{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":14665,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:41:23.356504916Z | 78 | PC: 12a74 | Find first file |
| 2018-12-25T12:41:23.364431026Z | 44 | PC: 12b0d | Get time 0x12b0d: cmp dh, 0 0x12b10: je 0x12b09 0x12b12: mov byte ptr [0x1af], dh 0x12b16: ret 0x12b17: pop bx 0x12b18: inc bp 0x12b19: insb byte ptr es:[di], dx 0x12b1a: and byte ptr [bp + si + 0x65], ah 0x12b1d: outsb dx, byte ptr [si] 0x12b1e: popaw 0x12b20: outsw dx, word ptr fs:[si] 0x12b22: jb 0x12b44 0x12b24: jne 0x12b9a 0x12b27: je 0x12b92 0x12b29: arpl word ptr [bx + di + 0x65], bp 0x12b2c: jb 0x12b9d 0x12b2e: and byte ptr [bx + di + 0x20], bh 0x12b31: jae 0x12ba8 0x12b33: and byte ptr [bx + si + 0x61], dh 0x12b36: jae 0x12bac |
| 2018-12-25T12:41:23.367431837Z | 61 | PC: 12a54 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:41:23.37502895Z | 64 | PC: 12a63 | Write file or device (Write 301 bytes on handle 5) |
| 2018-12-25T12:41:23.382854779Z | 62 | PC: 12a67 | Close file |
| 2018-12-25T12:41:23.414665077Z | 79 | PC: 12a82 | Find next file |
| 2018-12-25T12:41:23.41812426Z | 44 | PC: 12b0d | Get time (See above) |
| 2018-12-25T12:41:23.421856102Z | 61 | PC: 12a54 | Open file (See above) |
| 2018-12-25T12:41:23.432223919Z | 64 | PC: 12a63 | Write file or device (See above) |
| 2018-12-25T12:41:23.440701488Z | 62 | PC: 12a67 | Close file (See above) |
| 2018-12-25T12:41:23.450016759Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:41:23.454104813Z | 44 | PC: 12b0d | Get time (See above) |
| 2018-12-25T12:41:23.457434256Z | 61 | PC: 12a54 | Open file (See above) |
| 2018-12-25T12:41:23.465426155Z | 64 | PC: 12a63 | Write file or device (See above) |
| 2018-12-25T12:41:23.475344589Z | 62 | PC: 12a67 | Close file (See above) |
| 2018-12-25T12:41:23.495260347Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:41:23.498669458Z | 44 | PC: 12b0d | Get time (See above) |
| 2018-12-25T12:41:23.50181395Z | 61 | PC: 12a54 | Open file (See above) |
| 2018-12-25T12:41:23.510712348Z | 64 | PC: 12a63 | Write file or device (See above) |
| 2018-12-25T12:41:23.519832214Z | 62 | PC: 12a67 | Close file (See above) |
| 2018-12-25T12:41:23.529198627Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:41:23.533373117Z | 44 | PC: 12b0d | Get time (See above) |
| 2018-12-25T12:41:23.536456263Z | 61 | PC: 12a54 | Open file (See above) |
| 2018-12-25T12:41:23.544202279Z | 64 | PC: 12a63 | Write file or device (See above) |
| 2018-12-25T12:41:23.553090044Z | 62 | PC: 12a67 | Close file (See above) |
| 2018-12-25T12:41:23.563547021Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:41:23.566565929Z | 44 | PC: 12b0d | Get time (See above) |
| 2018-12-25T12:41:23.570327066Z | 61 | PC: 12a54 | Open file (See above) |
| 2018-12-25T12:41:23.577487824Z | 64 | PC: 12a63 | Write file or device (See above) |
| 2018-12-25T12:41:23.584865835Z | 62 | PC: 12a67 | Close file (See above) |
| 2018-12-25T12:41:23.602708Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:41:23.605745114Z | 44 | PC: 12b0d | Get time (See above) |
| 2018-12-25T12:41:23.608444407Z | 61 | PC: 12a54 | Open file (See above) |
| 2018-12-25T12:41:23.616669252Z | 64 | PC: 12a63 | Write file or device (See above) |
| 2018-12-25T12:41:23.624003895Z | 62 | PC: 12a67 | Close file (See above) |
| 2018-12-25T12:41:23.633831489Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:41:23.637269953Z | 44 | PC: 12b0d | Get time (See above) |
| 2018-12-25T12:41:23.652631183Z | 61 | PC: 12a54 | Open file (See above) |
| 2018-12-25T12:41:23.659899787Z | 64 | PC: 12a63 | Write file or device (See above) |
| 2018-12-25T12:41:23.662902538Z | 62 | PC: 12a67 | Close file (See above) |
| 2018-12-25T12:41:23.672695487Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:41:23.675428936Z | 42 | PC: 12a8c | Get date 0x12a8c: cmp dh, 8 0x12a8f: jne 0x12a9d 0x12a91: cmp dl, 0x1f 0x12a94: jne 0x12a9d 0x12a96: mov ah, 9 0x12a98: mov dx, 0x15f 0x12a9b: int 0x21 0x12a9d: int 0x20 0x12a9f: or ax, 0x460a 0x12aa2: sub ax, 0x5250 0x12aa5: dec di 0x12aa6: push sp 0x12aa7: and byte ptr [bp + di + 0x55], dl 0x12aaa: pop ax 0x12aab: pop ax 0x12aac: pop ax 0x12aad: pop ax 0x12aae: pop ax 0x12aaf: pop ax 0x12ab0: pop ax |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":14665,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:41:23.523298124Z | 78 | PC: 12a74 | Find first file |
| 2018-12-25T12:41:23.530558522Z | 44 | PC: 12b0d | Get time 0x12b0d: cmp dh, 0 0x12b10: je 0x12b09 0x12b12: mov byte ptr [0x1af], dh 0x12b16: ret 0x12b17: pop bx 0x12b18: inc bp 0x12b19: insb byte ptr es:[di], dx 0x12b1a: and byte ptr [bp + si + 0x65], ah 0x12b1d: outsb dx, byte ptr [si] 0x12b1e: popaw 0x12b20: outsw dx, word ptr fs:[si] 0x12b22: jb 0x12b44 0x12b24: jne 0x12b9a 0x12b27: je 0x12b92 0x12b29: arpl word ptr [bx + di + 0x65], bp 0x12b2c: jb 0x12b9d 0x12b2e: and byte ptr [bx + di + 0x20], bh 0x12b31: jae 0x12ba8 0x12b33: and byte ptr [bx + si + 0x61], dh 0x12b36: jae 0x12bac |
| 2018-12-25T12:41:23.534007249Z | 61 | PC: 12a54 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:41:23.541711894Z | 64 | PC: 12a63 | Write file or device (Write 301 bytes on handle 5) |
| 2018-12-25T12:41:23.549631978Z | 62 | PC: 12a67 | Close file |
| 2018-12-25T12:41:23.566585238Z | 79 | PC: 12a82 | Find next file |
| 2018-12-25T12:41:23.569640278Z | 44 | PC: 12b0d | Get time (See above) |
| 2018-12-25T12:41:23.572313243Z | 61 | PC: 12a54 | Open file (See above) |
| 2018-12-25T12:41:23.580231192Z | 64 | PC: 12a63 | Write file or device (See above) |
| 2018-12-25T12:41:23.588098761Z | 62 | PC: 12a67 | Close file (See above) |
| 2018-12-25T12:41:23.59688373Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:41:23.60002075Z | 44 | PC: 12b0d | Get time (See above) |
| 2018-12-25T12:41:23.603501579Z | 61 | PC: 12a54 | Open file (See above) |
| 2018-12-25T12:41:23.611329228Z | 64 | PC: 12a63 | Write file or device (See above) |
| 2018-12-25T12:41:23.619549654Z | 62 | PC: 12a67 | Close file (See above) |
| 2018-12-25T12:41:23.629278613Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:41:23.632576475Z | 44 | PC: 12b0d | Get time (See above) |
| 2018-12-25T12:41:23.635588832Z | 61 | PC: 12a54 | Open file (See above) |
| 2018-12-25T12:41:23.652585348Z | 64 | PC: 12a63 | Write file or device (See above) |
| 2018-12-25T12:41:23.660243438Z | 62 | PC: 12a67 | Close file (See above) |
| 2018-12-25T12:41:23.668848522Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:41:23.672707133Z | 44 | PC: 12b0d | Get time (See above) |
| 2018-12-25T12:41:23.675275947Z | 61 | PC: 12a54 | Open file (See above) |
| 2018-12-25T12:41:23.682380408Z | 64 | PC: 12a63 | Write file or device (See above) |
| 2018-12-25T12:41:23.690065412Z | 62 | PC: 12a67 | Close file (See above) |
| 2018-12-25T12:41:23.703313693Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:41:23.706086243Z | 44 | PC: 12b0d | Get time (See above) |
| 2018-12-25T12:41:23.709771217Z | 61 | PC: 12a54 | Open file (See above) |
| 2018-12-25T12:41:23.716965301Z | 64 | PC: 12a63 | Write file or device (See above) |
| 2018-12-25T12:41:23.724186531Z | 62 | PC: 12a67 | Close file (See above) |
| 2018-12-25T12:41:23.732850605Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:41:23.736239578Z | 44 | PC: 12b0d | Get time (See above) |
| 2018-12-25T12:41:23.738811563Z | 61 | PC: 12a54 | Open file (See above) |
| 2018-12-25T12:41:23.746115941Z | 64 | PC: 12a63 | Write file or device (See above) |
| 2018-12-25T12:41:23.754185218Z | 62 | PC: 12a67 | Close file (See above) |
| 2018-12-25T12:41:23.763387252Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:41:23.766177286Z | 44 | PC: 12b0d | Get time (See above) |
| 2018-12-25T12:41:23.770155158Z | 61 | PC: 12a54 | Open file (See above) |
| 2018-12-25T12:41:23.777527417Z | 64 | PC: 12a63 | Write file or device (See above) |
| 2018-12-25T12:41:23.780850221Z | 62 | PC: 12a67 | Close file (See above) |
| 2018-12-25T12:41:23.788739739Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:41:23.791579939Z | 42 | PC: 12a8c | Get date 0x12a8c: cmp dh, 8 0x12a8f: jne 0x12a9d 0x12a91: cmp dl, 0x1f 0x12a94: jne 0x12a9d 0x12a96: mov ah, 9 0x12a98: mov dx, 0x15f 0x12a9b: int 0x21 0x12a9d: int 0x20 0x12a9f: or ax, 0x460a 0x12aa2: sub ax, 0x5250 0x12aa5: dec di 0x12aa6: push sp 0x12aa7: and byte ptr [bp + di + 0x55], dl 0x12aaa: pop ax 0x12aab: pop ax 0x12aac: pop ax 0x12aad: pop ax 0x12aae: pop ax 0x12aaf: pop ax 0x12ab0: pop ax |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":1,"TimeBased":true,"OriginalID":14665,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:41:23.733139328Z | 78 | PC: 12a74 | Find first file |
| 2018-12-25T12:41:23.751529074Z | 44 | PC: 12b0d | Get time 0x12b0d: cmp dh, 0 0x12b10: je 0x12b09 0x12b12: mov byte ptr [0x1af], dh 0x12b16: ret 0x12b17: pop bx 0x12b18: inc bp 0x12b19: insb byte ptr es:[di], dx 0x12b1a: and byte ptr [bp + si + 0x65], ah 0x12b1d: outsb dx, byte ptr [si] 0x12b1e: popaw 0x12b20: outsw dx, word ptr fs:[si] 0x12b22: jb 0x12b44 0x12b24: jne 0x12b9a 0x12b27: je 0x12b92 0x12b29: arpl word ptr [bx + di + 0x65], bp 0x12b2c: jb 0x12b9d 0x12b2e: and byte ptr [bx + di + 0x20], bh 0x12b31: jae 0x12ba8 0x12b33: and byte ptr [bx + si + 0x61], dh 0x12b36: jae 0x12bac |
| 2018-12-25T12:41:23.755069523Z | 61 | PC: 12a54 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:41:23.762732485Z | 64 | PC: 12a63 | Write file or device (Write 301 bytes on handle 5) |
| 2018-12-25T12:41:23.770691188Z | 62 | PC: 12a67 | Close file |
| 2018-12-25T12:41:23.787320494Z | 79 | PC: 12a82 | Find next file |
| 2018-12-25T12:41:23.790580515Z | 44 | PC: 12b0d | Get time (See above) |
| 2018-12-25T12:41:23.793540814Z | 61 | PC: 12a54 | Open file (See above) |
| 2018-12-25T12:41:23.802283087Z | 64 | PC: 12a63 | Write file or device (See above) |
| 2018-12-25T12:41:23.81008737Z | 62 | PC: 12a67 | Close file (See above) |
| 2018-12-25T12:41:23.81921953Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:41:23.822914686Z | 44 | PC: 12b0d | Get time (See above) |
| 2018-12-25T12:41:23.825859227Z | 61 | PC: 12a54 | Open file (See above) |
| 2018-12-25T12:41:23.833545303Z | 64 | PC: 12a63 | Write file or device (See above) |
| 2018-12-25T12:41:23.841848801Z | 62 | PC: 12a67 | Close file (See above) |
| 2018-12-25T12:41:23.859573531Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:41:23.862044685Z | 44 | PC: 12b0d | Get time (See above) |
| 2018-12-25T12:41:23.864785723Z | 61 | PC: 12a54 | Open file (See above) |
| 2018-12-25T12:41:23.869354487Z | 64 | PC: 12a63 | Write file or device (See above) |
| 2018-12-25T12:41:23.873845086Z | 62 | PC: 12a67 | Close file (See above) |
| 2018-12-25T12:41:23.880176214Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:41:23.885423645Z | 44 | PC: 12b0d | Get time (See above) |
| 2018-12-25T12:41:23.888112419Z | 61 | PC: 12a54 | Open file (See above) |
| 2018-12-25T12:41:23.89580117Z | 64 | PC: 12a63 | Write file or device (See above) |
| 2018-12-25T12:41:23.90373168Z | 62 | PC: 12a67 | Close file (See above) |
| 2018-12-25T12:41:23.912896346Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:41:23.915747441Z | 44 | PC: 12b0d | Get time (See above) |
| 2018-12-25T12:41:23.921304996Z | 61 | PC: 12a54 | Open file (See above) |
| 2018-12-25T12:41:23.928604522Z | 64 | PC: 12a63 | Write file or device (See above) |
| 2018-12-25T12:41:23.935903189Z | 62 | PC: 12a67 | Close file (See above) |
| 2018-12-25T12:41:23.948298019Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:41:23.960390274Z | 44 | PC: 12b0d | Get time (See above) |
| 2018-12-25T12:41:23.96327501Z | 61 | PC: 12a54 | Open file (See above) |
| 2018-12-25T12:41:23.971321475Z | 64 | PC: 12a63 | Write file or device (See above) |
| 2018-12-25T12:41:24.00636576Z | 62 | PC: 12a67 | Close file (See above) |
| 2018-12-25T12:41:24.012135373Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:41:24.015304122Z | 44 | PC: 12b0d | Get time (See above) |
| 2018-12-25T12:41:24.017603617Z | 61 | PC: 12a54 | Open file (See above) |
| 2018-12-25T12:41:24.02362765Z | 64 | PC: 12a63 | Write file or device (See above) |
| 2018-12-25T12:41:24.026252474Z | 62 | PC: 12a67 | Close file (See above) |
| 2018-12-25T12:41:24.035469144Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:41:24.039417762Z | 42 | PC: 12a8c | Get date 0x12a8c: cmp dh, 8 0x12a8f: jne 0x12a9d 0x12a91: cmp dl, 0x1f 0x12a94: jne 0x12a9d 0x12a96: mov ah, 9 0x12a98: mov dx, 0x15f 0x12a9b: int 0x21 0x12a9d: int 0x20 0x12a9f: or ax, 0x460a 0x12aa2: sub ax, 0x5250 0x12aa5: dec di 0x12aa6: push sp 0x12aa7: and byte ptr [bp + di + 0x55], dl 0x12aaa: pop ax 0x12aab: pop ax 0x12aac: pop ax 0x12aad: pop ax 0x12aae: pop ax 0x12aaf: pop ax 0x12ab0: pop ax |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":1,"TimeBased":true,"OriginalID":14665,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:41:23.748737338Z | 78 | PC: 12a74 | Find first file |
| 2018-12-25T12:41:23.752733326Z | 44 | PC: 12b0d | Get time 0x12b0d: cmp dh, 0 0x12b10: je 0x12b09 0x12b12: mov byte ptr [0x1af], dh 0x12b16: ret 0x12b17: pop bx 0x12b18: inc bp 0x12b19: insb byte ptr es:[di], dx 0x12b1a: and byte ptr [bp + si + 0x65], ah 0x12b1d: outsb dx, byte ptr [si] 0x12b1e: popaw 0x12b20: outsw dx, word ptr fs:[si] 0x12b22: jb 0x12b44 0x12b24: jne 0x12b9a 0x12b27: je 0x12b92 0x12b29: arpl word ptr [bx + di + 0x65], bp 0x12b2c: jb 0x12b9d 0x12b2e: and byte ptr [bx + di + 0x20], bh 0x12b31: jae 0x12ba8 0x12b33: and byte ptr [bx + si + 0x61], dh 0x12b36: jae 0x12bac |
| 2018-12-25T12:41:23.75459267Z | 61 | PC: 12a54 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:41:23.760239668Z | 64 | PC: 12a63 | Write file or device (Write 301 bytes on handle 5) |
| 2018-12-25T12:41:23.766641976Z | 62 | PC: 12a67 | Close file |
| 2018-12-25T12:41:23.779439747Z | 79 | PC: 12a82 | Find next file |
| 2018-12-25T12:41:23.783693198Z | 44 | PC: 12b0d | Get time (See above) |
| 2018-12-25T12:41:23.785308794Z | 61 | PC: 12a54 | Open file (See above) |
| 2018-12-25T12:41:23.790549397Z | 64 | PC: 12a63 | Write file or device (See above) |
| 2018-12-25T12:41:23.795742715Z | 62 | PC: 12a67 | Close file (See above) |
| 2018-12-25T12:41:23.803378837Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:41:23.805245331Z | 44 | PC: 12b0d | Get time (See above) |
| 2018-12-25T12:41:23.807850826Z | 61 | PC: 12a54 | Open file (See above) |
| 2018-12-25T12:41:23.811891655Z | 64 | PC: 12a63 | Write file or device (See above) |
| 2018-12-25T12:41:23.816185034Z | 62 | PC: 12a67 | Close file (See above) |
| 2018-12-25T12:41:23.821908045Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:41:23.82359649Z | 44 | PC: 12b0d | Get time (See above) |
| 2018-12-25T12:41:23.825044585Z | 61 | PC: 12a54 | Open file (See above) |
| 2018-12-25T12:41:23.834606407Z | 64 | PC: 12a63 | Write file or device (See above) |
| 2018-12-25T12:41:23.844632084Z | 62 | PC: 12a67 | Close file (See above) |
| 2018-12-25T12:41:23.85239128Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:41:23.855174225Z | 44 | PC: 12b0d | Get time (See above) |
| 2018-12-25T12:41:23.857410285Z | 61 | PC: 12a54 | Open file (See above) |
| 2018-12-25T12:41:23.863578021Z | 64 | PC: 12a63 | Write file or device (See above) |
| 2018-12-25T12:41:23.869719938Z | 62 | PC: 12a67 | Close file (See above) |
| 2018-12-25T12:41:24.139915465Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:41:24.142847818Z | 44 | PC: 12b0d | Get time (See above) |
| 2018-12-25T12:41:24.145526874Z | 61 | PC: 12a54 | Open file (See above) |
| 2018-12-25T12:41:24.15677946Z | 64 | PC: 12a63 | Write file or device (See above) |
| 2018-12-25T12:41:24.163882607Z | 62 | PC: 12a67 | Close file (See above) |
| 2018-12-25T12:41:24.172119365Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:41:24.176273864Z | 44 | PC: 12b0d | Get time (See above) |
| 2018-12-25T12:41:24.178894629Z | 61 | PC: 12a54 | Open file (See above) |
| 2018-12-25T12:41:24.18563408Z | 64 | PC: 12a63 | Write file or device (See above) |
| 2018-12-25T12:41:24.197470382Z | 62 | PC: 12a67 | Close file (See above) |
| 2018-12-25T12:41:24.206855583Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:41:24.210038298Z | 44 | PC: 12b0d | Get time (See above) |
| 2018-12-25T12:41:24.212780061Z | 61 | PC: 12a54 | Open file (See above) |
| 2018-12-25T12:41:24.219265108Z | 64 | PC: 12a63 | Write file or device (See above) |
| 2018-12-25T12:41:24.2257522Z | 62 | PC: 12a67 | Close file (See above) |
| 2018-12-25T12:41:24.234691253Z | 79 | PC: 12a82 | Find next file (See above) |
| 2018-12-25T12:41:24.237018289Z | 42 | PC: 12a8c | Get date 0x12a8c: cmp dh, 8 0x12a8f: jne 0x12a9d 0x12a91: cmp dl, 0x1f 0x12a94: jne 0x12a9d 0x12a96: mov ah, 9 0x12a98: mov dx, 0x15f 0x12a9b: int 0x21 0x12a9d: int 0x20 0x12a9f: or ax, 0x460a 0x12aa2: sub ax, 0x5250 0x12aa5: dec di 0x12aa6: push sp 0x12aa7: and byte ptr [bp + di + 0x55], dl 0x12aaa: pop ax 0x12aab: pop ax 0x12aac: pop ax 0x12aad: pop ax 0x12aae: pop ax 0x12aaf: pop ax 0x12ab0: pop ax |