Sample viewer

vx.netlux.org/Virus.DOS.Search.437

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:11:55.846266494Z 26 PC: 12a51 | Set disk transfer address
2018-12-17T22:11:55.848785599Z 78 PC: 12b30 | Find first file
2018-12-17T22:11:55.855008616Z 61 PC: 12b4a | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:11:55.861181205Z 66 PC: 12b59 | Move file pointer
2018-12-17T22:11:55.862826573Z 63 PC: 12b6a | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:11:55.866968928Z 66 PC: 12b8e | Move file pointer
2018-12-17T22:11:55.868112799Z 63 PC: 12b9c | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:11:55.87080651Z 66 PC: 12ba9 | Move file pointer
2018-12-17T22:11:55.872385025Z 64 PC: 12bb5 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:11:55.875807574Z 64 PC: 12bc2 | Write file or device (Write 437 bytes on handle 5)
2018-12-17T22:11:55.888999599Z 66 PC: 12bcf | Move file pointer
2018-12-17T22:11:55.890725707Z 64 PC: 12be2 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:11:55.897560907Z 87 PC: 12bef | Get or set file date and time
2018-12-17T22:11:55.898847976Z 62 PC: 12b7a | Close file
2018-12-17T22:11:55.907830857Z 79 PC: 12b7e | Find next file
2018-12-17T22:11:55.910339058Z 61 PC: 12b4a | Open file (Filename = 'PRINT.COM')
2018-12-17T22:11:55.917546414Z 66 PC: 12b59 | Move file pointer
2018-12-17T22:11:55.919510012Z 63 PC: 12b6a | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:11:55.9211125Z 66 PC: 12b8e | Move file pointer
2018-12-17T22:11:55.925143115Z 63 PC: 12b9c | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:11:55.933012631Z 66 PC: 12ba9 | Move file pointer
2018-12-17T22:11:55.934960421Z 64 PC: 12bb5 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:11:55.937686879Z 64 PC: 12bc2 | Write file or device (Write 437 bytes on handle 5)
2018-12-17T22:11:55.940920934Z 66 PC: 12bcf | Move file pointer
2018-12-17T22:11:55.942726704Z 64 PC: 12be2 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:11:55.945663458Z 87 PC: 12bef | Get or set file date and time
2018-12-17T22:11:55.947467129Z 62 PC: 12b7a | Close file
2018-12-17T22:11:55.956381241Z 79 PC: 12b7e | Find next file
2018-12-17T22:11:55.958937801Z 61 PC: 12b4a | Open file (Filename = 'HELLO.COM')
2018-12-17T22:11:55.966458841Z 66 PC: 12b59 | Move file pointer
2018-12-17T22:11:55.967829573Z 63 PC: 12b6a | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:11:55.969416539Z 66 PC: 12b8e | Move file pointer
2018-12-17T22:11:55.970976962Z 63 PC: 12b9c | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:11:55.977700064Z 66 PC: 12ba9 | Move file pointer
2018-12-17T22:11:55.979047087Z 64 PC: 12bb5 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:11:55.981604172Z 64 PC: 12bc2 | Write file or device (Write 437 bytes on handle 5)
2018-12-17T22:11:55.989719456Z 66 PC: 12bcf | Move file pointer
2018-12-17T22:11:55.991138317Z 64 PC: 12be2 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:11:55.997827936Z 87 PC: 12bef | Get or set file date and time
2018-12-17T22:11:56.000056074Z 62 PC: 12b7a | Close file
2018-12-17T22:11:56.007664462Z 79 PC: 12b7e | Find next file
2018-12-17T22:11:56.010210247Z 61 PC: 12b4a | Open file (Filename = 'PHANG.COM')
2018-12-17T22:11:56.018256196Z 66 PC: 12b59 | Move file pointer
2018-12-17T22:11:56.019841404Z 63 PC: 12b6a | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:11:56.021418887Z 66 PC: 12b8e | Move file pointer
2018-12-17T22:11:56.023787706Z 63 PC: 12b9c | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:11:56.029910339Z 66 PC: 12ba9 | Move file pointer
2018-12-17T22:11:56.031112447Z 64 PC: 12bb5 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:11:56.033961991Z 64 PC: 12bc2 | Write file or device (Write 437 bytes on handle 5)
2018-12-17T22:11:56.036468103Z 66 PC: 12bcf | Move file pointer
2018-12-17T22:11:56.037818322Z 64 PC: 12be2 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:11:56.04068913Z 87 PC: 12bef | Get or set file date and time
2018-12-17T22:11:56.042039264Z 62 PC: 12b7a | Close file
2018-12-17T22:11:56.04908604Z 79 PC: 12b7e | Find next file
2018-12-17T22:11:56.05252785Z 61 PC: 12b4a | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:11:56.059193635Z 66 PC: 12b59 | Move file pointer
2018-12-17T22:11:56.060562594Z 63 PC: 12b6a | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:11:56.063546975Z 66 PC: 12b8e | Move file pointer
2018-12-17T22:11:56.064802001Z 63 PC: 12b9c | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:11:56.070815719Z 66 PC: 12ba9 | Move file pointer
2018-12-17T22:11:56.072556984Z 64 PC: 12bb5 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:11:56.075185804Z 64 PC: 12bc2 | Write file or device (Write 437 bytes on handle 5)
2018-12-17T22:11:56.07781225Z 66 PC: 12bcf | Move file pointer
2018-12-17T22:11:56.079853956Z 64 PC: 12be2 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:11:56.082582187Z 87 PC: 12bef | Get or set file date and time
2018-12-17T22:11:56.083800072Z 62 PC: 12b7a | Close file
2018-12-17T22:11:56.091110565Z 79 PC: 12b7e | Find next file
2018-12-17T22:11:56.093599829Z 61 PC: 12b4a | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:11:56.100327821Z 66 PC: 12b59 | Move file pointer
2018-12-17T22:11:56.102633823Z 63 PC: 12b6a | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:11:56.108626414Z 66 PC: 12b8e | Move file pointer
2018-12-17T22:11:56.110245602Z 63 PC: 12b9c | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:11:56.113662575Z 66 PC: 12ba9 | Move file pointer
2018-12-17T22:11:56.115068961Z 64 PC: 12bb5 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:11:56.118156628Z 64 PC: 12bc2 | Write file or device (Write 437 bytes on handle 5)
2018-12-17T22:11:56.12673293Z 66 PC: 12bcf | Move file pointer
2018-12-17T22:11:56.128637746Z 64 PC: 12be2 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:11:56.135661406Z 87 PC: 12bef | Get or set file date and time
2018-12-17T22:11:56.137680899Z 62 PC: 12b7a | Close file
2018-12-17T22:11:56.145346972Z 79 PC: 12b7e | Find next file
2018-12-17T22:11:56.14777418Z 61 PC: 12b4a | Open file (Filename = 'PAH.COM')
2018-12-17T22:11:56.154148097Z 66 PC: 12b59 | Move file pointer
2018-12-17T22:11:56.156061828Z 63 PC: 12b6a | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:11:56.157526381Z 66 PC: 12b8e | Move file pointer
2018-12-17T22:11:56.159112296Z 63 PC: 12b9c | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:11:56.165841853Z 66 PC: 12ba9 | Move file pointer
2018-12-17T22:11:56.167150838Z 64 PC: 12bb5 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:11:56.16994464Z 64 PC: 12bc2 | Write file or device (Write 437 bytes on handle 5)
2018-12-17T22:11:56.173820079Z 66 PC: 12bcf | Move file pointer
2018-12-17T22:11:56.175398627Z 64 PC: 12be2 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:11:56.178789054Z 87 PC: 12bef | Get or set file date and time
2018-12-17T22:11:56.180982594Z 62 PC: 12b7a | Close file
2018-12-17T22:11:56.18829962Z 79 PC: 12b7e | Find next file
2018-12-17T22:11:56.191133134Z 61 PC: 12b4a | Open file (Filename = 'TEST.COM')
2018-12-17T22:11:56.19831189Z 66 PC: 12b59 | Move file pointer
2018-12-17T22:11:56.199626646Z 63 PC: 12b6a | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:11:56.203880105Z 66 PC: 12b8e | Move file pointer
2018-12-17T22:11:56.20672822Z 63 PC: 12b9c | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:11:56.209093594Z 66 PC: 12ba9 | Move file pointer
2018-12-17T22:11:56.210461486Z 64 PC: 12bb5 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:11:56.213965501Z 64 PC: 12bc2 | Write file or device (Write 437 bytes on handle 5)
2018-12-17T22:11:56.221862538Z 66 PC: 12bcf | Move file pointer
2018-12-17T22:11:56.223096376Z 64 PC: 12be2 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:11:56.230377269Z 87 PC: 12bef | Get or set file date and time
2018-12-17T22:11:56.231842475Z 62 PC: 12b7a | Close file
2018-12-17T22:11:56.239332787Z 79 PC: 12b7e | Find next file
2018-12-17T22:11:56.242545346Z 78 PC: 12ada | Find first file
2018-12-17T22:11:56.248036423Z 78 PC: 12b30 | Find first file
2018-12-17T22:11:56.253785374Z 61 PC: 12b4a | Open file (Filename = 'C:\COMMAND.COM')
2018-12-17T22:11:56.260611317Z 66 PC: 12b59 | Move file pointer
2018-12-17T22:11:56.261960352Z 63 PC: 12b6a | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:11:56.264792209Z 66 PC: 12b8e | Move file pointer
2018-12-17T22:11:56.267296102Z 63 PC: 12b9c | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:11:56.269818609Z 66 PC: 12ba9 | Move file pointer
2018-12-17T22:11:56.271063762Z 64 PC: 12bb5 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:11:56.275438801Z 64 PC: 12bc2 | Write file or device (Write 437 bytes on handle 5)
2018-12-17T22:11:56.953092022Z 66 PC: 12bcf | Move file pointer
2018-12-17T22:11:56.95452518Z 64 PC: 12be2 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:11:56.958317658Z 87 PC: 12bef | Get or set file date and time
2018-12-17T22:11:56.960646309Z 62 PC: 12b7a | Close file
2018-12-17T22:11:56.967196211Z 79 PC: 12b7e | Find next file
2018-12-17T22:11:56.970951908Z 78 PC: 12ada | Find first file
2018-12-17T22:11:56.97690212Z 78 PC: 12b30 | Find first file
2018-12-17T22:11:56.985864624Z 61 PC: 12b4a | Open file (Filename = 'C:\DOS\EDIT.COM')
2018-12-17T22:11:56.993585923Z 66 PC: 12b59 | Move file pointer
2018-12-17T22:11:56.995636971Z 63 PC: 12b6a | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:11:57.001326547Z 66 PC: 12b8e | Move file pointer
2018-12-17T22:11:57.003704332Z 63 PC: 12b9c | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:11:57.00666888Z 66 PC: 12ba9 | Move file pointer
2018-12-17T22:11:57.008062757Z 64 PC: 12bb5 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:11:57.011483271Z 64 PC: 12bc2 | Write file or device (Write 437 bytes on handle 5)
2018-12-17T22:11:57.022852763Z 66 PC: 12bcf | Move file pointer
2018-12-17T22:11:57.02421985Z 64 PC: 12be2 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:11:57.030420077Z 87 PC: 12bef | Get or set file date and time
2018-12-17T22:11:57.03193021Z 62 PC: 12b7a | Close file
2018-12-17T22:11:57.038580118Z 79 PC: 12b7e | Find next file
2018-12-17T22:11:57.04286033Z 61 PC: 12b4a | Open file (Filename = 'C:\DOS\FORMAT.COM')
2018-12-17T22:11:57.049847156Z 66 PC: 12b59 | Move file pointer
2018-12-17T22:11:57.051248261Z 63 PC: 12b6a | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:11:57.057252274Z 66 PC: 12b8e | Move file pointer
2018-12-17T22:11:57.059025113Z 63 PC: 12b9c | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:11:57.064482669Z 66 PC: 12ba9 | Move file pointer
2018-12-17T22:11:57.067236648Z 64 PC: 12bb5 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:11:57.0704971Z 64 PC: 12bc2 | Write file or device (Write 437 bytes on handle 5)
2018-12-17T22:11:57.077518427Z 66 PC: 12bcf | Move file pointer
2018-12-17T22:11:57.080828285Z 64 PC: 12be2 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:11:57.084988439Z 87 PC: 12bef | Get or set file date and time
2018-12-17T22:11:57.086857139Z 62 PC: 12b7a | Close file
2018-12-17T22:11:57.094219534Z 79 PC: 12b7e | Find next file
2018-12-17T22:11:57.097248512Z 61 PC: 12b4a | Open file (Filename = 'C:\DOS\KEYB.COM')
2018-12-17T22:11:57.104141954Z 66 PC: 12b59 | Move file pointer
2018-12-17T22:11:57.106051248Z 63 PC: 12b6a | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:11:57.111831381Z 66 PC: 12b8e | Move file pointer
2018-12-17T22:11:57.113387984Z 63 PC: 12b9c | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:11:57.119633286Z 66 PC: 12ba9 | Move file pointer
2018-12-17T22:11:57.12124565Z 64 PC: 12bb5 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:11:57.124818936Z 64 PC: 12bc2 | Write file or device (Write 437 bytes on handle 5)
2018-12-17T22:11:57.13221251Z 66 PC: 12bcf | Move file pointer
2018-12-17T22:11:57.133698036Z 64 PC: 12be2 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:11:57.136529244Z 87 PC: 12bef | Get or set file date and time
2018-12-17T22:11:57.139178381Z 62 PC: 12b7a | Close file
2018-12-17T22:11:57.146380626Z 79 PC: 12b7e | Find next file
2018-12-17T22:11:57.153404753Z 61 PC: 12b4a | Open file (Filename = 'C:\DOS\SYS.COM')
2018-12-17T22:11:57.160765663Z 66 PC: 12b59 | Move file pointer
2018-12-17T22:11:57.162248009Z 63 PC: 12b6a | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:11:57.168209766Z 66 PC: 12b8e | Move file pointer
2018-12-17T22:11:57.170066624Z 63 PC: 12b9c | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:11:57.175454325Z 66 PC: 12ba9 | Move file pointer
2018-12-17T22:11:57.176743779Z 64 PC: 12bb5 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:11:57.183542883Z 64 PC: 12bc2 | Write file or device (Write 437 bytes on handle 5)
2018-12-17T22:11:57.189768859Z 66 PC: 12bcf | Move file pointer
2018-12-17T22:11:57.191303433Z 64 PC: 12be2 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:11:57.195375825Z 87 PC: 12bef | Get or set file date and time
2018-12-17T22:11:57.19713175Z 62 PC: 12b7a | Close file
2018-12-17T22:11:57.203803123Z 79 PC: 12b7e | Find next file
2018-12-17T22:11:57.21041359Z 79 PC: 12b11 | Find next file
2018-12-17T22:11:57.213292429Z 78 PC: 12b30 | Find first file
2018-12-17T22:11:57.223099784Z 61 PC: 12b4a | Open file (Filename = 'C:\WINDOWS\WIN.COM')
2018-12-17T22:11:57.231454456Z 66 PC: 12b59 | Move file pointer
2018-12-17T22:11:57.232907507Z 63 PC: 12b6a | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:11:57.239049822Z 66 PC: 12b8e | Move file pointer
2018-12-17T22:11:57.241454306Z 63 PC: 12b9c | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:11:57.247151714Z 66 PC: 12ba9 | Move file pointer
2018-12-17T22:11:57.248582866Z 64 PC: 12bb5 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:11:57.255549014Z 64 PC: 12bc2 | Write file or device (Write 437 bytes on handle 5)
2018-12-17T22:11:57.262039941Z 66 PC: 12bcf | Move file pointer
2018-12-17T22:11:57.278174163Z 64 PC: 12be2 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:11:57.281733738Z 87 PC: 12bef | Get or set file date and time
2018-12-17T22:11:57.283633798Z 62 PC: 12b7a | Close file
2018-12-17T22:11:57.290796847Z 79 PC: 12b7e | Find next file
2018-12-17T22:11:57.29808454Z 79 PC: 12b11 | Find next file
2018-12-17T22:11:57.300683549Z 42 PC: 12a74 | Get date 0x12a74: cmp al, 5
0x12a76: jne 0x12a82
0x12a78: cmp dl, 0xd
0x12a7b: jne 0x12a82
0x12a7d: call 0x12aa5
0x12a80: int 0x20
0x12a82: mov ah, 0x1a
0x12a84: mov dx, 0x80
0x12a87: int 0x21
0x12a89: lea si, word ptr [bp - 0x1b8]
0x12a8d: mov di, 0x100
0x12a90: cld
0x12a91: movsw word ptr es:[di], word ptr [si]
0x12a92: movsb byte ptr es:[di], byte ptr [si]
0x12a93: push cs
0x12a94: pop es
0x12a95: push cs
0x12a96: pop ds
0x12a97: pop ax
0x12a98: mov di, 0x100
2018-12-17T22:11:57.302825444Z 26 PC: 12a89 | Set disk transfer address
2018-12-17T22:11:57.304417441Z 26 PC: 12a51 | Set disk transfer address

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":2446,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:45:51.922597048Z 26 PC: 12a51 | Set disk transfer address
2018-12-25T11:45:51.924895261Z 78 PC: 12b30 | Find first file
2018-12-25T11:45:51.930618034Z 61 PC: 12b4a | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:45:51.936613836Z 66 PC: 12b59 | Move file pointer
2018-12-25T11:45:51.938735317Z 63 PC: 12b6a | Read file or device (Read 2 bytes on handle 5)
2018-12-25T11:45:51.944685188Z 66 PC: 12b8e | Move file pointer
2018-12-25T11:45:51.945858188Z 63 PC: 12b9c | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:45:51.948174246Z 66 PC: 12ba9 | Move file pointer
2018-12-25T11:45:51.949656244Z 64 PC: 12bb5 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:45:51.952022907Z 64 PC: 12bc2 | Write file or device (Write 437 bytes on handle 5)
2018-12-25T11:45:51.965428596Z 66 PC: 12bcf | Move file pointer
2018-12-25T11:45:51.966746212Z 64 PC: 12be2 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:45:51.972619514Z 87 PC: 12bef | Get or set file date and time
2018-12-25T11:45:51.973600334Z 62 PC: 12b7a | Close file
2018-12-25T11:45:51.979429411Z 79 PC: 12b7e | Find next file
2018-12-25T11:45:51.981109546Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:51.987378486Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:51.990035307Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:51.992139722Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:51.993837269Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:52.001126678Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:52.002960844Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:52.005952291Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:52.009546325Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:52.011199712Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:52.014062827Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:52.017099481Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:52.024522116Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:52.027401924Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:52.034477802Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:52.035905074Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:52.037128128Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:52.03901952Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:52.045260363Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:52.046562504Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:52.050475647Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:52.058644805Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:52.05999927Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:52.066311497Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:52.068070775Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:52.075676287Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:52.078493011Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:52.092759464Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:52.094090267Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:52.096050958Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:52.09773309Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:52.10240005Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:52.103656727Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:52.106212895Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:52.108190791Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:52.109353606Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:52.111802782Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:52.112963627Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:52.119580291Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:52.123203703Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:52.130516861Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:52.132329775Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:52.134873661Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:52.136939116Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:52.142951535Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:52.147177655Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:52.149947244Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:52.152747716Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:52.154897617Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:52.164162059Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:52.16551078Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:52.172882019Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:52.175525085Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:52.181912685Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:52.184120138Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:52.192079798Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:52.193560029Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:52.196716329Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:52.198210864Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:52.200780533Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:52.209486973Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:52.210967998Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:52.217742261Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:52.220363086Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:52.227726198Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:52.229686053Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:52.23482604Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:52.23597659Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:52.237204656Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:52.239436377Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:52.243998231Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:52.245497601Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:52.248325892Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:52.258033826Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:52.259368301Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:52.262526202Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:52.264623777Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:52.272245613Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:52.276002202Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:52.283578107Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:52.284944649Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:52.289805285Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:52.291276056Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:52.293580115Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:52.297151857Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:52.299706969Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:52.72648831Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:52.728443936Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:52.761152163Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:52.763359621Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:53.054979919Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:53.05753832Z 78 PC: 12ada | Find first file
2018-12-25T11:45:53.06315123Z 78 PC: 12b30 | Find first file (See above)
2018-12-25T11:45:53.069432665Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:53.075470037Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:53.076904962Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:53.080572025Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:53.081902327Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:53.084310901Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:53.085735112Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:53.088808025Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:53.89316553Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:53.895286545Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:53.89917452Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:53.900896741Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:53.907458719Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:53.91124022Z 78 PC: 12ada | Find first file (See above)
2018-12-25T11:45:53.917375801Z 78 PC: 12b30 | Find first file (See above)
2018-12-25T11:45:53.926082716Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:53.933451142Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:53.934739585Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:53.939998971Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:53.942180863Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:53.94452043Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:53.94587995Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:53.949096147Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:53.953736989Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:53.954831163Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:53.960282044Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:53.961507709Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:53.966183783Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:53.969940592Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:53.976596655Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:53.977814305Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:53.984874252Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:53.985917782Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:53.991290856Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:53.993038386Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:53.996166239Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:54.323286434Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:54.326172906Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:54.328851709Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:54.330355358Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:54.337388021Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:54.341198365Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:54.348739039Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:54.351611291Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:54.357665073Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:54.35929696Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:54.365775446Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:54.36739492Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:54.370777674Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:54.378885427Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:54.380197214Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:54.382914643Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:54.38485731Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:54.391335062Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:54.397662866Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:54.405494167Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:54.406874015Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:54.412890038Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:54.414977665Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:54.420272617Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:54.42187689Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:54.428706994Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:54.435192636Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:54.436466659Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:54.440405352Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:54.441766256Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:54.448396034Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:54.454461147Z 79 PC: 12b11 | Find next file
2018-12-25T11:45:54.457262455Z 78 PC: 12b30 | Find first file (See above)
2018-12-25T11:45:54.467411337Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:54.473122762Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:54.474291215Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:54.479274229Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:54.481692972Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:54.487536756Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:54.490407005Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:54.496389913Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:54.502619019Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:54.504452022Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:54.508074528Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:54.509821278Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:54.517610011Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:54.524660675Z 79 PC: 12b11 | Find next file (See above)
2018-12-25T11:45:54.527095757Z 42 PC: 12a74 | Get date 0x12a74: cmp al, 5
0x12a76: jne 0x12a82
0x12a78: cmp dl, 0xd
0x12a7b: jne 0x12a82
0x12a7d: call 0x12aa5
0x12a80: int 0x20
0x12a82: mov ah, 0x1a
0x12a84: mov dx, 0x80
0x12a87: int 0x21
0x12a89: lea si, word ptr [bp - 0x1b8]
0x12a8d: mov di, 0x100
0x12a90: cld
0x12a91: movsw word ptr es:[di], word ptr [si]
0x12a92: movsb byte ptr es:[di], byte ptr [si]
0x12a93: push cs
0x12a94: pop es
0x12a95: push cs
0x12a96: pop ds
0x12a97: pop ax
0x12a98: mov di, 0x100
2018-12-25T11:45:54.529953086Z 26 PC: 12a89 | Set disk transfer address
2018-12-25T11:45:54.531066939Z 26 PC: 12a51 | Set disk transfer address (See above)

{"DateBased":true,"Day":4,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":2446,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:45:52.056855218Z 26 PC: 12a51 | Set disk transfer address
2018-12-25T11:45:52.058524998Z 78 PC: 12b30 | Find first file
2018-12-25T11:45:52.064962549Z 61 PC: 12b4a | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:45:52.071374207Z 66 PC: 12b59 | Move file pointer
2018-12-25T11:45:52.073272261Z 63 PC: 12b6a | Read file or device (Read 2 bytes on handle 5)
2018-12-25T11:45:52.097263604Z 66 PC: 12b8e | Move file pointer
2018-12-25T11:45:52.098559059Z 63 PC: 12b9c | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:45:52.101534697Z 66 PC: 12ba9 | Move file pointer
2018-12-25T11:45:52.103402041Z 64 PC: 12bb5 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:45:52.105835482Z 64 PC: 12bc2 | Write file or device (Write 437 bytes on handle 5)
2018-12-25T11:45:52.120203631Z 66 PC: 12bcf | Move file pointer
2018-12-25T11:45:52.12158405Z 64 PC: 12be2 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:45:52.128298025Z 87 PC: 12bef | Get or set file date and time
2018-12-25T11:45:52.129699196Z 62 PC: 12b7a | Close file
2018-12-25T11:45:52.13722705Z 79 PC: 12b7e | Find next file
2018-12-25T11:45:52.13981891Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:52.14646212Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:52.150003925Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:52.15162557Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:52.15294067Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:52.16069549Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:52.162002286Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:52.16498562Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:52.168745966Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:52.170044414Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:52.17254079Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:52.174467398Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:52.182120643Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:52.184714123Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:52.192110571Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:52.193506331Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:52.195374122Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:52.197892647Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:52.211608789Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:52.213378057Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:52.216416898Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:52.225174842Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:52.226705001Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:52.233644991Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:52.236746011Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:52.245255401Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:52.248217125Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:52.264309956Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:52.265852185Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:52.267358473Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:52.26963146Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:52.276097539Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:52.277487734Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:52.281839519Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:52.28461203Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:52.286001823Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:52.288811795Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:52.290887771Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:52.595635812Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:52.598462686Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:52.605023518Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:52.606223741Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:52.607692285Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:52.609165826Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:52.615281764Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:52.616498501Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:52.618457351Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:52.620104922Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:52.62099166Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:52.622974727Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:52.624376576Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:53.226226909Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:53.232300769Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:53.238745524Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:53.24009683Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:53.246715696Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:53.247936517Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:53.256614187Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:53.266872829Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:53.269321312Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:53.523661819Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:53.525793116Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:53.532264289Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:53.533735259Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:53.849515558Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:53.852068278Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:53.858952538Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:53.860888729Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:53.862351339Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:53.863548564Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:53.86934454Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:53.870605038Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:53.872966905Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:53.878802682Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:53.880161624Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:53.88263332Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:53.884387853Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:53.892380431Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:53.894977222Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:53.902184314Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:53.903477693Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:53.906096347Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:53.908194558Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:53.910411108Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:53.911842356Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:53.914846515Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:53.922741366Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:53.92487341Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:53.932685909Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:53.934043386Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:53.941753571Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:53.94482245Z 78 PC: 12ada | Find first file
2018-12-25T11:45:53.949177044Z 78 PC: 12b30 | Find first file (See above)
2018-12-25T11:45:53.956129727Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:53.962659425Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:53.964041582Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:53.968073157Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:53.970093361Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:53.972743023Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:53.974299319Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:53.978219927Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:54.324269945Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:54.326461363Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:54.331283129Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:54.333235102Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:54.338282003Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:54.340822531Z 78 PC: 12ada | Find first file (See above)
2018-12-25T11:45:54.344404835Z 78 PC: 12b30 | Find first file (See above)
2018-12-25T11:45:54.350325069Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:54.355929725Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:54.357341516Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:54.361658603Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:54.363797688Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:54.365830958Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:54.366991336Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:54.369442873Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:54.374399383Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:54.375579236Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:54.380318562Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:54.382096098Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:54.388666159Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:54.392832167Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:54.400067614Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:54.401807283Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:54.409387297Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:54.411908169Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:54.417444585Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:54.41909414Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:54.423192198Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:54.429549983Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:54.430757838Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:54.434124796Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:54.435747046Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:54.442335626Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:54.446202431Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:54.452680517Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:54.454361683Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:54.460790894Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:54.461726776Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:54.465199097Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:54.467546648Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:54.470989108Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:54.478342866Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:54.480336713Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:54.483063639Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:54.484553691Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:54.49202368Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:54.498061982Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:54.505219973Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:54.507575117Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:54.513513101Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:54.514791347Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:54.520550962Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:54.521963793Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:54.527961706Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:54.534511822Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:54.536179018Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:54.539096115Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:54.541071589Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:54.54807402Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:54.55405047Z 79 PC: 12b11 | Find next file
2018-12-25T11:45:54.557143772Z 78 PC: 12b30 | Find first file (See above)
2018-12-25T11:45:54.56303745Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:54.568292698Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:54.569788119Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:54.575549525Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:54.577758244Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:54.583126966Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:54.584260199Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:54.589057022Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:54.77205727Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:54.773930957Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:54.779992226Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:54.781417072Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:54.874074545Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:54.885777899Z 79 PC: 12b11 | Find next file (See above)
2018-12-25T11:45:54.887624702Z 42 PC: 12a74 | Get date 0x12a74: cmp al, 5
0x12a76: jne 0x12a82
0x12a78: cmp dl, 0xd
0x12a7b: jne 0x12a82
0x12a7d: call 0x12aa5
0x12a80: int 0x20
0x12a82: mov ah, 0x1a
0x12a84: mov dx, 0x80
0x12a87: int 0x21
0x12a89: lea si, word ptr [bp - 0x1b8]
0x12a8d: mov di, 0x100
0x12a90: cld
0x12a91: movsw word ptr es:[di], word ptr [si]
0x12a92: movsb byte ptr es:[di], byte ptr [si]
0x12a93: push cs
0x12a94: pop es
0x12a95: push cs
0x12a96: pop ds
0x12a97: pop ax
0x12a98: mov di, 0x100
2018-12-25T11:45:54.889069627Z 26 PC: 12a89 | Set disk transfer address
2018-12-25T11:45:54.890516316Z 26 PC: 12a51 | Set disk transfer address (See above)

{"DateBased":true,"Day":13,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":2446,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:45:52.043897437Z 26 PC: 12a51 | Set disk transfer address
2018-12-25T11:45:52.045221702Z 78 PC: 12b30 | Find first file
2018-12-25T11:45:52.052815134Z 61 PC: 12b4a | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:45:52.060624649Z 66 PC: 12b59 | Move file pointer
2018-12-25T11:45:52.062553261Z 63 PC: 12b6a | Read file or device (Read 2 bytes on handle 5)
2018-12-25T11:45:52.071086471Z 66 PC: 12b8e | Move file pointer
2018-12-25T11:45:52.072573767Z 63 PC: 12b9c | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:45:52.075330259Z 66 PC: 12ba9 | Move file pointer
2018-12-25T11:45:52.077150085Z 64 PC: 12bb5 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:45:52.080093877Z 64 PC: 12bc2 | Write file or device (Write 437 bytes on handle 5)
2018-12-25T11:45:52.094493039Z 66 PC: 12bcf | Move file pointer
2018-12-25T11:45:52.09712672Z 64 PC: 12be2 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:45:52.105027767Z 87 PC: 12bef | Get or set file date and time
2018-12-25T11:45:52.106582665Z 62 PC: 12b7a | Close file
2018-12-25T11:45:52.115617614Z 79 PC: 12b7e | Find next file
2018-12-25T11:45:52.119405173Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:52.127467738Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:52.12979949Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:52.132117453Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:52.134145601Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:52.141522583Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:52.143715706Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:52.147038136Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:52.150414689Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:52.152578017Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:52.155742294Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:52.157530804Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:52.165699086Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:52.169038002Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:52.176715513Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:52.178000926Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:52.180933694Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:52.182723851Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:52.190083474Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:52.192517182Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:52.195516147Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:52.204361359Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:52.207075797Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:52.214201685Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:52.21579852Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:52.224312989Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:52.227432721Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:52.23456773Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:52.236349927Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:52.238747776Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:52.240185561Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:52.24745687Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:52.249913098Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:52.25287046Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:52.255771543Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:52.258179856Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:52.261400568Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:52.263165644Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:52.271583839Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:52.2748548Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:52.281924958Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:52.284348703Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:52.288744827Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:52.290246264Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:52.297108744Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:52.299174244Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:52.302083756Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:52.30501606Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:52.307153897Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:52.310284178Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:52.311888807Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:52.321465799Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:52.324444446Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:52.331581484Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:52.333829791Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:52.340643132Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:52.34198185Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:52.345617989Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:52.347197696Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:52.350129872Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:52.359326501Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:52.361131301Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:52.368621397Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:52.371144454Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:52.379579115Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:52.383167873Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:52.390320727Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:52.392413043Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:52.394546383Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:52.396985475Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:52.404481592Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:52.405658733Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:52.407599731Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:52.41187519Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:52.413147978Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:52.415168625Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:52.416851926Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:52.421763961Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:52.424681608Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:52.432314656Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:52.434156128Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:52.437117746Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:52.439898146Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:52.44261032Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:52.444094002Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:52.447550556Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:52.457010288Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:52.458391827Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:52.4662369Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:52.468012865Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:52.476874084Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:52.479959333Z 78 PC: 12ada | Find first file
2018-12-25T11:45:52.487364694Z 78 PC: 12b30 | Find first file (See above)
2018-12-25T11:45:52.493662795Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:52.500216456Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:52.502359179Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:52.506073292Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:52.507979095Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:52.511634848Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:52.513225401Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:52.517314912Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:52.857924367Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:52.860489183Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:52.864089159Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:52.866977045Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:52.874624053Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:52.877844346Z 78 PC: 12ada | Find first file (See above)
2018-12-25T11:45:52.882439072Z 78 PC: 12b30 | Find first file (See above)
2018-12-25T11:45:52.888628856Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:52.893378489Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:52.894730817Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:52.898828406Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:52.900121568Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:52.902093881Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:52.903877362Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:52.905978364Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:52.910358421Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:52.912287235Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:52.916282102Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:52.917677739Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:52.923094729Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:52.926071Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:52.930739481Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:52.932603357Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:52.936749331Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:52.938085176Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:52.94247194Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:52.943847751Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:52.946345077Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:52.951353391Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:52.952905118Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:52.955824771Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:52.958341398Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:52.962984501Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:52.965216406Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:52.970180466Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:52.971724224Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:52.978289456Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:52.980599117Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:52.986826769Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:52.987805334Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:52.990488726Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:52.995344076Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:52.996560956Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:52.999215092Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:53.000529538Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:53.005163504Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:53.010168973Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:53.014754465Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:53.015955657Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:53.020745984Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:53.021931824Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:53.025866825Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:53.027668175Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:53.031784811Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:53.037207244Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:53.038800963Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:53.04104619Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:53.042379043Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:53.047664255Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:53.051886313Z 79 PC: 12b11 | Find next file
2018-12-25T11:45:53.053811869Z 78 PC: 12b30 | Find first file (See above)
2018-12-25T11:45:53.0602143Z 61 PC: 12b4a | Open file (See above)
2018-12-25T11:45:53.068526163Z 66 PC: 12b59 | Move file pointer (See above)
2018-12-25T11:45:53.07079468Z 63 PC: 12b6a | Read file or device (See above)
2018-12-25T11:45:53.086340479Z 66 PC: 12b8e | Move file pointer (See above)
2018-12-25T11:45:53.088177645Z 63 PC: 12b9c | Read file or device (See above)
2018-12-25T11:45:53.094705083Z 66 PC: 12ba9 | Move file pointer (See above)
2018-12-25T11:45:53.096784497Z 64 PC: 12bb5 | Write file or device (See above)
2018-12-25T11:45:53.103348673Z 64 PC: 12bc2 | Write file or device (See above)
2018-12-25T11:45:53.11010605Z 66 PC: 12bcf | Move file pointer (See above)
2018-12-25T11:45:53.112114368Z 64 PC: 12be2 | Write file or device (See above)
2018-12-25T11:45:53.114280915Z 87 PC: 12bef | Get or set file date and time (See above)
2018-12-25T11:45:53.115442645Z 62 PC: 12b7a | Close file (See above)
2018-12-25T11:45:53.120373604Z 79 PC: 12b7e | Find next file (See above)
2018-12-25T11:45:53.12582963Z 79 PC: 12b11 | Find next file (See above)
2018-12-25T11:45:53.127787163Z 42 PC: 12a74 | Get date 0x12a74: cmp al, 5
0x12a76: jne 0x12a82
0x12a78: cmp dl, 0xd
0x12a7b: jne 0x12a82
0x12a7d: call 0x12aa5
0x12a80: int 0x20
0x12a82: mov ah, 0x1a
0x12a84: mov dx, 0x80
0x12a87: int 0x21
0x12a89: lea si, word ptr [bp - 0x1b8]
0x12a8d: mov di, 0x100
0x12a90: cld
0x12a91: movsw word ptr es:[di], word ptr [si]
0x12a92: movsb byte ptr es:[di], byte ptr [si]
0x12a93: push cs
0x12a94: pop es
0x12a95: push cs
0x12a96: pop ds
0x12a97: pop ax
0x12a98: mov di, 0x100
2018-12-25T11:45:53.129867116Z 2 PC: 12aab | Character output (Char = 'ea')