Sample viewer

vx.netlux.org/Virus.DOS.Pixel.Self.550

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:04:02.60039816Z	26	PC: 12aab \| Set disk transfer address
2018-12-17T23:04:02.602716902Z	78	PC: 12ab5 \| Find first file
2018-12-17T23:04:02.60894098Z	67	PC: 12ac6 \| Get or set file attributes
2018-12-17T23:04:02.625154054Z	61	PC: 12acb \| Open file (Filename = 'ré>ÿº€')
2018-12-17T23:04:02.632063727Z	63	PC: 12ada \| Read file or device (Read 65535 bytes on handle 5)
2018-12-17T23:04:02.636445482Z	66	PC: 12af6 \| Move file pointer
2018-12-17T23:04:02.63757712Z	44	PC: 12afa \| Get time 0x12afa: mov al, dl 0x12afc: cwde 0x12afd: inc ax 0x12afe: cdq 0x12aff: mov cx, word ptr cs:[0x117] 0x12b04: idiv cx 0x12b06: inc dx 0x12b07: rol dx, 1 0x12b09: mov di, dx 0x12b0b: mov word ptr [di + 0x43], 0x706 0x12b11: mov ah, 0x2c 0x12b13: int 0x21 0x12b15: mov al, dl 0x12b17: cwde 0x12b18: inc ax 0x12b19: cdq 0x12b1a: mov cx, word ptr cs:[0x117] 0x12b1f: idiv cx 0x12b21: inc dx 0x12b22: rol dx, 1
2018-12-17T23:04:02.639149564Z	44	PC: 12b15 \| Get time 0x12b15: mov al, dl 0x12b17: cwde 0x12b18: inc ax 0x12b19: cdq 0x12b1a: mov cx, word ptr cs:[0x117] 0x12b1f: idiv cx 0x12b21: inc dx 0x12b22: rol dx, 1 0x12b24: mov di, dx 0x12b26: mov word ptr [di + 0x43], 0x1f1e 0x12b2c: mov ah, 0x2c 0x12b2e: int 0x21 0x12b30: mov al, dl 0x12b32: cwde 0x12b33: inc ax 0x12b34: cdq 0x12b35: mov cx, word ptr cs:[0x117] 0x12b3a: idiv cx 0x12b3c: inc dx 0x12b3d: rol dx, 1
2018-12-17T23:04:02.641119943Z	44	PC: 12b30 \| Get time 0x12b30: mov al, dl 0x12b32: cwde 0x12b33: inc ax 0x12b34: cdq 0x12b35: mov cx, word ptr cs:[0x117] 0x12b3a: idiv cx 0x12b3c: inc dx 0x12b3d: rol dx, 1 0x12b3f: mov di, dx 0x12b41: mov word ptr [di + 0x43], 0x5a52 0x12b47: mov ah, 0x2c 0x12b49: int 0x21 0x12b4b: mov al, dl 0x12b4d: cwde 0x12b4e: inc ax 0x12b4f: cdq 0x12b50: mov cx, word ptr cs:[0x117] 0x12b55: idiv cx 0x12b57: inc dx 0x12b58: rol dx, 1
2018-12-17T23:04:02.642622448Z	44	PC: 12b4b \| Get time 0x12b4b: mov al, dl 0x12b4d: cwde 0x12b4e: inc ax 0x12b4f: cdq 0x12b50: mov cx, word ptr cs:[0x117] 0x12b55: idiv cx 0x12b57: inc dx 0x12b58: rol dx, 1 0x12b5a: mov di, dx 0x12b5c: mov word ptr [di + 0x43], 0x5951 0x12b62: xor dx, dx 0x12b64: mov cx, word ptr cs:[0x115] 0x12b69: mov ah, 0x40 0x12b6b: int 0x21 0x12b6d: mov ah, 0x3e 0x12b6f: int 0x21 0x12b71: push cs 0x12b72: pop ds 0x12b73: mov ah, 0x4f 0x12b75: int 0x21
2018-12-17T23:04:02.644195639Z	64	PC: 12b6d \| Write file or device (Write 957 bytes on handle 5)
2018-12-17T23:04:02.649838762Z	62	PC: 12b71 \| Close file
2018-12-17T23:04:02.657694867Z	79	PC: 12b77 \| Find next file
2018-12-17T23:04:02.660206923Z	67	PC: 12ac6 \| Get or set file attributes
2018-12-17T23:04:02.680207913Z	61	PC: 12acb \| Open file (Filename = 'ré>ÿº€')
2018-12-17T23:04:02.686956523Z	63	PC: 12ada \| Read file or device (Read 65535 bytes on handle 5)
2018-12-17T23:04:02.693231421Z	66	PC: 12af6 \| Move file pointer
2018-12-17T23:04:02.695488391Z	44	PC: 12afa \| Get time 0x12afa: mov al, dl 0x12afc: cwde 0x12afd: inc ax 0x12afe: cdq 0x12aff: mov cx, word ptr cs:[0x117] 0x12b04: idiv cx 0x12b06: inc dx 0x12b07: rol dx, 1 0x12b09: mov di, dx 0x12b0b: mov word ptr [di + 0x43], 0x706 0x12b11: mov ah, 0x2c 0x12b13: int 0x21 0x12b15: mov al, dl 0x12b17: cwde 0x12b18: inc ax 0x12b19: cdq 0x12b1a: mov cx, word ptr cs:[0x117] 0x12b1f: idiv cx 0x12b21: inc dx 0x12b22: rol dx, 1
2018-12-17T23:04:02.697962908Z	44	PC: 12b15 \| Get time 0x12b15: mov al, dl 0x12b17: cwde 0x12b18: inc ax 0x12b19: cdq 0x12b1a: mov cx, word ptr cs:[0x117] 0x12b1f: idiv cx 0x12b21: inc dx 0x12b22: rol dx, 1 0x12b24: mov di, dx 0x12b26: mov word ptr [di + 0x43], 0x1f1e 0x12b2c: mov ah, 0x2c 0x12b2e: int 0x21 0x12b30: mov al, dl 0x12b32: cwde 0x12b33: inc ax 0x12b34: cdq 0x12b35: mov cx, word ptr cs:[0x117] 0x12b3a: idiv cx 0x12b3c: inc dx 0x12b3d: rol dx, 1
2018-12-17T23:04:02.700552277Z	44	PC: 12b30 \| Get time 0x12b30: mov al, dl 0x12b32: cwde 0x12b33: inc ax 0x12b34: cdq 0x12b35: mov cx, word ptr cs:[0x117] 0x12b3a: idiv cx 0x12b3c: inc dx 0x12b3d: rol dx, 1 0x12b3f: mov di, dx 0x12b41: mov word ptr [di + 0x43], 0x5a52 0x12b47: mov ah, 0x2c 0x12b49: int 0x21 0x12b4b: mov al, dl 0x12b4d: cwde 0x12b4e: inc ax 0x12b4f: cdq 0x12b50: mov cx, word ptr cs:[0x117] 0x12b55: idiv cx 0x12b57: inc dx 0x12b58: rol dx, 1
2018-12-17T23:04:02.703489339Z	44	PC: 12b4b \| Get time 0x12b4b: mov al, dl 0x12b4d: cwde 0x12b4e: inc ax 0x12b4f: cdq 0x12b50: mov cx, word ptr cs:[0x117] 0x12b55: idiv cx 0x12b57: inc dx 0x12b58: rol dx, 1 0x12b5a: mov di, dx 0x12b5c: mov word ptr [di + 0x43], 0x5951 0x12b62: xor dx, dx 0x12b64: mov cx, word ptr cs:[0x115] 0x12b69: mov ah, 0x40 0x12b6b: int 0x21 0x12b6d: mov ah, 0x3e 0x12b6f: int 0x21 0x12b71: push cs 0x12b72: pop ds 0x12b73: mov ah, 0x4f 0x12b75: int 0x21
2018-12-17T23:04:02.706491099Z	64	PC: 12b6d \| Write file or device (Write 577 bytes on handle 5)
2018-12-17T23:04:02.715419738Z	62	PC: 12b71 \| Close file
2018-12-17T23:04:02.723912247Z	79	PC: 12b77 \| Find next file
2018-12-17T23:04:02.727601694Z	67	PC: 12ac6 \| Get or set file attributes
2018-12-17T23:04:02.73743821Z	61	PC: 12acb \| Open file (Filename = 'ré>ÿº€')
2018-12-17T23:04:02.744780903Z	63	PC: 12ada \| Read file or device (Read 65535 bytes on handle 5)
2018-12-17T23:04:02.752880216Z	66	PC: 12af6 \| Move file pointer
2018-12-17T23:04:02.754537552Z	44	PC: 12afa \| Get time 0x12afa: mov al, dl 0x12afc: cwde 0x12afd: inc ax 0x12afe: cdq 0x12aff: mov cx, word ptr cs:[0x117] 0x12b04: idiv cx 0x12b06: inc dx 0x12b07: rol dx, 1 0x12b09: mov di, dx 0x12b0b: mov word ptr [di + 0x43], 0x706 0x12b11: mov ah, 0x2c 0x12b13: int 0x21 0x12b15: mov al, dl 0x12b17: cwde 0x12b18: inc ax 0x12b19: cdq 0x12b1a: mov cx, word ptr cs:[0x117] 0x12b1f: idiv cx 0x12b21: inc dx 0x12b22: rol dx, 1
2018-12-17T23:04:02.757047918Z	44	PC: 12b15 \| Get time 0x12b15: mov al, dl 0x12b17: cwde 0x12b18: inc ax 0x12b19: cdq 0x12b1a: mov cx, word ptr cs:[0x117] 0x12b1f: idiv cx 0x12b21: inc dx 0x12b22: rol dx, 1 0x12b24: mov di, dx 0x12b26: mov word ptr [di + 0x43], 0x1f1e 0x12b2c: mov ah, 0x2c 0x12b2e: int 0x21 0x12b30: mov al, dl 0x12b32: cwde 0x12b33: inc ax 0x12b34: cdq 0x12b35: mov cx, word ptr cs:[0x117] 0x12b3a: idiv cx 0x12b3c: inc dx 0x12b3d: rol dx, 1
2018-12-17T23:04:02.760744805Z	44	PC: 12b30 \| Get time 0x12b30: mov al, dl 0x12b32: cwde 0x12b33: inc ax 0x12b34: cdq 0x12b35: mov cx, word ptr cs:[0x117] 0x12b3a: idiv cx 0x12b3c: inc dx 0x12b3d: rol dx, 1 0x12b3f: mov di, dx 0x12b41: mov word ptr [di + 0x43], 0x5a52 0x12b47: mov ah, 0x2c 0x12b49: int 0x21 0x12b4b: mov al, dl 0x12b4d: cwde 0x12b4e: inc ax 0x12b4f: cdq 0x12b50: mov cx, word ptr cs:[0x117] 0x12b55: idiv cx 0x12b57: inc dx 0x12b58: rol dx, 1
2018-12-17T23:04:02.763345166Z	44	PC: 12b4b \| Get time 0x12b4b: mov al, dl 0x12b4d: cwde 0x12b4e: inc ax 0x12b4f: cdq 0x12b50: mov cx, word ptr cs:[0x117] 0x12b55: idiv cx 0x12b57: inc dx 0x12b58: rol dx, 1 0x12b5a: mov di, dx 0x12b5c: mov word ptr [di + 0x43], 0x5951 0x12b62: xor dx, dx 0x12b64: mov cx, word ptr cs:[0x115] 0x12b69: mov ah, 0x40 0x12b6b: int 0x21 0x12b6d: mov ah, 0x3e 0x12b6f: int 0x21 0x12b71: push cs 0x12b72: pop ds 0x12b73: mov ah, 0x4f 0x12b75: int 0x21
2018-12-17T23:04:02.76657528Z	64	PC: 12b6d \| Write file or device (Write 642 bytes on handle 5)
2018-12-17T23:04:02.775735722Z	62	PC: 12b71 \| Close file
2018-12-17T23:04:02.78420411Z	79	PC: 12b77 \| Find next file
2018-12-17T23:04:02.78732726Z	67	PC: 12ac6 \| Get or set file attributes
2018-12-17T23:04:02.798453727Z	61	PC: 12acb \| Open file (Filename = 'ré>ÿº€')
2018-12-17T23:04:02.805483685Z	63	PC: 12ada \| Read file or device (Read 65535 bytes on handle 5)
2018-12-17T23:04:02.812200974Z	66	PC: 12af6 \| Move file pointer
2018-12-17T23:04:02.813616336Z	44	PC: 12afa \| Get time 0x12afa: mov al, dl 0x12afc: cwde 0x12afd: inc ax 0x12afe: cdq 0x12aff: mov cx, word ptr cs:[0x117] 0x12b04: idiv cx 0x12b06: inc dx 0x12b07: rol dx, 1 0x12b09: mov di, dx 0x12b0b: mov word ptr [di + 0x43], 0x706 0x12b11: mov ah, 0x2c 0x12b13: int 0x21 0x12b15: mov al, dl 0x12b17: cwde 0x12b18: inc ax 0x12b19: cdq 0x12b1a: mov cx, word ptr cs:[0x117] 0x12b1f: idiv cx 0x12b21: inc dx 0x12b22: rol dx, 1
2018-12-17T23:04:02.817028459Z	44	PC: 12b15 \| Get time 0x12b15: mov al, dl 0x12b17: cwde 0x12b18: inc ax 0x12b19: cdq 0x12b1a: mov cx, word ptr cs:[0x117] 0x12b1f: idiv cx 0x12b21: inc dx 0x12b22: rol dx, 1 0x12b24: mov di, dx 0x12b26: mov word ptr [di + 0x43], 0x1f1e 0x12b2c: mov ah, 0x2c 0x12b2e: int 0x21 0x12b30: mov al, dl 0x12b32: cwde 0x12b33: inc ax 0x12b34: cdq 0x12b35: mov cx, word ptr cs:[0x117] 0x12b3a: idiv cx 0x12b3c: inc dx 0x12b3d: rol dx, 1
2018-12-17T23:04:02.819348949Z	44	PC: 12b30 \| Get time 0x12b30: mov al, dl 0x12b32: cwde 0x12b33: inc ax 0x12b34: cdq 0x12b35: mov cx, word ptr cs:[0x117] 0x12b3a: idiv cx 0x12b3c: inc dx 0x12b3d: rol dx, 1 0x12b3f: mov di, dx 0x12b41: mov word ptr [di + 0x43], 0x5a52 0x12b47: mov ah, 0x2c 0x12b49: int 0x21 0x12b4b: mov al, dl 0x12b4d: cwde 0x12b4e: inc ax 0x12b4f: cdq 0x12b50: mov cx, word ptr cs:[0x117] 0x12b55: idiv cx 0x12b57: inc dx 0x12b58: rol dx, 1
2018-12-17T23:04:02.8220021Z	44	PC: 12b4b \| Get time 0x12b4b: mov al, dl 0x12b4d: cwde 0x12b4e: inc ax 0x12b4f: cdq 0x12b50: mov cx, word ptr cs:[0x117] 0x12b55: idiv cx 0x12b57: inc dx 0x12b58: rol dx, 1 0x12b5a: mov di, dx 0x12b5c: mov word ptr [di + 0x43], 0x5951 0x12b62: xor dx, dx 0x12b64: mov cx, word ptr cs:[0x115] 0x12b69: mov ah, 0x40 0x12b6b: int 0x21 0x12b6d: mov ah, 0x3e 0x12b6f: int 0x21 0x12b71: push cs 0x12b72: pop ds 0x12b73: mov ah, 0x4f 0x12b75: int 0x21
2018-12-17T23:04:02.82545883Z	64	PC: 12b6d \| Write file or device (Write 579 bytes on handle 5)
2018-12-17T23:04:02.834418484Z	62	PC: 12b71 \| Close file
2018-12-17T23:04:02.842856337Z	79	PC: 12b77 \| Find next file
2018-12-17T23:04:02.846872898Z	67	PC: 12ac6 \| Get or set file attributes
2018-12-17T23:04:02.857008048Z	61	PC: 12acb \| Open file (Filename = 'ré>ÿº€')
2018-12-17T23:04:02.863863279Z	63	PC: 12ada \| Read file or device (Read 65535 bytes on handle 5)
2018-12-17T23:04:02.87091158Z	66	PC: 12af6 \| Move file pointer
2018-12-17T23:04:02.872489581Z	44	PC: 12afa \| Get time 0x12afa: mov al, dl 0x12afc: cwde 0x12afd: inc ax 0x12afe: cdq 0x12aff: mov cx, word ptr cs:[0x117] 0x12b04: idiv cx 0x12b06: inc dx 0x12b07: rol dx, 1 0x12b09: mov di, dx 0x12b0b: mov word ptr [di + 0x43], 0x706 0x12b11: mov ah, 0x2c 0x12b13: int 0x21 0x12b15: mov al, dl 0x12b17: cwde 0x12b18: inc ax 0x12b19: cdq 0x12b1a: mov cx, word ptr cs:[0x117] 0x12b1f: idiv cx 0x12b21: inc dx 0x12b22: rol dx, 1
2018-12-17T23:04:02.874836106Z	44	PC: 12b15 \| Get time 0x12b15: mov al, dl 0x12b17: cwde 0x12b18: inc ax 0x12b19: cdq 0x12b1a: mov cx, word ptr cs:[0x117] 0x12b1f: idiv cx 0x12b21: inc dx 0x12b22: rol dx, 1 0x12b24: mov di, dx 0x12b26: mov word ptr [di + 0x43], 0x1f1e 0x12b2c: mov ah, 0x2c 0x12b2e: int 0x21 0x12b30: mov al, dl 0x12b32: cwde 0x12b33: inc ax 0x12b34: cdq 0x12b35: mov cx, word ptr cs:[0x117] 0x12b3a: idiv cx 0x12b3c: inc dx 0x12b3d: rol dx, 1
2018-12-17T23:04:02.878585236Z	44	PC: 12b30 \| Get time 0x12b30: mov al, dl 0x12b32: cwde 0x12b33: inc ax 0x12b34: cdq 0x12b35: mov cx, word ptr cs:[0x117] 0x12b3a: idiv cx 0x12b3c: inc dx 0x12b3d: rol dx, 1 0x12b3f: mov di, dx 0x12b41: mov word ptr [di + 0x43], 0x5a52 0x12b47: mov ah, 0x2c 0x12b49: int 0x21 0x12b4b: mov al, dl 0x12b4d: cwde 0x12b4e: inc ax 0x12b4f: cdq 0x12b50: mov cx, word ptr cs:[0x117] 0x12b55: idiv cx 0x12b57: inc dx 0x12b58: rol dx, 1
2018-12-17T23:04:02.881403424Z	44	PC: 12b4b \| Get time 0x12b4b: mov al, dl 0x12b4d: cwde 0x12b4e: inc ax 0x12b4f: cdq 0x12b50: mov cx, word ptr cs:[0x117] 0x12b55: idiv cx 0x12b57: inc dx 0x12b58: rol dx, 1 0x12b5a: mov di, dx 0x12b5c: mov word ptr [di + 0x43], 0x5951 0x12b62: xor dx, dx 0x12b64: mov cx, word ptr cs:[0x115] 0x12b69: mov ah, 0x40 0x12b6b: int 0x21 0x12b6d: mov ah, 0x3e 0x12b6f: int 0x21 0x12b71: push cs 0x12b72: pop ds 0x12b73: mov ah, 0x4f 0x12b75: int 0x21
2018-12-17T23:04:02.88371379Z	64	PC: 12b6d \| Write file or device (Write 579 bytes on handle 5)
2018-12-17T23:04:02.892397287Z	62	PC: 12b71 \| Close file
2018-12-17T23:04:02.900485285Z	79	PC: 12b77 \| Find next file
2018-12-17T23:04:02.903739019Z	67	PC: 12ac6 \| Get or set file attributes
2018-12-17T23:04:02.914454876Z	61	PC: 12acb \| Open file (Filename = 'ré>ÿº€')
2018-12-17T23:04:02.922969624Z	63	PC: 12ada \| Read file or device (Read 65535 bytes on handle 5)
2018-12-17T23:04:02.92971021Z	66	PC: 12af6 \| Move file pointer
2018-12-17T23:04:02.931165047Z	44	PC: 12afa \| Get time 0x12afa: mov al, dl 0x12afc: cwde 0x12afd: inc ax 0x12afe: cdq 0x12aff: mov cx, word ptr cs:[0x117] 0x12b04: idiv cx 0x12b06: inc dx 0x12b07: rol dx, 1 0x12b09: mov di, dx 0x12b0b: mov word ptr [di + 0x43], 0x706 0x12b11: mov ah, 0x2c 0x12b13: int 0x21 0x12b15: mov al, dl 0x12b17: cwde 0x12b18: inc ax 0x12b19: cdq 0x12b1a: mov cx, word ptr cs:[0x117] 0x12b1f: idiv cx 0x12b21: inc dx 0x12b22: rol dx, 1
2018-12-17T23:04:02.933799067Z	44	PC: 12b15 \| Get time 0x12b15: mov al, dl 0x12b17: cwde 0x12b18: inc ax 0x12b19: cdq 0x12b1a: mov cx, word ptr cs:[0x117] 0x12b1f: idiv cx 0x12b21: inc dx 0x12b22: rol dx, 1 0x12b24: mov di, dx 0x12b26: mov word ptr [di + 0x43], 0x1f1e 0x12b2c: mov ah, 0x2c 0x12b2e: int 0x21 0x12b30: mov al, dl 0x12b32: cwde 0x12b33: inc ax 0x12b34: cdq 0x12b35: mov cx, word ptr cs:[0x117] 0x12b3a: idiv cx 0x12b3c: inc dx 0x12b3d: rol dx, 1
2018-12-17T23:04:02.936172648Z	44	PC: 12b30 \| Get time 0x12b30: mov al, dl 0x12b32: cwde 0x12b33: inc ax 0x12b34: cdq 0x12b35: mov cx, word ptr cs:[0x117] 0x12b3a: idiv cx 0x12b3c: inc dx 0x12b3d: rol dx, 1 0x12b3f: mov di, dx 0x12b41: mov word ptr [di + 0x43], 0x5a52 0x12b47: mov ah, 0x2c 0x12b49: int 0x21 0x12b4b: mov al, dl 0x12b4d: cwde 0x12b4e: inc ax 0x12b4f: cdq 0x12b50: mov cx, word ptr cs:[0x117] 0x12b55: idiv cx 0x12b57: inc dx 0x12b58: rol dx, 1
2018-12-17T23:04:02.938371958Z	44	PC: 12b4b \| Get time 0x12b4b: mov al, dl 0x12b4d: cwde 0x12b4e: inc ax 0x12b4f: cdq 0x12b50: mov cx, word ptr cs:[0x117] 0x12b55: idiv cx 0x12b57: inc dx 0x12b58: rol dx, 1 0x12b5a: mov di, dx 0x12b5c: mov word ptr [di + 0x43], 0x5951 0x12b62: xor dx, dx 0x12b64: mov cx, word ptr cs:[0x115] 0x12b69: mov ah, 0x40 0x12b6b: int 0x21 0x12b6d: mov ah, 0x3e 0x12b6f: int 0x21 0x12b71: push cs 0x12b72: pop ds 0x12b73: mov ah, 0x4f 0x12b75: int 0x21
2018-12-17T23:04:02.94122998Z	64	PC: 12b6d \| Write file or device (Write 1051 bytes on handle 5)
2018-12-17T23:04:02.950816353Z	62	PC: 12b71 \| Close file
2018-12-17T23:04:02.959637626Z	79	PC: 12b77 \| Find next file
2018-12-17T23:04:02.963498014Z	67	PC: 12ac6 \| Get or set file attributes
2018-12-17T23:04:02.973670606Z	61	PC: 12acb \| Open file (Filename = 'ré>ÿº€')
2018-12-17T23:04:02.980235676Z	63	PC: 12ada \| Read file or device (Read 65535 bytes on handle 5)
2018-12-17T23:04:02.988670047Z	66	PC: 12af6 \| Move file pointer
2018-12-17T23:04:02.990194538Z	44	PC: 12afa \| Get time 0x12afa: mov al, dl 0x12afc: cwde 0x12afd: inc ax 0x12afe: cdq 0x12aff: mov cx, word ptr cs:[0x117] 0x12b04: idiv cx 0x12b06: inc dx 0x12b07: rol dx, 1 0x12b09: mov di, dx 0x12b0b: mov word ptr [di + 0x43], 0x706 0x12b11: mov ah, 0x2c 0x12b13: int 0x21 0x12b15: mov al, dl 0x12b17: cwde 0x12b18: inc ax 0x12b19: cdq 0x12b1a: mov cx, word ptr cs:[0x117] 0x12b1f: idiv cx 0x12b21: inc dx 0x12b22: rol dx, 1
2018-12-17T23:04:02.992494409Z	44	PC: 12b15 \| Get time 0x12b15: mov al, dl 0x12b17: cwde 0x12b18: inc ax 0x12b19: cdq 0x12b1a: mov cx, word ptr cs:[0x117] 0x12b1f: idiv cx 0x12b21: inc dx 0x12b22: rol dx, 1 0x12b24: mov di, dx 0x12b26: mov word ptr [di + 0x43], 0x1f1e 0x12b2c: mov ah, 0x2c 0x12b2e: int 0x21 0x12b30: mov al, dl 0x12b32: cwde 0x12b33: inc ax 0x12b34: cdq 0x12b35: mov cx, word ptr cs:[0x117] 0x12b3a: idiv cx 0x12b3c: inc dx 0x12b3d: rol dx, 1
2018-12-17T23:04:02.995695367Z	44	PC: 12b30 \| Get time 0x12b30: mov al, dl 0x12b32: cwde 0x12b33: inc ax 0x12b34: cdq 0x12b35: mov cx, word ptr cs:[0x117] 0x12b3a: idiv cx 0x12b3c: inc dx 0x12b3d: rol dx, 1 0x12b3f: mov di, dx 0x12b41: mov word ptr [di + 0x43], 0x5a52 0x12b47: mov ah, 0x2c 0x12b49: int 0x21 0x12b4b: mov al, dl 0x12b4d: cwde 0x12b4e: inc ax 0x12b4f: cdq 0x12b50: mov cx, word ptr cs:[0x117] 0x12b55: idiv cx 0x12b57: inc dx 0x12b58: rol dx, 1
2018-12-17T23:04:02.997817925Z	44	PC: 12b4b \| Get time 0x12b4b: mov al, dl 0x12b4d: cwde 0x12b4e: inc ax 0x12b4f: cdq 0x12b50: mov cx, word ptr cs:[0x117] 0x12b55: idiv cx 0x12b57: inc dx 0x12b58: rol dx, 1 0x12b5a: mov di, dx 0x12b5c: mov word ptr [di + 0x43], 0x5951 0x12b62: xor dx, dx 0x12b64: mov cx, word ptr cs:[0x115] 0x12b69: mov ah, 0x40 0x12b6b: int 0x21 0x12b6d: mov ah, 0x3e 0x12b6f: int 0x21 0x12b71: push cs 0x12b72: pop ds 0x12b73: mov ah, 0x4f 0x12b75: int 0x21
2018-12-17T23:04:03.000014232Z	64	PC: 12b6d \| Write file or device (Write 579 bytes on handle 5)
2018-12-17T23:04:03.009008277Z	62	PC: 12b71 \| Close file
2018-12-17T23:04:03.017390874Z	79	PC: 12b77 \| Find next file
2018-12-17T23:04:03.019947318Z	67	PC: 12ac6 \| Get or set file attributes
2018-12-17T23:04:03.030606451Z	61	PC: 12acb \| Open file (Filename = 'ré>ÿº€')
2018-12-17T23:04:03.037528701Z	63	PC: 12ada \| Read file or device (Read 65535 bytes on handle 5)
2018-12-17T23:04:03.045585051Z	62	PC: 12b71 \| Close file
2018-12-17T23:04:03.048618405Z	79	PC: 12b77 \| Find next file
2018-12-17T23:04:03.051806208Z	26	PC: 12b83 \| Set disk transfer address
2018-12-17T23:04:03.053211401Z	44	PC: 12b87 \| Get time 0x12b87: cmp ch, 5 0x12b8a: je 0x12b8f 0x12b8c: jmp 0x12c28 0x12b8f: mov ah, 0x2a 0x12b91: int 0x21 0x12b93: cmp al, 6 0x12b95: je 0x12bde 0x12b97: cmp al, 0 0x12b99: je 0x12b9e 0x12b9b: jmp 0x12c28 0x12b9e: mov ah, 0xf 0x12ba0: int 0x10 0x12ba2: push ax 0x12ba3: xor ah, ah 0x12ba5: mov al, 5 0x12ba7: int 0x10 0x12ba9: mov cx, 0x51 0x12bac: mov ax, 0x17f 0x12baf: sub ax, 0x40f 0x12bb2: mov si, ax

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":14748,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:41:33.134792634Z	26	PC: 12aab \| Set disk transfer address
2018-12-25T12:41:33.136261811Z	78	PC: 12ab5 \| Find first file
2018-12-25T12:41:33.143882233Z	67	PC: 12ac6 \| Get or set file attributes
2018-12-25T12:41:33.165905855Z	61	PC: 12acb \| Open file (Filename = 'ré>ÿº€')
2018-12-25T12:41:33.173167558Z	63	PC: 12ada \| Read file or device (Read 65535 bytes on handle 5)
2018-12-25T12:41:33.180687369Z	66	PC: 12af6 \| Move file pointer
2018-12-25T12:41:33.182318512Z	44	PC: 12afa \| Get time 0x12afa: mov al, dl 0x12afc: cwde 0x12afd: inc ax 0x12afe: cdq 0x12aff: mov cx, word ptr cs:[0x117] 0x12b04: idiv cx 0x12b06: inc dx 0x12b07: rol dx, 1 0x12b09: mov di, dx 0x12b0b: mov word ptr [di + 0x43], 0x706 0x12b11: mov ah, 0x2c 0x12b13: int 0x21 0x12b15: mov al, dl 0x12b17: cwde 0x12b18: inc ax 0x12b19: cdq 0x12b1a: mov cx, word ptr cs:[0x117] 0x12b1f: idiv cx 0x12b21: inc dx 0x12b22: rol dx, 1
2018-12-25T12:41:33.184596457Z	44	PC: 12b15 \| Get time 0x12b15: mov al, dl 0x12b17: cwde 0x12b18: inc ax 0x12b19: cdq 0x12b1a: mov cx, word ptr cs:[0x117] 0x12b1f: idiv cx 0x12b21: inc dx 0x12b22: rol dx, 1 0x12b24: mov di, dx 0x12b26: mov word ptr [di + 0x43], 0x1f1e 0x12b2c: mov ah, 0x2c 0x12b2e: int 0x21 0x12b30: mov al, dl 0x12b32: cwde 0x12b33: inc ax 0x12b34: cdq 0x12b35: mov cx, word ptr cs:[0x117] 0x12b3a: idiv cx 0x12b3c: inc dx 0x12b3d: rol dx, 1
2018-12-25T12:41:33.188019703Z	44	PC: 12b30 \| Get time 0x12b30: mov al, dl 0x12b32: cwde 0x12b33: inc ax 0x12b34: cdq 0x12b35: mov cx, word ptr cs:[0x117] 0x12b3a: idiv cx 0x12b3c: inc dx 0x12b3d: rol dx, 1 0x12b3f: mov di, dx 0x12b41: mov word ptr [di + 0x43], 0x5a52 0x12b47: mov ah, 0x2c 0x12b49: int 0x21 0x12b4b: mov al, dl 0x12b4d: cwde 0x12b4e: inc ax 0x12b4f: cdq 0x12b50: mov cx, word ptr cs:[0x117] 0x12b55: idiv cx 0x12b57: inc dx 0x12b58: rol dx, 1
2018-12-25T12:41:33.190404721Z	44	PC: 12b4b \| Get time 0x12b4b: mov al, dl 0x12b4d: cwde 0x12b4e: inc ax 0x12b4f: cdq 0x12b50: mov cx, word ptr cs:[0x117] 0x12b55: idiv cx 0x12b57: inc dx 0x12b58: rol dx, 1 0x12b5a: mov di, dx 0x12b5c: mov word ptr [di + 0x43], 0x5951 0x12b62: xor dx, dx 0x12b64: mov cx, word ptr cs:[0x115] 0x12b69: mov ah, 0x40 0x12b6b: int 0x21 0x12b6d: mov ah, 0x3e 0x12b6f: int 0x21 0x12b71: push cs 0x12b72: pop ds 0x12b73: mov ah, 0x4f 0x12b75: int 0x21
2018-12-25T12:41:33.19275312Z	64	PC: 12b6d \| Write file or device (Write 957 bytes on handle 5)
2018-12-25T12:41:33.202765687Z	62	PC: 12b71 \| Close file
2018-12-25T12:41:33.211353013Z	79	PC: 12b77 \| Find next file
2018-12-25T12:41:33.214217823Z	67	PC: 12ac6 \| Get or set file attributes (See above)
2018-12-25T12:41:33.224772574Z	61	PC: 12acb \| Open file (See above)
2018-12-25T12:41:33.232113502Z	63	PC: 12ada \| Read file or device (See above)
2018-12-25T12:41:33.239013034Z	66	PC: 12af6 \| Move file pointer (See above)
2018-12-25T12:41:33.240507925Z	44	PC: 12afa \| Get time (See above)
2018-12-25T12:41:33.24313358Z	44	PC: 12b15 \| Get time (See above)
2018-12-25T12:41:33.245328864Z	44	PC: 12b30 \| Get time (See above)
2018-12-25T12:41:33.247479942Z	44	PC: 12b4b \| Get time (See above)
2018-12-25T12:41:33.250423385Z	64	PC: 12b6d \| Write file or device (See above)
2018-12-25T12:41:33.259345118Z	62	PC: 12b71 \| Close file (See above)
2018-12-25T12:41:33.268104716Z	79	PC: 12b77 \| Find next file (See above)
2018-12-25T12:41:33.271474268Z	67	PC: 12ac6 \| Get or set file attributes (See above)
2018-12-25T12:41:33.281859486Z	61	PC: 12acb \| Open file (See above)
2018-12-25T12:41:33.288921927Z	63	PC: 12ada \| Read file or device (See above)
2018-12-25T12:41:33.296781684Z	66	PC: 12af6 \| Move file pointer (See above)
2018-12-25T12:41:33.298468492Z	44	PC: 12afa \| Get time (See above)
2018-12-25T12:41:33.300910343Z	44	PC: 12b15 \| Get time (See above)
2018-12-25T12:41:33.303748041Z	44	PC: 12b30 \| Get time (See above)
2018-12-25T12:41:33.30674402Z	44	PC: 12b4b \| Get time (See above)
2018-12-25T12:41:33.3094605Z	64	PC: 12b6d \| Write file or device (See above)
2018-12-25T12:41:33.318760017Z	62	PC: 12b71 \| Close file (See above)
2018-12-25T12:41:33.329311314Z	79	PC: 12b77 \| Find next file (See above)
2018-12-25T12:41:33.332624711Z	67	PC: 12ac6 \| Get or set file attributes (See above)
2018-12-25T12:41:33.343694068Z	61	PC: 12acb \| Open file (See above)
2018-12-25T12:41:33.352959478Z	63	PC: 12ada \| Read file or device (See above)
2018-12-25T12:41:33.360742675Z	66	PC: 12af6 \| Move file pointer (See above)
2018-12-25T12:41:33.36273273Z	44	PC: 12afa \| Get time (See above)
2018-12-25T12:41:33.366463538Z	44	PC: 12b15 \| Get time (See above)
2018-12-25T12:41:33.369438749Z	44	PC: 12b30 \| Get time (See above)
2018-12-25T12:41:33.372323731Z	44	PC: 12b4b \| Get time (See above)
2018-12-25T12:41:33.375760813Z	64	PC: 12b6d \| Write file or device (See above)
2018-12-25T12:41:33.385387248Z	62	PC: 12b71 \| Close file (See above)
2018-12-25T12:41:33.395286745Z	79	PC: 12b77 \| Find next file (See above)
2018-12-25T12:41:33.398992234Z	67	PC: 12ac6 \| Get or set file attributes (See above)
2018-12-25T12:41:33.407744911Z	61	PC: 12acb \| Open file (See above)
2018-12-25T12:41:33.412713679Z	63	PC: 12ada \| Read file or device (See above)
2018-12-25T12:41:33.417405716Z	66	PC: 12af6 \| Move file pointer (See above)
2018-12-25T12:41:33.418878086Z	44	PC: 12afa \| Get time (See above)
2018-12-25T12:41:33.420826173Z	44	PC: 12b15 \| Get time (See above)
2018-12-25T12:41:33.423254475Z	44	PC: 12b30 \| Get time (See above)
2018-12-25T12:41:33.427108908Z	44	PC: 12b4b \| Get time (See above)
2018-12-25T12:41:33.429922271Z	64	PC: 12b6d \| Write file or device (See above)
2018-12-25T12:41:33.439686159Z	62	PC: 12b71 \| Close file (See above)
2018-12-25T12:41:33.450478909Z	79	PC: 12b77 \| Find next file (See above)
2018-12-25T12:41:33.453789651Z	67	PC: 12ac6 \| Get or set file attributes (See above)
2018-12-25T12:41:33.466108021Z	61	PC: 12acb \| Open file (See above)
2018-12-25T12:41:33.475034684Z	63	PC: 12ada \| Read file or device (See above)
2018-12-25T12:41:33.483276703Z	66	PC: 12af6 \| Move file pointer (See above)
2018-12-25T12:41:33.485301548Z	44	PC: 12afa \| Get time (See above)
2018-12-25T12:41:33.488996925Z	44	PC: 12b15 \| Get time (See above)
2018-12-25T12:41:33.491835933Z	44	PC: 12b30 \| Get time (See above)
2018-12-25T12:41:33.494602785Z	44	PC: 12b4b \| Get time (See above)
2018-12-25T12:41:33.497058133Z	64	PC: 12b6d \| Write file or device (See above)
2018-12-25T12:41:33.50710297Z	62	PC: 12b71 \| Close file (See above)
2018-12-25T12:41:33.516795827Z	79	PC: 12b77 \| Find next file (See above)
2018-12-25T12:41:33.519590188Z	67	PC: 12ac6 \| Get or set file attributes (See above)
2018-12-25T12:41:33.531193738Z	61	PC: 12acb \| Open file (See above)
2018-12-25T12:41:33.538456803Z	63	PC: 12ada \| Read file or device (See above)
2018-12-25T12:41:33.545520344Z	66	PC: 12af6 \| Move file pointer (See above)
2018-12-25T12:41:33.547657808Z	44	PC: 12afa \| Get time (See above)
2018-12-25T12:41:33.550241813Z	44	PC: 12b15 \| Get time (See above)
2018-12-25T12:41:33.552832389Z	44	PC: 12b30 \| Get time (See above)
2018-12-25T12:41:33.556352188Z	44	PC: 12b4b \| Get time (See above)
2018-12-25T12:41:33.558780792Z	64	PC: 12b6d \| Write file or device (See above)
2018-12-25T12:41:33.568005518Z	62	PC: 12b71 \| Close file (See above)
2018-12-25T12:41:33.577752573Z	79	PC: 12b77 \| Find next file (See above)
2018-12-25T12:41:33.580974585Z	67	PC: 12ac6 \| Get or set file attributes (See above)
2018-12-25T12:41:33.593193425Z	61	PC: 12acb \| Open file (See above)
2018-12-25T12:41:33.601204014Z	63	PC: 12ada \| Read file or device (See above)
2018-12-25T12:41:33.60745193Z	62	PC: 12b71 \| Close file (See above)
2018-12-25T12:41:33.609231473Z	79	PC: 12b77 \| Find next file (See above)
2018-12-25T12:41:33.611010257Z	26	PC: 12b83 \| Set disk transfer address
2018-12-25T12:41:33.61251742Z	44	PC: 12b87 \| Get time 0x12b87: cmp ch, 5 0x12b8a: je 0x12b8f 0x12b8c: jmp 0x12c28 0x12b8f: mov ah, 0x2a 0x12b91: int 0x21 0x12b93: cmp al, 6 0x12b95: je 0x12bde 0x12b97: cmp al, 0 0x12b99: je 0x12b9e 0x12b9b: jmp 0x12c28 0x12b9e: mov ah, 0xf 0x12ba0: int 0x10 0x12ba2: push ax 0x12ba3: xor ah, ah 0x12ba5: mov al, 5 0x12ba7: int 0x10 0x12ba9: mov cx, 0x51 0x12bac: mov ax, 0x17f 0x12baf: sub ax, 0x40f 0x12bb2: mov si, ax

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":5,"Min":0,"Second":0,"TimeBased":true,"OriginalID":14748,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:41:33.39086998Z	26	PC: 12aab \| Set disk transfer address
2018-12-25T12:41:33.392795717Z	78	PC: 12ab5 \| Find first file
2018-12-25T12:41:33.399281217Z	67	PC: 12ac6 \| Get or set file attributes
2018-12-25T12:41:33.416014547Z	61	PC: 12acb \| Open file (Filename = 'ré>ÿº€')
2018-12-25T12:41:33.420680987Z	63	PC: 12ada \| Read file or device (Read 65535 bytes on handle 5)
2018-12-25T12:41:33.428807303Z	66	PC: 12af6 \| Move file pointer
2018-12-25T12:41:33.430867072Z	44	PC: 12afa \| Get time 0x12afa: mov al, dl 0x12afc: cwde 0x12afd: inc ax 0x12afe: cdq 0x12aff: mov cx, word ptr cs:[0x117] 0x12b04: idiv cx 0x12b06: inc dx 0x12b07: rol dx, 1 0x12b09: mov di, dx 0x12b0b: mov word ptr [di + 0x43], 0x706 0x12b11: mov ah, 0x2c 0x12b13: int 0x21 0x12b15: mov al, dl 0x12b17: cwde 0x12b18: inc ax 0x12b19: cdq 0x12b1a: mov cx, word ptr cs:[0x117] 0x12b1f: idiv cx 0x12b21: inc dx 0x12b22: rol dx, 1
2018-12-25T12:41:33.433885462Z	44	PC: 12b15 \| Get time 0x12b15: mov al, dl 0x12b17: cwde 0x12b18: inc ax 0x12b19: cdq 0x12b1a: mov cx, word ptr cs:[0x117] 0x12b1f: idiv cx 0x12b21: inc dx 0x12b22: rol dx, 1 0x12b24: mov di, dx 0x12b26: mov word ptr [di + 0x43], 0x1f1e 0x12b2c: mov ah, 0x2c 0x12b2e: int 0x21 0x12b30: mov al, dl 0x12b32: cwde 0x12b33: inc ax 0x12b34: cdq 0x12b35: mov cx, word ptr cs:[0x117] 0x12b3a: idiv cx 0x12b3c: inc dx 0x12b3d: rol dx, 1
2018-12-25T12:41:33.437520189Z	44	PC: 12b30 \| Get time 0x12b30: mov al, dl 0x12b32: cwde 0x12b33: inc ax 0x12b34: cdq 0x12b35: mov cx, word ptr cs:[0x117] 0x12b3a: idiv cx 0x12b3c: inc dx 0x12b3d: rol dx, 1 0x12b3f: mov di, dx 0x12b41: mov word ptr [di + 0x43], 0x5a52 0x12b47: mov ah, 0x2c 0x12b49: int 0x21 0x12b4b: mov al, dl 0x12b4d: cwde 0x12b4e: inc ax 0x12b4f: cdq 0x12b50: mov cx, word ptr cs:[0x117] 0x12b55: idiv cx 0x12b57: inc dx 0x12b58: rol dx, 1
2018-12-25T12:41:33.439874305Z	44	PC: 12b4b \| Get time 0x12b4b: mov al, dl 0x12b4d: cwde 0x12b4e: inc ax 0x12b4f: cdq 0x12b50: mov cx, word ptr cs:[0x117] 0x12b55: idiv cx 0x12b57: inc dx 0x12b58: rol dx, 1 0x12b5a: mov di, dx 0x12b5c: mov word ptr [di + 0x43], 0x5951 0x12b62: xor dx, dx 0x12b64: mov cx, word ptr cs:[0x115] 0x12b69: mov ah, 0x40 0x12b6b: int 0x21 0x12b6d: mov ah, 0x3e 0x12b6f: int 0x21 0x12b71: push cs 0x12b72: pop ds 0x12b73: mov ah, 0x4f 0x12b75: int 0x21
2018-12-25T12:41:33.442686561Z	64	PC: 12b6d \| Write file or device (Write 957 bytes on handle 5)
2018-12-25T12:41:33.453143715Z	62	PC: 12b71 \| Close file
2018-12-25T12:41:33.462296455Z	79	PC: 12b77 \| Find next file
2018-12-25T12:41:33.465288618Z	67	PC: 12ac6 \| Get or set file attributes (See above)
2018-12-25T12:41:33.476860195Z	61	PC: 12acb \| Open file (See above)
2018-12-25T12:41:33.485039656Z	63	PC: 12ada \| Read file or device (See above)
2018-12-25T12:41:33.491677517Z	66	PC: 12af6 \| Move file pointer (See above)
2018-12-25T12:41:33.493076211Z	44	PC: 12afa \| Get time (See above)
2018-12-25T12:41:33.495751489Z	44	PC: 12b15 \| Get time (See above)
2018-12-25T12:41:33.498312851Z	44	PC: 12b30 \| Get time (See above)
2018-12-25T12:41:33.499982259Z	44	PC: 12b4b \| Get time (See above)
2018-12-25T12:41:33.502107495Z	64	PC: 12b6d \| Write file or device (See above)
2018-12-25T12:41:33.508079574Z	62	PC: 12b71 \| Close file (See above)
2018-12-25T12:41:33.513900239Z	79	PC: 12b77 \| Find next file (See above)
2018-12-25T12:41:33.516608111Z	67	PC: 12ac6 \| Get or set file attributes (See above)
2018-12-25T12:41:33.527610515Z	61	PC: 12acb \| Open file (See above)
2018-12-25T12:41:33.534801952Z	63	PC: 12ada \| Read file or device (See above)
2018-12-25T12:41:33.542974027Z	66	PC: 12af6 \| Move file pointer (See above)
2018-12-25T12:41:33.544228651Z	44	PC: 12afa \| Get time (See above)
2018-12-25T12:41:33.546376779Z	44	PC: 12b15 \| Get time (See above)
2018-12-25T12:41:33.550654245Z	44	PC: 12b30 \| Get time (See above)
2018-12-25T12:41:33.553209783Z	44	PC: 12b4b \| Get time (See above)
2018-12-25T12:41:33.555838039Z	64	PC: 12b6d \| Write file or device (See above)
2018-12-25T12:41:33.56517439Z	62	PC: 12b71 \| Close file (See above)
2018-12-25T12:41:33.584906472Z	79	PC: 12b77 \| Find next file (See above)
2018-12-25T12:41:33.589048283Z	67	PC: 12ac6 \| Get or set file attributes (See above)
2018-12-25T12:41:33.600430453Z	61	PC: 12acb \| Open file (See above)
2018-12-25T12:41:33.608667728Z	63	PC: 12ada \| Read file or device (See above)
2018-12-25T12:41:33.61627785Z	66	PC: 12af6 \| Move file pointer (See above)
2018-12-25T12:41:33.618313713Z	44	PC: 12afa \| Get time (See above)
2018-12-25T12:41:33.622294984Z	44	PC: 12b15 \| Get time (See above)
2018-12-25T12:41:33.625170554Z	44	PC: 12b30 \| Get time (See above)
2018-12-25T12:41:33.628002624Z	44	PC: 12b4b \| Get time (See above)
2018-12-25T12:41:33.631815365Z	64	PC: 12b6d \| Write file or device (See above)
2018-12-25T12:41:33.64075179Z	62	PC: 12b71 \| Close file (See above)
2018-12-25T12:41:33.649684604Z	79	PC: 12b77 \| Find next file (See above)
2018-12-25T12:41:33.65256341Z	67	PC: 12ac6 \| Get or set file attributes (See above)
2018-12-25T12:41:33.664144654Z	61	PC: 12acb \| Open file (See above)
2018-12-25T12:41:33.671445476Z	63	PC: 12ada \| Read file or device (See above)
2018-12-25T12:41:33.678540362Z	66	PC: 12af6 \| Move file pointer (See above)
2018-12-25T12:41:33.681036526Z	44	PC: 12afa \| Get time (See above)
2018-12-25T12:41:33.683771652Z	44	PC: 12b15 \| Get time (See above)
2018-12-25T12:41:33.686521771Z	44	PC: 12b30 \| Get time (See above)
2018-12-25T12:41:33.690316608Z	44	PC: 12b4b \| Get time (See above)
2018-12-25T12:41:33.693511926Z	64	PC: 12b6d \| Write file or device (See above)
2018-12-25T12:41:33.702557104Z	62	PC: 12b71 \| Close file (See above)
2018-12-25T12:41:33.712390966Z	79	PC: 12b77 \| Find next file (See above)
2018-12-25T12:41:33.715305744Z	67	PC: 12ac6 \| Get or set file attributes (See above)
2018-12-25T12:41:33.726734103Z	61	PC: 12acb \| Open file (See above)
2018-12-25T12:41:33.734554035Z	63	PC: 12ada \| Read file or device (See above)
2018-12-25T12:41:33.741888804Z	66	PC: 12af6 \| Move file pointer (See above)
2018-12-25T12:41:33.7434824Z	44	PC: 12afa \| Get time (See above)
2018-12-25T12:41:33.746107166Z	44	PC: 12b15 \| Get time (See above)
2018-12-25T12:41:33.749060932Z	44	PC: 12b30 \| Get time (See above)
2018-12-25T12:41:33.751625006Z	44	PC: 12b4b \| Get time (See above)
2018-12-25T12:41:33.754026704Z	64	PC: 12b6d \| Write file or device (See above)
2018-12-25T12:41:33.763829138Z	62	PC: 12b71 \| Close file (See above)
2018-12-25T12:41:33.772791767Z	79	PC: 12b77 \| Find next file (See above)
2018-12-25T12:41:33.776350494Z	67	PC: 12ac6 \| Get or set file attributes (See above)
2018-12-25T12:41:33.7883148Z	61	PC: 12acb \| Open file (See above)
2018-12-25T12:41:33.795829446Z	63	PC: 12ada \| Read file or device (See above)
2018-12-25T12:41:33.802932605Z	66	PC: 12af6 \| Move file pointer (See above)
2018-12-25T12:41:33.805527021Z	44	PC: 12afa \| Get time (See above)
2018-12-25T12:41:33.807876869Z	44	PC: 12b15 \| Get time (See above)
2018-12-25T12:41:33.81021173Z	44	PC: 12b30 \| Get time (See above)
2018-12-25T12:41:33.813194865Z	44	PC: 12b4b \| Get time (See above)
2018-12-25T12:41:33.816201115Z	64	PC: 12b6d \| Write file or device (See above)
2018-12-25T12:41:33.825910605Z	62	PC: 12b71 \| Close file (See above)
2018-12-25T12:41:33.83593109Z	79	PC: 12b77 \| Find next file (See above)
2018-12-25T12:41:33.839226024Z	67	PC: 12ac6 \| Get or set file attributes (See above)
2018-12-25T12:41:33.851159247Z	61	PC: 12acb \| Open file (See above)
2018-12-25T12:41:33.859407804Z	63	PC: 12ada \| Read file or device (See above)
2018-12-25T12:41:33.868564533Z	62	PC: 12b71 \| Close file (See above)
2018-12-25T12:41:33.870938146Z	79	PC: 12b77 \| Find next file (See above)
2018-12-25T12:41:33.873973866Z	26	PC: 12b83 \| Set disk transfer address
2018-12-25T12:41:33.876410327Z	44	PC: 12b87 \| Get time 0x12b87: cmp ch, 5 0x12b8a: je 0x12b8f 0x12b8c: jmp 0x12c28 0x12b8f: mov ah, 0x2a 0x12b91: int 0x21 0x12b93: cmp al, 6 0x12b95: je 0x12bde 0x12b97: cmp al, 0 0x12b99: je 0x12b9e 0x12b9b: jmp 0x12c28 0x12b9e: mov ah, 0xf 0x12ba0: int 0x10 0x12ba2: push ax 0x12ba3: xor ah, ah 0x12ba5: mov al, 5 0x12ba7: int 0x10 0x12ba9: mov cx, 0x51 0x12bac: mov ax, 0x17f 0x12baf: sub ax, 0x40f 0x12bb2: mov si, ax
2018-12-25T12:41:33.879084395Z	42	PC: 12b93 \| Get date 0x12b93: cmp al, 6 0x12b95: je 0x12bde 0x12b97: cmp al, 0 0x12b99: je 0x12b9e 0x12b9b: jmp 0x12c28 0x12b9e: mov ah, 0xf 0x12ba0: int 0x10 0x12ba2: push ax 0x12ba3: xor ah, ah 0x12ba5: mov al, 5 0x12ba7: int 0x10 0x12ba9: mov cx, 0x51 0x12bac: mov ax, 0x17f 0x12baf: sub ax, 0x40f 0x12bb2: mov si, ax 0x12bb4: push cx 0x12bb5: push si 0x12bb6: pop ds 0x12bb7: push ds 0x12bb8: xor si, si