Sample viewer

vx.netlux.org/Virus.DOS.Tanya.2000.e

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:05:09.830439257Z 42 PC: 131c2 | Get date 0x131c2: cmp dx, 0xc01
0x131c6: je 0x131ca
0x131c8: jmp 0x131d7
0x131ca: mov ah, 9
0x131cc: lea dx, word ptr [bx + 0x5b7]
0x131d0: int 0x21
0x131d2: mov ax, 0x4c00
0x131d5: int 0x21
0x131d7: cmp dx, 0x914
0x131db: jb 0x131e9
0x131dd: cmp al, 1
0x131df: jne 0x131e9
0x131e1: mov ah, 9
0x131e3: lea dx, word ptr [bx + 0x5e9]
0x131e7: int 0x21
0x131e9: popaw
0x131ea: ret
0x131eb: lahf
0x131ec: and byte ptr [bp + di - 0x5e12], ch
0x131f0: stosw word ptr es:[di], ax
2018-12-17T22:05:09.832908132Z 9 PC: 131e9 | Display string (Could not find end pointer)
2018-12-17T22:05:09.849240509Z 53 PC: 12cc0 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:05:09.850633831Z 37 PC: 12cd6 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:05:09.852585506Z 26 PC: 12ce0 | Set disk transfer address
2018-12-17T22:05:09.853820677Z 78 PC: 1316b | Find first file
2018-12-17T22:05:09.859635589Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:09.864591948Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:10.209946057Z 61 PC: 12dfe | Open file (Filename = 'C:\DOS\EDIT.COM')
2018-12-17T22:05:10.217218723Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:10.219166537Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:10.221075866Z 63 PC: 13055 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:05:10.226477814Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:10.229451844Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:10.231306278Z 64 PC: 13055 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:05:10.240737757Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:10.242359371Z 64 PC: 13055 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:05:10.249424849Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:10.250835098Z 62 PC: 13055 | Close file
2018-12-17T22:05:10.258003561Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:10.269467857Z 79 PC: 1317a | Find next file
2018-12-17T22:05:10.272496472Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:10.278817078Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:10.296669187Z 61 PC: 12dfe | Open file (Filename = 'C:\DOS\FORMAT.COM')
2018-12-17T22:05:10.304095027Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:10.306390391Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:10.31167404Z 63 PC: 13055 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:05:10.319762719Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:10.322713407Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:10.325662679Z 64 PC: 13055 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:05:10.334138075Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:10.335876034Z 64 PC: 13055 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:05:10.339588909Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:10.341335559Z 62 PC: 13055 | Close file
2018-12-17T22:05:10.349255632Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:10.360466726Z 79 PC: 1317a | Find next file
2018-12-17T22:05:10.363495991Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:10.37015734Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:10.38192288Z 61 PC: 12dfe | Open file (Filename = 'C:\DOS\KEYB.COM')
2018-12-17T22:05:10.38902199Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:10.391768658Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:10.393476505Z 63 PC: 13055 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:05:10.398993534Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:10.402017605Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:10.403880645Z 64 PC: 13055 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:05:10.41365646Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:10.414907321Z 64 PC: 13055 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:05:10.417211283Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:10.419875145Z 62 PC: 13055 | Close file
2018-12-17T22:05:10.435840316Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:10.442696664Z 79 PC: 1317a | Find next file
2018-12-17T22:05:10.446751372Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:10.453513088Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:10.463939306Z 61 PC: 12dfe | Open file (Filename = 'C:\DOS\SYS.COM')
2018-12-17T22:05:10.472722407Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:10.474562566Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:10.477156585Z 63 PC: 13055 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:05:10.483441492Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:10.486679478Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:10.488396217Z 64 PC: 13055 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:05:10.501367012Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:10.503031746Z 64 PC: 13055 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:05:10.506254513Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:10.509040224Z 62 PC: 13055 | Close file
2018-12-17T22:05:10.516833492Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:10.527213355Z 79 PC: 1317a | Find next file
2018-12-17T22:05:10.534350276Z 78 PC: 13194 | Find first file
2018-12-17T22:05:10.541580101Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:10.549163404Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:10.556869627Z 61 PC: 12dfe | Open file (Filename = 'C:\DOS\ATTRIB.EXE')
2018-12-17T22:05:10.575709989Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:10.577365108Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:10.57993063Z 63 PC: 13055 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:05:10.5873625Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:10.588926555Z 64 PC: 13055 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:05:10.601413493Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:10.602971523Z 64 PC: 13055 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:05:10.606335218Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:10.608351199Z 62 PC: 13055 | Close file
2018-12-17T22:05:10.617174004Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:10.627175201Z 79 PC: 131a3 | Find next file
2018-12-17T22:05:10.63051791Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:10.637877167Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:10.977236673Z 61 PC: 12dfe | Open file (Filename = 'C:\DOS\CHKDSK.EXE')
2018-12-17T22:05:10.98466245Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:10.987151901Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:10.988877232Z 63 PC: 13055 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:05:10.996634735Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:10.998657991Z 64 PC: 13055 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:05:11.00740828Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.008816875Z 64 PC: 13055 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:05:11.012083002Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:11.013542573Z 62 PC: 13055 | Close file
2018-12-17T22:05:11.020598078Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.030671583Z 79 PC: 131a3 | Find next file
2018-12-17T22:05:11.033937911Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.040058429Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.049942972Z 61 PC: 12dfe | Open file (Filename = 'C:\DOS\DEBUG.EXE')
2018-12-17T22:05:11.056629129Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:11.057971648Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.060794618Z 63 PC: 13055 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:05:11.067739926Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.069072383Z 64 PC: 13055 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:05:11.0793642Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.080801Z 64 PC: 13055 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:05:11.083633523Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:11.085936509Z 62 PC: 13055 | Close file
2018-12-17T22:05:11.093152121Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.102414086Z 79 PC: 131a3 | Find next file
2018-12-17T22:05:11.105930149Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.124818116Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.134181158Z 61 PC: 12dfe | Open file (Filename = 'C:\DOS\EXPAND.EXE')
2018-12-17T22:05:11.141366704Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:11.142797345Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.144316444Z 63 PC: 13055 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:05:11.153454334Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.155182375Z 64 PC: 13055 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:05:11.16356072Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.165952082Z 64 PC: 13055 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:05:11.169004132Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:11.170442415Z 62 PC: 13055 | Close file
2018-12-17T22:05:11.178151379Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.187778002Z 79 PC: 131a3 | Find next file
2018-12-17T22:05:11.191069832Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.197818512Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.207590476Z 61 PC: 12dfe | Open file (Filename = 'C:\DOS\FDISK.EXE')
2018-12-17T22:05:11.215059567Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:11.216585881Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.21818053Z 63 PC: 13055 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:05:11.225111695Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.226682884Z 64 PC: 13055 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:05:11.23486615Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.236089558Z 64 PC: 13055 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:05:11.239037836Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:11.241165958Z 62 PC: 13055 | Close file
2018-12-17T22:05:11.24821772Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.257619247Z 79 PC: 131a3 | Find next file
2018-12-17T22:05:11.260815616Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.266597198Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.275955997Z 61 PC: 12dfe | Open file (Filename = 'C:\DOS\MEM.EXE')
2018-12-17T22:05:11.28380053Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:11.285183076Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.286455903Z 63 PC: 13055 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:05:11.29442714Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.29600517Z 64 PC: 13055 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:05:11.304294759Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.306679985Z 64 PC: 13055 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:05:11.309397011Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:11.310796701Z 62 PC: 13055 | Close file
2018-12-17T22:05:11.31870347Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.328193971Z 79 PC: 131a3 | Find next file
2018-12-17T22:05:11.334065295Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.340501635Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.350494657Z 61 PC: 12dfe | Open file (Filename = 'C:\DOS\NLSFUNC.EXE')
2018-12-17T22:05:11.357172835Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:11.358911302Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.360156004Z 63 PC: 13055 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:05:11.367082116Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.369079747Z 64 PC: 13055 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:05:11.377029166Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.378313027Z 64 PC: 13055 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:05:11.381886016Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:11.38322338Z 62 PC: 13055 | Close file
2018-12-17T22:05:11.389999377Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.400526989Z 79 PC: 131a3 | Find next file
2018-12-17T22:05:11.403575096Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.410182758Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.420305316Z 61 PC: 12dfe | Open file (Filename = 'C:\DOS\QBASIC.EXE')
2018-12-17T22:05:11.427087641Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:11.42832406Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.430306991Z 63 PC: 13055 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:05:11.437042112Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.438275123Z 64 PC: 13055 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:05:11.447662085Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.449204942Z 64 PC: 13055 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:05:11.452014943Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:11.454266586Z 62 PC: 13055 | Close file
2018-12-17T22:05:11.460984443Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.470139464Z 79 PC: 131a3 | Find next file
2018-12-17T22:05:11.476062994Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.482123342Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.491528255Z 61 PC: 12dfe | Open file (Filename = 'C:\DOS\REPLACE.EXE')
2018-12-17T22:05:11.499694267Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:11.501266475Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.502807836Z 63 PC: 13055 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:05:11.510767398Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.512069982Z 64 PC: 13055 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:05:11.521324436Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.523223051Z 64 PC: 13055 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:05:11.526464822Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:11.528103878Z 62 PC: 13055 | Close file
2018-12-17T22:05:11.53603779Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.546011195Z 79 PC: 131a3 | Find next file
2018-12-17T22:05:11.548858284Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.554998223Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.564423478Z 61 PC: 12dfe | Open file (Filename = 'C:\DOS\RESTORE.EXE')
2018-12-17T22:05:11.571241636Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:11.573444293Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.574603051Z 63 PC: 13055 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:05:11.582072756Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.584083547Z 64 PC: 13055 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:05:11.592738362Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.594371417Z 64 PC: 13055 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:05:11.608655854Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:11.611122664Z 62 PC: 13055 | Close file
2018-12-17T22:05:11.618407579Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.628479296Z 79 PC: 131a3 | Find next file
2018-12-17T22:05:11.631705195Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.638229744Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.655024159Z 61 PC: 12dfe | Open file (Filename = 'C:\DOS\SCANDISK.EXE')
2018-12-17T22:05:11.662054111Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:11.664025961Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.666729119Z 63 PC: 13055 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:05:11.673068505Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:11.674760688Z 62 PC: 13055 | Close file
2018-12-17T22:05:11.681221797Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.690864877Z 79 PC: 131a3 | Find next file
2018-12-17T22:05:11.69464893Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.70061311Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.710080072Z 61 PC: 12dfe | Open file (Filename = 'C:\DOS\SETUP.EXE')
2018-12-17T22:05:11.71787898Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:11.719324881Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.720981451Z 63 PC: 13055 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:05:11.729334436Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.730733525Z 64 PC: 13055 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:05:11.739744197Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.74145505Z 64 PC: 13055 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:05:11.744633132Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:11.746104067Z 62 PC: 13055 | Close file
2018-12-17T22:05:11.753610352Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.763205332Z 79 PC: 131a3 | Find next file
2018-12-17T22:05:11.766219239Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.772908726Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.783209977Z 61 PC: 12dfe | Open file (Filename = 'C:\DOS\XCOPY.EXE')
2018-12-17T22:05:11.789925717Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:11.791909452Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.806987571Z 63 PC: 13055 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:05:11.814078352Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.816060197Z 64 PC: 13055 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:05:11.824425959Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.82609983Z 64 PC: 13055 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:05:11.830789236Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:11.832336728Z 62 PC: 13055 | Close file
2018-12-17T22:05:11.839759443Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.850716523Z 79 PC: 131a3 | Find next file
2018-12-17T22:05:11.854189748Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.860414664Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.871060414Z 61 PC: 12dfe | Open file (Filename = 'C:\DOS\DEFRAG.EXE')
2018-12-17T22:05:11.877770001Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:11.879025987Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.881068254Z 63 PC: 13055 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:05:11.888176623Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:11.890060059Z 62 PC: 13055 | Close file
2018-12-17T22:05:11.897477979Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.907283981Z 79 PC: 131a3 | Find next file
2018-12-17T22:05:11.913539984Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.920309957Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.930529675Z 61 PC: 12dfe | Open file (Filename = 'C:\DOS\EMM386.EXE')
2018-12-17T22:05:11.937657429Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:11.939613733Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.94102357Z 63 PC: 13055 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:05:11.948326992Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.950254298Z 64 PC: 13055 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:05:11.958721521Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:11.960781474Z 64 PC: 13055 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:05:11.963927251Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:11.96566488Z 62 PC: 13055 | Close file
2018-12-17T22:05:11.973395832Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.983609261Z 79 PC: 131a3 | Find next file
2018-12-17T22:05:11.98695905Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:11.993870577Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:12.005069701Z 61 PC: 12dfe | Open file (Filename = 'C:\DOS\MSCDEX.EXE')
2018-12-17T22:05:12.012242715Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:12.014690996Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:12.016408138Z 63 PC: 13055 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:05:12.023791934Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:12.025778341Z 64 PC: 13055 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:05:12.257906538Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:12.260019813Z 64 PC: 13055 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:05:12.264329447Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:12.266259236Z 62 PC: 13055 | Close file
2018-12-17T22:05:12.33792675Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:12.34705866Z 79 PC: 131a3 | Find next file
2018-12-17T22:05:12.350368449Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:12.354678477Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:12.360768643Z 61 PC: 12dfe | Open file (Filename = 'C:\COMMAND.COM')
2018-12-17T22:05:12.365423144Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:12.367257601Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:12.368471359Z 63 PC: 13055 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:05:12.37217293Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:12.374818278Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:12.37624347Z 64 PC: 13055 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:05:12.381971496Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:12.383930936Z 64 PC: 13055 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:05:12.386723449Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:12.388649324Z 62 PC: 13055 | Close file
2018-12-17T22:05:12.396485109Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:12.405247667Z 78 PC: 1316b | Find first file
2018-12-17T22:05:12.414664232Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:12.421460321Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:12.437923457Z 61 PC: 12dfe | Open file (Filename = '.\SLEEP.COM')
2018-12-17T22:05:12.444726449Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:12.447154174Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:12.448598505Z 63 PC: 13055 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:05:12.45632775Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:12.459439826Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:12.460937354Z 64 PC: 13055 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:05:12.470202574Z 66 PC: 13055 | Move file pointer
2018-12-17T22:05:12.47259773Z 64 PC: 13055 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:05:12.478954492Z 87 PC: 13055 | Get or set file date and time
2018-12-17T22:05:12.481868145Z 62 PC: 13055 | Close file
2018-12-17T22:05:12.490065483Z 67 PC: 1306b | Get or set file attributes
2018-12-17T22:05:12.500469798Z 79 PC: 1317a | Find next file
2018-12-17T22:05:12.504083402Z 79 PC: 1317a | Find next file
2018-12-17T22:05:12.506922729Z 79 PC: 1317a | Find next file
2018-12-17T22:05:12.509825683Z 79 PC: 1317a | Find next file
2018-12-17T22:05:12.513566876Z 79 PC: 1317a | Find next file
2018-12-17T22:05:12.517516381Z 79 PC: 1317a | Find next file
2018-12-17T22:05:12.520526673Z 79 PC: 1317a | Find next file
2018-12-17T22:05:12.524232691Z 79 PC: 1317a | Find next file
2018-12-17T22:05:12.527067082Z 78 PC: 13194 | Find first file
2018-12-17T22:05:12.53314796Z 26 PC: 12d71 | Set disk transfer address
2018-12-17T22:05:12.535386113Z 37 PC: 12d82 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:05:12.536638299Z 9 PC: 12a86 | Display string (String= 'Goat file (COM/i...). Size=000001F4h/0000000500d bytes. ')
2018-12-17T22:05:12.543350599Z 48 PC: 12a8f | Get DOS version
2018-12-17T22:05:12.545280443Z 61 PC: 12b5c | Open file (Filename = '')
2018-12-17T22:05:12.551927747Z 93 PC: 12afe | File sharing functions
2018-12-17T22:05:12.553760198Z 9 PC: 12a86 | Display string (String= 'Size change=07D0h/02000d. ')
2018-12-17T22:05:12.558679858Z 76 PC: 12ae3 | Terminate with return code (Return code = '1')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1694,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:44:03.336728768Z 42 PC: 131c2 | Get date 0x131c2: cmp dx, 0xc01
0x131c6: je 0x131ca
0x131c8: jmp 0x131d7
0x131ca: mov ah, 9
0x131cc: lea dx, word ptr [bx + 0x5b7]
0x131d0: int 0x21
0x131d2: mov ax, 0x4c00
0x131d5: int 0x21
0x131d7: cmp dx, 0x914
0x131db: jb 0x131e9
0x131dd: cmp al, 1
0x131df: jne 0x131e9
0x131e1: mov ah, 9
0x131e3: lea dx, word ptr [bx + 0x5e9]
0x131e7: int 0x21
0x131e9: popaw
0x131ea: ret
0x131eb: lahf
0x131ec: and byte ptr [bp + di - 0x5e12], ch
0x131f0: stosw word ptr es:[di], ax
2018-12-25T11:44:03.339931887Z 53 PC: 12cc0 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:03.341096443Z 37 PC: 12cd6 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:03.34208451Z 26 PC: 12ce0 | Set disk transfer address
2018-12-25T11:44:03.344423842Z 78 PC: 1316b | Find first file
2018-12-25T11:44:03.353263424Z 67 PC: 1306b | Get or set file attributes
2018-12-25T11:44:03.359247711Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:03.690167507Z 61 PC: 12dfe | Open file (Filename = 'C:\DOS\EDIT.COM')
2018-12-25T11:44:03.696969519Z 87 PC: 13055 | Get or set file date and time
2018-12-25T11:44:03.698339493Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:03.700742384Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:03.706956136Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:03.709782923Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:03.711101133Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:03.720938616Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:03.722163781Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:03.727693744Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:03.729405104Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:03.736323698Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:03.7456595Z 79 PC: 1317a | Find next file
2018-12-25T11:44:03.748931169Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:03.754688405Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:03.764815239Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:03.771755987Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:03.773030353Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:03.77426967Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:03.780039532Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:03.782959292Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:03.784542361Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:03.79424416Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:03.79565821Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:03.798369859Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:03.800319242Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:03.807115745Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:03.816473599Z 79 PC: 1317a | Find next file (See above)
2018-12-25T11:44:03.819870519Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:03.825580466Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:03.835500958Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:03.842512276Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:03.844028153Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:03.845300599Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:03.850960049Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:03.853804797Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:03.855032002Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:03.863890568Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:03.865149981Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:03.868257527Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:03.869918008Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:03.876702784Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:03.885794251Z 79 PC: 1317a | Find next file (See above)
2018-12-25T11:44:03.893282091Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:03.899053997Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:03.908770528Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:03.915705546Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:03.917442506Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:03.918710828Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:03.924075511Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:03.926931882Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:03.928207241Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:03.936454432Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:03.938198787Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:03.941118697Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:03.942854526Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:03.950119922Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:03.962348862Z 79 PC: 1317a | Find next file (See above)
2018-12-25T11:44:03.968809995Z 78 PC: 13194 | Find first file
2018-12-25T11:44:03.975972352Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:03.982075209Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:03.991722568Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:04.00002772Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:04.00169842Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:04.003345609Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:04.014252577Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:04.015936956Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:04.02861398Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:04.030898179Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:04.034476821Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:04.036295656Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:04.04379208Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:04.238934935Z 79 PC: 131a3 | Find next file
2018-12-25T11:44:04.241931486Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:04.248304024Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:04.856147714Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:04.862789438Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:04.865093296Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:04.866465533Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:04.874222616Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:04.876126751Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.537434976Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.538752169Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.541903711Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:05.543259834Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:05.714470902Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.816296994Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:05.820133259Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.826036579Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.88992702Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:05.895855004Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:05.897182296Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.898920409Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:05.906601679Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.908019325Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.738705221Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.740321748Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.743385484Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.745443163Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:06.776910792Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.828134393Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:06.831942203Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.838213428Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.853435187Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:06.862408521Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.863809234Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.865458129Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:06.873058976Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.874461523Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.921784128Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.924113462Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.9269286Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.928400751Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:06.973734208Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.98493928Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:06.98833321Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.995404328Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.006115541Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:07.01353777Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.016015897Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.017739648Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:07.025138332Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.027747806Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:07.034739323Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.035906994Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:07.03918144Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.040919761Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:07.046121461Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.056480658Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:07.078868361Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.085464898Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.095189355Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:07.102683729Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.10396336Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.105364884Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:07.115138486Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.116607017Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:07.129094051Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.130934005Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:07.133983599Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.136912259Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:07.14432246Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.154175458Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:07.161194189Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.167858788Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.177665926Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:07.185050164Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.187059979Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.188694549Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:07.197364909Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.199130759Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:07.207786825Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.210080778Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:07.213194438Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.214994107Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:07.223134394Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.233199343Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:07.236542803Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.243841983Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.254198876Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:07.262101245Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.264649238Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.266729814Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:07.274056193Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.276029225Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:07.28590311Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.287208702Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:07.289983345Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.292272195Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:07.299297864Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.309039905Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:07.312543429Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.318607406Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.329297584Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:07.337518697Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.339254564Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.341127442Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:07.349420665Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.351153411Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:07.35977021Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.361974203Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:07.365005255Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.367519402Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:07.374709957Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.384678971Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:07.388730446Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.395209826Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.405692995Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:07.413257447Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.414789858Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.415883443Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:07.42190469Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.423483348Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:07.430258825Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.432359634Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:07.435212724Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.43656426Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:07.442818488Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.450376492Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:07.453184156Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.458914906Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.467780519Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:07.473088056Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.475073654Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.476432279Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:07.480410632Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.482279374Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:07.486795969Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.494939693Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:07.498648928Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.50362357Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.51191841Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:07.527963782Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.530190706Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.53172547Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:07.54287756Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.544333851Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:07.552647937Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.555034036Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:07.557985733Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.559651733Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:07.567942352Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.577638398Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:07.581068836Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.588426928Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.59881343Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:07.605849308Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.608721412Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.61041405Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:07.617652628Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.620497371Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:07.628737913Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.630491107Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:07.63472252Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.636498477Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:07.643544504Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.654170269Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:07.657138032Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.664169471Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.675011891Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:07.68204254Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.683786134Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.686629557Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:07.692868258Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.694392088Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:07.701100244Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.710589958Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:07.717009507Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.724179762Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.734532401Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:07.741929048Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.744595571Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.746273914Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:07.753707054Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.755934206Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:07.764217282Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.766040439Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:07.769938491Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.771669424Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:07.778754294Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.7892824Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:07.792617878Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.799723487Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.810071897Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:07.816916133Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.819135296Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.820551712Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:07.827883419Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.830581461Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:07.839374383Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.8410929Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:07.84489372Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.846362154Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:07.853304258Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.867437541Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:07.87128299Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.877028134Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.886943714Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:07.892989593Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.894637043Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.897461196Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:07.903574298Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.907202367Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.910098207Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:07.919251182Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.921419064Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:07.924890034Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.926842708Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:07.936723698Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.947058706Z 78 PC: 1316b | Find first file (See above)
2018-12-25T11:44:07.956541369Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.96338231Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.979174155Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:07.986202118Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.989327363Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.991096359Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:07.997840958Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:08.00141323Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:08.00382787Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:08.013411434Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:08.015335112Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:08.021999735Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:08.024691942Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:08.032943833Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:08.042910296Z 79 PC: 1317a | Find next file (See above)
2018-12-25T11:44:08.046833029Z 79 PC: 1317a | Find next file (See above)
2018-12-25T11:44:08.050091444Z 79 PC: 1317a | Find next file (See above)
2018-12-25T11:44:08.053073991Z 79 PC: 1317a | Find next file (See above)
2018-12-25T11:44:08.056839307Z 79 PC: 1317a | Find next file (See above)
2018-12-25T11:44:08.060081351Z 79 PC: 1317a | Find next file (See above)
2018-12-25T11:44:08.062834685Z 79 PC: 1317a | Find next file (See above)
2018-12-25T11:44:08.066901813Z 79 PC: 1317a | Find next file (See above)
2018-12-25T11:44:08.069384144Z 78 PC: 13194 | Find first file (See above)
2018-12-25T11:44:08.076637635Z 26 PC: 12d71 | Set disk transfer address
2018-12-25T11:44:08.0792843Z 37 PC: 12d82 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:08.080835115Z 9 PC: 12a86 | Display string (String= 'Goat file (COM/i...). Size=000001F4h/0000000500d bytes. ')
2018-12-25T11:44:08.086467383Z 48 PC: 12a8f | Get DOS version
2018-12-25T11:44:08.089118455Z 61 PC: 12b5c | Open file (Filename = '')
2018-12-25T11:44:08.095897315Z 93 PC: 12afe | File sharing functions
2018-12-25T11:44:08.098286957Z 9 PC: 12a86 | Display string (See above)
2018-12-25T11:44:08.103389971Z 76 PC: 12ae3 | Terminate with return code (Return code = '1')

{"DateBased":true,"Day":20,"Month":9,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1694,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:44:03.584674995Z 42 PC: 131c2 | Get date 0x131c2: cmp dx, 0xc01
0x131c6: je 0x131ca
0x131c8: jmp 0x131d7
0x131ca: mov ah, 9
0x131cc: lea dx, word ptr [bx + 0x5b7]
0x131d0: int 0x21
0x131d2: mov ax, 0x4c00
0x131d5: int 0x21
0x131d7: cmp dx, 0x914
0x131db: jb 0x131e9
0x131dd: cmp al, 1
0x131df: jne 0x131e9
0x131e1: mov ah, 9
0x131e3: lea dx, word ptr [bx + 0x5e9]
0x131e7: int 0x21
0x131e9: popaw
0x131ea: ret
0x131eb: lahf
0x131ec: and byte ptr [bp + di - 0x5e12], ch
0x131f0: stosw word ptr es:[di], ax
2018-12-25T11:44:03.586427147Z 53 PC: 12cc0 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:03.587735951Z 37 PC: 12cd6 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:03.588884409Z 26 PC: 12ce0 | Set disk transfer address
2018-12-25T11:44:03.590444096Z 78 PC: 1316b | Find first file
2018-12-25T11:44:03.60112696Z 67 PC: 1306b | Get or set file attributes
2018-12-25T11:44:03.607371971Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.068202868Z 61 PC: 12dfe | Open file (Filename = 'C:\DOS\EDIT.COM')
2018-12-25T11:44:05.077452983Z 87 PC: 13055 | Get or set file date and time
2018-12-25T11:44:05.079453685Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.081422824Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:05.088565364Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.092263467Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.094213982Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.10580061Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.107480535Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.113847201Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:05.118432279Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:05.133313199Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.148436792Z 79 PC: 1317a | Find next file
2018-12-25T11:44:05.156990913Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.165372078Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.177257451Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:05.186687896Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:05.190185171Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.192567109Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:05.200799403Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.205340643Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.208142139Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.219949726Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.223286277Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.227123583Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:05.229401643Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:05.238599131Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.250980255Z 79 PC: 1317a | Find next file (See above)
2018-12-25T11:44:05.265572556Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.274321133Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.285959219Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:05.294253439Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:05.297201283Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.299364189Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:05.306469978Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.311530508Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.313978462Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.324618739Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.327014147Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.330969217Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:05.333091325Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:05.341920491Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.353376519Z 79 PC: 1317a | Find next file (See above)
2018-12-25T11:44:05.360515152Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.36767003Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.37925446Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:05.387203523Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:05.389173521Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.391771051Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:05.398781593Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.402459752Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.40504004Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.415311339Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.41726753Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.421676777Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:05.423903297Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:05.431747131Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.443416154Z 79 PC: 1317a | Find next file (See above)
2018-12-25T11:44:05.450396045Z 78 PC: 13194 | Find first file
2018-12-25T11:44:05.457549506Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.464602798Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.476747935Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:05.484530133Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:05.486442743Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.488836434Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:05.497229561Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.499195299Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.516425782Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.518405118Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.5218822Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:05.5244523Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:05.534595698Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.546282066Z 79 PC: 131a3 | Find next file
2018-12-25T11:44:05.551092831Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.558294702Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.569621703Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:05.579126694Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:05.582636121Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.584496366Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:05.59378066Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.595835507Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.606350867Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.608815137Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.612199292Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:05.614028429Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:05.622227673Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.633098197Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:05.637179925Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.644714438Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.655834459Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:05.664844698Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:05.667745794Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.669776356Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:05.677978887Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.679460568Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.689453771Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.691466383Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.695070438Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:05.697766087Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:05.705875794Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.716983071Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:05.721821909Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.728673421Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.74065589Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:05.749559587Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:05.751808214Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.753766659Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:05.762993847Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.765071603Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.774670932Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.777491381Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.780817665Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:05.782494601Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:05.790870653Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.802342045Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:05.806262039Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.813647483Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.862066238Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:05.867181823Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:05.86867189Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.870380663Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:05.877086947Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.8789345Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.958864135Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.960934586Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.964969104Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:05.967392806Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:06.072338578Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.144194667Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:06.148856717Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.155691926Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.166299024Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:06.174988757Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.176915616Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.178876656Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:06.187912287Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.189860182Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.200409077Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.203298575Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.206465417Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.208081931Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:06.21616719Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.227033436Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:06.23435954Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.242444434Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.253257046Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:06.26179757Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.264114182Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.265811261Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:06.273511928Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.276062204Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.283800758Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.285150392Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.288041082Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.29039744Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:06.298495797Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.309861154Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:06.313548547Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.321527319Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.333855293Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:06.341474181Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.34343142Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.346231679Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:06.354783563Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.35663675Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.367121928Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.369442286Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.37295485Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.375789519Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:06.384018108Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.395743116Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:06.401334229Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.409251146Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.421089577Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:06.430557794Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.433116106Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.434713816Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:06.443937116Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.446110682Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.455311322Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.45715424Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.461251243Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.463351352Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:06.471184611Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.482692684Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:06.486553876Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.493649202Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.504162337Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:06.512315144Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.514264876Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.51618917Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:06.525485445Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.527450704Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.535921262Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.537305671Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.539743299Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.542116459Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:06.549032549Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.563197246Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:06.566763729Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.571898638Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.583739731Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:06.592539987Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.594234524Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.595972515Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:06.603122027Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.604703448Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:06.610818654Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.622039044Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:06.625394487Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.631222616Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.640233285Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:06.647838202Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.649522891Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.652190696Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:06.658495139Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.660205385Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.670473466Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.67228507Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.675627767Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.678060677Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:06.686556182Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.70108579Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:06.706001209Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.713974663Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.724413855Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:06.732408031Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.748831588Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.750408898Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:06.758773053Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.760447907Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.769629213Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.774022959Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.776407386Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.778085706Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:06.787422204Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.797546175Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:06.801200875Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.808044329Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.819490429Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:06.82699344Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.828968162Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.831610414Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:06.83966893Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.84204673Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:06.84879468Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.859824239Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:06.86678748Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.873504483Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.884061239Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:06.889223046Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.891919779Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.893525322Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:06.900012384Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.902545687Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.911955593Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.913901442Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.935107169Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.936823084Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:06.946506151Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.959044873Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:06.962501743Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.970030789Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.98232377Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:06.990575484Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.99286011Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.994711211Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:07.002904332Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.005388002Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:07.015575303Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.017136503Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:07.021135363Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.022993618Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:07.031458251Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.039896451Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:07.04386265Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.052130576Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.062879329Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:07.070188454Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.072213121Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.075174557Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:07.081590676Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.085189496Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.088287951Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:07.098836797Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.100718523Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:07.105519474Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.107727613Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:07.116698285Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.128221835Z 78 PC: 1316b | Find first file (See above)
2018-12-25T11:44:07.140045145Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.146821225Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.167475308Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:07.177054407Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.17940468Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.182420485Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:07.192713524Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.197184172Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.200871711Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:07.214476038Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.21665043Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:07.226411634Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.228500414Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:07.238638822Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.252649792Z 79 PC: 1317a | Find next file (See above)
2018-12-25T11:44:07.25631534Z 79 PC: 1317a | Find next file (See above)
2018-12-25T11:44:07.260366479Z 79 PC: 1317a | Find next file (See above)
2018-12-25T11:44:07.265138649Z 79 PC: 1317a | Find next file (See above)
2018-12-25T11:44:07.268909472Z 79 PC: 1317a | Find next file (See above)
2018-12-25T11:44:07.272585975Z 79 PC: 1317a | Find next file (See above)
2018-12-25T11:44:07.277047806Z 79 PC: 1317a | Find next file (See above)
2018-12-25T11:44:07.280389271Z 79 PC: 1317a | Find next file (See above)
2018-12-25T11:44:07.283361905Z 78 PC: 13194 | Find first file (See above)
2018-12-25T11:44:07.291478543Z 26 PC: 12d71 | Set disk transfer address
2018-12-25T11:44:07.293120917Z 37 PC: 12d82 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:07.294904191Z 9 PC: 12a86 | Display string (String= 'Goat file (COM/i...). Size=000001F4h/0000000500d bytes. ')
2018-12-25T11:44:07.302990789Z 48 PC: 12a8f | Get DOS version
2018-12-25T11:44:07.304736036Z 61 PC: 12b5c | Open file (Filename = '')
2018-12-25T11:44:07.312456182Z 93 PC: 12afe | File sharing functions
2018-12-25T11:44:07.315938911Z 9 PC: 12a86 | Display string (See above)
2018-12-25T11:44:07.320873013Z 76 PC: 12ae3 | Terminate with return code (Return code = '1')

{"DateBased":true,"Day":22,"Month":9,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1694,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:44:03.641035122Z 42 PC: 131c2 | Get date 0x131c2: cmp dx, 0xc01
0x131c6: je 0x131ca
0x131c8: jmp 0x131d7
0x131ca: mov ah, 9
0x131cc: lea dx, word ptr [bx + 0x5b7]
0x131d0: int 0x21
0x131d2: mov ax, 0x4c00
0x131d5: int 0x21
0x131d7: cmp dx, 0x914
0x131db: jb 0x131e9
0x131dd: cmp al, 1
0x131df: jne 0x131e9
0x131e1: mov ah, 9
0x131e3: lea dx, word ptr [bx + 0x5e9]
0x131e7: int 0x21
0x131e9: popaw
0x131ea: ret
0x131eb: lahf
0x131ec: and byte ptr [bp + di - 0x5e12], ch
0x131f0: stosw word ptr es:[di], ax
2018-12-25T11:44:03.643787309Z 9 PC: 131e9 | Display string (Could not find end pointer)
2018-12-25T11:44:03.673127436Z 53 PC: 12cc0 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:03.674193442Z 37 PC: 12cd6 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:03.676055175Z 26 PC: 12ce0 | Set disk transfer address
2018-12-25T11:44:03.677789046Z 78 PC: 1316b | Find first file
2018-12-25T11:44:03.688613132Z 67 PC: 1306b | Get or set file attributes
2018-12-25T11:44:03.695833245Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.072508441Z 61 PC: 12dfe | Open file (Filename = 'C:\DOS\EDIT.COM')
2018-12-25T11:44:05.086524099Z 87 PC: 13055 | Get or set file date and time
2018-12-25T11:44:05.091081395Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.105323684Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:05.11266679Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.116515474Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.124375769Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.136030666Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.138098909Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.148308399Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:05.149982456Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:05.15855057Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.176766219Z 79 PC: 1317a | Find next file
2018-12-25T11:44:05.180600631Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.187750494Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.201058244Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:05.209809787Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:05.211842727Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.213672527Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:05.220546922Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.224040718Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.225966461Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.235924613Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.237873113Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.241195981Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:05.243833496Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:05.251853946Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.263564996Z 79 PC: 1317a | Find next file (See above)
2018-12-25T11:44:05.267835836Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.274774679Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.285409084Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:05.294222874Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:05.295737521Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.297773948Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:05.305106068Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.308439782Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.309933153Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.320930581Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.322827278Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.326080823Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:05.328126883Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:05.336344338Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.346964827Z 79 PC: 1317a | Find next file (See above)
2018-12-25T11:44:05.353700258Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.361119198Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.371255558Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:05.37867037Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:05.382019866Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.383545915Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:05.388878822Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.392723181Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.394451533Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.403414483Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.405986075Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.409603581Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:05.411702228Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:05.420777875Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.435319935Z 79 PC: 1317a | Find next file (See above)
2018-12-25T11:44:05.44314972Z 78 PC: 13194 | Find first file
2018-12-25T11:44:05.451692185Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.459188178Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.470157666Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:05.478220249Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:05.480969182Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.482908673Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:05.491234353Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.493451361Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.50668876Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.508335633Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.512856101Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:05.514547756Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:05.526647397Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.53875607Z 79 PC: 131a3 | Find next file
2018-12-25T11:44:05.542359642Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.549081592Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.559999493Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:05.568850487Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:05.570658836Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.572137612Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:05.582870318Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.584470699Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.594088948Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.596757388Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.600842671Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:05.6030615Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:05.612636994Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.624551217Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:05.629437301Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.637537877Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.661908076Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:05.669773404Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:05.672601215Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.674780494Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:05.682966815Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.685628945Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.695218094Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.697171084Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.700672026Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:05.703847429Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:05.712408974Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.723684605Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:05.728584812Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.735574674Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.746334076Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:05.755028024Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:05.757515078Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.759552792Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:05.768718152Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.771810473Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.781201028Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.783164138Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:05.787755951Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:05.789811889Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:05.797718179Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.810174206Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:05.813984086Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.820957376Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:05.916348791Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:05.925542048Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:05.927656933Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.930666414Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:05.939408047Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:05.941608631Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.014270606Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.016054724Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.019905974Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.022780798Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:06.144098136Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.165452555Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:06.169451846Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.177599148Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.1894535Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:06.197980105Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.200404963Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.202468342Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:06.211727288Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.214299511Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.224393233Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.226505985Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.232052358Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.234100498Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:06.243443155Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.25537833Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:06.262456555Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.269537701Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.283444878Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:06.291529169Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.293381547Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.295813353Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:06.30463716Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.306213727Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.316713189Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.318324461Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.321699629Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.324106614Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:06.332619801Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.343567864Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:06.347829948Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.355386603Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.366543668Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:06.376637149Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.378483591Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.380131096Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:06.389043694Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.391017888Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.400635028Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.40275137Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.406984245Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.408942203Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:06.416852055Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.428278645Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:06.431865779Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.439895267Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.452208878Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:06.461319926Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.463323683Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.466541616Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:06.475027973Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.477094879Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.487894014Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.489946807Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.493345491Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.495786257Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:06.504588316Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.515749319Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:06.520009739Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.526796419Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.537919525Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:06.54700627Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.54855365Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.55019786Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:06.559526817Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.560954333Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.570864437Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.57310609Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.576446573Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.578078692Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:06.58664584Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.597356604Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:06.600860493Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.608804025Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.619693178Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:06.627507245Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.630886261Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.632595081Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:06.638848771Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.640757472Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:06.647913585Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.658958225Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:06.662906542Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.670770184Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.6818695Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:06.689906698Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.692955395Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.69572476Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:06.70406959Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.707105313Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.717054311Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.718838921Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.723410048Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.725125159Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:06.733508031Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.74576934Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:06.749580931Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.756523266Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.77408372Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:06.781876675Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.78401841Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.786834143Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:06.795286759Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.797300996Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.807122883Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.808904565Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.812511706Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.814778521Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:06.822835658Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.835105418Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:06.840373338Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.847713926Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.859310653Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:06.869178879Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.871219641Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.873282405Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:06.881834265Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.88436898Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:06.891531353Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.904273754Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:06.911353456Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.918090073Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.929202079Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:06.937078847Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.938563407Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.941044344Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:06.949505884Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.951413649Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.961921974Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:06.963677052Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:06.965762691Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:06.967627265Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:06.972834968Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.980377308Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:06.983249644Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.987269239Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:06.995080046Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:07.001101978Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.002409409Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.003615279Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:07.009470442Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.010847559Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:07.017439743Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.019187061Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:07.021667701Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.023334816Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:07.030838017Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.039459677Z 79 PC: 131a3 | Find next file (See above)
2018-12-25T11:44:07.042083913Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.047069986Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.053948803Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:07.059136186Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.061098704Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.062394976Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:07.066853879Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.071082514Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.073466812Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:07.083554038Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.08664517Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:07.091170731Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.094758248Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:07.102080812Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.108232333Z 78 PC: 1316b | Find first file (See above)
2018-12-25T11:44:07.119281787Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.127246512Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.145092956Z 61 PC: 12dfe | Open file (See above)
2018-12-25T11:44:07.153360556Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.155706919Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.157345365Z 63 PC: 13055 | Read file or device (See above)
2018-12-25T11:44:07.165266069Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.169074663Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.170175706Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:07.176415583Z 66 PC: 13055 | Move file pointer (See above)
2018-12-25T11:44:07.178452602Z 64 PC: 13055 | Write file or device (See above)
2018-12-25T11:44:07.186188653Z 87 PC: 13055 | Get or set file date and time (See above)
2018-12-25T11:44:07.188064518Z 62 PC: 13055 | Close file (See above)
2018-12-25T11:44:07.194041141Z 67 PC: 1306b | Get or set file attributes (See above)
2018-12-25T11:44:07.200926876Z 79 PC: 1317a | Find next file (See above)
2018-12-25T11:44:07.203077595Z 79 PC: 1317a | Find next file (See above)
2018-12-25T11:44:07.205791668Z 79 PC: 1317a | Find next file (See above)
2018-12-25T11:44:07.207706385Z 79 PC: 1317a | Find next file (See above)
2018-12-25T11:44:07.209686485Z 79 PC: 1317a | Find next file (See above)
2018-12-25T11:44:07.212230157Z 79 PC: 1317a | Find next file (See above)
2018-12-25T11:44:07.214189564Z 79 PC: 1317a | Find next file (See above)
2018-12-25T11:44:07.216465981Z 79 PC: 1317a | Find next file (See above)
2018-12-25T11:44:07.218605164Z 78 PC: 13194 | Find first file (See above)
2018-12-25T11:44:07.222948868Z 26 PC: 12d71 | Set disk transfer address
2018-12-25T11:44:07.224086117Z 37 PC: 12d82 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:44:07.225893312Z 9 PC: 12a86 | Display string (String= 'Goat file (COM/i...). Size=000001F4h/0000000500d bytes. ')
2018-12-25T11:44:07.230412725Z 48 PC: 12a8f | Get DOS version
2018-12-25T11:44:07.231846061Z 61 PC: 12b5c | Open file (Filename = '')
2018-12-25T11:44:07.24034098Z 93 PC: 12afe | File sharing functions
2018-12-25T11:44:07.24247449Z 9 PC: 12a86 | Display string (See above)
2018-12-25T11:44:07.248326352Z 76 PC: 12ae3 | Terminate with return code (Return code = '1')

{"DateBased":true,"Day":1,"Month":12,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1694,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:44:03.664434765Z 42 PC: 131c2 | Get date 0x131c2: cmp dx, 0xc01
0x131c6: je 0x131ca
0x131c8: jmp 0x131d7
0x131ca: mov ah, 9
0x131cc: lea dx, word ptr [bx + 0x5b7]
0x131d0: int 0x21
0x131d2: mov ax, 0x4c00
0x131d5: int 0x21
0x131d7: cmp dx, 0x914
0x131db: jb 0x131e9
0x131dd: cmp al, 1
0x131df: jne 0x131e9
0x131e1: mov ah, 9
0x131e3: lea dx, word ptr [bx + 0x5e9]
0x131e7: int 0x21
0x131e9: popaw
0x131ea: ret
0x131eb: lahf
0x131ec: and byte ptr [bp + di - 0x5e12], ch
0x131f0: stosw word ptr es:[di], ax
2018-12-25T11:44:03.666734288Z 9 PC: 131d2 | Display string (String= '� �� ���� ! ����ࠢ��� �� � ���� ஦����� ! ')
2018-12-25T11:44:03.672948825Z 76 PC: 131d7 | Terminate with return code (Return code = '0')