Sample viewer

vx.netlux.org/Virus.DOS.Xav.Quevedo.442

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T21:52:14.550292609Z 53 PC: 12a47 | Get interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T21:52:14.552284454Z 37 PC: 12a52 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T21:52:14.553499932Z 61 PC: 12a5c | Open file (Filename = 'c:\windows\win.com')
2018-12-17T21:52:14.562805845Z 64 PC: 12a69 | Write file or device (Write 42 bytes on handle 5)
2018-12-17T21:52:14.568458748Z 46 PC: 12a6d | Set verify flag
2018-12-17T21:52:14.56959296Z 42 PC: 12a71 | Get date 0x12a71: cmp dh, 9
0x12a74: jne 0x12a7d
0x12a76: mov ah, 9
0x12a78: mov dx, 0x1ba
0x12a7b: int 0x21
0x12a7d: mov ah, 0x4e
0x12a7f: xor cx, cx
0x12a81: mov dx, 0x271
0x12a84: int 0x21
0x12a86: jb 0x12a8b
0x12a88: call 0x12a9e
0x12a8b: mov ah, 0x4e
0x12a8d: xor cx, cx
0x12a8f: mov dx, 0x277
0x12a92: int 0x21
0x12a94: jb 0x12a99
0x12a96: call 0x12a9e
0x12a99: mov ax, 0x4c00
0x12a9c: int 0x21
0x12a9e: mov dx, 0x9e
2018-12-17T21:52:14.571635891Z 78 PC: 12a86 | Find first file
2018-12-17T21:52:14.577754103Z 61 PC: 12aaf | Open file (Filename = 'SLEEP.COM')
2018-12-17T21:52:14.591380702Z 66 PC: 12ab8 | Move file pointer
2018-12-17T21:52:14.59279215Z 63 PC: 12ac7 | Read file or device (Read 2 bytes on handle 6)
2018-12-17T21:52:14.594597654Z 66 PC: 12ad5 | Move file pointer
2018-12-17T21:52:14.596787188Z 87 PC: 12ada | Get or set file date and time
2018-12-17T21:52:14.598479142Z 64 PC: 12ae7 | Write file or device (Write 442 bytes on handle 6)
2018-12-17T21:52:14.614133803Z 87 PC: 12aef | Get or set file date and time
2018-12-17T21:52:14.617372668Z 62 PC: 12af3 | Close file
2018-12-17T21:52:14.631029812Z 79 PC: 12af7 | Find next file
2018-12-17T21:52:14.633519995Z 61 PC: 12aaf | Open file (Filename = 'PRINT.COM')
2018-12-17T21:52:14.645692719Z 66 PC: 12ab8 | Move file pointer
2018-12-17T21:52:14.64716186Z 63 PC: 12ac7 | Read file or device (Read 2 bytes on handle 6)
2018-12-17T21:52:14.649132189Z 66 PC: 12ad5 | Move file pointer
2018-12-17T21:52:14.65125561Z 87 PC: 12ada | Get or set file date and time
2018-12-17T21:52:14.652556504Z 64 PC: 12ae7 | Write file or device (Write 442 bytes on handle 6)
2018-12-17T21:52:14.658953227Z 87 PC: 12aef | Get or set file date and time
2018-12-17T21:52:14.660392339Z 62 PC: 12af3 | Close file
2018-12-17T21:52:14.667813759Z 79 PC: 12af7 | Find next file
2018-12-17T21:52:14.670409931Z 61 PC: 12aaf | Open file (Filename = 'HELLO.COM')
2018-12-17T21:52:14.676680781Z 66 PC: 12ab8 | Move file pointer
2018-12-17T21:52:14.678784503Z 63 PC: 12ac7 | Read file or device (Read 2 bytes on handle 6)
2018-12-17T21:52:14.681385153Z 66 PC: 12ad5 | Move file pointer
2018-12-17T21:52:14.683150249Z 87 PC: 12ada | Get or set file date and time
2018-12-17T21:52:14.685194159Z 64 PC: 12ae7 | Write file or device (Write 442 bytes on handle 6)
2018-12-17T21:52:14.692375731Z 87 PC: 12aef | Get or set file date and time
2018-12-17T21:52:14.694130703Z 62 PC: 12af3 | Close file
2018-12-17T21:52:14.70236099Z 79 PC: 12af7 | Find next file
2018-12-17T21:52:14.705230014Z 61 PC: 12aaf | Open file (Filename = 'PHANG.COM')
2018-12-17T21:52:14.711825584Z 66 PC: 12ab8 | Move file pointer
2018-12-17T21:52:14.71399964Z 63 PC: 12ac7 | Read file or device (Read 2 bytes on handle 6)
2018-12-17T21:52:14.715961541Z 66 PC: 12ad5 | Move file pointer
2018-12-17T21:52:14.717507487Z 87 PC: 12ada | Get or set file date and time
2018-12-17T21:52:14.719746856Z 64 PC: 12ae7 | Write file or device (Write 442 bytes on handle 6)
2018-12-17T21:52:14.72619559Z 87 PC: 12aef | Get or set file date and time
2018-12-17T21:52:14.727559032Z 62 PC: 12af3 | Close file
2018-12-17T21:52:14.73565977Z 79 PC: 12af7 | Find next file
2018-12-17T21:52:14.738390128Z 61 PC: 12aaf | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T21:52:14.744786029Z 66 PC: 12ab8 | Move file pointer
2018-12-17T21:52:14.746736143Z 63 PC: 12ac7 | Read file or device (Read 2 bytes on handle 6)
2018-12-17T21:52:14.749847121Z 66 PC: 12ad5 | Move file pointer
2018-12-17T21:52:14.751209938Z 87 PC: 12ada | Get or set file date and time
2018-12-17T21:52:14.752483611Z 64 PC: 12ae7 | Write file or device (Write 442 bytes on handle 6)
2018-12-17T21:52:14.759008952Z 87 PC: 12aef | Get or set file date and time
2018-12-17T21:52:14.760486323Z 62 PC: 12af3 | Close file
2018-12-17T21:52:14.767803842Z 79 PC: 12af7 | Find next file
2018-12-17T21:52:14.771140048Z 61 PC: 12aaf | Open file (Filename = 'MANDEL.COM')
2018-12-17T21:52:14.777605171Z 66 PC: 12ab8 | Move file pointer
2018-12-17T21:52:14.779133876Z 63 PC: 12ac7 | Read file or device (Read 2 bytes on handle 6)
2018-12-17T21:52:14.782552996Z 66 PC: 12ad5 | Move file pointer
2018-12-17T21:52:14.785560128Z 87 PC: 12ada | Get or set file date and time
2018-12-17T21:52:14.787095172Z 64 PC: 12ae7 | Write file or device (Write 442 bytes on handle 6)
2018-12-17T21:52:14.794425153Z 87 PC: 12aef | Get or set file date and time
2018-12-17T21:52:14.795885859Z 62 PC: 12af3 | Close file
2018-12-17T21:52:14.803056827Z 79 PC: 12af7 | Find next file
2018-12-17T21:52:14.806690397Z 61 PC: 12aaf | Open file (Filename = 'PAH.COM')
2018-12-17T21:52:14.813006771Z 66 PC: 12ab8 | Move file pointer
2018-12-17T21:52:14.814311653Z 63 PC: 12ac7 | Read file or device (Read 2 bytes on handle 6)
2018-12-17T21:52:14.816209577Z 66 PC: 12ad5 | Move file pointer
2018-12-17T21:52:14.817772747Z 87 PC: 12ada | Get or set file date and time
2018-12-17T21:52:14.819307831Z 64 PC: 12ae7 | Write file or device (Write 442 bytes on handle 6)
2018-12-17T21:52:14.826128924Z 87 PC: 12aef | Get or set file date and time
2018-12-17T21:52:14.827897699Z 62 PC: 12af3 | Close file
2018-12-17T21:52:14.835609985Z 79 PC: 12af7 | Find next file
2018-12-17T21:52:14.838364441Z 61 PC: 12aaf | Open file (Filename = 'TEST.COM')
2018-12-17T21:52:14.845543497Z 66 PC: 12ab8 | Move file pointer
2018-12-17T21:52:14.846866089Z 63 PC: 12ac7 | Read file or device (Read 2 bytes on handle 6)
2018-12-17T21:52:14.848778421Z 66 PC: 12ad5 | Move file pointer
2018-12-17T21:52:14.850722111Z 87 PC: 12ada | Get or set file date and time
2018-12-17T21:52:14.851992451Z 64 PC: 12ae7 | Write file or device (Write 442 bytes on handle 6)
2018-12-17T21:52:14.856091175Z 87 PC: 12aef | Get or set file date and time
2018-12-17T21:52:14.857504286Z 62 PC: 12af3 | Close file
2018-12-17T21:52:14.864724667Z 79 PC: 12af7 | Find next file
2018-12-17T21:52:14.867568058Z 78 PC: 12a94 | Find first file
2018-12-17T21:52:14.874179785Z 76 PC: 12a9e | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":225,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:40:23.378786429Z 53 PC: 12a47 | Get interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-25T11:40:23.380561041Z 37 PC: 12a52 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T11:40:23.38166017Z 61 PC: 12a5c | Open file (Filename = 'c:\windows\win.com')
2018-12-25T11:40:23.391651862Z 64 PC: 12a69 | Write file or device (Write 42 bytes on handle 5)
2018-12-25T11:40:23.397573322Z 46 PC: 12a6d | Set verify flag
2018-12-25T11:40:23.398629293Z 42 PC: 12a71 | Get date 0x12a71: cmp dh, 9
0x12a74: jne 0x12a7d
0x12a76: mov ah, 9
0x12a78: mov dx, 0x1ba
0x12a7b: int 0x21
0x12a7d: mov ah, 0x4e
0x12a7f: xor cx, cx
0x12a81: mov dx, 0x271
0x12a84: int 0x21
0x12a86: jb 0x12a8b
0x12a88: call 0x12a9e
0x12a8b: mov ah, 0x4e
0x12a8d: xor cx, cx
0x12a8f: mov dx, 0x277
0x12a92: int 0x21
0x12a94: jb 0x12a99
0x12a96: call 0x12a9e
0x12a99: mov ax, 0x4c00
0x12a9c: int 0x21
0x12a9e: mov dx, 0x9e
2018-12-25T11:40:23.400532339Z 78 PC: 12a86 | Find first file
2018-12-25T11:40:23.406607051Z 61 PC: 12aaf | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:40:23.412777271Z 66 PC: 12ab8 | Move file pointer
2018-12-25T11:40:23.413857038Z 63 PC: 12ac7 | Read file or device (Read 2 bytes on handle 6)
2018-12-25T11:40:23.415944164Z 66 PC: 12ad5 | Move file pointer
2018-12-25T11:40:23.417114323Z 87 PC: 12ada | Get or set file date and time
2018-12-25T11:40:23.418263849Z 64 PC: 12ae7 | Write file or device (Write 442 bytes on handle 6)
2018-12-25T11:40:23.424617614Z 87 PC: 12aef | Get or set file date and time
2018-12-25T11:40:23.426052816Z 62 PC: 12af3 | Close file
2018-12-25T11:40:23.482706752Z 79 PC: 12af7 | Find next file
2018-12-25T11:40:23.485223558Z 61 PC: 12aaf | Open file (See above)
2018-12-25T11:40:23.492931643Z 66 PC: 12ab8 | Move file pointer (See above)
2018-12-25T11:40:23.493881229Z 63 PC: 12ac7 | Read file or device (See above)
2018-12-25T11:40:23.494974487Z 66 PC: 12ad5 | Move file pointer (See above)
2018-12-25T11:40:23.496612906Z 87 PC: 12ada | Get or set file date and time (See above)
2018-12-25T11:40:23.497776454Z 64 PC: 12ae7 | Write file or device (See above)
2018-12-25T11:40:23.504086991Z 87 PC: 12aef | Get or set file date and time (See above)
2018-12-25T11:40:23.505940124Z 62 PC: 12af3 | Close file (See above)
2018-12-25T11:40:23.621838893Z 79 PC: 12af7 | Find next file (See above)
2018-12-25T11:40:23.624334464Z 61 PC: 12aaf | Open file (See above)
2018-12-25T11:40:23.630971239Z 66 PC: 12ab8 | Move file pointer (See above)
2018-12-25T11:40:23.631901784Z 63 PC: 12ac7 | Read file or device (See above)
2018-12-25T11:40:23.63300201Z 66 PC: 12ad5 | Move file pointer (See above)
2018-12-25T11:40:23.634266561Z 87 PC: 12ada | Get or set file date and time (See above)
2018-12-25T11:40:23.635137682Z 64 PC: 12ae7 | Write file or device (See above)
2018-12-25T11:40:24.061884875Z 87 PC: 12aef | Get or set file date and time (See above)
2018-12-25T11:40:24.065893537Z 62 PC: 12af3 | Close file (See above)
2018-12-25T11:40:24.286904333Z 79 PC: 12af7 | Find next file (See above)
2018-12-25T11:40:24.289410841Z 61 PC: 12aaf | Open file (See above)
2018-12-25T11:40:24.296727735Z 66 PC: 12ab8 | Move file pointer (See above)
2018-12-25T11:40:24.298622729Z 63 PC: 12ac7 | Read file or device (See above)
2018-12-25T11:40:24.300443032Z 66 PC: 12ad5 | Move file pointer (See above)
2018-12-25T11:40:24.302022016Z 87 PC: 12ada | Get or set file date and time (See above)
2018-12-25T11:40:24.304436979Z 64 PC: 12ae7 | Write file or device (See above)
2018-12-25T11:40:24.31099702Z 87 PC: 12aef | Get or set file date and time (See above)
2018-12-25T11:40:24.312341652Z 62 PC: 12af3 | Close file (See above)
2018-12-25T11:40:24.453933216Z 79 PC: 12af7 | Find next file (See above)
2018-12-25T11:40:24.456382762Z 61 PC: 12aaf | Open file (See above)
2018-12-25T11:40:24.462737717Z 66 PC: 12ab8 | Move file pointer (See above)
2018-12-25T11:40:24.464452944Z 63 PC: 12ac7 | Read file or device (See above)
2018-12-25T11:40:24.466125905Z 66 PC: 12ad5 | Move file pointer (See above)
2018-12-25T11:40:24.467345892Z 87 PC: 12ada | Get or set file date and time (See above)
2018-12-25T11:40:24.469123468Z 64 PC: 12ae7 | Write file or device (See above)
2018-12-25T11:40:24.475849807Z 87 PC: 12aef | Get or set file date and time (See above)
2018-12-25T11:40:24.477155613Z 62 PC: 12af3 | Close file (See above)
2018-12-25T11:40:24.618431925Z 79 PC: 12af7 | Find next file (See above)
2018-12-25T11:40:24.620074214Z 61 PC: 12aaf | Open file (See above)
2018-12-25T11:40:24.623926805Z 66 PC: 12ab8 | Move file pointer (See above)
2018-12-25T11:40:24.6252212Z 63 PC: 12ac7 | Read file or device (See above)
2018-12-25T11:40:24.626391296Z 66 PC: 12ad5 | Move file pointer (See above)
2018-12-25T11:40:24.627370894Z 87 PC: 12ada | Get or set file date and time (See above)
2018-12-25T11:40:24.628588413Z 64 PC: 12ae7 | Write file or device (See above)
2018-12-25T11:40:24.632545569Z 87 PC: 12aef | Get or set file date and time (See above)
2018-12-25T11:40:24.633491096Z 62 PC: 12af3 | Close file (See above)
2018-12-25T11:40:24.808357877Z 79 PC: 12af7 | Find next file (See above)
2018-12-25T11:40:24.810852924Z 61 PC: 12aaf | Open file (See above)
2018-12-25T11:40:24.817155561Z 66 PC: 12ab8 | Move file pointer (See above)
2018-12-25T11:40:24.819471077Z 63 PC: 12ac7 | Read file or device (See above)
2018-12-25T11:40:24.821259099Z 66 PC: 12ad5 | Move file pointer (See above)
2018-12-25T11:40:24.822486104Z 87 PC: 12ada | Get or set file date and time (See above)
2018-12-25T11:40:24.824163267Z 64 PC: 12ae7 | Write file or device (See above)
2018-12-25T11:40:24.83133688Z 87 PC: 12aef | Get or set file date and time (See above)
2018-12-25T11:40:24.832959542Z 62 PC: 12af3 | Close file (See above)
2018-12-25T11:40:24.840467142Z 79 PC: 12af7 | Find next file (See above)
2018-12-25T11:40:24.842868942Z 61 PC: 12aaf | Open file (See above)
2018-12-25T11:40:24.850026549Z 66 PC: 12ab8 | Move file pointer (See above)
2018-12-25T11:40:24.852347031Z 63 PC: 12ac7 | Read file or device (See above)
2018-12-25T11:40:24.854124868Z 66 PC: 12ad5 | Move file pointer (See above)
2018-12-25T11:40:24.855442542Z 87 PC: 12ada | Get or set file date and time (See above)
2018-12-25T11:40:24.85764456Z 64 PC: 12ae7 | Write file or device (See above)
2018-12-25T11:40:24.860512607Z 87 PC: 12aef | Get or set file date and time (See above)
2018-12-25T11:40:24.862001706Z 62 PC: 12af3 | Close file (See above)
2018-12-25T11:40:24.870182748Z 79 PC: 12af7 | Find next file (See above)
2018-12-25T11:40:24.872756472Z 78 PC: 12a94 | Find first file
2018-12-25T11:40:24.878615461Z 76 PC: 12a9e | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":9,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":225,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:40:23.389655454Z 53 PC: 12a47 | Get interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-25T11:40:23.390993831Z 37 PC: 12a52 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T11:40:23.392901323Z 61 PC: 12a5c | Open file (Filename = 'c:\windows\win.com')
2018-12-25T11:40:23.404000424Z 64 PC: 12a69 | Write file or device (Write 42 bytes on handle 5)
2018-12-25T11:40:23.410407538Z 46 PC: 12a6d | Set verify flag
2018-12-25T11:40:23.412418872Z 42 PC: 12a71 | Get date 0x12a71: cmp dh, 9
0x12a74: jne 0x12a7d
0x12a76: mov ah, 9
0x12a78: mov dx, 0x1ba
0x12a7b: int 0x21
0x12a7d: mov ah, 0x4e
0x12a7f: xor cx, cx
0x12a81: mov dx, 0x271
0x12a84: int 0x21
0x12a86: jb 0x12a8b
0x12a88: call 0x12a9e
0x12a8b: mov ah, 0x4e
0x12a8d: xor cx, cx
0x12a8f: mov dx, 0x277
0x12a92: int 0x21
0x12a94: jb 0x12a99
0x12a96: call 0x12a9e
0x12a99: mov ax, 0x4c00
0x12a9c: int 0x21
0x12a9e: mov dx, 0x9e
2018-12-25T11:40:23.415589756Z 9 PC: 12a7d | Display string (String= 'Virus QUEVEDO! by Xavirus Hacker ')
2018-12-25T11:40:23.422054383Z 78 PC: 12a86 | Find first file
2018-12-25T11:40:23.431687589Z 61 PC: 12aaf | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:40:23.438978532Z 66 PC: 12ab8 | Move file pointer
2018-12-25T11:40:23.440629357Z 63 PC: 12ac7 | Read file or device (Read 2 bytes on handle 6)
2018-12-25T11:40:23.443898523Z 66 PC: 12ad5 | Move file pointer
2018-12-25T11:40:23.445539225Z 87 PC: 12ada | Get or set file date and time
2018-12-25T11:40:23.447015108Z 64 PC: 12ae7 | Write file or device (Write 442 bytes on handle 6)
2018-12-25T11:40:23.455531539Z 87 PC: 12aef | Get or set file date and time
2018-12-25T11:40:23.459513909Z 62 PC: 12af3 | Close file
2018-12-25T11:40:23.473647997Z 79 PC: 12af7 | Find next file
2018-12-25T11:40:23.4765259Z 61 PC: 12aaf | Open file (See above)
2018-12-25T11:40:23.492473771Z 66 PC: 12ab8 | Move file pointer (See above)
2018-12-25T11:40:23.493722239Z 63 PC: 12ac7 | Read file or device (See above)
2018-12-25T11:40:23.495454345Z 66 PC: 12ad5 | Move file pointer (See above)
2018-12-25T11:40:23.497110431Z 87 PC: 12ada | Get or set file date and time (See above)
2018-12-25T11:40:23.498184524Z 64 PC: 12ae7 | Write file or device (See above)
2018-12-25T11:40:23.502629961Z 87 PC: 12aef | Get or set file date and time (See above)
2018-12-25T11:40:23.504167394Z 62 PC: 12af3 | Close file (See above)
2018-12-25T11:40:23.509551146Z 79 PC: 12af7 | Find next file (See above)
2018-12-25T11:40:23.511358027Z 61 PC: 12aaf | Open file (See above)
2018-12-25T11:40:23.516205862Z 66 PC: 12ab8 | Move file pointer (See above)
2018-12-25T11:40:23.517626033Z 63 PC: 12ac7 | Read file or device (See above)
2018-12-25T11:40:23.519558684Z 66 PC: 12ad5 | Move file pointer (See above)
2018-12-25T11:40:23.521878624Z 87 PC: 12ada | Get or set file date and time (See above)
2018-12-25T11:40:23.523389756Z 64 PC: 12ae7 | Write file or device (See above)
2018-12-25T11:40:23.531365634Z 87 PC: 12aef | Get or set file date and time (See above)
2018-12-25T11:40:23.533474194Z 62 PC: 12af3 | Close file (See above)
2018-12-25T11:40:23.541700227Z 79 PC: 12af7 | Find next file (See above)
2018-12-25T11:40:23.544666569Z 61 PC: 12aaf | Open file (See above)
2018-12-25T11:40:23.55229043Z 66 PC: 12ab8 | Move file pointer (See above)
2018-12-25T11:40:23.554109081Z 63 PC: 12ac7 | Read file or device (See above)
2018-12-25T11:40:23.556154452Z 66 PC: 12ad5 | Move file pointer (See above)
2018-12-25T11:40:23.557611923Z 87 PC: 12ada | Get or set file date and time (See above)
2018-12-25T11:40:23.559335802Z 64 PC: 12ae7 | Write file or device (See above)
2018-12-25T11:40:23.567057447Z 87 PC: 12aef | Get or set file date and time (See above)
2018-12-25T11:40:23.568602676Z 62 PC: 12af3 | Close file (See above)
2018-12-25T11:40:23.577380523Z 79 PC: 12af7 | Find next file (See above)
2018-12-25T11:40:23.580573228Z 61 PC: 12aaf | Open file (See above)
2018-12-25T11:40:23.588368047Z 66 PC: 12ab8 | Move file pointer (See above)
2018-12-25T11:40:23.590391212Z 63 PC: 12ac7 | Read file or device (See above)
2018-12-25T11:40:23.592343078Z 66 PC: 12ad5 | Move file pointer (See above)
2018-12-25T11:40:23.593752851Z 87 PC: 12ada | Get or set file date and time (See above)
2018-12-25T11:40:23.595854114Z 64 PC: 12ae7 | Write file or device (See above)
2018-12-25T11:40:23.603103352Z 87 PC: 12aef | Get or set file date and time (See above)
2018-12-25T11:40:23.604858288Z 62 PC: 12af3 | Close file (See above)
2018-12-25T11:40:23.614247881Z 79 PC: 12af7 | Find next file (See above)
2018-12-25T11:40:23.61721502Z 61 PC: 12aaf | Open file (See above)
2018-12-25T11:40:23.624680855Z 66 PC: 12ab8 | Move file pointer (See above)
2018-12-25T11:40:23.626319147Z 63 PC: 12ac7 | Read file or device (See above)
2018-12-25T11:40:23.628429643Z 66 PC: 12ad5 | Move file pointer (See above)
2018-12-25T11:40:23.629637341Z 87 PC: 12ada | Get or set file date and time (See above)
2018-12-25T11:40:23.630846275Z 64 PC: 12ae7 | Write file or device (See above)
2018-12-25T11:40:23.638683812Z 87 PC: 12aef | Get or set file date and time (See above)
2018-12-25T11:40:23.64047093Z 62 PC: 12af3 | Close file (See above)
2018-12-25T11:40:23.649248314Z 79 PC: 12af7 | Find next file (See above)
2018-12-25T11:40:23.664956444Z 61 PC: 12aaf | Open file (See above)
2018-12-25T11:40:23.673046442Z 66 PC: 12ab8 | Move file pointer (See above)
2018-12-25T11:40:23.675195183Z 63 PC: 12ac7 | Read file or device (See above)
2018-12-25T11:40:23.67865978Z 66 PC: 12ad5 | Move file pointer (See above)
2018-12-25T11:40:23.680587062Z 87 PC: 12ada | Get or set file date and time (See above)
2018-12-25T11:40:23.682272342Z 64 PC: 12ae7 | Write file or device (See above)
2018-12-25T11:40:23.690354753Z 87 PC: 12aef | Get or set file date and time (See above)
2018-12-25T11:40:23.692012144Z 62 PC: 12af3 | Close file (See above)
2018-12-25T11:40:23.700129294Z 79 PC: 12af7 | Find next file (See above)
2018-12-25T11:40:23.703066726Z 61 PC: 12aaf | Open file (See above)
2018-12-25T11:40:23.710977848Z 66 PC: 12ab8 | Move file pointer (See above)
2018-12-25T11:40:23.712118379Z 63 PC: 12ac7 | Read file or device (See above)
2018-12-25T11:40:23.713308669Z 66 PC: 12ad5 | Move file pointer (See above)
2018-12-25T11:40:23.714535077Z 87 PC: 12ada | Get or set file date and time (See above)
2018-12-25T11:40:23.715513335Z 64 PC: 12ae7 | Write file or device (See above)
2018-12-25T11:40:23.717250889Z 87 PC: 12aef | Get or set file date and time (See above)
2018-12-25T11:40:23.718563537Z 62 PC: 12af3 | Close file (See above)
2018-12-25T11:40:23.723372182Z 79 PC: 12af7 | Find next file (See above)
2018-12-25T11:40:23.724959403Z 78 PC: 12a94 | Find first file
2018-12-25T11:40:23.728816328Z 76 PC: 12a9e | Terminate with return code (Return code = '0')