Sample viewer

vx.netlux.org/Virus.DOS.MtE.CrackerBack

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:59:01.966765762Z 26 PC: 12efd | Set disk transfer address
2018-12-17T22:59:01.968514242Z 53 PC: 12f02 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:59:01.971693478Z 37 PC: 12f0c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:59:01.972898965Z 78 PC: 12f1d | Find first file
2018-12-17T22:59:01.979550834Z 67 PC: 12f8a | Get or set file attributes
2018-12-17T22:59:01.995301193Z 61 PC: 12f91 | Open file (Filename = 'nXú���>s')
2018-12-17T22:59:02.002791903Z 63 PC: 12f9e | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:59:02.009705246Z 66 PC: 12fb6 | Move file pointer
2018-12-17T22:59:02.011366546Z 87 PC: 12fcc | Get or set file date and time
2018-12-17T22:59:02.019667138Z 64 PC: 12fff | Write file or device (Write 3177 bytes on handle 5)
2018-12-17T22:59:02.028740514Z 66 PC: 1300e | Move file pointer
2018-12-17T22:59:02.031200749Z 64 PC: 13018 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:59:02.034108829Z 87 PC: 1301f | Get or set file date and time
2018-12-17T22:59:02.035659408Z 62 PC: 13023 | Close file
2018-12-17T22:59:02.046103815Z 42 PC: 12f32 | Get date 0x12f32: cmp dh, 6
0x12f35: jne 0x12f4e
0x12f37: mov ah, 9
0x12f39: mov dx, 0x103
0x12f3c: int 0x21
0x12f3e: mov ah, 5
0x12f40: mov ch, 0
0x12f42: mov cl, 2
0x12f44: mov dh, 0
0x12f46: mov dl, 2
0x12f48: int 0x13
0x12f4a: mov ah, 0x4c
0x12f4c: int 0x21
0x12f4e: pop cx
0x12f4f: loop 0x12f26
0x12f51: jae 0x12f68
0x12f53: call 0x1303f
0x12f56: test al, 1
0x12f58: je 0x12f68
0x12f5a: xchg ax, dx
2018-12-17T22:59:02.048528126Z 79 PC: 12f1d | Find next file
2018-12-17T22:59:02.051889688Z 67 PC: 12f8a | Get or set file attributes
2018-12-17T22:59:02.065231072Z 61 PC: 12f91 | Open file (Filename = '�r:��ƪ��%zAsruB*��pj�7���!7�����8�L�Bi�->�9�C<�'�<��3�M#�Jy�T�;^H �:m���u�w����+���OY���o�K󎚿H���O�t:*K�'x��E>7�?HW�9=��w��sL3���e�x}&_q�2dJ��L���3�;*P D��?��c�/�)')
2018-12-17T22:59:02.073176434Z 63 PC: 12f9e | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:59:02.081003174Z 66 PC: 12fb6 | Move file pointer
2018-12-17T22:59:02.082398204Z 87 PC: 12fcc | Get or set file date and time
2018-12-17T22:59:02.090443247Z 64 PC: 12fff | Write file or device (Write 3045 bytes on handle 5)
2018-12-17T22:59:02.099633699Z 66 PC: 1300e | Move file pointer
2018-12-17T22:59:02.101300151Z 64 PC: 13018 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:59:02.108590792Z 87 PC: 1301f | Get or set file date and time
2018-12-17T22:59:02.110318115Z 62 PC: 13023 | Close file
2018-12-17T22:59:02.118895816Z 42 PC: 12f32 | Get date 0x12f32: cmp dh, 6
0x12f35: jne 0x12f4e
0x12f37: mov ah, 9
0x12f39: mov dx, 0x103
0x12f3c: int 0x21
0x12f3e: mov ah, 5
0x12f40: mov ch, 0
0x12f42: mov cl, 2
0x12f44: mov dh, 0
0x12f46: mov dl, 2
0x12f48: int 0x13
0x12f4a: mov ah, 0x4c
0x12f4c: int 0x21
0x12f4e: pop cx
0x12f4f: loop 0x12f26
0x12f51: jae 0x12f68
0x12f53: call 0x1303f
0x12f56: test al, 1
0x12f58: je 0x12f68
0x12f5a: xchg ax, dx
2018-12-17T22:59:02.122007674Z 79 PC: 12f1d | Find next file
2018-12-17T22:59:02.125279495Z 67 PC: 12f8a | Get or set file attributes
2018-12-17T22:59:02.136148217Z 61 PC: 12f91 | Open file
2018-12-17T22:59:02.144215501Z 63 PC: 12f9e | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:59:02.152427399Z 66 PC: 12fb6 | Move file pointer
2018-12-17T22:59:02.154543142Z 87 PC: 12fcc | Get or set file date and time
2018-12-17T22:59:02.162554094Z 64 PC: 12fff | Write file or device (Write 3236 bytes on handle 5)
2018-12-17T22:59:02.172303529Z 66 PC: 1300e | Move file pointer
2018-12-17T22:59:02.173809514Z 64 PC: 13018 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:59:02.181698549Z 87 PC: 1301f | Get or set file date and time
2018-12-17T22:59:02.183397721Z 62 PC: 13023 | Close file
2018-12-17T22:59:02.19198679Z 42 PC: 12f32 | Get date 0x12f32: cmp dh, 6
0x12f35: jne 0x12f4e
0x12f37: mov ah, 9
0x12f39: mov dx, 0x103
0x12f3c: int 0x21
0x12f3e: mov ah, 5
0x12f40: mov ch, 0
0x12f42: mov cl, 2
0x12f44: mov dh, 0
0x12f46: mov dl, 2
0x12f48: int 0x13
0x12f4a: mov ah, 0x4c
0x12f4c: int 0x21
0x12f4e: pop cx
0x12f4f: loop 0x12f26
0x12f51: jae 0x12f68
0x12f53: call 0x1303f
0x12f56: test al, 1
0x12f58: je 0x12f68
0x12f5a: xchg ax, dx
2018-12-17T22:59:02.195325159Z 79 PC: 12f1d | Find next file
2018-12-17T22:59:02.198757558Z 67 PC: 12f8a | Get or set file attributes
2018-12-17T22:59:02.209677493Z 61 PC: 12f91 | Open file (Filename = '��K�0a��Md�9�c4�����4��J�c��i��h ��=')
2018-12-17T22:59:02.218055969Z 63 PC: 12f9e | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:59:02.225557736Z 66 PC: 12fb6 | Move file pointer
2018-12-17T22:59:02.227052148Z 87 PC: 12fcc | Get or set file date and time
2018-12-17T22:59:02.23462848Z 64 PC: 12fff | Write file or device (Write 3043 bytes on handle 5)
2018-12-17T22:59:02.244063555Z 66 PC: 1300e | Move file pointer
2018-12-17T22:59:02.245960491Z 64 PC: 13018 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:59:02.249171953Z 87 PC: 1301f | Get or set file date and time
2018-12-17T22:59:02.252198022Z 62 PC: 13023 | Close file
2018-12-17T22:59:02.260520657Z 42 PC: 12f32 | Get date 0x12f32: cmp dh, 6
0x12f35: jne 0x12f4e
0x12f37: mov ah, 9
0x12f39: mov dx, 0x103
0x12f3c: int 0x21
0x12f3e: mov ah, 5
0x12f40: mov ch, 0
0x12f42: mov cl, 2
0x12f44: mov dh, 0
0x12f46: mov dl, 2
0x12f48: int 0x13
0x12f4a: mov ah, 0x4c
0x12f4c: int 0x21
0x12f4e: pop cx
0x12f4f: loop 0x12f26
0x12f51: jae 0x12f68
0x12f53: call 0x1303f
0x12f56: test al, 1
0x12f58: je 0x12f68
0x12f5a: xchg ax, dx
2018-12-17T22:59:02.263205328Z 37 PC: 12f6f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:59:02.265415762Z 26 PC: 12f78 | Set disk transfer address

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":13075,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:37:24.551364675Z 26 PC: 12efd | Set disk transfer address
2018-12-25T12:37:24.5533764Z 53 PC: 12f02 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:37:24.554483028Z 37 PC: 12f0c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:37:24.555502194Z 78 PC: 12f1d | Find first file
2018-12-25T12:37:24.561648065Z 67 PC: 12f8a | Get or set file attributes
2018-12-25T12:37:25.730731151Z 61 PC: 12f91 | Open file (Filename = 'nXú���>s')
2018-12-25T12:37:25.737024847Z 63 PC: 12f9e | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:37:25.743794242Z 66 PC: 12fb6 | Move file pointer
2018-12-25T12:37:25.745075297Z 87 PC: 12fcc | Get or set file date and time
2018-12-25T12:37:25.751418431Z 64 PC: 12fff | Write file or device (Write 3177 bytes on handle 5)
2018-12-25T12:37:25.826846898Z 66 PC: 1300e | Move file pointer
2018-12-25T12:37:25.828447325Z 64 PC: 13018 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:37:25.831453107Z 87 PC: 1301f | Get or set file date and time
2018-12-25T12:37:25.833528835Z 62 PC: 13023 | Close file
2018-12-25T12:37:25.886230784Z 42 PC: 12f32 | Get date 0x12f32: cmp dh, 6
0x12f35: jne 0x12f4e
0x12f37: mov ah, 9
0x12f39: mov dx, 0x103
0x12f3c: int 0x21
0x12f3e: mov ah, 5
0x12f40: mov ch, 0
0x12f42: mov cl, 2
0x12f44: mov dh, 0
0x12f46: mov dl, 2
0x12f48: int 0x13
0x12f4a: mov ah, 0x4c
0x12f4c: int 0x21
0x12f4e: pop cx
0x12f4f: loop 0x12f26
0x12f51: jae 0x12f68
0x12f53: call 0x1303f
0x12f56: test al, 1
0x12f58: je 0x12f68
0x12f5a: xchg ax, dx
2018-12-25T12:37:25.889303427Z 79 PC: 12f1d | Find next file (See above)
2018-12-25T12:37:25.892065739Z 67 PC: 12f8a | Get or set file attributes (See above)
2018-12-25T12:37:25.989528928Z 61 PC: 12f91 | Open file (See above)
2018-12-25T12:37:25.993672869Z 63 PC: 12f9e | Read file or device (See above)
2018-12-25T12:37:25.999832884Z 66 PC: 12fb6 | Move file pointer (See above)
2018-12-25T12:37:26.002377431Z 87 PC: 12fcc | Get or set file date and time (See above)
2018-12-25T12:37:26.008567703Z 64 PC: 12fff | Write file or device (See above)
2018-12-25T12:37:26.061451633Z 66 PC: 1300e | Move file pointer (See above)
2018-12-25T12:37:26.063705972Z 64 PC: 13018 | Write file or device (See above)
2018-12-25T12:37:26.066378966Z 87 PC: 1301f | Get or set file date and time (See above)
2018-12-25T12:37:26.067891387Z 62 PC: 13023 | Close file (See above)
2018-12-25T12:37:26.168371615Z 42 PC: 12f32 | Get date (See above)
2018-12-25T12:37:26.171421105Z 79 PC: 12f1d | Find next file (See above)
2018-12-25T12:37:26.174914737Z 67 PC: 12f8a | Get or set file attributes (See above)
2018-12-25T12:37:26.234257255Z 61 PC: 12f91 | Open file (See above)
2018-12-25T12:37:26.238918553Z 63 PC: 12f9e | Read file or device (See above)
2018-12-25T12:37:26.244725695Z 66 PC: 12fb6 | Move file pointer (See above)
2018-12-25T12:37:26.246473272Z 87 PC: 12fcc | Get or set file date and time (See above)
2018-12-25T12:37:26.250797482Z 64 PC: 12fff | Write file or device (See above)
2018-12-25T12:37:26.309457912Z 66 PC: 1300e | Move file pointer (See above)
2018-12-25T12:37:26.311340272Z 64 PC: 13018 | Write file or device (See above)
2018-12-25T12:37:26.323001011Z 87 PC: 1301f | Get or set file date and time (See above)
2018-12-25T12:37:26.325073548Z 62 PC: 13023 | Close file (See above)
2018-12-25T12:37:26.404185918Z 42 PC: 12f32 | Get date (See above)
2018-12-25T12:37:26.406478345Z 79 PC: 12f1d | Find next file (See above)
2018-12-25T12:37:26.408914054Z 67 PC: 12f8a | Get or set file attributes (See above)
2018-12-25T12:37:26.649448352Z 61 PC: 12f91 | Open file (See above)
2018-12-25T12:37:26.656837474Z 63 PC: 12f9e | Read file or device (See above)
2018-12-25T12:37:26.663558127Z 66 PC: 12fb6 | Move file pointer (See above)
2018-12-25T12:37:26.664839593Z 87 PC: 12fcc | Get or set file date and time (See above)
2018-12-25T12:37:26.671749354Z 64 PC: 12fff | Write file or device (See above)
2018-12-25T12:37:26.821350546Z 66 PC: 1300e | Move file pointer (See above)
2018-12-25T12:37:26.82290889Z 64 PC: 13018 | Write file or device (See above)
2018-12-25T12:37:26.826797095Z 87 PC: 1301f | Get or set file date and time (See above)
2018-12-25T12:37:26.828533491Z 62 PC: 13023 | Close file (See above)
2018-12-25T12:37:26.91973499Z 42 PC: 12f32 | Get date (See above)
2018-12-25T12:37:26.923317723Z 37 PC: 12f6f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:37:26.924422092Z 26 PC: 12f78 | Set disk transfer address

{"DateBased":true,"Day":1,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":13075,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:37:24.624691451Z 26 PC: 12efd | Set disk transfer address
2018-12-25T12:37:24.626062484Z 53 PC: 12f02 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:37:24.627104454Z 37 PC: 12f0c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:37:24.628172909Z 78 PC: 12f1d | Find first file
2018-12-25T12:37:24.635166201Z 67 PC: 12f8a | Get or set file attributes
2018-12-25T12:37:24.65343204Z 61 PC: 12f91 | Open file (Filename = 'nXú���>s')
2018-12-25T12:37:24.660591045Z 63 PC: 12f9e | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:37:24.668333465Z 66 PC: 12fb6 | Move file pointer
2018-12-25T12:37:24.669833023Z 87 PC: 12fcc | Get or set file date and time
2018-12-25T12:37:24.676867336Z 64 PC: 12fff | Write file or device (Write 3177 bytes on handle 5)
2018-12-25T12:37:24.686238681Z 66 PC: 1300e | Move file pointer
2018-12-25T12:37:24.687884628Z 64 PC: 13018 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:37:24.6916808Z 87 PC: 1301f | Get or set file date and time
2018-12-25T12:37:24.693541939Z 62 PC: 13023 | Close file
2018-12-25T12:37:24.700972305Z 42 PC: 12f32 | Get date 0x12f32: cmp dh, 6
0x12f35: jne 0x12f4e
0x12f37: mov ah, 9
0x12f39: mov dx, 0x103
0x12f3c: int 0x21
0x12f3e: mov ah, 5
0x12f40: mov ch, 0
0x12f42: mov cl, 2
0x12f44: mov dh, 0
0x12f46: mov dl, 2
0x12f48: int 0x13
0x12f4a: mov ah, 0x4c
0x12f4c: int 0x21
0x12f4e: pop cx
0x12f4f: loop 0x12f26
0x12f51: jae 0x12f68
0x12f53: call 0x1303f
0x12f56: test al, 1
0x12f58: je 0x12f68
0x12f5a: xchg ax, dx
2018-12-25T12:37:24.70328824Z 9 PC: 12f3e | Display string (Could not find end pointer)
2018-12-25T12:37:24.712444409Z 76 PC: 12f4e | Terminate with return code (Return code = '36')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":13075,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:37:24.821049824Z 26 PC: 12efd | Set disk transfer address
2018-12-25T12:37:24.822562295Z 53 PC: 12f02 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:37:24.8236131Z 37 PC: 12f0c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:37:24.82528315Z 78 PC: 12f1d | Find first file
2018-12-25T12:37:24.830569424Z 67 PC: 12f8a | Get or set file attributes
2018-12-25T12:37:24.846049774Z 61 PC: 12f91 | Open file (Filename = 'nXú���>s')
2018-12-25T12:37:24.85197579Z 63 PC: 12f9e | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:37:24.857678632Z 66 PC: 12fb6 | Move file pointer
2018-12-25T12:37:24.864623158Z 87 PC: 12fcc | Get or set file date and time
2018-12-25T12:37:24.870061621Z 64 PC: 12fff | Write file or device (Write 3177 bytes on handle 5)
2018-12-25T12:37:24.877688011Z 66 PC: 1300e | Move file pointer
2018-12-25T12:37:24.879356652Z 64 PC: 13018 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:37:24.881727104Z 87 PC: 1301f | Get or set file date and time
2018-12-25T12:37:24.883053646Z 62 PC: 13023 | Close file
2018-12-25T12:37:24.890627949Z 42 PC: 12f32 | Get date 0x12f32: cmp dh, 6
0x12f35: jne 0x12f4e
0x12f37: mov ah, 9
0x12f39: mov dx, 0x103
0x12f3c: int 0x21
0x12f3e: mov ah, 5
0x12f40: mov ch, 0
0x12f42: mov cl, 2
0x12f44: mov dh, 0
0x12f46: mov dl, 2
0x12f48: int 0x13
0x12f4a: mov ah, 0x4c
0x12f4c: int 0x21
0x12f4e: pop cx
0x12f4f: loop 0x12f26
0x12f51: jae 0x12f68
0x12f53: call 0x1303f
0x12f56: test al, 1
0x12f58: je 0x12f68
0x12f5a: xchg ax, dx
2018-12-25T12:37:24.892709788Z 79 PC: 12f1d | Find next file (See above)
2018-12-25T12:37:24.895256393Z 67 PC: 12f8a | Get or set file attributes (See above)
2018-12-25T12:37:24.905321965Z 61 PC: 12f91 | Open file (See above)
2018-12-25T12:37:24.911609178Z 63 PC: 12f9e | Read file or device (See above)
2018-12-25T12:37:24.917664076Z 66 PC: 12fb6 | Move file pointer (See above)
2018-12-25T12:37:24.919307418Z 87 PC: 12fcc | Get or set file date and time (See above)
2018-12-25T12:37:24.924887165Z 64 PC: 12fff | Write file or device (See above)
2018-12-25T12:37:24.933705159Z 66 PC: 1300e | Move file pointer (See above)
2018-12-25T12:37:24.935553838Z 64 PC: 13018 | Write file or device (See above)
2018-12-25T12:37:24.938599456Z 87 PC: 1301f | Get or set file date and time (See above)
2018-12-25T12:37:24.940201002Z 62 PC: 13023 | Close file (See above)
2018-12-25T12:37:24.949668361Z 42 PC: 12f32 | Get date (See above)
2018-12-25T12:37:24.952001978Z 79 PC: 12f1d | Find next file (See above)
2018-12-25T12:37:24.954800149Z 67 PC: 12f8a | Get or set file attributes (See above)
2018-12-25T12:37:24.965310109Z 61 PC: 12f91 | Open file (See above)
2018-12-25T12:37:24.969724697Z 63 PC: 12f9e | Read file or device (See above)
2018-12-25T12:37:24.973831681Z 66 PC: 12fb6 | Move file pointer (See above)
2018-12-25T12:37:24.974868407Z 87 PC: 12fcc | Get or set file date and time (See above)
2018-12-25T12:37:24.984619819Z 64 PC: 12fff | Write file or device (See above)
2018-12-25T12:37:24.994334773Z 66 PC: 1300e | Move file pointer (See above)
2018-12-25T12:37:24.995743377Z 64 PC: 13018 | Write file or device (See above)
2018-12-25T12:37:25.00339783Z 87 PC: 1301f | Get or set file date and time (See above)
2018-12-25T12:37:25.00514383Z 62 PC: 13023 | Close file (See above)
2018-12-25T12:37:25.013722426Z 42 PC: 12f32 | Get date (See above)
2018-12-25T12:37:25.0171731Z 79 PC: 12f1d | Find next file (See above)
2018-12-25T12:37:25.020894755Z 67 PC: 12f8a | Get or set file attributes (See above)
2018-12-25T12:37:25.031547764Z 61 PC: 12f91 | Open file (See above)
2018-12-25T12:37:25.039889174Z 63 PC: 12f9e | Read file or device (See above)
2018-12-25T12:37:25.0469325Z 66 PC: 12fb6 | Move file pointer (See above)
2018-12-25T12:37:25.048293901Z 87 PC: 12fcc | Get or set file date and time (See above)
2018-12-25T12:37:25.055523531Z 64 PC: 12fff | Write file or device (See above)
2018-12-25T12:37:25.064659146Z 66 PC: 1300e | Move file pointer (See above)
2018-12-25T12:37:25.065903217Z 64 PC: 13018 | Write file or device (See above)
2018-12-25T12:37:25.068609545Z 87 PC: 1301f | Get or set file date and time (See above)
2018-12-25T12:37:25.070584002Z 62 PC: 13023 | Close file (See above)
2018-12-25T12:37:25.079019604Z 42 PC: 12f32 | Get date (See above)
2018-12-25T12:37:25.081369297Z 25 PC: 12f5f | Get default drive
2018-12-25T12:37:25.085195788Z 37 PC: 12f6f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:37:25.08609346Z 26 PC: 12f78 | Set disk transfer address

{"DateBased":true,"Day":1,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":13075,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:37:25.419378221Z 26 PC: 12efd | Set disk transfer address
2018-12-25T12:37:25.421593379Z 53 PC: 12f02 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:37:25.423036717Z 37 PC: 12f0c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:37:25.424364777Z 78 PC: 12f1d | Find first file
2018-12-25T12:37:25.431009949Z 67 PC: 12f8a | Get or set file attributes
2018-12-25T12:37:25.646782774Z 61 PC: 12f91 | Open file (Filename = 'nXú���>s')
2018-12-25T12:37:25.657631121Z 63 PC: 12f9e | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:37:25.665197053Z 66 PC: 12fb6 | Move file pointer
2018-12-25T12:37:25.667538529Z 87 PC: 12fcc | Get or set file date and time
2018-12-25T12:37:25.674749837Z 64 PC: 12fff | Write file or device (Write 3177 bytes on handle 5)
2018-12-25T12:37:25.685029132Z 66 PC: 1300e | Move file pointer
2018-12-25T12:37:25.688430487Z 64 PC: 13018 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:37:25.691649265Z 87 PC: 1301f | Get or set file date and time
2018-12-25T12:37:25.698005362Z 62 PC: 13023 | Close file
2018-12-25T12:37:25.708123557Z 42 PC: 12f32 | Get date 0x12f32: cmp dh, 6
0x12f35: jne 0x12f4e
0x12f37: mov ah, 9
0x12f39: mov dx, 0x103
0x12f3c: int 0x21
0x12f3e: mov ah, 5
0x12f40: mov ch, 0
0x12f42: mov cl, 2
0x12f44: mov dh, 0
0x12f46: mov dl, 2
0x12f48: int 0x13
0x12f4a: mov ah, 0x4c
0x12f4c: int 0x21
0x12f4e: pop cx
0x12f4f: loop 0x12f26
0x12f51: jae 0x12f68
0x12f53: call 0x1303f
0x12f56: test al, 1
0x12f58: je 0x12f68
0x12f5a: xchg ax, dx
2018-12-25T12:37:25.711427651Z 9 PC: 12f3e | Display string (String= 'x���������f and reP��}��>���#����╋�.1Ÿg3�+É�.��u�3���Ƌ��')
2018-12-25T12:37:25.721920328Z 76 PC: 12f4e | Terminate with return code (Return code = '36')