Sample viewer

vx.netlux.org/Virus.DOS.Birgit.999.g

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:23:32.512702265Z 42 PC: 12a63 | Get date 0x12a63: cmp dl, 0x12
0x12a66: jne 0x12a6c
0x12a68: mov al, 2
0x12a6a: int 0x26
0x12a6c: popaw
0x12a6d: mov ah, 0x47
0x12a6f: mov dl, 0
0x12a71: lea si, word ptr [bp + 0x344]
0x12a75: int 0x21
0x12a77: call 0x12a7e
0x12a7a: jmp 0x12aab
0x12a7c: add byte ptr [bx + si], al
0x12a7e: pushaw
0x12a7f: mov dx, word ptr ds:[bp + 0x13c]
0x12a84: jmp 0x12a8b
0x12a86: nop
0x12a87: mov ah, 0x4c
0x12a89: int 0x21
0x12a8b: mov cx, 0xae
0x12a8e: lea si, word ptr [bp + 0x16b]
2018-12-17T22:23:32.516048216Z 71 PC: 12a77 | Get current directory
2018-12-17T22:23:32.518901601Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.520510034Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.523268891Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.524893752Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.526349951Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.528989085Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.530480233Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.53197266Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.534411689Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.536036176Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.537855739Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.540038433Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.541550975Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.542959741Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.545062309Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.551294496Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.552419808Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.553575577Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.559932221Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.560998167Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.562817377Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.564737943Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.56649935Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.568201755Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.570067928Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.5733956Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.574784209Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.577666395Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.578995817Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.580256772Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.58213464Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.583463955Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.584619084Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.586393694Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.58775058Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.588989483Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.590796599Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.593432941Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.594724623Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.596077336Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.598547828Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.599890377Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.601226878Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.603592194Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.60485112Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.606095945Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.608957054Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.611445037Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.612975236Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.614770267Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.616595679Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.618484501Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.620822863Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.622611273Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.624070019Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.626794574Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.628199131Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.6296789Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.631596381Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.63332849Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.635295559Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.637551601Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.638917523Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.640207743Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.641989791Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.643707522Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.645122254Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.646784556Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.648555848Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.65026014Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.652192459Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.654272211Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.655688867Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.657045956Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.658757256Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.660078203Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.661407655Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.662999777Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.664338962Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.665791512Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.667582343Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.668929805Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.670517004Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.672173844Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.673584978Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.674978317Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.67719409Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.678686034Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.679989896Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.68205612Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.683458684Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.68506359Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.687835168Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.689173457Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.690541158Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.693471425Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.695347742Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.697161125Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.699499258Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.701097774Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.702674141Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.704697962Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.706133336Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.707511788Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.709421543Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.71049885Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.711751782Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.713894968Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.715234391Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.716496493Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.718429023Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.71975828Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.720960388Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.722581166Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.723981621Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.725239851Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.726873599Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.728106434Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.72940116Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.73076605Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.732118369Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.733500317Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.735189274Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.736797495Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.738357077Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.740419044Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.74218266Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.744240295Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.746489251Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.747929153Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.749319139Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.75117046Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.752720794Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.754434639Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.756797638Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.758236886Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.759527764Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.761102872Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.762618214Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.764101405Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.766156646Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.767926514Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.76955906Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.772303276Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.773735778Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.775142272Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.777011576Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.77849173Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.779903331Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.782004002Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.783662314Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.785369725Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.787944187Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.789746337Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.791100525Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.792780671Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.801842925Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.803433725Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.805407682Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.807289883Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.808653288Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.810483501Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.81171378Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.812952513Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.814282199Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.815495635Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.81673288Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.818345001Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.819520963Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.820779127Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.822101791Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.823425736Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.824913864Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.827038946Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T22:23:32.828306998Z 250 PC: 12ab5 | UNKNOWN!
2018-12-17T22:23:32.82923904Z 67 PC: 12aee | Get or set file attributes
2018-12-17T22:23:32.834697037Z 65 PC: 12af2 | Delete file (Filename = 'ANTI-VIR.DAT')
2018-12-17T22:23:32.840713497Z 44 PC: 12b0e | Get time 0x12b0e: mov word ptr ds:[bp + 0x13c], dx
0x12b13: jmp 0x12b31
0x12b15: mov ah, 0x3b
0x12b17: lea dx, word ptr [bp + 0x394]
0x12b1b: int 0x21
0x12b1d: mov al, byte ptr ds:[bp + 0x397]
0x12b22: cmp byte ptr ds:[bp + 0x397], 3
0x12b28: je 0x12b88
0x12b2a: inc al
0x12b2c: mov byte ptr ds:[bp + 0x397], al
0x12b31: mov ax, 0x4e00
0x12b34: mov cx, 0
0x12b37: lea dx, word ptr [bp + 0x253]
0x12b3b: int 0x21
0x12b3d: jae 0x12b42
0x12b3f: jmp 0x12c45
0x12b42: push 0x4300
0x12b45: pop ax
0x12b46: mov dx, 0x9e
0x12b49: int 0x21
2018-12-17T22:23:32.842597897Z 78 PC: 12b3d | Find first file
2018-12-17T22:23:32.849660154Z 67 PC: 12b4b | Get or set file attributes
2018-12-17T22:23:32.854911651Z 67 PC: 12b58 | Get or set file attributes
2018-12-17T22:23:32.870620561Z 61 PC: 12b60 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:23:32.87906558Z 63 PC: 12b6f | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:23:32.885778349Z 87 PC: 12bba | Get or set file date and time
2018-12-17T22:23:32.887984656Z 66 PC: 12bcd | Move file pointer
2018-12-17T22:23:32.889682291Z 64 PC: 12bda | Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:23:32.892236396Z 64 PC: 12bf9 | Write file or device (Write 2 bytes on handle 5)
2018-12-17T22:23:32.895581504Z 64 PC: 12c06 | Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:23:32.898215269Z 66 PC: 12c11 | Move file pointer
2018-12-17T22:23:32.899603405Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.901748903Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.903159584Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.904604446Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.907156346Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.908559933Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.909952736Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.912011702Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.913667737Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.915045855Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.917447081Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.918857783Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.920622526Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.923156729Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.924703488Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.92598363Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.928410606Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.92974793Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.931083709Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.933822942Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.936030122Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.937457623Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.93963603Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.941061194Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.942479838Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.95001266Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.951345198Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.952777747Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.954327054Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.955655423Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.957195621Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.959252734Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.960763016Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.962827558Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.964427346Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.965847517Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.968601365Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.970076945Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.971479364Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.975050575Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.976473475Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.978088832Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.980577235Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.982478393Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.984290273Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.987278533Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.988961924Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.990654812Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.992695717Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.994551391Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.996323843Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:32.998824352Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.000282785Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.002096101Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.005130938Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.007316934Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.009400395Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.01198426Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.013901189Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.015721134Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.018480933Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.020237278Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.021939599Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.024436187Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.026526105Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.028203588Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.030640016Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.032168659Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.033860342Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.036236654Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.038177757Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.040066162Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.042288862Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.044919607Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.046727991Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.048997692Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.050383052Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.052626314Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.054236628Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.05727519Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.059734462Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.061439806Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.063069245Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.065799624Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.067599366Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.069308825Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.071781057Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.073065183Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.074864672Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.076445773Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.07784917Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.079771119Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.082120892Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.083646722Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.086048725Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.087743367Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.089200356Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.091234623Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.092534552Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.094044718Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.095616761Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.096898153Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.098887294Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.100184094Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.104952128Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.10717698Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.10890089Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.11075987Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.113246865Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.115085925Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.116900658Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.118302014Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.119699176Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.121920076Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.123251437Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.124578571Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.126557504Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.127986246Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.129548327Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.132038535Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.133347003Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.134972966Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.136265227Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.137502244Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.13963343Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.141302887Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.142747451Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.145442286Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.146811867Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.147941708Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.150090414Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.151734574Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.153208233Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.155618299Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.157079785Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.159030309Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.160395405Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.161740044Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.164350491Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.165716252Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.166989449Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.168799883Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.170116929Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.17150267Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.173299675Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.174743951Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.184518979Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.187211659Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.188522056Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.190309443Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.19162865Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.192923658Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.194666735Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.195909328Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.1971652Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.198685217Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.200224704Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.201732015Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.203374242Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.204866792Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.206680526Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.20804415Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.209308114Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.210951441Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.211962828Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.212927128Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.214882358Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.21637697Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.21790401Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.220069081Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.221403892Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.223405757Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.224774939Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.226089021Z 68 PC: 12aa6 | I/O control for devices (Set for = '#�&�=')
2018-12-17T22:23:33.22847583Z 87 PC: 12c33 | Get or set file date and time
2018-12-17T22:23:33.230306904Z 62 PC: 12c38 | Close file
2018-12-17T22:23:33.236277235Z 67 PC: 12c46 | Get or set file attributes
2018-12-17T22:23:33.240135265Z 59 PC: 12c4e | Change current directory

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4131,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:51:02.1279725Z 42 PC: 12a63 | Get date 0x12a63: cmp dl, 0x12
0x12a66: jne 0x12a6c
0x12a68: mov al, 2
0x12a6a: int 0x26
0x12a6c: popaw
0x12a6d: mov ah, 0x47
0x12a6f: mov dl, 0
0x12a71: lea si, word ptr [bp + 0x344]
0x12a75: int 0x21
0x12a77: call 0x12a7e
0x12a7a: jmp 0x12aab
0x12a7c: add byte ptr [bx + si], al
0x12a7e: pushaw
0x12a7f: mov dx, word ptr ds:[bp + 0x13c]
0x12a84: jmp 0x12a8b
0x12a86: nop
0x12a87: mov ah, 0x4c
0x12a89: int 0x21
0x12a8b: mov cx, 0xae
0x12a8e: lea si, word ptr [bp + 0x16b]
2018-12-25T11:51:02.131396598Z 71 PC: 12a77 | Get current directory
2018-12-25T11:51:02.135361896Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-25T11:51:02.137531744Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.140097923Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.142771913Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.145381347Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.160890326Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.164435886Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.166626809Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.168942703Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.171877315Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.174334823Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.176419859Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.178556346Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.18434218Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.186905082Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.189622932Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.196466395Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.198871006Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.201570895Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.204590874Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.206628797Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.208747944Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.211090869Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.212508795Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.213782668Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.215644628Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.217282922Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.218612046Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.220276765Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.222460497Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.224326137Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.226287255Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.228211024Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.230264137Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.231922045Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.233462529Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.234983552Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.236443241Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.238377327Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.240499747Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.242342154Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.254069808Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.257029414Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.259702119Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.27165006Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.273631872Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.275604844Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.278360002Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.280669177Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.282650401Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.284765071Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.287346794Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.289327551Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.291297175Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.294607551Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.296217433Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.297939208Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.300805252Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.302764999Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.305224064Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.307754171Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.310116027Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.312109872Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.314783933Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.316743672Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.318538347Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.320532749Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.322966834Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.324795533Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.326535202Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.329336057Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.33109699Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.33289897Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.335320933Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.337188672Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.339491086Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.342418356Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.345150289Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.347096262Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.349567848Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.35155321Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.353507035Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.356218062Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.358177783Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.360129207Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.36398084Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.365753623Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.367477665Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.368972321Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.370891688Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.372404452Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.373974206Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.376421071Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.378025973Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.380048168Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.381824511Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.383369307Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.384859253Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.386702382Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.388189043Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.39054737Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.392693517Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.394212902Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.395694827Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.397731617Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.399287286Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.400802051Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.402749358Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.404362418Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.405706793Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.408034821Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.409921835Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.411380424Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.413462721Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.415097263Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.416675051Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.418630301Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.42028267Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.42181971Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.424370276Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.426119325Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.428041347Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.430221512Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.432093146Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.433762135Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.43530394Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.437264023Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.438770137Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.440357331Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.442544347Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.444062569Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.445572734Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.447637889Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.449627304Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.451146134Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.453022503Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.45497635Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.456623873Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.458543355Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.460134562Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.462306048Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.46451825Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.466077823Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.467589575Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.469759862Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.471252516Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.472748808Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.474875278Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.47648148Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.479190984Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.481065607Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.48299137Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.485060408Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.493161065Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.494808806Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.496451325Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.498270091Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.499879064Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.501479692Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.504338693Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.506069099Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.507649286Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.510395226Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.51200403Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.513610556Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.516443161Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.518064143Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.519677113Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.522772161Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.524746039Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.526654475Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.529161361Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.530872057Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.532538975Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.537295802Z 250 PC: 12ab5 | UNKNOWN!
2018-12-25T11:51:02.538906682Z 67 PC: 12aee | Get or set file attributes
2018-12-25T11:51:02.54582936Z 65 PC: 12af2 | Delete file (Filename = 'ANTI-VIR.DAT')
2018-12-25T11:51:02.553259939Z 44 PC: 12b0e | Get time 0x12b0e: mov word ptr ds:[bp + 0x13c], dx
0x12b13: jmp 0x12b31
0x12b15: mov ah, 0x3b
0x12b17: lea dx, word ptr [bp + 0x394]
0x12b1b: int 0x21
0x12b1d: mov al, byte ptr ds:[bp + 0x397]
0x12b22: cmp byte ptr ds:[bp + 0x397], 3
0x12b28: je 0x12b88
0x12b2a: inc al
0x12b2c: mov byte ptr ds:[bp + 0x397], al
0x12b31: mov ax, 0x4e00
0x12b34: mov cx, 0
0x12b37: lea dx, word ptr [bp + 0x253]
0x12b3b: int 0x21
0x12b3d: jae 0x12b42
0x12b3f: jmp 0x12c45
0x12b42: push 0x4300
0x12b45: pop ax
0x12b46: mov dx, 0x9e
0x12b49: int 0x21
2018-12-25T11:51:02.555529316Z 78 PC: 12b3d | Find first file
2018-12-25T11:51:02.561710293Z 67 PC: 12b4b | Get or set file attributes
2018-12-25T11:51:02.570079975Z 67 PC: 12b58 | Get or set file attributes
2018-12-25T11:51:02.695783385Z 61 PC: 12b60 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:51:02.703624371Z 63 PC: 12b6f | Read file or device (Read 4 bytes on handle 5)
2018-12-25T11:51:02.712567173Z 87 PC: 12bba | Get or set file date and time
2018-12-25T11:51:02.714979164Z 66 PC: 12bcd | Move file pointer
2018-12-25T11:51:02.716911865Z 64 PC: 12bda | Write file or device (Write 1 bytes on handle 5)
2018-12-25T11:51:02.720479527Z 64 PC: 12bf9 | Write file or device (Write 2 bytes on handle 5)
2018-12-25T11:51:02.724663604Z 64 PC: 12c06 | Write file or device (Write 1 bytes on handle 5)
2018-12-25T11:51:02.728067653Z 66 PC: 12c11 | Move file pointer
2018-12-25T11:51:02.730185659Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.732891414Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.734951841Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.7371115Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.739741985Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.74199134Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.744022948Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.747109327Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.749130329Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.751140737Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.754324063Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.756371032Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.7592783Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.762238898Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.764652439Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.766718264Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.769610173Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.773406883Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.775447051Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.778310342Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.780708267Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.782725878Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.785596187Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.788011085Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.790047885Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.792370914Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.795337358Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.797321308Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.799341196Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.802516485Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.804568508Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.806565287Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.809012389Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.810958754Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.812639705Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.815316833Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.816956995Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.818667845Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.821351893Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.822976193Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.836739307Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.839817298Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.841716739Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.844397509Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.847008356Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.848916217Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.851256888Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.854299929Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.856651297Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.858646787Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.86140026Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.863473317Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.865546776Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.867785827Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.87006424Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.872133157Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.874297435Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.876281838Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.877914976Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.879720279Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.88294245Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.884648016Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.886369504Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.889488902Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.891518842Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.893578322Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.896819055Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.898897568Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.900970508Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.904212908Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.906189419Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.908205612Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.911043271Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.913340348Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.915287777Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.91847355Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.920726825Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.922715408Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.925478134Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.927204301Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.929139523Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.931809862Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.933354811Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.934783978Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.937054956Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.939564352Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.941206341Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.944317959Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.945801531Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.947243018Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.950050933Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.95169598Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.953386972Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.957198973Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.958836559Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.960664268Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.963253481Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.965042773Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.966743459Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.969314752Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.971152458Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.972618963Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.974918129Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.976814604Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.978449349Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.980740337Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.983800355Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.985422851Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.987496686Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.989107903Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.99069577Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.992924689Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.994818285Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.996656549Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.998923624Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.000964926Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.002880642Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.004752188Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.006354364Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.008959671Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.011127859Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.013175888Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.015773445Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.017981122Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.020091006Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.023482422Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.026021242Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.028595282Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.032555901Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.035213585Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.03789709Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.041615353Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.044265586Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.046890493Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.049909957Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.052055867Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.05401003Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.056887509Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.058727702Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.06034659Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.062281721Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.064399679Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.066062246Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.069875162Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.072078883Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.073580938Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.076065394Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.077758762Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.08787197Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.090943475Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.09296372Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.095107799Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.097549212Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.0995792Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.102423976Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.105560733Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.107575501Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.109786752Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.112461535Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.114469726Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.116685876Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.119201335Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.121725356Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.123995034Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.125980615Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.127687673Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.131320658Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.133336438Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.135356966Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.137925376Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.139789899Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.141804364Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.144283954Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.146236404Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:03.148288663Z 87 PC: 12c33 | Get or set file date and time
2018-12-25T11:51:03.150784797Z 62 PC: 12c38 | Close file
2018-12-25T11:51:03.161497517Z 67 PC: 12c46 | Get or set file attributes
2018-12-25T11:51:03.168852754Z 59 PC: 12c4e | Change current directory

{"DateBased":true,"Day":18,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4131,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:51:02.319628092Z 42 PC: 12a63 | Get date 0x12a63: cmp dl, 0x12
0x12a66: jne 0x12a6c
0x12a68: mov al, 2
0x12a6a: int 0x26
0x12a6c: popaw
0x12a6d: mov ah, 0x47
0x12a6f: mov dl, 0
0x12a71: lea si, word ptr [bp + 0x344]
0x12a75: int 0x21
0x12a77: call 0x12a7e
0x12a7a: jmp 0x12aab
0x12a7c: add byte ptr [bx + si], al
0x12a7e: pushaw
0x12a7f: mov dx, word ptr ds:[bp + 0x13c]
0x12a84: jmp 0x12a8b
0x12a86: nop
0x12a87: mov ah, 0x4c
0x12a89: int 0x21
0x12a8b: mov cx, 0xae
0x12a8e: lea si, word ptr [bp + 0x16b]
2018-12-25T11:51:02.322263799Z 71 PC: 12a77 | Get current directory
2018-12-25T11:51:02.325049875Z 68 PC: 12aa6 | I/O control for devices (Set for = '�')
2018-12-25T11:51:02.326583276Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.329774751Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.331607Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.333040734Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.33557535Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.337147888Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.338529705Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.340467586Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.341672122Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.342747477Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.344389652Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.345552854Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.346839982Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.34856542Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.349619147Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.351082785Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.353260163Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.354685295Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.355951921Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.357444742Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.359129439Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.36062354Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.362103052Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.363911903Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.365185251Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.366502827Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.368734265Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.370620097Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.372388669Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.374130212Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.375766221Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.377508295Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.379660225Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.381113757Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.382584298Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.384043292Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.385831367Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.38709833Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.388364401Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.391963343Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.393238228Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.394451325Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.39659138Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.398347685Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.404096208Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.406224736Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.407758619Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.40924741Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.411740222Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.413115906Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.414384074Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.416364447Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.417608679Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.418874223Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.420677854Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.422894325Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.424492694Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.426846208Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.428700748Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.430502912Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.432578954Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.434074243Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.436054149Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.438183013Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.439889935Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.441634691Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.443848518Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.446111117Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.44863565Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.450836057Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.452236938Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.454642286Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.456801679Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.458533927Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.459976719Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.461924877Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.463316314Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.465212175Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.466966115Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.468334699Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.469714389Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.472347025Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.473744125Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.475157383Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.479420294Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.480681127Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.481925317Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.48369663Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.485159064Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.486596256Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.488362148Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.49014667Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.491497985Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.493323165Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.494958505Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.496677347Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.498862175Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.500128136Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.50159788Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.503531224Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.504806054Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.506484553Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.513236931Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.515614006Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.516923867Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.51927363Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.520737282Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.522074867Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.524144432Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.525550369Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.526841985Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.529274985Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.530709638Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.532357336Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.535135617Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.536691296Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.538191511Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.539991939Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.541593859Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.542879225Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.552284185Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.553799204Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.555276078Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.557094652Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.558823886Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.561110077Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.563745753Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.565252548Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.566667575Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.568325028Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.569884467Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.571520864Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.57473911Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.576442931Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.578019771Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.580847454Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.582939666Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.58477254Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.587573656Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.589252608Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.590692026Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.594552189Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.596341338Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.598118547Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.601097025Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.602882587Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.604610649Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.607505801Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.60926059Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.611021106Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.61318693Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.6150833Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.616574907Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.621240253Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.632529553Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.6339113Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.63680952Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.639685752Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.641954583Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.646103932Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.647748343Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.649207751Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.651463605Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.652858599Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.654490423Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.656875193Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.658383522Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.659820219Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.661760223Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.663401263Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.665201413Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.667799918Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.669399846Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:51:02.672660512Z 250 PC: 12ab5 | UNKNOWN!
2018-12-25T11:51:02.673809262Z 67 PC: 12aee | Get or set file attributes
2018-12-25T11:51:02.678414361Z 65 PC: 12af2 | Delete file (Filename = '>�>�>�>�>�>�>�>�>�>�>�>�>�>�>�>�Q�S�L��R�_�[�>��>�>�>�>�>�>�>�>�>�>�>�>�>�>�>�>�>�>�>�>�>�>�>�>')
2018-12-25T11:51:02.688418337Z 44 PC: 12b0e | Get time 0x12b0e: mov word ptr ds:[bp + 0x13c], dx
0x12b13: jmp 0x12b31
0x12b15: mov ah, 0x3b
0x12b17: lea dx, word ptr [bp + 0x394]
0x12b1b: int 0x21
0x12b1d: mov al, byte ptr ds:[bp + 0x397]
0x12b22: cmp byte ptr ds:[bp + 0x397], 3
0x12b28: je 0x12b88
0x12b2a: inc al
0x12b2c: mov byte ptr ds:[bp + 0x397], al
0x12b31: mov ax, 0x4e00
0x12b34: mov cx, 0
0x12b37: lea dx, word ptr [bp + 0x253]
0x12b3b: int 0x21
0x12b3d: jae 0x12b42
0x12b3f: jmp 0x12c45
0x12b42: push 0x4300
0x12b45: pop ax
0x12b46: mov dx, 0x9e
0x12b49: int 0x21
2018-12-25T11:51:02.691543669Z 78 PC: 12b3d | Find first file