Sample viewer

vx.netlux.org/Virus.DOS.Jindra.2049

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:04:57.145860434Z	25	PC: 178b2 \| Get default drive
2018-12-17T22:04:57.148093591Z	14	PC: 178c1 \| Set default drive (Drive = 'C')
2018-12-17T22:04:57.150391639Z	78	PC: 178cd \| Find first file
2018-12-17T22:04:57.155869633Z	67	PC: 17cdd \| Get or set file attributes
2018-12-17T22:04:57.171843381Z	65	PC: 17ce1 \| Delete file (Filename = 'C:\DOS\VSAFE.COM')
2018-12-17T22:04:57.179472287Z	67	PC: 17cdd \| Get or set file attributes
2018-12-17T22:04:57.18484537Z	65	PC: 17ce1 \| Delete file (Filename = 'VSAFE.COM')
2018-12-17T22:04:57.19045258Z	67	PC: 17cdd \| Get or set file attributes
2018-12-17T22:04:57.196556048Z	65	PC: 17ce1 \| Delete file (Filename = 'C:\AGUARD.DAT')
2018-12-17T22:04:57.20274995Z	42	PC: 17956 \| Get date 0x17956: and dh, 1 0x17959: nop 0x1795a: nop 0x1795b: cmp dl, 0x15 0x1795e: je 0x17965 0x17960: cmp dl, 0x16 0x17963: jne 0x179ad 0x17965: mov cx, 2 0x17968: mov dx, 0x80 0x1796b: call 0x17bf4 0x1796e: mov cx, 1 0x17971: mov dx, 0x100 0x17974: call 0x17bf4 0x17977: mov cx, 2 0x1797a: mov dx, 0x181 0x1797d: call 0x17bf4 0x17980: xor al, al 0x17982: out 0x70, al 0x17984: mov cx, 0x32 0x17987: loop 0x17987
2018-12-17T22:04:57.205187384Z	71	PC: 179be \| Get current directory
2018-12-17T22:04:57.208895913Z	78	PC: 179f4 \| Find first file
2018-12-17T22:04:57.214297999Z	79	PC: 179ff \| Find next file
2018-12-17T22:04:57.21701349Z	79	PC: 179ff \| Find next file
2018-12-17T22:04:57.220849641Z	59	PC: 17a20 \| Change current directory
2018-12-17T22:04:57.227391204Z	78	PC: 17cd1 \| Find first file
2018-12-17T22:04:57.233384003Z	78	PC: 17cd1 \| Find first file
2018-12-17T22:04:57.240368917Z	78	PC: 17a5e \| Find first file
2018-12-17T22:04:57.246191705Z	67	PC: 17a8d \| Get or set file attributes
2018-12-17T22:04:57.251991814Z	67	PC: 17a9a \| Get or set file attributes
2018-12-17T22:04:57.599803181Z	61	PC: 17aa1 \| Open file (Filename = 'l8lt��.')
2018-12-17T22:04:57.608516627Z	87	PC: 17aaa \| Get or set file date and time
2018-12-17T22:04:57.611594906Z	63	PC: 17ac0 \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:04:57.626045064Z	63	PC: 17aca \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:04:57.630650024Z	66	PC: 17bf3 \| Move file pointer
2018-12-17T22:04:57.632426797Z	66	PC: 17bf3 \| Move file pointer
2018-12-17T22:04:57.647181932Z	64	PC: 17b54 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:04:57.650939498Z	66	PC: 17bf3 \| Move file pointer
2018-12-17T22:04:57.6539153Z	64	PC: 17ba1 \| Write file or device (Write 2049 bytes on handle 5)
2018-12-17T22:04:57.665459055Z	87	PC: 17b07 \| Get or set file date and time
2018-12-17T22:04:57.667834501Z	62	PC: 17b0d \| Close file
2018-12-17T22:04:57.678833968Z	67	PC: 17b19 \| Get or set file attributes
2018-12-17T22:04:57.688346744Z	79	PC: 17a6b \| Find next file
2018-12-17T22:04:57.691586717Z	67	PC: 17a8d \| Get or set file attributes
2018-12-17T22:04:57.69727982Z	67	PC: 17a9a \| Get or set file attributes
2018-12-17T22:04:57.707714775Z	61	PC: 17aa1 \| Open file (Filename = 'l8lt��.')
2018-12-17T22:04:57.714629251Z	87	PC: 17aaa \| Get or set file date and time
2018-12-17T22:04:57.716379873Z	63	PC: 17ac0 \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:04:57.722408022Z	63	PC: 17aca \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:04:57.725708123Z	66	PC: 17bf3 \| Move file pointer
2018-12-17T22:04:57.727228343Z	66	PC: 17bf3 \| Move file pointer
2018-12-17T22:04:57.728927223Z	64	PC: 17b54 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:04:57.748274047Z	66	PC: 17bf3 \| Move file pointer
2018-12-17T22:04:57.7660358Z	64	PC: 17ba1 \| Write file or device (Write 2049 bytes on handle 5)
2018-12-17T22:04:57.776621264Z	87	PC: 17b07 \| Get or set file date and time
2018-12-17T22:04:57.77845161Z	62	PC: 17b0d \| Close file
2018-12-17T22:04:57.78551571Z	67	PC: 17b19 \| Get or set file attributes
2018-12-17T22:04:57.808361451Z	79	PC: 17a6b \| Find next file
2018-12-17T22:04:57.821742229Z	67	PC: 17a8d \| Get or set file attributes
2018-12-17T22:04:57.827693734Z	67	PC: 17a9a \| Get or set file attributes
2018-12-17T22:04:57.85444863Z	61	PC: 17aa1 \| Open file (Filename = 'l8lt��.')
2018-12-17T22:04:57.86233135Z	87	PC: 17aaa \| Get or set file date and time
2018-12-17T22:04:57.863948465Z	63	PC: 17ac0 \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:04:57.87115279Z	63	PC: 17aca \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:04:57.874462842Z	66	PC: 17bf3 \| Move file pointer
2018-12-17T22:04:57.875883587Z	63	PC: 17aed \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:04:57.882015041Z	66	PC: 17bf3 \| Move file pointer
2018-12-17T22:04:57.884360623Z	66	PC: 17bf3 \| Move file pointer
2018-12-17T22:04:57.885840808Z	64	PC: 17b54 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:04:57.889745246Z	66	PC: 17bf3 \| Move file pointer
2018-12-17T22:04:57.905767467Z	64	PC: 17ba1 \| Write file or device (Write 2049 bytes on handle 5)
2018-12-17T22:04:57.913335938Z	87	PC: 17b07 \| Get or set file date and time
2018-12-17T22:04:57.914807663Z	62	PC: 17b0d \| Close file
2018-12-17T22:04:57.922044934Z	67	PC: 17b19 \| Get or set file attributes
2018-12-17T22:04:57.931906954Z	79	PC: 17a6b \| Find next file
2018-12-17T22:04:57.934969319Z	67	PC: 17a8d \| Get or set file attributes
2018-12-17T22:04:57.941501074Z	67	PC: 17a9a \| Get or set file attributes
2018-12-17T22:04:57.95119361Z	61	PC: 17aa1 \| Open file (Filename = 'l8lt��.')
2018-12-17T22:04:57.959330481Z	87	PC: 17aaa \| Get or set file date and time
2018-12-17T22:04:57.962034104Z	63	PC: 17ac0 \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:04:57.967436378Z	63	PC: 17aca \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:04:57.97051105Z	66	PC: 17bf3 \| Move file pointer
2018-12-17T22:04:57.972897888Z	66	PC: 17bf3 \| Move file pointer
2018-12-17T22:04:57.974308706Z	64	PC: 17b54 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:04:57.977675088Z	66	PC: 17bf3 \| Move file pointer
2018-12-17T22:04:57.98014955Z	64	PC: 17ba1 \| Write file or device (Write 2049 bytes on handle 5)
2018-12-17T22:04:57.988787939Z	87	PC: 17b07 \| Get or set file date and time
2018-12-17T22:04:57.99054261Z	62	PC: 17b0d \| Close file
2018-12-17T22:04:57.998354743Z	67	PC: 17b19 \| Get or set file attributes
2018-12-17T22:04:58.008057276Z	79	PC: 17a6b \| Find next file
2018-12-17T22:04:58.011457534Z	59	PC: 17a20 \| Change current directory
2018-12-17T22:04:58.016156198Z	79	PC: 179ff \| Find next file
2018-12-17T22:04:58.019148421Z	79	PC: 179ff \| Find next file
2018-12-17T22:04:58.022412542Z	59	PC: 17a20 \| Change current directory
2018-12-17T22:04:58.031376228Z	78	PC: 17cd1 \| Find first file
2018-12-17T22:04:58.041253374Z	78	PC: 17cd1 \| Find first file
2018-12-17T22:04:58.047981812Z	78	PC: 17a5e \| Find first file
2018-12-17T22:04:58.054956959Z	67	PC: 17a8d \| Get or set file attributes
2018-12-17T22:04:58.060769344Z	67	PC: 17a9a \| Get or set file attributes
2018-12-17T22:04:58.070126621Z	61	PC: 17aa1 \| Open file (Filename = 'l8lt��.')
2018-12-17T22:04:58.077802288Z	87	PC: 17aaa \| Get or set file date and time
2018-12-17T22:04:58.079454516Z	63	PC: 17ac0 \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:04:58.085382269Z	63	PC: 17aca \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:04:58.08872889Z	66	PC: 17bf3 \| Move file pointer
2018-12-17T22:04:58.091244948Z	66	PC: 17bf3 \| Move file pointer
2018-12-17T22:04:58.092943081Z	64	PC: 17b54 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:04:58.096978967Z	66	PC: 17bf3 \| Move file pointer
2018-12-17T22:04:58.098707342Z	64	PC: 17ba1 \| Write file or device (Write 2049 bytes on handle 5)
2018-12-17T22:04:58.110359932Z	87	PC: 17b07 \| Get or set file date and time
2018-12-17T22:04:58.112603911Z	62	PC: 17b0d \| Close file
2018-12-17T22:04:58.119616923Z	67	PC: 17b19 \| Get or set file attributes
2018-12-17T22:04:58.129680059Z	79	PC: 17a6b \| Find next file
2018-12-17T22:04:58.133898208Z	59	PC: 17a20 \| Change current directory
2018-12-17T22:04:58.138134728Z	79	PC: 179ff \| Find next file
2018-12-17T22:04:58.141178654Z	79	PC: 179ff \| Find next file
2018-12-17T22:04:58.144751747Z	79	PC: 179ff \| Find next file
2018-12-17T22:04:58.147510113Z	59	PC: 17a20 \| Change current directory
2018-12-17T22:04:58.151485762Z	78	PC: 17cd1 \| Find first file
2018-12-17T22:04:58.157144983Z	78	PC: 17cd1 \| Find first file
2018-12-17T22:04:58.164098509Z	78	PC: 17a5e \| Find first file
2018-12-17T22:04:58.169860667Z	79	PC: 17a6b \| Find next file
2018-12-17T22:04:58.172700273Z	78	PC: 179f4 \| Find first file
2018-12-17T22:04:58.17859414Z	79	PC: 179ff \| Find next file
2018-12-17T22:04:58.181436174Z	79	PC: 179ff \| Find next file
2018-12-17T22:04:58.184300196Z	59	PC: 17a20 \| Change current directory
2018-12-17T22:04:58.191271086Z	78	PC: 17cd1 \| Find first file
2018-12-17T22:04:58.197881552Z	78	PC: 17cd1 \| Find first file
2018-12-17T22:04:58.204126159Z	78	PC: 17a5e \| Find first file
2018-12-17T22:04:58.211290497Z	67	PC: 17a8d \| Get or set file attributes
2018-12-17T22:04:58.217316856Z	67	PC: 17a9a \| Get or set file attributes
2018-12-17T22:04:58.227335165Z	61	PC: 17aa1 \| Open file (Filename = 'l8lt��.')
2018-12-17T22:04:58.235165449Z	87	PC: 17aaa \| Get or set file date and time
2018-12-17T22:04:58.236907107Z	63	PC: 17ac0 \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:04:58.242921612Z	63	PC: 17aca \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:04:58.247078261Z	66	PC: 17bf3 \| Move file pointer
2018-12-17T22:04:58.249000914Z	63	PC: 17aed \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:04:58.251901303Z	62	PC: 17b0d \| Close file
2018-12-17T22:04:58.254889509Z	67	PC: 17b19 \| Get or set file attributes
2018-12-17T22:04:58.264359557Z	79	PC: 17a6b \| Find next file
2018-12-17T22:04:58.267216379Z	67	PC: 17a8d \| Get or set file attributes
2018-12-17T22:04:58.272303233Z	67	PC: 17a9a \| Get or set file attributes
2018-12-17T22:04:58.281843792Z	61	PC: 17aa1 \| Open file (Filename = 'l8lt��.')
2018-12-17T22:04:58.288033385Z	87	PC: 17aaa \| Get or set file date and time
2018-12-17T22:04:58.290330183Z	63	PC: 17ac0 \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:04:58.299698886Z	63	PC: 17aca \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:04:58.302496378Z	66	PC: 17bf3 \| Move file pointer
2018-12-17T22:04:58.304882759Z	63	PC: 17aed \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:04:58.312224229Z	62	PC: 17b0d \| Close file
2018-12-17T22:04:58.314597182Z	67	PC: 17b19 \| Get or set file attributes
2018-12-17T22:04:58.32727959Z	79	PC: 17a6b \| Find next file
2018-12-17T22:04:58.333399579Z	67	PC: 17a8d \| Get or set file attributes
2018-12-17T22:04:58.339565868Z	67	PC: 17a9a \| Get or set file attributes
2018-12-17T22:04:58.350075588Z	61	PC: 17aa1 \| Open file (Filename = 'l8lt��.')
2018-12-17T22:04:58.360491319Z	87	PC: 17aaa \| Get or set file date and time
2018-12-17T22:04:58.36230086Z	63	PC: 17ac0 \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:04:58.369169334Z	63	PC: 17aca \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:04:58.375238638Z	66	PC: 17bf3 \| Move file pointer
2018-12-17T22:04:58.380451013Z	63	PC: 17aed \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:04:58.401928713Z	62	PC: 17b0d \| Close file
2018-12-17T22:04:58.403970015Z	67	PC: 17b19 \| Get or set file attributes
2018-12-17T22:04:58.415314547Z	79	PC: 17a6b \| Find next file
2018-12-17T22:04:58.419867079Z	67	PC: 17a8d \| Get or set file attributes
2018-12-17T22:04:58.4265428Z	67	PC: 17a9a \| Get or set file attributes
2018-12-17T22:04:58.436075348Z	61	PC: 17aa1 \| Open file (Filename = 'l8lt��.')
2018-12-17T22:04:58.443920476Z	87	PC: 17aaa \| Get or set file date and time
2018-12-17T22:04:58.44563652Z	63	PC: 17ac0 \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:04:58.451355456Z	63	PC: 17aca \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:04:58.455248405Z	66	PC: 17bf3 \| Move file pointer
2018-12-17T22:04:58.456955245Z	63	PC: 17aed \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:04:58.46325219Z	62	PC: 17b0d \| Close file
2018-12-17T22:04:58.466380879Z	67	PC: 17b19 \| Get or set file attributes
2018-12-17T22:04:58.475840181Z	79	PC: 17a6b \| Find next file
2018-12-17T22:04:58.479147932Z	59	PC: 17a20 \| Change current directory
2018-12-17T22:04:58.484402696Z	79	PC: 179ff \| Find next file
2018-12-17T22:04:58.487351619Z	79	PC: 179ff \| Find next file
2018-12-17T22:04:58.490127778Z	59	PC: 17a20 \| Change current directory
2018-12-17T22:04:58.497938854Z	78	PC: 17cd1 \| Find first file
2018-12-17T22:04:58.504235208Z	78	PC: 17cd1 \| Find first file
2018-12-17T22:04:58.510515233Z	78	PC: 17a5e \| Find first file
2018-12-17T22:04:58.517693953Z	67	PC: 17a8d \| Get or set file attributes
2018-12-17T22:04:58.523677274Z	67	PC: 17a9a \| Get or set file attributes
2018-12-17T22:04:58.533039134Z	61	PC: 17aa1 \| Open file (Filename = 'l8lt��.')
2018-12-17T22:04:58.540989771Z	87	PC: 17aaa \| Get or set file date and time
2018-12-17T22:04:58.542723861Z	63	PC: 17ac0 \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:04:58.548422534Z	63	PC: 17aca \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:04:58.552352892Z	66	PC: 17bf3 \| Move file pointer
2018-12-17T22:04:58.554195168Z	63	PC: 17aed \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:04:58.56150467Z	62	PC: 17b0d \| Close file
2018-12-17T22:04:58.564966535Z	67	PC: 17b19 \| Get or set file attributes
2018-12-17T22:04:58.581335907Z	79	PC: 17a6b \| Find next file
2018-12-17T22:04:58.584859082Z	59	PC: 17a20 \| Change current directory
2018-12-17T22:04:58.590090168Z	79	PC: 179ff \| Find next file
2018-12-17T22:04:58.593026825Z	79	PC: 179ff \| Find next file
2018-12-17T22:04:58.595814713Z	79	PC: 179ff \| Find next file
2018-12-17T22:04:58.599394884Z	59	PC: 17a20 \| Change current directory
2018-12-17T22:04:58.603340133Z	78	PC: 17cd1 \| Find first file
2018-12-17T22:04:58.608765431Z	78	PC: 17cd1 \| Find first file
2018-12-17T22:04:58.615296656Z	78	PC: 17a5e \| Find first file
2018-12-17T22:04:58.620858593Z	79	PC: 17a6b \| Find next file
2018-12-17T22:04:58.623617395Z	78	PC: 179f4 \| Find first file
2018-12-17T22:04:58.630905669Z	79	PC: 179ff \| Find next file
2018-12-17T22:04:58.633694717Z	79	PC: 179ff \| Find next file
2018-12-17T22:04:58.636511288Z	59	PC: 17a20 \| Change current directory
2018-12-17T22:04:58.643574001Z	78	PC: 17cd1 \| Find first file
2018-12-17T22:04:58.649721359Z	78	PC: 17cd1 \| Find first file
2018-12-17T22:04:58.655817009Z	78	PC: 17a5e \| Find first file
2018-12-17T22:04:58.662640002Z	67	PC: 17a8d \| Get or set file attributes
2018-12-17T22:04:58.668683984Z	67	PC: 17a9a \| Get or set file attributes
2018-12-17T22:04:58.67858577Z	61	PC: 17aa1 \| Open file (Filename = 'l8lt��.')
2018-12-17T22:04:58.700078442Z	87	PC: 17aaa \| Get or set file date and time
2018-12-17T22:04:58.702045246Z	63	PC: 17ac0 \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:04:58.705056214Z	63	PC: 17aca \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:04:58.70846629Z	66	PC: 17bf3 \| Move file pointer
2018-12-17T22:04:58.710404271Z	63	PC: 17aed \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:04:58.713603947Z	62	PC: 17b0d \| Close file
2018-12-17T22:04:58.716911627Z	67	PC: 17b19 \| Get or set file attributes
2018-12-17T22:04:58.726790011Z	79	PC: 17a6b \| Find next file
2018-12-17T22:04:58.730398836Z	67	PC: 17a8d \| Get or set file attributes
2018-12-17T22:04:58.742268736Z	67	PC: 17a9a \| Get or set file attributes
2018-12-17T22:04:58.752882221Z	61	PC: 17aa1 \| Open file (Filename = 'l8lt��.')
2018-12-17T22:04:58.759963233Z	87	PC: 17aaa \| Get or set file date and time
2018-12-17T22:04:58.763899378Z	63	PC: 17ac0 \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:04:58.766499016Z	63	PC: 17aca \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:04:58.769245464Z	66	PC: 17bf3 \| Move file pointer
2018-12-17T22:04:58.770999285Z	63	PC: 17aed \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:04:58.774293999Z	62	PC: 17b0d \| Close file
2018-12-17T22:04:58.776157927Z	67	PC: 17b19 \| Get or set file attributes
2018-12-17T22:04:58.786954651Z	79	PC: 17a6b \| Find next file
2018-12-17T22:04:58.789802709Z	67	PC: 17a8d \| Get or set file attributes
2018-12-17T22:04:58.796686841Z	67	PC: 17a9a \| Get or set file attributes
2018-12-17T22:04:58.807470067Z	61	PC: 17aa1 \| Open file (Filename = 'l8lt��.')
2018-12-17T22:04:58.816081283Z	87	PC: 17aaa \| Get or set file date and time
2018-12-17T22:04:58.818499444Z	63	PC: 17ac0 \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:04:58.822357863Z	63	PC: 17aca \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:04:58.8254665Z	66	PC: 17bf3 \| Move file pointer
2018-12-17T22:04:58.827404857Z	63	PC: 17aed \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:04:58.830803044Z	62	PC: 17b0d \| Close file
2018-12-17T22:04:58.833384911Z	67	PC: 17b19 \| Get or set file attributes
2018-12-17T22:04:58.842816962Z	79	PC: 17a6b \| Find next file
2018-12-17T22:04:58.846343074Z	67	PC: 17a8d \| Get or set file attributes
2018-12-17T22:04:58.852292636Z	67	PC: 17a9a \| Get or set file attributes
2018-12-17T22:04:58.862438111Z	61	PC: 17aa1 \| Open file (Filename = 'l8lt��.')
2018-12-17T22:04:58.8696259Z	87	PC: 17aaa \| Get or set file date and time
2018-12-17T22:04:58.871332546Z	63	PC: 17ac0 \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:04:58.874614797Z	63	PC: 17aca \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:04:58.87777733Z	66	PC: 17bf3 \| Move file pointer
2018-12-17T22:04:58.879458635Z	63	PC: 17aed \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:04:58.88342153Z	62	PC: 17b0d \| Close file
2018-12-17T22:04:58.886390854Z	67	PC: 17b19 \| Get or set file attributes
2018-12-17T22:04:58.89578727Z	79	PC: 17a6b \| Find next file
2018-12-17T22:04:58.900622453Z	59	PC: 17a20 \| Change current directory
2018-12-17T22:04:58.905181679Z	79	PC: 179ff \| Find next file
2018-12-17T22:04:58.908084275Z	79	PC: 179ff \| Find next file
2018-12-17T22:04:58.911639092Z	59	PC: 17a20 \| Change current directory
2018-12-17T22:04:58.917953171Z	78	PC: 17cd1 \| Find first file
2018-12-17T22:04:58.924152406Z	78	PC: 17cd1 \| Find first file
2018-12-17T22:04:58.931225083Z	78	PC: 17a5e \| Find first file
2018-12-17T22:04:58.937638762Z	67	PC: 17a8d \| Get or set file attributes
2018-12-17T22:04:58.943543421Z	67	PC: 17a9a \| Get or set file attributes
2018-12-17T22:04:58.957772778Z	61	PC: 17aa1 \| Open file (Filename = 'l8lt��.')
2018-12-17T22:04:58.966356338Z	87	PC: 17aaa \| Get or set file date and time
2018-12-17T22:04:58.96827793Z	63	PC: 17ac0 \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:04:58.971879151Z	63	PC: 17aca \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:04:58.975372749Z	66	PC: 17bf3 \| Move file pointer
2018-12-17T22:04:58.977070052Z	63	PC: 17aed \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:04:58.981051053Z	62	PC: 17b0d \| Close file
2018-12-17T22:04:58.983498657Z	67	PC: 17b19 \| Get or set file attributes
2018-12-17T22:04:58.993055152Z	79	PC: 17a6b \| Find next file
2018-12-17T22:04:58.997280527Z	59	PC: 17a20 \| Change current directory
2018-12-17T22:04:59.001822797Z	79	PC: 179ff \| Find next file
2018-12-17T22:04:59.004704263Z	79	PC: 179ff \| Find next file
2018-12-17T22:04:59.008268459Z	79	PC: 179ff \| Find next file
2018-12-17T22:04:59.011300924Z	59	PC: 17a20 \| Change current directory
2018-12-17T22:04:59.015197997Z	78	PC: 17cd1 \| Find first file
2018-12-17T22:04:59.021396569Z	78	PC: 17cd1 \| Find first file
2018-12-17T22:04:59.027160415Z	78	PC: 17a5e \| Find first file
2018-12-17T22:04:59.032646437Z	79	PC: 17a6b \| Find next file
2018-12-17T22:04:59.036946571Z	59	PC: 17a20 \| Change current directory
2018-12-17T22:04:59.041257756Z	14	PC: 17bc2 \| Set default drive (Drive = 'A')
2018-12-17T22:04:59.042914538Z	9	PC: 12a47 \| Display string (String= 'This GOAT file was generated by Andreas Marx. ROSEGOAT by RR! (27.08.1998) File: ROSE001.COM - 20.000 (4E20h) bytes length! ')

{"DateBased":true,"Day":22,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1673,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:44:02.931135106Z	25	PC: 178b2 \| Get default drive
2018-12-25T11:44:02.933574847Z	14	PC: 178c1 \| Set default drive (Drive = 'C')
2018-12-25T11:44:02.934977943Z	78	PC: 178cd \| Find first file
2018-12-25T11:44:02.941724446Z	67	PC: 17cdd \| Get or set file attributes
2018-12-25T11:44:02.952419593Z	65	PC: 17ce1 \| Delete file (Filename = 'C:\DOS\VSAFE.COM')
2018-12-25T11:44:02.959478907Z	67	PC: 17cdd \| Get or set file attributes (See above)
2018-12-25T11:44:02.963149443Z	65	PC: 17ce1 \| Delete file (See above)
2018-12-25T11:44:02.96884806Z	67	PC: 17cdd \| Get or set file attributes (See above)
2018-12-25T11:44:02.973567907Z	65	PC: 17ce1 \| Delete file (See above)
2018-12-25T11:44:02.979931111Z	42	PC: 17956 \| Get date 0x17956: and dh, 1 0x17959: nop 0x1795a: nop 0x1795b: cmp dl, 0x15 0x1795e: je 0x17965 0x17960: cmp dl, 0x16 0x17963: jne 0x179ad 0x17965: mov cx, 2 0x17968: mov dx, 0x80 0x1796b: call 0x17bf4 0x1796e: mov cx, 1 0x17971: mov dx, 0x100 0x17974: call 0x17bf4 0x17977: mov cx, 2 0x1797a: mov dx, 0x181 0x1797d: call 0x17bf4 0x17980: xor al, al 0x17982: out 0x70, al 0x17984: mov cx, 0x32 0x17987: loop 0x17987
2018-12-25T11:44:05.081373086Z	9	PC: 179a1 \| Display string (Could not find end pointer)
2018-12-25T11:44:05.249923153Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:05.366473189Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:05.490422184Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:05.633550443Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:05.765327901Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:05.958613014Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:06.144671297Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:06.302762822Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:06.463752551Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:06.653133956Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:06.816649294Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:06.953208713Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:07.101747036Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:07.245877628Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:07.349200273Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:07.484707404Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:07.611721099Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:07.764001744Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:07.914967096Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:08.036284973Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:08.147505788Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:08.259501523Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:08.391410426Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:08.49206067Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:08.633116231Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:08.803442023Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:08.962360325Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:09.16496326Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:09.332071063Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:09.44913563Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:09.554976089Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:09.661847746Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:09.79722533Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:09.944932645Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:10.079486809Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:10.233251333Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:10.379079442Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:10.499677573Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:10.729047066Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:10.875789639Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:11.121967571Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:11.42712582Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:11.593323201Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:11.693482188Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:11.842346251Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:12.118006182Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:12.553549731Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:12.688139758Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:12.827043499Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:12.968783271Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:13.159468188Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:13.311854906Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:13.461436571Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:13.847323204Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:14.032446289Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:14.153994866Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:14.271104067Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:14.428927846Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:14.539731418Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:14.648593621Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:14.82084523Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:14.956489581Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:15.071728577Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:15.21834533Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:15.34713419Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:15.482726796Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:15.621683503Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:15.742091428Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:15.884014069Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:16.026603053Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:16.111362242Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:16.201308426Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:16.326061516Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:16.427406058Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:16.578122969Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:16.664547038Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:16.84115949Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:16.95982023Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:17.118485665Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:17.267956178Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:17.376629195Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:17.488591754Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:17.61763213Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:17.744913719Z	9	PC: 179a1 \| Display string (See above)

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1673,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:44:03.066934659Z	25	PC: 178b2 \| Get default drive
2018-12-25T11:44:03.06906281Z	14	PC: 178c1 \| Set default drive (Drive = 'C')
2018-12-25T11:44:03.07034419Z	78	PC: 178cd \| Find first file
2018-12-25T11:44:03.076480471Z	67	PC: 17cdd \| Get or set file attributes
2018-12-25T11:44:03.087278707Z	65	PC: 17ce1 \| Delete file (Filename = 'C:\DOS\VSAFE.COM')
2018-12-25T11:44:03.102894058Z	67	PC: 17cdd \| Get or set file attributes (See above)
2018-12-25T11:44:03.109962682Z	65	PC: 17ce1 \| Delete file (See above)
2018-12-25T11:44:03.116945927Z	67	PC: 17cdd \| Get or set file attributes (See above)
2018-12-25T11:44:03.123763993Z	65	PC: 17ce1 \| Delete file (See above)
2018-12-25T11:44:03.130414335Z	42	PC: 17956 \| Get date 0x17956: and dh, 1 0x17959: nop 0x1795a: nop 0x1795b: cmp dl, 0x15 0x1795e: je 0x17965 0x17960: cmp dl, 0x16 0x17963: jne 0x179ad 0x17965: mov cx, 2 0x17968: mov dx, 0x80 0x1796b: call 0x17bf4 0x1796e: mov cx, 1 0x17971: mov dx, 0x100 0x17974: call 0x17bf4 0x17977: mov cx, 2 0x1797a: mov dx, 0x181 0x1797d: call 0x17bf4 0x17980: xor al, al 0x17982: out 0x70, al 0x17984: mov cx, 0x32 0x17987: loop 0x17987
2018-12-25T11:44:03.133482436Z	71	PC: 179be \| Get current directory
2018-12-25T11:44:03.13707232Z	78	PC: 179f4 \| Find first file
2018-12-25T11:44:03.142984145Z	79	PC: 179ff \| Find next file
2018-12-25T11:44:03.145894251Z	79	PC: 179ff \| Find next file (See above)
2018-12-25T11:44:03.150029049Z	59	PC: 17a20 \| Change current directory
2018-12-25T11:44:03.157154728Z	78	PC: 17cd1 \| Find first file
2018-12-25T11:44:03.164796465Z	78	PC: 17cd1 \| Find first file (See above)
2018-12-25T11:44:03.172703096Z	78	PC: 17a5e \| Find first file
2018-12-25T11:44:03.179317686Z	67	PC: 17a8d \| Get or set file attributes
2018-12-25T11:44:03.186075878Z	67	PC: 17a9a \| Get or set file attributes
2018-12-25T11:44:04.704809256Z	61	PC: 17aa1 \| Open file (Filename = 'l8lt��.')
2018-12-25T11:44:04.712302228Z	87	PC: 17aaa \| Get or set file date and time
2018-12-25T11:44:04.713898777Z	63	PC: 17ac0 \| Read file or device (Read 1 bytes on handle 5)
2018-12-25T11:44:04.721038316Z	63	PC: 17aca \| Read file or device (Read 2 bytes on handle 5)
2018-12-25T11:44:04.724056603Z	66	PC: 17bf3 \| Move file pointer
2018-12-25T11:44:04.725732674Z	66	PC: 17bf3 \| Move file pointer (See above)
2018-12-25T11:44:04.727567938Z	64	PC: 17b54 \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:44:04.732256303Z	66	PC: 17bf3 \| Move file pointer (See above)
2018-12-25T11:44:04.73419151Z	64	PC: 17ba1 \| Write file or device (Write 2049 bytes on handle 5)
2018-12-25T11:44:05.068053608Z	87	PC: 17b07 \| Get or set file date and time
2018-12-25T11:44:05.073242358Z	62	PC: 17b0d \| Close file
2018-12-25T11:44:05.081308998Z	67	PC: 17b19 \| Get or set file attributes
2018-12-25T11:44:05.093675427Z	79	PC: 17a6b \| Find next file
2018-12-25T11:44:05.09857675Z	67	PC: 17a8d \| Get or set file attributes (See above)
2018-12-25T11:44:05.106176186Z	67	PC: 17a9a \| Get or set file attributes (See above)
2018-12-25T11:44:05.11719111Z	61	PC: 17aa1 \| Open file (See above)
2018-12-25T11:44:05.126144831Z	87	PC: 17aaa \| Get or set file date and time (See above)
2018-12-25T11:44:05.128569305Z	63	PC: 17ac0 \| Read file or device (See above)
2018-12-25T11:44:05.136318273Z	63	PC: 17aca \| Read file or device (See above)
2018-12-25T11:44:05.139406926Z	66	PC: 17bf3 \| Move file pointer (See above)
2018-12-25T11:44:05.141724514Z	66	PC: 17bf3 \| Move file pointer (See above)
2018-12-25T11:44:05.143562185Z	64	PC: 17b54 \| Write file or device (See above)
2018-12-25T11:44:05.149131319Z	66	PC: 17bf3 \| Move file pointer (See above)
2018-12-25T11:44:05.151118758Z	64	PC: 17ba1 \| Write file or device (See above)
2018-12-25T11:44:05.169025044Z	87	PC: 17b07 \| Get or set file date and time (See above)
2018-12-25T11:44:05.171644218Z	62	PC: 17b0d \| Close file (See above)
2018-12-25T11:44:05.181767898Z	67	PC: 17b19 \| Get or set file attributes (See above)
2018-12-25T11:44:05.192241188Z	79	PC: 17a6b \| Find next file (See above)
2018-12-25T11:44:05.195659737Z	67	PC: 17a8d \| Get or set file attributes (See above)
2018-12-25T11:44:05.203043039Z	67	PC: 17a9a \| Get or set file attributes (See above)
2018-12-25T11:44:05.213808671Z	61	PC: 17aa1 \| Open file (See above)
2018-12-25T11:44:05.222376304Z	87	PC: 17aaa \| Get or set file date and time (See above)
2018-12-25T11:44:05.22491092Z	63	PC: 17ac0 \| Read file or device (See above)
2018-12-25T11:44:05.2318129Z	63	PC: 17aca \| Read file or device (See above)
2018-12-25T11:44:05.234993381Z	66	PC: 17bf3 \| Move file pointer (See above)
2018-12-25T11:44:05.237118846Z	63	PC: 17aed \| Read file or device (Read 1 bytes on handle 5)
2018-12-25T11:44:05.244153858Z	66	PC: 17bf3 \| Move file pointer (See above)
2018-12-25T11:44:05.24581956Z	66	PC: 17bf3 \| Move file pointer (See above)
2018-12-25T11:44:05.247871331Z	64	PC: 17b54 \| Write file or device (See above)
2018-12-25T11:44:05.252164604Z	66	PC: 17bf3 \| Move file pointer (See above)
2018-12-25T11:44:05.253656656Z	64	PC: 17ba1 \| Write file or device (See above)
2018-12-25T11:44:05.264534218Z	87	PC: 17b07 \| Get or set file date and time (See above)
2018-12-25T11:44:05.26641137Z	62	PC: 17b0d \| Close file (See above)
2018-12-25T11:44:05.274172026Z	67	PC: 17b19 \| Get or set file attributes (See above)
2018-12-25T11:44:05.284708402Z	79	PC: 17a6b \| Find next file (See above)
2018-12-25T11:44:05.290300937Z	67	PC: 17a8d \| Get or set file attributes (See above)
2018-12-25T11:44:05.297189866Z	67	PC: 17a9a \| Get or set file attributes (See above)
2018-12-25T11:44:05.307639493Z	61	PC: 17aa1 \| Open file (See above)
2018-12-25T11:44:05.315739983Z	87	PC: 17aaa \| Get or set file date and time (See above)
2018-12-25T11:44:05.317196304Z	63	PC: 17ac0 \| Read file or device (See above)
2018-12-25T11:44:05.324099385Z	63	PC: 17aca \| Read file or device (See above)
2018-12-25T11:44:05.327729025Z	66	PC: 17bf3 \| Move file pointer (See above)
2018-12-25T11:44:05.329207181Z	66	PC: 17bf3 \| Move file pointer (See above)
2018-12-25T11:44:05.33115753Z	64	PC: 17b54 \| Write file or device (See above)
2018-12-25T11:44:05.335077652Z	66	PC: 17bf3 \| Move file pointer (See above)
2018-12-25T11:44:05.337037732Z	64	PC: 17ba1 \| Write file or device (See above)
2018-12-25T11:44:05.346765823Z	87	PC: 17b07 \| Get or set file date and time (See above)
2018-12-25T11:44:05.348942927Z	62	PC: 17b0d \| Close file (See above)
2018-12-25T11:44:05.357580089Z	67	PC: 17b19 \| Get or set file attributes (See above)
2018-12-25T11:44:05.368259664Z	79	PC: 17a6b \| Find next file (See above)
2018-12-25T11:44:05.372427506Z	59	PC: 17a20 \| Change current directory (See above)
2018-12-25T11:44:05.377085789Z	79	PC: 179ff \| Find next file (See above)
2018-12-25T11:44:05.380261716Z	79	PC: 179ff \| Find next file (See above)
2018-12-25T11:44:05.383895983Z	59	PC: 17a20 \| Change current directory (See above)
2018-12-25T11:44:05.390863489Z	78	PC: 17cd1 \| Find first file (See above)
2018-12-25T11:44:05.402641619Z	78	PC: 17cd1 \| Find first file (See above)
2018-12-25T11:44:05.408388769Z	78	PC: 17a5e \| Find first file (See above)
2018-12-25T11:44:05.412958296Z	67	PC: 17a8d \| Get or set file attributes (See above)
2018-12-25T11:44:05.418230452Z	67	PC: 17a9a \| Get or set file attributes (See above)
2018-12-25T11:44:05.425271715Z	61	PC: 17aa1 \| Open file (See above)
2018-12-25T11:44:05.431321713Z	87	PC: 17aaa \| Get or set file date and time (See above)
2018-12-25T11:44:05.43324515Z	63	PC: 17ac0 \| Read file or device (See above)
2018-12-25T11:44:05.438334212Z	63	PC: 17aca \| Read file or device (See above)
2018-12-25T11:44:05.441000746Z	66	PC: 17bf3 \| Move file pointer (See above)
2018-12-25T11:44:05.442774069Z	66	PC: 17bf3 \| Move file pointer (See above)
2018-12-25T11:44:05.444177078Z	64	PC: 17b54 \| Write file or device (See above)
2018-12-25T11:44:05.447284069Z	66	PC: 17bf3 \| Move file pointer (See above)
2018-12-25T11:44:05.448663471Z	64	PC: 17ba1 \| Write file or device (See above)
2018-12-25T11:44:05.457555031Z	87	PC: 17b07 \| Get or set file date and time (See above)
2018-12-25T11:44:05.459934441Z	62	PC: 17b0d \| Close file (See above)
2018-12-25T11:44:05.466037362Z	67	PC: 17b19 \| Get or set file attributes (See above)
2018-12-25T11:44:05.473344533Z	79	PC: 17a6b \| Find next file (See above)
2018-12-25T11:44:05.476906718Z	59	PC: 17a20 \| Change current directory (See above)
2018-12-25T11:44:05.480192202Z	79	PC: 179ff \| Find next file (See above)
2018-12-25T11:44:05.483307749Z	79	PC: 179ff \| Find next file (See above)
2018-12-25T11:44:05.486753766Z	79	PC: 179ff \| Find next file (See above)
2018-12-25T11:44:05.491763747Z	59	PC: 17a20 \| Change current directory (See above)
2018-12-25T11:44:05.496175675Z	78	PC: 17cd1 \| Find first file (See above)
2018-12-25T11:44:05.503146237Z	78	PC: 17cd1 \| Find first file (See above)
2018-12-25T11:44:05.508989061Z	78	PC: 17a5e \| Find first file (See above)
2018-12-25T11:44:05.515264021Z	79	PC: 17a6b \| Find next file (See above)
2018-12-25T11:44:05.518892582Z	78	PC: 179f4 \| Find first file (See above)
2018-12-25T11:44:05.525208991Z	79	PC: 179ff \| Find next file (See above)
2018-12-25T11:44:05.528135436Z	79	PC: 179ff \| Find next file (See above)
2018-12-25T11:44:05.531308893Z	59	PC: 17a20 \| Change current directory (See above)
2018-12-25T11:44:05.538110376Z	78	PC: 17cd1 \| Find first file (See above)
2018-12-25T11:44:05.545016882Z	78	PC: 17cd1 \| Find first file (See above)
2018-12-25T11:44:05.553692459Z	78	PC: 17a5e \| Find first file (See above)
2018-12-25T11:44:05.560687686Z	67	PC: 17a8d \| Get or set file attributes (See above)
2018-12-25T11:44:05.567321162Z	67	PC: 17a9a \| Get or set file attributes (See above)
2018-12-25T11:44:05.577803061Z	61	PC: 17aa1 \| Open file (See above)
2018-12-25T11:44:05.586512992Z	87	PC: 17aaa \| Get or set file date and time (See above)
2018-12-25T11:44:05.588158279Z	63	PC: 17ac0 \| Read file or device (See above)
2018-12-25T11:44:05.594738142Z	63	PC: 17aca \| Read file or device (See above)
2018-12-25T11:44:05.598202967Z	66	PC: 17bf3 \| Move file pointer (See above)
2018-12-25T11:44:05.599798125Z	63	PC: 17aed \| Read file or device (See above)
2018-12-25T11:44:05.602689515Z	62	PC: 17b0d \| Close file (See above)
2018-12-25T11:44:05.605195693Z	67	PC: 17b19 \| Get or set file attributes (See above)
2018-12-25T11:44:05.616461996Z	79	PC: 17a6b \| Find next file (See above)
2018-12-25T11:44:05.620270062Z	67	PC: 17a8d \| Get or set file attributes (See above)
2018-12-25T11:44:05.62728799Z	67	PC: 17a9a \| Get or set file attributes (See above)
2018-12-25T11:44:05.63758765Z	61	PC: 17aa1 \| Open file (See above)
2018-12-25T11:44:05.645218142Z	87	PC: 17aaa \| Get or set file date and time (See above)
2018-12-25T11:44:05.647428623Z	63	PC: 17ac0 \| Read file or device (See above)
2018-12-25T11:44:05.653027397Z	63	PC: 17aca \| Read file or device (See above)
2018-12-25T11:44:05.655161125Z	66	PC: 17bf3 \| Move file pointer (See above)
2018-12-25T11:44:05.656923039Z	63	PC: 17aed \| Read file or device (See above)
2018-12-25T11:44:05.661051238Z	62	PC: 17b0d \| Close file (See above)
2018-12-25T11:44:05.662650402Z	67	PC: 17b19 \| Get or set file attributes (See above)
2018-12-25T11:44:05.669449211Z	79	PC: 17a6b \| Find next file (See above)
2018-12-25T11:44:05.67202779Z	67	PC: 17a8d \| Get or set file attributes (See above)
2018-12-25T11:44:05.676764789Z	67	PC: 17a9a \| Get or set file attributes (See above)
2018-12-25T11:44:05.683199169Z	61	PC: 17aa1 \| Open file (See above)
2018-12-25T11:44:05.687540026Z	87	PC: 17aaa \| Get or set file date and time (See above)
2018-12-25T11:44:05.689042443Z	63	PC: 17ac0 \| Read file or device (See above)
2018-12-25T11:44:05.693369445Z	63	PC: 17aca \| Read file or device (See above)
2018-12-25T11:44:05.695271295Z	66	PC: 17bf3 \| Move file pointer (See above)
2018-12-25T11:44:05.696697321Z	63	PC: 17aed \| Read file or device (See above)
2018-12-25T11:44:05.701114975Z	62	PC: 17b0d \| Close file (See above)
2018-12-25T11:44:05.702505043Z	67	PC: 17b19 \| Get or set file attributes (See above)
2018-12-25T11:44:05.708988264Z	79	PC: 17a6b \| Find next file (See above)
2018-12-25T11:44:05.711638118Z	67	PC: 17a8d \| Get or set file attributes (See above)
2018-12-25T11:44:05.715717315Z	67	PC: 17a9a \| Get or set file attributes (See above)
2018-12-25T11:44:05.722940339Z	61	PC: 17aa1 \| Open file (See above)
2018-12-25T11:44:05.730636338Z	87	PC: 17aaa \| Get or set file date and time (See above)
2018-12-25T11:44:05.73219668Z	63	PC: 17ac0 \| Read file or device (See above)
2018-12-25T11:44:05.738116223Z	63	PC: 17aca \| Read file or device (See above)
2018-12-25T11:44:05.741330233Z	66	PC: 17bf3 \| Move file pointer (See above)
2018-12-25T11:44:05.742744148Z	63	PC: 17aed \| Read file or device (See above)
2018-12-25T11:44:05.748407525Z	62	PC: 17b0d \| Close file (See above)
2018-12-25T11:44:05.750307634Z	67	PC: 17b19 \| Get or set file attributes (See above)
2018-12-25T11:44:05.758548016Z	79	PC: 17a6b \| Find next file (See above)
2018-12-25T11:44:05.761311587Z	59	PC: 17a20 \| Change current directory (See above)
2018-12-25T11:44:05.766048113Z	79	PC: 179ff \| Find next file (See above)
2018-12-25T11:44:05.768181333Z	79	PC: 179ff \| Find next file (See above)
2018-12-25T11:44:05.77026406Z	59	PC: 17a20 \| Change current directory (See above)
2018-12-25T11:44:05.775874991Z	78	PC: 17cd1 \| Find first file (See above)
2018-12-25T11:44:05.780503958Z	78	PC: 17cd1 \| Find first file (See above)
2018-12-25T11:44:05.785530091Z	78	PC: 17a5e \| Find first file (See above)
2018-12-25T11:44:05.790774359Z	67	PC: 17a8d \| Get or set file attributes (See above)
2018-12-25T11:44:05.795532742Z	67	PC: 17a9a \| Get or set file attributes (See above)
2018-12-25T11:44:05.803299073Z	61	PC: 17aa1 \| Open file (See above)
2018-12-25T11:44:05.809958819Z	87	PC: 17aaa \| Get or set file date and time (See above)
2018-12-25T11:44:05.812616088Z	63	PC: 17ac0 \| Read file or device (See above)
2018-12-25T11:44:05.816993129Z	63	PC: 17aca \| Read file or device (See above)
2018-12-25T11:44:05.820033485Z	66	PC: 17bf3 \| Move file pointer (See above)
2018-12-25T11:44:05.821415696Z	63	PC: 17aed \| Read file or device (See above)
2018-12-25T11:44:05.826388528Z	62	PC: 17b0d \| Close file (See above)
2018-12-25T11:44:05.828821927Z	67	PC: 17b19 \| Get or set file attributes (See above)
2018-12-25T11:44:05.915472167Z	79	PC: 17a6b \| Find next file (See above)
2018-12-25T11:44:05.919042725Z	59	PC: 17a20 \| Change current directory (See above)
2018-12-25T11:44:05.924735851Z	79	PC: 179ff \| Find next file (See above)
2018-12-25T11:44:05.928529336Z	79	PC: 179ff \| Find next file (See above)
2018-12-25T11:44:05.931237117Z	79	PC: 179ff \| Find next file (See above)
2018-12-25T11:44:05.934841024Z	59	PC: 17a20 \| Change current directory (See above)
2018-12-25T11:44:05.939024809Z	78	PC: 17cd1 \| Find first file (See above)
2018-12-25T11:44:05.944939806Z	78	PC: 17cd1 \| Find first file (See above)
2018-12-25T11:44:05.951501117Z	78	PC: 17a5e \| Find first file (See above)
2018-12-25T11:44:05.95726844Z	79	PC: 17a6b \| Find next file (See above)
2018-12-25T11:44:05.961151256Z	78	PC: 179f4 \| Find first file (See above)
2018-12-25T11:44:05.968174767Z	79	PC: 179ff \| Find next file (See above)
2018-12-25T11:44:05.971706307Z	79	PC: 179ff \| Find next file (See above)
2018-12-25T11:44:05.973741776Z	59	PC: 17a20 \| Change current directory (See above)
2018-12-25T11:44:05.97803077Z	78	PC: 17cd1 \| Find first file (See above)
2018-12-25T11:44:05.98194993Z	78	PC: 17cd1 \| Find first file (See above)
2018-12-25T11:44:05.986012716Z	78	PC: 17a5e \| Find first file (See above)
2018-12-25T11:44:05.991591517Z	67	PC: 17a8d \| Get or set file attributes (See above)
2018-12-25T11:44:05.99668871Z	67	PC: 17a9a \| Get or set file attributes (See above)
2018-12-25T11:44:06.071994771Z	61	PC: 17aa1 \| Open file (See above)
2018-12-25T11:44:06.081169154Z	87	PC: 17aaa \| Get or set file date and time (See above)
2018-12-25T11:44:06.08294252Z	63	PC: 17ac0 \| Read file or device (See above)
2018-12-25T11:44:06.085706023Z	63	PC: 17aca \| Read file or device (See above)
2018-12-25T11:44:06.089060767Z	66	PC: 17bf3 \| Move file pointer (See above)
2018-12-25T11:44:06.090842686Z	63	PC: 17aed \| Read file or device (See above)
2018-12-25T11:44:06.094403159Z	62	PC: 17b0d \| Close file (See above)
2018-12-25T11:44:06.096723947Z	67	PC: 17b19 \| Get or set file attributes (See above)
2018-12-25T11:44:06.143781109Z	79	PC: 17a6b \| Find next file (See above)
2018-12-25T11:44:06.147368445Z	67	PC: 17a8d \| Get or set file attributes (See above)
2018-12-25T11:44:06.155254238Z	67	PC: 17a9a \| Get or set file attributes (See above)
2018-12-25T11:44:06.165921692Z	61	PC: 17aa1 \| Open file (See above)
2018-12-25T11:44:06.173336716Z	87	PC: 17aaa \| Get or set file date and time (See above)
2018-12-25T11:44:06.175907757Z	63	PC: 17ac0 \| Read file or device (See above)
2018-12-25T11:44:06.17893462Z	63	PC: 17aca \| Read file or device (See above)
2018-12-25T11:44:06.181743672Z	66	PC: 17bf3 \| Move file pointer (See above)
2018-12-25T11:44:06.184198173Z	63	PC: 17aed \| Read file or device (See above)
2018-12-25T11:44:06.18782098Z	62	PC: 17b0d \| Close file (See above)
2018-12-25T11:44:06.190450825Z	67	PC: 17b19 \| Get or set file attributes (See above)
2018-12-25T11:44:06.204012709Z	79	PC: 17a6b \| Find next file (See above)
2018-12-25T11:44:06.208565431Z	67	PC: 17a8d \| Get or set file attributes (See above)
2018-12-25T11:44:06.21585126Z	67	PC: 17a9a \| Get or set file attributes (See above)
2018-12-25T11:44:06.227985859Z	61	PC: 17aa1 \| Open file (See above)
2018-12-25T11:44:06.23632876Z	87	PC: 17aaa \| Get or set file date and time (See above)
2018-12-25T11:44:06.237994505Z	63	PC: 17ac0 \| Read file or device (See above)
2018-12-25T11:44:06.242155004Z	63	PC: 17aca \| Read file or device (See above)
2018-12-25T11:44:06.245084168Z	66	PC: 17bf3 \| Move file pointer (See above)
2018-12-25T11:44:06.246779787Z	63	PC: 17aed \| Read file or device (See above)
2018-12-25T11:44:06.251235782Z	62	PC: 17b0d \| Close file (See above)
2018-12-25T11:44:06.254167254Z	67	PC: 17b19 \| Get or set file attributes (See above)
2018-12-25T11:44:06.265206247Z	79	PC: 17a6b \| Find next file (See above)
2018-12-25T11:44:06.270156157Z	67	PC: 17a8d \| Get or set file attributes (See above)
2018-12-25T11:44:06.278063422Z	67	PC: 17a9a \| Get or set file attributes (See above)
2018-12-25T11:44:06.289415393Z	61	PC: 17aa1 \| Open file (See above)
2018-12-25T11:44:06.297435063Z	87	PC: 17aaa \| Get or set file date and time (See above)
2018-12-25T11:44:06.300668303Z	63	PC: 17ac0 \| Read file or device (See above)
2018-12-25T11:44:06.303968579Z	63	PC: 17aca \| Read file or device (See above)
2018-12-25T11:44:06.30762598Z	66	PC: 17bf3 \| Move file pointer (See above)
2018-12-25T11:44:06.310338339Z	63	PC: 17aed \| Read file or device (See above)
2018-12-25T11:44:06.313564145Z	62	PC: 17b0d \| Close file (See above)
2018-12-25T11:44:06.315426512Z	67	PC: 17b19 \| Get or set file attributes (See above)
2018-12-25T11:44:06.326871004Z	79	PC: 17a6b \| Find next file (See above)
2018-12-25T11:44:06.330417056Z	59	PC: 17a20 \| Change current directory (See above)
2018-12-25T11:44:06.336107334Z	79	PC: 179ff \| Find next file (See above)
2018-12-25T11:44:06.340597909Z	79	PC: 179ff \| Find next file (See above)
2018-12-25T11:44:06.343792389Z	59	PC: 17a20 \| Change current directory (See above)
2018-12-25T11:44:06.350780901Z	78	PC: 17cd1 \| Find first file (See above)
2018-12-25T11:44:06.359133647Z	78	PC: 17cd1 \| Find first file (See above)
2018-12-25T11:44:06.366855862Z	78	PC: 17a5e \| Find first file (See above)
2018-12-25T11:44:06.373853898Z	67	PC: 17a8d \| Get or set file attributes (See above)
2018-12-25T11:44:06.382026298Z	67	PC: 17a9a \| Get or set file attributes (See above)
2018-12-25T11:44:06.393450377Z	61	PC: 17aa1 \| Open file (See above)
2018-12-25T11:44:06.402115438Z	87	PC: 17aaa \| Get or set file date and time (See above)
2018-12-25T11:44:06.405291282Z	63	PC: 17ac0 \| Read file or device (See above)
2018-12-25T11:44:06.408542851Z	63	PC: 17aca \| Read file or device (See above)
2018-12-25T11:44:06.412172972Z	66	PC: 17bf3 \| Move file pointer (See above)
2018-12-25T11:44:06.415294474Z	63	PC: 17aed \| Read file or device (See above)
2018-12-25T11:44:06.419070525Z	62	PC: 17b0d \| Close file (See above)
2018-12-25T11:44:06.421090981Z	67	PC: 17b19 \| Get or set file attributes (See above)
2018-12-25T11:44:06.432498329Z	79	PC: 17a6b \| Find next file (See above)
2018-12-25T11:44:06.436458105Z	59	PC: 17a20 \| Change current directory (See above)
2018-12-25T11:44:06.441131371Z	79	PC: 179ff \| Find next file (See above)
2018-12-25T11:44:06.445511664Z	79	PC: 179ff \| Find next file (See above)
2018-12-25T11:44:06.449488023Z	79	PC: 179ff \| Find next file (See above)
2018-12-25T11:44:06.452139548Z	59	PC: 17a20 \| Change current directory (See above)
2018-12-25T11:44:06.457922373Z	78	PC: 17cd1 \| Find first file (See above)
2018-12-25T11:44:06.463773366Z	78	PC: 17cd1 \| Find first file (See above)
2018-12-25T11:44:06.470476189Z	78	PC: 17a5e \| Find first file (See above)
2018-12-25T11:44:06.477126014Z	79	PC: 17a6b \| Find next file (See above)
2018-12-25T11:44:06.480257338Z	59	PC: 17a20 \| Change current directory (See above)
2018-12-25T11:44:06.484803967Z	14	PC: 17bc2 \| Set default drive (Drive = 'A')
2018-12-25T11:44:06.486982046Z	9	PC: 12a47 \| Display string (String= 'This GOAT file was generated by Andreas Marx. ROSEGOAT by RR! (27.08.1998) File: ROSE001.COM - 20.000 (4E20h) bytes length! ')

{"DateBased":true,"Day":21,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1673,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:44:03.175658188Z	25	PC: 178b2 \| Get default drive
2018-12-25T11:44:03.178288436Z	14	PC: 178c1 \| Set default drive (Drive = 'C')
2018-12-25T11:44:03.180162428Z	78	PC: 178cd \| Find first file
2018-12-25T11:44:03.18654259Z	67	PC: 17cdd \| Get or set file attributes
2018-12-25T11:44:03.198224446Z	65	PC: 17ce1 \| Delete file (Filename = 'C:\DOS\VSAFE.COM')
2018-12-25T11:44:03.20697928Z	67	PC: 17cdd \| Get or set file attributes (See above)
2018-12-25T11:44:03.213328407Z	65	PC: 17ce1 \| Delete file (See above)
2018-12-25T11:44:03.220197436Z	67	PC: 17cdd \| Get or set file attributes (See above)
2018-12-25T11:44:03.226193174Z	65	PC: 17ce1 \| Delete file (See above)
2018-12-25T11:44:03.232496308Z	42	PC: 17956 \| Get date 0x17956: and dh, 1 0x17959: nop 0x1795a: nop 0x1795b: cmp dl, 0x15 0x1795e: je 0x17965 0x17960: cmp dl, 0x16 0x17963: jne 0x179ad 0x17965: mov cx, 2 0x17968: mov dx, 0x80 0x1796b: call 0x17bf4 0x1796e: mov cx, 1 0x17971: mov dx, 0x100 0x17974: call 0x17bf4 0x17977: mov cx, 2 0x1797a: mov dx, 0x181 0x1797d: call 0x17bf4 0x17980: xor al, al 0x17982: out 0x70, al 0x17984: mov cx, 0x32 0x17987: loop 0x17987
2018-12-25T11:44:05.074847015Z	9	PC: 179a1 \| Display string (Could not find end pointer)
2018-12-25T11:44:05.188017649Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:05.297362653Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:05.401011037Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:05.484484764Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:05.624286943Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:05.740686864Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:05.916684164Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:06.143782096Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:06.282041574Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:06.413950297Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:06.563551345Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:06.758394785Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:06.927915827Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:07.034175369Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:07.166150103Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:07.292746637Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:07.39535345Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:07.540735379Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:07.675987528Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:07.855677725Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:07.985858138Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:08.110693704Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:08.223463474Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:08.347671404Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:08.476947133Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:08.682497178Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:08.852665121Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:08.972761741Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:09.058720365Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:09.191083804Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:09.272499395Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:09.376456294Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:09.544179135Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:09.668246036Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:09.784307781Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:09.903756766Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:10.037145679Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:10.164858785Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:10.379399627Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:10.503416774Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:10.662831437Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:10.811050829Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:11.102283282Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:11.413004015Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:11.539735157Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:11.694589223Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:11.841972074Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:12.003740334Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:12.561162654Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:12.813361184Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:12.957081904Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:13.159303936Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:13.461569796Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:13.84807084Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:14.03225217Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:14.151763685Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:14.299489694Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:14.444594977Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:14.563331421Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:14.694199711Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:14.797545581Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:14.8939917Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:15.020079315Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:15.202133654Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:15.337256415Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:15.456509505Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:15.570492977Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:15.684574237Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:15.797207631Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:15.927514672Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:16.046788528Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:16.192963695Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:16.33473302Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:16.429796345Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:16.551585573Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:16.697354307Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:16.820285304Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:16.941182291Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:17.067640715Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:17.198176658Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:17.348613671Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:17.45106262Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:17.552484614Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:17.666400742Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:17.779117581Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:17.867247218Z	9	PC: 179a1 \| Display string (See above)
2018-12-25T11:44:17.963034256Z	9	PC: 179a1 \| Display string (See above)