Sample viewer

vx.netlux.org/Virus.DOS.Girls.1874

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:05:28.930707971Z	78	PC: 13e71 \| Find first file
2018-12-17T23:05:28.936369236Z	67	PC: 13eb7 \| Get or set file attributes
2018-12-17T23:05:28.950068827Z	61	PC: 13ec1 \| Open file (Filename = '')
2018-12-17T23:05:28.959383502Z	63	PC: 13ed8 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:05:28.965710078Z	66	PC: 13f05 \| Move file pointer
2018-12-17T23:05:28.968553756Z	87	PC: 13ee9 \| Get or set file date and time
2018-12-17T23:05:28.971261948Z	62	PC: 13eed \| Close file
2018-12-17T23:05:28.979990552Z	67	PC: 13efb \| Get or set file attributes
2018-12-17T23:05:28.992100713Z	79	PC: 13e7e \| Find next file
2018-12-17T23:05:28.996914816Z	67	PC: 13eb7 \| Get or set file attributes
2018-12-17T23:05:29.008819261Z	61	PC: 13ec1 \| Open file (Filename = '')
2018-12-17T23:05:29.016374388Z	63	PC: 13ed8 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:05:29.024238716Z	66	PC: 13f05 \| Move file pointer
2018-12-17T23:05:29.026397315Z	87	PC: 13ee9 \| Get or set file date and time
2018-12-17T23:05:29.030415049Z	62	PC: 13eed \| Close file
2018-12-17T23:05:29.038941292Z	67	PC: 13efb \| Get or set file attributes
2018-12-17T23:05:29.049908194Z	79	PC: 13e7e \| Find next file
2018-12-17T23:05:29.054496332Z	67	PC: 13eb7 \| Get or set file attributes
2018-12-17T23:05:29.065897421Z	61	PC: 13ec1 \| Open file (Filename = '')
2018-12-17T23:05:29.072628698Z	63	PC: 13ed8 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:05:29.081930319Z	66	PC: 13f05 \| Move file pointer
2018-12-17T23:05:29.084358395Z	87	PC: 13ee9 \| Get or set file date and time
2018-12-17T23:05:29.086591824Z	62	PC: 13eed \| Close file
2018-12-17T23:05:29.094762418Z	67	PC: 13efb \| Get or set file attributes
2018-12-17T23:05:29.105932713Z	79	PC: 13e7e \| Find next file
2018-12-17T23:05:29.108384533Z	67	PC: 13eb7 \| Get or set file attributes
2018-12-17T23:05:29.116727962Z	61	PC: 13ec1 \| Open file (Filename = '')
2018-12-17T23:05:29.12306069Z	63	PC: 13ed8 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:05:29.128638768Z	66	PC: 13f05 \| Move file pointer
2018-12-17T23:05:29.130106208Z	87	PC: 13ee9 \| Get or set file date and time
2018-12-17T23:05:29.132371818Z	62	PC: 13eed \| Close file
2018-12-17T23:05:29.138030749Z	67	PC: 13efb \| Get or set file attributes
2018-12-17T23:05:29.146090845Z	79	PC: 13e7e \| Find next file
2018-12-17T23:05:29.149552825Z	67	PC: 13eb7 \| Get or set file attributes
2018-12-17T23:05:29.15978731Z	61	PC: 13ec1 \| Open file (Filename = '')
2018-12-17T23:05:29.169310888Z	63	PC: 13ed8 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:05:29.177481713Z	66	PC: 13f05 \| Move file pointer
2018-12-17T23:05:29.17959158Z	87	PC: 13ee9 \| Get or set file date and time
2018-12-17T23:05:29.181577344Z	62	PC: 13eed \| Close file
2018-12-17T23:05:29.189475706Z	67	PC: 13efb \| Get or set file attributes
2018-12-17T23:05:29.201999005Z	79	PC: 13e7e \| Find next file
2018-12-17T23:05:29.205393588Z	67	PC: 13eb7 \| Get or set file attributes
2018-12-17T23:05:29.216263578Z	61	PC: 13ec1 \| Open file (Filename = '')
2018-12-17T23:05:29.222385139Z	63	PC: 13ed8 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:05:29.22946436Z	66	PC: 13f05 \| Move file pointer
2018-12-17T23:05:29.231204773Z	87	PC: 13ee9 \| Get or set file date and time
2018-12-17T23:05:29.23404269Z	62	PC: 13eed \| Close file
2018-12-17T23:05:29.242005854Z	67	PC: 13efb \| Get or set file attributes
2018-12-17T23:05:29.252527959Z	79	PC: 13e7e \| Find next file
2018-12-17T23:05:29.256233467Z	67	PC: 13eb7 \| Get or set file attributes
2018-12-17T23:05:29.266940761Z	61	PC: 13ec1 \| Open file (Filename = '')
2018-12-17T23:05:29.274267658Z	63	PC: 13ed8 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:05:29.282172152Z	66	PC: 13f05 \| Move file pointer
2018-12-17T23:05:29.284362891Z	87	PC: 13ee9 \| Get or set file date and time
2018-12-17T23:05:29.286286819Z	62	PC: 13eed \| Close file
2018-12-17T23:05:29.294145096Z	67	PC: 13efb \| Get or set file attributes
2018-12-17T23:05:29.308435126Z	79	PC: 13e7e \| Find next file
2018-12-17T23:05:29.311540456Z	67	PC: 13eb7 \| Get or set file attributes
2018-12-17T23:05:29.322070537Z	61	PC: 13ec1 \| Open file (Filename = '')
2018-12-17T23:05:29.330276497Z	63	PC: 13ed8 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:05:29.337469553Z	66	PC: 13f05 \| Move file pointer
2018-12-17T23:05:29.339269938Z	66	PC: 13f3d \| Move file pointer
2018-12-17T23:05:29.342159632Z	63	PC: 13f4b \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T23:05:29.349521805Z	87	PC: 13ee9 \| Get or set file date and time
2018-12-17T23:05:29.351338331Z	62	PC: 13eed \| Close file
2018-12-17T23:05:29.362204725Z	67	PC: 13efb \| Get or set file attributes
2018-12-17T23:05:29.373671717Z	79	PC: 13e7e \| Find next file
2018-12-17T23:05:29.376589714Z	78	PC: 13e71 \| Find first file
2018-12-17T23:05:29.383086571Z	53	PC: 13d1a \| Get interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-17T23:05:29.384875464Z	42	PC: 13d2c \| Get date 0x13d2c: cmp dx, 0x312 0x13d30: je 0x13d62 0x13d32: cmp cx, 0x7cb 0x13d36: je 0x13d3d 0x13d38: jg 0x13d46 0x13d3a: jmp 0x13df9 0x13d3d: cmp dx, 0xa08 0x13d41: jge 0x13d46 0x13d43: jmp 0x13df9 0x13d46: test dl, 0xe3 0x13d49: je 0x13d4e 0x13d4b: jmp 0x13df9 0x13d4e: mov ah, 0x2c 0x13d50: int 0x21 0x13d52: test ch, 0xe3 0x13d55: je 0x13d5a 0x13d57: jmp 0x13df9 0x13d5a: cmp cl, 0xa 0x13d5d: jle 0x13d62 0x13d5f: jmp 0x13df9
2018-12-17T23:05:29.38761737Z	9	PC: 12a86 \| Display string (String= 'Goat file (COM/....). Size=00001004h/0000004100d bytes. ')
2018-12-17T23:05:29.393526883Z	48	PC: 12a8f \| Get DOS version
2018-12-17T23:05:29.400628336Z	61	PC: 12b5c \| Open file (Filename = '')
2018-12-17T23:05:29.40771447Z	93	PC: 12afe \| File sharing functions
2018-12-17T23:05:29.409646934Z	9	PC: 12a86 \| Display string (String= 'Size change=075Eh/01886d. ')
2018-12-17T23:05:29.414654691Z	76	PC: 12ae3 \| Terminate with return code (Return code = '1')

{"DateBased":true,"Day":18,"Month":3,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15218,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:42:58.38132756Z	78	PC: 13e71 \| Find first file
2018-12-25T12:42:58.392364409Z	67	PC: 13eb7 \| Get or set file attributes
2018-12-25T12:42:58.411189774Z	61	PC: 13ec1 \| Open file (Filename = '')
2018-12-25T12:42:58.419554664Z	63	PC: 13ed8 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:42:58.427856066Z	66	PC: 13f05 \| Move file pointer
2018-12-25T12:42:58.429418251Z	87	PC: 13ee9 \| Get or set file date and time
2018-12-25T12:42:58.430977303Z	62	PC: 13eed \| Close file
2018-12-25T12:42:58.439033868Z	67	PC: 13efb \| Get or set file attributes
2018-12-25T12:42:58.450821968Z	79	PC: 13e7e \| Find next file
2018-12-25T12:42:58.454266337Z	67	PC: 13eb7 \| Get or set file attributes (See above)
2018-12-25T12:42:58.466104801Z	61	PC: 13ec1 \| Open file (See above)
2018-12-25T12:42:58.475016561Z	63	PC: 13ed8 \| Read file or device (See above)
2018-12-25T12:42:58.484459286Z	66	PC: 13f05 \| Move file pointer (See above)
2018-12-25T12:42:58.486718168Z	87	PC: 13ee9 \| Get or set file date and time (See above)
2018-12-25T12:42:58.489052301Z	62	PC: 13eed \| Close file (See above)
2018-12-25T12:42:58.497753045Z	67	PC: 13efb \| Get or set file attributes (See above)
2018-12-25T12:42:58.508944851Z	79	PC: 13e7e \| Find next file (See above)
2018-12-25T12:42:58.512976979Z	67	PC: 13eb7 \| Get or set file attributes (See above)
2018-12-25T12:42:58.526929443Z	61	PC: 13ec1 \| Open file (See above)
2018-12-25T12:42:58.540842984Z	63	PC: 13ed8 \| Read file or device (See above)
2018-12-25T12:42:58.549029969Z	66	PC: 13f05 \| Move file pointer (See above)
2018-12-25T12:42:58.55137105Z	87	PC: 13ee9 \| Get or set file date and time (See above)
2018-12-25T12:42:58.553395451Z	62	PC: 13eed \| Close file (See above)
2018-12-25T12:42:58.5617569Z	67	PC: 13efb \| Get or set file attributes (See above)
2018-12-25T12:42:58.573740614Z	79	PC: 13e7e \| Find next file (See above)
2018-12-25T12:42:58.576759672Z	67	PC: 13eb7 \| Get or set file attributes (See above)
2018-12-25T12:42:58.586292517Z	61	PC: 13ec1 \| Open file (See above)
2018-12-25T12:42:58.59501539Z	63	PC: 13ed8 \| Read file or device (See above)
2018-12-25T12:42:58.602011945Z	66	PC: 13f05 \| Move file pointer (See above)
2018-12-25T12:42:58.603495078Z	87	PC: 13ee9 \| Get or set file date and time (See above)
2018-12-25T12:42:58.606152697Z	62	PC: 13eed \| Close file (See above)
2018-12-25T12:42:58.614650484Z	67	PC: 13efb \| Get or set file attributes (See above)
2018-12-25T12:42:58.626193267Z	79	PC: 13e7e \| Find next file (See above)
2018-12-25T12:42:58.629951625Z	67	PC: 13eb7 \| Get or set file attributes (See above)
2018-12-25T12:42:58.638868606Z	61	PC: 13ec1 \| Open file (See above)
2018-12-25T12:42:58.646365725Z	63	PC: 13ed8 \| Read file or device (See above)
2018-12-25T12:42:58.654554193Z	66	PC: 13f05 \| Move file pointer (See above)
2018-12-25T12:42:58.65629796Z	87	PC: 13ee9 \| Get or set file date and time (See above)
2018-12-25T12:42:58.658109362Z	62	PC: 13eed \| Close file (See above)
2018-12-25T12:42:58.669023097Z	67	PC: 13efb \| Get or set file attributes (See above)
2018-12-25T12:42:58.680908909Z	79	PC: 13e7e \| Find next file (See above)
2018-12-25T12:42:58.684088072Z	67	PC: 13eb7 \| Get or set file attributes (See above)
2018-12-25T12:42:58.694794333Z	61	PC: 13ec1 \| Open file (See above)
2018-12-25T12:42:58.703196893Z	63	PC: 13ed8 \| Read file or device (See above)
2018-12-25T12:42:58.710687123Z	66	PC: 13f05 \| Move file pointer (See above)
2018-12-25T12:42:58.712263257Z	87	PC: 13ee9 \| Get or set file date and time (See above)
2018-12-25T12:42:58.714626392Z	62	PC: 13eed \| Close file (See above)
2018-12-25T12:42:58.722586662Z	67	PC: 13efb \| Get or set file attributes (See above)
2018-12-25T12:42:58.736810173Z	79	PC: 13e7e \| Find next file (See above)
2018-12-25T12:42:58.740497314Z	67	PC: 13eb7 \| Get or set file attributes (See above)
2018-12-25T12:42:58.751800618Z	61	PC: 13ec1 \| Open file (See above)
2018-12-25T12:42:58.759558438Z	63	PC: 13ed8 \| Read file or device (See above)
2018-12-25T12:42:58.768276511Z	66	PC: 13f05 \| Move file pointer (See above)
2018-12-25T12:42:58.770220599Z	87	PC: 13ee9 \| Get or set file date and time (See above)
2018-12-25T12:42:58.772312535Z	62	PC: 13eed \| Close file (See above)
2018-12-25T12:42:58.780794627Z	67	PC: 13efb \| Get or set file attributes (See above)
2018-12-25T12:42:58.793622385Z	79	PC: 13e7e \| Find next file (See above)
2018-12-25T12:42:58.79701488Z	67	PC: 13eb7 \| Get or set file attributes (See above)
2018-12-25T12:42:58.808751298Z	61	PC: 13ec1 \| Open file (See above)
2018-12-25T12:42:58.819016828Z	63	PC: 13ed8 \| Read file or device (See above)
2018-12-25T12:42:58.823957909Z	66	PC: 13f05 \| Move file pointer (See above)
2018-12-25T12:42:58.825211313Z	66	PC: 13f3d \| Move file pointer
2018-12-25T12:42:58.826893124Z	63	PC: 13f4b \| Read file or device (Read 2 bytes on handle 5)
2018-12-25T12:42:58.831334501Z	87	PC: 13ee9 \| Get or set file date and time (See above)
2018-12-25T12:42:58.832700121Z	62	PC: 13eed \| Close file (See above)
2018-12-25T12:42:58.839123536Z	67	PC: 13efb \| Get or set file attributes (See above)
2018-12-25T12:42:58.84637793Z	79	PC: 13e7e \| Find next file (See above)
2018-12-25T12:42:58.857043047Z	78	PC: 13e71 \| Find first file (See above)
2018-12-25T12:42:58.866026175Z	53	PC: 13d1a \| Get interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-25T12:42:58.868273066Z	42	PC: 13d2c \| Get date 0x13d2c: cmp dx, 0x312 0x13d30: je 0x13d62 0x13d32: cmp cx, 0x7cb 0x13d36: je 0x13d3d 0x13d38: jg 0x13d46 0x13d3a: jmp 0x13df9 0x13d3d: cmp dx, 0xa08 0x13d41: jge 0x13d46 0x13d43: jmp 0x13df9 0x13d46: test dl, 0xe3 0x13d49: je 0x13d4e 0x13d4b: jmp 0x13df9 0x13d4e: mov ah, 0x2c 0x13d50: int 0x21 0x13d52: test ch, 0xe3 0x13d55: je 0x13d5a 0x13d57: jmp 0x13df9 0x13d5a: cmp cl, 0xa 0x13d5d: jle 0x13d62 0x13d5f: jmp 0x13df9
2018-12-25T12:42:58.871151838Z	72	PC: 13d6b \| Allocate memory
2018-12-25T12:42:58.873483116Z	74	PC: 13d7d \| Reallocate memory
2018-12-25T12:42:58.876685779Z	74	PC: 13d8d \| Reallocate memory
2018-12-25T12:42:58.878515148Z	72	PC: 13d95 \| Allocate memory
2018-12-25T12:42:58.88070018Z	9	PC: 13dd7 \| Display string (String= ' I love you, girls ! You are so beautiful ! ')
2018-12-25T12:42:58.888212742Z	9	PC: 12a86 \| Display string (String= 'Goat file (COM/....). Size=00001004h/0000004100d bytes. ')
2018-12-25T12:42:58.894736835Z	48	PC: 12a8f \| Get DOS version
2018-12-25T12:42:58.896292375Z	61	PC: 12b5c \| Open file (Filename = '')
2018-12-25T12:42:58.904295546Z	93	PC: 12afe \| File sharing functions
2018-12-25T12:42:58.906995553Z	9	PC: 12a86 \| Display string (See above)
2018-12-25T12:42:58.911616195Z	76	PC: 12ae3 \| Terminate with return code (Return code = '1')

{"DateBased":true,"Day":1,"Month":1,"Year":1995,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15218,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:42:58.409502551Z	78	PC: 13e71 \| Find first file
2018-12-25T12:42:58.416380928Z	67	PC: 13eb7 \| Get or set file attributes
2018-12-25T12:42:58.433622389Z	61	PC: 13ec1 \| Open file (Filename = '')
2018-12-25T12:42:58.440360031Z	63	PC: 13ed8 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:42:58.447525786Z	66	PC: 13f05 \| Move file pointer
2018-12-25T12:42:58.449193164Z	87	PC: 13ee9 \| Get or set file date and time
2018-12-25T12:42:58.450822764Z	62	PC: 13eed \| Close file
2018-12-25T12:42:58.458645375Z	67	PC: 13efb \| Get or set file attributes
2018-12-25T12:42:58.478715634Z	79	PC: 13e7e \| Find next file
2018-12-25T12:42:58.481662917Z	67	PC: 13eb7 \| Get or set file attributes (See above)
2018-12-25T12:42:58.491286292Z	61	PC: 13ec1 \| Open file (See above)
2018-12-25T12:42:58.498855943Z	63	PC: 13ed8 \| Read file or device (See above)
2018-12-25T12:42:58.505276168Z	66	PC: 13f05 \| Move file pointer (See above)
2018-12-25T12:42:58.506957915Z	87	PC: 13ee9 \| Get or set file date and time (See above)
2018-12-25T12:42:58.508820957Z	62	PC: 13eed \| Close file (See above)
2018-12-25T12:42:58.515883473Z	67	PC: 13efb \| Get or set file attributes (See above)
2018-12-25T12:42:58.526786857Z	79	PC: 13e7e \| Find next file (See above)
2018-12-25T12:42:58.530043474Z	67	PC: 13eb7 \| Get or set file attributes (See above)
2018-12-25T12:42:58.540154156Z	61	PC: 13ec1 \| Open file (See above)
2018-12-25T12:42:58.546639603Z	63	PC: 13ed8 \| Read file or device (See above)
2018-12-25T12:42:58.554039714Z	66	PC: 13f05 \| Move file pointer (See above)
2018-12-25T12:42:58.555947517Z	87	PC: 13ee9 \| Get or set file date and time (See above)
2018-12-25T12:42:58.557661215Z	62	PC: 13eed \| Close file (See above)
2018-12-25T12:42:58.566086027Z	67	PC: 13efb \| Get or set file attributes (See above)
2018-12-25T12:42:58.57641043Z	79	PC: 13e7e \| Find next file (See above)
2018-12-25T12:42:58.5791614Z	67	PC: 13eb7 \| Get or set file attributes (See above)
2018-12-25T12:42:58.590269982Z	61	PC: 13ec1 \| Open file (See above)
2018-12-25T12:42:58.602184558Z	63	PC: 13ed8 \| Read file or device (See above)
2018-12-25T12:42:58.608731601Z	66	PC: 13f05 \| Move file pointer (See above)
2018-12-25T12:42:58.610791149Z	87	PC: 13ee9 \| Get or set file date and time (See above)
2018-12-25T12:42:58.61372872Z	62	PC: 13eed \| Close file (See above)
2018-12-25T12:42:58.621188639Z	67	PC: 13efb \| Get or set file attributes (See above)
2018-12-25T12:42:58.63136944Z	79	PC: 13e7e \| Find next file (See above)
2018-12-25T12:42:58.63529261Z	67	PC: 13eb7 \| Get or set file attributes (See above)
2018-12-25T12:42:58.645565713Z	61	PC: 13ec1 \| Open file (See above)
2018-12-25T12:42:58.652168899Z	63	PC: 13ed8 \| Read file or device (See above)
2018-12-25T12:42:58.659337933Z	66	PC: 13f05 \| Move file pointer (See above)
2018-12-25T12:42:58.660920358Z	87	PC: 13ee9 \| Get or set file date and time (See above)
2018-12-25T12:42:58.662627686Z	62	PC: 13eed \| Close file (See above)
2018-12-25T12:42:58.671144887Z	67	PC: 13efb \| Get or set file attributes (See above)
2018-12-25T12:42:58.6812207Z	79	PC: 13e7e \| Find next file (See above)
2018-12-25T12:42:58.683991307Z	67	PC: 13eb7 \| Get or set file attributes (See above)
2018-12-25T12:42:58.694968291Z	61	PC: 13ec1 \| Open file (See above)
2018-12-25T12:42:58.701543001Z	63	PC: 13ed8 \| Read file or device (See above)
2018-12-25T12:42:58.708056391Z	66	PC: 13f05 \| Move file pointer (See above)
2018-12-25T12:42:58.710568811Z	87	PC: 13ee9 \| Get or set file date and time (See above)
2018-12-25T12:42:58.713288617Z	62	PC: 13eed \| Close file (See above)
2018-12-25T12:42:58.720224452Z	67	PC: 13efb \| Get or set file attributes (See above)
2018-12-25T12:42:58.732598228Z	79	PC: 13e7e \| Find next file (See above)
2018-12-25T12:42:58.736209012Z	67	PC: 13eb7 \| Get or set file attributes (See above)
2018-12-25T12:42:58.745840161Z	61	PC: 13ec1 \| Open file (See above)
2018-12-25T12:42:58.752315972Z	63	PC: 13ed8 \| Read file or device (See above)
2018-12-25T12:42:58.759282764Z	66	PC: 13f05 \| Move file pointer (See above)
2018-12-25T12:42:58.760667183Z	87	PC: 13ee9 \| Get or set file date and time (See above)
2018-12-25T12:42:58.762028706Z	62	PC: 13eed \| Close file (See above)
2018-12-25T12:42:58.771119167Z	67	PC: 13efb \| Get or set file attributes (See above)
2018-12-25T12:42:58.780879623Z	79	PC: 13e7e \| Find next file (See above)
2018-12-25T12:42:58.783747174Z	67	PC: 13eb7 \| Get or set file attributes (See above)
2018-12-25T12:42:58.797300816Z	61	PC: 13ec1 \| Open file (See above)
2018-12-25T12:42:58.803868681Z	63	PC: 13ed8 \| Read file or device (See above)
2018-12-25T12:42:58.810046173Z	66	PC: 13f05 \| Move file pointer (See above)
2018-12-25T12:42:58.812272445Z	66	PC: 13f3d \| Move file pointer
2018-12-25T12:42:58.813811819Z	63	PC: 13f4b \| Read file or device (Read 2 bytes on handle 5)
2018-12-25T12:42:58.820650857Z	87	PC: 13ee9 \| Get or set file date and time (See above)
2018-12-25T12:42:58.823030873Z	62	PC: 13eed \| Close file (See above)
2018-12-25T12:42:58.830217273Z	67	PC: 13efb \| Get or set file attributes (See above)
2018-12-25T12:42:58.840700866Z	79	PC: 13e7e \| Find next file (See above)
2018-12-25T12:42:58.84414828Z	78	PC: 13e71 \| Find first file (See above)
2018-12-25T12:42:58.848906457Z	53	PC: 13d1a \| Get interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-25T12:42:58.849917591Z	42	PC: 13d2c \| Get date 0x13d2c: cmp dx, 0x312 0x13d30: je 0x13d62 0x13d32: cmp cx, 0x7cb 0x13d36: je 0x13d3d 0x13d38: jg 0x13d46 0x13d3a: jmp 0x13df9 0x13d3d: cmp dx, 0xa08 0x13d41: jge 0x13d46 0x13d43: jmp 0x13df9 0x13d46: test dl, 0xe3 0x13d49: je 0x13d4e 0x13d4b: jmp 0x13df9 0x13d4e: mov ah, 0x2c 0x13d50: int 0x21 0x13d52: test ch, 0xe3 0x13d55: je 0x13d5a 0x13d57: jmp 0x13df9 0x13d5a: cmp cl, 0xa 0x13d5d: jle 0x13d62 0x13d5f: jmp 0x13df9
2018-12-25T12:42:58.852246597Z	9	PC: 12a86 \| Display string (String= 'Goat file (COM/....). Size=00001004h/0000004100d bytes. ')
2018-12-25T12:42:58.85567663Z	48	PC: 12a8f \| Get DOS version
2018-12-25T12:42:58.856729307Z	61	PC: 12b5c \| Open file (Filename = '')
2018-12-25T12:42:58.864364693Z	93	PC: 12afe \| File sharing functions
2018-12-25T12:42:58.866348575Z	9	PC: 12a86 \| Display string (See above)
2018-12-25T12:42:58.86898974Z	76	PC: 12ae3 \| Terminate with return code (Return code = '1')

{"DateBased":true,"Day":8,"Month":10,"Year":1995,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15218,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:42:58.446468827Z	78	PC: 13e71 \| Find first file
2018-12-25T12:42:58.455270095Z	67	PC: 13eb7 \| Get or set file attributes
2018-12-25T12:42:58.47818454Z	61	PC: 13ec1 \| Open file (Filename = '')
2018-12-25T12:42:58.485017339Z	63	PC: 13ed8 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:42:58.492758756Z	66	PC: 13f05 \| Move file pointer
2018-12-25T12:42:58.494516091Z	87	PC: 13ee9 \| Get or set file date and time
2018-12-25T12:42:58.496293941Z	62	PC: 13eed \| Close file
2018-12-25T12:42:58.504455149Z	67	PC: 13efb \| Get or set file attributes
2018-12-25T12:42:58.51438841Z	79	PC: 13e7e \| Find next file
2018-12-25T12:42:58.517413497Z	67	PC: 13eb7 \| Get or set file attributes (See above)
2018-12-25T12:42:58.527853862Z	61	PC: 13ec1 \| Open file (See above)
2018-12-25T12:42:58.53953321Z	63	PC: 13ed8 \| Read file or device (See above)
2018-12-25T12:42:58.54626288Z	66	PC: 13f05 \| Move file pointer (See above)
2018-12-25T12:42:58.54876061Z	87	PC: 13ee9 \| Get or set file date and time (See above)
2018-12-25T12:42:58.550688589Z	62	PC: 13eed \| Close file (See above)
2018-12-25T12:42:58.558036088Z	67	PC: 13efb \| Get or set file attributes (See above)
2018-12-25T12:42:58.573393163Z	79	PC: 13e7e \| Find next file (See above)
2018-12-25T12:42:58.576620773Z	67	PC: 13eb7 \| Get or set file attributes (See above)
2018-12-25T12:42:58.586322458Z	61	PC: 13ec1 \| Open file (See above)
2018-12-25T12:42:58.592866533Z	63	PC: 13ed8 \| Read file or device (See above)
2018-12-25T12:42:58.600514401Z	66	PC: 13f05 \| Move file pointer (See above)
2018-12-25T12:42:58.601860248Z	87	PC: 13ee9 \| Get or set file date and time (See above)
2018-12-25T12:42:58.603437585Z	62	PC: 13eed \| Close file (See above)
2018-12-25T12:42:58.612025838Z	67	PC: 13efb \| Get or set file attributes (See above)
2018-12-25T12:42:58.621924499Z	79	PC: 13e7e \| Find next file (See above)
2018-12-25T12:42:58.624995911Z	67	PC: 13eb7 \| Get or set file attributes (See above)
2018-12-25T12:42:58.635486094Z	61	PC: 13ec1 \| Open file (See above)
2018-12-25T12:42:58.642326685Z	63	PC: 13ed8 \| Read file or device (See above)
2018-12-25T12:42:58.649288484Z	66	PC: 13f05 \| Move file pointer (See above)
2018-12-25T12:42:58.651608917Z	87	PC: 13ee9 \| Get or set file date and time (See above)
2018-12-25T12:42:58.653027037Z	62	PC: 13eed \| Close file (See above)
2018-12-25T12:42:58.659972698Z	67	PC: 13efb \| Get or set file attributes (See above)
2018-12-25T12:42:58.67318555Z	79	PC: 13e7e \| Find next file (See above)
2018-12-25T12:42:58.676122921Z	67	PC: 13eb7 \| Get or set file attributes (See above)
2018-12-25T12:42:58.686020181Z	61	PC: 13ec1 \| Open file (See above)
2018-12-25T12:42:58.69352515Z	63	PC: 13ed8 \| Read file or device (See above)
2018-12-25T12:42:58.699635146Z	66	PC: 13f05 \| Move file pointer (See above)
2018-12-25T12:42:58.7010056Z	87	PC: 13ee9 \| Get or set file date and time (See above)
2018-12-25T12:42:58.703148281Z	62	PC: 13eed \| Close file (See above)
2018-12-25T12:42:58.710377352Z	67	PC: 13efb \| Get or set file attributes (See above)
2018-12-25T12:42:58.719929715Z	79	PC: 13e7e \| Find next file (See above)
2018-12-25T12:42:58.724020602Z	67	PC: 13eb7 \| Get or set file attributes (See above)
2018-12-25T12:42:58.736591192Z	61	PC: 13ec1 \| Open file (See above)
2018-12-25T12:42:58.763708896Z	63	PC: 13ed8 \| Read file or device (See above)
2018-12-25T12:42:58.77489Z	66	PC: 13f05 \| Move file pointer (See above)
2018-12-25T12:42:58.779209978Z	87	PC: 13ee9 \| Get or set file date and time (See above)
2018-12-25T12:42:58.780815362Z	62	PC: 13eed \| Close file (See above)
2018-12-25T12:42:58.788000428Z	67	PC: 13efb \| Get or set file attributes (See above)
2018-12-25T12:42:58.798914954Z	79	PC: 13e7e \| Find next file (See above)
2018-12-25T12:42:58.801491377Z	67	PC: 13eb7 \| Get or set file attributes (See above)
2018-12-25T12:42:58.815019631Z	61	PC: 13ec1 \| Open file (See above)
2018-12-25T12:42:58.822533403Z	63	PC: 13ed8 \| Read file or device (See above)
2018-12-25T12:42:58.828656521Z	66	PC: 13f05 \| Move file pointer (See above)
2018-12-25T12:42:58.830091806Z	87	PC: 13ee9 \| Get or set file date and time (See above)
2018-12-25T12:42:58.832312456Z	62	PC: 13eed \| Close file (See above)
2018-12-25T12:42:58.839339254Z	67	PC: 13efb \| Get or set file attributes (See above)
2018-12-25T12:42:58.848836348Z	79	PC: 13e7e \| Find next file (See above)
2018-12-25T12:42:58.851976902Z	67	PC: 13eb7 \| Get or set file attributes (See above)
2018-12-25T12:42:58.862667146Z	61	PC: 13ec1 \| Open file (See above)
2018-12-25T12:42:58.871140973Z	63	PC: 13ed8 \| Read file or device (See above)
2018-12-25T12:42:58.878491234Z	66	PC: 13f05 \| Move file pointer (See above)
2018-12-25T12:42:58.880280093Z	66	PC: 13f3d \| Move file pointer
2018-12-25T12:42:58.881925079Z	63	PC: 13f4b \| Read file or device (Read 2 bytes on handle 5)
2018-12-25T12:42:58.888007758Z	87	PC: 13ee9 \| Get or set file date and time (See above)
2018-12-25T12:42:58.889084161Z	62	PC: 13eed \| Close file (See above)
2018-12-25T12:42:58.896399213Z	67	PC: 13efb \| Get or set file attributes (See above)
2018-12-25T12:42:58.907532163Z	79	PC: 13e7e \| Find next file (See above)
2018-12-25T12:42:58.910202306Z	78	PC: 13e71 \| Find first file (See above)
2018-12-25T12:42:58.916116812Z	53	PC: 13d1a \| Get interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-25T12:42:58.918044986Z	42	PC: 13d2c \| Get date 0x13d2c: cmp dx, 0x312 0x13d30: je 0x13d62 0x13d32: cmp cx, 0x7cb 0x13d36: je 0x13d3d 0x13d38: jg 0x13d46 0x13d3a: jmp 0x13df9 0x13d3d: cmp dx, 0xa08 0x13d41: jge 0x13d46 0x13d43: jmp 0x13df9 0x13d46: test dl, 0xe3 0x13d49: je 0x13d4e 0x13d4b: jmp 0x13df9 0x13d4e: mov ah, 0x2c 0x13d50: int 0x21 0x13d52: test ch, 0xe3 0x13d55: je 0x13d5a 0x13d57: jmp 0x13df9 0x13d5a: cmp cl, 0xa 0x13d5d: jle 0x13d62 0x13d5f: jmp 0x13df9
2018-12-25T12:42:58.9205395Z	44	PC: 13d52 \| Get time 0x13d52: test ch, 0xe3 0x13d55: je 0x13d5a 0x13d57: jmp 0x13df9 0x13d5a: cmp cl, 0xa 0x13d5d: jle 0x13d62 0x13d5f: jmp 0x13df9 0x13d62: mov bx, 0xffff 0x13d65: xor cl, cl 0x13d67: mov ah, 0x48 0x13d69: int 0x21 0x13d6b: cmp cl, 0x20 0x13d6e: jne 0x13d73 0x13d70: jmp 0x13df9 0x13d73: cmp bx, 0 0x13d76: jne 0x13d67 0x13d78: dec bx 0x13d79: mov ah, 0x4a 0x13d7b: int 0x21 0x13d7d: mov dx, 0x4d4 0x13d80: xor dl, dl
2018-12-25T12:42:58.923181388Z	9	PC: 12a86 \| Display string (String= 'Goat file (COM/....). Size=00001004h/0000004100d bytes. ')
2018-12-25T12:42:58.929251777Z	48	PC: 12a8f \| Get DOS version
2018-12-25T12:42:58.930328005Z	61	PC: 12b5c \| Open file (Filename = '')
2018-12-25T12:42:58.936470945Z	93	PC: 12afe \| File sharing functions
2018-12-25T12:42:58.938660783Z	9	PC: 12a86 \| Display string (See above)
2018-12-25T12:42:58.943035142Z	76	PC: 12ae3 \| Terminate with return code (Return code = '1')

{"DateBased":true,"Day":1,"Month":1,"Year":1996,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15218,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:42:58.449727114Z	78	PC: 13e71 \| Find first file
2018-12-25T12:42:58.45704965Z	67	PC: 13eb7 \| Get or set file attributes
2018-12-25T12:42:58.478129247Z	61	PC: 13ec1 \| Open file (Filename = '')
2018-12-25T12:42:58.485030333Z	63	PC: 13ed8 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:42:58.495737926Z	66	PC: 13f05 \| Move file pointer
2018-12-25T12:42:58.497311686Z	87	PC: 13ee9 \| Get or set file date and time
2018-12-25T12:42:58.499263155Z	62	PC: 13eed \| Close file
2018-12-25T12:42:58.510689735Z	67	PC: 13efb \| Get or set file attributes
2018-12-25T12:42:58.534561626Z	79	PC: 13e7e \| Find next file
2018-12-25T12:42:58.537232773Z	67	PC: 13eb7 \| Get or set file attributes (See above)
2018-12-25T12:42:58.546595253Z	61	PC: 13ec1 \| Open file (See above)
2018-12-25T12:42:58.554475829Z	63	PC: 13ed8 \| Read file or device (See above)
2018-12-25T12:42:58.560732893Z	66	PC: 13f05 \| Move file pointer (See above)
2018-12-25T12:42:58.56213475Z	87	PC: 13ee9 \| Get or set file date and time (See above)
2018-12-25T12:42:58.564533329Z	62	PC: 13eed \| Close file (See above)
2018-12-25T12:42:58.571449686Z	67	PC: 13efb \| Get or set file attributes (See above)
2018-12-25T12:42:58.581258072Z	79	PC: 13e7e \| Find next file (See above)
2018-12-25T12:42:58.585000454Z	67	PC: 13eb7 \| Get or set file attributes (See above)
2018-12-25T12:42:58.597746442Z	61	PC: 13ec1 \| Open file (See above)
2018-12-25T12:42:58.604494475Z	63	PC: 13ed8 \| Read file or device (See above)
2018-12-25T12:42:58.611458576Z	66	PC: 13f05 \| Move file pointer (See above)
2018-12-25T12:42:58.61335473Z	87	PC: 13ee9 \| Get or set file date and time (See above)
2018-12-25T12:42:58.615217619Z	62	PC: 13eed \| Close file (See above)
2018-12-25T12:42:58.622673534Z	67	PC: 13efb \| Get or set file attributes (See above)
2018-12-25T12:42:58.633167038Z	79	PC: 13e7e \| Find next file (See above)
2018-12-25T12:42:58.63541443Z	67	PC: 13eb7 \| Get or set file attributes (See above)
2018-12-25T12:42:58.642014088Z	61	PC: 13ec1 \| Open file (See above)
2018-12-25T12:42:58.660937801Z	63	PC: 13ed8 \| Read file or device (See above)
2018-12-25T12:42:58.667116984Z	66	PC: 13f05 \| Move file pointer (See above)
2018-12-25T12:42:58.668538517Z	87	PC: 13ee9 \| Get or set file date and time (See above)
2018-12-25T12:42:58.670362232Z	62	PC: 13eed \| Close file (See above)
2018-12-25T12:42:58.677349352Z	67	PC: 13efb \| Get or set file attributes (See above)
2018-12-25T12:42:58.68694779Z	79	PC: 13e7e \| Find next file (See above)
2018-12-25T12:42:58.690614645Z	67	PC: 13eb7 \| Get or set file attributes (See above)
2018-12-25T12:42:58.719193106Z	61	PC: 13ec1 \| Open file (See above)
2018-12-25T12:42:58.728110044Z	63	PC: 13ed8 \| Read file or device (See above)
2018-12-25T12:42:58.73462209Z	66	PC: 13f05 \| Move file pointer (See above)
2018-12-25T12:42:58.73620374Z	87	PC: 13ee9 \| Get or set file date and time (See above)
2018-12-25T12:42:58.743901526Z	62	PC: 13eed \| Close file (See above)
2018-12-25T12:42:58.751225301Z	67	PC: 13efb \| Get or set file attributes (See above)
2018-12-25T12:42:58.76144294Z	79	PC: 13e7e \| Find next file (See above)
2018-12-25T12:42:58.764588277Z	67	PC: 13eb7 \| Get or set file attributes (See above)
2018-12-25T12:42:58.775935548Z	61	PC: 13ec1 \| Open file (See above)
2018-12-25T12:42:58.787467985Z	63	PC: 13ed8 \| Read file or device (See above)
2018-12-25T12:42:58.793616761Z	66	PC: 13f05 \| Move file pointer (See above)
2018-12-25T12:42:58.796291439Z	87	PC: 13ee9 \| Get or set file date and time (See above)
2018-12-25T12:42:58.797892857Z	62	PC: 13eed \| Close file (See above)
2018-12-25T12:42:58.80484563Z	67	PC: 13efb \| Get or set file attributes (See above)
2018-12-25T12:42:58.815938858Z	79	PC: 13e7e \| Find next file (See above)
2018-12-25T12:42:58.818829083Z	67	PC: 13eb7 \| Get or set file attributes (See above)
2018-12-25T12:42:58.828917368Z	61	PC: 13ec1 \| Open file (See above)
2018-12-25T12:42:58.83667959Z	63	PC: 13ed8 \| Read file or device (See above)
2018-12-25T12:42:58.843606489Z	66	PC: 13f05 \| Move file pointer (See above)
2018-12-25T12:42:58.84531328Z	87	PC: 13ee9 \| Get or set file date and time (See above)
2018-12-25T12:42:58.84784414Z	62	PC: 13eed \| Close file (See above)
2018-12-25T12:42:58.85570851Z	67	PC: 13efb \| Get or set file attributes (See above)
2018-12-25T12:42:58.86593701Z	79	PC: 13e7e \| Find next file (See above)
2018-12-25T12:42:58.869642423Z	67	PC: 13eb7 \| Get or set file attributes (See above)
2018-12-25T12:42:58.879722764Z	61	PC: 13ec1 \| Open file (See above)
2018-12-25T12:42:58.886445804Z	63	PC: 13ed8 \| Read file or device (See above)
2018-12-25T12:42:58.893199271Z	66	PC: 13f05 \| Move file pointer (See above)
2018-12-25T12:42:58.895809854Z	66	PC: 13f3d \| Move file pointer
2018-12-25T12:42:58.897433069Z	63	PC: 13f4b \| Read file or device (Read 2 bytes on handle 5)
2018-12-25T12:42:58.904349762Z	87	PC: 13ee9 \| Get or set file date and time (See above)
2018-12-25T12:42:58.907155815Z	62	PC: 13eed \| Close file (See above)
2018-12-25T12:42:58.914260509Z	67	PC: 13efb \| Get or set file attributes (See above)
2018-12-25T12:42:58.924382315Z	79	PC: 13e7e \| Find next file (See above)
2018-12-25T12:42:58.928139719Z	78	PC: 13e71 \| Find first file (See above)
2018-12-25T12:42:58.934064971Z	53	PC: 13d1a \| Get interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-25T12:42:58.935525666Z	42	PC: 13d2c \| Get date 0x13d2c: cmp dx, 0x312 0x13d30: je 0x13d62 0x13d32: cmp cx, 0x7cb 0x13d36: je 0x13d3d 0x13d38: jg 0x13d46 0x13d3a: jmp 0x13df9 0x13d3d: cmp dx, 0xa08 0x13d41: jge 0x13d46 0x13d43: jmp 0x13df9 0x13d46: test dl, 0xe3 0x13d49: je 0x13d4e 0x13d4b: jmp 0x13df9 0x13d4e: mov ah, 0x2c 0x13d50: int 0x21 0x13d52: test ch, 0xe3 0x13d55: je 0x13d5a 0x13d57: jmp 0x13df9 0x13d5a: cmp cl, 0xa 0x13d5d: jle 0x13d62 0x13d5f: jmp 0x13df9
2018-12-25T12:42:58.939050449Z	9	PC: 12a86 \| Display string (String= 'Goat file (COM/....). Size=00001004h/0000004100d bytes. ')
2018-12-25T12:42:58.944792722Z	48	PC: 12a8f \| Get DOS version
2018-12-25T12:42:58.946122006Z	61	PC: 12b5c \| Open file (Filename = '')
2018-12-25T12:42:58.95368701Z	93	PC: 12afe \| File sharing functions
2018-12-25T12:42:58.955779457Z	9	PC: 12a86 \| Display string (See above)
2018-12-25T12:42:58.959894076Z	76	PC: 12ae3 \| Terminate with return code (Return code = '1')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15218,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:42:58.58383399Z	78	PC: 13e71 \| Find first file
2018-12-25T12:42:58.590677081Z	67	PC: 13eb7 \| Get or set file attributes
2018-12-25T12:42:58.607050807Z	61	PC: 13ec1 \| Open file (Filename = '')
2018-12-25T12:42:58.613727348Z	63	PC: 13ed8 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:42:58.620112763Z	66	PC: 13f05 \| Move file pointer
2018-12-25T12:42:58.623696382Z	87	PC: 13ee9 \| Get or set file date and time
2018-12-25T12:42:58.625018873Z	62	PC: 13eed \| Close file
2018-12-25T12:42:58.631978193Z	67	PC: 13efb \| Get or set file attributes
2018-12-25T12:42:58.644489259Z	79	PC: 13e7e \| Find next file
2018-12-25T12:42:58.646952514Z	67	PC: 13eb7 \| Get or set file attributes (See above)
2018-12-25T12:42:58.656263434Z	61	PC: 13ec1 \| Open file (See above)
2018-12-25T12:42:58.663364143Z	63	PC: 13ed8 \| Read file or device (See above)
2018-12-25T12:42:58.669582512Z	66	PC: 13f05 \| Move file pointer (See above)
2018-12-25T12:42:58.671111147Z	87	PC: 13ee9 \| Get or set file date and time (See above)
2018-12-25T12:42:58.673311589Z	62	PC: 13eed \| Close file (See above)
2018-12-25T12:42:58.68036465Z	67	PC: 13efb \| Get or set file attributes (See above)
2018-12-25T12:42:58.687306086Z	79	PC: 13e7e \| Find next file (See above)
2018-12-25T12:42:58.691459352Z	67	PC: 13eb7 \| Get or set file attributes (See above)
2018-12-25T12:42:58.703809552Z	61	PC: 13ec1 \| Open file (See above)
2018-12-25T12:42:58.715532272Z	63	PC: 13ed8 \| Read file or device (See above)
2018-12-25T12:42:58.72365057Z	66	PC: 13f05 \| Move file pointer (See above)
2018-12-25T12:42:58.7251339Z	87	PC: 13ee9 \| Get or set file date and time (See above)
2018-12-25T12:42:58.726611554Z	62	PC: 13eed \| Close file (See above)
2018-12-25T12:42:58.734562286Z	67	PC: 13efb \| Get or set file attributes (See above)
2018-12-25T12:42:58.744391285Z	79	PC: 13e7e \| Find next file (See above)
2018-12-25T12:42:58.747334646Z	67	PC: 13eb7 \| Get or set file attributes (See above)
2018-12-25T12:42:58.758129512Z	61	PC: 13ec1 \| Open file (See above)
2018-12-25T12:42:58.764973406Z	63	PC: 13ed8 \| Read file or device (See above)
2018-12-25T12:42:58.771234798Z	66	PC: 13f05 \| Move file pointer (See above)
2018-12-25T12:42:58.773544051Z	87	PC: 13ee9 \| Get or set file date and time (See above)
2018-12-25T12:42:58.776143278Z	62	PC: 13eed \| Close file (See above)
2018-12-25T12:42:58.783397993Z	67	PC: 13efb \| Get or set file attributes (See above)
2018-12-25T12:42:58.793847452Z	79	PC: 13e7e \| Find next file (See above)
2018-12-25T12:42:58.79674343Z	67	PC: 13eb7 \| Get or set file attributes (See above)
2018-12-25T12:42:58.806310802Z	61	PC: 13ec1 \| Open file (See above)
2018-12-25T12:42:58.81402298Z	63	PC: 13ed8 \| Read file or device (See above)
2018-12-25T12:42:58.821908438Z	66	PC: 13f05 \| Move file pointer (See above)
2018-12-25T12:42:58.823672335Z	87	PC: 13ee9 \| Get or set file date and time (See above)
2018-12-25T12:42:58.825539883Z	62	PC: 13eed \| Close file (See above)
2018-12-25T12:42:58.834853186Z	67	PC: 13efb \| Get or set file attributes (See above)
2018-12-25T12:42:58.847066996Z	79	PC: 13e7e \| Find next file (See above)
2018-12-25T12:42:58.850415038Z	67	PC: 13eb7 \| Get or set file attributes (See above)
2018-12-25T12:42:58.860543686Z	61	PC: 13ec1 \| Open file (See above)
2018-12-25T12:42:58.867125457Z	63	PC: 13ed8 \| Read file or device (See above)
2018-12-25T12:42:58.873538721Z	66	PC: 13f05 \| Move file pointer (See above)
2018-12-25T12:42:58.876471858Z	87	PC: 13ee9 \| Get or set file date and time (See above)
2018-12-25T12:42:58.878341733Z	62	PC: 13eed \| Close file (See above)
2018-12-25T12:42:58.885919292Z	67	PC: 13efb \| Get or set file attributes (See above)
2018-12-25T12:42:58.896832173Z	79	PC: 13e7e \| Find next file (See above)
2018-12-25T12:42:58.899517116Z	67	PC: 13eb7 \| Get or set file attributes (See above)
2018-12-25T12:42:58.911760218Z	61	PC: 13ec1 \| Open file (See above)
2018-12-25T12:42:58.918946096Z	63	PC: 13ed8 \| Read file or device (See above)
2018-12-25T12:42:58.925401119Z	66	PC: 13f05 \| Move file pointer (See above)
2018-12-25T12:42:58.927071048Z	87	PC: 13ee9 \| Get or set file date and time (See above)
2018-12-25T12:42:58.929312583Z	62	PC: 13eed \| Close file (See above)
2018-12-25T12:42:58.93710199Z	67	PC: 13efb \| Get or set file attributes (See above)
2018-12-25T12:42:58.946637512Z	79	PC: 13e7e \| Find next file (See above)
2018-12-25T12:42:58.95008314Z	67	PC: 13eb7 \| Get or set file attributes (See above)
2018-12-25T12:42:58.959507969Z	61	PC: 13ec1 \| Open file (See above)
2018-12-25T12:42:58.971469837Z	63	PC: 13ed8 \| Read file or device (See above)
2018-12-25T12:42:58.979225187Z	66	PC: 13f05 \| Move file pointer (See above)
2018-12-25T12:42:58.980876156Z	66	PC: 13f3d \| Move file pointer
2018-12-25T12:42:58.982452813Z	63	PC: 13f4b \| Read file or device (Read 2 bytes on handle 5)
2018-12-25T12:42:58.991972408Z	87	PC: 13ee9 \| Get or set file date and time (See above)
2018-12-25T12:42:58.993717421Z	62	PC: 13eed \| Close file (See above)
2018-12-25T12:42:59.000839606Z	67	PC: 13efb \| Get or set file attributes (See above)
2018-12-25T12:42:59.011239185Z	79	PC: 13e7e \| Find next file (See above)
2018-12-25T12:42:59.01412254Z	78	PC: 13e71 \| Find first file (See above)
2018-12-25T12:42:59.020479303Z	53	PC: 13d1a \| Get interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-25T12:42:59.022618395Z	42	PC: 13d2c \| Get date 0x13d2c: cmp dx, 0x312 0x13d30: je 0x13d62 0x13d32: cmp cx, 0x7cb 0x13d36: je 0x13d3d 0x13d38: jg 0x13d46 0x13d3a: jmp 0x13df9 0x13d3d: cmp dx, 0xa08 0x13d41: jge 0x13d46 0x13d43: jmp 0x13df9 0x13d46: test dl, 0xe3 0x13d49: je 0x13d4e 0x13d4b: jmp 0x13df9 0x13d4e: mov ah, 0x2c 0x13d50: int 0x21 0x13d52: test ch, 0xe3 0x13d55: je 0x13d5a 0x13d57: jmp 0x13df9 0x13d5a: cmp cl, 0xa 0x13d5d: jle 0x13d62 0x13d5f: jmp 0x13df9
2018-12-25T12:42:59.025356503Z	9	PC: 12a86 \| Display string (String= 'Goat file (COM/....). Size=00001004h/0000004100d bytes. ')
2018-12-25T12:42:59.030858027Z	48	PC: 12a8f \| Get DOS version
2018-12-25T12:42:59.032433369Z	61	PC: 12b5c \| Open file (Filename = '')
2018-12-25T12:42:59.045841393Z	93	PC: 12afe \| File sharing functions
2018-12-25T12:42:59.047895273Z	9	PC: 12a86 \| Display string (See above)
2018-12-25T12:42:59.052473236Z	76	PC: 12ae3 \| Terminate with return code (Return code = '1')