Sample viewer

vx.netlux.org/Virus.DOS.Kode4.412

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:43:08.404700121Z 78 PC: 12be7 | Find first file
2018-12-17T22:43:08.412161386Z 67 PC: 12bf5 | Get or set file attributes
2018-12-17T22:43:08.418842609Z 67 PC: 12bff | Get or set file attributes
2018-12-17T22:43:08.437306764Z 61 PC: 12c07 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:43:08.445497183Z 87 PC: 12c14 | Get or set file date and time
2018-12-17T22:43:08.45095313Z 66 PC: 12c1f | Move file pointer
2018-12-17T22:43:08.453624747Z 63 PC: 12c2b | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:43:08.460907336Z 66 PC: 12c34 | Move file pointer
2018-12-17T22:43:08.463449187Z 66 PC: 12c5b | Move file pointer
2018-12-17T22:43:08.465133187Z 64 PC: 12c67 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:43:08.46861827Z 66 PC: 12c70 | Move file pointer
2018-12-17T22:43:08.471776193Z 64 PC: 12c9d | Write file or device (Write 412 bytes on handle 5)
2018-12-17T22:43:08.480972449Z 87 PC: 12cc4 | Get or set file date and time
2018-12-17T22:43:08.482970727Z 62 PC: 12cc8 | Close file
2018-12-17T22:43:08.49253718Z 79 PC: 12ccc | Find next file
2018-12-17T22:43:08.500806005Z 67 PC: 12bf5 | Get or set file attributes
2018-12-17T22:43:08.50697308Z 67 PC: 12bff | Get or set file attributes
2018-12-17T22:43:08.519624071Z 61 PC: 12c07 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:43:08.527563119Z 87 PC: 12c14 | Get or set file date and time
2018-12-17T22:43:08.529027827Z 66 PC: 12c1f | Move file pointer
2018-12-17T22:43:08.530485236Z 63 PC: 12c2b | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:43:08.546572233Z 66 PC: 12c34 | Move file pointer
2018-12-17T22:43:08.548252387Z 66 PC: 12c5b | Move file pointer
2018-12-17T22:43:08.549848469Z 64 PC: 12c67 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:43:08.553684235Z 66 PC: 12c70 | Move file pointer
2018-12-17T22:43:08.555380851Z 64 PC: 12c9d | Write file or device (Write 412 bytes on handle 5)
2018-12-17T22:43:08.558372238Z 87 PC: 12cc4 | Get or set file date and time
2018-12-17T22:43:08.561228941Z 62 PC: 12cc8 | Close file
2018-12-17T22:43:08.569466163Z 79 PC: 12ccc | Find next file
2018-12-17T22:43:08.572494011Z 67 PC: 12bf5 | Get or set file attributes
2018-12-17T22:43:08.579663804Z 67 PC: 12bff | Get or set file attributes
2018-12-17T22:43:08.59303192Z 61 PC: 12c07 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:43:08.601630471Z 87 PC: 12c14 | Get or set file date and time
2018-12-17T22:43:08.617665945Z 66 PC: 12c1f | Move file pointer
2018-12-17T22:43:08.619325994Z 63 PC: 12c2b | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:43:08.627003192Z 66 PC: 12c34 | Move file pointer
2018-12-17T22:43:08.629168719Z 66 PC: 12c5b | Move file pointer
2018-12-17T22:43:08.630830159Z 64 PC: 12c67 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:43:08.634637453Z 66 PC: 12c70 | Move file pointer
2018-12-17T22:43:08.637000364Z 64 PC: 12c9d | Write file or device (Write 412 bytes on handle 5)
2018-12-17T22:43:08.640295881Z 87 PC: 12cc4 | Get or set file date and time
2018-12-17T22:43:08.642057048Z 62 PC: 12cc8 | Close file
2018-12-17T22:43:08.650805914Z 79 PC: 12ccc | Find next file
2018-12-17T22:43:08.654328336Z 67 PC: 12bf5 | Get or set file attributes
2018-12-17T22:43:08.660773653Z 67 PC: 12bff | Get or set file attributes
2018-12-17T22:43:08.67377056Z 61 PC: 12c07 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:43:08.681628664Z 87 PC: 12c14 | Get or set file date and time
2018-12-17T22:43:08.683131029Z 66 PC: 12c1f | Move file pointer
2018-12-17T22:43:08.68457405Z 63 PC: 12c2b | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:43:08.692193928Z 66 PC: 12c34 | Move file pointer
2018-12-17T22:43:08.694431133Z 66 PC: 12c5b | Move file pointer
2018-12-17T22:43:08.696094178Z 64 PC: 12c67 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:43:08.699565938Z 66 PC: 12c70 | Move file pointer
2018-12-17T22:43:08.70121325Z 64 PC: 12c9d | Write file or device (Write 412 bytes on handle 5)
2018-12-17T22:43:08.704195374Z 87 PC: 12cc4 | Get or set file date and time
2018-12-17T22:43:08.706795018Z 62 PC: 12cc8 | Close file
2018-12-17T22:43:08.715365949Z 79 PC: 12ccc | Find next file
2018-12-17T22:43:08.718342066Z 67 PC: 12bf5 | Get or set file attributes
2018-12-17T22:43:08.725076612Z 67 PC: 12bff | Get or set file attributes
2018-12-17T22:43:08.736190038Z 61 PC: 12c07 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:43:08.744694178Z 87 PC: 12c14 | Get or set file date and time
2018-12-17T22:43:08.746438834Z 66 PC: 12c1f | Move file pointer
2018-12-17T22:43:08.748226524Z 63 PC: 12c2b | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:43:08.754870692Z 66 PC: 12c34 | Move file pointer
2018-12-17T22:43:08.756264666Z 66 PC: 12c5b | Move file pointer
2018-12-17T22:43:08.757678718Z 64 PC: 12c67 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:43:08.760336844Z 66 PC: 12c70 | Move file pointer
2018-12-17T22:43:08.761720865Z 64 PC: 12c9d | Write file or device (Write 412 bytes on handle 5)
2018-12-17T22:43:08.764718125Z 87 PC: 12cc4 | Get or set file date and time
2018-12-17T22:43:08.766504266Z 62 PC: 12cc8 | Close file
2018-12-17T22:43:08.778265343Z 79 PC: 12ccc | Find next file
2018-12-17T22:43:08.786987904Z 67 PC: 12bf5 | Get or set file attributes
2018-12-17T22:43:08.790983084Z 67 PC: 12bff | Get or set file attributes
2018-12-17T22:43:08.801135982Z 61 PC: 12c07 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:43:08.808598902Z 87 PC: 12c14 | Get or set file date and time
2018-12-17T22:43:08.810911655Z 66 PC: 12c1f | Move file pointer
2018-12-17T22:43:08.81239071Z 63 PC: 12c2b | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:43:08.819876134Z 66 PC: 12c34 | Move file pointer
2018-12-17T22:43:08.821358135Z 66 PC: 12c5b | Move file pointer
2018-12-17T22:43:08.822798747Z 64 PC: 12c67 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:43:08.82645022Z 66 PC: 12c70 | Move file pointer
2018-12-17T22:43:08.82805293Z 64 PC: 12c9d | Write file or device (Write 412 bytes on handle 5)
2018-12-17T22:43:08.837363016Z 87 PC: 12cc4 | Get or set file date and time
2018-12-17T22:43:08.840398361Z 62 PC: 12cc8 | Close file
2018-12-17T22:43:08.848805107Z 79 PC: 12ccc | Find next file
2018-12-17T22:43:08.862417235Z 67 PC: 12bf5 | Get or set file attributes
2018-12-17T22:43:08.869592326Z 67 PC: 12bff | Get or set file attributes
2018-12-17T22:43:08.881382808Z 61 PC: 12c07 | Open file (Filename = 'PAH.COM')
2018-12-17T22:43:08.885714525Z 87 PC: 12c14 | Get or set file date and time
2018-12-17T22:43:08.886787589Z 66 PC: 12c1f | Move file pointer
2018-12-17T22:43:08.888414514Z 63 PC: 12c2b | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:43:08.892636864Z 66 PC: 12c34 | Move file pointer
2018-12-17T22:43:08.893755615Z 66 PC: 12c5b | Move file pointer
2018-12-17T22:43:08.895897984Z 64 PC: 12c67 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:43:08.897901282Z 66 PC: 12c70 | Move file pointer
2018-12-17T22:43:08.899140908Z 64 PC: 12c9d | Write file or device (Write 412 bytes on handle 5)
2018-12-17T22:43:08.901649119Z 87 PC: 12cc4 | Get or set file date and time
2018-12-17T22:43:08.903271098Z 62 PC: 12cc8 | Close file
2018-12-17T22:43:08.911264524Z 79 PC: 12ccc | Find next file
2018-12-17T22:43:08.914307233Z 42 PC: 12cd5 | Get date 0x12cd5: cmp cx, 0x7c9
0x12cd9: jge 0x12ce7
0x12cdb: cmp cx, 0x7c7
0x12cdf: jle 0x12cf0
0x12ce1: cmp dx, 0x914
0x12ce5: jle 0x12cf0
0x12ce7: mov ah, 9
0x12ce9: mov dx, 0x271
0x12cec: add dx, si
0x12cee: int 0x21
0x12cf0: mov bp, 0x100
0x12cf3: jmp bp
0x12cf5: pop ss
0x12cf6: adc bx, word ptr [bp + 0x52]
0x12cf9: push ax
0x12cfa: cmp ax, 0x101d
0x12cfd: add byte ptr [0x761d], dl
0x12d01: push dx
0x12d02: pop cx
0x12d03: pop ax
2018-12-17T22:43:08.916646254Z 9 PC: 12cf0 | Display string (Could not find end pointer)
2018-12-17T22:43:08.934429428Z 9 PC: 12a82 | Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ')
2018-12-17T22:43:08.943041329Z 76 PC: 12a86 | Terminate with return code (Return code = '36')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7787,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:02:36.64118296Z 78 PC: 12be7 | Find first file
2018-12-25T12:02:36.647864361Z 67 PC: 12bf5 | Get or set file attributes
2018-12-25T12:02:36.653282305Z 67 PC: 12bff | Get or set file attributes
2018-12-25T12:02:36.673356929Z 61 PC: 12c07 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:02:36.68085008Z 87 PC: 12c14 | Get or set file date and time
2018-12-25T12:02:36.68250122Z 66 PC: 12c1f | Move file pointer
2018-12-25T12:02:36.684136223Z 63 PC: 12c2b | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:02:36.691740572Z 66 PC: 12c34 | Move file pointer
2018-12-25T12:02:36.693761976Z 66 PC: 12c5b | Move file pointer
2018-12-25T12:02:36.696100834Z 64 PC: 12c67 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:02:36.699288442Z 66 PC: 12c70 | Move file pointer
2018-12-25T12:02:36.701033649Z 64 PC: 12c9d | Write file or device (Write 412 bytes on handle 5)
2018-12-25T12:02:36.719961924Z 87 PC: 12cc4 | Get or set file date and time
2018-12-25T12:02:36.721775914Z 62 PC: 12cc8 | Close file
2018-12-25T12:02:36.729859283Z 79 PC: 12ccc | Find next file
2018-12-25T12:02:36.733306155Z 67 PC: 12bf5 | Get or set file attributes (See above)
2018-12-25T12:02:36.738926227Z 67 PC: 12bff | Get or set file attributes (See above)
2018-12-25T12:02:36.749931325Z 61 PC: 12c07 | Open file (See above)
2018-12-25T12:02:36.766187045Z 87 PC: 12c14 | Get or set file date and time (See above)
2018-12-25T12:02:36.767450764Z 66 PC: 12c1f | Move file pointer (See above)
2018-12-25T12:02:36.769224625Z 63 PC: 12c2b | Read file or device (See above)
2018-12-25T12:02:36.775740741Z 66 PC: 12c34 | Move file pointer (See above)
2018-12-25T12:02:36.777468996Z 66 PC: 12c5b | Move file pointer (See above)
2018-12-25T12:02:36.779519238Z 64 PC: 12c67 | Write file or device (See above)
2018-12-25T12:02:36.782079938Z 66 PC: 12c70 | Move file pointer (See above)
2018-12-25T12:02:36.783729772Z 64 PC: 12c9d | Write file or device (See above)
2018-12-25T12:02:36.786886855Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:02:36.788837557Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:02:36.796095673Z 79 PC: 12ccc | Find next file (See above)
2018-12-25T12:02:36.799321411Z 67 PC: 12bf5 | Get or set file attributes (See above)
2018-12-25T12:02:36.805106129Z 67 PC: 12bff | Get or set file attributes (See above)
2018-12-25T12:02:36.814868204Z 61 PC: 12c07 | Open file (See above)
2018-12-25T12:02:36.82256139Z 87 PC: 12c14 | Get or set file date and time (See above)
2018-12-25T12:02:36.823937855Z 66 PC: 12c1f | Move file pointer (See above)
2018-12-25T12:02:36.825215622Z 63 PC: 12c2b | Read file or device (See above)
2018-12-25T12:02:36.831768814Z 66 PC: 12c34 | Move file pointer (See above)
2018-12-25T12:02:36.833377454Z 66 PC: 12c5b | Move file pointer (See above)
2018-12-25T12:02:36.83459572Z 64 PC: 12c67 | Write file or device (See above)
2018-12-25T12:02:36.837099437Z 66 PC: 12c70 | Move file pointer (See above)
2018-12-25T12:02:36.839334529Z 64 PC: 12c9d | Write file or device (See above)
2018-12-25T12:02:36.842184059Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:02:36.843902246Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:02:36.933741068Z 79 PC: 12ccc | Find next file (See above)
2018-12-25T12:02:36.936461603Z 67 PC: 12bf5 | Get or set file attributes (See above)
2018-12-25T12:02:36.942730247Z 67 PC: 12bff | Get or set file attributes (See above)
2018-12-25T12:02:37.061854015Z 61 PC: 12c07 | Open file (See above)
2018-12-25T12:02:37.068478461Z 87 PC: 12c14 | Get or set file date and time (See above)
2018-12-25T12:02:37.069898429Z 66 PC: 12c1f | Move file pointer (See above)
2018-12-25T12:02:37.072339328Z 63 PC: 12c2b | Read file or device (See above)
2018-12-25T12:02:37.079341349Z 66 PC: 12c34 | Move file pointer (See above)
2018-12-25T12:02:37.080832372Z 66 PC: 12c5b | Move file pointer (See above)
2018-12-25T12:02:37.082882484Z 64 PC: 12c67 | Write file or device (See above)
2018-12-25T12:02:37.086865932Z 66 PC: 12c70 | Move file pointer (See above)
2018-12-25T12:02:37.088335918Z 64 PC: 12c9d | Write file or device (See above)
2018-12-25T12:02:37.091151409Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:02:37.093160024Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:02:37.191553905Z 79 PC: 12ccc | Find next file (See above)
2018-12-25T12:02:37.194021258Z 67 PC: 12bf5 | Get or set file attributes (See above)
2018-12-25T12:02:37.200262329Z 67 PC: 12bff | Get or set file attributes (See above)
2018-12-25T12:02:37.333069157Z 61 PC: 12c07 | Open file (See above)
2018-12-25T12:02:37.339872193Z 87 PC: 12c14 | Get or set file date and time (See above)
2018-12-25T12:02:37.347374087Z 66 PC: 12c1f | Move file pointer (See above)
2018-12-25T12:02:37.348688624Z 63 PC: 12c2b | Read file or device (See above)
2018-12-25T12:02:37.354959811Z 66 PC: 12c34 | Move file pointer (See above)
2018-12-25T12:02:37.357209812Z 66 PC: 12c5b | Move file pointer (See above)
2018-12-25T12:02:37.35849834Z 64 PC: 12c67 | Write file or device (See above)
2018-12-25T12:02:37.361089424Z 66 PC: 12c70 | Move file pointer (See above)
2018-12-25T12:02:37.363223905Z 64 PC: 12c9d | Write file or device (See above)
2018-12-25T12:02:37.365782474Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:02:37.367257867Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:02:37.557697843Z 79 PC: 12ccc | Find next file (See above)
2018-12-25T12:02:37.561438434Z 67 PC: 12bf5 | Get or set file attributes (See above)
2018-12-25T12:02:37.567505573Z 67 PC: 12bff | Get or set file attributes (See above)
2018-12-25T12:02:37.743281141Z 61 PC: 12c07 | Open file (See above)
2018-12-25T12:02:37.749841071Z 87 PC: 12c14 | Get or set file date and time (See above)
2018-12-25T12:02:37.751120004Z 66 PC: 12c1f | Move file pointer (See above)
2018-12-25T12:02:37.753393309Z 63 PC: 12c2b | Read file or device (See above)
2018-12-25T12:02:37.759585922Z 66 PC: 12c34 | Move file pointer (See above)
2018-12-25T12:02:37.760953885Z 66 PC: 12c5b | Move file pointer (See above)
2018-12-25T12:02:37.762736829Z 64 PC: 12c67 | Write file or device (See above)
2018-12-25T12:02:37.76528251Z 66 PC: 12c70 | Move file pointer (See above)
2018-12-25T12:02:37.767073849Z 64 PC: 12c9d | Write file or device (See above)
2018-12-25T12:02:37.876381568Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:02:37.877875387Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:02:37.970673756Z 79 PC: 12ccc | Find next file (See above)
2018-12-25T12:02:37.974264709Z 67 PC: 12bf5 | Get or set file attributes (See above)
2018-12-25T12:02:37.979719226Z 67 PC: 12bff | Get or set file attributes (See above)
2018-12-25T12:02:38.138338816Z 61 PC: 12c07 | Open file (See above)
2018-12-25T12:02:38.145468005Z 87 PC: 12c14 | Get or set file date and time (See above)
2018-12-25T12:02:38.146878784Z 66 PC: 12c1f | Move file pointer (See above)
2018-12-25T12:02:38.148131444Z 63 PC: 12c2b | Read file or device (See above)
2018-12-25T12:02:38.154959033Z 66 PC: 12c34 | Move file pointer (See above)
2018-12-25T12:02:38.156248493Z 66 PC: 12c5b | Move file pointer (See above)
2018-12-25T12:02:38.157498672Z 64 PC: 12c67 | Write file or device (See above)
2018-12-25T12:02:38.16071147Z 66 PC: 12c70 | Move file pointer (See above)
2018-12-25T12:02:38.162168292Z 64 PC: 12c9d | Write file or device (See above)
2018-12-25T12:02:38.164739156Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:02:38.166807144Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:02:38.264879434Z 79 PC: 12ccc | Find next file (See above)
2018-12-25T12:02:38.267214756Z 42 PC: 12cd5 | Get date 0x12cd5: cmp cx, 0x7c9
0x12cd9: jge 0x12ce7
0x12cdb: cmp cx, 0x7c7
0x12cdf: jle 0x12cf0
0x12ce1: cmp dx, 0x914
0x12ce5: jle 0x12cf0
0x12ce7: mov ah, 9
0x12ce9: mov dx, 0x271
0x12cec: add dx, si
0x12cee: int 0x21
0x12cf0: mov bp, 0x100
0x12cf3: jmp bp
0x12cf5: pop ss
0x12cf6: adc bx, word ptr [bp + 0x52]
0x12cf9: push ax
0x12cfa: cmp ax, 0x101d
0x12cfd: add byte ptr [0x761d], dl
0x12d01: push dx
0x12d02: pop cx
0x12d03: pop ax
2018-12-25T12:02:38.269455701Z 9 PC: 12a82 | Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ')
2018-12-25T12:02:38.275783094Z 76 PC: 12a86 | Terminate with return code (Return code = '36')

{"DateBased":true,"Day":1,"Month":1,"Year":1993,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7787,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:02:38.208861437Z 78 PC: 12be7 | Find first file
2018-12-25T12:02:38.213841561Z 67 PC: 12bf5 | Get or set file attributes
2018-12-25T12:02:38.217509232Z 67 PC: 12bff | Get or set file attributes
2018-12-25T12:02:39.134611848Z 61 PC: 12c07 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:02:39.141848195Z 87 PC: 12c14 | Get or set file date and time
2018-12-25T12:02:39.143175372Z 66 PC: 12c1f | Move file pointer
2018-12-25T12:02:39.144379855Z 63 PC: 12c2b | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:02:39.151111737Z 66 PC: 12c34 | Move file pointer
2018-12-25T12:02:39.152440846Z 66 PC: 12c5b | Move file pointer
2018-12-25T12:02:39.153687118Z 64 PC: 12c67 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:02:39.156653556Z 66 PC: 12c70 | Move file pointer
2018-12-25T12:02:39.15793331Z 64 PC: 12c9d | Write file or device (Write 412 bytes on handle 5)
2018-12-25T12:02:39.171874481Z 87 PC: 12cc4 | Get or set file date and time
2018-12-25T12:02:39.174208626Z 62 PC: 12cc8 | Close file
2018-12-25T12:02:39.194307532Z 79 PC: 12ccc | Find next file
2018-12-25T12:02:39.19687484Z 67 PC: 12bf5 | Get or set file attributes (See above)
2018-12-25T12:02:39.208599766Z 67 PC: 12bff | Get or set file attributes (See above)
2018-12-25T12:02:39.224603485Z 61 PC: 12c07 | Open file (See above)
2018-12-25T12:02:39.231043293Z 87 PC: 12c14 | Get or set file date and time (See above)
2018-12-25T12:02:39.232982047Z 66 PC: 12c1f | Move file pointer (See above)
2018-12-25T12:02:39.234387382Z 63 PC: 12c2b | Read file or device (See above)
2018-12-25T12:02:39.240627952Z 66 PC: 12c34 | Move file pointer (See above)
2018-12-25T12:02:39.242996482Z 66 PC: 12c5b | Move file pointer (See above)
2018-12-25T12:02:39.244382984Z 64 PC: 12c67 | Write file or device (See above)
2018-12-25T12:02:39.247733623Z 66 PC: 12c70 | Move file pointer (See above)
2018-12-25T12:02:39.249024853Z 64 PC: 12c9d | Write file or device (See above)
2018-12-25T12:02:39.25115778Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:02:39.252671458Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:02:39.304119798Z 79 PC: 12ccc | Find next file (See above)
2018-12-25T12:02:39.306312739Z 67 PC: 12bf5 | Get or set file attributes (See above)
2018-12-25T12:02:39.309721255Z 67 PC: 12bff | Get or set file attributes (See above)
2018-12-25T12:02:39.333692265Z 61 PC: 12c07 | Open file (See above)
2018-12-25T12:02:39.345867884Z 87 PC: 12c14 | Get or set file date and time (See above)
2018-12-25T12:02:39.347232993Z 66 PC: 12c1f | Move file pointer (See above)
2018-12-25T12:02:39.348536612Z 63 PC: 12c2b | Read file or device (See above)
2018-12-25T12:02:39.355268707Z 66 PC: 12c34 | Move file pointer (See above)
2018-12-25T12:02:39.356622112Z 66 PC: 12c5b | Move file pointer (See above)
2018-12-25T12:02:39.362440221Z 64 PC: 12c67 | Write file or device (See above)
2018-12-25T12:02:39.365807665Z 66 PC: 12c70 | Move file pointer (See above)
2018-12-25T12:02:39.367249254Z 64 PC: 12c9d | Write file or device (See above)
2018-12-25T12:02:39.369848027Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:02:39.371899849Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:02:39.408741526Z 79 PC: 12ccc | Find next file (See above)
2018-12-25T12:02:39.411306014Z 67 PC: 12bf5 | Get or set file attributes (See above)
2018-12-25T12:02:39.417576876Z 67 PC: 12bff | Get or set file attributes (See above)
2018-12-25T12:02:39.451301139Z 61 PC: 12c07 | Open file (See above)
2018-12-25T12:02:39.457884695Z 87 PC: 12c14 | Get or set file date and time (See above)
2018-12-25T12:02:39.460000068Z 66 PC: 12c1f | Move file pointer (See above)
2018-12-25T12:02:39.461719834Z 63 PC: 12c2b | Read file or device (See above)
2018-12-25T12:02:39.467752201Z 66 PC: 12c34 | Move file pointer (See above)
2018-12-25T12:02:39.470337581Z 66 PC: 12c5b | Move file pointer (See above)
2018-12-25T12:02:39.471792326Z 64 PC: 12c67 | Write file or device (See above)
2018-12-25T12:02:39.474315637Z 66 PC: 12c70 | Move file pointer (See above)
2018-12-25T12:02:39.475835095Z 64 PC: 12c9d | Write file or device (See above)
2018-12-25T12:02:39.478354835Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:02:39.479620528Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:02:39.487163455Z 79 PC: 12ccc | Find next file (See above)
2018-12-25T12:02:39.489744402Z 67 PC: 12bf5 | Get or set file attributes (See above)
2018-12-25T12:02:39.495149821Z 67 PC: 12bff | Get or set file attributes (See above)
2018-12-25T12:02:39.504856327Z 61 PC: 12c07 | Open file (See above)
2018-12-25T12:02:39.512076827Z 87 PC: 12c14 | Get or set file date and time (See above)
2018-12-25T12:02:39.51333531Z 66 PC: 12c1f | Move file pointer (See above)
2018-12-25T12:02:39.514658482Z 63 PC: 12c2b | Read file or device (See above)
2018-12-25T12:02:39.521159137Z 66 PC: 12c34 | Move file pointer (See above)
2018-12-25T12:02:39.522418286Z 66 PC: 12c5b | Move file pointer (See above)
2018-12-25T12:02:39.523811353Z 64 PC: 12c67 | Write file or device (See above)
2018-12-25T12:02:39.526818296Z 66 PC: 12c70 | Move file pointer (See above)
2018-12-25T12:02:39.528425204Z 64 PC: 12c9d | Write file or device (See above)
2018-12-25T12:02:39.531425203Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:02:39.533571404Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:02:39.541025086Z 79 PC: 12ccc | Find next file (See above)
2018-12-25T12:02:39.543771371Z 67 PC: 12bf5 | Get or set file attributes (See above)
2018-12-25T12:02:39.550287637Z 67 PC: 12bff | Get or set file attributes (See above)
2018-12-25T12:02:39.559838063Z 61 PC: 12c07 | Open file (See above)
2018-12-25T12:02:39.566170546Z 87 PC: 12c14 | Get or set file date and time (See above)
2018-12-25T12:02:39.568595955Z 66 PC: 12c1f | Move file pointer (See above)
2018-12-25T12:02:39.570069798Z 63 PC: 12c2b | Read file or device (See above)
2018-12-25T12:02:39.576005532Z 66 PC: 12c34 | Move file pointer (See above)
2018-12-25T12:02:39.577771177Z 66 PC: 12c5b | Move file pointer (See above)
2018-12-25T12:02:39.578690238Z 64 PC: 12c67 | Write file or device (See above)
2018-12-25T12:02:39.580263197Z 66 PC: 12c70 | Move file pointer (See above)
2018-12-25T12:02:39.581533507Z 64 PC: 12c9d | Write file or device (See above)
2018-12-25T12:02:39.586662881Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:02:39.587799325Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:02:39.59499139Z 79 PC: 12ccc | Find next file (See above)
2018-12-25T12:02:39.597946054Z 67 PC: 12bf5 | Get or set file attributes (See above)
2018-12-25T12:02:39.609055749Z 67 PC: 12bff | Get or set file attributes (See above)
2018-12-25T12:02:39.620534166Z 61 PC: 12c07 | Open file (See above)
2018-12-25T12:02:39.627208391Z 87 PC: 12c14 | Get or set file date and time (See above)
2018-12-25T12:02:39.628566644Z 66 PC: 12c1f | Move file pointer (See above)
2018-12-25T12:02:39.63035433Z 63 PC: 12c2b | Read file or device (See above)
2018-12-25T12:02:39.636969631Z 66 PC: 12c34 | Move file pointer (See above)
2018-12-25T12:02:39.638930982Z 66 PC: 12c5b | Move file pointer (See above)
2018-12-25T12:02:39.640778473Z 64 PC: 12c67 | Write file or device (See above)
2018-12-25T12:02:39.643269519Z 66 PC: 12c70 | Move file pointer (See above)
2018-12-25T12:02:39.645982927Z 64 PC: 12c9d | Write file or device (See above)
2018-12-25T12:02:39.649316523Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:02:39.650931391Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:02:39.658273787Z 79 PC: 12ccc | Find next file (See above)
2018-12-25T12:02:39.661411916Z 42 PC: 12cd5 | Get date 0x12cd5: cmp cx, 0x7c9
0x12cd9: jge 0x12ce7
0x12cdb: cmp cx, 0x7c7
0x12cdf: jle 0x12cf0
0x12ce1: cmp dx, 0x914
0x12ce5: jle 0x12cf0
0x12ce7: mov ah, 9
0x12ce9: mov dx, 0x271
0x12cec: add dx, si
0x12cee: int 0x21
0x12cf0: mov bp, 0x100
0x12cf3: jmp bp
0x12cf5: pop ss
0x12cf6: adc bx, word ptr [bp + 0x52]
0x12cf9: push ax
0x12cfa: cmp ax, 0x101d
0x12cfd: add byte ptr [0x761d], dl
0x12d01: push dx
0x12d02: pop cx
0x12d03: pop ax
2018-12-25T12:02:39.663809927Z 9 PC: 12cf0 | Display string (Could not find end pointer)
2018-12-25T12:02:39.679553212Z 9 PC: 12a82 | Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ')
2018-12-25T12:02:39.687364533Z 76 PC: 12a86 | Terminate with return code (Return code = '36')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7787,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:02:38.75128235Z 78 PC: 12be7 | Find first file
2018-12-25T12:02:38.758154078Z 67 PC: 12bf5 | Get or set file attributes
2018-12-25T12:02:38.763722967Z 67 PC: 12bff | Get or set file attributes
2018-12-25T12:02:39.45200175Z 61 PC: 12c07 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:02:39.465361786Z 87 PC: 12c14 | Get or set file date and time
2018-12-25T12:02:39.466801274Z 66 PC: 12c1f | Move file pointer
2018-12-25T12:02:39.467950813Z 63 PC: 12c2b | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:02:39.472762765Z 66 PC: 12c34 | Move file pointer
2018-12-25T12:02:39.474120178Z 66 PC: 12c5b | Move file pointer
2018-12-25T12:02:39.475303893Z 64 PC: 12c67 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:02:39.47767312Z 66 PC: 12c70 | Move file pointer
2018-12-25T12:02:39.479579966Z 64 PC: 12c9d | Write file or device (Write 412 bytes on handle 5)
2018-12-25T12:02:39.485448078Z 87 PC: 12cc4 | Get or set file date and time
2018-12-25T12:02:39.487128243Z 62 PC: 12cc8 | Close file
2018-12-25T12:02:39.493059268Z 79 PC: 12ccc | Find next file
2018-12-25T12:02:39.495665208Z 67 PC: 12bf5 | Get or set file attributes (See above)
2018-12-25T12:02:39.501353544Z 67 PC: 12bff | Get or set file attributes (See above)
2018-12-25T12:02:39.508872327Z 61 PC: 12c07 | Open file (See above)
2018-12-25T12:02:39.513434507Z 87 PC: 12c14 | Get or set file date and time (See above)
2018-12-25T12:02:39.515985894Z 66 PC: 12c1f | Move file pointer (See above)
2018-12-25T12:02:39.517964428Z 63 PC: 12c2b | Read file or device (See above)
2018-12-25T12:02:39.524679708Z 66 PC: 12c34 | Move file pointer (See above)
2018-12-25T12:02:39.526764376Z 66 PC: 12c5b | Move file pointer (See above)
2018-12-25T12:02:39.528822263Z 64 PC: 12c67 | Write file or device (See above)
2018-12-25T12:02:39.531318162Z 66 PC: 12c70 | Move file pointer (See above)
2018-12-25T12:02:39.532984178Z 64 PC: 12c9d | Write file or device (See above)
2018-12-25T12:02:39.536678054Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:02:39.538050669Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:02:39.545603804Z 79 PC: 12ccc | Find next file (See above)
2018-12-25T12:02:39.54893281Z 67 PC: 12bf5 | Get or set file attributes (See above)
2018-12-25T12:02:39.555028551Z 67 PC: 12bff | Get or set file attributes (See above)
2018-12-25T12:02:39.564923751Z 61 PC: 12c07 | Open file (See above)
2018-12-25T12:02:39.571873767Z 87 PC: 12c14 | Get or set file date and time (See above)
2018-12-25T12:02:39.57345864Z 66 PC: 12c1f | Move file pointer (See above)
2018-12-25T12:02:39.575126854Z 63 PC: 12c2b | Read file or device (See above)
2018-12-25T12:02:39.582675231Z 66 PC: 12c34 | Move file pointer (See above)
2018-12-25T12:02:39.584380317Z 66 PC: 12c5b | Move file pointer (See above)
2018-12-25T12:02:39.586059509Z 64 PC: 12c67 | Write file or device (See above)
2018-12-25T12:02:39.589099903Z 66 PC: 12c70 | Move file pointer (See above)
2018-12-25T12:02:39.591085974Z 64 PC: 12c9d | Write file or device (See above)
2018-12-25T12:02:39.593730819Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:02:39.59586786Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:02:39.603780829Z 79 PC: 12ccc | Find next file (See above)
2018-12-25T12:02:39.606525137Z 67 PC: 12bf5 | Get or set file attributes (See above)
2018-12-25T12:02:39.618911119Z 67 PC: 12bff | Get or set file attributes (See above)
2018-12-25T12:02:39.628602414Z 61 PC: 12c07 | Open file (See above)
2018-12-25T12:02:39.635122993Z 87 PC: 12c14 | Get or set file date and time (See above)
2018-12-25T12:02:39.637119956Z 66 PC: 12c1f | Move file pointer (See above)
2018-12-25T12:02:39.638558275Z 63 PC: 12c2b | Read file or device (See above)
2018-12-25T12:02:39.646786212Z 66 PC: 12c34 | Move file pointer (See above)
2018-12-25T12:02:39.64892843Z 66 PC: 12c5b | Move file pointer (See above)
2018-12-25T12:02:39.650367401Z 64 PC: 12c67 | Write file or device (See above)
2018-12-25T12:02:39.653109586Z 66 PC: 12c70 | Move file pointer (See above)
2018-12-25T12:02:39.655661735Z 64 PC: 12c9d | Write file or device (See above)
2018-12-25T12:02:39.658567017Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:02:39.660422943Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:02:39.667837152Z 79 PC: 12ccc | Find next file (See above)
2018-12-25T12:02:39.670519873Z 67 PC: 12bf5 | Get or set file attributes (See above)
2018-12-25T12:02:39.676007376Z 67 PC: 12bff | Get or set file attributes (See above)
2018-12-25T12:02:39.685854543Z 61 PC: 12c07 | Open file (See above)
2018-12-25T12:02:39.692687207Z 87 PC: 12c14 | Get or set file date and time (See above)
2018-12-25T12:02:39.694408902Z 66 PC: 12c1f | Move file pointer (See above)
2018-12-25T12:02:39.696065562Z 63 PC: 12c2b | Read file or device (See above)
2018-12-25T12:02:39.703670013Z 66 PC: 12c34 | Move file pointer (See above)
2018-12-25T12:02:39.705376632Z 66 PC: 12c5b | Move file pointer (See above)
2018-12-25T12:02:39.707063617Z 64 PC: 12c67 | Write file or device (See above)
2018-12-25T12:02:39.71108045Z 66 PC: 12c70 | Move file pointer (See above)
2018-12-25T12:02:39.712840208Z 64 PC: 12c9d | Write file or device (See above)
2018-12-25T12:02:39.715813712Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:02:39.71866224Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:02:39.726118666Z 79 PC: 12ccc | Find next file (See above)
2018-12-25T12:02:39.728010391Z 67 PC: 12bf5 | Get or set file attributes (See above)
2018-12-25T12:02:39.741074531Z 67 PC: 12bff | Get or set file attributes (See above)
2018-12-25T12:02:39.751288666Z 61 PC: 12c07 | Open file (See above)
2018-12-25T12:02:39.757676969Z 87 PC: 12c14 | Get or set file date and time (See above)
2018-12-25T12:02:39.759626209Z 66 PC: 12c1f | Move file pointer (See above)
2018-12-25T12:02:39.760962457Z 63 PC: 12c2b | Read file or device (See above)
2018-12-25T12:02:39.767214162Z 66 PC: 12c34 | Move file pointer (See above)
2018-12-25T12:02:39.768708307Z 66 PC: 12c5b | Move file pointer (See above)
2018-12-25T12:02:39.774880743Z 64 PC: 12c67 | Write file or device (See above)
2018-12-25T12:02:39.776748989Z 66 PC: 12c70 | Move file pointer (See above)
2018-12-25T12:02:39.778403271Z 64 PC: 12c9d | Write file or device (See above)
2018-12-25T12:02:39.783996125Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:02:39.785134488Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:02:39.793109522Z 79 PC: 12ccc | Find next file (See above)
2018-12-25T12:02:39.795786764Z 67 PC: 12bf5 | Get or set file attributes (See above)
2018-12-25T12:02:39.801199088Z 67 PC: 12bff | Get or set file attributes (See above)
2018-12-25T12:02:39.811025271Z 61 PC: 12c07 | Open file (See above)
2018-12-25T12:02:39.82240923Z 87 PC: 12c14 | Get or set file date and time (See above)
2018-12-25T12:02:39.82363255Z 66 PC: 12c1f | Move file pointer (See above)
2018-12-25T12:02:39.825276078Z 63 PC: 12c2b | Read file or device (See above)
2018-12-25T12:02:39.831350692Z 66 PC: 12c34 | Move file pointer (See above)
2018-12-25T12:02:39.832557433Z 66 PC: 12c5b | Move file pointer (See above)
2018-12-25T12:02:39.834585758Z 64 PC: 12c67 | Write file or device (See above)
2018-12-25T12:02:39.836965171Z 66 PC: 12c70 | Move file pointer (See above)
2018-12-25T12:02:39.838194159Z 64 PC: 12c9d | Write file or device (See above)
2018-12-25T12:02:39.841070267Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:02:39.842336273Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:02:39.849296439Z 79 PC: 12ccc | Find next file (See above)
2018-12-25T12:02:39.852659663Z 42 PC: 12cd5 | Get date 0x12cd5: cmp cx, 0x7c9
0x12cd9: jge 0x12ce7
0x12cdb: cmp cx, 0x7c7
0x12cdf: jle 0x12cf0
0x12ce1: cmp dx, 0x914
0x12ce5: jle 0x12cf0
0x12ce7: mov ah, 9
0x12ce9: mov dx, 0x271
0x12cec: add dx, si
0x12cee: int 0x21
0x12cf0: mov bp, 0x100
0x12cf3: jmp bp
0x12cf5: pop ss
0x12cf6: adc bx, word ptr [bp + 0x52]
0x12cf9: push ax
0x12cfa: cmp ax, 0x101d
0x12cfd: add byte ptr [0x761d], dl
0x12d01: push dx
0x12d02: pop cx
0x12d03: pop ax
2018-12-25T12:02:39.854783123Z 9 PC: 12a82 | Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ')
2018-12-25T12:02:39.859875376Z 76 PC: 12a86 | Terminate with return code (Return code = '36')

{"DateBased":true,"Day":1,"Month":1,"Year":1993,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7787,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:02:39.034570721Z 78 PC: 12be7 | Find first file
2018-12-25T12:02:39.041907395Z 67 PC: 12bf5 | Get or set file attributes
2018-12-25T12:02:39.049066443Z 67 PC: 12bff | Get or set file attributes
2018-12-25T12:02:40.221609137Z 61 PC: 12c07 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:02:40.229131665Z 87 PC: 12c14 | Get or set file date and time
2018-12-25T12:02:40.231027989Z 66 PC: 12c1f | Move file pointer
2018-12-25T12:02:40.232503971Z 63 PC: 12c2b | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:02:40.239129273Z 66 PC: 12c34 | Move file pointer
2018-12-25T12:02:40.241154183Z 66 PC: 12c5b | Move file pointer
2018-12-25T12:02:40.242896562Z 64 PC: 12c67 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:02:40.245975628Z 66 PC: 12c70 | Move file pointer
2018-12-25T12:02:40.247969101Z 64 PC: 12c9d | Write file or device (Write 412 bytes on handle 5)
2018-12-25T12:02:40.276554991Z 87 PC: 12cc4 | Get or set file date and time
2018-12-25T12:02:40.278155643Z 62 PC: 12cc8 | Close file
2018-12-25T12:02:40.303493318Z 79 PC: 12ccc | Find next file
2018-12-25T12:02:40.306256238Z 67 PC: 12bf5 | Get or set file attributes (See above)
2018-12-25T12:02:40.31278115Z 67 PC: 12bff | Get or set file attributes (See above)
2018-12-25T12:02:40.355402187Z 61 PC: 12c07 | Open file (See above)
2018-12-25T12:02:40.363339674Z 87 PC: 12c14 | Get or set file date and time (See above)
2018-12-25T12:02:40.365378944Z 66 PC: 12c1f | Move file pointer (See above)
2018-12-25T12:02:40.367918573Z 63 PC: 12c2b | Read file or device (See above)
2018-12-25T12:02:40.376064247Z 66 PC: 12c34 | Move file pointer (See above)
2018-12-25T12:02:40.377502151Z 66 PC: 12c5b | Move file pointer (See above)
2018-12-25T12:02:40.380020487Z 64 PC: 12c67 | Write file or device (See above)
2018-12-25T12:02:40.38290588Z 66 PC: 12c70 | Move file pointer (See above)
2018-12-25T12:02:40.384598195Z 64 PC: 12c9d | Write file or device (See above)
2018-12-25T12:02:40.387791927Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:02:40.405574993Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:02:40.461849232Z 79 PC: 12ccc | Find next file (See above)
2018-12-25T12:02:40.464752415Z 67 PC: 12bf5 | Get or set file attributes (See above)
2018-12-25T12:02:40.471664813Z 67 PC: 12bff | Get or set file attributes (See above)
2018-12-25T12:02:40.522843928Z 61 PC: 12c07 | Open file (See above)
2018-12-25T12:02:40.529829599Z 87 PC: 12c14 | Get or set file date and time (See above)
2018-12-25T12:02:40.532069031Z 66 PC: 12c1f | Move file pointer (See above)
2018-12-25T12:02:40.533618886Z 63 PC: 12c2b | Read file or device (See above)
2018-12-25T12:02:40.540810942Z 66 PC: 12c34 | Move file pointer (See above)
2018-12-25T12:02:40.543120875Z 66 PC: 12c5b | Move file pointer (See above)
2018-12-25T12:02:40.544626062Z 64 PC: 12c67 | Write file or device (See above)
2018-12-25T12:02:40.547393928Z 66 PC: 12c70 | Move file pointer (See above)
2018-12-25T12:02:40.556187852Z 64 PC: 12c9d | Write file or device (See above)
2018-12-25T12:02:40.559190941Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:02:40.56059553Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:02:40.609199167Z 79 PC: 12ccc | Find next file (See above)
2018-12-25T12:02:40.612170799Z 67 PC: 12bf5 | Get or set file attributes (See above)
2018-12-25T12:02:40.618406605Z 67 PC: 12bff | Get or set file attributes (See above)
2018-12-25T12:02:40.654059055Z 61 PC: 12c07 | Open file (See above)
2018-12-25T12:02:40.664345772Z 87 PC: 12c14 | Get or set file date and time (See above)
2018-12-25T12:02:40.66596848Z 66 PC: 12c1f | Move file pointer (See above)
2018-12-25T12:02:40.66778258Z 63 PC: 12c2b | Read file or device (See above)
2018-12-25T12:02:40.674811049Z 66 PC: 12c34 | Move file pointer (See above)
2018-12-25T12:02:40.676348278Z 66 PC: 12c5b | Move file pointer (See above)
2018-12-25T12:02:40.677796769Z 64 PC: 12c67 | Write file or device (See above)
2018-12-25T12:02:40.681119879Z 66 PC: 12c70 | Move file pointer (See above)
2018-12-25T12:02:40.682587385Z 64 PC: 12c9d | Write file or device (See above)
2018-12-25T12:02:40.68539879Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:02:40.687602305Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:02:40.724592452Z 79 PC: 12ccc | Find next file (See above)
2018-12-25T12:02:40.72767523Z 67 PC: 12bf5 | Get or set file attributes (See above)
2018-12-25T12:02:40.734923025Z 67 PC: 12bff | Get or set file attributes (See above)
2018-12-25T12:02:40.782018051Z 61 PC: 12c07 | Open file (See above)
2018-12-25T12:02:40.789382844Z 87 PC: 12c14 | Get or set file date and time (See above)
2018-12-25T12:02:40.791953338Z 66 PC: 12c1f | Move file pointer (See above)
2018-12-25T12:02:40.793468032Z 63 PC: 12c2b | Read file or device (See above)
2018-12-25T12:02:40.80063303Z 66 PC: 12c34 | Move file pointer (See above)
2018-12-25T12:02:40.802657194Z 66 PC: 12c5b | Move file pointer (See above)
2018-12-25T12:02:40.804635937Z 64 PC: 12c67 | Write file or device (See above)
2018-12-25T12:02:40.807617389Z 66 PC: 12c70 | Move file pointer (See above)
2018-12-25T12:02:40.80925365Z 64 PC: 12c9d | Write file or device (See above)
2018-12-25T12:02:40.81286691Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:02:40.814516117Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:02:40.851329191Z 79 PC: 12ccc | Find next file (See above)
2018-12-25T12:02:40.854264965Z 67 PC: 12bf5 | Get or set file attributes (See above)
2018-12-25T12:02:40.860751841Z 67 PC: 12bff | Get or set file attributes (See above)
2018-12-25T12:02:40.935200771Z 61 PC: 12c07 | Open file (See above)
2018-12-25T12:02:40.944640348Z 87 PC: 12c14 | Get or set file date and time (See above)
2018-12-25T12:02:40.946645076Z 66 PC: 12c1f | Move file pointer (See above)
2018-12-25T12:02:40.948646138Z 63 PC: 12c2b | Read file or device (See above)
2018-12-25T12:02:40.956832593Z 66 PC: 12c34 | Move file pointer (See above)
2018-12-25T12:02:40.959128798Z 66 PC: 12c5b | Move file pointer (See above)
2018-12-25T12:02:40.961037471Z 64 PC: 12c67 | Write file or device (See above)
2018-12-25T12:02:40.964634362Z 66 PC: 12c70 | Move file pointer (See above)
2018-12-25T12:02:40.967587769Z 64 PC: 12c9d | Write file or device (See above)
2018-12-25T12:02:41.049874087Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:02:41.051603173Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:02:41.146590405Z 79 PC: 12ccc | Find next file (See above)
2018-12-25T12:02:41.149875884Z 67 PC: 12bf5 | Get or set file attributes (See above)
2018-12-25T12:02:41.156620338Z 67 PC: 12bff | Get or set file attributes (See above)
2018-12-25T12:02:41.200512443Z 61 PC: 12c07 | Open file (See above)
2018-12-25T12:02:41.208752703Z 87 PC: 12c14 | Get or set file date and time (See above)
2018-12-25T12:02:41.210832457Z 66 PC: 12c1f | Move file pointer (See above)
2018-12-25T12:02:41.213090899Z 63 PC: 12c2b | Read file or device (See above)
2018-12-25T12:02:41.220066307Z 66 PC: 12c34 | Move file pointer (See above)
2018-12-25T12:02:41.22158968Z 66 PC: 12c5b | Move file pointer (See above)
2018-12-25T12:02:41.223471556Z 64 PC: 12c67 | Write file or device (See above)
2018-12-25T12:02:41.226424031Z 66 PC: 12c70 | Move file pointer (See above)
2018-12-25T12:02:41.227909802Z 64 PC: 12c9d | Write file or device (See above)
2018-12-25T12:02:41.230952181Z 87 PC: 12cc4 | Get or set file date and time (See above)
2018-12-25T12:02:41.232787528Z 62 PC: 12cc8 | Close file (See above)
2018-12-25T12:02:41.240660714Z 79 PC: 12ccc | Find next file (See above)
2018-12-25T12:02:41.243111765Z 42 PC: 12cd5 | Get date 0x12cd5: cmp cx, 0x7c9
0x12cd9: jge 0x12ce7
0x12cdb: cmp cx, 0x7c7
0x12cdf: jle 0x12cf0
0x12ce1: cmp dx, 0x914
0x12ce5: jle 0x12cf0
0x12ce7: mov ah, 9
0x12ce9: mov dx, 0x271
0x12cec: add dx, si
0x12cee: int 0x21
0x12cf0: mov bp, 0x100
0x12cf3: jmp bp
0x12cf5: pop ss
0x12cf6: adc bx, word ptr [bp + 0x52]
0x12cf9: push ax
0x12cfa: cmp ax, 0x101d
0x12cfd: add byte ptr [0x761d], dl
0x12d01: push dx
0x12d02: pop cx
0x12d03: pop ax
2018-12-25T12:02:41.245448276Z 9 PC: 12cf0 | Display string (Could not find end pointer)
2018-12-25T12:02:41.263839031Z 9 PC: 12a82 | Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ')
2018-12-25T12:02:41.271442257Z 76 PC: 12a86 | Terminate with return code (Return code = '36')