Sample viewer

vx.netlux.org/Virus.DOS.Sisoruen.465

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:33:45.210556463Z 26 PC: 12a9c | Set disk transfer address
2018-12-17T22:33:45.211966262Z 78 PC: 12aa7 | Find first file
2018-12-17T22:33:45.216869646Z 67 PC: 12b1d | Get or set file attributes
2018-12-17T22:33:45.233748433Z 61 PC: 12b23 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:33:45.241943997Z 87 PC: 12b29 | Get or set file date and time
2018-12-17T22:33:45.243610372Z 63 PC: 12b36 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:33:45.249327596Z 87 PC: 12b9f | Get or set file date and time
2018-12-17T22:33:45.251185439Z 62 PC: 12ba3 | Close file
2018-12-17T22:33:45.276579286Z 79 PC: 12aa7 | Find next file
2018-12-17T22:33:45.280326987Z 67 PC: 12b1d | Get or set file attributes
2018-12-17T22:33:45.294531838Z 61 PC: 12b23 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:33:45.302331011Z 87 PC: 12b29 | Get or set file date and time
2018-12-17T22:33:45.30369741Z 63 PC: 12b36 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:33:45.310621007Z 87 PC: 12b9f | Get or set file date and time
2018-12-17T22:33:45.31351963Z 62 PC: 12ba3 | Close file
2018-12-17T22:33:45.320589748Z 79 PC: 12aa7 | Find next file
2018-12-17T22:33:45.323454983Z 67 PC: 12b1d | Get or set file attributes
2018-12-17T22:33:45.333993995Z 61 PC: 12b23 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:33:45.341561949Z 87 PC: 12b29 | Get or set file date and time
2018-12-17T22:33:45.343368051Z 63 PC: 12b36 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:33:45.352769553Z 87 PC: 12b9f | Get or set file date and time
2018-12-17T22:33:45.354714525Z 62 PC: 12ba3 | Close file
2018-12-17T22:33:45.362035432Z 79 PC: 12aa7 | Find next file
2018-12-17T22:33:45.365648158Z 67 PC: 12b1d | Get or set file attributes
2018-12-17T22:33:45.377011142Z 61 PC: 12b23 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:33:45.38387855Z 87 PC: 12b29 | Get or set file date and time
2018-12-17T22:33:45.386866121Z 63 PC: 12b36 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:33:45.393659285Z 87 PC: 12b9f | Get or set file date and time
2018-12-17T22:33:45.395154791Z 62 PC: 12ba3 | Close file
2018-12-17T22:33:45.402472715Z 79 PC: 12aa7 | Find next file
2018-12-17T22:33:45.405524351Z 67 PC: 12b1d | Get or set file attributes
2018-12-17T22:33:45.418132651Z 61 PC: 12b23 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:33:45.425005987Z 87 PC: 12b29 | Get or set file date and time
2018-12-17T22:33:45.42714453Z 63 PC: 12b36 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:33:45.434063487Z 87 PC: 12b9f | Get or set file date and time
2018-12-17T22:33:45.435871675Z 62 PC: 12ba3 | Close file
2018-12-17T22:33:45.444870388Z 79 PC: 12aa7 | Find next file
2018-12-17T22:33:45.447763368Z 67 PC: 12b1d | Get or set file attributes
2018-12-17T22:33:45.459323862Z 61 PC: 12b23 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:33:45.479290058Z 87 PC: 12b29 | Get or set file date and time
2018-12-17T22:33:45.480822653Z 63 PC: 12b36 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:33:45.487231612Z 87 PC: 12b9f | Get or set file date and time
2018-12-17T22:33:45.490071078Z 62 PC: 12ba3 | Close file
2018-12-17T22:33:45.497562479Z 79 PC: 12aa7 | Find next file
2018-12-17T22:33:45.500464016Z 67 PC: 12b1d | Get or set file attributes
2018-12-17T22:33:45.51101477Z 61 PC: 12b23 | Open file (Filename = 'PAH.COM')
2018-12-17T22:33:45.518166836Z 87 PC: 12b29 | Get or set file date and time
2018-12-17T22:33:45.519901751Z 63 PC: 12b36 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:33:45.526524959Z 87 PC: 12b9f | Get or set file date and time
2018-12-17T22:33:45.529368189Z 62 PC: 12ba3 | Close file
2018-12-17T22:33:45.53671314Z 79 PC: 12aa7 | Find next file
2018-12-17T22:33:45.540369559Z 67 PC: 12b1d | Get or set file attributes
2018-12-17T22:33:45.551173725Z 61 PC: 12b23 | Open file (Filename = 'TEST.COM')
2018-12-17T22:33:45.558070505Z 87 PC: 12b29 | Get or set file date and time
2018-12-17T22:33:45.559718319Z 63 PC: 12b36 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:33:45.56755563Z 87 PC: 12b9f | Get or set file date and time
2018-12-17T22:33:45.569195807Z 62 PC: 12ba3 | Close file
2018-12-17T22:33:45.590472567Z 79 PC: 12aa7 | Find next file
2018-12-17T22:33:45.593641633Z 59 PC: 12ab1 | Change current directory
2018-12-17T22:33:45.598046347Z 42 PC: 12ab7 | Get date 0x12ab7: cmp al, 6
0x12ab9: je 0x12ac7
0x12abb: cmp al, 0
0x12abd: je 0x12ac7
0x12abf: mov dx, 0x80
0x12ac2: mov ah, 0x1a
0x12ac4: int 0x21
0x12ac6: ret
0x12ac7: mov ah, 0xe
0x12ac9: mov dl, 2
0x12acb: int 0x21
0x12acd: mov ah, 0x3b
0x12acf: lea dx, word ptr [bp + 0x291]
0x12ad3: int 0x21
0x12ad5: mov ah, 0x4e
0x12ad7: lea dx, word ptr [bp + 0x293]
0x12adb: mov cx, 3
0x12ade: int 0x21
0x12ae0: jb 0x12abf
0x12ae2: lea dx, word ptr [bp + 0x2c8]
2018-12-17T22:33:45.600435487Z 26 PC: 12ac6 | Set disk transfer address

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":6043,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:58:17.409067716Z 26 PC: 12a9c | Set disk transfer address
2018-12-25T11:58:17.410562308Z 78 PC: 12aa7 | Find first file
2018-12-25T11:58:17.417115854Z 67 PC: 12b1d | Get or set file attributes
2018-12-25T11:58:17.434421474Z 61 PC: 12b23 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:58:17.442007882Z 87 PC: 12b29 | Get or set file date and time
2018-12-25T11:58:17.44359285Z 63 PC: 12b36 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:58:17.451687115Z 87 PC: 12b9f | Get or set file date and time
2018-12-25T11:58:17.453309975Z 62 PC: 12ba3 | Close file
2018-12-25T11:58:17.462517871Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T11:58:17.465320695Z 67 PC: 12b1d | Get or set file attributes (See above)
2018-12-25T11:58:17.476205406Z 61 PC: 12b23 | Open file (See above)
2018-12-25T11:58:17.486478023Z 87 PC: 12b29 | Get or set file date and time (See above)
2018-12-25T11:58:17.488438061Z 63 PC: 12b36 | Read file or device (See above)
2018-12-25T11:58:17.495820879Z 87 PC: 12b9f | Get or set file date and time (See above)
2018-12-25T11:58:17.498169089Z 62 PC: 12ba3 | Close file (See above)
2018-12-25T11:58:17.506500446Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T11:58:17.509457256Z 67 PC: 12b1d | Get or set file attributes (See above)
2018-12-25T11:58:17.52259768Z 61 PC: 12b23 | Open file (See above)
2018-12-25T11:58:17.530031295Z 87 PC: 12b29 | Get or set file date and time (See above)
2018-12-25T11:58:17.536734652Z 63 PC: 12b36 | Read file or device (See above)
2018-12-25T11:58:17.544173743Z 87 PC: 12b9f | Get or set file date and time (See above)
2018-12-25T11:58:17.546257432Z 62 PC: 12ba3 | Close file (See above)
2018-12-25T11:58:17.55416048Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T11:58:17.55707294Z 67 PC: 12b1d | Get or set file attributes (See above)
2018-12-25T11:58:17.569228644Z 61 PC: 12b23 | Open file (See above)
2018-12-25T11:58:17.577044334Z 87 PC: 12b29 | Get or set file date and time (See above)
2018-12-25T11:58:17.578993952Z 63 PC: 12b36 | Read file or device (See above)
2018-12-25T11:58:17.58680751Z 87 PC: 12b9f | Get or set file date and time (See above)
2018-12-25T11:58:17.589532324Z 62 PC: 12ba3 | Close file (See above)
2018-12-25T11:58:17.597837559Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T11:58:17.602061761Z 67 PC: 12b1d | Get or set file attributes (See above)
2018-12-25T11:58:17.612929425Z 61 PC: 12b23 | Open file (See above)
2018-12-25T11:58:17.62020148Z 87 PC: 12b29 | Get or set file date and time (See above)
2018-12-25T11:58:17.622075095Z 63 PC: 12b36 | Read file or device (See above)
2018-12-25T11:58:17.629074639Z 87 PC: 12b9f | Get or set file date and time (See above)
2018-12-25T11:58:17.630597739Z 62 PC: 12ba3 | Close file (See above)
2018-12-25T11:58:17.638808197Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T11:58:17.64161965Z 67 PC: 12b1d | Get or set file attributes (See above)
2018-12-25T11:58:17.653714477Z 61 PC: 12b23 | Open file (See above)
2018-12-25T11:58:17.661497759Z 87 PC: 12b29 | Get or set file date and time (See above)
2018-12-25T11:58:17.66322917Z 63 PC: 12b36 | Read file or device (See above)
2018-12-25T11:58:17.670477284Z 87 PC: 12b9f | Get or set file date and time (See above)
2018-12-25T11:58:17.672845426Z 62 PC: 12ba3 | Close file (See above)
2018-12-25T11:58:17.681241034Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T11:58:17.684270509Z 67 PC: 12b1d | Get or set file attributes (See above)
2018-12-25T11:58:17.695490435Z 61 PC: 12b23 | Open file (See above)
2018-12-25T11:58:17.703543353Z 87 PC: 12b29 | Get or set file date and time (See above)
2018-12-25T11:58:17.705058147Z 63 PC: 12b36 | Read file or device (See above)
2018-12-25T11:58:17.712216926Z 87 PC: 12b9f | Get or set file date and time (See above)
2018-12-25T11:58:17.714323901Z 62 PC: 12ba3 | Close file (See above)
2018-12-25T11:58:17.725530227Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T11:58:17.728973288Z 67 PC: 12b1d | Get or set file attributes (See above)
2018-12-25T11:58:17.740775645Z 61 PC: 12b23 | Open file (See above)
2018-12-25T11:58:17.748139002Z 87 PC: 12b29 | Get or set file date and time (See above)
2018-12-25T11:58:17.749633328Z 63 PC: 12b36 | Read file or device (See above)
2018-12-25T11:58:17.760304521Z 87 PC: 12b9f | Get or set file date and time (See above)
2018-12-25T11:58:17.762135983Z 62 PC: 12ba3 | Close file (See above)
2018-12-25T11:58:17.770120877Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T11:58:17.773569035Z 59 PC: 12ab1 | Change current directory
2018-12-25T11:58:17.778268161Z 42 PC: 12ab7 | Get date 0x12ab7: cmp al, 6
0x12ab9: je 0x12ac7
0x12abb: cmp al, 0
0x12abd: je 0x12ac7
0x12abf: mov dx, 0x80
0x12ac2: mov ah, 0x1a
0x12ac4: int 0x21
0x12ac6: ret
0x12ac7: mov ah, 0xe
0x12ac9: mov dl, 2
0x12acb: int 0x21
0x12acd: mov ah, 0x3b
0x12acf: lea dx, word ptr [bp + 0x291]
0x12ad3: int 0x21
0x12ad5: mov ah, 0x4e
0x12ad7: lea dx, word ptr [bp + 0x293]
0x12adb: mov cx, 3
0x12ade: int 0x21
0x12ae0: jb 0x12abf
0x12ae2: lea dx, word ptr [bp + 0x2c8]
2018-12-25T11:58:17.781180315Z 26 PC: 12ac6 | Set disk transfer address

{"DateBased":true,"Day":5,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":6043,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T13:06:58.518997533Z 26 PC: 12a9c | Set disk transfer address
2018-12-25T13:06:58.521410327Z 78 PC: 12aa7 | Find first file
2018-12-25T13:06:58.532454354Z 67 PC: 12b1d | Get or set file attributes
2018-12-25T13:06:58.556873108Z 61 PC: 12b23 | Open file (Filename = 'SLEEP.COM')
2018-12-25T13:06:58.564480558Z 87 PC: 12b29 | Get or set file date and time
2018-12-25T13:06:58.566488909Z 63 PC: 12b36 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T13:06:58.574952394Z 87 PC: 12b9f | Get or set file date and time
2018-12-25T13:06:58.577134706Z 62 PC: 12ba3 | Close file
2018-12-25T13:06:58.586630746Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T13:06:58.590010106Z 67 PC: 12b1d | Get or set file attributes (See above)
2018-12-25T13:06:58.602170433Z 61 PC: 12b23 | Open file (See above)
2018-12-25T13:06:58.611454531Z 87 PC: 12b29 | Get or set file date and time (See above)
2018-12-25T13:06:58.613947156Z 63 PC: 12b36 | Read file or device (See above)
2018-12-25T13:06:58.621715813Z 87 PC: 12b9f | Get or set file date and time (See above)
2018-12-25T13:06:58.624818461Z 62 PC: 12ba3 | Close file (See above)
2018-12-25T13:06:58.633579413Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T13:06:58.636926035Z 67 PC: 12b1d | Get or set file attributes (See above)
2018-12-25T13:06:58.648333217Z 61 PC: 12b23 | Open file (See above)
2018-12-25T13:06:58.657476499Z 87 PC: 12b29 | Get or set file date and time (See above)
2018-12-25T13:06:58.659639902Z 63 PC: 12b36 | Read file or device (See above)
2018-12-25T13:06:58.667793935Z 87 PC: 12b9f | Get or set file date and time (See above)
2018-12-25T13:06:58.671369235Z 62 PC: 12ba3 | Close file (See above)
2018-12-25T13:06:58.679630015Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T13:06:58.682751964Z 67 PC: 12b1d | Get or set file attributes (See above)
2018-12-25T13:06:58.694472781Z 61 PC: 12b23 | Open file (See above)
2018-12-25T13:06:58.708527947Z 87 PC: 12b29 | Get or set file date and time (See above)
2018-12-25T13:06:58.710603689Z 63 PC: 12b36 | Read file or device (See above)
2018-12-25T13:06:58.7192596Z 87 PC: 12b9f | Get or set file date and time (See above)
2018-12-25T13:06:58.721373619Z 62 PC: 12ba3 | Close file (See above)
2018-12-25T13:06:58.729505046Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T13:06:58.732828414Z 67 PC: 12b1d | Get or set file attributes (See above)
2018-12-25T13:06:58.74520044Z 61 PC: 12b23 | Open file (See above)
2018-12-25T13:06:58.752876725Z 87 PC: 12b29 | Get or set file date and time (See above)
2018-12-25T13:06:58.754773786Z 63 PC: 12b36 | Read file or device (See above)
2018-12-25T13:06:58.762741478Z 87 PC: 12b9f | Get or set file date and time (See above)
2018-12-25T13:06:58.764822698Z 62 PC: 12ba3 | Close file (See above)
2018-12-25T13:06:58.773076843Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T13:06:58.777071668Z 67 PC: 12b1d | Get or set file attributes (See above)
2018-12-25T13:06:58.788447157Z 61 PC: 12b23 | Open file (See above)
2018-12-25T13:06:58.796337424Z 87 PC: 12b29 | Get or set file date and time (See above)
2018-12-25T13:06:58.799196119Z 63 PC: 12b36 | Read file or device (See above)
2018-12-25T13:06:58.80690289Z 87 PC: 12b9f | Get or set file date and time (See above)
2018-12-25T13:06:58.809857425Z 62 PC: 12ba3 | Close file (See above)
2018-12-25T13:06:58.819028363Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T13:06:58.822874874Z 67 PC: 12b1d | Get or set file attributes (See above)
2018-12-25T13:06:58.834201358Z 61 PC: 12b23 | Open file (See above)
2018-12-25T13:06:58.842887522Z 87 PC: 12b29 | Get or set file date and time (See above)
2018-12-25T13:06:58.845311673Z 63 PC: 12b36 | Read file or device (See above)
2018-12-25T13:06:58.852993214Z 87 PC: 12b9f | Get or set file date and time (See above)
2018-12-25T13:06:58.855189239Z 62 PC: 12ba3 | Close file (See above)
2018-12-25T13:06:58.864701316Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T13:06:58.86813146Z 67 PC: 12b1d | Get or set file attributes (See above)
2018-12-25T13:06:58.87997984Z 61 PC: 12b23 | Open file (See above)
2018-12-25T13:06:58.889055943Z 87 PC: 12b29 | Get or set file date and time (See above)
2018-12-25T13:06:58.891174672Z 63 PC: 12b36 | Read file or device (See above)
2018-12-25T13:06:58.894644956Z 87 PC: 12b9f | Get or set file date and time (See above)
2018-12-25T13:06:58.897657523Z 62 PC: 12ba3 | Close file (See above)
2018-12-25T13:06:59.22232285Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T13:06:59.225243601Z 59 PC: 12ab1 | Change current directory
2018-12-25T13:06:59.230713068Z 42 PC: 12ab7 | Get date 0x12ab7: cmp al, 6
0x12ab9: je 0x12ac7
0x12abb: cmp al, 0
0x12abd: je 0x12ac7
0x12abf: mov dx, 0x80
0x12ac2: mov ah, 0x1a
0x12ac4: int 0x21
0x12ac6: ret
0x12ac7: mov ah, 0xe
0x12ac9: mov dl, 2
0x12acb: int 0x21
0x12acd: mov ah, 0x3b
0x12acf: lea dx, word ptr [bp + 0x291]
0x12ad3: int 0x21
0x12ad5: mov ah, 0x4e
0x12ad7: lea dx, word ptr [bp + 0x293]
0x12adb: mov cx, 3
0x12ade: int 0x21
0x12ae0: jb 0x12abf
0x12ae2: lea dx, word ptr [bp + 0x2c8]
2018-12-25T13:06:59.233247656Z 14 PC: 12acd | Set default drive (Drive = 'C')
2018-12-25T13:06:59.234675862Z 59 PC: 12ad5 | Change current directory
2018-12-25T13:06:59.239174657Z 78 PC: 12ae0 | Find first file
2018-12-25T13:06:59.246898884Z 67 PC: 12aee | Get or set file attributes
2018-12-25T13:06:59.613609047Z 61 PC: 12af3 | Open file (Filename = 'AUTOEXEC.BAT')
2018-12-25T13:06:59.621474033Z 66 PC: 12bb0 | Move file pointer
2018-12-25T13:06:59.624002104Z 64 PC: 12b02 | Write file or device (Write 29 bytes on handle 5)
2018-12-25T13:06:59.627261781Z 67 PC: 12b0b | Get or set file attributes
2018-12-25T13:06:59.637605763Z 62 PC: 12b0f | Close file
2018-12-25T13:06:59.646889126Z 26 PC: 12ac6 | Set disk transfer address

{"DateBased":true,"Day":6,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":6043,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:58:17.818683899Z 26 PC: 12a9c | Set disk transfer address
2018-12-25T11:58:17.820697703Z 78 PC: 12aa7 | Find first file
2018-12-25T11:58:17.826275878Z 67 PC: 12b1d | Get or set file attributes
2018-12-25T11:58:17.840206925Z 61 PC: 12b23 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:58:17.844836848Z 87 PC: 12b29 | Get or set file date and time
2018-12-25T11:58:17.846652937Z 63 PC: 12b36 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:58:17.854106287Z 87 PC: 12b9f | Get or set file date and time
2018-12-25T11:58:17.855808117Z 62 PC: 12ba3 | Close file
2018-12-25T11:58:17.864191363Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T11:58:17.867054644Z 67 PC: 12b1d | Get or set file attributes (See above)
2018-12-25T11:58:17.8781887Z 61 PC: 12b23 | Open file (See above)
2018-12-25T11:58:17.885776233Z 87 PC: 12b29 | Get or set file date and time (See above)
2018-12-25T11:58:17.888710491Z 63 PC: 12b36 | Read file or device (See above)
2018-12-25T11:58:17.908762197Z 87 PC: 12b9f | Get or set file date and time (See above)
2018-12-25T11:58:17.911094688Z 62 PC: 12ba3 | Close file (See above)
2018-12-25T11:58:17.919626883Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T11:58:17.92280657Z 67 PC: 12b1d | Get or set file attributes (See above)
2018-12-25T11:58:17.934435406Z 61 PC: 12b23 | Open file (See above)
2018-12-25T11:58:17.94195499Z 87 PC: 12b29 | Get or set file date and time (See above)
2018-12-25T11:58:17.943455007Z 63 PC: 12b36 | Read file or device (See above)
2018-12-25T11:58:17.951849028Z 87 PC: 12b9f | Get or set file date and time (See above)
2018-12-25T11:58:17.954339941Z 62 PC: 12ba3 | Close file (See above)
2018-12-25T11:58:17.96635121Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T11:58:17.969625913Z 67 PC: 12b1d | Get or set file attributes (See above)
2018-12-25T11:58:17.982050993Z 61 PC: 12b23 | Open file (See above)
2018-12-25T11:58:17.989567051Z 87 PC: 12b29 | Get or set file date and time (See above)
2018-12-25T11:58:17.991503267Z 63 PC: 12b36 | Read file or device (See above)
2018-12-25T11:58:18.00089463Z 87 PC: 12b9f | Get or set file date and time (See above)
2018-12-25T11:58:18.003232013Z 62 PC: 12ba3 | Close file (See above)
2018-12-25T11:58:18.012006436Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T11:58:18.018212583Z 67 PC: 12b1d | Get or set file attributes (See above)
2018-12-25T11:58:18.030286601Z 61 PC: 12b23 | Open file (See above)
2018-12-25T11:58:18.038562698Z 87 PC: 12b29 | Get or set file date and time (See above)
2018-12-25T11:58:18.041527602Z 63 PC: 12b36 | Read file or device (See above)
2018-12-25T11:58:18.04958213Z 87 PC: 12b9f | Get or set file date and time (See above)
2018-12-25T11:58:18.051721683Z 62 PC: 12ba3 | Close file (See above)
2018-12-25T11:58:18.060757384Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T11:58:18.068667394Z 67 PC: 12b1d | Get or set file attributes (See above)
2018-12-25T11:58:18.080060926Z 61 PC: 12b23 | Open file (See above)
2018-12-25T11:58:18.089877812Z 87 PC: 12b29 | Get or set file date and time (See above)
2018-12-25T11:58:18.092552193Z 63 PC: 12b36 | Read file or device (See above)
2018-12-25T11:58:18.100945179Z 87 PC: 12b9f | Get or set file date and time (See above)
2018-12-25T11:58:18.102946191Z 62 PC: 12ba3 | Close file (See above)
2018-12-25T11:58:18.112114266Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T11:58:18.115748526Z 67 PC: 12b1d | Get or set file attributes (See above)
2018-12-25T11:58:18.127096621Z 61 PC: 12b23 | Open file (See above)
2018-12-25T11:58:18.135690208Z 87 PC: 12b29 | Get or set file date and time (See above)
2018-12-25T11:58:18.138120863Z 63 PC: 12b36 | Read file or device (See above)
2018-12-25T11:58:18.145923406Z 87 PC: 12b9f | Get or set file date and time (See above)
2018-12-25T11:58:18.148619577Z 62 PC: 12ba3 | Close file (See above)
2018-12-25T11:58:18.158090135Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T11:58:18.161435452Z 67 PC: 12b1d | Get or set file attributes (See above)
2018-12-25T11:58:18.174431539Z 61 PC: 12b23 | Open file (See above)
2018-12-25T11:58:18.182351452Z 87 PC: 12b29 | Get or set file date and time (See above)
2018-12-25T11:58:18.184032355Z 63 PC: 12b36 | Read file or device (See above)
2018-12-25T11:58:18.188235898Z 87 PC: 12b9f | Get or set file date and time (See above)
2018-12-25T11:58:18.190624891Z 62 PC: 12ba3 | Close file (See above)
2018-12-25T11:58:18.198900765Z 79 PC: 12aa7 | Find next file (See above)
2018-12-25T11:58:18.202037947Z 59 PC: 12ab1 | Change current directory
2018-12-25T11:58:18.208331756Z 42 PC: 12ab7 | Get date 0x12ab7: cmp al, 6
0x12ab9: je 0x12ac7
0x12abb: cmp al, 0
0x12abd: je 0x12ac7
0x12abf: mov dx, 0x80
0x12ac2: mov ah, 0x1a
0x12ac4: int 0x21
0x12ac6: ret
0x12ac7: mov ah, 0xe
0x12ac9: mov dl, 2
0x12acb: int 0x21
0x12acd: mov ah, 0x3b
0x12acf: lea dx, word ptr [bp + 0x291]
0x12ad3: int 0x21
0x12ad5: mov ah, 0x4e
0x12ad7: lea dx, word ptr [bp + 0x293]
0x12adb: mov cx, 3
0x12ade: int 0x21
0x12ae0: jb 0x12abf
0x12ae2: lea dx, word ptr [bp + 0x2c8]
2018-12-25T11:58:18.211191406Z 14 PC: 12acd | Set default drive (Drive = 'C')
2018-12-25T11:58:18.213076018Z 59 PC: 12ad5 | Change current directory
2018-12-25T11:58:18.217625476Z 78 PC: 12ae0 | Find first file
2018-12-25T11:58:18.223923825Z 67 PC: 12aee | Get or set file attributes
2018-12-25T11:58:18.566657216Z 61 PC: 12af3 | Open file (Filename = 'AUTOEXEC.BAT')
2018-12-25T11:58:18.575312564Z 66 PC: 12bb0 | Move file pointer
2018-12-25T11:58:18.5774693Z 64 PC: 12b02 | Write file or device (Write 29 bytes on handle 5)
2018-12-25T11:58:18.584927776Z 67 PC: 12b0b | Get or set file attributes
2018-12-25T11:58:18.597943759Z 62 PC: 12b0f | Close file
2018-12-25T11:58:18.617732642Z 26 PC: 12ac6 | Set disk transfer address