35:39.735479311Z 63 PC: 12af6 | Read file or device (Read 1 bytes on handle 5)
2018-12-25T12:35:39.738305489Z 63 PC: 12b01 | Read file or device (Read 2 bytes on handle 5)
2018-12-25T12:35:39.741099431Z 66 PC: 12b2a | Move file pointer
2018-12-25T12:35:39.742701233Z 64 PC: 12b35 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:35:39.746493534Z 64 PC: 12b40 | Write file or device (Write 2 bytes on handle 5)
2018-12-25T12:35:39.749552789Z 66 PC: 12b49 | Move file pointer
2018-12-25T12:35:39.751184543Z 64 PC: 12b54 | Write file or device (Write 792 bytes on handle 5)
2018-12-25T12:35:39.761137685Z 87 PC: 12b63 | Get or set file date and time
2018-12-25T12:35:39.763207687Z 67 PC: 12b71 | Get or set file attributes
2018-12-25T12:35:39.768708739Z 79 PC: 12ac4 | Find next file (See above)
2018-12-25T12:35:39.772306925Z 67 PC: 12ad4 | Get or set file attributes (See above)
2018-12-25T12:35:39.777662775Z 61 PC: 12ade | Open file (See above)
2018-12-25T12:35:39.784921898Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:35:39.792910337Z 63 PC: 12af6 | Read file or device (See above)
2018-12-25T12:35:39.795835453Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:35:39.79904793Z 66 PC: 12b2a | Move file pointer (See above)
2018-12-25T12:35:39.801944392Z 64 PC: 12b35 | Write file or device (See above)
2018-12-25T12:35:39.805285055Z 64 PC: 12b40 | Write file or device (See above)
2018-12-25T12:35:39.810293595Z 66 PC: 12b49 | Move file pointer (See above)
2018-12-25T12:35:39.812368419Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:35:39.821986552Z 87 PC: 12b63 | Get or set file date and time (See above)
2018-12-25T12:35:39.823736322Z 67 PC: 12b71 | Get or set file attributes (See above)
2018-12-25T12:35:39.827858118Z 79 PC: 12ac4 | Find next file (See above)
2018-12-25T12:35:39.830904896Z 67 PC: 12ad4 | Get or set file attributes (See above)
2018-12-25T12:35:39.83622868Z 61 PC: 12ade | Open file (See above)
2018-12-25T12:35:39.84347911Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:35:39.85144979Z 63 PC: 12af6 | Read file or device (See above)
2018-12-25T12:35:39.854451905Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:35:39.85735667Z 66 PC: 12b2a | Move file pointer (See above)
2018-12-25T12:35:39.859515749Z 64 PC: 12b35 | Write file or device (See above)
2018-12-25T12:35:39.862972102Z 64 PC: 12b40 | Write file or device (See above)
2018-12-25T12:35:39.866612271Z 66 PC: 12b49 | Move file pointer (See above)
2018-12-25T12:35:39.869389498Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:35:39.878657311Z 87 PC: 12b63 | Get or set file date and time (See above)
2018-12-25T12:35:39.880409883Z 67 PC: 12b71 | Get or set file attributes (See above)
2018-12-25T12:35:39.887011654Z 79 PC: 12ac4 | Find next file (See above)
2018-12-25T12:35:39.890129385Z 67 PC: 12ad4 | Get or set file attributes (See above)
2018-12-25T12:35:39.895657392Z 61 PC: 12ade | Open file (See above)
2018-12-25T12:35:39.903201516Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:35:39.909820736Z 63 PC: 12af6 | Read file or device (See above)
2018-12-25T12:35:39.912486685Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:35:39.915208636Z 66 PC: 12b2a | Move file pointer (See above)
2018-12-25T12:35:39.917377984Z 64 PC: 12b35 | Write file or device (See above)
2018-12-25T12:35:39.919382035Z 64 PC: 12b40 | Write file or device (See above)
2018-12-25T12:35:39.921493516Z 66 PC: 12b49 | Move file pointer (See above)
2018-12-25T12:35:39.923655795Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:35:39.929311562Z 87 PC: 12b63 | Get or set file date and time (See above)
2018-12-25T12:35:39.930881983Z 67 PC: 12b71 | Get or set file attributes (See above)
2018-12-25T12:35:39.938518881Z 79 PC: 12ac4 | Find next file (See above)
2018-12-25T12:35:39.941171069Z 67 PC: 12ad4 | Get or set file attributes (See above)
2018-12-25T12:35:39.944849327Z 61 PC: 12ade | Open file (See above)
2018-12-25T12:35:39.950579539Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:35:39.955678863Z 63 PC: 12af6 | Read file or device (See above)
2018-12-25T12:35:39.957744519Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:35:39.960049767Z 66 PC: 12b2a | Move file pointer (See above)
2018-12-25T12:35:39.961658954Z 64 PC: 12b35 | Write file or device (See above)
2018-12-25T12:35:39.96503137Z 64 PC: 12b40 | Write file or device (See above)
2018-12-25T12:35:39.968165054Z 66 PC: 12b49 | Move file pointer (See above)
2018-12-25T12:35:39.969913981Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:35:39.97919754Z 87 PC: 12b63 | Get or set file date and time (See above)
2018-12-25T12:35:39.980834491Z 67 PC: 12b71 | Get or set file attributes (See above)
2018-12-25T12:35:39.988017099Z 79 PC: 12ac4 | Find next file (See above)
2018-12-25T12:35:39.991297636Z 67 PC: 12ad4 | Get or set file attributes (See above)
2018-12-25T12:35:39.997749892Z 61 PC: 12ade | Open file (See above)
2018-12-25T12:35:40.006623775Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:35:40.014689772Z 63 PC: 12af6 | Read file or device (See above)
2018-12-25T12:35:40.017800679Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:35:40.020794392Z 66 PC: 12b2a | Move file pointer (See above)
2018-12-25T12:35:40.022442346Z 64 PC: 12b35 | Write file or device (See above)
2018-12-25T12:35:40.025614462Z 64 PC: 12b40 | Write file or device (See above)
2018-12-25T12:35:40.029760323Z 66 PC: 12b49 | Move file pointer (See above)
2018-12-25T12:35:40.03206832Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:35:40.042152601Z 87 PC: 12b63 | Get or set file date and time (See above)
2018-12-25T12:35:40.044694237Z 67 PC: 12b71 | Get or set file attributes (See above)
2018-12-25T12:35:40.050140055Z 79 PC: 12ac4 | Find next file (See above)
2018-12-25T12:35:40.05303537Z 67 PC: 12ad4 | Get or set file attributes (See above)
2018-12-25T12:35:40.058866393Z 61 PC: 12ade | Open file (See above)
2018-12-25T12:35:40.06749679Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:35:40.075607819Z 63 PC: 12af6 | Read file or device (See above)
2018-12-25T12:35:40.078990851Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:35:40.082273779Z 66 PC: 12b2a | Move file pointer (See above)
2018-12-25T12:35:40.084393038Z 64 PC: 12b35 | Write file or device (See above)
2018-12-25T12:35:40.088070899Z 64 PC: 12b40 | Write file or device (See above)
2018-12-25T12:35:40.091118384Z 66 PC: 12b49 | Move file pointer (See above)
2018-12-25T12:35:40.093176953Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:35:40.103112923Z 87 PC: 12b63 | Get or set file date and time (See above)
2018-12-25T12:35:40.106878025Z 67 PC: 12b71 | Get or set file attributes (See above)
2018-12-25T12:35:40.112762153Z 79 PC: 12ac4 | Find next file (See above)
2018-12-25T12:35:40.116237767Z 67 PC: 12ad4 | Get or set file attributes (See above)
2018-12-25T12:35:40.12307807Z 61 PC: 12ade | Open file (See above)
2018-12-25T12:35:40.130818388Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:35:40.138338906Z 63 PC: 12af6 | Read file or device (See above)
2018-12-25T12:35:40.143144664Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:35:40.14674314Z 79 PC: 12ac4 | Find next file (See above)
2018-12-25T12:35:40.149446317Z 42 PC: 12b7e | Get date 0x12b7e: cmp dx, 0x603
0x12b82: je 0x12b86
0x12b84: jmp 0x12b8e
0x12b86: mov ah, 9
0x12b88: lea dx, word ptr [bp + 0x253]
0x12b8c: int 0x21
0x12b8e: mov si, 0x100
0x12b91: jmp si
0x12b93: dec bp
0x12b94: jae 0x12c0a
0x12b97: popaw
0x12b98: and byte ptr gs:[edx + 0x65], dh
0x12b9d: arpl word ptr [bx + di + 0x65], bp
0x12ba0: jbe 0x12c07
0x12ba2: and byte ptr fs:[bp + 0x72], ah
0x12ba6: outsw dx, word ptr [si]
0x12ba7: insw word ptr es:[di], dx
0x12ba8: and byte ptr [di + 0x2d], cl
0x12bab: push ax
0x12bac: dec di
2018-12-25T12:35:40.152384345Z 9 PC: 12b8e | Display string (String= 'Message recieved from M-POC Generation 2: I am outta here!')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12562,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:35:39.847022348Z 26 PC: 12a55 | Set disk transfer address
2018-12-25T12:35:39.849385635Z 78 PC: 12ac4 | Find first file
2018-12-25T12:35:39.855526526Z 67 PC: 12ad4 | Get or set file attributes
2018-12-25T12:35:39.872286868Z 61 PC: 12ade | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:35:39.879795325Z 63 PC: 12aeb | Read file or device (Read 2 bytes on handle 5)
2018-12-25T12:35:39.886764432Z 63 PC: 12af6 | Read file or device (Read 1 bytes on handle 5)
2018-12-25T12:35:39.889532723Z 63 PC: 12b01 | Read file or device (Read 2 bytes on handle 5)
2018-12-25T12:35:39.892673404Z 66 PC: 12b2a | Move file pointer
2018-12-25T12:35:39.894925902Z 64 PC: 12b35 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:35:39.897642483Z 64 PC: 12b40 | Write file or device (Write 2 bytes on handle 5)
2018-12-25T12:35:39.900233902Z 66 PC: 12b49 | Move file pointer
2018-12-25T12:35:39.910317141Z 64 PC: 12b54 | Write file or device (Write 792 bytes on handle 5)
2018-12-25T12:35:39.919279526Z 87 PC: 12b63 | Get or set file date and time
2018-12-25T12:35:39.92104854Z 67 PC: 12b71 | Get or set file attributes
2018-12-25T12:35:39.931547205Z 79 PC: 12ac4 | Find next file (See above)
2018-12-25T12:35:39.935873998Z 67 PC: 12ad4 | Get or set file attributes (See above)
2018-12-25T12:35:39.941062885Z 61 PC: 12ade | Open file (See above)
2018-12-25T12:35:39.949154604Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:35:39.955797525Z 63 PC: 12af6 | Read file or device (See above)
2018-12-25T12:35:39.959090798Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:35:39.964103004Z 66 PC: 12b2a | Move file pointer (See above)
2018-12-25T12:35:39.966206096Z 64 PC: 12b35 | Write file or device (See above)
2018-12-25T12:35:39.96977715Z 64 PC: 12b40 | Write file or device (See above)
2018-12-25T12:35:39.974021959Z 66 PC: 12b49 | Move file pointer (See above)
2018-12-25T12:35:39.976259709Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:35:39.984274833Z 87 PC: 12b63 | Get or set file date and time (See above)
2018-12-25T12:35:39.986731722Z 67 PC: 12b71 | Get or set file attributes (See above)
2018-12-25T12:35:39.99172057Z 79 PC: 12ac4 | Find next file (See above)
2018-12-25T12:35:39.994522339Z 67 PC: 12ad4 | Get or set file attributes (See above)
2018-12-25T12:35:40.000910176Z 61 PC: 12ade | Open file (See above)
2018-12-25T12:35:40.008885387Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:35:40.015792874Z 63 PC: 12af6 | Read file or device (See above)
2018-12-25T12:35:40.03034464Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:35:40.033451839Z 66 PC: 12b2a | Move file pointer (See above)
2018-12-25T12:35:40.035311766Z 64 PC: 12b35 | Write file or device (See above)
2018-12-25T12:35:40.039113707Z 64 PC: 12b40 | Write file or device (See above)
2018-12-25T12:35:40.041671233Z 66 PC: 12b49 | Move file pointer (See above)
2018-12-25T12:35:40.043095161Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:35:40.050975297Z 87 PC: 12b63 | Get or set file date and time (See above)
2018-12-25T12:35:40.053348171Z 67 PC: 12b71 | Get or set file attributes (See above)
2018-12-25T12:35:40.059547401Z 79 PC: 12ac4 | Find next file (See above)
2018-12-25T12:35:40.062189134Z 67 PC: 12ad4 | Get or set file attributes (See above)
2018-12-25T12:35:40.067629523Z 61 PC: 12ade | Open file (See above)
2018-12-25T12:35:40.073855283Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:35:40.081006168Z 63 PC: 12af6 | Read file or device (See above)
2018-12-25T12:35:40.084673587Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:35:40.088510474Z 66 PC: 12b2a | Move file pointer (See above)
2018-12-25T12:35:40.090159463Z 64 PC: 12b35 | Write file or device (See above)
2018-12-25T12:35:40.093713047Z 64 PC: 12b40 | Write file or device (See above)
2018-12-25T12:35:40.096488691Z 66 PC: 12b49 | Move file pointer (See above)
2018-12-25T12:35:40.09810362Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:35:40.106741615Z 87 PC: 12b63 | Get or set file date and time (See above)
2018-12-25T12:35:40.108683879Z 67 PC: 12b71 | Get or set file attributes (See above)
2018-12-25T12:35:40.113408609Z 79 PC: 12ac4 | Find next file (See above)
2018-12-25T12:35:40.118743757Z 67 PC: 12ad4 | Get or set file attributes (See above)
2018-12-25T12:35:40.123658963Z 61 PC: 12ade | Open file (See above)
2018-12-25T12:35:40.130397924Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:35:40.137161046Z 63 PC: 12af6 | Read file or device (See above)
2018-12-25T12:35:40.1408255Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:35:40.143557781Z 66 PC: 12b2a | Move file pointer (See above)
2018-12-25T12:35:40.14524704Z 64 PC: 12b35 | Write file or device (See above)
2018-12-25T12:35:40.149051561Z 64 PC: 12b40 | Write file or device (See above)
2018-12-25T12:35:40.151893916Z 66 PC: 12b49 | Move file pointer (See above)
2018-12-25T12:35:40.153583376Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:35:40.16265206Z 87 PC: 12b63 | Get or set file date and time (See above)
2018-12-25T12:35:40.164317949Z 67 PC: 12b71 | Get or set file attributes (See above)
2018-12-25T12:35:40.169303929Z 79 PC: 12ac4 | Find next file (See above)
2018-12-25T12:35:40.173269371Z 67 PC: 12ad4 | Get or set file attributes (See above)
2018-12-25T12:35:40.178095987Z 61 PC: 12ade | Open file (See above)
2018-12-25T12:35:40.184704081Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:35:40.192327582Z 63 PC: 12af6 | Read file or device (See above)
2018-12-25T12:35:40.194980498Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:35:40.197630192Z 66 PC: 12b2a | Move file pointer (See above)
2018-12-25T12:35:40.2005659Z 64 PC: 12b35 | Write file or device (See above)
2018-12-25T12:35:40.203331746Z 64 PC: 12b40 | Write file or device (See above)
2018-12-25T12:35:40.205815976Z 66 PC: 12b49 | Move file pointer (See above)
2018-12-25T12:35:40.207784971Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:35:40.216906766Z 87 PC: 12b63 | Get or set file date and time (See above)
2018-12-25T12:35:40.218425437Z 67 PC: 12b71 | Get or set file attributes (See above)
2018-12-25T12:35:40.224394334Z 79 PC: 12ac4 | Find next file (See above)
2018-12-25T12:35:40.227937629Z 67 PC: 12ad4 | Get or set file attributes (See above)
2018-12-25T12:35:40.232867945Z 61 PC: 12ade | Open file (See above)
2018-12-25T12:35:40.240473809Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:35:40.248062356Z 63 PC: 12af6 | Read file or device (See above)
2018-12-25T12:35:40.250617895Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:35:40.263128274Z 66 PC: 12b2a | Move file pointer (See above)
2018-12-25T12:35:40.264971821Z 64 PC: 12b35 | Write file or device (See above)
2018-12-25T12:35:40.268056572Z 64 PC: 12b40 | Write file or device (See above)
2018-12-25T12:35:40.272094205Z 66 PC: 12b49 | Move file pointer (See above)
2018-12-25T12:35:40.2738583Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:35:40.282094041Z 87 PC: 12b63 | Get or set file date and time (See above)
2018-12-25T12:35:40.28447883Z 67 PC: 12b71 | Get or set file attributes (See above)
2018-12-25T12:35:40.28947306Z 79 PC: 12ac4 | Find next file (See above)
2018-12-25T12:35:40.304856188Z 67 PC: 12ad4 | Get or set file attributes (See above)
2018-12-25T12:35:40.310261251Z 61 PC: 12ade | Open file (See above)
2018-12-25T12:35:40.318452757Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:35:40.321447628Z 63 PC: 12af6 | Read file or device (See above)
2018-12-25T12:35:40.324546346Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:35:40.328917086Z 79 PC: 12ac4 | Find next file (See above)
2018-12-25T12:35:40.331728342Z 42 PC: 12b7e | Get date 0x12b7e: cmp dx, 0x603
0x12b82: je 0x12b86
0x12b84: jmp 0x12b8e
0x12b86: mov ah, 9
0x12b88: lea dx, word ptr [bp + 0x253]
0x12b8c: int 0x21
0x12b8e: mov si, 0x100
0x12b91: jmp si
0x12b93: dec bp
0x12b94: jae 0x12c0a
0x12b97: popaw
0x12b98: and byte ptr gs:[edx + 0x65], dh
0x12b9d: arpl word ptr [bx + di + 0x65], bp
0x12ba0: jbe 0x12c07
0x12ba2: and byte ptr fs:[bp + 0x72], ah
0x12ba6: outsw dx, word ptr [si]
0x12ba7: insw word ptr es:[di], dx
0x12ba8: and byte ptr [di + 0x2d], cl
0x12bab: push ax
0x12bac: dec di

{"DateBased":true,"Day":3,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12562,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:35:40.118467539Z 26 PC: 12a55 | Set disk transfer address
2018-12-25T12:35:40.121153123Z 78 PC: 12ac4 | Find first file
2018-12-25T12:35:40.128326091Z 67 PC: 12ad4 | Get or set file attributes
2018-12-25T12:35:40.150843117Z 61 PC: 12ade | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:35:40.158202963Z 63 PC: 12aeb | Read file or device (Read 2 bytes on handle 5)
2018-12-25T12:35:40.170601212Z 63 PC: 12af6 | Read file or device (Read 1 bytes on handle 5)
2018-12-25T12:35:40.173410618Z 63 PC: 12b01 | Read file or device (Read 2 bytes on handle 5)
2018-12-25T12:35:40.176222668Z 66 PC: 12b2a | Move file pointer
2018-12-25T12:35:40.179160109Z 64 PC: 12b35 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:35:40.182145162Z 64 PC: 12b40 | Write file or device (Write 2 bytes on handle 5)
2018-12-25T12:35:40.185911511Z 66 PC: 12b49 | Move file pointer
2018-12-25T12:35:40.188760429Z 64 PC: 12b54 | Write file or device (Write 792 bytes on handle 5)
2018-12-25T12:35:40.201199777Z 87 PC: 12b63 | Get or set file date and time
2018-12-25T12:35:40.202768019Z 67 PC: 12b71 | Get or set file attributes
2018-12-25T12:35:40.209950869Z 79 PC: 12ac4 | Find next file (See above)
2018-12-25T12:35:40.212668223Z 67 PC: 12ad4 | Get or set file attributes (See above)
2018-12-25T12:35:40.216628721Z 61 PC: 12ade | Open file (See above)
2018-12-25T12:35:40.222584023Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:35:40.227297953Z 63 PC: 12af6 | Read file or device (See above)
2018-12-25T12:35:40.22911437Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:35:40.23123934Z 66 PC: 12b2a | Move file pointer (See above)
2018-12-25T12:35:40.234245755Z 64 PC: 12b35 | Write file or device (See above)
2018-12-25T12:35:40.246644755Z 64 PC: 12b40 | Write file or device (See above)
2018-12-25T12:35:40.250896725Z 66 PC: 12b49 | Move file pointer (See above)
2018-12-25T12:35:40.253206155Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:35:40.2624294Z 87 PC: 12b63 | Get or set file date and time (See above)
2018-12-25T12:35:40.279125769Z 67 PC: 12b71 | Get or set file attributes (See above)
2018-12-25T12:35:40.2849236Z 79 PC: 12ac4 | Find next file (See above)
2018-12-25T12:35:40.288322425Z 67 PC: 12ad4 | Get or set file attributes (See above)
2018-12-25T12:35:40.293697736Z 61 PC: 12ade | Open file (See above)
2018-12-25T12:35:40.30210989Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:35:40.309012014Z 63 PC: 12af6 | Read file or device (See above)
2018-12-25T12:35:40.3116715Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:35:40.315423824Z 66 PC: 12b2a | Move file pointer (See above)
2018-12-25T12:35:40.317159342Z 64 PC: 12b35 | Write file or device (See above)
2018-12-25T12:35:40.320957871Z 64 PC: 12b40 | Write file or device (See above)
2018-12-25T12:35:40.324810874Z 66 PC: 12b49 | Move file pointer (See above)
2018-12-25T12:35:40.326918519Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:35:40.339995075Z 87 PC: 12b63 | Get or set file date and time (See above)
2018-12-25T12:35:40.342098153Z 67 PC: 12b71 | Get or set file attributes (See above)
2018-12-25T12:35:40.347519132Z 79 PC: 12ac4 | Find next file (See above)
2018-12-25T12:35:40.351048848Z 67 PC: 12ad4 | Get or set file attributes (See above)
2018-12-25T12:35:40.356633171Z 61 PC: 12ade | Open file (See above)
2018-12-25T12:35:40.365951317Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:35:40.372808279Z 63 PC: 12af6 | Read file or device (See above)
2018-12-25T12:35:40.375677673Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:35:40.379549954Z 66 PC: 12b2a | Move file pointer (See above)
2018-12-25T12:35:40.381341104Z 64 PC: 12b35 | Write file or device (See above)
2018-12-25T12:35:40.384777846Z 64 PC: 12b40 | Write file or device (See above)
2018-12-25T12:35:40.390295878Z 66 PC: 12b49 | Move file pointer (See above)
2018-12-25T12:35:40.392164455Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:35:40.402498362Z 87 PC: 12b63 | Get or set file date and time (See above)
2018-12-25T12:35:40.405111086Z 67 PC: 12b71 | Get or set file attributes (See above)
2018-12-25T12:35:40.410333008Z 79 PC: 12ac4 | Find next file (See above)
2018-12-25T12:35:40.413211348Z 67 PC: 12ad4 | Get or set file attributes (See above)
2018-12-25T12:35:40.419235862Z 61 PC: 12ade | Open file (See above)
2018-12-25T12:35:40.427502574Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:35:40.435378004Z 63 PC: 12af6 | Read file or device (See above)
2018-12-25T12:35:40.438989134Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:35:40.440743398Z 66 PC: 12b2a | Move file pointer (See above)
2018-12-25T12:35:40.441832446Z 64 PC: 12b35 | Write file or device (See above)
2018-12-25T12:35:40.44423055Z 64 PC: 12b40 | Write file or device (See above)
2018-12-25T12:35:40.446071081Z 66 PC: 12b49 | Move file pointer (See above)
2018-12-25T12:35:40.447194105Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:35:40.453214686Z 87 PC: 12b63 | Get or set file date and time (See above)
2018-12-25T12:35:40.454421339Z 67 PC: 12b71 | Get or set file attributes (See above)
2018-12-25T12:35:40.457551787Z 79 PC: 12ac4 | Find next file (See above)
2018-12-25T12:35:40.460394674Z 67 PC: 12ad4 | Get or set file attributes (See above)
2018-12-25T12:35:40.46476954Z 61 PC: 12ade | Open file (See above)
2018-12-25T12:35:40.468884691Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:35:40.473100018Z 63 PC: 12af6 | Read file or device (See above)
2018-12-25T12:35:40.475297617Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:35:40.477074362Z 66 PC: 12b2a | Move file pointer (See above)
2018-12-25T12:35:40.478330611Z 64 PC: 12b35 | Write file or device (See above)
2018-12-25T12:35:40.480802998Z 64 PC: 12b40 | Write file or device (See above)
2018-12-25T12:35:40.482701016Z 66 PC: 12b49 | Move file pointer (See above)
2018-12-25T12:35:40.484087156Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:35:40.492057006Z 87 PC: 12b63 | Get or set file date and time (See above)
2018-12-25T12:35:40.493914379Z 67 PC: 12b71 | Get or set file attributes (See above)
2018-12-25T12:35:40.498532578Z 79 PC: 12ac4 | Find next file (See above)
2018-12-25T12:35:40.502114114Z 67 PC: 12ad4 | Get or set file attributes (See above)
2018-12-25T12:35:40.50661709Z 61 PC: 12ade | Open file (See above)
2018-12-25T12:35:40.512723681Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:35:40.519507931Z 63 PC: 12af6 | Read file or device (See above)
2018-12-25T12:35:40.522100359Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:35:40.524665953Z 66 PC: 12b2a | Move file pointer (See above)
2018-12-25T12:35:40.526944525Z 64 PC: 12b35 | Write file or device (See above)
2018-12-25T12:35:40.529615753Z 64 PC: 12b40 | Write file or device (See above)
2018-12-25T12:35:40.532926974Z 66 PC: 12b49 | Move file pointer (See above)
2018-12-25T12:35:40.535466431Z 64 PC: 12b54 | Write file or device (See above)
2018-12-25T12:35:40.543184451Z 87 PC: 12b63 | Get or set file date and time (See above)
2018-12-25T12:35:40.544886927Z 67 PC: 12b71 | Get or set file attributes (See above)
2018-12-25T12:35:40.550873061Z 79 PC: 12ac4 | Find next file (See above)
2018-12-25T12:35:40.553553489Z 67 PC: 12ad4 | Get or set file attributes (See above)
2018-12-25T12:35:40.558113374Z 61 PC: 12ade | Open file (See above)
2018-12-25T12:35:40.565193269Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:35:40.567734513Z 63 PC: 12af6 | Read file or device (See above)
2018-12-25T12:35:40.570079197Z 63 PC: 12b01 | Read file or device (See above)
2018-12-25T12:35:40.573355459Z 79 PC: 12ac4 | Find next file (See above)
2018-12-25T12:35:40.57570047Z 42 PC: 12b7e | Get date 0x12b7e: cmp dx, 0x603
0x12b82: je 0x12b86
0x12b84: jmp 0x12b8e
0x12b86: mov ah, 9
0x12b88: lea dx, word ptr [bp + 0x253]
0x12b8c: int 0x21
0x12b8e: mov si, 0x100
0x12b91: jmp si
0x12b93: dec bp
0x12b94: jae 0x12c0a
0x12b97: popaw
0x12b98: and byte ptr gs:[edx + 0x65], dh
0x12b9d: arpl word ptr [bx + di + 0x65], bp
0x12ba0: jbe 0x12c07
0x12ba2: and byte ptr fs:[bp + 0x72], ah
0x12ba6: outsw dx, word ptr [si]
0x12ba7: insw word ptr es:[di], dx
0x12ba8: and byte ptr [di + 0x2d], cl
0x12bab: push ax
0x12bac: dec di
2018-12-25T12:35:40.578025132Z 9 PC: 12b8e | Display string (String= 'Message recieved from M-POC Generation 2: I am outta here!')