Sample viewer

vx.netlux.org/Virus.DOS.Tanya.2000.b

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:26:06.651651958Z 42 PC: 131af | Get date 0x131af: cmp dx, 0xc01
0x131b3: je 0x131bb
0x131b5: nop
0x131b6: nop
0x131b7: nop
0x131b8: jmp 0x131c8
0x131ba: nop
0x131bb: mov ah, 9
0x131bd: lea dx, word ptr [bx + 0x5ae]
0x131c1: int 0x21
0x131c3: mov ax, 0x4c00
0x131c6: int 0x21
0x131c8: cmp dx, 0x901
0x131cc: jb 0x131e0
0x131ce: nop
0x131cf: nop
0x131d0: nop
0x131d1: cmp al, 1
0x131d3: jne 0x131e0
0x131d5: nop
2018-12-17T22:26:06.654458711Z 9 PC: 131e0 | Display string (String= ' ��� ���� ����, ��⨩ ����, � �⢥�⮬� - �� ���� ! ')
2018-12-17T22:26:06.663081205Z 53 PC: 12cb7 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:26:06.664720949Z 37 PC: 12ccd | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:26:06.666269833Z 26 PC: 12cd7 | Set disk transfer address
2018-12-17T22:26:06.668938712Z 78 PC: 13146 | Find first file
2018-12-17T22:26:06.67931863Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:06.686117431Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:07.037399096Z 61 PC: 12e07 | Open file (Filename = 'C:\DOS\EDIT.COM')
2018-12-17T22:26:07.045831831Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:07.048927178Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.051948453Z 63 PC: 13021 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:26:07.058576539Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.06217838Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.064004783Z 64 PC: 13021 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:26:07.075571989Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.077317659Z 64 PC: 13021 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:26:07.08411459Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:07.08656774Z 62 PC: 13021 | Close file
2018-12-17T22:26:07.094675254Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:07.105698751Z 79 PC: 1315b | Find next file
2018-12-17T22:26:07.110438107Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:07.118121276Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:07.129271867Z 61 PC: 12e07 | Open file (Filename = 'C:\DOS\FORMAT.COM')
2018-12-17T22:26:07.13816818Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:07.140433391Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.1426702Z 63 PC: 13021 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:26:07.15414676Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.157768184Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.159494691Z 64 PC: 13021 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:26:07.169550564Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.172064256Z 64 PC: 13021 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:26:07.175764108Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:07.178135027Z 62 PC: 13021 | Close file
2018-12-17T22:26:07.187461949Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:07.198855486Z 79 PC: 1315b | Find next file
2018-12-17T22:26:07.202641636Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:07.211680711Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:07.222259635Z 61 PC: 12e07 | Open file (Filename = 'C:\DOS\KEYB.COM')
2018-12-17T22:26:07.230054366Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:07.232302562Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.234872143Z 63 PC: 13021 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:26:07.241125613Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.245942003Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.247670353Z 64 PC: 13021 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:26:07.2584356Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.261698362Z 64 PC: 13021 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:26:07.266266508Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:07.268901616Z 62 PC: 13021 | Close file
2018-12-17T22:26:07.277245017Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:07.288579787Z 79 PC: 1315b | Find next file
2018-12-17T22:26:07.296624761Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:07.303805954Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:07.316102694Z 61 PC: 12e07 | Open file (Filename = 'C:\DOS\SYS.COM')
2018-12-17T22:26:07.325048319Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:07.327025036Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.329991864Z 63 PC: 13021 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:26:07.336353516Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.339732666Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.342068092Z 64 PC: 13021 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:26:07.352138015Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.354316563Z 64 PC: 13021 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:26:07.358093525Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:07.361632955Z 62 PC: 13021 | Close file
2018-12-17T22:26:07.36997424Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:07.381154395Z 79 PC: 1315b | Find next file
2018-12-17T22:26:07.389394611Z 78 PC: 13178 | Find first file
2018-12-17T22:26:07.397566444Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:07.404631581Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:07.416589714Z 61 PC: 12e07 | Open file (Filename = 'C:\DOS\ATTRIB.EXE')
2018-12-17T22:26:07.425040226Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:07.427079547Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.429905698Z 63 PC: 13021 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:26:07.438633887Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.440626861Z 64 PC: 13021 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:26:07.453735792Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.457627874Z 64 PC: 13021 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:26:07.461100117Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:07.463147348Z 62 PC: 13021 | Close file
2018-12-17T22:26:07.472320814Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:07.483263772Z 79 PC: 1318d | Find next file
2018-12-17T22:26:07.48709145Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:07.494970747Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:07.50623751Z 61 PC: 12e07 | Open file (Filename = 'C:\DOS\CHKDSK.EXE')
2018-12-17T22:26:07.514143157Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:07.516954454Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.519034977Z 63 PC: 13021 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:26:07.527990944Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.53056528Z 64 PC: 13021 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:26:07.540102642Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.542031618Z 64 PC: 13021 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:26:07.545485196Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:07.548137063Z 62 PC: 13021 | Close file
2018-12-17T22:26:07.55622032Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:07.574575916Z 79 PC: 1318d | Find next file
2018-12-17T22:26:07.590619121Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:07.598139295Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:07.617508676Z 61 PC: 12e07 | Open file (Filename = 'C:\DOS\DEBUG.EXE')
2018-12-17T22:26:07.626616125Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:07.628307725Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.629922548Z 63 PC: 13021 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:26:07.638882737Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.640510981Z 64 PC: 13021 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:26:07.651285544Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.653162203Z 64 PC: 13021 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:26:07.656925626Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:07.658703721Z 62 PC: 13021 | Close file
2018-12-17T22:26:07.666805604Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:07.681981442Z 79 PC: 1318d | Find next file
2018-12-17T22:26:07.686037402Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:07.693210139Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:07.705137535Z 61 PC: 12e07 | Open file (Filename = 'C:\DOS\EXPAND.EXE')
2018-12-17T22:26:07.714436285Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:07.716388832Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.719111855Z 63 PC: 13021 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:26:07.727830683Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.729801583Z 64 PC: 13021 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:26:07.739867597Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.742656465Z 64 PC: 13021 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:26:07.746180706Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:07.748245678Z 62 PC: 13021 | Close file
2018-12-17T22:26:07.757110693Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:07.768133659Z 79 PC: 1318d | Find next file
2018-12-17T22:26:07.771691213Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:07.779461489Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:07.791573712Z 61 PC: 12e07 | Open file (Filename = 'C:\DOS\FDISK.EXE')
2018-12-17T22:26:07.799332724Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:07.801731722Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.803725797Z 63 PC: 13021 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:26:07.811791183Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.814128692Z 64 PC: 13021 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:26:07.823993511Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.825889771Z 64 PC: 13021 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:26:07.830158028Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:07.832462859Z 62 PC: 13021 | Close file
2018-12-17T22:26:07.84061839Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:07.852664102Z 79 PC: 1318d | Find next file
2018-12-17T22:26:07.857338961Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:07.864429808Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:07.875436209Z 61 PC: 12e07 | Open file (Filename = 'C:\DOS\MEM.EXE')
2018-12-17T22:26:07.88447359Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:07.886421206Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.88835687Z 63 PC: 13021 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:26:07.89779227Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.89976785Z 64 PC: 13021 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:26:07.909206038Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.91219537Z 64 PC: 13021 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:26:07.916523286Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:07.918587326Z 62 PC: 13021 | Close file
2018-12-17T22:26:07.927732102Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:07.939089845Z 79 PC: 1318d | Find next file
2018-12-17T22:26:07.946267022Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:07.954233665Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:07.965616595Z 61 PC: 12e07 | Open file (Filename = 'C:\DOS\NLSFUNC.EXE')
2018-12-17T22:26:07.973704104Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:07.976441159Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.979504612Z 63 PC: 13021 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:26:07.987901685Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:07.990621655Z 64 PC: 13021 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:26:08.000566081Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:08.002513698Z 64 PC: 13021 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:26:08.006224677Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:08.009117927Z 62 PC: 13021 | Close file
2018-12-17T22:26:08.017194412Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:08.031298429Z 79 PC: 1318d | Find next file
2018-12-17T22:26:08.036159115Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:08.044200423Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:08.055256707Z 61 PC: 12e07 | Open file (Filename = 'C:\DOS\QBASIC.EXE')
2018-12-17T22:26:08.064394607Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:08.066355153Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:08.068288502Z 63 PC: 13021 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:26:08.077671543Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:08.07963949Z 64 PC: 13021 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:26:08.089385443Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:08.092170322Z 64 PC: 13021 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:26:08.096008701Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:08.098069745Z 62 PC: 13021 | Close file
2018-12-17T22:26:08.106996419Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:08.11924713Z 79 PC: 1318d | Find next file
2018-12-17T22:26:08.12305762Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:08.130981932Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:08.142353469Z 61 PC: 12e07 | Open file (Filename = 'C:\DOS\REPLACE.EXE')
2018-12-17T22:26:08.150429174Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:08.153135656Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:08.155393365Z 63 PC: 13021 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:26:08.163784746Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:08.165947285Z 64 PC: 13021 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:26:08.17704156Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:08.178971264Z 64 PC: 13021 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:26:08.182481834Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:08.185557292Z 62 PC: 13021 | Close file
2018-12-17T22:26:08.193677933Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:08.204817802Z 79 PC: 1318d | Find next file
2018-12-17T22:26:08.217658727Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:08.224822886Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:08.248897496Z 61 PC: 12e07 | Open file (Filename = 'C:\DOS\RESTORE.EXE')
2018-12-17T22:26:08.25876227Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:08.260805677Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:08.26285155Z 63 PC: 13021 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:26:08.272059891Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:08.274378805Z 64 PC: 13021 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:26:08.283866048Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:08.286570406Z 64 PC: 13021 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:26:08.290383673Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:08.292412253Z 62 PC: 13021 | Close file
2018-12-17T22:26:08.301408066Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:08.314000981Z 79 PC: 1318d | Find next file
2018-12-17T22:26:08.317407016Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:08.325083252Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:08.336711937Z 61 PC: 12e07 | Open file (Filename = 'C:\DOS\SCANDISK.EXE')
2018-12-17T22:26:08.345227182Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:08.348624057Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:08.350255803Z 63 PC: 13021 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:26:08.356497876Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:08.36045466Z 62 PC: 13021 | Close file
2018-12-17T22:26:08.368040887Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:08.379811798Z 79 PC: 1318d | Find next file
2018-12-17T22:26:08.383774794Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:08.391596943Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:08.402399661Z 61 PC: 12e07 | Open file (Filename = 'C:\DOS\SETUP.EXE')
2018-12-17T22:26:08.410322099Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:08.413237326Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:08.415152467Z 63 PC: 13021 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:26:08.423432642Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:08.426368926Z 64 PC: 13021 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:26:08.436620126Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:08.438552574Z 64 PC: 13021 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:26:08.442973244Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:08.445007165Z 62 PC: 13021 | Close file
2018-12-17T22:26:08.452895216Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:08.468631821Z 79 PC: 1318d | Find next file
2018-12-17T22:26:08.472712103Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:08.480585379Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:08.49219Z 61 PC: 12e07 | Open file (Filename = 'C:\DOS\XCOPY.EXE')
2018-12-17T22:26:08.501310772Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:08.503257442Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:08.505967449Z 63 PC: 13021 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:26:08.514169964Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:08.516472327Z 64 PC: 13021 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:26:08.526991089Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:08.529599475Z 64 PC: 13021 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:26:08.533407973Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:08.536904184Z 62 PC: 13021 | Close file
2018-12-17T22:26:08.545480746Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:08.55668183Z 79 PC: 1318d | Find next file
2018-12-17T22:26:08.560757967Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:08.568854586Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:08.580750237Z 61 PC: 12e07 | Open file (Filename = 'C:\DOS\DEFRAG.EXE')
2018-12-17T22:26:08.588902231Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:08.591816991Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:08.593786083Z 63 PC: 13021 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:26:08.601229361Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:08.604313808Z 62 PC: 13021 | Close file
2018-12-17T22:26:08.611183255Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:08.622224754Z 79 PC: 1318d | Find next file
2018-12-17T22:26:08.629965476Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:08.638038Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:08.649121698Z 61 PC: 12e07 | Open file (Filename = 'C:\DOS\EMM386.EXE')
2018-12-17T22:26:08.658022189Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:08.659900517Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:08.661738082Z 63 PC: 13021 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:26:08.671066033Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:08.672689169Z 64 PC: 13021 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:26:08.682386556Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:08.685020304Z 64 PC: 13021 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:26:08.688328244Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:08.690125257Z 62 PC: 13021 | Close file
2018-12-17T22:26:08.699553688Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:08.712044718Z 79 PC: 1318d | Find next file
2018-12-17T22:26:08.716713499Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:08.724642981Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:08.735957692Z 61 PC: 12e07 | Open file (Filename = 'C:\DOS\MSCDEX.EXE')
2018-12-17T22:26:08.744027809Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:08.747017293Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:08.749162268Z 63 PC: 13021 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:26:08.757797891Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:08.76064089Z 64 PC: 13021 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:26:08.771002744Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:08.772676733Z 64 PC: 13021 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:26:08.777163239Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:08.778867459Z 62 PC: 13021 | Close file
2018-12-17T22:26:08.786966568Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:08.798603569Z 79 PC: 1318d | Find next file
2018-12-17T22:26:08.802124866Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:08.808637091Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:08.818816707Z 61 PC: 12e07 | Open file (Filename = 'C:\COMMAND.COM')
2018-12-17T22:26:08.825423121Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:08.827129216Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:08.829616995Z 63 PC: 13021 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:26:08.836815843Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:08.842097002Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:08.844231856Z 64 PC: 13021 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:26:08.853829539Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:08.856207314Z 64 PC: 13021 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:26:08.859948358Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:08.862082316Z 62 PC: 13021 | Close file
2018-12-17T22:26:08.871442075Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:08.881726807Z 78 PC: 13146 | Find first file
2018-12-17T22:26:08.89245978Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:08.900214405Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:08.918379814Z 61 PC: 12e07 | Open file (Filename = '.\SLEEP.COM')
2018-12-17T22:26:08.926187106Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:08.928666805Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:08.930400446Z 63 PC: 13021 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:26:08.937736618Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:08.94246235Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:08.944115098Z 64 PC: 13021 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T22:26:08.954603545Z 66 PC: 13021 | Move file pointer
2018-12-17T22:26:08.956996147Z 64 PC: 13021 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:26:08.964194651Z 87 PC: 13021 | Get or set file date and time
2018-12-17T22:26:08.96581115Z 62 PC: 13021 | Close file
2018-12-17T22:26:08.975192127Z 67 PC: 13037 | Get or set file attributes
2018-12-17T22:26:08.986814791Z 79 PC: 1315b | Find next file
2018-12-17T22:26:08.990709419Z 79 PC: 1315b | Find next file
2018-12-17T22:26:08.995152971Z 79 PC: 1315b | Find next file
2018-12-17T22:26:08.998046567Z 79 PC: 1315b | Find next file
2018-12-17T22:26:09.001515077Z 79 PC: 1315b | Find next file
2018-12-17T22:26:09.005688239Z 79 PC: 1315b | Find next file
2018-12-17T22:26:09.008883923Z 79 PC: 1315b | Find next file
2018-12-17T22:26:09.01207223Z 79 PC: 1315b | Find next file
2018-12-17T22:26:09.015913979Z 78 PC: 13178 | Find first file
2018-12-17T22:26:09.022741986Z 26 PC: 12d71 | Set disk transfer address
2018-12-17T22:26:09.02443411Z 37 PC: 12d82 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:26:09.027417515Z 9 PC: 12a86 | Display string (String= 'Goat file (COM/i...). Size=000001F4h/0000000500d bytes. ')
2018-12-17T22:26:09.032601871Z 48 PC: 12a8f | Get DOS version
2018-12-17T22:26:09.034412538Z 61 PC: 12b5c | Open file (Filename = '')
2018-12-17T22:26:09.043567025Z 93 PC: 12afe | File sharing functions
2018-12-17T22:26:09.046266289Z 9 PC: 12a86 | Display string (String= 'Size change=07D0h/02000d. ')
2018-12-17T22:26:09.053569784Z 76 PC: 12ae3 | Terminate with return code (Return code = '1')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4624,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:52:30.805873764Z 42 PC: 131af | Get date 0x131af: cmp dx, 0xc01
0x131b3: je 0x131bb
0x131b5: nop
0x131b6: nop
0x131b7: nop
0x131b8: jmp 0x131c8
0x131ba: nop
0x131bb: mov ah, 9
0x131bd: lea dx, word ptr [bx + 0x5ae]
0x131c1: int 0x21
0x131c3: mov ax, 0x4c00
0x131c6: int 0x21
0x131c8: cmp dx, 0x901
0x131cc: jb 0x131e0
0x131ce: nop
0x131cf: nop
0x131d0: nop
0x131d1: cmp al, 1
0x131d3: jne 0x131e0
0x131d5: nop
2018-12-25T11:52:30.817323831Z 53 PC: 12cb7 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:52:30.81873456Z 37 PC: 12ccd | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:52:30.820043486Z 26 PC: 12cd7 | Set disk transfer address
2018-12-25T11:52:30.822063395Z 78 PC: 13146 | Find first file
2018-12-25T11:52:30.838396457Z 67 PC: 13037 | Get or set file attributes
2018-12-25T11:52:30.855998327Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:31.197143596Z 61 PC: 12e07 | Open file (Filename = 'C:\DOS\EDIT.COM')
2018-12-25T11:52:31.204843706Z 87 PC: 13021 | Get or set file date and time
2018-12-25T11:52:31.206483347Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:31.208129266Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:31.215098331Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:31.218743432Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:31.220625373Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:31.232009128Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:31.233948254Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:31.240545109Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:31.243698315Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:31.252154661Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:31.263414013Z 79 PC: 1315b | Find next file
2018-12-25T11:52:31.267392232Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:31.275727665Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:31.286791385Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:31.294790003Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:31.297549577Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:31.299086774Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:31.305359851Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:31.316964582Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:31.318580624Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:31.328914365Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:31.341271379Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:31.344557707Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:31.346463163Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:31.356776814Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:31.367645734Z 79 PC: 1315b | Find next file (See above)
2018-12-25T11:52:31.371164384Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:31.379251899Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:31.390106563Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:31.398087979Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:31.400045856Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:31.402780494Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:31.40907209Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:31.412353407Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:31.414636905Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:31.426064577Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:31.427999142Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:31.431968671Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:31.433303237Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:31.438317896Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:31.445312336Z 79 PC: 1315b | Find next file (See above)
2018-12-25T11:52:31.452190749Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:31.459022444Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:31.469964212Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:31.474916555Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:31.476146798Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:31.477480716Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:31.481641904Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:31.485756392Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:31.487075275Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:31.496781931Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:31.498213051Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:31.501320647Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:31.503627209Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:31.521988901Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:31.533148471Z 79 PC: 1315b | Find next file (See above)
2018-12-25T11:52:31.541290282Z 78 PC: 13178 | Find first file
2018-12-25T11:52:31.548762101Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:31.555855526Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:31.568341433Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:31.575992625Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:31.577610104Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:31.579990386Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:31.587931436Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:31.589392668Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:31.603415416Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:31.605333009Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:31.608475346Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:31.610040969Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:31.619501552Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:31.631280443Z 79 PC: 1318d | Find next file
2018-12-25T11:52:31.635058401Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:31.64246678Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:31.653554072Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:31.661104157Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:31.663194339Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:31.664780537Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:31.672792676Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:31.674848791Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:31.684066719Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:31.686447358Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:31.690016758Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:31.691707563Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:31.699686882Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:31.710887294Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:31.714470781Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:31.721300371Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:31.732881473Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:31.740663778Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:31.742578718Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:31.745097515Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:31.754200809Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:31.756011404Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:31.765731568Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:31.767466983Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:31.770674176Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:31.772266916Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:31.780344603Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:31.791168187Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:31.794411452Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:31.801768983Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:31.813161211Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:31.820595023Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:31.822793644Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:31.824270309Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:31.832295971Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:31.834502976Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:31.843780884Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:31.845254969Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:31.848728779Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:31.850427794Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:31.858570576Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:31.870263878Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:31.873762359Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:31.881402836Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:31.893501166Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:31.901509991Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:31.903400284Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:31.906424323Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:31.915020741Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:31.916962648Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:31.928216382Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:31.929860763Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:31.932937149Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:31.934716271Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:31.943414183Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:31.954096055Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:31.957641356Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:31.965211795Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:31.975854648Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:31.984223244Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:31.986180655Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:31.987801395Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:31.996036983Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:31.997580902Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.007608106Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.00977991Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.013009049Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.014420426Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:32.023179107Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.03449089Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:32.041336235Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.049082522Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.060012004Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:32.068521692Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.070255939Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.07209349Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:32.080199294Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.0818409Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.091437271Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.093431312Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.096906216Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.099003457Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:32.107088639Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.117852401Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:32.121986114Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.128804657Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.140535281Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:32.148348559Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.149830632Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.151348955Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:32.160323529Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.161951238Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.171599261Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.173692627Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.176969993Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.178631796Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:32.186888801Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.198451633Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:32.201900579Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.209520875Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.221223845Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:32.22948013Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.232555038Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.234495045Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:32.243707295Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.246929672Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.258836632Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.260973273Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.265660023Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.268307168Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:32.27682509Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.287937856Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:32.29147059Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.298285013Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.309641696Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:32.317347834Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.31863427Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.320644867Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:32.329431332Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.331222403Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.341041594Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.34266687Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.345684873Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.348015321Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:32.355998232Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.367025094Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:32.371566894Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.379023601Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.390900928Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:32.399931029Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.401481581Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.402951494Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:32.410375996Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.412317165Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:32.419042529Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.430166127Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:32.433845875Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.440469649Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.454808461Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:32.462747769Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.464259263Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.465905689Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:32.47391257Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.475525633Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.485085541Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.486726985Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.490125432Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.491893047Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:32.499929335Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.510776025Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:32.513520461Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.520300376Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.530957088Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:32.539116624Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.540332927Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.541407474Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:32.546435533Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.547974379Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.556883082Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.558382643Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.561797047Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.563151275Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:32.570884506Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.582700369Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:32.586119119Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.592908156Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.6036704Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:32.611078747Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.612512833Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.613994334Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:32.620663667Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.622200531Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:32.628696876Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.639971674Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:32.646606217Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.653488078Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.663881894Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:32.671671636Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.673409623Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.674863098Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:32.683545621Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.685064928Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.69462709Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.696335436Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.70070489Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.702370834Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:32.71013097Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.72097322Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:32.724308028Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.730973071Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.741714763Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:32.749332092Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.751017647Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.752933313Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:32.761628978Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.763161155Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.773418645Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.774813501Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.777996156Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.780647338Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:32.788622399Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.799588195Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:32.803577452Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.809433034Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.820406649Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:32.828963057Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.830856421Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.833707769Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:32.840240664Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.845789936Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.848393294Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.857768231Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.859370817Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.863192451Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.865199448Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:32.873777806Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.885650335Z 78 PC: 13146 | Find first file (See above)
2018-12-25T11:52:32.897930718Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.90522644Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.925110385Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:32.93370037Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.935817296Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.938862159Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:32.947101384Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.950898026Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.954004716Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.044836071Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.04701195Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.053455382Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.055318492Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:33.209408709Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.230203078Z 79 PC: 1315b | Find next file (See above)
2018-12-25T11:52:33.23319469Z 79 PC: 1315b | Find next file (See above)
2018-12-25T11:52:33.235987165Z 79 PC: 1315b | Find next file (See above)
2018-12-25T11:52:33.238891573Z 79 PC: 1315b | Find next file (See above)
2018-12-25T11:52:33.241822538Z 79 PC: 1315b | Find next file (See above)
2018-12-25T11:52:33.244695875Z 79 PC: 1315b | Find next file (See above)
2018-12-25T11:52:33.248335799Z 79 PC: 1315b | Find next file (See above)
2018-12-25T11:52:33.251173248Z 79 PC: 1315b | Find next file (See above)
2018-12-25T11:52:33.254004558Z 78 PC: 13178 | Find first file (See above)
2018-12-25T11:52:33.261022455Z 26 PC: 12d71 | Set disk transfer address
2018-12-25T11:52:33.262285886Z 37 PC: 12d82 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:52:33.264445987Z 9 PC: 12a86 | Display string (String= 'Goat file (COM/i...). Size=000001F4h/0000000500d bytes. ')
2018-12-25T11:52:33.271410843Z 48 PC: 12a8f | Get DOS version
2018-12-25T11:52:33.272767936Z 61 PC: 12b5c | Open file (Filename = '')
2018-12-25T11:52:33.280952051Z 93 PC: 12afe | File sharing functions
2018-12-25T11:52:33.283057687Z 9 PC: 12a86 | Display string (See above)
2018-12-25T11:52:33.287892999Z 76 PC: 12ae3 | Terminate with return code (Return code = '1')

{"DateBased":true,"Day":1,"Month":9,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4624,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:52:30.884052791Z 42 PC: 131af | Get date 0x131af: cmp dx, 0xc01
0x131b3: je 0x131bb
0x131b5: nop
0x131b6: nop
0x131b7: nop
0x131b8: jmp 0x131c8
0x131ba: nop
0x131bb: mov ah, 9
0x131bd: lea dx, word ptr [bx + 0x5ae]
0x131c1: int 0x21
0x131c3: mov ax, 0x4c00
0x131c6: int 0x21
0x131c8: cmp dx, 0x901
0x131cc: jb 0x131e0
0x131ce: nop
0x131cf: nop
0x131d0: nop
0x131d1: cmp al, 1
0x131d3: jne 0x131e0
0x131d5: nop
2018-12-25T11:52:30.887106096Z 9 PC: 131e0 | Display string (String= ' ��� ���� ����, ��⨩ ����, � �⢥�⮬� - �� ���� ! ')
2018-12-25T11:52:30.893661243Z 53 PC: 12cb7 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:52:30.894847419Z 37 PC: 12ccd | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:52:30.899818966Z 26 PC: 12cd7 | Set disk transfer address
2018-12-25T11:52:30.90188546Z 78 PC: 13146 | Find first file
2018-12-25T11:52:30.910921718Z 67 PC: 13037 | Get or set file attributes
2018-12-25T11:52:30.919839654Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.478510969Z 61 PC: 12e07 | Open file (Filename = 'C:\DOS\EDIT.COM')
2018-12-25T11:52:32.485215681Z 87 PC: 13021 | Get or set file date and time
2018-12-25T11:52:32.486971517Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.488994139Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:32.495512087Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.498909972Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.501415267Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.511069692Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.512760753Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.519162448Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.52165385Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:32.528716785Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.547081349Z 79 PC: 1315b | Find next file
2018-12-25T11:52:32.549400008Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.555145591Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.565912698Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:32.573718001Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.575121054Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.577061829Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:32.582923621Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.585835577Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.588330519Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.596709073Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.598473907Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.602422636Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.604277425Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:32.611688369Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.621551966Z 79 PC: 1315b | Find next file (See above)
2018-12-25T11:52:32.625777807Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.632140492Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.643781634Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:32.651368844Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.652854601Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.654293813Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:32.660433523Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.663351191Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.665082419Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.676113096Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.677947503Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.681155206Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.683875605Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:32.692032966Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.701876255Z 79 PC: 1315b | Find next file (See above)
2018-12-25T11:52:32.709304037Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.716047644Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.725840272Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:32.732723724Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.73501344Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.736411325Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:32.741952502Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.745448158Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.747018854Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.755600573Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.757629419Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.760642575Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.762364622Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:32.771447885Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.781511416Z 79 PC: 1315b | Find next file (See above)
2018-12-25T11:52:32.787493515Z 78 PC: 13178 | Find first file
2018-12-25T11:52:32.796250047Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.802475994Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.811973283Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:32.819989067Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.822035479Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.823643741Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:32.831536725Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.832915398Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.845644076Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.847952784Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.850758128Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.852224045Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:32.860014707Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.869608678Z 79 PC: 1318d | Find next file
2018-12-25T11:52:32.872633147Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.879548015Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.889169951Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:32.895871349Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.897589738Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.900334973Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:32.908311679Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.910065414Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.918840226Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.92035807Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.923198184Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.925366828Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:32.932322007Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.941769051Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:32.946678424Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.952637801Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.961788988Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:32.970162154Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.971585692Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.972959821Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:32.981020836Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.982484501Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.990844956Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.998364673Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.001289216Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.00288984Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:33.010745664Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.020165444Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:33.023355097Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.030918693Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.041471519Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:33.049014045Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.050506424Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.052476387Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:33.059788707Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.061583751Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.070421501Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.071754706Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.074434286Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.076853151Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:33.083740604Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.093093803Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:33.097049086Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.103387411Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.113940571Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:33.121897232Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.123625333Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.125320995Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:33.133251994Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.134751688Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.14306826Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.146007428Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.148877338Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.150371133Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:33.158832219Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.168288583Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:33.171321002Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.178170754Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.188754864Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:33.195660504Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.197766213Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.199182364Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:33.206464645Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.208239628Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.216640833Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.21822631Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.221387462Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.22394162Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:33.230946505Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.242780837Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:33.249832217Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.255943938Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.265644607Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:33.273003872Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.274570087Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.275989272Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:33.283834435Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.285262994Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.293200505Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.295363867Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.298225455Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.299832693Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:33.307845193Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.318062291Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:33.321046643Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.328488052Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.337980798Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:33.344625885Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.346869963Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.348706182Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:33.355807952Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.358108107Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.366985313Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.368569493Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.372409056Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.374252743Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:33.381868196Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.393801277Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:33.396929055Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.402942817Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.412729924Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:33.420503938Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.422044832Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.423606928Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:33.431824145Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.433262866Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.442054687Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.444509912Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.447721561Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.449530605Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:33.457628189Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.467919287Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:33.471275711Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.47983063Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.490854193Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:33.504246737Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.507656796Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.509021225Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:33.515932299Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.518318183Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.52530109Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.526743234Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.531253126Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.532873095Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:33.545427032Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.555575764Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:33.558641792Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.56578039Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.576812606Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:33.583640797Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.584998148Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.58746833Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:33.595829958Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.597651287Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:33.60459437Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.614082981Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:33.617111263Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.623938711Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.633695753Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:33.641237948Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.643700302Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.645243077Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:33.652282662Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.654419228Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.662858493Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.664503564Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.668721624Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.670358748Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:33.677961443Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.688841234Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:33.692129741Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.698584693Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.709886789Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:33.71696151Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.718767205Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.720669354Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:33.72818032Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.730548319Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.738759251Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.740739603Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.743803832Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.74546326Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:33.752436557Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.762509747Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:33.765725556Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.772455081Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.783438544Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:33.79213052Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.793523604Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.795881327Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:33.802385939Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.804116642Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:33.810954249Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.820529052Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:33.826970838Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.833635888Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.843966252Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:33.850957703Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.855173069Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.856790113Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:33.864074277Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.866291287Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.874733046Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.876366224Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.879779614Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.881573337Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:33.88862819Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.898408795Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:33.901513875Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.909483583Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.919303769Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:33.926655855Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.929718723Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.931396904Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:33.939940993Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.942332651Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.95007516Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.95118514Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.954896145Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.956288903Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:33.963223494Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.973249503Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:33.976932485Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.982019856Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.99084707Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:33.997484277Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.998961956Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:34.000945259Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:34.006325202Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:34.009381633Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:34.011654277Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:34.019892393Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:34.02249038Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:34.025449508Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:34.02697018Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:34.034818382Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:34.051779903Z 78 PC: 13146 | Find first file (See above)
2018-12-25T11:52:34.058246435Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:34.063034872Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:34.075193821Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:34.080534115Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:34.082356635Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:34.083587322Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:34.087619947Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:34.090011773Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:34.09106635Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:34.096814025Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:34.098348181Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:34.102755867Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:34.104014922Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:34.109150667Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:34.11770698Z 79 PC: 1315b | Find next file (See above)
2018-12-25T11:52:34.120181174Z 79 PC: 1315b | Find next file (See above)
2018-12-25T11:52:34.12202385Z 79 PC: 1315b | Find next file (See above)
2018-12-25T11:52:34.123714421Z 79 PC: 1315b | Find next file (See above)
2018-12-25T11:52:34.126195821Z 79 PC: 1315b | Find next file (See above)
2018-12-25T11:52:34.127942349Z 79 PC: 1315b | Find next file (See above)
2018-12-25T11:52:34.129747975Z 79 PC: 1315b | Find next file (See above)
2018-12-25T11:52:34.131858282Z 79 PC: 1315b | Find next file (See above)
2018-12-25T11:52:34.133390228Z 78 PC: 13178 | Find first file (See above)
2018-12-25T11:52:34.137136414Z 26 PC: 12d71 | Set disk transfer address
2018-12-25T11:52:34.13864549Z 37 PC: 12d82 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:52:34.139486661Z 9 PC: 12a86 | Display string (String= 'Goat file (COM/i...). Size=000001F4h/0000000500d bytes. ')
2018-12-25T11:52:34.143193969Z 48 PC: 12a8f | Get DOS version
2018-12-25T11:52:34.144163912Z 61 PC: 12b5c | Open file (Filename = '')
2018-12-25T11:52:34.149663344Z 93 PC: 12afe | File sharing functions
2018-12-25T11:52:34.151623449Z 9 PC: 12a86 | Display string (See above)
2018-12-25T11:52:34.153939842Z 76 PC: 12ae3 | Terminate with return code (Return code = '1')

{"DateBased":true,"Day":2,"Month":9,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4624,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:52:30.960537044Z 42 PC: 131af | Get date 0x131af: cmp dx, 0xc01
0x131b3: je 0x131bb
0x131b5: nop
0x131b6: nop
0x131b7: nop
0x131b8: jmp 0x131c8
0x131ba: nop
0x131bb: mov ah, 9
0x131bd: lea dx, word ptr [bx + 0x5ae]
0x131c1: int 0x21
0x131c3: mov ax, 0x4c00
0x131c6: int 0x21
0x131c8: cmp dx, 0x901
0x131cc: jb 0x131e0
0x131ce: nop
0x131cf: nop
0x131d0: nop
0x131d1: cmp al, 1
0x131d3: jne 0x131e0
0x131d5: nop
2018-12-25T11:52:30.963334561Z 53 PC: 12cb7 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:52:30.964379332Z 37 PC: 12ccd | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:52:30.965337364Z 26 PC: 12cd7 | Set disk transfer address
2018-12-25T11:52:30.967143912Z 78 PC: 13146 | Find first file
2018-12-25T11:52:30.975321887Z 67 PC: 13037 | Get or set file attributes
2018-12-25T11:52:30.979058702Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.481317197Z 61 PC: 12e07 | Open file (Filename = 'C:\DOS\EDIT.COM')
2018-12-25T11:52:32.488846818Z 87 PC: 13021 | Get or set file date and time
2018-12-25T11:52:32.490246645Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.492288067Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:32.497981461Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.500826166Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.50219565Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.512613548Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.514073781Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.521266581Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.523443551Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:32.530192376Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.539833341Z 79 PC: 1315b | Find next file
2018-12-25T11:52:32.544234644Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.550313417Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.559884708Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:32.567969008Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.583004094Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.584712746Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:32.591615281Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.59549933Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.597127842Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.606543555Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.608506971Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.611677181Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.614017707Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:32.621037938Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.630804951Z 79 PC: 1315b | Find next file (See above)
2018-12-25T11:52:32.634628267Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.640436981Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.650103957Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:32.657206965Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.658770738Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.66035951Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:32.666764448Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.669861601Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.671352446Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.680074478Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.682047394Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.684897853Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.686392986Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:32.694277344Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.708818614Z 79 PC: 1315b | Find next file (See above)
2018-12-25T11:52:32.715399538Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.723299197Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.733891464Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:32.741561829Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.743981728Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.745793371Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:32.751713548Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.755549835Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.757093132Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.765594776Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.768177807Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.771033704Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.772582418Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:32.780236288Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.790370052Z 79 PC: 1315b | Find next file (See above)
2018-12-25T11:52:32.796835283Z 78 PC: 13178 | Find first file
2018-12-25T11:52:32.80315093Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.809860782Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.820045762Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:32.827246038Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.830196772Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.832174077Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:32.839436294Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.842048277Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.853711073Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.855069924Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.858759652Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.860447219Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:32.86817822Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.878634593Z 79 PC: 1318d | Find next file
2018-12-25T11:52:32.882126304Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.888279438Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.899235032Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:32.90636458Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.908010638Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.910394568Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:32.917788012Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.919135087Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.927837174Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.93044009Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:32.933201851Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.935449613Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:32.942532911Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.951904971Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:32.955133265Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.961755191Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:32.971676041Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:32.979116034Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:32.981010939Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.982400389Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:32.989363372Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:32.991485528Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.00034365Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.001743656Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.005338322Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.006875087Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:33.014244585Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.024393257Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:33.02732948Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.033892563Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.044100886Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:33.050830595Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.052286848Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.054681159Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:33.062418395Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.063878163Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.073040084Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.074559803Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.077366789Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.079880788Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:33.086719642Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.095591031Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:33.099723126Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.105374535Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.114211405Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:33.121357911Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.122993199Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.124559502Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:33.132392931Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.134116897Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.139603695Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.140971966Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.143360537Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.14457987Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:33.149684491Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.156510571Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:33.158676968Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.162796089Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.171923417Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:33.176582956Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.177935358Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.179671873Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:33.184124807Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.185363387Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.191620165Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.192774763Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.194989308Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.19702219Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:33.202510063Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.208700093Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:33.21742004Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.224301629Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.234542119Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:33.242130286Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.243543243Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.245036358Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:33.252420638Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.254079747Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.262547442Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.266878216Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.269939429Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.271699226Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:33.279823245Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.289324273Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:33.292352533Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.298919109Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.308396349Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:33.315614754Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.317762763Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.31913947Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:33.326292767Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.328760638Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.338279726Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.339927341Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.34408334Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.345828823Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:33.352961971Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.363827305Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:33.36758411Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.374030498Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.3850688Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:33.392028863Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.393508141Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.396451436Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:33.407078787Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.408871832Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.417857267Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.4193606Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.422331769Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.424925922Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:33.432794787Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.442599194Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:33.446151303Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.453454676Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.463220022Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:33.471306214Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.473538737Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.475212526Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:33.483254372Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.48471823Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.493081126Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.495468097Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.498455828Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.500165875Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:33.508104213Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.519593282Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:33.52254412Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.529457937Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.539573303Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:33.546372954Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.548247586Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.549493157Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:33.555464696Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.557755113Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:33.56492782Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.574796456Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:33.578570373Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.584961461Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.595936477Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:33.604337365Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.606176581Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.607490818Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:33.614886963Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.616184446Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.625010833Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.627331045Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.630221616Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.632084276Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:33.642878523Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.653745565Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:33.657127135Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.665787655Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.675298921Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:33.682719853Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.684761253Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.686287169Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:33.69441951Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.695854682Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.704682703Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.707759741Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.710931157Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.712647595Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:33.720834547Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.731047217Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:33.733986208Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.740808504Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.750447787Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:33.757187329Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.759367146Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.760841769Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:33.76695011Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.769171647Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:33.774956765Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.784578292Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:33.791820246Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.798766177Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.808223377Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:33.816172731Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.817563865Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.818922782Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:33.826601624Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.828126306Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.836657771Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.838658369Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.842129838Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.843563448Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:33.852387211Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.862243606Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:33.866274657Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.87352733Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.883370928Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:33.890203794Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.892816841Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.894172027Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:33.901159153Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.903222603Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.911245082Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.912596891Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.916045295Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.917529586Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:33.924551892Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.936109137Z 79 PC: 1318d | Find next file (See above)
2018-12-25T11:52:33.939165551Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.944409398Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:33.954804002Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:33.961165826Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.96301732Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.965834892Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:33.971478653Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.974656622Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.97742601Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.985922824Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:33.987469871Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:33.991111493Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:33.992633325Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:34.00065099Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:34.010505561Z 78 PC: 13146 | Find first file (See above)
2018-12-25T11:52:34.019732435Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:34.026318131Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:34.041940248Z 61 PC: 12e07 | Open file (See above)
2018-12-25T11:52:34.051596509Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:34.054165908Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:34.05606191Z 63 PC: 13021 | Read file or device (See above)
2018-12-25T11:52:34.062667806Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:34.066495824Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:34.068027304Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:34.077350119Z 66 PC: 13021 | Move file pointer (See above)
2018-12-25T11:52:34.079307116Z 64 PC: 13021 | Write file or device (See above)
2018-12-25T11:52:34.086051863Z 87 PC: 13021 | Get or set file date and time (See above)
2018-12-25T11:52:34.087457775Z 62 PC: 13021 | Close file (See above)
2018-12-25T11:52:34.095444859Z 67 PC: 13037 | Get or set file attributes (See above)
2018-12-25T11:52:34.105242382Z 79 PC: 1315b | Find next file (See above)
2018-12-25T11:52:34.108245702Z 79 PC: 1315b | Find next file (See above)
2018-12-25T11:52:34.111130556Z 79 PC: 1315b | Find next file (See above)
2018-12-25T11:52:34.113569663Z 79 PC: 1315b | Find next file (See above)
2018-12-25T11:52:34.116289225Z 79 PC: 1315b | Find next file (See above)
2018-12-25T11:52:34.118946433Z 79 PC: 1315b | Find next file (See above)
2018-12-25T11:52:34.121378239Z 79 PC: 1315b | Find next file (See above)
2018-12-25T11:52:34.124456317Z 79 PC: 1315b | Find next file (See above)
2018-12-25T11:52:34.126760799Z 78 PC: 13178 | Find first file (See above)
2018-12-25T11:52:34.132506593Z 26 PC: 12d71 | Set disk transfer address
2018-12-25T11:52:34.13415647Z 37 PC: 12d82 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:52:34.135340405Z 9 PC: 12a86 | Display string (String= 'Goat file (COM/i...). Size=000001F4h/0000000500d bytes. ')
2018-12-25T11:52:34.141213581Z 48 PC: 12a8f | Get DOS version
2018-12-25T11:52:34.142905639Z 61 PC: 12b5c | Open file (Filename = '')
2018-12-25T11:52:34.14916972Z 93 PC: 12afe | File sharing functions
2018-12-25T11:52:34.151138614Z 9 PC: 12a86 | Display string (See above)
2018-12-25T11:52:34.155319105Z 76 PC: 12ae3 | Terminate with return code (Return code = '1')

{"DateBased":true,"Day":1,"Month":12,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4624,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:52:31.914382024Z 42 PC: 131af | Get date 0x131af: cmp dx, 0xc01
0x131b3: je 0x131bb
0x131b5: nop
0x131b6: nop
0x131b7: nop
0x131b8: jmp 0x131c8
0x131ba: nop
0x131bb: mov ah, 9
0x131bd: lea dx, word ptr [bx + 0x5ae]
0x131c1: int 0x21
0x131c3: mov ax, 0x4c00
0x131c6: int 0x21
0x131c8: cmp dx, 0x901
0x131cc: jb 0x131e0
0x131ce: nop
0x131cf: nop
0x131d0: nop
0x131d1: cmp al, 1
0x131d3: jne 0x131e0
0x131d5: nop
2018-12-25T11:52:31.917218345Z 9 PC: 131c3 | Display string (String= '� �� ���� ! ����ࠢ��� �� � ���� ஦����� ! ')
2018-12-25T11:52:31.92352408Z 76 PC: 131c8 | Terminate with return code (Return code = '0')