Sample viewer

vx.netlux.org/Virus.DOS.GERD.798

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:30:04.676098001Z	98	PC: 12c43 \| Get current PSP
2018-12-17T22:30:04.677434011Z	67	PC: 12b17 \| Get or set file attributes
2018-12-17T22:30:04.684983011Z	67	PC: 12b27 \| Get or set file attributes
2018-12-17T22:30:04.702690731Z	61	PC: 12b79 \| Open file (Filename = 'A:\TEST.COM')
2018-12-17T22:30:04.711992487Z	87	PC: 12b31 \| Get or set file date and time
2018-12-17T22:30:04.714715023Z	63	PC: 12b8e \| Read file or device (Read 798 bytes on handle 5)
2018-12-17T22:30:04.723025665Z	87	PC: 12b4b \| Get or set file date and time
2018-12-17T22:30:04.724751095Z	62	PC: 12b99 \| Close file
2018-12-17T22:30:04.735230758Z	67	PC: 12b59 \| Get or set file attributes
2018-12-17T22:30:04.74661483Z	47	PC: 12d2f \| Get disk transfer address
2018-12-17T22:30:04.748274155Z	78	PC: 12d44 \| Find first file
2018-12-17T22:30:04.755086063Z	67	PC: 12b17 \| Get or set file attributes
2018-12-17T22:30:04.762749904Z	67	PC: 12b27 \| Get or set file attributes
2018-12-17T22:30:04.773613504Z	61	PC: 12cb9 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:30:04.786277863Z	64	PC: 12ccd \| Write file or device (Write 798 bytes on handle 5)
2018-12-17T22:30:04.800626973Z	62	PC: 12cd5 \| Close file
2018-12-17T22:30:04.822427027Z	67	PC: 12b59 \| Get or set file attributes
2018-12-17T22:30:04.833873255Z	79	PC: 12d5a \| Find next file
2018-12-17T22:30:04.838402498Z	67	PC: 12b17 \| Get or set file attributes
2018-12-17T22:30:04.845035096Z	67	PC: 12b27 \| Get or set file attributes
2018-12-17T22:30:05.14170874Z	61	PC: 12cb9 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:30:05.149776335Z	64	PC: 12ccd \| Write file or device (Write 798 bytes on handle 5)
2018-12-17T22:30:05.49001908Z	62	PC: 12cd5 \| Close file
2018-12-17T22:30:05.515356815Z	67	PC: 12b59 \| Get or set file attributes
2018-12-17T22:30:05.526642335Z	79	PC: 12d5a \| Find next file
2018-12-17T22:30:05.530643799Z	67	PC: 12b17 \| Get or set file attributes
2018-12-17T22:30:05.538490216Z	67	PC: 12b27 \| Get or set file attributes
2018-12-17T22:30:05.555125838Z	61	PC: 12cb9 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:30:05.564751002Z	64	PC: 12ccd \| Write file or device (Write 798 bytes on handle 5)
2018-12-17T22:30:05.574170058Z	62	PC: 12cd5 \| Close file
2018-12-17T22:30:05.583411321Z	67	PC: 12b59 \| Get or set file attributes
2018-12-17T22:30:05.596522501Z	79	PC: 12d5a \| Find next file
2018-12-17T22:30:05.600034853Z	67	PC: 12b17 \| Get or set file attributes
2018-12-17T22:30:05.607556219Z	67	PC: 12b27 \| Get or set file attributes
2018-12-17T22:30:05.619691513Z	61	PC: 12cb9 \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:30:05.628475657Z	64	PC: 12ccd \| Write file or device (Write 798 bytes on handle 5)
2018-12-17T22:30:05.637987271Z	62	PC: 12cd5 \| Close file
2018-12-17T22:30:05.647540111Z	67	PC: 12b59 \| Get or set file attributes
2018-12-17T22:30:05.662259749Z	79	PC: 12d5a \| Find next file
2018-12-17T22:30:05.671143368Z	67	PC: 12b17 \| Get or set file attributes
2018-12-17T22:30:05.684912304Z	67	PC: 12b27 \| Get or set file attributes
2018-12-17T22:30:05.698161622Z	61	PC: 12cb9 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:30:05.707119187Z	64	PC: 12ccd \| Write file or device (Write 798 bytes on handle 5)
2018-12-17T22:30:05.716773742Z	62	PC: 12cd5 \| Close file
2018-12-17T22:30:05.725689047Z	67	PC: 12b59 \| Get or set file attributes
2018-12-17T22:30:05.734021867Z	79	PC: 12d5a \| Find next file
2018-12-17T22:30:05.736636423Z	67	PC: 12b17 \| Get or set file attributes
2018-12-17T22:30:05.741863971Z	67	PC: 12b27 \| Get or set file attributes
2018-12-17T22:30:05.749131595Z	61	PC: 12cb9 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:30:05.753625921Z	64	PC: 12ccd \| Write file or device (Write 798 bytes on handle 5)
2018-12-17T22:30:05.760042211Z	62	PC: 12cd5 \| Close file
2018-12-17T22:30:05.766488122Z	67	PC: 12b59 \| Get or set file attributes
2018-12-17T22:30:05.774514948Z	79	PC: 12d5a \| Find next file
2018-12-17T22:30:05.776605737Z	67	PC: 12b17 \| Get or set file attributes
2018-12-17T22:30:05.784208621Z	67	PC: 12b27 \| Get or set file attributes
2018-12-17T22:30:05.793081885Z	61	PC: 12cb9 \| Open file (Filename = 'PAH.COM')
2018-12-17T22:30:05.8001429Z	64	PC: 12ccd \| Write file or device (Write 798 bytes on handle 5)
2018-12-17T22:30:05.810061271Z	62	PC: 12cd5 \| Close file
2018-12-17T22:30:05.818262751Z	67	PC: 12b59 \| Get or set file attributes
2018-12-17T22:30:05.825280326Z	79	PC: 12d5a \| Find next file
2018-12-17T22:30:05.828380675Z	67	PC: 12b17 \| Get or set file attributes
2018-12-17T22:30:05.83361235Z	67	PC: 12b27 \| Get or set file attributes
2018-12-17T22:30:05.841078937Z	61	PC: 12cb9 \| Open file (Filename = 'TEST.COM')
2018-12-17T22:30:05.849486283Z	64	PC: 12ccd \| Write file or device (Write 798 bytes on handle 5)
2018-12-17T22:30:05.855088112Z	62	PC: 12cd5 \| Close file
2018-12-17T22:30:05.861222168Z	67	PC: 12b59 \| Get or set file attributes
2018-12-17T22:30:05.869252555Z	79	PC: 12d5a \| Find next file
2018-12-17T22:30:05.871956058Z	42	PC: 12ba1 \| Get date 0x12ba1: cmp al, 6 0x12ba3: je 0x12bb8 0x12ba5: cmp dh, dl 0x12ba7: je 0x12bbc 0x12ba9: mov ah, 0x2c 0x12bab: int 0x21 0x12bad: cmp ch, 0x10 0x12bb0: jb 0x12bc0 0x12bb2: cmp cl, 0x32 0x12bb5: ja 0x12bc4 0x12bb7: ret 0x12bb8: call 0x12bc7 0x12bbb: ret 0x12bbc: call 0x12bd8 0x12bbf: ret 0x12bc0: call 0x12c07 0x12bc3: ret 0x12bc4: call 0x12bec 0x12bc7: mov ah, 5 0x12bc9: mov dx, 0x80
2018-12-17T22:30:05.873967331Z	44	PC: 12bad \| Get time 0x12bad: cmp ch, 0x10 0x12bb0: jb 0x12bc0 0x12bb2: cmp cl, 0x32 0x12bb5: ja 0x12bc4 0x12bb7: ret 0x12bb8: call 0x12bc7 0x12bbb: ret 0x12bbc: call 0x12bd8 0x12bbf: ret 0x12bc0: call 0x12c07 0x12bc3: ret 0x12bc4: call 0x12bec 0x12bc7: mov ah, 5 0x12bc9: mov dx, 0x80 0x12bcc: mov cx, 0x2d 0x12bcf: push cx 0x12bd0: mov ch, cl 0x12bd2: int 0x13 0x12bd4: pop cx 0x12bd5: loop 0x12bcf
2018-12-17T22:30:05.875876636Z	71	PC: 12c1b \| Get current directory
2018-12-17T22:30:05.878773112Z	25	PC: 12c1f \| Get default drive
2018-12-17T22:30:05.879857742Z	59	PC: 12c29 \| Change current directory
2018-12-17T22:30:05.883770763Z	47	PC: 12d2f \| Get disk transfer address
2018-12-17T22:30:05.885449604Z	78	PC: 12d44 \| Find first file
2018-12-17T22:30:05.888387213Z	14	PC: 12c34 \| Set default drive (Drive = 'A')
2018-12-17T22:30:05.889702071Z	59	PC: 12c3b \| Change current directory

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":5379,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:54:22.149180048Z	98	PC: 12c43 \| Get current PSP
2018-12-25T11:54:22.161190555Z	67	PC: 12b17 \| Get or set file attributes
2018-12-25T11:54:22.165511417Z	67	PC: 12b27 \| Get or set file attributes
2018-12-25T11:54:22.178050011Z	61	PC: 12b79 \| Open file (Filename = 'A:\TEST.COM')
2018-12-25T11:54:22.182896282Z	87	PC: 12b31 \| Get or set file date and time
2018-12-25T11:54:22.18449429Z	63	PC: 12b8e \| Read file or device (Read 798 bytes on handle 5)
2018-12-25T11:54:22.192511767Z	87	PC: 12b4b \| Get or set file date and time
2018-12-25T11:54:22.194576119Z	62	PC: 12b99 \| Close file
2018-12-25T11:54:22.203343299Z	67	PC: 12b59 \| Get or set file attributes
2018-12-25T11:54:22.217843116Z	47	PC: 12d2f \| Get disk transfer address
2018-12-25T11:54:22.219163571Z	78	PC: 12d44 \| Find first file
2018-12-25T11:54:22.227452601Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:22.234168993Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:22.506566361Z	61	PC: 12cb9 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T11:54:22.517636258Z	64	PC: 12ccd \| Write file or device (Write 798 bytes on handle 5)
2018-12-25T11:54:22.573861747Z	62	PC: 12cd5 \| Close file
2018-12-25T11:54:22.583265838Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:22.599066317Z	79	PC: 12d5a \| Find next file
2018-12-25T11:54:22.603292044Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:22.610281477Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:22.621644874Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:22.630788769Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:22.640257855Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:22.646729619Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:22.657234527Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:22.659221406Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:22.663096597Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:22.676337071Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:22.696778479Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:22.706167431Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:22.726868572Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:22.758472034Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:22.761714734Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:22.768620741Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:22.780837792Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:22.78871962Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:23.084037855Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:23.124154512Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:23.135281389Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:23.139036948Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:23.146675802Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:23.161153354Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:23.169489155Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:23.179928707Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:23.189211412Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:23.200466199Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:23.204781714Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:23.212000287Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:23.226543032Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:23.235184476Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:23.244875117Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:23.254127151Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:23.265369631Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:23.26998205Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:23.276702651Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:23.291152525Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:23.300215895Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:23.309630761Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:23.318913688Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:23.331037424Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:23.335371933Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:23.342153528Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:23.354622976Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:23.362866068Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:23.372314277Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:23.381259622Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:23.393675854Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:23.39673448Z	42	PC: 12ba1 \| Get date 0x12ba1: cmp al, 6 0x12ba3: je 0x12bb8 0x12ba5: cmp dh, dl 0x12ba7: je 0x12bbc 0x12ba9: mov ah, 0x2c 0x12bab: int 0x21 0x12bad: cmp ch, 0x10 0x12bb0: jb 0x12bc0 0x12bb2: cmp cl, 0x32 0x12bb5: ja 0x12bc4 0x12bb7: ret 0x12bb8: call 0x12bc7 0x12bbb: ret 0x12bbc: call 0x12bd8 0x12bbf: ret 0x12bc0: call 0x12c07 0x12bc3: ret 0x12bc4: call 0x12bec 0x12bc7: mov ah, 5 0x12bc9: mov dx, 0x80

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":5379,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:54:22.207667815Z	98	PC: 12c43 \| Get current PSP
2018-12-25T11:54:22.209080898Z	67	PC: 12b17 \| Get or set file attributes
2018-12-25T11:54:22.215136718Z	67	PC: 12b27 \| Get or set file attributes
2018-12-25T11:54:22.232734528Z	61	PC: 12b79 \| Open file (Filename = 'A:\TEST.COM')
2018-12-25T11:54:22.24068927Z	87	PC: 12b31 \| Get or set file date and time
2018-12-25T11:54:22.242206525Z	63	PC: 12b8e \| Read file or device (Read 798 bytes on handle 5)
2018-12-25T11:54:22.249368719Z	87	PC: 12b4b \| Get or set file date and time
2018-12-25T11:54:22.251723893Z	62	PC: 12b99 \| Close file
2018-12-25T11:54:22.259006765Z	67	PC: 12b59 \| Get or set file attributes
2018-12-25T11:54:22.582363481Z	47	PC: 12d2f \| Get disk transfer address
2018-12-25T11:54:22.583456797Z	78	PC: 12d44 \| Find first file
2018-12-25T11:54:22.591889471Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:22.606184197Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:22.617062808Z	61	PC: 12cb9 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T11:54:22.624962994Z	64	PC: 12ccd \| Write file or device (Write 798 bytes on handle 5)
2018-12-25T11:54:22.633209895Z	62	PC: 12cd5 \| Close file
2018-12-25T11:54:22.641676525Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:22.65270563Z	79	PC: 12d5a \| Find next file
2018-12-25T11:54:22.655314504Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:22.661386507Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:22.671802714Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:22.67835007Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:22.686192357Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:22.695218596Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:22.723695768Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:22.726333178Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:22.731821283Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:22.742327304Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:22.748855523Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:22.757172386Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:22.766327084Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:22.776506025Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:22.779244643Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:22.785518957Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:22.796139684Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:22.802543745Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:22.811304055Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:22.820328965Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:22.832941677Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:22.83654709Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:22.843201131Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:22.853272858Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:22.861228033Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:22.869570657Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:22.877889194Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:22.890159544Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:22.893320639Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:22.898902796Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:22.909175075Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:22.916278095Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:22.924190077Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:22.932538652Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:22.944719975Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:22.947279819Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:22.953189333Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:22.962587941Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:22.968946955Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:22.976761714Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:22.98539685Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:22.995089269Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:22.997657152Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:23.003703142Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:23.016212381Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:23.022811552Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:23.031718567Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:23.039517018Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:23.049355289Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:23.052321288Z	42	PC: 12ba1 \| Get date 0x12ba1: cmp al, 6 0x12ba3: je 0x12bb8 0x12ba5: cmp dh, dl 0x12ba7: je 0x12bbc 0x12ba9: mov ah, 0x2c 0x12bab: int 0x21 0x12bad: cmp ch, 0x10 0x12bb0: jb 0x12bc0 0x12bb2: cmp cl, 0x32 0x12bb5: ja 0x12bc4 0x12bb7: ret 0x12bb8: call 0x12bc7 0x12bbb: ret 0x12bbc: call 0x12bd8 0x12bbf: ret 0x12bc0: call 0x12c07 0x12bc3: ret 0x12bc4: call 0x12bec 0x12bc7: mov ah, 5 0x12bc9: mov dx, 0x80

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":5379,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:54:22.274519245Z	98	PC: 12c43 \| Get current PSP
2018-12-25T11:54:22.276493157Z	67	PC: 12b17 \| Get or set file attributes
2018-12-25T11:54:22.283494832Z	67	PC: 12b27 \| Get or set file attributes
2018-12-25T11:54:22.573673489Z	61	PC: 12b79 \| Open file (Filename = 'A:\TEST.COM')
2018-12-25T11:54:22.582029484Z	87	PC: 12b31 \| Get or set file date and time
2018-12-25T11:54:22.585397817Z	63	PC: 12b8e \| Read file or device (Read 798 bytes on handle 5)
2018-12-25T11:54:22.593918021Z	87	PC: 12b4b \| Get or set file date and time
2018-12-25T11:54:22.596127298Z	62	PC: 12b99 \| Close file
2018-12-25T11:54:22.613214463Z	67	PC: 12b59 \| Get or set file attributes
2018-12-25T11:54:22.625768184Z	47	PC: 12d2f \| Get disk transfer address
2018-12-25T11:54:22.627381068Z	78	PC: 12d44 \| Find first file
2018-12-25T11:54:22.652291671Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:22.671214285Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:22.679766291Z	61	PC: 12cb9 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T11:54:22.686639992Z	64	PC: 12ccd \| Write file or device (Write 798 bytes on handle 5)
2018-12-25T11:54:22.692322603Z	62	PC: 12cd5 \| Close file
2018-12-25T11:54:22.698839854Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:22.711265015Z	79	PC: 12d5a \| Find next file
2018-12-25T11:54:22.715118496Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:22.721288061Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:22.736668187Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:22.744702987Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:22.754357193Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:22.764233403Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:22.771981583Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:22.774124105Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:22.779144912Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:23.091813769Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:23.097950673Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:23.123429596Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:23.134052073Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:23.146034838Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:23.150937299Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:23.156796313Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:23.167759824Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:23.176565821Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:23.189186767Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:23.198338234Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:23.20971656Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:23.213458286Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:23.218768879Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:23.225246508Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:23.233014356Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:23.239177285Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:23.245230056Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:23.252503707Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:23.255866952Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:23.259642673Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:23.266228026Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:23.276306135Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:23.281918735Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:23.28809273Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:23.297218969Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:23.299949366Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:23.304008539Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:23.311148044Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:23.321157928Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:23.330971529Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:23.342239856Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:23.353283082Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:23.357998009Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:23.365696487Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:23.3782327Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:23.386087456Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:23.396323055Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:23.407059631Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:23.418276891Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:23.421168453Z	42	PC: 12ba1 \| Get date 0x12ba1: cmp al, 6 0x12ba3: je 0x12bb8 0x12ba5: cmp dh, dl 0x12ba7: je 0x12bbc 0x12ba9: mov ah, 0x2c 0x12bab: int 0x21 0x12bad: cmp ch, 0x10 0x12bb0: jb 0x12bc0 0x12bb2: cmp cl, 0x32 0x12bb5: ja 0x12bc4 0x12bb7: ret 0x12bb8: call 0x12bc7 0x12bbb: ret 0x12bbc: call 0x12bd8 0x12bbf: ret 0x12bc0: call 0x12c07 0x12bc3: ret 0x12bc4: call 0x12bec 0x12bc7: mov ah, 5 0x12bc9: mov dx, 0x80

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":16,"Min":0,"Second":0,"TimeBased":true,"OriginalID":5379,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:54:22.487929946Z	98	PC: 12c43 \| Get current PSP
2018-12-25T11:54:22.496063346Z	67	PC: 12b17 \| Get or set file attributes
2018-12-25T11:54:22.502754279Z	67	PC: 12b27 \| Get or set file attributes
2018-12-25T11:54:22.57590508Z	61	PC: 12b79 \| Open file (Filename = 'A:\TEST.COM')
2018-12-25T11:54:22.583969406Z	87	PC: 12b31 \| Get or set file date and time
2018-12-25T11:54:22.586385631Z	63	PC: 12b8e \| Read file or device (Read 798 bytes on handle 5)
2018-12-25T11:54:22.59706282Z	87	PC: 12b4b \| Get or set file date and time
2018-12-25T11:54:22.598809283Z	62	PC: 12b99 \| Close file
2018-12-25T11:54:22.610251183Z	67	PC: 12b59 \| Get or set file attributes
2018-12-25T11:54:22.621924345Z	47	PC: 12d2f \| Get disk transfer address
2018-12-25T11:54:22.623562665Z	78	PC: 12d44 \| Find first file
2018-12-25T11:54:22.631468941Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:22.637820875Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:22.64444819Z	61	PC: 12cb9 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T11:54:22.650213359Z	64	PC: 12ccd \| Write file or device (Write 798 bytes on handle 5)
2018-12-25T11:54:22.656628777Z	62	PC: 12cd5 \| Close file
2018-12-25T11:54:22.665079496Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:22.679416834Z	79	PC: 12d5a \| Find next file
2018-12-25T11:54:22.683592081Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:22.689726433Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:22.700641066Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:22.708291602Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:22.717164182Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:22.724817124Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:22.731958094Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:22.734072174Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:22.738484406Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:22.74768838Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:22.752388189Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:22.758685179Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:22.767005118Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:22.777271055Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:22.779632553Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:22.78666371Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:23.084476141Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:23.09782225Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:23.124205219Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:23.142004242Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:23.15486043Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:23.158295569Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:23.16661415Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:23.180818757Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:23.188816955Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:23.199023744Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:23.209051745Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:23.220688768Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:23.224968135Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:23.233249718Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:23.244819851Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:23.252572619Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:23.263056723Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:23.272333964Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:23.284524095Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:23.289078807Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:23.296590153Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:23.307872034Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:23.316337537Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:23.325649412Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:23.334906762Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:23.347059783Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:23.350928164Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:23.358413917Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:23.369798172Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:23.378554513Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:23.384659255Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:23.390608886Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:23.398327432Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:23.400236573Z	42	PC: 12ba1 \| Get date 0x12ba1: cmp al, 6 0x12ba3: je 0x12bb8 0x12ba5: cmp dh, dl 0x12ba7: je 0x12bbc 0x12ba9: mov ah, 0x2c 0x12bab: int 0x21 0x12bad: cmp ch, 0x10 0x12bb0: jb 0x12bc0 0x12bb2: cmp cl, 0x32 0x12bb5: ja 0x12bc4 0x12bb7: ret 0x12bb8: call 0x12bc7 0x12bbb: ret 0x12bbc: call 0x12bd8 0x12bbf: ret 0x12bc0: call 0x12c07 0x12bc3: ret 0x12bc4: call 0x12bec 0x12bc7: mov ah, 5 0x12bc9: mov dx, 0x80

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":16,"Min":0,"Second":0,"TimeBased":true,"OriginalID":5379,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:54:22.487293765Z	98	PC: 12c43 \| Get current PSP
2018-12-25T11:54:22.488798695Z	67	PC: 12b17 \| Get or set file attributes
2018-12-25T11:54:22.495365207Z	67	PC: 12b27 \| Get or set file attributes
2018-12-25T11:54:22.601315667Z	61	PC: 12b79 \| Open file (Filename = 'A:\TEST.COM')
2018-12-25T11:54:22.60902629Z	87	PC: 12b31 \| Get or set file date and time
2018-12-25T11:54:22.610801892Z	63	PC: 12b8e \| Read file or device (Read 798 bytes on handle 5)
2018-12-25T11:54:22.618263618Z	87	PC: 12b4b \| Get or set file date and time
2018-12-25T11:54:22.621130215Z	62	PC: 12b99 \| Close file
2018-12-25T11:54:22.629694227Z	67	PC: 12b59 \| Get or set file attributes
2018-12-25T11:54:22.639792894Z	47	PC: 12d2f \| Get disk transfer address
2018-12-25T11:54:22.642370948Z	78	PC: 12d44 \| Find first file
2018-12-25T11:54:22.64854638Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:22.659720385Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:22.671232175Z	61	PC: 12cb9 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T11:54:22.678791811Z	64	PC: 12ccd \| Write file or device (Write 798 bytes on handle 5)
2018-12-25T11:54:22.687385677Z	62	PC: 12cd5 \| Close file
2018-12-25T11:54:22.696692593Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:22.706850746Z	79	PC: 12d5a \| Find next file
2018-12-25T11:54:22.710338645Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:22.716209355Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:22.729404245Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:22.736075186Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:22.749013981Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:22.758070226Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:22.768121939Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:22.771073069Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:22.778131769Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:22.791456977Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:22.798400356Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:22.809834075Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:22.817988868Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:22.828019175Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:22.831867117Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:22.840076359Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:22.854296277Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:22.861747938Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:22.870151102Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:22.878303866Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:22.887112042Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:22.890162713Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:22.896171993Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:22.908153306Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:22.915315335Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:22.923044214Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:22.930678382Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:22.940510917Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:22.943043626Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:22.948486446Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:22.958033381Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:22.968979383Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:22.977074244Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:22.985707605Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:22.992197581Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:22.994063621Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:22.998171583Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:23.007077903Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:23.018635229Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:23.027961091Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:23.037325816Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:23.046911151Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:23.050202029Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:23.056715318Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:23.066455952Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:23.074048419Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:23.082582156Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:23.090848139Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:23.103674471Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:23.106000423Z	42	PC: 12ba1 \| Get date 0x12ba1: cmp al, 6 0x12ba3: je 0x12bb8 0x12ba5: cmp dh, dl 0x12ba7: je 0x12bbc 0x12ba9: mov ah, 0x2c 0x12bab: int 0x21 0x12bad: cmp ch, 0x10 0x12bb0: jb 0x12bc0 0x12bb2: cmp cl, 0x32 0x12bb5: ja 0x12bc4 0x12bb7: ret 0x12bb8: call 0x12bc7 0x12bbb: ret 0x12bbc: call 0x12bd8 0x12bbf: ret 0x12bc0: call 0x12c07 0x12bc3: ret 0x12bc4: call 0x12bec 0x12bc7: mov ah, 5 0x12bc9: mov dx, 0x80

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":16,"Min":0,"Second":0,"TimeBased":true,"OriginalID":5379,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:54:22.672570199Z	98	PC: 12c43 \| Get current PSP
2018-12-25T11:54:22.674501189Z	67	PC: 12b17 \| Get or set file attributes
2018-12-25T11:54:22.681316639Z	67	PC: 12b27 \| Get or set file attributes
2018-12-25T11:54:22.699109235Z	61	PC: 12b79 \| Open file (Filename = 'A:\TEST.COM')
2018-12-25T11:54:22.708519792Z	87	PC: 12b31 \| Get or set file date and time
2018-12-25T11:54:22.712324452Z	63	PC: 12b8e \| Read file or device (Read 798 bytes on handle 5)
2018-12-25T11:54:22.720491561Z	87	PC: 12b4b \| Get or set file date and time
2018-12-25T11:54:22.722210181Z	62	PC: 12b99 \| Close file
2018-12-25T11:54:22.730962368Z	67	PC: 12b59 \| Get or set file attributes
2018-12-25T11:54:22.743448724Z	47	PC: 12d2f \| Get disk transfer address
2018-12-25T11:54:22.745228608Z	78	PC: 12d44 \| Find first file
2018-12-25T11:54:22.752665095Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:22.759273611Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:22.770341982Z	61	PC: 12cb9 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T11:54:22.778932767Z	64	PC: 12ccd \| Write file or device (Write 798 bytes on handle 5)
2018-12-25T11:54:23.083865566Z	62	PC: 12cd5 \| Close file
2018-12-25T11:54:23.123848192Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:23.13864551Z	79	PC: 12d5a \| Find next file
2018-12-25T11:54:23.141423514Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:23.146095156Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:23.157387547Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:23.165833947Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:23.175347323Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:23.184955634Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:23.19503005Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:23.198196544Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:23.205016109Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:23.217749796Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:23.228798719Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:23.238140106Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:23.250020487Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:23.261364661Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:23.264874806Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:23.273412533Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:23.29766083Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:23.305261884Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:23.315843546Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:23.325628288Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:23.337237766Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:23.340911046Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:23.348354013Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:23.359493777Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:23.372629683Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:23.386393224Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:23.395524807Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:23.406474673Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:23.410154954Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:23.416812261Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:23.427908647Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:23.442438055Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:23.451813802Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:23.460957887Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:23.472902268Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:23.476095883Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:23.482552097Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:23.493520319Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:23.50749791Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:23.51651685Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:23.525814247Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:23.537926251Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:23.541058485Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:23.547811174Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:23.560275067Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:23.568148238Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:23.577464649Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:23.588258995Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:23.599457545Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:23.602384105Z	42	PC: 12ba1 \| Get date 0x12ba1: cmp al, 6 0x12ba3: je 0x12bb8 0x12ba5: cmp dh, dl 0x12ba7: je 0x12bbc 0x12ba9: mov ah, 0x2c 0x12bab: int 0x21 0x12bad: cmp ch, 0x10 0x12bb0: jb 0x12bc0 0x12bb2: cmp cl, 0x32 0x12bb5: ja 0x12bc4 0x12bb7: ret 0x12bb8: call 0x12bc7 0x12bbb: ret 0x12bbc: call 0x12bd8 0x12bbf: ret 0x12bc0: call 0x12c07 0x12bc3: ret 0x12bc4: call 0x12bec 0x12bc7: mov ah, 5 0x12bc9: mov dx, 0x80

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":16,"Min":51,"Second":0,"TimeBased":true,"OriginalID":5379,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:54:23.221894432Z	98	PC: 12c43 \| Get current PSP
2018-12-25T11:54:23.22314745Z	67	PC: 12b17 \| Get or set file attributes
2018-12-25T11:54:23.228731019Z	67	PC: 12b27 \| Get or set file attributes
2018-12-25T11:54:23.245436233Z	61	PC: 12b79 \| Open file (Filename = 'A:\TEST.COM')
2018-12-25T11:54:23.257497747Z	87	PC: 12b31 \| Get or set file date and time
2018-12-25T11:54:23.258800684Z	63	PC: 12b8e \| Read file or device (Read 798 bytes on handle 5)
2018-12-25T11:54:23.265665895Z	87	PC: 12b4b \| Get or set file date and time
2018-12-25T11:54:23.267009674Z	62	PC: 12b99 \| Close file
2018-12-25T11:54:23.276336116Z	67	PC: 12b59 \| Get or set file attributes
2018-12-25T11:54:23.285744575Z	47	PC: 12d2f \| Get disk transfer address
2018-12-25T11:54:23.286706983Z	78	PC: 12d44 \| Find first file
2018-12-25T11:54:23.292986873Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:23.298400647Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:23.307946885Z	61	PC: 12cb9 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T11:54:23.319244282Z	64	PC: 12ccd \| Write file or device (Write 798 bytes on handle 5)
2018-12-25T11:54:23.326963644Z	62	PC: 12cd5 \| Close file
2018-12-25T11:54:23.335102804Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:23.345515202Z	79	PC: 12d5a \| Find next file
2018-12-25T11:54:23.348228895Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:23.35376179Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:23.363624359Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:23.369999665Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:23.377803213Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:23.386480055Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:23.399182732Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:23.402181789Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:23.409026327Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:23.418614975Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:23.42554167Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:23.435030069Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:23.443302339Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:23.455372579Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:23.458296242Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:23.465919619Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:23.47541414Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:23.481909493Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:23.490452604Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:23.498550453Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:23.508452933Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:23.512453443Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:23.518294721Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:23.667222583Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:23.67561524Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:23.771746053Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:23.972000845Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:24.205973736Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:24.210927974Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:24.217096699Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:24.230717418Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:24.237509543Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:24.245913096Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:24.254182195Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:24.264690035Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:24.2676825Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:24.274346075Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:24.287132399Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:24.301023972Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:24.309952308Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:24.318027309Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:24.328295737Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:24.332204343Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:24.338576792Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:24.348636636Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:24.356416078Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:24.366219559Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:24.374203332Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:24.38467971Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:24.388065745Z	42	PC: 12ba1 \| Get date 0x12ba1: cmp al, 6 0x12ba3: je 0x12bb8 0x12ba5: cmp dh, dl 0x12ba7: je 0x12bbc 0x12ba9: mov ah, 0x2c 0x12bab: int 0x21 0x12bad: cmp ch, 0x10 0x12bb0: jb 0x12bc0 0x12bb2: cmp cl, 0x32 0x12bb5: ja 0x12bc4 0x12bb7: ret 0x12bb8: call 0x12bc7 0x12bbb: ret 0x12bbc: call 0x12bd8 0x12bbf: ret 0x12bc0: call 0x12c07 0x12bc3: ret 0x12bc4: call 0x12bec 0x12bc7: mov ah, 5 0x12bc9: mov dx, 0x80

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":16,"Min":51,"Second":0,"TimeBased":true,"OriginalID":5379,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:54:23.572328905Z	98	PC: 12c43 \| Get current PSP
2018-12-25T11:54:23.573590972Z	67	PC: 12b17 \| Get or set file attributes
2018-12-25T11:54:23.579629957Z	67	PC: 12b27 \| Get or set file attributes
2018-12-25T11:54:24.209982673Z	61	PC: 12b79 \| Open file (Filename = 'A:\TEST.COM')
2018-12-25T11:54:24.222086382Z	87	PC: 12b31 \| Get or set file date and time
2018-12-25T11:54:24.2263715Z	63	PC: 12b8e \| Read file or device (Read 798 bytes on handle 5)
2018-12-25T11:54:24.239964352Z	87	PC: 12b4b \| Get or set file date and time
2018-12-25T11:54:24.241993513Z	62	PC: 12b99 \| Close file
2018-12-25T11:54:24.248830111Z	67	PC: 12b59 \| Get or set file attributes
2018-12-25T11:54:24.258469037Z	47	PC: 12d2f \| Get disk transfer address
2018-12-25T11:54:24.259796602Z	78	PC: 12d44 \| Find first file
2018-12-25T11:54:24.265965291Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:24.271506021Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:24.283997777Z	61	PC: 12cb9 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T11:54:24.297087245Z	64	PC: 12ccd \| Write file or device (Write 798 bytes on handle 5)
2018-12-25T11:54:24.305387133Z	62	PC: 12cd5 \| Close file
2018-12-25T11:54:24.31359644Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:24.324719956Z	79	PC: 12d5a \| Find next file
2018-12-25T11:54:24.327723329Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:24.333575958Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:24.34447003Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:24.356450404Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:24.364640143Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:24.374495741Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:24.397116395Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:24.400017052Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:24.406026838Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:24.418360887Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:24.4247711Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:24.43673288Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:24.44796012Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:24.457774154Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:24.461213938Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:24.467483011Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:24.48077103Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:24.487575936Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:24.496787348Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:24.504517207Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:24.514123841Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:24.517101236Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:24.522555495Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:24.534347945Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:24.54663999Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:24.554559935Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:24.562478949Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:24.574165867Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:24.57676655Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:24.582290389Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:24.592351376Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:24.604571678Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:24.612746712Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:24.621128478Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:24.631298397Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:24.634318934Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:24.65437863Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:24.664057832Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:24.672341437Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:24.678134332Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:24.686654271Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:24.697169002Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:24.699948768Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:24.705356683Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:24.716006296Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:24.72301614Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:24.731391836Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:24.737780034Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:24.748726881Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:24.751204103Z	42	PC: 12ba1 \| Get date 0x12ba1: cmp al, 6 0x12ba3: je 0x12bb8 0x12ba5: cmp dh, dl 0x12ba7: je 0x12bbc 0x12ba9: mov ah, 0x2c 0x12bab: int 0x21 0x12bad: cmp ch, 0x10 0x12bb0: jb 0x12bc0 0x12bb2: cmp cl, 0x32 0x12bb5: ja 0x12bc4 0x12bb7: ret 0x12bb8: call 0x12bc7 0x12bbb: ret 0x12bbc: call 0x12bd8 0x12bbf: ret 0x12bc0: call 0x12c07 0x12bc3: ret 0x12bc4: call 0x12bec 0x12bc7: mov ah, 5 0x12bc9: mov dx, 0x80

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":16,"Min":51,"Second":0,"TimeBased":true,"OriginalID":5379,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:54:23.83542888Z	98	PC: 12c43 \| Get current PSP
2018-12-25T11:54:23.836871251Z	67	PC: 12b17 \| Get or set file attributes
2018-12-25T11:54:23.843667547Z	67	PC: 12b27 \| Get or set file attributes
2018-12-25T11:54:23.860727888Z	61	PC: 12b79 \| Open file (Filename = 'A:\TEST.COM')
2018-12-25T11:54:23.868650201Z	87	PC: 12b31 \| Get or set file date and time
2018-12-25T11:54:23.871654175Z	63	PC: 12b8e \| Read file or device (Read 798 bytes on handle 5)
2018-12-25T11:54:23.880651112Z	87	PC: 12b4b \| Get or set file date and time
2018-12-25T11:54:23.882750922Z	62	PC: 12b99 \| Close file
2018-12-25T11:54:23.89250091Z	67	PC: 12b59 \| Get or set file attributes
2018-12-25T11:54:23.904249675Z	47	PC: 12d2f \| Get disk transfer address
2018-12-25T11:54:23.905605012Z	78	PC: 12d44 \| Find first file
2018-12-25T11:54:23.913568166Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:23.919984215Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:23.930815607Z	61	PC: 12cb9 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T11:54:23.938476746Z	64	PC: 12ccd \| Write file or device (Write 798 bytes on handle 5)
2018-12-25T11:54:23.947660758Z	62	PC: 12cd5 \| Close file
2018-12-25T11:54:23.958268229Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:23.971201005Z	79	PC: 12d5a \| Find next file
2018-12-25T11:54:23.974303764Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:23.980355594Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:23.990956943Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:23.998697977Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:24.007300804Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:24.016503493Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:24.02790404Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:24.030422596Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:24.03735019Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:24.048139844Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:24.055234525Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:24.064721114Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:24.075193655Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:24.087701046Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:24.091309981Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:24.099460141Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:24.112231847Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:24.120228438Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:24.130071126Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:24.141804634Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:24.153741494Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:24.157294494Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:24.163819828Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:24.17486124Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:24.182441743Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:24.192119865Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:24.201433708Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:24.213279825Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:24.218428592Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:24.225171688Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:24.236381341Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:24.24502083Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:24.254322493Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:24.26359694Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:24.278437005Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:24.281387211Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:24.287600026Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:24.298455048Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:24.306894321Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:24.316434718Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:24.325398247Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:24.340091109Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:24.34299179Z	67	PC: 12b17 \| Get or set file attributes (See above)
2018-12-25T11:54:24.349204838Z	67	PC: 12b27 \| Get or set file attributes (See above)
2018-12-25T11:54:24.360391541Z	61	PC: 12cb9 \| Open file (See above)
2018-12-25T11:54:24.367615399Z	64	PC: 12ccd \| Write file or device (See above)
2018-12-25T11:54:24.376729053Z	62	PC: 12cd5 \| Close file (See above)
2018-12-25T11:54:24.38619251Z	67	PC: 12b59 \| Get or set file attributes (See above)
2018-12-25T11:54:24.400527685Z	79	PC: 12d5a \| Find next file (See above)
2018-12-25T11:54:24.403185809Z	42	PC: 12ba1 \| Get date 0x12ba1: cmp al, 6 0x12ba3: je 0x12bb8 0x12ba5: cmp dh, dl 0x12ba7: je 0x12bbc 0x12ba9: mov ah, 0x2c 0x12bab: int 0x21 0x12bad: cmp ch, 0x10 0x12bb0: jb 0x12bc0 0x12bb2: cmp cl, 0x32 0x12bb5: ja 0x12bc4 0x12bb7: ret 0x12bb8: call 0x12bc7 0x12bbb: ret 0x12bbc: call 0x12bd8 0x12bbf: ret 0x12bc0: call 0x12c07 0x12bc3: ret 0x12bc4: call 0x12bec 0x12bc7: mov ah, 5 0x12bc9: mov dx, 0x80