Sample viewer

vx.netlux.org/Virus.DOS.ShyDemon.1603

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:05:58.825152686Z 53 PC: 12b7c | Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T23:05:58.827535208Z 53 PC: 12b8b | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:05:58.829861872Z 37 PC: 12b94 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T23:05:58.831604775Z 53 PC: 12b9a | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:05:58.834265592Z 37 PC: 12bb0 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:05:58.838295697Z 26 PC: 12bc1 | Set disk transfer address
2018-12-17T23:05:58.839765264Z 71 PC: 12bca | Get current directory
2018-12-17T23:05:58.843391801Z 59 PC: 12bd1 | Change current directory
2018-12-17T23:05:58.851350176Z 78 PC: 12c93 | Find first file
2018-12-17T23:05:58.858618139Z 59 PC: 12be4 | Change current directory
2018-12-17T23:05:58.863503244Z 78 PC: 12c93 | Find first file
2018-12-17T23:05:58.870657595Z 67 PC: 12cab | Get or set file attributes
2018-12-17T23:05:58.878809489Z 67 PC: 12cba | Get or set file attributes
2018-12-17T23:05:58.899308005Z 61 PC: 12cc2 | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:05:58.907880755Z 87 PC: 12cc7 | Get or set file date and time
2018-12-17T23:05:58.909797358Z 63 PC: 12cdb | Read file or device (Read 6 bytes on handle 5)
2018-12-17T23:05:58.917149839Z 66 PC: 12f8c | Move file pointer
2018-12-17T23:05:58.918674578Z 64 PC: 12cfb | Write file or device (Write 6 bytes on handle 5)
2018-12-17T23:05:58.922010294Z 42 PC: 12d0f | Get date 0x12d0f: mov word ptr ds:[bp + 0x744], dx
0x12d14: rol dx, 1
0x12d16: rol dx, 1
0x12d18: rol dx, 1
0x12d1a: rol dx, 1
0x12d1c: rol dx, 1
0x12d1e: rol dx, 1
0x12d20: rol dx, 1
0x12d22: rol dx, 1
0x12d24: mov word ptr ds:[bp + 0x746], dx
0x12d29: call 0x12d49
0x12d2c: mov al, 2
0x12d2e: call 0x12f86
0x12d31: call 0x13144
0x12d34: pop cx
0x12d35: mov byte ptr ds:[bp + 0x6f8], ch
0x12d3a: push bx
0x12d3b: pop bx
0x12d3c: call 0x12f67
0x12d3f: mov ah, 0x4f
2018-12-17T23:05:58.924609263Z 66 PC: 12f8c | Move file pointer
2018-12-17T23:05:58.926953294Z 64 PC: 13158 | Write file or device (Write 1603 bytes on handle 5)
2018-12-17T23:05:58.94047237Z 87 PC: 12f75 | Get or set file date and time
2018-12-17T23:05:58.942051138Z 62 PC: 12f78 | Close file
2018-12-17T23:05:58.950558917Z 67 PC: 12f85 | Get or set file attributes
2018-12-17T23:05:58.967677442Z 79 PC: 12c93 | Find next file
2018-12-17T23:05:58.97131528Z 67 PC: 12cab | Get or set file attributes
2018-12-17T23:05:58.978204433Z 67 PC: 12cba | Get or set file attributes
2018-12-17T23:05:58.999592442Z 61 PC: 12cc2 | Open file (Filename = 'PRINT.COM')
2018-12-17T23:05:59.007533186Z 87 PC: 12cc7 | Get or set file date and time
2018-12-17T23:05:59.009511378Z 63 PC: 12cdb | Read file or device (Read 6 bytes on handle 5)
2018-12-17T23:05:59.019307568Z 87 PC: 12f75 | Get or set file date and time
2018-12-17T23:05:59.021146465Z 62 PC: 12f78 | Close file
2018-12-17T23:05:59.023054563Z 67 PC: 12f85 | Get or set file attributes
2018-12-17T23:05:59.034866109Z 79 PC: 12c93 | Find next file
2018-12-17T23:05:59.038151576Z 67 PC: 12cab | Get or set file attributes
2018-12-17T23:05:59.045504074Z 67 PC: 12cba | Get or set file attributes
2018-12-17T23:05:59.056484954Z 61 PC: 12cc2 | Open file (Filename = 'HELLO.COM')
2018-12-17T23:05:59.065231386Z 87 PC: 12cc7 | Get or set file date and time
2018-12-17T23:05:59.067008183Z 63 PC: 12cdb | Read file or device (Read 6 bytes on handle 6)
2018-12-17T23:05:59.074887431Z 87 PC: 12f75 | Get or set file date and time
2018-12-17T23:05:59.078038605Z 62 PC: 12f78 | Close file
2018-12-17T23:05:59.079914735Z 67 PC: 12f85 | Get or set file attributes
2018-12-17T23:05:59.090942814Z 79 PC: 12c93 | Find next file
2018-12-17T23:05:59.094375746Z 67 PC: 12cab | Get or set file attributes
2018-12-17T23:05:59.100443293Z 67 PC: 12cba | Get or set file attributes
2018-12-17T23:05:59.111294562Z 61 PC: 12cc2 | Open file (Filename = 'PHANG.COM')
2018-12-17T23:05:59.118961274Z 87 PC: 12cc7 | Get or set file date and time
2018-12-17T23:05:59.120584043Z 63 PC: 12cdb | Read file or device (Read 6 bytes on handle 7)
2018-12-17T23:05:59.127515509Z 87 PC: 12f75 | Get or set file date and time
2018-12-17T23:05:59.129960285Z 62 PC: 12f78 | Close file
2018-12-17T23:05:59.131957575Z 67 PC: 12f85 | Get or set file attributes
2018-12-17T23:05:59.14319003Z 79 PC: 12c93 | Find next file
2018-12-17T23:05:59.146689375Z 67 PC: 12cab | Get or set file attributes
2018-12-17T23:05:59.15318952Z 67 PC: 12cba | Get or set file attributes
2018-12-17T23:05:59.164036787Z 61 PC: 12cc2 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T23:05:59.177225946Z 87 PC: 12cc7 | Get or set file date and time
2018-12-17T23:05:59.179237648Z 63 PC: 12cdb | Read file or device (Read 6 bytes on handle 8)
2018-12-17T23:05:59.186664544Z 87 PC: 12f75 | Get or set file date and time
2018-12-17T23:05:59.188713848Z 62 PC: 12f78 | Close file
2018-12-17T23:05:59.191477315Z 67 PC: 12f85 | Get or set file attributes
2018-12-17T23:05:59.203148623Z 79 PC: 12c93 | Find next file
2018-12-17T23:05:59.206413712Z 67 PC: 12cab | Get or set file attributes
2018-12-17T23:05:59.214513041Z 67 PC: 12cba | Get or set file attributes
2018-12-17T23:05:59.225669296Z 61 PC: 12cc2 | Open file (Filename = 'MANDEL.COM')
2018-12-17T23:05:59.233364998Z 87 PC: 12cc7 | Get or set file date and time
2018-12-17T23:05:59.236033822Z 63 PC: 12cdb | Read file or device (Read 6 bytes on handle 9)
2018-12-17T23:05:59.243545375Z 66 PC: 12f8c | Move file pointer
2018-12-17T23:05:59.245055674Z 64 PC: 12cfb | Write file or device (Write 6 bytes on handle 9)
2018-12-17T23:05:59.247977501Z 42 PC: 12d0f | Get date 0x12d0f: mov word ptr ds:[bp + 0x744], dx
0x12d14: rol dx, 1
0x12d16: rol dx, 1
0x12d18: rol dx, 1
0x12d1a: rol dx, 1
0x12d1c: rol dx, 1
0x12d1e: rol dx, 1
0x12d20: rol dx, 1
0x12d22: rol dx, 1
0x12d24: mov word ptr ds:[bp + 0x746], dx
0x12d29: call 0x12d49
0x12d2c: mov al, 2
0x12d2e: call 0x12f86
0x12d31: call 0x13144
0x12d34: pop cx
0x12d35: mov byte ptr ds:[bp + 0x6f8], ch
0x12d3a: push bx
0x12d3b: pop bx
0x12d3c: call 0x12f67
0x12d3f: mov ah, 0x4f
2018-12-17T23:05:59.249771859Z 66 PC: 12f8c | Move file pointer
2018-12-17T23:05:59.251628684Z 64 PC: 13158 | Write file or device (Write 1603 bytes on handle 9)
2018-12-17T23:05:59.257575538Z 87 PC: 12f75 | Get or set file date and time
2018-12-17T23:05:59.259192875Z 62 PC: 12f78 | Close file
2018-12-17T23:05:59.264337174Z 67 PC: 12f85 | Get or set file attributes
2018-12-17T23:05:59.274219854Z 79 PC: 12c93 | Find next file
2018-12-17T23:05:59.277661939Z 67 PC: 12cab | Get or set file attributes
2018-12-17T23:05:59.284008691Z 67 PC: 12cba | Get or set file attributes
2018-12-17T23:05:59.294975608Z 61 PC: 12cc2 | Open file (Filename = 'PAH.COM')
2018-12-17T23:05:59.308686655Z 87 PC: 12cc7 | Get or set file date and time
2018-12-17T23:05:59.310259516Z 63 PC: 12cdb | Read file or device (Read 6 bytes on handle 9)
2018-12-17T23:05:59.317365889Z 87 PC: 12f75 | Get or set file date and time
2018-12-17T23:05:59.319543217Z 62 PC: 12f78 | Close file
2018-12-17T23:05:59.321050806Z 67 PC: 12f85 | Get or set file attributes
2018-12-17T23:05:59.331938272Z 79 PC: 12c93 | Find next file
2018-12-17T23:05:59.335592576Z 59 PC: 12bf6 | Change current directory
2018-12-17T23:05:59.340106141Z 59 PC: 12c01 | Change current directory
2018-12-17T23:05:59.344442345Z 37 PC: 12c0f | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T23:05:59.346155539Z 37 PC: 12c1d | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:05:59.347336159Z 42 PC: 12c25 | Get date 0x12c25: cmp dx, 0x31e
0x12c29: jne 0x12c4d
0x12c2b: mov ah, 0xf
0x12c2d: int 0x10
0x12c2f: mov ah, 0
0x12c31: int 0x10
0x12c33: mov ah, 1
0x12c35: mov cx, 0xca0
0x12c38: int 0x10
0x12c3a: mov ah, 9
0x12c3c: lea dx, word ptr [bp + 0x57b]
0x12c40: int 0x21
0x12c42: mov ah, 0
0x12c44: int 0x16
0x12c46: mov ah, 1
0x12c48: mov cx, 0x130
0x12c4b: int 0x10
0x12c4d: push es
0x12c4e: cli
0x12c4f: mov ax, ss
2018-12-17T23:05:59.544049024Z 76 PC: 0 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15377,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:43:17.291566322Z 53 PC: 12b7c | Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T12:43:17.293134062Z 53 PC: 12b8b | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:43:17.296499155Z 37 PC: 12b94 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T12:43:17.297870402Z 53 PC: 12b9a | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:43:17.299283819Z 37 PC: 12bb0 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:43:17.301363881Z 26 PC: 12bc1 | Set disk transfer address
2018-12-25T12:43:17.302928434Z 71 PC: 12bca | Get current directory
2018-12-25T12:43:17.306399143Z 59 PC: 12bd1 | Change current directory
2018-12-25T12:43:17.313941307Z 78 PC: 12c93 | Find first file
2018-12-25T12:43:17.326769134Z 59 PC: 12be4 | Change current directory
2018-12-25T12:43:17.331170089Z 78 PC: 12c93 | Find first file (See above)
2018-12-25T12:43:17.338574314Z 67 PC: 12cab | Get or set file attributes
2018-12-25T12:43:17.344799876Z 67 PC: 12cba | Get or set file attributes
2018-12-25T12:43:17.363514042Z 61 PC: 12cc2 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:43:17.377794359Z 87 PC: 12cc7 | Get or set file date and time
2018-12-25T12:43:17.379339575Z 63 PC: 12cdb | Read file or device (Read 6 bytes on handle 5)
2018-12-25T12:43:17.386645531Z 66 PC: 12f8c | Move file pointer
2018-12-25T12:43:17.392078788Z 64 PC: 12cfb | Write file or device (Write 6 bytes on handle 5)
2018-12-25T12:43:17.39528393Z 42 PC: 12d0f | Get date 0x12d0f: mov word ptr ds:[bp + 0x744], dx
0x12d14: rol dx, 1
0x12d16: rol dx, 1
0x12d18: rol dx, 1
0x12d1a: rol dx, 1
0x12d1c: rol dx, 1
0x12d1e: rol dx, 1
0x12d20: rol dx, 1
0x12d22: rol dx, 1
0x12d24: mov word ptr ds:[bp + 0x746], dx
0x12d29: call 0x12d49
0x12d2c: mov al, 2
0x12d2e: call 0x12f86
0x12d31: call 0x13144
0x12d34: pop cx
0x12d35: mov byte ptr ds:[bp + 0x6f8], ch
0x12d3a: push bx
0x12d3b: pop bx
0x12d3c: call 0x12f67
0x12d3f: mov ah, 0x4f
2018-12-25T12:43:17.398166194Z 66 PC: 12f8c | Move file pointer (See above)
2018-12-25T12:43:17.401913886Z 64 PC: 13158 | Write file or device (Write 1603 bytes on handle 5)
2018-12-25T12:43:17.412006864Z 87 PC: 12f75 | Get or set file date and time
2018-12-25T12:43:17.413917467Z 62 PC: 12f78 | Close file
2018-12-25T12:43:17.423125486Z 67 PC: 12f85 | Get or set file attributes
2018-12-25T12:43:17.434927866Z 79 PC: 12c93 | Find next file (See above)
2018-12-25T12:43:17.437874647Z 67 PC: 12cab | Get or set file attributes (See above)
2018-12-25T12:43:17.444038421Z 67 PC: 12cba | Get or set file attributes (See above)
2018-12-25T12:43:17.454996972Z 61 PC: 12cc2 | Open file (See above)
2018-12-25T12:43:17.468185012Z 87 PC: 12cc7 | Get or set file date and time (See above)
2018-12-25T12:43:17.469582743Z 63 PC: 12cdb | Read file or device (See above)
2018-12-25T12:43:17.47747468Z 87 PC: 12f75 | Get or set file date and time (See above)
2018-12-25T12:43:17.479289291Z 62 PC: 12f78 | Close file (See above)
2018-12-25T12:43:17.480956011Z 67 PC: 12f85 | Get or set file attributes (See above)
2018-12-25T12:43:17.493060053Z 79 PC: 12c93 | Find next file (See above)
2018-12-25T12:43:17.496584695Z 67 PC: 12cab | Get or set file attributes (See above)
2018-12-25T12:43:17.503590677Z 67 PC: 12cba | Get or set file attributes (See above)
2018-12-25T12:43:17.515370417Z 61 PC: 12cc2 | Open file (See above)
2018-12-25T12:43:17.524190674Z 87 PC: 12cc7 | Get or set file date and time (See above)
2018-12-25T12:43:17.527104791Z 63 PC: 12cdb | Read file or device (See above)
2018-12-25T12:43:17.535399267Z 87 PC: 12f75 | Get or set file date and time (See above)
2018-12-25T12:43:17.537728464Z 62 PC: 12f78 | Close file (See above)
2018-12-25T12:43:17.540172058Z 67 PC: 12f85 | Get or set file attributes (See above)
2018-12-25T12:43:17.552327175Z 79 PC: 12c93 | Find next file (See above)
2018-12-25T12:43:17.555898845Z 67 PC: 12cab | Get or set file attributes (See above)
2018-12-25T12:43:17.563221092Z 67 PC: 12cba | Get or set file attributes (See above)
2018-12-25T12:43:17.574458951Z 61 PC: 12cc2 | Open file (See above)
2018-12-25T12:43:17.580236831Z 87 PC: 12cc7 | Get or set file date and time (See above)
2018-12-25T12:43:17.581983712Z 63 PC: 12cdb | Read file or device (See above)
2018-12-25T12:43:17.589340519Z 87 PC: 12f75 | Get or set file date and time (See above)
2018-12-25T12:43:17.592918808Z 62 PC: 12f78 | Close file (See above)
2018-12-25T12:43:17.595017395Z 67 PC: 12f85 | Get or set file attributes (See above)
2018-12-25T12:43:17.606472717Z 79 PC: 12c93 | Find next file (See above)
2018-12-25T12:43:17.610697971Z 67 PC: 12cab | Get or set file attributes (See above)
2018-12-25T12:43:17.617038048Z 67 PC: 12cba | Get or set file attributes (See above)
2018-12-25T12:43:17.628226512Z 61 PC: 12cc2 | Open file (See above)
2018-12-25T12:43:17.636057616Z 87 PC: 12cc7 | Get or set file date and time (See above)
2018-12-25T12:43:17.637522577Z 63 PC: 12cdb | Read file or device (See above)
2018-12-25T12:43:17.644504807Z 87 PC: 12f75 | Get or set file date and time (See above)
2018-12-25T12:43:17.646510736Z 62 PC: 12f78 | Close file (See above)
2018-12-25T12:43:17.64803376Z 67 PC: 12f85 | Get or set file attributes (See above)
2018-12-25T12:43:17.659136462Z 79 PC: 12c93 | Find next file (See above)
2018-12-25T12:43:17.6618969Z 67 PC: 12cab | Get or set file attributes (See above)
2018-12-25T12:43:17.668294816Z 67 PC: 12cba | Get or set file attributes (See above)
2018-12-25T12:43:17.678783299Z 61 PC: 12cc2 | Open file (See above)
2018-12-25T12:43:17.686643751Z 87 PC: 12cc7 | Get or set file date and time (See above)
2018-12-25T12:43:17.688425382Z 63 PC: 12cdb | Read file or device (See above)
2018-12-25T12:43:17.695529088Z 66 PC: 12f8c | Move file pointer (See above)
2018-12-25T12:43:17.696641372Z 64 PC: 12cfb | Write file or device (See above)
2018-12-25T12:43:17.70028381Z 42 PC: 12d0f | Get date (See above)
2018-12-25T12:43:17.703170798Z 66 PC: 12f8c | Move file pointer (See above)
2018-12-25T12:43:17.70540561Z 64 PC: 13158 | Write file or device (See above)
2018-12-25T12:43:17.721702922Z 87 PC: 12f75 | Get or set file date and time (See above)
2018-12-25T12:43:17.724347947Z 62 PC: 12f78 | Close file (See above)
2018-12-25T12:43:17.733126976Z 67 PC: 12f85 | Get or set file attributes (See above)
2018-12-25T12:43:17.744698613Z 79 PC: 12c93 | Find next file (See above)
2018-12-25T12:43:17.747681573Z 67 PC: 12cab | Get or set file attributes (See above)
2018-12-25T12:43:17.754074831Z 67 PC: 12cba | Get or set file attributes (See above)
2018-12-25T12:43:17.766392579Z 61 PC: 12cc2 | Open file (See above)
2018-12-25T12:43:17.774130549Z 87 PC: 12cc7 | Get or set file date and time (See above)
2018-12-25T12:43:17.776185809Z 63 PC: 12cdb | Read file or device (See above)
2018-12-25T12:43:17.78485035Z 87 PC: 12f75 | Get or set file date and time (See above)
2018-12-25T12:43:17.787374098Z 62 PC: 12f78 | Close file (See above)
2018-12-25T12:43:17.790346209Z 67 PC: 12f85 | Get or set file attributes (See above)
2018-12-25T12:43:17.801955283Z 79 PC: 12c93 | Find next file (See above)
2018-12-25T12:43:17.806436741Z 59 PC: 12bf6 | Change current directory
2018-12-25T12:43:17.811506114Z 59 PC: 12c01 | Change current directory
2018-12-25T12:43:17.816408639Z 37 PC: 12c0f | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T12:43:17.818534446Z 37 PC: 12c1d | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:43:17.819821374Z 42 PC: 12c25 | Get date 0x12c25: cmp dx, 0x31e
0x12c29: jne 0x12c4d
0x12c2b: mov ah, 0xf
0x12c2d: int 0x10
0x12c2f: mov ah, 0
0x12c31: int 0x10
0x12c33: mov ah, 1
0x12c35: mov cx, 0xca0
0x12c38: int 0x10
0x12c3a: mov ah, 9
0x12c3c: lea dx, word ptr [bp + 0x57b]
0x12c40: int 0x21
0x12c42: mov ah, 0
0x12c44: int 0x16
0x12c46: mov ah, 1
0x12c48: mov cx, 0x130
0x12c4b: int 0x10
0x12c4d: push es
0x12c4e: cli
0x12c4f: mov ax, ss

{"DateBased":true,"Day":30,"Month":3,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15377,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:43:17.475940338Z 53 PC: 12b7c | Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T12:43:17.477107414Z 53 PC: 12b8b | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:43:17.47814595Z 37 PC: 12b94 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T12:43:17.479200847Z 53 PC: 12b9a | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:43:17.480603396Z 37 PC: 12bb0 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:43:17.481510617Z 26 PC: 12bc1 | Set disk transfer address
2018-12-25T12:43:17.482340493Z 71 PC: 12bca | Get current directory
2018-12-25T12:43:17.484750361Z 59 PC: 12bd1 | Change current directory
2018-12-25T12:43:17.490368232Z 78 PC: 12c93 | Find first file
2018-12-25T12:43:17.495820207Z 59 PC: 12be4 | Change current directory
2018-12-25T12:43:17.499739985Z 78 PC: 12c93 | Find first file (See above)
2018-12-25T12:43:17.506029328Z 67 PC: 12cab | Get or set file attributes
2018-12-25T12:43:17.511390155Z 67 PC: 12cba | Get or set file attributes
2018-12-25T12:43:17.527295828Z 61 PC: 12cc2 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:43:17.534055708Z 87 PC: 12cc7 | Get or set file date and time
2018-12-25T12:43:17.535215612Z 63 PC: 12cdb | Read file or device (Read 6 bytes on handle 5)
2018-12-25T12:43:17.541033346Z 66 PC: 12f8c | Move file pointer
2018-12-25T12:43:17.554470166Z 64 PC: 12cfb | Write file or device (Write 6 bytes on handle 5)
2018-12-25T12:43:17.556912461Z 42 PC: 12d0f | Get date 0x12d0f: mov word ptr ds:[bp + 0x744], dx
0x12d14: rol dx, 1
0x12d16: rol dx, 1
0x12d18: rol dx, 1
0x12d1a: rol dx, 1
0x12d1c: rol dx, 1
0x12d1e: rol dx, 1
0x12d20: rol dx, 1
0x12d22: rol dx, 1
0x12d24: mov word ptr ds:[bp + 0x746], dx
0x12d29: call 0x12d49
0x12d2c: mov al, 2
0x12d2e: call 0x12f86
0x12d31: call 0x13144
0x12d34: pop cx
0x12d35: mov byte ptr ds:[bp + 0x6f8], ch
0x12d3a: push bx
0x12d3b: pop bx
0x12d3c: call 0x12f67
0x12d3f: mov ah, 0x4f
2018-12-25T12:43:17.559281142Z 66 PC: 12f8c | Move file pointer (See above)
2018-12-25T12:43:17.56216659Z 64 PC: 13158 | Write file or device (Write 1603 bytes on handle 5)
2018-12-25T12:43:17.571422591Z 87 PC: 12f75 | Get or set file date and time
2018-12-25T12:43:17.572902788Z 62 PC: 12f78 | Close file
2018-12-25T12:43:17.598458702Z 67 PC: 12f85 | Get or set file attributes
2018-12-25T12:43:17.607889667Z 79 PC: 12c93 | Find next file (See above)
2018-12-25T12:43:17.610370149Z 67 PC: 12cab | Get or set file attributes (See above)
2018-12-25T12:43:17.616734107Z 67 PC: 12cba | Get or set file attributes (See above)
2018-12-25T12:43:17.625880028Z 61 PC: 12cc2 | Open file (See above)
2018-12-25T12:43:17.636851021Z 87 PC: 12cc7 | Get or set file date and time (See above)
2018-12-25T12:43:17.646612623Z 63 PC: 12cdb | Read file or device (See above)
2018-12-25T12:43:17.652838026Z 87 PC: 12f75 | Get or set file date and time (See above)
2018-12-25T12:43:17.654909823Z 62 PC: 12f78 | Close file (See above)
2018-12-25T12:43:17.656788736Z 67 PC: 12f85 | Get or set file attributes (See above)
2018-12-25T12:43:17.666663904Z 79 PC: 12c93 | Find next file (See above)
2018-12-25T12:43:17.669216319Z 67 PC: 12cab | Get or set file attributes (See above)
2018-12-25T12:43:17.675053152Z 67 PC: 12cba | Get or set file attributes (See above)
2018-12-25T12:43:17.684504882Z 61 PC: 12cc2 | Open file (See above)
2018-12-25T12:43:17.690811847Z 87 PC: 12cc7 | Get or set file date and time (See above)
2018-12-25T12:43:17.692168233Z 63 PC: 12cdb | Read file or device (See above)
2018-12-25T12:43:17.698612558Z 87 PC: 12f75 | Get or set file date and time (See above)
2018-12-25T12:43:17.699895298Z 62 PC: 12f78 | Close file (See above)
2018-12-25T12:43:17.701813351Z 67 PC: 12f85 | Get or set file attributes (See above)
2018-12-25T12:43:17.711350323Z 79 PC: 12c93 | Find next file (See above)
2018-12-25T12:43:17.713786315Z 67 PC: 12cab | Get or set file attributes (See above)
2018-12-25T12:43:17.72432369Z 67 PC: 12cba | Get or set file attributes (See above)
2018-12-25T12:43:17.73450618Z 61 PC: 12cc2 | Open file (See above)
2018-12-25T12:43:17.740884409Z 87 PC: 12cc7 | Get or set file date and time (See above)
2018-12-25T12:43:17.742474317Z 63 PC: 12cdb | Read file or device (See above)
2018-12-25T12:43:17.748707716Z 87 PC: 12f75 | Get or set file date and time (See above)
2018-12-25T12:43:17.750161666Z 62 PC: 12f78 | Close file (See above)
2018-12-25T12:43:17.751593618Z 67 PC: 12f85 | Get or set file attributes (See above)
2018-12-25T12:43:17.761403784Z 79 PC: 12c93 | Find next file (See above)
2018-12-25T12:43:17.763950169Z 67 PC: 12cab | Get or set file attributes (See above)
2018-12-25T12:43:17.769434496Z 67 PC: 12cba | Get or set file attributes (See above)
2018-12-25T12:43:17.782405763Z 61 PC: 12cc2 | Open file (See above)
2018-12-25T12:43:17.788845853Z 87 PC: 12cc7 | Get or set file date and time (See above)
2018-12-25T12:43:17.790377768Z 63 PC: 12cdb | Read file or device (See above)
2018-12-25T12:43:17.797117425Z 87 PC: 12f75 | Get or set file date and time (See above)
2018-12-25T12:43:17.798714302Z 62 PC: 12f78 | Close file (See above)
2018-12-25T12:43:17.800246711Z 67 PC: 12f85 | Get or set file attributes (See above)
2018-12-25T12:43:17.810453565Z 79 PC: 12c93 | Find next file (See above)
2018-12-25T12:43:17.812764823Z 67 PC: 12cab | Get or set file attributes (See above)
2018-12-25T12:43:17.818453203Z 67 PC: 12cba | Get or set file attributes (See above)
2018-12-25T12:43:17.827925962Z 61 PC: 12cc2 | Open file (See above)
2018-12-25T12:43:17.83889962Z 87 PC: 12cc7 | Get or set file date and time (See above)
2018-12-25T12:43:17.840085707Z 63 PC: 12cdb | Read file or device (See above)
2018-12-25T12:43:17.846874381Z 66 PC: 12f8c | Move file pointer (See above)
2018-12-25T12:43:17.848229797Z 64 PC: 12cfb | Write file or device (See above)
2018-12-25T12:43:17.850728884Z 42 PC: 12d0f | Get date (See above)
2018-12-25T12:43:17.85353018Z 66 PC: 12f8c | Move file pointer (See above)
2018-12-25T12:43:17.855442911Z 64 PC: 13158 | Write file or device (See above)
2018-12-25T12:43:17.864127114Z 87 PC: 12f75 | Get or set file date and time (See above)
2018-12-25T12:43:17.866120458Z 62 PC: 12f78 | Close file (See above)
2018-12-25T12:43:17.873440922Z 67 PC: 12f85 | Get or set file attributes (See above)
2018-12-25T12:43:17.882758615Z 79 PC: 12c93 | Find next file (See above)
2018-12-25T12:43:17.885800367Z 67 PC: 12cab | Get or set file attributes (See above)
2018-12-25T12:43:17.891119168Z 67 PC: 12cba | Get or set file attributes (See above)
2018-12-25T12:43:17.899345034Z 61 PC: 12cc2 | Open file (See above)
2018-12-25T12:43:17.907312442Z 87 PC: 12cc7 | Get or set file date and time (See above)
2018-12-25T12:43:17.9083527Z 63 PC: 12cdb | Read file or device (See above)
2018-12-25T12:43:17.912234065Z 87 PC: 12f75 | Get or set file date and time (See above)
2018-12-25T12:43:17.913969726Z 62 PC: 12f78 | Close file (See above)
2018-12-25T12:43:17.91504028Z 67 PC: 12f85 | Get or set file attributes (See above)
2018-12-25T12:43:17.921043156Z 79 PC: 12c93 | Find next file (See above)
2018-12-25T12:43:17.923114101Z 59 PC: 12bf6 | Change current directory
2018-12-25T12:43:17.925645362Z 59 PC: 12c01 | Change current directory
2018-12-25T12:43:17.929276185Z 37 PC: 12c0f | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T12:43:17.930603735Z 37 PC: 12c1d | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:43:17.931529449Z 42 PC: 12c25 | Get date 0x12c25: cmp dx, 0x31e
0x12c29: jne 0x12c4d
0x12c2b: mov ah, 0xf
0x12c2d: int 0x10
0x12c2f: mov ah, 0
0x12c31: int 0x10
0x12c33: mov ah, 1
0x12c35: mov cx, 0xca0
0x12c38: int 0x10
0x12c3a: mov ah, 9
0x12c3c: lea dx, word ptr [bp + 0x57b]
0x12c40: int 0x21
0x12c42: mov ah, 0
0x12c44: int 0x16
0x12c46: mov ah, 1
0x12c48: mov cx, 0x130
0x12c4b: int 0x10
0x12c4d: push es
0x12c4e: cli
0x12c4f: mov ax, ss
2018-12-25T12:43:17.940116985Z 9 PC: 12c42 | Display string (Could not find end pointer)