Sample viewer

vx.netlux.org/Virus.DOS.Mephisto.949

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:04:45.559999858Z 26 PC: 12baf | Set disk transfer address
2018-12-17T23:04:45.562662135Z 67 PC: 12c58 | Get or set file attributes
2018-12-17T23:04:45.571713047Z 61 PC: 12c5d | Open file (Filename = 'c:\dos\doskey.com')
2018-12-17T23:04:45.578254419Z 67 PC: 12c58 | Get or set file attributes
2018-12-17T23:04:46.001813284Z 61 PC: 12c5d | Open file (Filename = 'c:\dos\edit.com')
2018-12-17T23:04:46.010119997Z 87 PC: 12c65 | Get or set file date and time
2018-12-17T23:04:46.011789737Z 63 PC: 12c72 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:04:46.01730538Z 66 PC: 12c82 | Move file pointer
2018-12-17T23:04:46.020824258Z 64 PC: 12b81 | Write file or device (Write 949 bytes on handle 5)
2018-12-17T23:04:46.028154955Z 66 PC: 12cb2 | Move file pointer
2018-12-17T23:04:46.02960431Z 64 PC: 12cbd | Write file or device (Write 4 bytes on handle 5)
2018-12-17T23:04:46.036236063Z 87 PC: 12cc4 | Get or set file date and time
2018-12-17T23:04:46.037927774Z 62 PC: 12cc8 | Close file
2018-12-17T23:04:46.044368527Z 67 PC: 12c58 | Get or set file attributes
2018-12-17T23:04:46.054799775Z 61 PC: 12c5d | Open file (Filename = 'c:\windows\win.com')
2018-12-17T23:04:46.062296394Z 87 PC: 12c65 | Get or set file date and time
2018-12-17T23:04:46.063963228Z 63 PC: 12c72 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:04:46.069344038Z 66 PC: 12c82 | Move file pointer
2018-12-17T23:04:46.072486598Z 64 PC: 12b81 | Write file or device (Write 949 bytes on handle 5)
2018-12-17T23:04:46.082194406Z 66 PC: 12cb2 | Move file pointer
2018-12-17T23:04:46.083814393Z 64 PC: 12cbd | Write file or device (Write 4 bytes on handle 5)
2018-12-17T23:04:46.088388806Z 87 PC: 12cc4 | Get or set file date and time
2018-12-17T23:04:46.090914706Z 62 PC: 12cc8 | Close file
2018-12-17T23:04:46.099048103Z 78 PC: 12bcc | Find first file
2018-12-17T23:04:46.106635562Z 67 PC: 12c58 | Get or set file attributes
2018-12-17T23:04:46.12532436Z 61 PC: 12c5d | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:04:46.133775093Z 87 PC: 12c65 | Get or set file date and time
2018-12-17T23:04:46.136807496Z 63 PC: 12c72 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:04:46.144442184Z 66 PC: 12c82 | Move file pointer
2018-12-17T23:04:46.147147693Z 64 PC: 12b81 | Write file or device (Write 949 bytes on handle 5)
2018-12-17T23:04:46.161584804Z 66 PC: 12cb2 | Move file pointer
2018-12-17T23:04:46.164669806Z 64 PC: 12cbd | Write file or device (Write 4 bytes on handle 5)
2018-12-17T23:04:46.172480085Z 87 PC: 12cc4 | Get or set file date and time
2018-12-17T23:04:46.174541512Z 62 PC: 12cc8 | Close file
2018-12-17T23:04:46.18359076Z 79 PC: 12bcc | Find next file
2018-12-17T23:04:46.18687134Z 67 PC: 12c58 | Get or set file attributes
2018-12-17T23:04:46.19747871Z 61 PC: 12c5d | Open file (Filename = 'PRINT.COM')
2018-12-17T23:04:46.207303878Z 87 PC: 12c65 | Get or set file date and time
2018-12-17T23:04:46.209103152Z 63 PC: 12c72 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:04:46.216465418Z 66 PC: 12c82 | Move file pointer
2018-12-17T23:04:46.21958236Z 87 PC: 12cc4 | Get or set file date and time
2018-12-17T23:04:46.221681297Z 62 PC: 12cc8 | Close file
2018-12-17T23:04:46.229562028Z 79 PC: 12bcc | Find next file
2018-12-17T23:04:46.233480378Z 67 PC: 12c58 | Get or set file attributes
2018-12-17T23:04:46.24530713Z 61 PC: 12c5d | Open file (Filename = 'HELLO.COM')
2018-12-17T23:04:46.253019084Z 87 PC: 12c65 | Get or set file date and time
2018-12-17T23:04:46.255816785Z 63 PC: 12c72 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:04:46.264518591Z 66 PC: 12c82 | Move file pointer
2018-12-17T23:04:46.266688792Z 87 PC: 12cc4 | Get or set file date and time
2018-12-17T23:04:46.268693482Z 62 PC: 12cc8 | Close file
2018-12-17T23:04:46.277414243Z 79 PC: 12bcc | Find next file
2018-12-17T23:04:46.280364832Z 67 PC: 12c58 | Get or set file attributes
2018-12-17T23:04:46.290985456Z 61 PC: 12c5d | Open file (Filename = 'PHANG.COM')
2018-12-17T23:04:46.30031359Z 87 PC: 12c65 | Get or set file date and time
2018-12-17T23:04:46.302405545Z 63 PC: 12c72 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:04:46.310096829Z 66 PC: 12c82 | Move file pointer
2018-12-17T23:04:46.313107722Z 87 PC: 12cc4 | Get or set file date and time
2018-12-17T23:04:46.315335131Z 62 PC: 12cc8 | Close file
2018-12-17T23:04:46.323350936Z 79 PC: 12bcc | Find next file
2018-12-17T23:04:46.32739429Z 67 PC: 12c58 | Get or set file attributes
2018-12-17T23:04:46.339864333Z 61 PC: 12c5d | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T23:04:46.347962923Z 87 PC: 12c65 | Get or set file date and time
2018-12-17T23:04:46.350363318Z 63 PC: 12c72 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:04:46.357326002Z 66 PC: 12c82 | Move file pointer
2018-12-17T23:04:46.359435399Z 87 PC: 12cc4 | Get or set file date and time
2018-12-17T23:04:46.361708364Z 62 PC: 12cc8 | Close file
2018-12-17T23:04:46.376683127Z 79 PC: 12bcc | Find next file
2018-12-17T23:04:46.38024196Z 67 PC: 12c58 | Get or set file attributes
2018-12-17T23:04:46.391971039Z 61 PC: 12c5d | Open file (Filename = 'MANDEL.COM')
2018-12-17T23:04:46.401311775Z 87 PC: 12c65 | Get or set file date and time
2018-12-17T23:04:46.403155994Z 63 PC: 12c72 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:04:46.410894398Z 66 PC: 12c82 | Move file pointer
2018-12-17T23:04:46.414187622Z 64 PC: 12b81 | Write file or device (Write 949 bytes on handle 5)
2018-12-17T23:04:46.425490228Z 66 PC: 12cb2 | Move file pointer
2018-12-17T23:04:46.42730445Z 64 PC: 12cbd | Write file or device (Write 4 bytes on handle 5)
2018-12-17T23:04:46.435865912Z 87 PC: 12cc4 | Get or set file date and time
2018-12-17T23:04:46.43787496Z 62 PC: 12cc8 | Close file
2018-12-17T23:04:46.447283194Z 79 PC: 12bcc | Find next file
2018-12-17T23:04:46.450681715Z 67 PC: 12c58 | Get or set file attributes
2018-12-17T23:04:46.463031541Z 61 PC: 12c5d | Open file (Filename = 'PAH.COM')
2018-12-17T23:04:46.470610355Z 87 PC: 12c65 | Get or set file date and time
2018-12-17T23:04:46.472242835Z 63 PC: 12c72 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:04:46.480334393Z 66 PC: 12c82 | Move file pointer
2018-12-17T23:04:46.482272377Z 87 PC: 12cc4 | Get or set file date and time
2018-12-17T23:04:46.484233496Z 62 PC: 12cc8 | Close file
2018-12-17T23:04:46.493125108Z 79 PC: 12bcc | Find next file
2018-12-17T23:04:46.496468556Z 67 PC: 12c58 | Get or set file attributes
2018-12-17T23:04:46.508151107Z 61 PC: 12c5d | Open file (Filename = 'TEST.COM')
2018-12-17T23:04:46.51701084Z 87 PC: 12c65 | Get or set file date and time
2018-12-17T23:04:46.518977118Z 63 PC: 12c72 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:04:46.521683227Z 87 PC: 12cc4 | Get or set file date and time
2018-12-17T23:04:46.523795109Z 62 PC: 12cc8 | Close file
2018-12-17T23:04:46.531685709Z 79 PC: 12bcc | Find next file
2018-12-17T23:04:46.534546078Z 44 PC: 12bde | Get time 0x12bde: cmp dl, 1
0x12be1: ja 0x12beb
0x12be3: cmp dh, 0x10
0x12be6: ja 0x12beb
0x12be8: call 0x12bf3
0x12beb: mov dx, 0x80
0x12bee: mov ah, 0x1a
0x12bf0: int 0x21
0x12bf2: ret
0x12bf3: lea bx, word ptr [bp + 0x4b5]
0x12bf7: mov cx, 1
0x12bfa: mov dx, 0x80
0x12bfd: mov ax, 0x201
0x12c00: int 0x13
0x12c02: jb 0x12bf2
0x12c04: mov ax, 0x301
0x12c07: mov dx, 0x80
0x12c0a: mov cx, 2
0x12c0d: lea bx, word ptr [bp + 0x4b5]
0x12c11: int 0x13
2018-12-17T23:04:46.538166587Z 26 PC: 12bf2 | Set disk transfer address

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":14977,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:42:15.49713337Z 26 PC: 12baf | Set disk transfer address
2018-12-25T12:42:15.499294382Z 67 PC: 12c58 | Get or set file attributes
2018-12-25T12:42:15.504968725Z 61 PC: 12c5d | Open file (Filename = 'c:\dos\doskey.com')
2018-12-25T12:42:15.508999384Z 67 PC: 12c58 | Get or set file attributes (See above)
2018-12-25T12:42:15.838016897Z 61 PC: 12c5d | Open file (See above)
2018-12-25T12:42:15.844934935Z 87 PC: 12c65 | Get or set file date and time
2018-12-25T12:42:15.846168585Z 63 PC: 12c72 | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:42:15.851686877Z 66 PC: 12c82 | Move file pointer
2018-12-25T12:42:15.853670088Z 64 PC: 12b81 | Write file or device (Write 949 bytes on handle 5)
2018-12-25T12:42:15.858609199Z 66 PC: 12cb2 | Move file pointer
2018-12-25T12:42:15.859802928Z 64 PC: 12cbd | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:42:15.866214877Z 87 PC: 12cc4 | Get or set file date and time
2018-12-25T12:42:15.867707258Z 62 PC: 12cc8 | Close file
2018-12-25T12:42:15.874776185Z 67 PC: 12c58 | Get or set file attributes (See above)
2018-12-25T12:42:15.886760468Z 61 PC: 12c5d | Open file (See above)
2018-12-25T12:42:15.89346673Z 87 PC: 12c65 | Get or set file date and time (See above)
2018-12-25T12:42:15.894769207Z 63 PC: 12c72 | Read file or device (See above)
2018-12-25T12:42:15.900615709Z 66 PC: 12c82 | Move file pointer (See above)
2018-12-25T12:42:15.902459576Z 64 PC: 12b81 | Write file or device (See above)
2018-12-25T12:42:15.910653477Z 66 PC: 12cb2 | Move file pointer (See above)
2018-12-25T12:42:15.912076924Z 64 PC: 12cbd | Write file or device (See above)
2018-12-25T12:42:15.913881959Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:42:15.914933832Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:42:15.919922612Z 78 PC: 12bcc | Find first file
2018-12-25T12:42:15.923712743Z 67 PC: 12c58 | Get or set file attributes (See above)
2018-12-25T12:42:15.936025938Z 61 PC: 12c5d | Open file (See above)
2018-12-25T12:42:15.940676496Z 87 PC: 12c65 | Get or set file date and time (See above)
2018-12-25T12:42:15.942293388Z 63 PC: 12c72 | Read file or device (See above)
2018-12-25T12:42:15.948950675Z 66 PC: 12c82 | Move file pointer (See above)
2018-12-25T12:42:15.951290431Z 64 PC: 12b81 | Write file or device (See above)
2018-12-25T12:42:15.960068372Z 66 PC: 12cb2 | Move file pointer (See above)
2018-12-25T12:42:15.96124001Z 64 PC: 12cbd | Write file or device (See above)
2018-12-25T12:42:15.970471662Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:42:15.971865742Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:42:15.97938226Z 79 PC: 12bcc | Find next file (See above)
2018-12-25T12:42:15.982637155Z 67 PC: 12c58 | Get or set file attributes (See above)
2018-12-25T12:42:15.99215508Z 61 PC: 12c5d | Open file (See above)
2018-12-25T12:42:15.998749Z 87 PC: 12c65 | Get or set file date and time (See above)
2018-12-25T12:42:16.00057847Z 63 PC: 12c72 | Read file or device (See above)
2018-12-25T12:42:16.007512534Z 66 PC: 12c82 | Move file pointer (See above)
2018-12-25T12:42:16.008868756Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:42:16.010464984Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:42:16.018542894Z 79 PC: 12bcc | Find next file (See above)
2018-12-25T12:42:16.02131522Z 67 PC: 12c58 | Get or set file attributes (See above)
2018-12-25T12:42:16.032113235Z 61 PC: 12c5d | Open file (See above)
2018-12-25T12:42:16.044085128Z 87 PC: 12c65 | Get or set file date and time (See above)
2018-12-25T12:42:16.045939443Z 63 PC: 12c72 | Read file or device (See above)
2018-12-25T12:42:16.057312023Z 66 PC: 12c82 | Move file pointer (See above)
2018-12-25T12:42:16.059567185Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:42:16.06095094Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:42:16.067839748Z 79 PC: 12bcc | Find next file (See above)
2018-12-25T12:42:16.070977351Z 67 PC: 12c58 | Get or set file attributes (See above)
2018-12-25T12:42:16.084940795Z 61 PC: 12c5d | Open file (See above)
2018-12-25T12:42:16.091838269Z 87 PC: 12c65 | Get or set file date and time (See above)
2018-12-25T12:42:16.094022795Z 63 PC: 12c72 | Read file or device (See above)
2018-12-25T12:42:16.100061628Z 66 PC: 12c82 | Move file pointer (See above)
2018-12-25T12:42:16.101239338Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:42:16.103125816Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:42:16.109805656Z 79 PC: 12bcc | Find next file (See above)
2018-12-25T12:42:16.112199831Z 67 PC: 12c58 | Get or set file attributes (See above)
2018-12-25T12:42:16.122279569Z 61 PC: 12c5d | Open file (See above)
2018-12-25T12:42:16.128687427Z 87 PC: 12c65 | Get or set file date and time (See above)
2018-12-25T12:42:16.129879699Z 63 PC: 12c72 | Read file or device (See above)
2018-12-25T12:42:16.136578471Z 66 PC: 12c82 | Move file pointer (See above)
2018-12-25T12:42:16.137859952Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:42:16.139128852Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:42:16.146876064Z 79 PC: 12bcc | Find next file (See above)
2018-12-25T12:42:16.149269145Z 67 PC: 12c58 | Get or set file attributes (See above)
2018-12-25T12:42:16.158973605Z 61 PC: 12c5d | Open file (See above)
2018-12-25T12:42:16.165806688Z 87 PC: 12c65 | Get or set file date and time (See above)
2018-12-25T12:42:16.167013315Z 63 PC: 12c72 | Read file or device (See above)
2018-12-25T12:42:16.173002918Z 66 PC: 12c82 | Move file pointer (See above)
2018-12-25T12:42:16.175489532Z 64 PC: 12b81 | Write file or device (See above)
2018-12-25T12:42:16.184329987Z 66 PC: 12cb2 | Move file pointer (See above)
2018-12-25T12:42:16.185518737Z 64 PC: 12cbd | Write file or device (See above)
2018-12-25T12:42:16.192455302Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:42:16.193765057Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:42:16.20113748Z 79 PC: 12bcc | Find next file (See above)
2018-12-25T12:42:16.204281067Z 67 PC: 12c58 | Get or set file attributes (See above)
2018-12-25T12:42:16.21382647Z 61 PC: 12c5d | Open file (See above)
2018-12-25T12:42:16.220977672Z 87 PC: 12c65 | Get or set file date and time (See above)
2018-12-25T12:42:16.222972039Z 63 PC: 12c72 | Read file or device (See above)
2018-12-25T12:42:16.227802902Z 66 PC: 12c82 | Move file pointer (See above)
2018-12-25T12:42:16.228995082Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:42:16.231165947Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:42:16.238073941Z 79 PC: 12bcc | Find next file (See above)
2018-12-25T12:42:16.240630252Z 67 PC: 12c58 | Get or set file attributes (See above)
2018-12-25T12:42:16.250620602Z 61 PC: 12c5d | Open file (See above)
2018-12-25T12:42:16.25716142Z 87 PC: 12c65 | Get or set file date and time (See above)
2018-12-25T12:42:16.258594901Z 63 PC: 12c72 | Read file or device (See above)
2018-12-25T12:42:16.261454908Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:42:16.262793317Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:42:16.269610164Z 79 PC: 12bcc | Find next file (See above)
2018-12-25T12:42:16.272330059Z 44 PC: 12bde | Get time 0x12bde: cmp dl, 1
0x12be1: ja 0x12beb
0x12be3: cmp dh, 0x10
0x12be6: ja 0x12beb
0x12be8: call 0x12bf3
0x12beb: mov dx, 0x80
0x12bee: mov ah, 0x1a
0x12bf0: int 0x21
0x12bf2: ret
0x12bf3: lea bx, word ptr [bp + 0x4b5]
0x12bf7: mov cx, 1
0x12bfa: mov dx, 0x80
0x12bfd: mov ax, 0x201
0x12c00: int 0x13
0x12c02: jb 0x12bf2
0x12c04: mov ax, 0x301
0x12c07: mov dx, 0x80
0x12c0a: mov cx, 2
0x12c0d: lea bx, word ptr [bp + 0x4b5]
0x12c11: int 0x13
2018-12-25T12:42:16.274471847Z 26 PC: 12bf2 | Set disk transfer address

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":17,"TimeBased":true,"OriginalID":14977,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:42:15.988590452Z 26 PC: 12baf | Set disk transfer address
2018-12-25T12:42:15.999151676Z 67 PC: 12c58 | Get or set file attributes
2018-12-25T12:42:16.010165094Z 61 PC: 12c5d | Open file (Filename = 'c:\dos\doskey.com')
2018-12-25T12:42:16.017713517Z 67 PC: 12c58 | Get or set file attributes (See above)
2018-12-25T12:42:16.387987561Z 61 PC: 12c5d | Open file (See above)
2018-12-25T12:42:16.402142243Z 87 PC: 12c65 | Get or set file date and time
2018-12-25T12:42:16.403704501Z 63 PC: 12c72 | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:42:16.409940634Z 66 PC: 12c82 | Move file pointer
2018-12-25T12:42:16.412752553Z 64 PC: 12b81 | Write file or device (Write 949 bytes on handle 5)
2018-12-25T12:42:16.421632157Z 66 PC: 12cb2 | Move file pointer
2018-12-25T12:42:16.42335618Z 64 PC: 12cbd | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:42:16.430353561Z 87 PC: 12cc4 | Get or set file date and time
2018-12-25T12:42:16.431976467Z 62 PC: 12cc8 | Close file
2018-12-25T12:42:16.443177686Z 67 PC: 12c58 | Get or set file attributes (See above)
2018-12-25T12:42:16.460011131Z 61 PC: 12c5d | Open file (See above)
2018-12-25T12:42:16.468588228Z 87 PC: 12c65 | Get or set file date and time (See above)
2018-12-25T12:42:16.47034711Z 63 PC: 12c72 | Read file or device (See above)
2018-12-25T12:42:16.485896482Z 66 PC: 12c82 | Move file pointer (See above)
2018-12-25T12:42:16.488838036Z 64 PC: 12b81 | Write file or device (See above)
2018-12-25T12:42:16.501814757Z 66 PC: 12cb2 | Move file pointer (See above)
2018-12-25T12:42:16.504963502Z 64 PC: 12cbd | Write file or device (See above)
2018-12-25T12:42:16.508544488Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:42:16.510402052Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:42:16.525075462Z 78 PC: 12bcc | Find first file
2018-12-25T12:42:16.540207621Z 67 PC: 12c58 | Get or set file attributes (See above)
2018-12-25T12:42:16.559515783Z 61 PC: 12c5d | Open file (See above)
2018-12-25T12:42:16.568081505Z 87 PC: 12c65 | Get or set file date and time (See above)
2018-12-25T12:42:16.571228777Z 63 PC: 12c72 | Read file or device (See above)
2018-12-25T12:42:16.578546205Z 66 PC: 12c82 | Move file pointer (See above)
2018-12-25T12:42:16.581071024Z 64 PC: 12b81 | Write file or device (See above)
2018-12-25T12:42:16.592691262Z 66 PC: 12cb2 | Move file pointer (See above)
2018-12-25T12:42:16.594572448Z 64 PC: 12cbd | Write file or device (See above)
2018-12-25T12:42:16.602817869Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:42:16.606102765Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:42:16.615532488Z 79 PC: 12bcc | Find next file (See above)
2018-12-25T12:42:16.618875536Z 67 PC: 12c58 | Get or set file attributes (See above)
2018-12-25T12:42:16.631469693Z 61 PC: 12c5d | Open file (See above)
2018-12-25T12:42:16.639050775Z 87 PC: 12c65 | Get or set file date and time (See above)
2018-12-25T12:42:16.640685585Z 63 PC: 12c72 | Read file or device (See above)
2018-12-25T12:42:16.648205539Z 66 PC: 12c82 | Move file pointer (See above)
2018-12-25T12:42:16.650002144Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:42:16.651601803Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:42:16.660214247Z 79 PC: 12bcc | Find next file (See above)
2018-12-25T12:42:16.663842072Z 67 PC: 12c58 | Get or set file attributes (See above)
2018-12-25T12:42:16.675689081Z 61 PC: 12c5d | Open file (See above)
2018-12-25T12:42:16.68344192Z 87 PC: 12c65 | Get or set file date and time (See above)
2018-12-25T12:42:16.685723762Z 63 PC: 12c72 | Read file or device (See above)
2018-12-25T12:42:16.693585333Z 66 PC: 12c82 | Move file pointer (See above)
2018-12-25T12:42:16.695137287Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:42:16.698489193Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:42:16.707270221Z 79 PC: 12bcc | Find next file (See above)
2018-12-25T12:42:16.710645987Z 67 PC: 12c58 | Get or set file attributes (See above)
2018-12-25T12:42:16.722400639Z 61 PC: 12c5d | Open file (See above)
2018-12-25T12:42:16.729893186Z 87 PC: 12c65 | Get or set file date and time (See above)
2018-12-25T12:42:16.731532703Z 63 PC: 12c72 | Read file or device (See above)
2018-12-25T12:42:16.740095559Z 66 PC: 12c82 | Move file pointer (See above)
2018-12-25T12:42:16.741716369Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:42:16.743416459Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:42:16.752798825Z 79 PC: 12bcc | Find next file (See above)
2018-12-25T12:42:16.756319726Z 67 PC: 12c58 | Get or set file attributes (See above)
2018-12-25T12:42:16.768234546Z 61 PC: 12c5d | Open file (See above)
2018-12-25T12:42:16.776082769Z 87 PC: 12c65 | Get or set file date and time (See above)
2018-12-25T12:42:16.779904603Z 63 PC: 12c72 | Read file or device (See above)
2018-12-25T12:42:16.787208812Z 66 PC: 12c82 | Move file pointer (See above)
2018-12-25T12:42:16.788874301Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:42:16.791789807Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:42:16.799526875Z 79 PC: 12bcc | Find next file (See above)
2018-12-25T12:42:16.802418923Z 67 PC: 12c58 | Get or set file attributes (See above)
2018-12-25T12:42:16.81428437Z 61 PC: 12c5d | Open file (See above)
2018-12-25T12:42:16.82167081Z 87 PC: 12c65 | Get or set file date and time (See above)
2018-12-25T12:42:16.823154396Z 63 PC: 12c72 | Read file or device (See above)
2018-12-25T12:42:16.830856099Z 66 PC: 12c82 | Move file pointer (See above)
2018-12-25T12:42:16.833064487Z 64 PC: 12b81 | Write file or device (See above)
2018-12-25T12:42:16.84157905Z 66 PC: 12cb2 | Move file pointer (See above)
2018-12-25T12:42:16.843766577Z 64 PC: 12cbd | Write file or device (See above)
2018-12-25T12:42:16.849968699Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:42:16.851445148Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:42:16.859436198Z 79 PC: 12bcc | Find next file (See above)
2018-12-25T12:42:16.86194833Z 67 PC: 12c58 | Get or set file attributes (See above)
2018-12-25T12:42:16.871281228Z 61 PC: 12c5d | Open file (See above)
2018-12-25T12:42:16.878263423Z 87 PC: 12c65 | Get or set file date and time (See above)
2018-12-25T12:42:16.879566511Z 63 PC: 12c72 | Read file or device (See above)
2018-12-25T12:42:16.885358202Z 66 PC: 12c82 | Move file pointer (See above)
2018-12-25T12:42:16.887028466Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:42:16.889489819Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:42:16.896009501Z 79 PC: 12bcc | Find next file (See above)
2018-12-25T12:42:16.898740106Z 67 PC: 12c58 | Get or set file attributes (See above)
2018-12-25T12:42:16.908315375Z 61 PC: 12c5d | Open file (See above)
2018-12-25T12:42:16.914561473Z 87 PC: 12c65 | Get or set file date and time (See above)
2018-12-25T12:42:16.916262849Z 63 PC: 12c72 | Read file or device (See above)
2018-12-25T12:42:16.919750761Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:42:16.921864372Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:42:16.930384197Z 79 PC: 12bcc | Find next file (See above)
2018-12-25T12:42:16.938484892Z 44 PC: 12bde | Get time 0x12bde: cmp dl, 1
0x12be1: ja 0x12beb
0x12be3: cmp dh, 0x10
0x12be6: ja 0x12beb
0x12be8: call 0x12bf3
0x12beb: mov dx, 0x80
0x12bee: mov ah, 0x1a
0x12bf0: int 0x21
0x12bf2: ret
0x12bf3: lea bx, word ptr [bp + 0x4b5]
0x12bf7: mov cx, 1
0x12bfa: mov dx, 0x80
0x12bfd: mov ax, 0x201
0x12c00: int 0x13
0x12c02: jb 0x12bf2
0x12c04: mov ax, 0x301
0x12c07: mov dx, 0x80
0x12c0a: mov cx, 2
0x12c0d: lea bx, word ptr [bp + 0x4b5]
0x12c11: int 0x13
2018-12-25T12:42:16.950202974Z 26 PC: 12bf2 | Set disk transfer address