Sample viewer

vx.netlux.org/Virus.DOS.Tanya.2000.d

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T21:51:00.797233406Z 42 PC: 1315d | Get date 0x1315d: cmp dh, 9
0x13160: je 0x13164
0x13162: jmp 0x13171
0x13164: mov ah, 9
0x13166: lea dx, word ptr [bx + 0x54b]
0x1316a: int 0x21
0x1316c: mov ax, 0x4c00
0x1316f: int 0x21
0x13171: cmp al, 1
0x13173: jne 0x1317d
0x13175: mov ah, 9
0x13177: lea dx, word ptr [bx + 0x583]
0x1317b: int 0x21
0x1317d: popaw
0x1317e: ret
0x1317f: xchg ax, cx
0x13180: test al, 0xef
0x13182: and byte ptr [bx - 0x5120], ch
0x13186: mov word ptr [0xa0e0], ax
0x13189: lodsb al, byte ptr [si]
2018-12-17T21:51:00.816302467Z 9 PC: 1317d | Display string (String= ' ��� ���� ����, ��⨩ ����, � �⢥�⮬� - �� ���� ! ')
2018-12-17T21:51:00.834913007Z 53 PC: 12cb6 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:51:00.836344597Z 37 PC: 12ccc | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:51:00.841767381Z 26 PC: 12cd6 | Set disk transfer address
2018-12-17T21:51:00.843035165Z 78 PC: 13106 | Find first file
2018-12-17T21:51:00.848635456Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:00.853769662Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:01.193975572Z 61 PC: 12df4 | Open file (Filename = 'C:\DOS\EDIT.COM')
2018-12-17T21:51:01.201307071Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:01.203292061Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.204665867Z 63 PC: 12ff0 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T21:51:01.210025412Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.213545491Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.214920447Z 64 PC: 12ff0 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T21:51:01.224421049Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.226132723Z 64 PC: 12ff0 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T21:51:01.231794098Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:01.233098708Z 62 PC: 12ff0 | Close file
2018-12-17T21:51:01.240345871Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:01.251602618Z 79 PC: 13115 | Find next file
2018-12-17T21:51:01.255399804Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:01.261379171Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:01.271672944Z 61 PC: 12df4 | Open file (Filename = 'C:\DOS\FORMAT.COM')
2018-12-17T21:51:01.278941468Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:01.280265354Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.282019652Z 63 PC: 12ff0 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T21:51:01.287506868Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.289776993Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.29177261Z 64 PC: 12ff0 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T21:51:01.300339428Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.301698077Z 64 PC: 12ff0 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T21:51:01.305417047Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:01.307040698Z 62 PC: 12ff0 | Close file
2018-12-17T21:51:01.315271173Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:01.333925584Z 79 PC: 13115 | Find next file
2018-12-17T21:51:01.3360504Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:01.339909869Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:01.346796333Z 61 PC: 12df4 | Open file (Filename = 'C:\DOS\KEYB.COM')
2018-12-17T21:51:01.353506493Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:01.355132803Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.357101206Z 63 PC: 12ff0 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T21:51:01.363019384Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.365652254Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.367367545Z 64 PC: 12ff0 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T21:51:01.377169026Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.378761224Z 64 PC: 12ff0 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T21:51:01.381876591Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:01.384231906Z 62 PC: 12ff0 | Close file
2018-12-17T21:51:01.391742418Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:01.401288949Z 79 PC: 13115 | Find next file
2018-12-17T21:51:01.409714456Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:01.416495981Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:01.427000252Z 61 PC: 12df4 | Open file (Filename = 'C:\DOS\SYS.COM')
2018-12-17T21:51:01.434764581Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:01.436249281Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.437520443Z 63 PC: 12ff0 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T21:51:01.444134181Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.446142636Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.448037716Z 64 PC: 12ff0 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T21:51:01.458842085Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.460145629Z 64 PC: 12ff0 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T21:51:01.46238125Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:01.464005005Z 62 PC: 12ff0 | Close file
2018-12-17T21:51:01.46973056Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:01.476768949Z 79 PC: 13115 | Find next file
2018-12-17T21:51:01.482161686Z 78 PC: 1312f | Find first file
2018-12-17T21:51:01.48874243Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:01.494709101Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:01.505017407Z 61 PC: 12df4 | Open file (Filename = 'C:\DOS\ATTRIB.EXE')
2018-12-17T21:51:01.511748174Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:01.513569271Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.515551059Z 63 PC: 12ff0 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T21:51:01.52200796Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.524226811Z 64 PC: 12ff0 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T21:51:01.536308767Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.53774977Z 64 PC: 12ff0 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T21:51:01.540496696Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:01.542721766Z 62 PC: 12ff0 | Close file
2018-12-17T21:51:01.549863618Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:01.559447201Z 79 PC: 1313e | Find next file
2018-12-17T21:51:01.563512124Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:01.56959434Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:01.578881091Z 61 PC: 12df4 | Open file (Filename = 'C:\DOS\CHKDSK.EXE')
2018-12-17T21:51:01.586283768Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:01.587837577Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.59015644Z 63 PC: 12ff0 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T21:51:01.597831386Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.599342833Z 64 PC: 12ff0 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T21:51:01.608341558Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.611052693Z 64 PC: 12ff0 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T21:51:01.614078188Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:01.616016071Z 62 PC: 12ff0 | Close file
2018-12-17T21:51:01.623766233Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:01.633872381Z 79 PC: 1313e | Find next file
2018-12-17T21:51:01.636914652Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:01.64415618Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:01.656701339Z 61 PC: 12df4 | Open file (Filename = 'C:\DOS\DEBUG.EXE')
2018-12-17T21:51:01.664070727Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:01.666562494Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.667904126Z 63 PC: 12ff0 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T21:51:01.674418055Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.677124697Z 64 PC: 12ff0 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T21:51:01.685907194Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.687245922Z 64 PC: 12ff0 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T21:51:01.6902539Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:01.692414828Z 62 PC: 12ff0 | Close file
2018-12-17T21:51:01.699333369Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:01.708990296Z 79 PC: 1313e | Find next file
2018-12-17T21:51:01.712770399Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:01.71864477Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:01.731146499Z 61 PC: 12df4 | Open file (Filename = 'C:\DOS\EXPAND.EXE')
2018-12-17T21:51:01.73809443Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:01.739688709Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.741575607Z 63 PC: 12ff0 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T21:51:01.747929909Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.749194631Z 64 PC: 12ff0 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T21:51:01.757521116Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.759272745Z 64 PC: 12ff0 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T21:51:01.761835699Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:01.763853226Z 62 PC: 12ff0 | Close file
2018-12-17T21:51:01.77073331Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:01.780505325Z 79 PC: 1313e | Find next file
2018-12-17T21:51:01.784406332Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:01.791045933Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:01.800626221Z 61 PC: 12df4 | Open file (Filename = 'C:\DOS\FDISK.EXE')
2018-12-17T21:51:01.807446429Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:01.808634882Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.809875584Z 63 PC: 12ff0 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T21:51:01.816510852Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.818319475Z 64 PC: 12ff0 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T21:51:01.825798486Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.827311531Z 64 PC: 12ff0 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T21:51:01.829234531Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:01.830629252Z 62 PC: 12ff0 | Close file
2018-12-17T21:51:01.837969516Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:01.847212152Z 79 PC: 1313e | Find next file
2018-12-17T21:51:01.850055883Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:01.862212685Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:01.871569123Z 61 PC: 12df4 | Open file (Filename = 'C:\DOS\MEM.EXE')
2018-12-17T21:51:01.878110181Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:01.880019452Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.881952711Z 63 PC: 12ff0 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T21:51:01.888286681Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.890228286Z 64 PC: 12ff0 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T21:51:01.898611297Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.900046751Z 64 PC: 12ff0 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T21:51:01.90379193Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:01.905894969Z 62 PC: 12ff0 | Close file
2018-12-17T21:51:01.913286465Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:01.923271109Z 79 PC: 1313e | Find next file
2018-12-17T21:51:01.930338815Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:01.946060509Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:01.96299884Z 61 PC: 12df4 | Open file (Filename = 'C:\DOS\NLSFUNC.EXE')
2018-12-17T21:51:01.978671467Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:01.980039646Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.981589135Z 63 PC: 12ff0 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T21:51:01.98895925Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:01.990354641Z 64 PC: 12ff0 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T21:51:02.320532235Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:02.323200478Z 64 PC: 12ff0 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T21:51:02.326666916Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:02.330595205Z 62 PC: 12ff0 | Close file
2018-12-17T21:51:02.337900564Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:02.348209578Z 79 PC: 1313e | Find next file
2018-12-17T21:51:02.352244219Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:02.360133878Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:02.374429987Z 61 PC: 12df4 | Open file (Filename = 'C:\DOS\QBASIC.EXE')
2018-12-17T21:51:02.381653918Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:02.384536348Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:02.386315977Z 63 PC: 12ff0 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T21:51:02.393656306Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:02.396138781Z 64 PC: 12ff0 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T21:51:02.404711763Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:02.406478059Z 64 PC: 12ff0 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T21:51:02.41039636Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:02.4123789Z 62 PC: 12ff0 | Close file
2018-12-17T21:51:02.419784931Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:02.433469519Z 79 PC: 1313e | Find next file
2018-12-17T21:51:02.436743988Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:02.443174725Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:02.453163631Z 61 PC: 12df4 | Open file (Filename = 'C:\DOS\REPLACE.EXE')
2018-12-17T21:51:02.460826966Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:02.462231094Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:02.465060488Z 63 PC: 12ff0 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T21:51:02.471510363Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:02.472915493Z 64 PC: 12ff0 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T21:51:02.48200826Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:02.483575917Z 64 PC: 12ff0 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T21:51:02.486554578Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:02.488915475Z 62 PC: 12ff0 | Close file
2018-12-17T21:51:02.496852327Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:02.507445387Z 79 PC: 1313e | Find next file
2018-12-17T21:51:02.510976848Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:02.516890619Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:02.532814995Z 61 PC: 12df4 | Open file (Filename = 'C:\DOS\RESTORE.EXE')
2018-12-17T21:51:02.540863291Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:02.542536797Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:02.544407088Z 63 PC: 12ff0 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T21:51:02.55172887Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:02.553052657Z 64 PC: 12ff0 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T21:51:02.561859649Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:02.564560466Z 64 PC: 12ff0 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T21:51:02.567920967Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:02.569578555Z 62 PC: 12ff0 | Close file
2018-12-17T21:51:02.577347693Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:02.587428871Z 79 PC: 1313e | Find next file
2018-12-17T21:51:02.592429683Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:02.599062576Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:02.608821496Z 61 PC: 12df4 | Open file (Filename = 'C:\DOS\SCANDISK.EXE')
2018-12-17T21:51:02.616431751Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:02.618179705Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:02.619639988Z 63 PC: 12ff0 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T21:51:02.626735076Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:02.628302721Z 62 PC: 12ff0 | Close file
2018-12-17T21:51:02.634526357Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:02.64513583Z 79 PC: 1313e | Find next file
2018-12-17T21:51:02.648086131Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:02.654031192Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:02.664914945Z 61 PC: 12df4 | Open file (Filename = 'C:\DOS\SETUP.EXE')
2018-12-17T21:51:02.671674907Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:02.672929776Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:02.67505472Z 63 PC: 12ff0 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T21:51:02.681351958Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:02.682622432Z 64 PC: 12ff0 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T21:51:02.691639535Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:02.692933968Z 64 PC: 12ff0 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T21:51:02.69627424Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:02.698520732Z 62 PC: 12ff0 | Close file
2018-12-17T21:51:02.707702684Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:02.71732509Z 79 PC: 1313e | Find next file
2018-12-17T21:51:02.720653926Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:02.727819113Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:02.737387692Z 61 PC: 12df4 | Open file (Filename = 'C:\DOS\XCOPY.EXE')
2018-12-17T21:51:02.74419166Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:02.74545739Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:02.746711505Z 63 PC: 12ff0 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T21:51:02.753100011Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:02.75437162Z 64 PC: 12ff0 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T21:51:02.770915181Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:02.772413193Z 64 PC: 12ff0 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T21:51:02.77508921Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:02.776934785Z 62 PC: 12ff0 | Close file
2018-12-17T21:51:02.784128158Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:02.794203022Z 79 PC: 1313e | Find next file
2018-12-17T21:51:02.797612691Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:02.803444605Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:02.812704854Z 61 PC: 12df4 | Open file (Filename = 'C:\DOS\DEFRAG.EXE')
2018-12-17T21:51:02.820012775Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:02.821400088Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:02.822691574Z 63 PC: 12ff0 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T21:51:02.828609086Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:02.830095287Z 62 PC: 12ff0 | Close file
2018-12-17T21:51:02.835844177Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:02.846170934Z 79 PC: 1313e | Find next file
2018-12-17T21:51:02.852766934Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:02.85860121Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:02.868482578Z 61 PC: 12df4 | Open file (Filename = 'C:\DOS\EMM386.EXE')
2018-12-17T21:51:02.875289051Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:02.876561955Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:02.87854388Z 63 PC: 12ff0 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T21:51:02.884808154Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:02.886124237Z 64 PC: 12ff0 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T21:51:02.89497601Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:02.896246798Z 64 PC: 12ff0 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T21:51:02.898984344Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:02.901193248Z 62 PC: 12ff0 | Close file
2018-12-17T21:51:02.908150317Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:02.918537331Z 79 PC: 1313e | Find next file
2018-12-17T21:51:02.921815982Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:02.927870256Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:02.938032448Z 61 PC: 12df4 | Open file (Filename = 'C:\DOS\MSCDEX.EXE')
2018-12-17T21:51:02.944853969Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:02.946229207Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:02.948232641Z 63 PC: 12ff0 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T21:51:02.954911589Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:02.956185681Z 64 PC: 12ff0 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T21:51:02.964910414Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:02.966443005Z 64 PC: 12ff0 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T21:51:02.969137853Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:02.970922686Z 62 PC: 12ff0 | Close file
2018-12-17T21:51:02.978393612Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:02.987906943Z 79 PC: 1313e | Find next file
2018-12-17T21:51:02.991003307Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:02.996007576Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:03.004311104Z 61 PC: 12df4 | Open file (Filename = 'C:\COMMAND.COM')
2018-12-17T21:51:03.010240627Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:03.011554337Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:03.013327403Z 63 PC: 12ff0 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T21:51:03.018614069Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:03.02072673Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:03.022351677Z 64 PC: 12ff0 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T21:51:03.03072052Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:03.03178029Z 64 PC: 12ff0 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T21:51:03.033946506Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:03.035137942Z 62 PC: 12ff0 | Close file
2018-12-17T21:51:03.042008927Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:03.051059313Z 78 PC: 13106 | Find first file
2018-12-17T21:51:03.06129802Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:03.077467194Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:03.094800495Z 61 PC: 12df4 | Open file (Filename = '.\SLEEP.COM')
2018-12-17T21:51:03.102263921Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:03.104609709Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:03.106322131Z 63 PC: 12ff0 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T21:51:03.113733256Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:03.116142926Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:03.118805279Z 64 PC: 12ff0 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T21:51:03.128541065Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:03.130256605Z 64 PC: 12ff0 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T21:51:03.1373035Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:03.139033498Z 62 PC: 12ff0 | Close file
2018-12-17T21:51:03.147668219Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:03.157563738Z 79 PC: 13115 | Find next file
2018-12-17T21:51:03.160107501Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:03.168499483Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:03.178696983Z 61 PC: 12df4 | Open file (Filename = '.\PRINT.COM')
2018-12-17T21:51:03.190361697Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:03.192345435Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:03.194007712Z 63 PC: 12ff0 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T21:51:03.200196186Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:03.202936584Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:03.204339906Z 64 PC: 12ff0 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T21:51:03.212627715Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:03.214508335Z 64 PC: 12ff0 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T21:51:03.220798851Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:03.22233777Z 62 PC: 12ff0 | Close file
2018-12-17T21:51:03.230881381Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:03.240998173Z 79 PC: 13115 | Find next file
2018-12-17T21:51:03.243980785Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:03.249639436Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:03.25976863Z 61 PC: 12df4 | Open file (Filename = '.\HELLO.COM')
2018-12-17T21:51:03.266981989Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:03.268279259Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:03.269731051Z 63 PC: 12ff0 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T21:51:03.276520047Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:03.278841512Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:03.280181441Z 64 PC: 12ff0 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T21:51:03.289072008Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:03.290329123Z 64 PC: 12ff0 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T21:51:03.296999613Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:03.298579789Z 62 PC: 12ff0 | Close file
2018-12-17T21:51:03.306227655Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:03.317220917Z 79 PC: 13115 | Find next file
2018-12-17T21:51:03.319830429Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:03.325303142Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:03.33641534Z 61 PC: 12df4 | Open file (Filename = '.\PHANG.COM')
2018-12-17T21:51:03.343656059Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:03.344883495Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:03.346808556Z 63 PC: 12ff0 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T21:51:03.353024913Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:03.355556155Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:03.356986323Z 64 PC: 12ff0 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T21:51:03.365540937Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:03.36704865Z 64 PC: 12ff0 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T21:51:03.373774366Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:03.375136356Z 62 PC: 12ff0 | Close file
2018-12-17T21:51:03.383495748Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:03.394401013Z 79 PC: 13115 | Find next file
2018-12-17T21:51:03.396164045Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:03.400115455Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:03.40610885Z 61 PC: 12df4 | Open file (Filename = '.\PRINTA~1.COM')
2018-12-17T21:51:03.410921598Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:03.412140898Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:03.413318761Z 63 PC: 12ff0 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T21:51:03.42039521Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:03.422776193Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:03.424150369Z 64 PC: 12ff0 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T21:51:03.432850771Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:03.434168463Z 64 PC: 12ff0 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T21:51:03.440729983Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:03.442233738Z 62 PC: 12ff0 | Close file
2018-12-17T21:51:03.450140792Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:03.460093532Z 79 PC: 13115 | Find next file
2018-12-17T21:51:03.462686051Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:03.468142338Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:03.477921052Z 61 PC: 12df4 | Open file (Filename = '.\MANDEL.COM')
2018-12-17T21:51:03.484310981Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:03.485569515Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:03.487251525Z 63 PC: 12ff0 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T21:51:03.493258892Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:03.495369628Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:03.496785079Z 64 PC: 12ff0 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T21:51:03.505042027Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:03.506647571Z 64 PC: 12ff0 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T21:51:03.51342172Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:03.514794345Z 62 PC: 12ff0 | Close file
2018-12-17T21:51:03.52272481Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:03.532206399Z 79 PC: 13115 | Find next file
2018-12-17T21:51:03.534797272Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:03.549606513Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:03.559357067Z 61 PC: 12df4 | Open file (Filename = '.\PAH.COM')
2018-12-17T21:51:03.570539092Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:03.572333173Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:03.573690156Z 63 PC: 12ff0 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T21:51:03.58068136Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:03.587896074Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:03.589388275Z 64 PC: 12ff0 | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T21:51:03.598729879Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:03.600102848Z 64 PC: 12ff0 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T21:51:03.607182932Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:03.609938759Z 62 PC: 12ff0 | Close file
2018-12-17T21:51:03.617783537Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:03.627380073Z 79 PC: 13115 | Find next file
2018-12-17T21:51:03.63064682Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:03.636111938Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:03.646175436Z 61 PC: 12df4 | Open file (Filename = '.\TEST.COM')
2018-12-17T21:51:03.652915081Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:03.653906226Z 66 PC: 12ff0 | Move file pointer
2018-12-17T21:51:03.65562298Z 63 PC: 12ff0 | Read file or device (Read 24 bytes on handle 5)
2018-12-17T21:51:03.659908819Z 87 PC: 12ff0 | Get or set file date and time
2018-12-17T21:51:03.660871747Z 62 PC: 12ff0 | Close file
2018-12-17T21:51:03.665712716Z 67 PC: 13006 | Get or set file attributes
2018-12-17T21:51:03.672003261Z 79 PC: 13115 | Find next file
2018-12-17T21:51:03.673532923Z 78 PC: 1312f | Find first file
2018-12-17T21:51:03.67743232Z 26 PC: 12d67 | Set disk transfer address
2018-12-17T21:51:03.678174077Z 37 PC: 12d78 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:51:03.679079895Z 9 PC: 12a86 | Display string (String= 'Goat file (COM/i...). Size=000001F4h/0000000500d bytes. ')
2018-12-17T21:51:03.681494233Z 48 PC: 12a8f | Get DOS version
2018-12-17T21:51:03.682267557Z 61 PC: 12b5c | Open file (Filename = '')
2018-12-17T21:51:03.690158664Z 93 PC: 12afe | File sharing functions
2018-12-17T21:51:03.691651344Z 9 PC: 12a86 | Display string (String= 'Size change=07D0h/02000d. ')
2018-12-17T21:51:03.694768243Z 76 PC: 12ae3 | Terminate with return code (Return code = '1')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":70,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:39:49.759188053Z 42 PC: 1315d | Get date 0x1315d: cmp dh, 9
0x13160: je 0x13164
0x13162: jmp 0x13171
0x13164: mov ah, 9
0x13166: lea dx, word ptr [bx + 0x54b]
0x1316a: int 0x21
0x1316c: mov ax, 0x4c00
0x1316f: int 0x21
0x13171: cmp al, 1
0x13173: jne 0x1317d
0x13175: mov ah, 9
0x13177: lea dx, word ptr [bx + 0x583]
0x1317b: int 0x21
0x1317d: popaw
0x1317e: ret
0x1317f: xchg ax, cx
0x13180: test al, 0xef
0x13182: and byte ptr [bx - 0x5120], ch
0x13186: mov word ptr [0xa0e0], ax
0x13189: lodsb al, byte ptr [si]
2018-12-25T11:39:49.7702961Z 53 PC: 12cb6 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:39:49.771475798Z 37 PC: 12ccc | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:39:49.77267412Z 26 PC: 12cd6 | Set disk transfer address
2018-12-25T11:39:49.77423543Z 78 PC: 13106 | Find first file
2018-12-25T11:39:49.784190918Z 67 PC: 13006 | Get or set file attributes
2018-12-25T11:39:49.790533999Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.68201908Z 61 PC: 12df4 | Open file (Filename = 'C:\DOS\EDIT.COM')
2018-12-25T11:39:53.696289784Z 87 PC: 12ff0 | Get or set file date and time
2018-12-25T11:39:53.703305931Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.705133713Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:53.713950944Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.718479903Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.720437555Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:53.732952231Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.735123515Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:53.74228802Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:53.747376456Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:53.756964972Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.768333054Z 79 PC: 13115 | Find next file
2018-12-25T11:39:53.772665714Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.787296748Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.801830176Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:53.810664103Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:53.816910301Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.818668928Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:53.825196892Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.828947091Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.831038954Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:53.846513705Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.854050948Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:53.856804251Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:53.859104727Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:53.876125648Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.887808557Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:53.892165905Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.899695573Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.913081285Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:53.921760313Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:53.925536354Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.931072847Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:53.93793498Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.940757711Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.943648198Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:53.954000997Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.956090286Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:53.961234768Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:53.963773223Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:53.971694442Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.983725615Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:53.99137459Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.998182228Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.0093301Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.019233325Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.020997629Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.022953966Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.030639929Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.033793464Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.035471453Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.047202612Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.049028946Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.052521257Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.054403344Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.062502114Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.073459302Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:54.080695047Z 78 PC: 1312f | Find first file
2018-12-25T11:39:54.088265398Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.09493492Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.105601798Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.114146613Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.115586065Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.117131259Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.12560169Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.127442608Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.140953647Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.143952411Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.147399865Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.149454501Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.158679537Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.169772926Z 79 PC: 1313e | Find next file
2018-12-25T11:39:54.174445453Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.182584256Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.193882817Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.201768567Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.203665788Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.206391566Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.214211205Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.216056046Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.226593022Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.23240657Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.236307185Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.239136873Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.247822999Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.258664605Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:54.262966512Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.269842896Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.281147418Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.29119376Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.293448385Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.295010471Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.302989072Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.304856916Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.315182079Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.317343334Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.32070748Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.322566068Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.331194601Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.342009341Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:54.345562813Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.352849517Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.363866269Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.372602723Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.374391351Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.376361648Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.384683975Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.386588989Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.396626042Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.398148743Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.401415949Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.403203312Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.413449017Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.424446952Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:54.429261422Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.437907258Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.448863358Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.458134272Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.460202765Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.462218764Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.470774988Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.473183485Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.482703542Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.485520315Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.489426151Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.49150282Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.500892737Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.513162455Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:54.517189123Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.527898544Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.539484746Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.547782389Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.550106617Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.563158094Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.571968252Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.57409658Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.606162984Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.608036675Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.611808921Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.615042054Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.622988738Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.635270972Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:54.655288035Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.662693904Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.674097787Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.6834111Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.686126401Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.688195335Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.697829234Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.700207025Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.709859007Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.71268359Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.716630368Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.718723322Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.727789037Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.739555042Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:54.743526177Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.751108386Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.788708484Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.796852487Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.79888461Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.802207767Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.809990939Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.811988262Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.823819594Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.825790382Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.829355141Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.832554061Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.840935301Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.852405715Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:54.857275843Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.8648865Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.876090381Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.88484662Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.8878337Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.891231247Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.899705429Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.901641111Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.911034813Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.913903428Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.917842178Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.919933048Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.929375592Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.940852971Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:54.944928537Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.953666774Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.966705326Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.976107332Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.978488047Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.9816144Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.989561237Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.99169605Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.002832709Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.004928882Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.008683623Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.012210696Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.020180092Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.032907822Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:55.038197235Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.04530467Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.063266393Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.072654666Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.074654586Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.07662891Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.091721279Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.094215689Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.101303815Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.113990825Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:55.118244341Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.125453335Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.137587374Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.146166505Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.148234371Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.151246131Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.160328501Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.162379754Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.172388216Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.175440488Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.179043612Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.181179589Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.190830146Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.202121498Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:55.205938464Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.214434398Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.226489415Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.234728407Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.238083135Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.240136419Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.247982714Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.250957576Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.260836609Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.262872472Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.275114105Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.277321074Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.285316797Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.298417586Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:55.302130856Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.309407413Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.321666382Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.329336879Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.331104106Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.333492075Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.340220689Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.342319183Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.350356948Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.362670731Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:55.370046761Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.378396242Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.392679321Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.403330818Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.407717741Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.409797258Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.419515751Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.421796239Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.433325471Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.435303905Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.438856347Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.442052629Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.449989253Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.461135516Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:55.465788901Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.472952298Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.484474656Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.492687127Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.494966367Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.496574467Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.504274068Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.506281492Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.515811422Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.518845702Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.5224129Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.524635472Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.533718363Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.545063526Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:55.548951046Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.557305969Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.567450248Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.574507297Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.578277095Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.580190715Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.586720612Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.590643801Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.592573341Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.602608018Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.605032637Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.608511104Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.611341424Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.619900606Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.631864636Z 78 PC: 13106 | Find first file (See above)
2018-12-25T11:39:55.643326119Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.650514543Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.669256316Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.678444873Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.680824036Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.682746974Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.693322796Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.696785911Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.698901237Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.712204341Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.714064924Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.723392308Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.726538165Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.735838605Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.748045204Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:55.752565399Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.75674047Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.765356149Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.770690052Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.772553113Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.773940028Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.780075637Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.78189942Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.783172184Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.789602645Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.791028655Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.797720071Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.799895866Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.805648077Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.812783676Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:55.817031129Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.821336523Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.834400594Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.844096045Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.846321763Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.849000721Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.858512727Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.861818261Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.864148031Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.875903461Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.878150669Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.886253469Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.889372971Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.89840477Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.91090826Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:55.915802412Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.922794373Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.935159412Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.944579546Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.946664379Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.948733918Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.957744638Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.960885373Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.962934418Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.975535479Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.977620872Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.985525103Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.988884681Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.998060347Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.009137619Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:56.013184698Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.020261232Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.036086063Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:56.044783047Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:56.046429038Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.048015051Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:56.064457496Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.068843423Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.072997483Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:56.085295188Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.08751843Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:56.095928187Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:56.100106086Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:56.109227729Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.121401319Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:56.125814329Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.132731876Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.144296532Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:56.173339338Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:56.175362916Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.177729128Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:56.1874266Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.1899866Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.19170941Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:56.20322365Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.20591935Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:56.214472827Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:56.217241514Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:56.226170055Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.239137644Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:56.242821873Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.249713184Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.261815539Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:56.269794184Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:56.271835937Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.274723215Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:56.282437526Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.285528494Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.288826288Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:56.298941203Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.30096775Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:56.310046371Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:56.312172518Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:56.321125774Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.333760069Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:56.337287141Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.344258169Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.356750478Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:56.365288636Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:56.367284395Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.370531491Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:56.377807304Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:56.379771507Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:56.395042876Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.406486561Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:56.409435733Z 78 PC: 1312f | Find first file (See above)
2018-12-25T11:39:56.417005992Z 26 PC: 12d67 | Set disk transfer address
2018-12-25T11:39:56.424464202Z 37 PC: 12d78 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:39:56.426401759Z 9 PC: 12a86 | Display string (String= 'Goat file (COM/i...). Size=000001F4h/0000000500d bytes. ')
2018-12-25T11:39:56.434222664Z 48 PC: 12a8f | Get DOS version
2018-12-25T11:39:56.435927942Z 61 PC: 12b5c | Open file (Filename = '')
2018-12-25T11:39:56.444125915Z 93 PC: 12afe | File sharing functions
2018-12-25T11:39:56.446396336Z 9 PC: 12a86 | Display string (See above)
2018-12-25T11:39:56.457790979Z 76 PC: 12ae3 | Terminate with return code (Return code = '1')

{"DateBased":true,"Day":7,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":70,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:39:49.982406014Z 42 PC: 1315d | Get date 0x1315d: cmp dh, 9
0x13160: je 0x13164
0x13162: jmp 0x13171
0x13164: mov ah, 9
0x13166: lea dx, word ptr [bx + 0x54b]
0x1316a: int 0x21
0x1316c: mov ax, 0x4c00
0x1316f: int 0x21
0x13171: cmp al, 1
0x13173: jne 0x1317d
0x13175: mov ah, 9
0x13177: lea dx, word ptr [bx + 0x583]
0x1317b: int 0x21
0x1317d: popaw
0x1317e: ret
0x1317f: xchg ax, cx
0x13180: test al, 0xef
0x13182: and byte ptr [bx - 0x5120], ch
0x13186: mov word ptr [0xa0e0], ax
0x13189: lodsb al, byte ptr [si]
2018-12-25T11:39:49.985510221Z 9 PC: 1317d | Display string (String= ' ��� ���� ����, ��⨩ ����, � �⢥�⮬� - �� ���� ! ')
2018-12-25T11:39:49.993164567Z 53 PC: 12cb6 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:39:49.99512195Z 37 PC: 12ccc | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:39:49.9964204Z 26 PC: 12cd6 | Set disk transfer address
2018-12-25T11:39:49.998690809Z 78 PC: 13106 | Find first file
2018-12-25T11:39:50.008491886Z 67 PC: 13006 | Get or set file attributes
2018-12-25T11:39:50.015068007Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.686759975Z 61 PC: 12df4 | Open file (Filename = 'C:\DOS\EDIT.COM')
2018-12-25T11:39:53.695500928Z 87 PC: 12ff0 | Get or set file date and time
2018-12-25T11:39:53.697022049Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.707640828Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:53.714362943Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.717330444Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.721644463Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:53.733764034Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.735950843Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:53.744315878Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:53.746601441Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:53.75763335Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.769290246Z 79 PC: 13115 | Find next file
2018-12-25T11:39:53.774846383Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.780715059Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.79189304Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:53.802545609Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:53.80447999Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.806247357Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:53.816659143Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.81946364Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.821177541Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:53.834223354Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.836279619Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:53.839483899Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:53.849277631Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:53.859848845Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.874999693Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:53.88301593Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.890452219Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.901200965Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:53.908479486Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:53.913104983Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.914384666Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:53.919578814Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.925223791Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.926962576Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:53.938054467Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.940683507Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:53.944957805Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:53.946823737Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:53.955817134Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.967343818Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:53.974467141Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.981648035Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.993836813Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.00229841Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.004333767Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.007087215Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.011916661Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.01362853Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.015634713Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.022697385Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.024039951Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.027144252Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.028716878Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.034363078Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.042659165Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:54.048042477Z 78 PC: 1312f | Find first file
2018-12-25T11:39:54.053049921Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.057928844Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.065311067Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.07006548Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.071328931Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.072934082Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.078093611Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.090592485Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.119449469Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.121678918Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.125142075Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.127891349Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.135792377Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.147260098Z 79 PC: 1313e | Find next file
2018-12-25T11:39:54.151620743Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.158960599Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.17050989Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.180633055Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.186738566Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.189120881Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.197204437Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.199340725Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.209394021Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.211487226Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.215142523Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.217153013Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.225236106Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.237664087Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:54.242363316Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.249570663Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.262590698Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.271251541Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.273378326Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.276447457Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.284898995Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.287024019Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.297646273Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.300141124Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.303770613Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.305969485Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.315573992Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.32815689Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:54.332137469Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.340612593Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.351998374Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.360085665Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.362994705Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.365503932Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.373297342Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.376126921Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.386888737Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.38891179Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.392499343Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.395734418Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.403775479Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.415293531Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:54.42040234Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.427555886Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.438583263Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.447461076Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.449918512Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.452721841Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.461258683Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.463694789Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.473290156Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.475434535Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.479811769Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.481841277Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.4898288Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.501841083Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:54.505454796Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.512440125Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.525016207Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.53340403Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.534898526Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.537488698Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.545171295Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.547152099Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.558174749Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.560190107Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.563844055Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.566656094Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.574940629Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.58745042Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:54.595335944Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.602614247Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.613802776Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.62310224Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.625541897Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.627271132Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.636412975Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.638385304Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.648114323Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.651762073Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.65519455Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.657056087Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.666213754Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.677918481Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:54.681832101Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.689561975Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.703322072Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.711490648Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.713617047Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.715981204Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.72465318Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.726673664Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.736857726Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.738840198Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.74237885Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.745835576Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.754017772Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.767270108Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:54.771745056Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.779325263Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.791464597Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.800455319Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.802525772Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.804578543Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.813548705Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.815629518Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.825497031Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.828086628Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.831820056Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.834125823Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.843378157Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.855767223Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:54.859734207Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.867979857Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.879281486Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.88760682Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.89068453Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.892933179Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.900892084Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.903301029Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.912970356Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.914907944Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.92007629Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.921837864Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.92991544Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.941801917Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:54.946095226Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.953497Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.969466611Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.977431953Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.979542372Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.982458859Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.990428145Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.992525396Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.999887855Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.012323566Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:55.01630789Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.023681615Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.036174657Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.044478997Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.046572267Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.050775983Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.058832865Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.060911061Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.072068674Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.074129837Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.077805301Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.080883126Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.089402622Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.100783191Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:55.105731122Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.113491442Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.125719241Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.134937286Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.137376825Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.139059171Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.147790654Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.150485651Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.160112872Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.16237891Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.167009373Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.169131943Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.177341685Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.190766782Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:55.194701136Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.201746413Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.213445626Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.222207344Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.224303219Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.22730833Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.233818508Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.236194979Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.244181712Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.255150341Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:55.260174149Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.266442044Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.273526344Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.279445395Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.281196057Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.282400648Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.28740028Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.289373007Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.296377618Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.297683893Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.300836982Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.302321455Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.308098041Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.315980706Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:55.31913656Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.324538917Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.341238514Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.34925339Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.3509945Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.354260699Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.362156969Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.363999354Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.374595876Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.376230244Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.380971031Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.384088213Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.393626011Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.405391063Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:55.412463002Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.418548549Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.428628579Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.437012798Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.438863098Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.440651744Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.449229049Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.452178758Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.453877376Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.465201413Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.467215043Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.470880834Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.473943271Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.482116251Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.4928681Z 78 PC: 13106 | Find first file (See above)
2018-12-25T11:39:55.504805662Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.511894592Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.532347783Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.541836568Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.544366794Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.547503013Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.555705928Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.558680548Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.561502902Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.576843265Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.578965374Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.589218159Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.59144192Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.601175487Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.616734254Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:55.621812606Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.628712011Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.641424092Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.65612453Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.658166417Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.661562441Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.670272061Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.673396237Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.675987725Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.685449182Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.687124729Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.695091229Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.697070152Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.705790417Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.716281651Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:55.720517734Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.726282844Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.737811857Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.746445569Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.748821883Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.751495978Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.760117017Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.763313543Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.766552877Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.777166864Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.778805355Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.788691834Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.791841523Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.801232851Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.814226136Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:55.817976998Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.824847674Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.83711078Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.85088187Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.852907874Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.856139494Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.864139332Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.867243091Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.870327114Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.880616618Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.88264764Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.89145405Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.893560819Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.902142242Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.909714028Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:55.912701339Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.920260132Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.935048681Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.943306908Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.945461122Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.94871463Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.955990333Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.958960236Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.966030509Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.976345212Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.978592526Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.986612597Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.988854552Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.998394032Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.010837714Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:56.013912096Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.020495642Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.03236446Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:56.059207052Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:56.061399768Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.063752752Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:56.071445639Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.075251766Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.077349893Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:56.087546621Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.090551316Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:56.098686796Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:56.100899659Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:56.111260876Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.123207557Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:56.12673635Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.134273416Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.145446005Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:56.153390893Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:56.156429581Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.158625144Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:56.166280785Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.170266438Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.172631571Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:56.182713965Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.185742911Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:56.202930044Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:56.204916047Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:56.216238169Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.227930502Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:56.231326953Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.239073652Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.250821128Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:56.257457923Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:56.259479247Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.26127125Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:56.266079112Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:56.267960619Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:56.2736055Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.281113513Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:56.283070266Z 78 PC: 1312f | Find first file (See above)
2018-12-25T11:39:56.287042235Z 26 PC: 12d67 | Set disk transfer address
2018-12-25T11:39:56.288558782Z 37 PC: 12d78 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:39:56.289973463Z 9 PC: 12a86 | Display string (String= 'Goat file (COM/i...). Size=000001F4h/0000000500d bytes. ')
2018-12-25T11:39:56.293440008Z 48 PC: 12a8f | Get DOS version
2018-12-25T11:39:56.310719043Z 61 PC: 12b5c | Open file (Filename = '')
2018-12-25T11:39:56.323623063Z 93 PC: 12afe | File sharing functions
2018-12-25T11:39:56.327066878Z 9 PC: 12a86 | Display string (See above)
2018-12-25T11:39:56.332383278Z 76 PC: 12ae3 | Terminate with return code (Return code = '1')

{"DateBased":true,"Day":1,"Month":9,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":70,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:39:50.190663318Z 42 PC: 1315d | Get date 0x1315d: cmp dh, 9
0x13160: je 0x13164
0x13162: jmp 0x13171
0x13164: mov ah, 9
0x13166: lea dx, word ptr [bx + 0x54b]
0x1316a: int 0x21
0x1316c: mov ax, 0x4c00
0x1316f: int 0x21
0x13171: cmp al, 1
0x13173: jne 0x1317d
0x13175: mov ah, 9
0x13177: lea dx, word ptr [bx + 0x583]
0x1317b: int 0x21
0x1317d: popaw
0x1317e: ret
0x1317f: xchg ax, cx
0x13180: test al, 0xef
0x13182: and byte ptr [bx - 0x5120], ch
0x13186: mov word ptr [0xa0e0], ax
0x13189: lodsb al, byte ptr [si]
2018-12-25T11:39:50.193413614Z 9 PC: 1316c | Display string (String= '��� �ணࠬ�� ��ࠦ��� ����ᮬ. ���㯠�� AIDSTEST ! ')
2018-12-25T11:39:50.201273185Z 76 PC: 13171 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":70,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:39:50.38692037Z 42 PC: 1315d | Get date 0x1315d: cmp dh, 9
0x13160: je 0x13164
0x13162: jmp 0x13171
0x13164: mov ah, 9
0x13166: lea dx, word ptr [bx + 0x54b]
0x1316a: int 0x21
0x1316c: mov ax, 0x4c00
0x1316f: int 0x21
0x13171: cmp al, 1
0x13173: jne 0x1317d
0x13175: mov ah, 9
0x13177: lea dx, word ptr [bx + 0x583]
0x1317b: int 0x21
0x1317d: popaw
0x1317e: ret
0x1317f: xchg ax, cx
0x13180: test al, 0xef
0x13182: and byte ptr [bx - 0x5120], ch
0x13186: mov word ptr [0xa0e0], ax
0x13189: lodsb al, byte ptr [si]
2018-12-25T11:39:50.389889304Z 53 PC: 12cb6 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:39:50.391288469Z 37 PC: 12ccc | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:39:50.392630695Z 26 PC: 12cd6 | Set disk transfer address
2018-12-25T11:39:50.396595043Z 78 PC: 13106 | Find first file
2018-12-25T11:39:50.406680246Z 67 PC: 13006 | Get or set file attributes
2018-12-25T11:39:50.413885703Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.682246035Z 61 PC: 12df4 | Open file (Filename = 'C:\DOS\EDIT.COM')
2018-12-25T11:39:53.702787339Z 87 PC: 12ff0 | Get or set file date and time
2018-12-25T11:39:53.704362076Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.70624862Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:53.714808993Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.719354854Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.721335954Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:53.748463447Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.750205009Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:53.757527179Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:53.771192465Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:53.779581094Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.79185328Z 79 PC: 13115 | Find next file
2018-12-25T11:39:53.79715045Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.804507422Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.815935796Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:53.82461317Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:53.827655149Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.829593145Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:53.836406344Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.840773845Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.842850213Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:53.854105963Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.857299906Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:53.861284873Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:53.863501586Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:53.876026666Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.887737161Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:53.891724395Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.898945619Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.910948086Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:53.918677913Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:53.920413615Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.923814569Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:53.93054253Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.933594056Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.936288137Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:53.946687549Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.948764916Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:53.953314876Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:53.955485368Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:53.964010158Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.975825193Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:53.988595171Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.996622684Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.008291342Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.019009104Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.025098876Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.027891701Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.036632367Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.039675845Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.041937685Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.05280426Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.05485181Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.058450872Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.062614388Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.070718604Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.08497322Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:54.092961247Z 78 PC: 1312f | Find first file
2018-12-25T11:39:54.100561678Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.107738454Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.11958091Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.128756097Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.130917847Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.133219487Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.141343875Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.14305032Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.15672079Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.15948178Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.163285703Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.165649393Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.174725712Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.186166923Z 79 PC: 1313e | Find next file
2018-12-25T11:39:54.190354932Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.199281266Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.210461665Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.218621346Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.221483539Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.223691989Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.231503228Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.234397755Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.244318558Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.246352031Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.250198275Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.253267132Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.262146925Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.272978098Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:54.278284038Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.285477875Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.296186082Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.304735756Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.307159188Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.309202407Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.317889827Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.320334476Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.342879642Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.344912751Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.348801485Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.350571575Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.367551893Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.379557124Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:54.383417527Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.39191708Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.403875533Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.412132571Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.41413929Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.416900926Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.425135762Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.427252035Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.437000945Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.439875379Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.443370264Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.445562786Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.454543368Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.466253498Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:54.470073513Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.478249129Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.489399442Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.497318338Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.500085053Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.501580856Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.506759945Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.508732874Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.518407214Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.519722442Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.522968451Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.524506033Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.529744105Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.541021404Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:54.543417171Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.548847846Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.559690542Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.568166518Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.570090551Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.572742339Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.580012646Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.582074159Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.592810173Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.594627332Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.598417779Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.600422586Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.61687566Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.626246491Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:54.637864641Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.645563889Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.657494333Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.665763921Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.668410849Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.670392129Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.678146985Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.680559332Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.690231332Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.692254918Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.696719649Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.698805109Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.706854364Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.718451375Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:54.723243424Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.730514369Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.742020674Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.750216465Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.752382973Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.755411567Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.763272401Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.765432055Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.77592604Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.778049441Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.78171444Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.78433033Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.793487404Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.807597443Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:54.812316733Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.819292143Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.831896377Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.840939749Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.843091262Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.845290413Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.854513791Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.856681987Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.866011896Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.868871623Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.872588824Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.874753583Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.884184716Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.895758073Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:54.899353288Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.927199592Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.940348808Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.950061226Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.953242318Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.955434185Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.963245715Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.96642535Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.976687232Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.978712747Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.984171604Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.986707126Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.994925014Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.007121551Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:55.011496213Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.018772803Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.030782994Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.038964934Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.04099604Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.043849141Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.05164633Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.054213374Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.062065808Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.073725981Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:55.077673441Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.085226828Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.099553723Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.104255223Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.105559578Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.107445142Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.111866534Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.113147094Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.119859529Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.121130701Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.123256985Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.125342507Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.130674762Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.137912071Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:55.141164869Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.145423754Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.152238169Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.167814439Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.169182891Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.170430669Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.175714098Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.177052063Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.184415814Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.1861859Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.188546017Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.18993437Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.196079315Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.20298256Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:55.205433244Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.210259272Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.21799462Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.225554001Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.228611771Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.230542151Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.237105568Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.239752103Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.246384721Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.253607945Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:55.262187171Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.268932711Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.27974388Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.288907266Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.29100939Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.292532432Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.300922686Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.303031353Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.312561548Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.316059004Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.31915845Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.320843538Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.33168587Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.35686434Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:55.360822053Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.368364578Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.381217197Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.396815609Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.399277461Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.402598876Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.410537987Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.412839142Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.429262061Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.431338736Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.435240521Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.438417165Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.44673431Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.459158404Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:55.464135429Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.470600683Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.48099012Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.499157462Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.500835195Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.5026829Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.509934181Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.512647336Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.514333187Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.530760092Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.532793554Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.53675091Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.539673862Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.548140886Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.558948032Z 78 PC: 13106 | Find first file (See above)
2018-12-25T11:39:55.570486995Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.57736907Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.597198306Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.607114562Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.613140115Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.615462129Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.624557871Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.627600222Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.629810086Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.641386195Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.643300005Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.651079514Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.654157685Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.668784807Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.683035505Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:55.689669762Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.696769653Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.714925805Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.723103597Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.725074883Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.727855708Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.735589255Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.738596828Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.74108557Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.751839053Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.753998982Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.762759206Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.767736554Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.77783504Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.79028897Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:55.793956897Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.801028652Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.813932842Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.837051656Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.839279079Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.842140705Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.850335813Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.853568279Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.856354644Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.866208295Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.868196778Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.877969747Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.881042031Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.890456141Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.902887023Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:55.906500198Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.913731013Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.926203169Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.934718674Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.93708947Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.940084818Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.948757263Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.9520594Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.954472341Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.964481504Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.967495752Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.975854736Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.978090648Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.988283082Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.00017915Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:56.003767525Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.012028447Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.024189589Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:56.032852363Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:56.03584584Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.038349597Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:56.04607157Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.05013472Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.052613087Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:56.062851175Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.065801024Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:56.074124522Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:56.076316155Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:56.086761189Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.098949151Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:56.102363288Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.110637236Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.122249898Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:56.13020879Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:56.133125044Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.13547085Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:56.143059231Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.147826959Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.150250699Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:56.160393337Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.163240775Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:56.171371024Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:56.173480365Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:56.183612515Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.195948302Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:56.199384138Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.207159956Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.219086783Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:56.227499501Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:56.230532923Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.232999708Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:56.24075201Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.244741966Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.247160786Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:56.257143732Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.260085119Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:56.268850829Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:56.271010987Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:56.281593865Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.293455168Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:56.29698582Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.304833981Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.316610018Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:56.324710903Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:56.327654502Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.330072535Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:56.338334443Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:56.341242568Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:56.350430973Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.362425071Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:56.366584784Z 78 PC: 1312f | Find first file (See above)
2018-12-25T11:39:56.373986289Z 26 PC: 12d67 | Set disk transfer address
2018-12-25T11:39:56.375694014Z 37 PC: 12d78 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:39:56.378082951Z 9 PC: 12a86 | Display string (String= 'Goat file (COM/i...). Size=000001F4h/0000000500d bytes. ')
2018-12-25T11:39:56.385039204Z 48 PC: 12a8f | Get DOS version
2018-12-25T11:39:56.386750353Z 61 PC: 12b5c | Open file (Filename = '')
2018-12-25T11:39:56.396197563Z 93 PC: 12afe | File sharing functions
2018-12-25T11:39:56.399128257Z 9 PC: 12a86 | Display string (See above)
2018-12-25T11:39:56.404090148Z 76 PC: 12ae3 | Terminate with return code (Return code = '1')

{"DateBased":true,"Day":7,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":70,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:39:50.604226196Z 42 PC: 1315d | Get date 0x1315d: cmp dh, 9
0x13160: je 0x13164
0x13162: jmp 0x13171
0x13164: mov ah, 9
0x13166: lea dx, word ptr [bx + 0x54b]
0x1316a: int 0x21
0x1316c: mov ax, 0x4c00
0x1316f: int 0x21
0x13171: cmp al, 1
0x13173: jne 0x1317d
0x13175: mov ah, 9
0x13177: lea dx, word ptr [bx + 0x583]
0x1317b: int 0x21
0x1317d: popaw
0x1317e: ret
0x1317f: xchg ax, cx
0x13180: test al, 0xef
0x13182: and byte ptr [bx - 0x5120], ch
0x13186: mov word ptr [0xa0e0], ax
0x13189: lodsb al, byte ptr [si]
2018-12-25T11:39:50.606917161Z 9 PC: 1317d | Display string (String= ' ��� ���� ����, ��⨩ ����, � �⢥�⮬� - �� ���� ! ')
2018-12-25T11:39:50.614413047Z 53 PC: 12cb6 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:39:50.615643263Z 37 PC: 12ccc | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:39:50.618002869Z 26 PC: 12cd6 | Set disk transfer address
2018-12-25T11:39:50.619560296Z 78 PC: 13106 | Find first file
2018-12-25T11:39:50.630559881Z 67 PC: 13006 | Get or set file attributes
2018-12-25T11:39:50.638154189Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.6813384Z 61 PC: 12df4 | Open file (Filename = 'C:\DOS\EDIT.COM')
2018-12-25T11:39:53.695338893Z 87 PC: 12ff0 | Get or set file date and time
2018-12-25T11:39:53.697544833Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.700225354Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:53.707699861Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.710506168Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.713690251Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:53.724434098Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.726540607Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:53.735036331Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:53.7369416Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:53.745708541Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.769675203Z 79 PC: 13115 | Find next file
2018-12-25T11:39:53.777718081Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.785449813Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.79695525Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:53.806536335Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:53.808698447Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.810761141Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:53.819418558Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.822198067Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.824103417Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:53.835916515Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.838568779Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:53.84226693Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:53.84545721Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:53.854991604Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.875312406Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:53.879359858Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.887591557Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.910858446Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:53.919127192Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:53.922831912Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.92576763Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:53.93229441Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.936005723Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.938114706Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:53.949547877Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:53.952571665Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:53.956790304Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:53.958872209Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:53.968436488Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.980001074Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:53.98713747Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:53.994688962Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.008004095Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.016122795Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.018151438Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.021238924Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.027953888Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.030995392Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.03388114Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.043543382Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.045538857Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.050546572Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.053985728Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.061912972Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.074972244Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:54.082411672Z 78 PC: 1312f | Find first file
2018-12-25T11:39:54.089776564Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.098184179Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.110439798Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.118553603Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.12059216Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.123796046Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.131621756Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.134744688Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.150632218Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.153067929Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.157156972Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.16006698Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.168529563Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.181065367Z 79 PC: 1313e | Find next file
2018-12-25T11:39:54.185111227Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.193494582Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.221677254Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.232312498Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.235066177Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.241039439Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.263850897Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.267115987Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.285082336Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.286644074Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.289583963Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.29385637Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.306578975Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.318243041Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:54.322008097Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.329503229Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.34010483Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.347822975Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.349284232Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.351088965Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.359487791Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.360985318Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.370720712Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.37342968Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.376751087Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.378497817Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.387681704Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.399153621Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:54.403710107Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.410859753Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.421654885Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.429820247Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.43211671Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.434296813Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.442003944Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.444030031Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.454729768Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.457611931Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.461242634Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.464526835Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.472618872Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.483707521Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:54.48848042Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.496052402Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.507060197Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.515978903Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.518396851Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.52040361Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.52901218Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.532235785Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.54181889Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.543819841Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.548508196Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.55062539Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.558763775Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.570819697Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:54.574484337Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.58157742Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.594155239Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.604461853Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.606244464Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.612183398Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.635993879Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.637845785Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.662757818Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.664915153Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.668526182Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.671165704Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.682790216Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.704182193Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:54.709240227Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.714373339Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.726111353Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.732170743Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.733574613Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.734904485Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.740133774Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.741351227Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.747455898Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.750036391Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.753249203Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.755118204Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.763695287Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.773971139Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:54.776415433Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.785416272Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.793881781Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.801947478Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.805055945Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.807176036Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.823709796Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.826444262Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.835750063Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.83837211Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.866094078Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.868813519Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.876991279Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.88701205Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:54.890948993Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.895320159Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.903757294Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.908719152Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.910009279Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.911913667Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:54.916968111Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.918562342Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.932530226Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.934955858Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:54.938185417Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.940138969Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:54.948529774Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.960607325Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:54.964479252Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.972336396Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:54.984368411Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:54.992620375Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:54.995809379Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:54.997935317Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.005730875Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.008477283Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.018276614Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.020997739Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.025043407Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.027181607Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.0352898Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.043991784Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:55.047243626Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.051433406Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.059387733Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.065162716Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.067141213Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.069920902Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.076539022Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.078515412Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.085874577Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.09618171Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:55.100049169Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.107833862Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.119729437Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.12773024Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.130265806Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.13231249Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.140313492Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.143088784Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.15285953Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.154539794Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.158016134Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.160414921Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.168118013Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.179995953Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:55.184189218Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.191305765Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.202023422Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.211040955Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.217436224Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.22014261Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.234450333Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.236753544Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.248371643Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.252274264Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.255694545Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.257509749Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.267260122Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.278698812Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:55.283412156Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.293082816Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.306253901Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.316280133Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.32008741Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.322266144Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.328798749Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.331984603Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.338294726Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.349383056Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:55.357356157Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.364572854Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.375580876Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.385670573Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.387390289Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.389052299Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.397424448Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.399055356Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.408767388Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.411572346Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.415307025Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.417605805Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.426511233Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.438252789Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:55.442258028Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.451479479Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.463474535Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.471694556Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.47477725Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.477246199Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.485053549Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.488049943Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.498636595Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.500487592Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.504902328Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.507029217Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.515411584Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.531966596Z 79 PC: 1313e | Find next file (See above)
2018-12-25T11:39:55.535519148Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.542211727Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.552811392Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.560128516Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.562199516Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.565301038Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.571984844Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.57505682Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.578387466Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.589070847Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.591120115Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.596065965Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.598267821Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.606840499Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.618402887Z 78 PC: 13106 | Find first file (See above)
2018-12-25T11:39:55.629694279Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.636641058Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.655131923Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.664043239Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.666196955Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.669594064Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.677314518Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.68045656Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.683621932Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.694411444Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.696317473Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.705729175Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.70779058Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.716730824Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.729382506Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:55.732797673Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.739637184Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.751381115Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.759007851Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.760719916Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.763060564Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.770592752Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.773677671Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.776925748Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.795171882Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.79695709Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.804357082Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.806072521Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.814615991Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.829839197Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:55.833401516Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.840173823Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.852405689Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.865817939Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.86787828Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.870599722Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.875032638Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.87993462Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.88208516Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.889979847Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.891338878Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.896638731Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.898023835Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:55.90553822Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.93134782Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:55.934602801Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.941184487Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:55.953374292Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:55.960849624Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:55.962890374Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.964545344Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:55.972050251Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.97650842Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.978586666Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.988168095Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:55.991771676Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:55.999384864Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:56.001697035Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:56.010978117Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.021869452Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:56.025285541Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.03302078Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.04401789Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:56.05747467Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:56.060090097Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.061952156Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:56.073639055Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.077185937Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.078778933Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:56.088536757Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.090954229Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:56.098543716Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:56.101479724Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:56.108633776Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.116890929Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:56.122375056Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.127075956Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.134302454Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:56.14008049Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:56.142600234Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.144769651Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:56.152942265Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.156228348Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.158287498Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:56.169417233Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.171838521Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:56.179824613Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:56.182811366Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:56.192859698Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.204693433Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:56.209172657Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.216452042Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.227664076Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:56.23665005Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:56.239115977Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.241192719Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:56.249908916Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.253403827Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.255424638Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:56.266679662Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.26909706Z 64 PC: 12ff0 | Write file or device (See above)
2018-12-25T11:39:56.276917484Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:56.280242902Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:56.289257064Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.302018501Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:56.306199829Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.31308601Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.32436803Z 61 PC: 12df4 | Open file (See above)
2018-12-25T11:39:56.334660533Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:56.336504691Z 66 PC: 12ff0 | Move file pointer (See above)
2018-12-25T11:39:56.33844712Z 63 PC: 12ff0 | Read file or device (See above)
2018-12-25T11:39:56.346873268Z 87 PC: 12ff0 | Get or set file date and time (See above)
2018-12-25T11:39:56.348995657Z 62 PC: 12ff0 | Close file (See above)
2018-12-25T11:39:56.357224266Z 67 PC: 13006 | Get or set file attributes (See above)
2018-12-25T11:39:56.369623762Z 79 PC: 13115 | Find next file (See above)
2018-12-25T11:39:56.372820009Z 78 PC: 1312f | Find first file (See above)
2018-12-25T11:39:56.380051782Z 26 PC: 12d67 | Set disk transfer address
2018-12-25T11:39:56.384954412Z 37 PC: 12d78 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:39:56.386796091Z 9 PC: 12a86 | Display string (String= 'Goat file (COM/i...). Size=000001F4h/0000000500d bytes. ')
2018-12-25T11:39:56.393539548Z 48 PC: 12a8f | Get DOS version
2018-12-25T11:39:56.39557168Z 61 PC: 12b5c | Open file (Filename = '')
2018-12-25T11:39:56.403959595Z 93 PC: 12afe | File sharing functions
2018-12-25T11:39:56.406964317Z 9 PC: 12a86 | Display string (See above)
2018-12-25T11:39:56.411829861Z 76 PC: 12ae3 | Terminate with return code (Return code = '1')

{"DateBased":true,"Day":1,"Month":9,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":70,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:39:50.801075187Z 42 PC: 1315d | Get date 0x1315d: cmp dh, 9
0x13160: je 0x13164
0x13162: jmp 0x13171
0x13164: mov ah, 9
0x13166: lea dx, word ptr [bx + 0x54b]
0x1316a: int 0x21
0x1316c: mov ax, 0x4c00
0x1316f: int 0x21
0x13171: cmp al, 1
0x13173: jne 0x1317d
0x13175: mov ah, 9
0x13177: lea dx, word ptr [bx + 0x583]
0x1317b: int 0x21
0x1317d: popaw
0x1317e: ret
0x1317f: xchg ax, cx
0x13180: test al, 0xef
0x13182: and byte ptr [bx - 0x5120], ch
0x13186: mov word ptr [0xa0e0], ax
0x13189: lodsb al, byte ptr [si]
2018-12-25T11:39:50.803872773Z 9 PC: 1316c | Display string (String= '��� �ணࠬ�� ��ࠦ��� ����ᮬ. ���㯠�� AIDSTEST ! ')
2018-12-25T11:39:50.811276141Z 76 PC: 13171 | Terminate with return code (Return code = '0')