Sample viewer

vx.netlux.org/Virus.DOS.Akuku.886

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T21:53:24.728777594Z	37	PC: 12a5f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:53:24.731099705Z	47	PC: 12a69 \| Get disk transfer address
2018-12-17T21:53:24.732151197Z	26	PC: 12a72 \| Set disk transfer address
2018-12-17T21:53:24.733147643Z	25	PC: 12a76 \| Get default drive
2018-12-17T21:53:24.734362454Z	44	PC: 12a7d \| Get time 0x12a7d: and dh, 0xf 0x12a80: mov dl, dh 0x12a82: cmp dl, 0 0x12a85: je 0x12a8c 0x12a87: cmp dl, 2 0x12a8a: jne 0x12a90 0x12a8c: mov ah, 0xe 0x12a8e: int 0x21 0x12a90: mov ax, cs 0x12a92: mov es, ax 0x12a94: mov byte ptr [0x3b8], 0 0x12a99: nop 0x12a9a: mov di, 0x382 0x12a9d: mov word ptr [0x3b6], di 0x12aa1: call 0x12cee 0x12aa4: mov di, 0x382 0x12aa7: mov ax, 0x2e2a 0x12aaa: stosw word ptr es:[di], ax 0x12aab: mov ah, 0 0x12aad: stosw word ptr es:[di], ax
2018-12-17T21:53:24.736592497Z	14	PC: 12a90 \| Set default drive (Drive = 'A')
2018-12-17T21:53:24.737754934Z	78	PC: 12d03 \| Find first file
2018-12-17T21:53:24.743635484Z	79	PC: 12d6e \| Find next file
2018-12-17T21:53:24.750795799Z	79	PC: 12d6e \| Find next file
2018-12-17T21:53:24.753805341Z	79	PC: 12d6e \| Find next file
2018-12-17T21:53:24.756315798Z	79	PC: 12d6e \| Find next file
2018-12-17T21:53:24.759371865Z	79	PC: 12d6e \| Find next file
2018-12-17T21:53:24.76168647Z	79	PC: 12d6e \| Find next file
2018-12-17T21:53:24.764068125Z	79	PC: 12d6e \| Find next file
2018-12-17T21:53:24.767028098Z	79	PC: 12d6e \| Find next file
2018-12-17T21:53:24.769615382Z	79	PC: 12d6e \| Find next file
2018-12-17T21:53:24.772051287Z	78	PC: 12ab7 \| Find first file
2018-12-17T21:53:24.77910744Z	79	PC: 12afc \| Find next file
2018-12-17T21:53:24.781770242Z	79	PC: 12afc \| Find next file
2018-12-17T21:53:24.784431244Z	79	PC: 12afc \| Find next file
2018-12-17T21:53:24.788021525Z	79	PC: 12afc \| Find next file
2018-12-17T21:53:24.790683821Z	79	PC: 12afc \| Find next file
2018-12-17T21:53:24.793206924Z	79	PC: 12afc \| Find next file
2018-12-17T21:53:24.79580524Z	79	PC: 12afc \| Find next file
2018-12-17T21:53:24.798983968Z	79	PC: 12afc \| Find next file
2018-12-17T21:53:24.801740585Z	79	PC: 12afc \| Find next file
2018-12-17T21:53:24.803994489Z	14	PC: 12b09 \| Set default drive (Drive = 'A')
2018-12-17T21:53:24.809984326Z	44	PC: 12b0d \| Get time 0x12b0d: cmp cl, 0x20 0x12b10: jb 0x12b44 0x12b12: cmp cl, 0x23 0x12b15: jae 0x12b44 0x12b17: mov ah, 9 0x12b19: mov dx, 0xd2 0x12b1c: int 0x21 0x12b1e: mov ah, 0x4c 0x12b20: int 0x21 0x12b22: or ax, 0x410a 0x12b25: and byte ptr [bp + di + 0x75], ch 0x12b28: imul si, word ptr [di + 0x2c], 0x20 0x12b2c: dec si 0x12b2d: popaw 0x12b2e: jae 0x12ba4 0x12b30: jo 0x12ba1 0x12b33: jns 0x12b55 0x12b35: imul bp, word ptr [bx + 0x6d], 0x6f 0x12b39: jb 0x12ba9 0x12b3b: imul bp, word ptr [bp + di + 0x20], 0x2121
2018-12-17T21:53:24.811988323Z	26	PC: 12b55 \| Set disk transfer address
2018-12-17T21:53:24.813080999Z	76	PC: 12a45 \| Terminate with return code (Return code = '0')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":359,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:40:49.671382718Z	37	PC: 12a5f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:49.673909427Z	47	PC: 12a69 \| Get disk transfer address
2018-12-25T11:40:49.675277792Z	26	PC: 12a72 \| Set disk transfer address
2018-12-25T11:40:49.676494375Z	25	PC: 12a76 \| Get default drive
2018-12-25T11:40:49.678657324Z	44	PC: 12a7d \| Get time 0x12a7d: and dh, 0xf 0x12a80: mov dl, dh 0x12a82: cmp dl, 0 0x12a85: je 0x12a8c 0x12a87: cmp dl, 2 0x12a8a: jne 0x12a90 0x12a8c: mov ah, 0xe 0x12a8e: int 0x21 0x12a90: mov ax, cs 0x12a92: mov es, ax 0x12a94: mov byte ptr [0x3b8], 0 0x12a99: nop 0x12a9a: mov di, 0x382 0x12a9d: mov word ptr [0x3b6], di 0x12aa1: call 0x12cee 0x12aa4: mov di, 0x382 0x12aa7: mov ax, 0x2e2a 0x12aaa: stosw word ptr es:[di], ax 0x12aab: mov ah, 0 0x12aad: stosw word ptr es:[di], ax
2018-12-25T11:40:49.680945407Z	14	PC: 12a90 \| Set default drive (Drive = 'C')
2018-12-25T11:40:49.682168948Z	78	PC: 12d03 \| Find first file
2018-12-25T11:40:49.688013539Z	79	PC: 12d6e \| Find next file
2018-12-25T11:40:49.690839561Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:49.693635288Z	54	PC: 12d86 \| Get free disk space
2018-12-25T11:40:49.740011924Z	67	PC: 12d9f \| Get or set file attributes
2018-12-25T11:40:49.749203881Z	67	PC: 12dab \| Get or set file attributes
2018-12-25T11:40:50.07908615Z	61	PC: 12db0 \| Open file (Filename = 'COMMAND.COM')
2018-12-25T11:40:50.085776758Z	87	PC: 12db7 \| Get or set file date and time
2018-12-25T11:40:50.088213333Z	63	PC: 12c13 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:40:50.094522845Z	66	PC: 12c5a \| Move file pointer
2018-12-25T11:40:50.09618551Z	64	PC: 12c6d \| Write file or device (Write 11 bytes on handle 5)
2018-12-25T11:40:50.103923034Z	64	PC: 12c1f \| Write file or device (Write 886 bytes on handle 5)
2018-12-25T11:40:50.130322935Z	64	PC: 12c2b \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:40:50.133245595Z	66	PC: 12c34 \| Move file pointer
2018-12-25T11:40:50.13537164Z	64	PC: 12c4f \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:40:50.139513446Z	87	PC: 12be5 \| Get or set file date and time
2018-12-25T11:40:50.141655676Z	62	PC: 12be9 \| Close file
2018-12-25T11:40:50.167277924Z	67	PC: 12bf5 \| Get or set file attributes
2018-12-25T11:40:50.177609198Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.180994461Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.184377497Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.189020894Z	78	PC: 12ab7 \| Find first file
2018-12-25T11:40:50.195327185Z	79	PC: 12afc \| Find next file
2018-12-25T11:40:50.198512926Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:50.202484078Z	78	PC: 12d03 \| Find first file (See above)
2018-12-25T11:40:50.212517868Z	54	PC: 12d86 \| Get free disk space (See above)
2018-12-25T11:40:50.215379544Z	67	PC: 12d9f \| Get or set file attributes (See above)
2018-12-25T11:40:50.222822871Z	67	PC: 12dab \| Get or set file attributes (See above)
2018-12-25T11:40:50.233906055Z	61	PC: 12db0 \| Open file (See above)
2018-12-25T11:40:50.241911472Z	87	PC: 12db7 \| Get or set file date and time (See above)
2018-12-25T11:40:50.244184824Z	63	PC: 12b6a \| Read file or device (Read 27 bytes on handle 5)
2018-12-25T11:40:50.251196913Z	66	PC: 12c5a \| Move file pointer (See above)
2018-12-25T11:40:50.25448304Z	64	PC: 12c6d \| Write file or device (See above)
2018-12-25T11:40:50.261735329Z	64	PC: 12b9b \| Write file or device (Write 886 bytes on handle 5)
2018-12-25T11:40:50.270313889Z	64	PC: 12ba9 \| Write file or device (Write 4 bytes on handle 5)
2018-12-25T11:40:50.273263651Z	64	PC: 12bb9 \| Write file or device (Write 2 bytes on handle 5)
2018-12-25T11:40:50.276152409Z	66	PC: 12bc8 \| Move file pointer
2018-12-25T11:40:50.278081494Z	64	PC: 12bd2 \| Write file or device (Write 27 bytes on handle 5)
2018-12-25T11:40:50.281147308Z	87	PC: 12be5 \| Get or set file date and time (See above)
2018-12-25T11:40:50.282798234Z	62	PC: 12be9 \| Close file (See above)
2018-12-25T11:40:50.29083982Z	67	PC: 12bf5 \| Get or set file attributes (See above)
2018-12-25T11:40:50.301683326Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.305116133Z	54	PC: 12d86 \| Get free disk space (See above)
2018-12-25T11:40:50.307991578Z	67	PC: 12d9f \| Get or set file attributes (See above)
2018-12-25T11:40:50.314652109Z	67	PC: 12dab \| Get or set file attributes (See above)
2018-12-25T11:40:50.325820417Z	61	PC: 12db0 \| Open file (See above)
2018-12-25T11:40:50.333184641Z	87	PC: 12db7 \| Get or set file date and time (See above)
2018-12-25T11:40:50.335152907Z	63	PC: 12b6a \| Read file or device (See above)
2018-12-25T11:40:50.341354999Z	66	PC: 12c5a \| Move file pointer (See above)
2018-12-25T11:40:50.342879382Z	64	PC: 12c6d \| Write file or device (See above)
2018-12-25T11:40:50.350353084Z	64	PC: 12b9b \| Write file or device (See above)
2018-12-25T11:40:50.670340238Z	64	PC: 12ba9 \| Write file or device (See above)
2018-12-25T11:40:50.673417787Z	64	PC: 12bb9 \| Write file or device (See above)
2018-12-25T11:40:50.67678445Z	66	PC: 12bc8 \| Move file pointer (See above)
2018-12-25T11:40:50.678471737Z	64	PC: 12bd2 \| Write file or device (See above)
2018-12-25T11:40:50.68230231Z	87	PC: 12be5 \| Get or set file date and time (See above)
2018-12-25T11:40:50.684861668Z	62	PC: 12be9 \| Close file (See above)
2018-12-25T11:40:50.697604868Z	67	PC: 12bf5 \| Get or set file attributes (See above)
2018-12-25T11:40:50.709256455Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.712148678Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.71430285Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.716480437Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.720255437Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.722881348Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.726670931Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.730789347Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.735169267Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.739460653Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.743905479Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.756695504Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.760618772Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.769209188Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.77379783Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.777183737Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.780581015Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.784313906Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.78786507Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.79162821Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.796300802Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.800261238Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.803894729Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.807768167Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.81186478Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.815749511Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.819520215Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.823951156Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.827426516Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.835503259Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.840065492Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.843959017Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.847803058Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.851737237Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.854996137Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:50.858203494Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:50.862251913Z	78	PC: 12d03 \| Find first file (See above)
2018-12-25T11:40:50.873679229Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.87809407Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.883563377Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.887725322Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.891442649Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.895273592Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.901434969Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.905341895Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.910031137Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.914799188Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.918918059Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.922792306Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.927623187Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.934702329Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.938596922Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.943344088Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.947463437Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.951121332Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.955384049Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.959336998Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.962895529Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.96638709Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.970819461Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.974249197Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.979876771Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.984117129Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.987619108Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.9909175Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.995024866Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.00210915Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.005633401Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.010444471Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.014252128Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.018058126Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.022652091Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.026743687Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.030579769Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.035186526Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.040186802Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.043957339Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.048236136Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.052182583Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.055589898Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.059242494Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.063310167Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.070519491Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.074243225Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.077941336Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.095517437Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.099499163Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.104847693Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.107332751Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.109777553Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.112403936Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.114700117Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.117332552Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.122122464Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.12554692Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.128979767Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.133741817Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.137506287Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.14470825Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.149240094Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.152787163Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.156215564Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.160890853Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.165128446Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.168560522Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.173597481Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.177071673Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.180586342Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.185948184Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.189417708Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.193079691Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.197796451Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.201763888Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.205628645Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.214272773Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.218354175Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.222265574Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.226669104Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.230208157Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.233580704Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.23744236Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.240948293Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.245124849Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.248516308Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.252954106Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.256817978Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.260891128Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.265621645Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.269608963Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.273504268Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.281661878Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.285593956Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.289464981Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.293904902Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.297801512Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.301697065Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.306007471Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.309794704Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.314062098Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.318250315Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.322195456Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.325634475Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.329811209Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.333348064Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.340255538Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.344866909Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.347918325Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:51.350659153Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:51.354042744Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:51.356708107Z	14	PC: 12b09 \| Set default drive (Drive = '')
2018-12-25T11:40:51.358007624Z	44	PC: 12b0d \| Get time 0x12b0d: cmp cl, 0x20 0x12b10: jb 0x12b44 0x12b12: cmp cl, 0x23 0x12b15: jae 0x12b44 0x12b17: mov ah, 9 0x12b19: mov dx, 0xd2 0x12b1c: int 0x21 0x12b1e: mov ah, 0x4c 0x12b20: int 0x21 0x12b22: or ax, 0x410a 0x12b25: and byte ptr [bp + di + 0x75], ch 0x12b28: imul si, word ptr [di + 0x2c], 0x20 0x12b2c: dec si 0x12b2d: popaw 0x12b2e: jae 0x12ba4 0x12b30: jo 0x12ba1 0x12b33: jns 0x12b55 0x12b35: imul bp, word ptr [bx + 0x6d], 0x6f 0x12b39: jb 0x12ba9 0x12b3b: imul bp, word ptr [bp + di + 0x20], 0x2121
2018-12-25T11:40:51.360686182Z	26	PC: 12b55 \| Set disk transfer address
2018-12-25T11:40:51.361854618Z	76	PC: 12a45 \| Terminate with return code (Return code = '0')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":1,"TimeBased":true,"OriginalID":359,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:40:49.787655648Z	37	PC: 12a5f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:49.789179605Z	47	PC: 12a69 \| Get disk transfer address
2018-12-25T11:40:49.790320986Z	26	PC: 12a72 \| Set disk transfer address
2018-12-25T11:40:49.791349783Z	25	PC: 12a76 \| Get default drive
2018-12-25T11:40:49.792536872Z	44	PC: 12a7d \| Get time 0x12a7d: and dh, 0xf 0x12a80: mov dl, dh 0x12a82: cmp dl, 0 0x12a85: je 0x12a8c 0x12a87: cmp dl, 2 0x12a8a: jne 0x12a90 0x12a8c: mov ah, 0xe 0x12a8e: int 0x21 0x12a90: mov ax, cs 0x12a92: mov es, ax 0x12a94: mov byte ptr [0x3b8], 0 0x12a99: nop 0x12a9a: mov di, 0x382 0x12a9d: mov word ptr [0x3b6], di 0x12aa1: call 0x12cee 0x12aa4: mov di, 0x382 0x12aa7: mov ax, 0x2e2a 0x12aaa: stosw word ptr es:[di], ax 0x12aab: mov ah, 0 0x12aad: stosw word ptr es:[di], ax
2018-12-25T11:40:49.795070472Z	78	PC: 12d03 \| Find first file
2018-12-25T11:40:49.801671941Z	79	PC: 12d6e \| Find next file
2018-12-25T11:40:49.804312789Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:49.807310714Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:49.810104406Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:49.812912516Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:49.816154482Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:49.818753265Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:49.82126185Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:49.825254312Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:49.827684322Z	78	PC: 12ab7 \| Find first file
2018-12-25T11:40:49.83400037Z	79	PC: 12afc \| Find next file
2018-12-25T11:40:49.837314892Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:49.840082855Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:49.842666522Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:49.84694726Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:49.849614652Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:49.852268626Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:49.855361326Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:49.858032639Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:49.86043009Z	14	PC: 12b09 \| Set default drive (Drive = 'A')
2018-12-25T11:40:49.862042408Z	44	PC: 12b0d \| Get time 0x12b0d: cmp cl, 0x20 0x12b10: jb 0x12b44 0x12b12: cmp cl, 0x23 0x12b15: jae 0x12b44 0x12b17: mov ah, 9 0x12b19: mov dx, 0xd2 0x12b1c: int 0x21 0x12b1e: mov ah, 0x4c 0x12b20: int 0x21 0x12b22: or ax, 0x410a 0x12b25: and byte ptr [bp + di + 0x75], ch 0x12b28: imul si, word ptr [di + 0x2c], 0x20 0x12b2c: dec si 0x12b2d: popaw 0x12b2e: jae 0x12ba4 0x12b30: jo 0x12ba1 0x12b33: jns 0x12b55 0x12b35: imul bp, word ptr [bx + 0x6d], 0x6f 0x12b39: jb 0x12ba9 0x12b3b: imul bp, word ptr [bp + di + 0x20], 0x2121
2018-12-25T11:40:49.864462108Z	26	PC: 12b55 \| Set disk transfer address
2018-12-25T11:40:49.865651849Z	76	PC: 12a45 \| Terminate with return code (Return code = '0')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":2,"TimeBased":true,"OriginalID":359,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:40:50.2267138Z	37	PC: 12a5f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:50.228675031Z	47	PC: 12a69 \| Get disk transfer address
2018-12-25T11:40:50.230103958Z	26	PC: 12a72 \| Set disk transfer address
2018-12-25T11:40:50.231136243Z	25	PC: 12a76 \| Get default drive
2018-12-25T11:40:50.232305514Z	44	PC: 12a7d \| Get time 0x12a7d: and dh, 0xf 0x12a80: mov dl, dh 0x12a82: cmp dl, 0 0x12a85: je 0x12a8c 0x12a87: cmp dl, 2 0x12a8a: jne 0x12a90 0x12a8c: mov ah, 0xe 0x12a8e: int 0x21 0x12a90: mov ax, cs 0x12a92: mov es, ax 0x12a94: mov byte ptr [0x3b8], 0 0x12a99: nop 0x12a9a: mov di, 0x382 0x12a9d: mov word ptr [0x3b6], di 0x12aa1: call 0x12cee 0x12aa4: mov di, 0x382 0x12aa7: mov ax, 0x2e2a 0x12aaa: stosw word ptr es:[di], ax 0x12aab: mov ah, 0 0x12aad: stosw word ptr es:[di], ax
2018-12-25T11:40:50.234915466Z	78	PC: 12d03 \| Find first file
2018-12-25T11:40:50.241731112Z	79	PC: 12d6e \| Find next file
2018-12-25T11:40:50.244884558Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.248635389Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.251080778Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.253223343Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.256329795Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.258249337Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.260072108Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.262566028Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.264279639Z	78	PC: 12ab7 \| Find first file
2018-12-25T11:40:50.268177735Z	79	PC: 12afc \| Find next file
2018-12-25T11:40:50.27066623Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:50.272573582Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:50.274449847Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:50.276393565Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:50.278730164Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:50.280470257Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:50.282191758Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:50.284280751Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:50.287453298Z	14	PC: 12b09 \| Set default drive (Drive = 'A')
2018-12-25T11:40:50.288595249Z	44	PC: 12b0d \| Get time 0x12b0d: cmp cl, 0x20 0x12b10: jb 0x12b44 0x12b12: cmp cl, 0x23 0x12b15: jae 0x12b44 0x12b17: mov ah, 9 0x12b19: mov dx, 0xd2 0x12b1c: int 0x21 0x12b1e: mov ah, 0x4c 0x12b20: int 0x21 0x12b22: or ax, 0x410a 0x12b25: and byte ptr [bp + di + 0x75], ch 0x12b28: imul si, word ptr [di + 0x2c], 0x20 0x12b2c: dec si 0x12b2d: popaw 0x12b2e: jae 0x12ba4 0x12b30: jo 0x12ba1 0x12b33: jns 0x12b55 0x12b35: imul bp, word ptr [bx + 0x6d], 0x6f 0x12b39: jb 0x12ba9 0x12b3b: imul bp, word ptr [bp + di + 0x20], 0x2121
2018-12-25T11:40:50.291056351Z	26	PC: 12b55 \| Set disk transfer address
2018-12-25T11:40:50.292191121Z	76	PC: 12a45 \| Terminate with return code (Return code = '0')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":359,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:40:50.251874474Z	37	PC: 12a5f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:50.25339741Z	47	PC: 12a69 \| Get disk transfer address
2018-12-25T11:40:50.255537053Z	26	PC: 12a72 \| Set disk transfer address
2018-12-25T11:40:50.257099618Z	25	PC: 12a76 \| Get default drive
2018-12-25T11:40:50.258483368Z	44	PC: 12a7d \| Get time 0x12a7d: and dh, 0xf 0x12a80: mov dl, dh 0x12a82: cmp dl, 0 0x12a85: je 0x12a8c 0x12a87: cmp dl, 2 0x12a8a: jne 0x12a90 0x12a8c: mov ah, 0xe 0x12a8e: int 0x21 0x12a90: mov ax, cs 0x12a92: mov es, ax 0x12a94: mov byte ptr [0x3b8], 0 0x12a99: nop 0x12a9a: mov di, 0x382 0x12a9d: mov word ptr [0x3b6], di 0x12aa1: call 0x12cee 0x12aa4: mov di, 0x382 0x12aa7: mov ax, 0x2e2a 0x12aaa: stosw word ptr es:[di], ax 0x12aab: mov ah, 0 0x12aad: stosw word ptr es:[di], ax
2018-12-25T11:40:50.260977642Z	14	PC: 12a90 \| Set default drive (Drive = 'C')
2018-12-25T11:40:50.262269191Z	78	PC: 12d03 \| Find first file
2018-12-25T11:40:50.268267888Z	79	PC: 12d6e \| Find next file
2018-12-25T11:40:50.27117653Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.273969179Z	54	PC: 12d86 \| Get free disk space
2018-12-25T11:40:50.317631934Z	67	PC: 12d9f \| Get or set file attributes
2018-12-25T11:40:50.326746034Z	67	PC: 12dab \| Get or set file attributes
2018-12-25T11:40:50.670975274Z	61	PC: 12db0 \| Open file (Filename = 'COMMAND.COM')
2018-12-25T11:40:50.678071066Z	87	PC: 12db7 \| Get or set file date and time
2018-12-25T11:40:50.679997638Z	63	PC: 12c13 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:40:50.686889384Z	66	PC: 12c5a \| Move file pointer
2018-12-25T11:40:50.688374055Z	64	PC: 12c6d \| Write file or device (Write 11 bytes on handle 5)
2018-12-25T11:40:50.696193142Z	64	PC: 12c1f \| Write file or device (Write 886 bytes on handle 5)
2018-12-25T11:40:50.705472405Z	64	PC: 12c2b \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:40:50.708535426Z	66	PC: 12c34 \| Move file pointer
2018-12-25T11:40:50.710584172Z	64	PC: 12c4f \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:40:50.714630277Z	87	PC: 12be5 \| Get or set file date and time
2018-12-25T11:40:50.716304815Z	62	PC: 12be9 \| Close file
2018-12-25T11:40:50.725184629Z	67	PC: 12bf5 \| Get or set file attributes
2018-12-25T11:40:50.735399288Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.738433543Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.742004447Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.745414374Z	78	PC: 12ab7 \| Find first file
2018-12-25T11:40:50.752003215Z	79	PC: 12afc \| Find next file
2018-12-25T11:40:50.755274003Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:50.760485556Z	78	PC: 12d03 \| Find first file (See above)
2018-12-25T11:40:50.770549407Z	54	PC: 12d86 \| Get free disk space (See above)
2018-12-25T11:40:50.772317767Z	67	PC: 12d9f \| Get or set file attributes (See above)
2018-12-25T11:40:50.777094725Z	67	PC: 12dab \| Get or set file attributes (See above)
2018-12-25T11:40:50.788522548Z	61	PC: 12db0 \| Open file (See above)
2018-12-25T11:40:50.796126135Z	87	PC: 12db7 \| Get or set file date and time (See above)
2018-12-25T11:40:50.798241071Z	63	PC: 12b6a \| Read file or device (Read 27 bytes on handle 5)
2018-12-25T11:40:50.804422038Z	66	PC: 12c5a \| Move file pointer (See above)
2018-12-25T11:40:50.806058529Z	64	PC: 12c6d \| Write file or device (See above)
2018-12-25T11:40:50.814446711Z	64	PC: 12b9b \| Write file or device (Write 886 bytes on handle 5)
2018-12-25T11:40:50.822806083Z	64	PC: 12ba9 \| Write file or device (Write 4 bytes on handle 5)
2018-12-25T11:40:50.825807378Z	64	PC: 12bb9 \| Write file or device (Write 2 bytes on handle 5)
2018-12-25T11:40:50.82964214Z	66	PC: 12bc8 \| Move file pointer
2018-12-25T11:40:50.831378498Z	64	PC: 12bd2 \| Write file or device (Write 27 bytes on handle 5)
2018-12-25T11:40:50.834947276Z	87	PC: 12be5 \| Get or set file date and time (See above)
2018-12-25T11:40:50.8371927Z	62	PC: 12be9 \| Close file (See above)
2018-12-25T11:40:50.846767515Z	67	PC: 12bf5 \| Get or set file attributes (See above)
2018-12-25T11:40:50.857599418Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.864205205Z	54	PC: 12d86 \| Get free disk space (See above)
2018-12-25T11:40:50.867920144Z	67	PC: 12d9f \| Get or set file attributes (See above)
2018-12-25T11:40:50.875149119Z	67	PC: 12dab \| Get or set file attributes (See above)
2018-12-25T11:40:50.886398491Z	61	PC: 12db0 \| Open file (See above)
2018-12-25T11:40:50.895576436Z	87	PC: 12db7 \| Get or set file date and time (See above)
2018-12-25T11:40:50.898022983Z	63	PC: 12b6a \| Read file or device (See above)
2018-12-25T11:40:50.904658018Z	66	PC: 12c5a \| Move file pointer (See above)
2018-12-25T11:40:50.907633768Z	64	PC: 12c6d \| Write file or device (See above)
2018-12-25T11:40:50.924824173Z	64	PC: 12b9b \| Write file or device (See above)
2018-12-25T11:40:50.934009693Z	64	PC: 12ba9 \| Write file or device (See above)
2018-12-25T11:40:50.938421628Z	64	PC: 12bb9 \| Write file or device (See above)
2018-12-25T11:40:50.941825756Z	66	PC: 12bc8 \| Move file pointer (See above)
2018-12-25T11:40:50.943381743Z	64	PC: 12bd2 \| Write file or device (See above)
2018-12-25T11:40:50.946926813Z	87	PC: 12be5 \| Get or set file date and time (See above)
2018-12-25T11:40:50.949849537Z	62	PC: 12be9 \| Close file (See above)
2018-12-25T11:40:50.958203006Z	67	PC: 12bf5 \| Get or set file attributes (See above)
2018-12-25T11:40:50.969002025Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.97372051Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.977292573Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.979426814Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.982466384Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.985011682Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.987473278Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.990344003Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:50.992659634Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.000533231Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.004200933Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.008123034Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.011534602Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.018153909Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.022146617Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.025507241Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.028784602Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.032695768Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.036070493Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.039356947Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.044261629Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.048236904Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.052197146Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.056563622Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.069331468Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.07317088Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.07796515Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.080727152Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.082928392Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.087500281Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.089901126Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.09213355Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.094550283Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.098679101Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.102105913Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:51.105458279Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:51.108662476Z	78	PC: 12d03 \| Find first file (See above)
2018-12-25T11:40:51.119038694Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.122594528Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.126665349Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.13002132Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.133503662Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.137454942Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.140929008Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.14419498Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.148702124Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.152464044Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.155926429Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.160311434Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.164363232Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.171473812Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.175679406Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.179224762Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.183505873Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.187985857Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.19154571Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.195047785Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.198996996Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.203484835Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.206922246Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.210260949Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.21442342Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.217758303Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.221146293Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.225029625Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.228790645Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.235932029Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.240013652Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.243770425Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.247519624Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.252505752Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.25597335Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.259214624Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.263605617Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.267083089Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.270520333Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.274718788Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.278184145Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.281755395Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.285773382Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.288889946Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.292142653Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.299475367Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.302857524Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.306045084Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.310005794Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.313341891Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.317701008Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.32210517Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.325508486Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.328798786Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.332754708Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.336261132Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.339525883Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.343191284Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.346656879Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.350072247Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.354827114Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.362117799Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.365484556Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.369454556Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.373275688Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.377139025Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.382901619Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.386803238Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.390302014Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.394566561Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.398373917Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.40190828Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.407950618Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.411914849Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.415977486Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.420545495Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.424328791Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.431360307Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.437496198Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.440979559Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.444359094Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.449016821Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.453304882Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.456696495Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.46137164Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.464752277Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.468138248Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.47311872Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.476833866Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.480424648Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.484492184Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.488404604Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.491935564Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.499433356Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.503663623Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.507055081Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.510590415Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.514528535Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.517910106Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.522275844Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.526164314Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.529589881Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.533138438Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.536714698Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.540194205Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.543770427Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.547644759Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.554651871Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.558285029Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.563402919Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:51.566741596Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:51.569892187Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:51.573864759Z	14	PC: 12b09 \| Set default drive (Drive = '')
2018-12-25T11:40:51.575574636Z	44	PC: 12b0d \| Get time 0x12b0d: cmp cl, 0x20 0x12b10: jb 0x12b44 0x12b12: cmp cl, 0x23 0x12b15: jae 0x12b44 0x12b17: mov ah, 9 0x12b19: mov dx, 0xd2 0x12b1c: int 0x21 0x12b1e: mov ah, 0x4c 0x12b20: int 0x21 0x12b22: or ax, 0x410a 0x12b25: and byte ptr [bp + di + 0x75], ch 0x12b28: imul si, word ptr [di + 0x2c], 0x20 0x12b2c: dec si 0x12b2d: popaw 0x12b2e: jae 0x12ba4 0x12b30: jo 0x12ba1 0x12b33: jns 0x12b55 0x12b35: imul bp, word ptr [bx + 0x6d], 0x6f 0x12b39: jb 0x12ba9 0x12b3b: imul bp, word ptr [bp + di + 0x20], 0x2121
2018-12-25T11:40:51.578433314Z	26	PC: 12b55 \| Set disk transfer address
2018-12-25T11:40:51.580740404Z	76	PC: 12a45 \| Terminate with return code (Return code = '0')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":32,"Second":0,"TimeBased":true,"OriginalID":359,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:40:51.089943711Z	37	PC: 12a5f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:51.09155979Z	47	PC: 12a69 \| Get disk transfer address
2018-12-25T11:40:51.092581231Z	26	PC: 12a72 \| Set disk transfer address
2018-12-25T11:40:51.093541188Z	25	PC: 12a76 \| Get default drive
2018-12-25T11:40:51.094824598Z	44	PC: 12a7d \| Get time 0x12a7d: and dh, 0xf 0x12a80: mov dl, dh 0x12a82: cmp dl, 0 0x12a85: je 0x12a8c 0x12a87: cmp dl, 2 0x12a8a: jne 0x12a90 0x12a8c: mov ah, 0xe 0x12a8e: int 0x21 0x12a90: mov ax, cs 0x12a92: mov es, ax 0x12a94: mov byte ptr [0x3b8], 0 0x12a99: nop 0x12a9a: mov di, 0x382 0x12a9d: mov word ptr [0x3b6], di 0x12aa1: call 0x12cee 0x12aa4: mov di, 0x382 0x12aa7: mov ax, 0x2e2a 0x12aaa: stosw word ptr es:[di], ax 0x12aab: mov ah, 0 0x12aad: stosw word ptr es:[di], ax
2018-12-25T11:40:51.096556343Z	14	PC: 12a90 \| Set default drive (Drive = 'C')
2018-12-25T11:40:51.097549671Z	78	PC: 12d03 \| Find first file
2018-12-25T11:40:51.101182797Z	79	PC: 12d6e \| Find next file
2018-12-25T11:40:51.104065078Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.105960869Z	54	PC: 12d86 \| Get free disk space
2018-12-25T11:40:51.141809957Z	67	PC: 12d9f \| Get or set file attributes
2018-12-25T11:40:51.150750958Z	67	PC: 12dab \| Get or set file attributes
2018-12-25T11:40:51.48971898Z	61	PC: 12db0 \| Open file (Filename = 'COMMAND.COM')
2018-12-25T11:40:51.493967612Z	87	PC: 12db7 \| Get or set file date and time
2018-12-25T11:40:51.496178594Z	63	PC: 12c13 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:40:51.501772428Z	66	PC: 12c5a \| Move file pointer
2018-12-25T11:40:51.502846997Z	64	PC: 12c6d \| Write file or device (Write 11 bytes on handle 5)
2018-12-25T11:40:51.50818524Z	64	PC: 12c1f \| Write file or device (Write 886 bytes on handle 5)
2018-12-25T11:40:51.514621739Z	64	PC: 12c2b \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:40:51.516599478Z	66	PC: 12c34 \| Move file pointer
2018-12-25T11:40:51.517968437Z	64	PC: 12c4f \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:40:51.521410681Z	87	PC: 12be5 \| Get or set file date and time
2018-12-25T11:40:51.522528137Z	62	PC: 12be9 \| Close file
2018-12-25T11:40:51.529312773Z	67	PC: 12bf5 \| Get or set file attributes
2018-12-25T11:40:51.540824203Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.544396232Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.547911344Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.551975437Z	78	PC: 12ab7 \| Find first file
2018-12-25T11:40:51.557939888Z	79	PC: 12afc \| Find next file
2018-12-25T11:40:51.560784844Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:51.564340137Z	78	PC: 12d03 \| Find first file (See above)
2018-12-25T11:40:51.575347336Z	54	PC: 12d86 \| Get free disk space (See above)
2018-12-25T11:40:51.578205579Z	67	PC: 12d9f \| Get or set file attributes (See above)
2018-12-25T11:40:51.592614856Z	67	PC: 12dab \| Get or set file attributes (See above)
2018-12-25T11:40:51.603597988Z	61	PC: 12db0 \| Open file (See above)
2018-12-25T11:40:51.612115384Z	87	PC: 12db7 \| Get or set file date and time (See above)
2018-12-25T11:40:51.614407565Z	63	PC: 12b6a \| Read file or device (Read 27 bytes on handle 5)
2018-12-25T11:40:51.620639568Z	66	PC: 12c5a \| Move file pointer (See above)
2018-12-25T11:40:51.622252691Z	64	PC: 12c6d \| Write file or device (See above)
2018-12-25T11:40:51.630821072Z	64	PC: 12b9b \| Write file or device (Write 886 bytes on handle 5)
2018-12-25T11:40:51.639738627Z	64	PC: 12ba9 \| Write file or device (Write 4 bytes on handle 5)
2018-12-25T11:40:51.64359369Z	64	PC: 12bb9 \| Write file or device (Write 2 bytes on handle 5)
2018-12-25T11:40:51.64683412Z	66	PC: 12bc8 \| Move file pointer
2018-12-25T11:40:51.649389596Z	64	PC: 12bd2 \| Write file or device (Write 27 bytes on handle 5)
2018-12-25T11:40:51.652907394Z	87	PC: 12be5 \| Get or set file date and time (See above)
2018-12-25T11:40:51.654703361Z	62	PC: 12be9 \| Close file (See above)
2018-12-25T11:40:51.662515185Z	67	PC: 12bf5 \| Get or set file attributes (See above)
2018-12-25T11:40:51.673531435Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.677421357Z	54	PC: 12d86 \| Get free disk space (See above)
2018-12-25T11:40:51.681311091Z	67	PC: 12d9f \| Get or set file attributes (See above)
2018-12-25T11:40:51.687982069Z	67	PC: 12dab \| Get or set file attributes (See above)
2018-12-25T11:40:51.69870562Z	61	PC: 12db0 \| Open file (See above)
2018-12-25T11:40:51.708175716Z	87	PC: 12db7 \| Get or set file date and time (See above)
2018-12-25T11:40:51.709616397Z	63	PC: 12b6a \| Read file or device (See above)
2018-12-25T11:40:51.715788923Z	66	PC: 12c5a \| Move file pointer (See above)
2018-12-25T11:40:51.717966628Z	64	PC: 12c6d \| Write file or device (See above)
2018-12-25T11:40:51.724900005Z	64	PC: 12b9b \| Write file or device (See above)
2018-12-25T11:40:51.733414459Z	64	PC: 12ba9 \| Write file or device (See above)
2018-12-25T11:40:51.7372803Z	64	PC: 12bb9 \| Write file or device (See above)
2018-12-25T11:40:51.741832082Z	66	PC: 12bc8 \| Move file pointer (See above)
2018-12-25T11:40:51.743290954Z	64	PC: 12bd2 \| Write file or device (See above)
2018-12-25T11:40:51.746349838Z	87	PC: 12be5 \| Get or set file date and time (See above)
2018-12-25T11:40:51.748259268Z	62	PC: 12be9 \| Close file (See above)
2018-12-25T11:40:51.756286902Z	67	PC: 12bf5 \| Get or set file attributes (See above)
2018-12-25T11:40:51.76677786Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.770737102Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.775058432Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.778479425Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.782212441Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.785489607Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.788740408Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.792631702Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.796125046Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.799475965Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.803292183Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.819100886Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.821471302Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.829311291Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.832704356Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.836852808Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.840481708Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.842912508Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.845216308Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.847456647Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.849863537Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.852116136Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.855738374Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.860527795Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.86436095Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.868122407Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.872738438Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.87787729Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.881377811Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.888716913Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.890947252Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.893251284Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.895925393Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.901270095Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.903718374Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:51.90593706Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:51.909069798Z	78	PC: 12d03 \| Find first file (See above)
2018-12-25T11:40:51.915085033Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.917355857Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.919799317Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.922052293Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.924352088Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.927343512Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.929634822Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.932423674Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.935253633Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.9374895Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.939927876Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.943111449Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.947015498Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.952382344Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.955381472Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.957735495Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.960679881Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.964642094Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.966791464Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.968821249Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.974209237Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.976393637Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.979421323Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.983745396Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.98725602Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.99071445Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.994901166Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.998275065Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.00159634Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.009456638Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.013059795Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.016556659Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.020715325Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.024301033Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.027757295Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.031860199Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.035798005Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.039241458Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.042804088Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.047108412Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.050572924Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.054583254Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.058694753Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.062442378Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.066964061Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.075034852Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.078956953Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.08277954Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.087396074Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.091240538Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.094886303Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.099862352Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.103699729Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.107514769Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.117915485Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.121394319Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.125326452Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.129399704Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.133668201Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.13720151Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.141853719Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.150468943Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.154358633Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.159349262Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.163296168Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.16732718Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.172194053Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.176085887Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.179389229Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.183591117Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.188475551Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.192489709Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.197135522Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.201374073Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.205449719Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.210364067Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.214778373Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.222025892Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.22629134Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.230544069Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.234249351Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.23813558Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.243098432Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.246751401Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.250558931Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.256126879Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.273516014Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.277138047Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.282200672Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.286139538Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.290261339Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.295190068Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.299390006Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.308850788Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.313520502Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.322633132Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.327112297Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.331156542Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.335135074Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.339828061Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.356571208Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.360542587Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.364422794Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.368940386Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.373220808Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.377139611Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.381307485Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.38904035Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.392514802Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.396366695Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:52.399244056Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:52.401992987Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:52.405534553Z	14	PC: 12b09 \| Set default drive (Drive = '')
2018-12-25T11:40:52.407256756Z	44	PC: 12b0d \| Get time 0x12b0d: cmp cl, 0x20 0x12b10: jb 0x12b44 0x12b12: cmp cl, 0x23 0x12b15: jae 0x12b44 0x12b17: mov ah, 9 0x12b19: mov dx, 0xd2 0x12b1c: int 0x21 0x12b1e: mov ah, 0x4c 0x12b20: int 0x21 0x12b22: or ax, 0x410a 0x12b25: and byte ptr [bp + di + 0x75], ch 0x12b28: imul si, word ptr [di + 0x2c], 0x20 0x12b2c: dec si 0x12b2d: popaw 0x12b2e: jae 0x12ba4 0x12b30: jo 0x12ba1 0x12b33: jns 0x12b55 0x12b35: imul bp, word ptr [bx + 0x6d], 0x6f 0x12b39: jb 0x12ba9 0x12b3b: imul bp, word ptr [bp + di + 0x20], 0x2121
2018-12-25T11:40:52.410023489Z	9	PC: 12b1e \| Display string (String= ' A kuku, Nastepny komornik !!! ')
2018-12-25T11:40:52.417173766Z	76	PC: 12b22 \| Terminate with return code (Return code = '36')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":36,"Second":0,"TimeBased":true,"OriginalID":359,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:40:51.106657514Z	37	PC: 12a5f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:40:51.107996095Z	47	PC: 12a69 \| Get disk transfer address
2018-12-25T11:40:51.108989851Z	26	PC: 12a72 \| Set disk transfer address
2018-12-25T11:40:51.109850235Z	25	PC: 12a76 \| Get default drive
2018-12-25T11:40:51.111070792Z	44	PC: 12a7d \| Get time 0x12a7d: and dh, 0xf 0x12a80: mov dl, dh 0x12a82: cmp dl, 0 0x12a85: je 0x12a8c 0x12a87: cmp dl, 2 0x12a8a: jne 0x12a90 0x12a8c: mov ah, 0xe 0x12a8e: int 0x21 0x12a90: mov ax, cs 0x12a92: mov es, ax 0x12a94: mov byte ptr [0x3b8], 0 0x12a99: nop 0x12a9a: mov di, 0x382 0x12a9d: mov word ptr [0x3b6], di 0x12aa1: call 0x12cee 0x12aa4: mov di, 0x382 0x12aa7: mov ax, 0x2e2a 0x12aaa: stosw word ptr es:[di], ax 0x12aab: mov ah, 0 0x12aad: stosw word ptr es:[di], ax
2018-12-25T11:40:51.113032791Z	14	PC: 12a90 \| Set default drive (Drive = 'C')
2018-12-25T11:40:51.114115762Z	78	PC: 12d03 \| Find first file
2018-12-25T11:40:51.119608677Z	79	PC: 12d6e \| Find next file
2018-12-25T11:40:51.122341605Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.124961191Z	54	PC: 12d86 \| Get free disk space
2018-12-25T11:40:51.166740641Z	67	PC: 12d9f \| Get or set file attributes
2018-12-25T11:40:51.175392718Z	67	PC: 12dab \| Get or set file attributes
2018-12-25T11:40:51.509712545Z	61	PC: 12db0 \| Open file (Filename = 'COMMAND.COM')
2018-12-25T11:40:51.515283685Z	87	PC: 12db7 \| Get or set file date and time
2018-12-25T11:40:51.517144321Z	63	PC: 12c13 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:40:51.523044554Z	66	PC: 12c5a \| Move file pointer
2018-12-25T11:40:51.524562777Z	64	PC: 12c6d \| Write file or device (Write 11 bytes on handle 5)
2018-12-25T11:40:51.530761379Z	64	PC: 12c1f \| Write file or device (Write 886 bytes on handle 5)
2018-12-25T11:40:51.539848764Z	64	PC: 12c2b \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:40:51.542356252Z	66	PC: 12c34 \| Move file pointer
2018-12-25T11:40:51.544265739Z	64	PC: 12c4f \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:40:51.54689858Z	87	PC: 12be5 \| Get or set file date and time
2018-12-25T11:40:51.548227923Z	62	PC: 12be9 \| Close file
2018-12-25T11:40:51.555131851Z	67	PC: 12bf5 \| Get or set file attributes
2018-12-25T11:40:51.563828131Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.566447367Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.569255713Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.571684022Z	78	PC: 12ab7 \| Find first file
2018-12-25T11:40:51.584737111Z	79	PC: 12afc \| Find next file
2018-12-25T11:40:51.587651529Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:51.590204276Z	78	PC: 12d03 \| Find first file (See above)
2018-12-25T11:40:51.599388104Z	54	PC: 12d86 \| Get free disk space (See above)
2018-12-25T11:40:51.601484006Z	67	PC: 12d9f \| Get or set file attributes (See above)
2018-12-25T11:40:51.605188269Z	67	PC: 12dab \| Get or set file attributes (See above)
2018-12-25T11:40:51.613120656Z	61	PC: 12db0 \| Open file (See above)
2018-12-25T11:40:51.623409521Z	87	PC: 12db7 \| Get or set file date and time (See above)
2018-12-25T11:40:51.625043205Z	63	PC: 12b6a \| Read file or device (Read 27 bytes on handle 5)
2018-12-25T11:40:51.630578702Z	66	PC: 12c5a \| Move file pointer (See above)
2018-12-25T11:40:51.632651627Z	64	PC: 12c6d \| Write file or device (See above)
2018-12-25T11:40:51.639298373Z	64	PC: 12b9b \| Write file or device (Write 886 bytes on handle 5)
2018-12-25T11:40:51.646333146Z	64	PC: 12ba9 \| Write file or device (Write 4 bytes on handle 5)
2018-12-25T11:40:51.649104094Z	64	PC: 12bb9 \| Write file or device (Write 2 bytes on handle 5)
2018-12-25T11:40:51.657551484Z	66	PC: 12bc8 \| Move file pointer
2018-12-25T11:40:51.659534563Z	64	PC: 12bd2 \| Write file or device (Write 27 bytes on handle 5)
2018-12-25T11:40:51.662253898Z	87	PC: 12be5 \| Get or set file date and time (See above)
2018-12-25T11:40:51.664505084Z	62	PC: 12be9 \| Close file (See above)
2018-12-25T11:40:51.671969107Z	67	PC: 12bf5 \| Get or set file attributes (See above)
2018-12-25T11:40:51.681701428Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.685427382Z	54	PC: 12d86 \| Get free disk space (See above)
2018-12-25T11:40:51.687965272Z	67	PC: 12d9f \| Get or set file attributes (See above)
2018-12-25T11:40:51.693743788Z	67	PC: 12dab \| Get or set file attributes (See above)
2018-12-25T11:40:51.703854271Z	61	PC: 12db0 \| Open file (See above)
2018-12-25T11:40:51.710528206Z	87	PC: 12db7 \| Get or set file date and time (See above)
2018-12-25T11:40:51.711847636Z	63	PC: 12b6a \| Read file or device (See above)
2018-12-25T11:40:51.718114737Z	66	PC: 12c5a \| Move file pointer (See above)
2018-12-25T11:40:51.719713972Z	64	PC: 12c6d \| Write file or device (See above)
2018-12-25T11:40:51.726787303Z	64	PC: 12b9b \| Write file or device (See above)
2018-12-25T11:40:51.735619079Z	64	PC: 12ba9 \| Write file or device (See above)
2018-12-25T11:40:51.738364404Z	64	PC: 12bb9 \| Write file or device (See above)
2018-12-25T11:40:51.741266138Z	66	PC: 12bc8 \| Move file pointer (See above)
2018-12-25T11:40:51.743688935Z	64	PC: 12bd2 \| Write file or device (See above)
2018-12-25T11:40:51.746678374Z	87	PC: 12be5 \| Get or set file date and time (See above)
2018-12-25T11:40:51.74853658Z	62	PC: 12be9 \| Close file (See above)
2018-12-25T11:40:51.75647812Z	67	PC: 12bf5 \| Get or set file attributes (See above)
2018-12-25T11:40:51.766022253Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.769369498Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.774009106Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.777290859Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.780482469Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.785632377Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.788926264Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.792289603Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.797733804Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.801117833Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.804617099Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.808164552Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.812135225Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.81856111Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.821942894Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.825714596Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.829108305Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.832524531Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.836151767Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.839179654Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.842109848Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.845903982Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.848903285Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.851865901Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.855768446Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.858708459Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.861793783Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.866181907Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.869876693Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.875898238Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.879816717Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.882803985Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.88578092Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.889598589Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.892451573Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:51.895034016Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:51.898871404Z	78	PC: 12d03 \| Find first file (See above)
2018-12-25T11:40:51.907632119Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.910656225Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.914292483Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.917236774Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.920237418Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.925184646Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.928363532Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.931573632Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.935804665Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.939664192Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.942984673Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.947214793Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.950386601Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.95652562Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.962038076Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.96508694Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.968058789Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.971875107Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.975022259Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.978013062Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.981590535Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.985270719Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.988207441Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.992136856Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.995196374Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:51.998362875Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.002247389Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.005546535Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.009605627Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.016029696Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.019308603Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.022209386Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.026108672Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.029057651Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.031925952Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.035785477Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.038740424Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.041649506Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.044789272Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.048137565Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.051049787Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.055005615Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.057933373Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.060742385Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.063749113Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.069648654Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.072454657Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.076366324Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.079853013Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.082671611Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.08541366Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.088334687Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.091121858Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.093859216Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.098031917Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.1009528Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.10405903Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.107399153Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.110138541Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.112923187Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.115846919Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.121788371Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.124671197Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.128089669Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.130960314Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.133740323Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.137042284Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.139855864Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.143334912Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.146312328Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.149257593Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.152018009Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.155071663Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.15786945Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.160789651Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.163666803Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.166393232Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.172538212Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.174803968Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.177667717Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.18086102Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.1837727Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.186653698Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.190097168Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.193049276Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.195821303Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.199661087Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.202683749Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.206405303Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.209922272Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.212874107Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.21575517Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.219253653Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.22524824Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.228226452Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.231487693Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.23436075Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.237693539Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.241213394Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.24413716Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.246985061Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.249931707Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.252794182Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.255681567Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.258627737Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.26149973Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.264493219Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.272010216Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.27528879Z	79	PC: 12d6e \| Find next file (See above)
2018-12-25T11:40:52.278272501Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:52.280944307Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:52.283404937Z	79	PC: 12afc \| Find next file (See above)
2018-12-25T11:40:52.287077015Z	14	PC: 12b09 \| Set default drive (Drive = '')
2018-12-25T11:40:52.288949817Z	44	PC: 12b0d \| Get time 0x12b0d: cmp cl, 0x20 0x12b10: jb 0x12b44 0x12b12: cmp cl, 0x23 0x12b15: jae 0x12b44 0x12b17: mov ah, 9 0x12b19: mov dx, 0xd2 0x12b1c: int 0x21 0x12b1e: mov ah, 0x4c 0x12b20: int 0x21 0x12b22: or ax, 0x410a 0x12b25: and byte ptr [bp + di + 0x75], ch 0x12b28: imul si, word ptr [di + 0x2c], 0x20 0x12b2c: dec si 0x12b2d: popaw 0x12b2e: jae 0x12ba4 0x12b30: jo 0x12ba1 0x12b33: jns 0x12b55 0x12b35: imul bp, word ptr [bx + 0x6d], 0x6f 0x12b39: jb 0x12ba9 0x12b3b: imul bp, word ptr [bp + di + 0x20], 0x2121
2018-12-25T11:40:52.290985231Z	26	PC: 12b55 \| Set disk transfer address
2018-12-25T11:40:52.291962767Z	76	PC: 12a45 \| Terminate with return code (Return code = '0')