Sample viewer

vx.netlux.org/Virus.DOS.Mephisto.1239

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T21:51:05.73232181Z	26	PC: 12bd8 \| Set disk transfer address
2018-12-17T21:51:05.734073259Z	67	PC: 12c8b \| Get or set file attributes
2018-12-17T21:51:05.74407284Z	61	PC: 12c93 \| Open file (Filename = 'c:\dos\doskey.com')
2018-12-17T21:51:05.750610013Z	67	PC: 12c8b \| Get or set file attributes
2018-12-17T21:51:06.08785305Z	61	PC: 12c93 \| Open file (Filename = 'c:\dos\edit.com')
2018-12-17T21:51:06.092540939Z	87	PC: 12c9b \| Get or set file date and time
2018-12-17T21:51:06.093678621Z	63	PC: 12ca8 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T21:51:06.099853957Z	66	PC: 12cb8 \| Move file pointer
2018-12-17T21:51:06.101845122Z	64	PC: 12ba2 \| Write file or device (Write 1239 bytes on handle 5)
2018-12-17T21:51:06.10949824Z	66	PC: 12cf6 \| Move file pointer
2018-12-17T21:51:06.111103324Z	64	PC: 12d01 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T21:51:06.117232985Z	87	PC: 12d08 \| Get or set file date and time
2018-12-17T21:51:06.118548924Z	62	PC: 12d0c \| Close file
2018-12-17T21:51:06.12441562Z	67	PC: 12c8b \| Get or set file attributes
2018-12-17T21:51:06.132848789Z	61	PC: 12c93 \| Open file (Filename = 'c:\winDOWs\win.com')
2018-12-17T21:51:06.139305042Z	87	PC: 12c9b \| Get or set file date and time
2018-12-17T21:51:06.141507613Z	63	PC: 12ca8 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T21:51:06.146871006Z	66	PC: 12cb8 \| Move file pointer
2018-12-17T21:51:06.148856362Z	64	PC: 12ba2 \| Write file or device (Write 1239 bytes on handle 5)
2018-12-17T21:51:06.159735304Z	66	PC: 12cf6 \| Move file pointer
2018-12-17T21:51:06.16104298Z	64	PC: 12d01 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T21:51:06.163637305Z	87	PC: 12d08 \| Get or set file date and time
2018-12-17T21:51:06.164957811Z	62	PC: 12d0c \| Close file
2018-12-17T21:51:06.172022653Z	78	PC: 12bf5 \| Find first file
2018-12-17T21:51:06.178343897Z	67	PC: 12c8b \| Get or set file attributes
2018-12-17T21:51:06.193528236Z	61	PC: 12c93 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T21:51:06.213747308Z	87	PC: 12c9b \| Get or set file date and time
2018-12-17T21:51:06.214966831Z	63	PC: 12ca8 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T21:51:06.221687448Z	66	PC: 12cb8 \| Move file pointer
2018-12-17T21:51:06.224311411Z	64	PC: 12ba2 \| Write file or device (Write 1239 bytes on handle 5)
2018-12-17T21:51:06.232820316Z	66	PC: 12cf6 \| Move file pointer
2018-12-17T21:51:06.233864857Z	64	PC: 12d01 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T21:51:06.239362979Z	87	PC: 12d08 \| Get or set file date and time
2018-12-17T21:51:06.240718502Z	62	PC: 12d0c \| Close file
2018-12-17T21:51:06.248151505Z	79	PC: 12bf5 \| Find next file
2018-12-17T21:51:06.250952417Z	67	PC: 12c8b \| Get or set file attributes
2018-12-17T21:51:06.260475883Z	61	PC: 12c93 \| Open file (Filename = 'PRINT.COM')
2018-12-17T21:51:06.267356056Z	87	PC: 12c9b \| Get or set file date and time
2018-12-17T21:51:06.269454232Z	63	PC: 12ca8 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T21:51:06.275529353Z	66	PC: 12cb8 \| Move file pointer
2018-12-17T21:51:06.276743978Z	87	PC: 12d08 \| Get or set file date and time
2018-12-17T21:51:06.278669203Z	62	PC: 12d0c \| Close file
2018-12-17T21:51:06.285421878Z	79	PC: 12bf5 \| Find next file
2018-12-17T21:51:06.28781974Z	67	PC: 12c8b \| Get or set file attributes
2018-12-17T21:51:06.297329935Z	61	PC: 12c93 \| Open file (Filename = 'HELLO.COM')
2018-12-17T21:51:06.303693573Z	87	PC: 12c9b \| Get or set file date and time
2018-12-17T21:51:06.305024851Z	63	PC: 12ca8 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T21:51:06.312507115Z	66	PC: 12cb8 \| Move file pointer
2018-12-17T21:51:06.31389647Z	87	PC: 12d08 \| Get or set file date and time
2018-12-17T21:51:06.315265155Z	62	PC: 12d0c \| Close file
2018-12-17T21:51:06.322571206Z	79	PC: 12bf5 \| Find next file
2018-12-17T21:51:06.324619964Z	67	PC: 12c8b \| Get or set file attributes
2018-12-17T21:51:06.331668067Z	61	PC: 12c93 \| Open file (Filename = 'PHANG.COM')
2018-12-17T21:51:06.336395845Z	87	PC: 12c9b \| Get or set file date and time
2018-12-17T21:51:06.337578135Z	63	PC: 12ca8 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T21:51:06.34155769Z	66	PC: 12cb8 \| Move file pointer
2018-12-17T21:51:06.343514403Z	87	PC: 12d08 \| Get or set file date and time
2018-12-17T21:51:06.344677176Z	62	PC: 12d0c \| Close file
2018-12-17T21:51:06.349350055Z	79	PC: 12bf5 \| Find next file
2018-12-17T21:51:06.351478082Z	67	PC: 12c8b \| Get or set file attributes
2018-12-17T21:51:06.358545004Z	61	PC: 12c93 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T21:51:06.36502125Z	87	PC: 12c9b \| Get or set file date and time
2018-12-17T21:51:06.366923556Z	63	PC: 12ca8 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T21:51:06.373079498Z	66	PC: 12cb8 \| Move file pointer
2018-12-17T21:51:06.374341665Z	87	PC: 12d08 \| Get or set file date and time
2018-12-17T21:51:06.376259086Z	62	PC: 12d0c \| Close file
2018-12-17T21:51:06.385263267Z	79	PC: 12bf5 \| Find next file
2018-12-17T21:51:06.387637676Z	67	PC: 12c8b \| Get or set file attributes
2018-12-17T21:51:06.400425939Z	61	PC: 12c93 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T21:51:06.406765667Z	87	PC: 12c9b \| Get or set file date and time
2018-12-17T21:51:06.408028899Z	63	PC: 12ca8 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T21:51:06.414984671Z	66	PC: 12cb8 \| Move file pointer
2018-12-17T21:51:06.417016219Z	64	PC: 12ba2 \| Write file or device (Write 1239 bytes on handle 5)
2018-12-17T21:51:06.425922818Z	66	PC: 12cf6 \| Move file pointer
2018-12-17T21:51:06.427553856Z	64	PC: 12d01 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T21:51:06.434208364Z	87	PC: 12d08 \| Get or set file date and time
2018-12-17T21:51:06.43561823Z	62	PC: 12d0c \| Close file
2018-12-17T21:51:06.444933074Z	79	PC: 12bf5 \| Find next file
2018-12-17T21:51:06.447427314Z	67	PC: 12c8b \| Get or set file attributes
2018-12-17T21:51:06.457261157Z	61	PC: 12c93 \| Open file (Filename = 'PAH.COM')
2018-12-17T21:51:06.464172283Z	87	PC: 12c9b \| Get or set file date and time
2018-12-17T21:51:06.465813514Z	63	PC: 12ca8 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T21:51:06.471992223Z	66	PC: 12cb8 \| Move file pointer
2018-12-17T21:51:06.473846757Z	87	PC: 12d08 \| Get or set file date and time
2018-12-17T21:51:06.475230627Z	62	PC: 12d0c \| Close file
2018-12-17T21:51:06.482137383Z	79	PC: 12bf5 \| Find next file
2018-12-17T21:51:06.485160628Z	67	PC: 12c8b \| Get or set file attributes
2018-12-17T21:51:06.494807161Z	61	PC: 12c93 \| Open file (Filename = 'TEST.COM')
2018-12-17T21:51:06.501172178Z	87	PC: 12c9b \| Get or set file date and time
2018-12-17T21:51:06.502905537Z	63	PC: 12ca8 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T21:51:06.509613054Z	87	PC: 12d08 \| Get or set file date and time
2018-12-17T21:51:06.511043152Z	62	PC: 12d0c \| Close file
2018-12-17T21:51:06.523097778Z	79	PC: 12bf5 \| Find next file
2018-12-17T21:51:06.525477718Z	51	PC: 12c08 \| Get or set Ctrl-Break
2018-12-17T21:51:06.526265387Z	44	PC: 12c11 \| Get time 0x12c11: cmp dl, 1 0x12c14: ja 0x12c1e 0x12c16: cmp dh, 4 0x12c19: ja 0x12c1e 0x12c1b: call 0x12c26 0x12c1e: mov dx, 0x80 0x12c21: mov ah, 0x1a 0x12c23: int 0x21 0x12c25: ret 0x12c26: lea bx, word ptr [bp + 0x5d7] 0x12c2a: mov cx, 1 0x12c2d: mov dx, 0x80 0x12c30: mov ax, 0x201 0x12c33: int 0x13 0x12c35: jb 0x12c25 0x12c37: mov ax, 0x301 0x12c3a: mov dx, 0x80 0x12c3d: mov cx, 2 0x12c40: lea bx, word ptr [bp + 0x5d7] 0x12c44: int 0x13
2018-12-17T21:51:06.528834727Z	26	PC: 12c25 \| Set disk transfer address
2018-12-17T21:51:06.52985981Z	9	PC: 12a82 \| Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ')
2018-12-17T21:51:06.533813756Z	76	PC: 12a86 \| Terminate with return code (Return code = '36')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":83,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:39:51.409763844Z	26	PC: 12bd8 \| Set disk transfer address
2018-12-25T11:39:51.411471248Z	67	PC: 12c8b \| Get or set file attributes
2018-12-25T11:39:51.421687201Z	61	PC: 12c93 \| Open file (Filename = 'c:\dos\doskey.com')
2018-12-25T11:39:51.429080383Z	67	PC: 12c8b \| Get or set file attributes (See above)
2018-12-25T11:39:53.681156482Z	61	PC: 12c93 \| Open file (See above)
2018-12-25T11:39:53.696881588Z	87	PC: 12c9b \| Get or set file date and time
2018-12-25T11:39:53.698507584Z	63	PC: 12ca8 \| Read file or device (Read 4 bytes on handle 5)
2018-12-25T11:39:53.711616109Z	66	PC: 12cb8 \| Move file pointer
2018-12-25T11:39:53.718337598Z	64	PC: 12ba2 \| Write file or device (Write 1239 bytes on handle 5)
2018-12-25T11:39:53.750094501Z	66	PC: 12cf6 \| Move file pointer
2018-12-25T11:39:53.752561351Z	64	PC: 12d01 \| Write file or device (Write 4 bytes on handle 5)
2018-12-25T11:39:53.767800684Z	87	PC: 12d08 \| Get or set file date and time
2018-12-25T11:39:53.769624009Z	62	PC: 12d0c \| Close file
2018-12-25T11:39:53.776996595Z	67	PC: 12c8b \| Get or set file attributes (See above)
2018-12-25T11:39:53.790541427Z	61	PC: 12c93 \| Open file (See above)
2018-12-25T11:39:53.798644771Z	87	PC: 12c9b \| Get or set file date and time (See above)
2018-12-25T11:39:53.800542572Z	63	PC: 12ca8 \| Read file or device (See above)
2018-12-25T11:39:53.807775572Z	66	PC: 12cb8 \| Move file pointer (See above)
2018-12-25T11:39:53.811203199Z	64	PC: 12ba2 \| Write file or device (See above)
2018-12-25T11:39:53.8233937Z	66	PC: 12cf6 \| Move file pointer (See above)
2018-12-25T11:39:53.829164428Z	64	PC: 12d01 \| Write file or device (See above)
2018-12-25T11:39:53.837093257Z	87	PC: 12d08 \| Get or set file date and time (See above)
2018-12-25T11:39:53.838662918Z	62	PC: 12d0c \| Close file (See above)
2018-12-25T11:39:53.847152158Z	78	PC: 12bf5 \| Find first file
2018-12-25T11:39:53.855020534Z	67	PC: 12c8b \| Get or set file attributes (See above)
2018-12-25T11:39:53.875999819Z	61	PC: 12c93 \| Open file (See above)
2018-12-25T11:39:53.882478972Z	87	PC: 12c9b \| Get or set file date and time (See above)
2018-12-25T11:39:53.890622551Z	63	PC: 12ca8 \| Read file or device (See above)
2018-12-25T11:39:53.907063404Z	66	PC: 12cb8 \| Move file pointer (See above)
2018-12-25T11:39:53.911294948Z	64	PC: 12ba2 \| Write file or device (See above)
2018-12-25T11:39:53.91953753Z	66	PC: 12cf6 \| Move file pointer (See above)
2018-12-25T11:39:53.921456075Z	64	PC: 12d01 \| Write file or device (See above)
2018-12-25T11:39:53.928972905Z	87	PC: 12d08 \| Get or set file date and time (See above)
2018-12-25T11:39:53.932079338Z	62	PC: 12d0c \| Close file (See above)
2018-12-25T11:39:53.941064941Z	79	PC: 12bf5 \| Find next file (See above)
2018-12-25T11:39:53.944759093Z	67	PC: 12c8b \| Get or set file attributes (See above)
2018-12-25T11:39:53.956974074Z	61	PC: 12c93 \| Open file (See above)
2018-12-25T11:39:53.965654977Z	87	PC: 12c9b \| Get or set file date and time (See above)
2018-12-25T11:39:53.967699487Z	63	PC: 12ca8 \| Read file or device (See above)
2018-12-25T11:39:53.975523064Z	66	PC: 12cb8 \| Move file pointer (See above)
2018-12-25T11:39:53.977879998Z	87	PC: 12d08 \| Get or set file date and time (See above)
2018-12-25T11:39:53.979891674Z	62	PC: 12d0c \| Close file (See above)
2018-12-25T11:39:53.988089534Z	79	PC: 12bf5 \| Find next file (See above)
2018-12-25T11:39:53.992388791Z	67	PC: 12c8b \| Get or set file attributes (See above)
2018-12-25T11:39:54.005295855Z	61	PC: 12c93 \| Open file (See above)
2018-12-25T11:39:54.013333048Z	87	PC: 12c9b \| Get or set file date and time (See above)
2018-12-25T11:39:54.016056336Z	63	PC: 12ca8 \| Read file or device (See above)
2018-12-25T11:39:54.024414581Z	66	PC: 12cb8 \| Move file pointer (See above)
2018-12-25T11:39:54.026234523Z	87	PC: 12d08 \| Get or set file date and time (See above)
2018-12-25T11:39:54.028574484Z	62	PC: 12d0c \| Close file (See above)
2018-12-25T11:39:54.036702951Z	79	PC: 12bf5 \| Find next file (See above)
2018-12-25T11:39:54.039718564Z	67	PC: 12c8b \| Get or set file attributes (See above)
2018-12-25T11:39:54.057788843Z	61	PC: 12c93 \| Open file (See above)
2018-12-25T11:39:54.067037009Z	87	PC: 12c9b \| Get or set file date and time (See above)
2018-12-25T11:39:54.069012143Z	63	PC: 12ca8 \| Read file or device (See above)
2018-12-25T11:39:54.077495056Z	66	PC: 12cb8 \| Move file pointer (See above)
2018-12-25T11:39:54.079773006Z	87	PC: 12d08 \| Get or set file date and time (See above)
2018-12-25T11:39:54.081415336Z	62	PC: 12d0c \| Close file (See above)
2018-12-25T11:39:54.089606463Z	79	PC: 12bf5 \| Find next file (See above)
2018-12-25T11:39:54.092665929Z	67	PC: 12c8b \| Get or set file attributes (See above)
2018-12-25T11:39:54.103366398Z	61	PC: 12c93 \| Open file (See above)
2018-12-25T11:39:54.110668946Z	87	PC: 12c9b \| Get or set file date and time (See above)
2018-12-25T11:39:54.113414416Z	63	PC: 12ca8 \| Read file or device (See above)
2018-12-25T11:39:54.12029658Z	66	PC: 12cb8 \| Move file pointer (See above)
2018-12-25T11:39:54.12181226Z	87	PC: 12d08 \| Get or set file date and time (See above)
2018-12-25T11:39:54.123687892Z	62	PC: 12d0c \| Close file (See above)
2018-12-25T11:39:54.133695801Z	79	PC: 12bf5 \| Find next file (See above)
2018-12-25T11:39:54.136779737Z	67	PC: 12c8b \| Get or set file attributes (See above)
2018-12-25T11:39:54.14867567Z	61	PC: 12c93 \| Open file (See above)
2018-12-25T11:39:54.156958023Z	87	PC: 12c9b \| Get or set file date and time (See above)
2018-12-25T11:39:54.158794435Z	63	PC: 12ca8 \| Read file or device (See above)
2018-12-25T11:39:54.166391323Z	66	PC: 12cb8 \| Move file pointer (See above)
2018-12-25T11:39:54.16899378Z	64	PC: 12ba2 \| Write file or device (See above)
2018-12-25T11:39:54.179739425Z	66	PC: 12cf6 \| Move file pointer (See above)
2018-12-25T11:39:54.182397071Z	64	PC: 12d01 \| Write file or device (See above)
2018-12-25T11:39:54.19046399Z	87	PC: 12d08 \| Get or set file date and time (See above)
2018-12-25T11:39:54.192435498Z	62	PC: 12d0c \| Close file (See above)
2018-12-25T11:39:54.202102134Z	79	PC: 12bf5 \| Find next file (See above)
2018-12-25T11:39:54.205507387Z	67	PC: 12c8b \| Get or set file attributes (See above)
2018-12-25T11:39:54.21727375Z	61	PC: 12c93 \| Open file (See above)
2018-12-25T11:39:54.224768664Z	87	PC: 12c9b \| Get or set file date and time (See above)
2018-12-25T11:39:54.226863284Z	63	PC: 12ca8 \| Read file or device (See above)
2018-12-25T11:39:54.233939794Z	66	PC: 12cb8 \| Move file pointer (See above)
2018-12-25T11:39:54.235649333Z	87	PC: 12d08 \| Get or set file date and time (See above)
2018-12-25T11:39:54.238573808Z	62	PC: 12d0c \| Close file (See above)
2018-12-25T11:39:54.246480745Z	79	PC: 12bf5 \| Find next file (See above)
2018-12-25T11:39:54.249471841Z	67	PC: 12c8b \| Get or set file attributes (See above)
2018-12-25T11:39:54.260733785Z	61	PC: 12c93 \| Open file (See above)
2018-12-25T11:39:54.267952942Z	87	PC: 12c9b \| Get or set file date and time (See above)
2018-12-25T11:39:54.269636673Z	63	PC: 12ca8 \| Read file or device (See above)
2018-12-25T11:39:54.280297127Z	87	PC: 12d08 \| Get or set file date and time (See above)
2018-12-25T11:39:54.282050938Z	62	PC: 12d0c \| Close file (See above)
2018-12-25T11:39:54.290075174Z	79	PC: 12bf5 \| Find next file (See above)
2018-12-25T11:39:54.293235542Z	51	PC: 12c08 \| Get or set Ctrl-Break
2018-12-25T11:39:54.294188905Z	44	PC: 12c11 \| Get time 0x12c11: cmp dl, 1 0x12c14: ja 0x12c1e 0x12c16: cmp dh, 4 0x12c19: ja 0x12c1e 0x12c1b: call 0x12c26 0x12c1e: mov dx, 0x80 0x12c21: mov ah, 0x1a 0x12c23: int 0x21 0x12c25: ret 0x12c26: lea bx, word ptr [bp + 0x5d7] 0x12c2a: mov cx, 1 0x12c2d: mov dx, 0x80 0x12c30: mov ax, 0x201 0x12c33: int 0x13 0x12c35: jb 0x12c25 0x12c37: mov ax, 0x301 0x12c3a: mov dx, 0x80 0x12c3d: mov cx, 2 0x12c40: lea bx, word ptr [bp + 0x5d7] 0x12c44: int 0x13
2018-12-25T11:39:54.296484589Z	26	PC: 12c25 \| Set disk transfer address
2018-12-25T11:39:54.298169638Z	9	PC: 12a82 \| Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ')
2018-12-25T11:39:54.304222053Z	76	PC: 12a86 \| Terminate with return code (Return code = '36')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":5,"TimeBased":true,"OriginalID":83,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:39:51.611599073Z	26	PC: 12bd8 \| Set disk transfer address
2018-12-25T11:39:51.61313745Z	67	PC: 12c8b \| Get or set file attributes
2018-12-25T11:39:51.623328478Z	61	PC: 12c93 \| Open file (Filename = 'c:\dos\doskey.com')
2018-12-25T11:39:51.630717916Z	67	PC: 12c8b \| Get or set file attributes (See above)
2018-12-25T11:39:53.681863882Z	61	PC: 12c93 \| Open file (See above)
2018-12-25T11:39:53.699922569Z	87	PC: 12c9b \| Get or set file date and time
2018-12-25T11:39:53.706817558Z	63	PC: 12ca8 \| Read file or device (Read 4 bytes on handle 5)
2018-12-25T11:39:53.716386369Z	66	PC: 12cb8 \| Move file pointer
2018-12-25T11:39:53.7202787Z	64	PC: 12ba2 \| Write file or device (Write 1239 bytes on handle 5)
2018-12-25T11:39:53.729614714Z	66	PC: 12cf6 \| Move file pointer
2018-12-25T11:39:53.731619028Z	64	PC: 12d01 \| Write file or device (Write 4 bytes on handle 5)
2018-12-25T11:39:53.744482424Z	87	PC: 12d08 \| Get or set file date and time
2018-12-25T11:39:53.746220037Z	62	PC: 12d0c \| Close file
2018-12-25T11:39:53.753758633Z	67	PC: 12c8b \| Get or set file attributes (See above)
2018-12-25T11:39:53.766951319Z	61	PC: 12c93 \| Open file (See above)
2018-12-25T11:39:53.775632795Z	87	PC: 12c9b \| Get or set file date and time (See above)
2018-12-25T11:39:53.77765473Z	63	PC: 12ca8 \| Read file or device (See above)
2018-12-25T11:39:53.786095413Z	66	PC: 12cb8 \| Move file pointer (See above)
2018-12-25T11:39:53.789111504Z	64	PC: 12ba2 \| Write file or device (See above)
2018-12-25T11:39:53.801065684Z	66	PC: 12cf6 \| Move file pointer (See above)
2018-12-25T11:39:53.802995819Z	64	PC: 12d01 \| Write file or device (See above)
2018-12-25T11:39:53.80778548Z	87	PC: 12d08 \| Get or set file date and time (See above)
2018-12-25T11:39:53.809418541Z	62	PC: 12d0c \| Close file (See above)
2018-12-25T11:39:53.817456635Z	78	PC: 12bf5 \| Find first file
2018-12-25T11:39:53.827484533Z	67	PC: 12c8b \| Get or set file attributes (See above)
2018-12-25T11:39:53.846540787Z	61	PC: 12c93 \| Open file (See above)
2018-12-25T11:39:53.854500935Z	87	PC: 12c9b \| Get or set file date and time (See above)
2018-12-25T11:39:53.857332718Z	63	PC: 12ca8 \| Read file or device (See above)
2018-12-25T11:39:53.86499716Z	66	PC: 12cb8 \| Move file pointer (See above)
2018-12-25T11:39:53.867341704Z	64	PC: 12ba2 \| Write file or device (See above)
2018-12-25T11:39:53.87920869Z	66	PC: 12cf6 \| Move file pointer (See above)
2018-12-25T11:39:53.880712718Z	64	PC: 12d01 \| Write file or device (See above)
2018-12-25T11:39:53.886677822Z	87	PC: 12d08 \| Get or set file date and time (See above)
2018-12-25T11:39:53.889172951Z	62	PC: 12d0c \| Close file (See above)
2018-12-25T11:39:53.89959329Z	79	PC: 12bf5 \| Find next file (See above)
2018-12-25T11:39:53.902858247Z	67	PC: 12c8b \| Get or set file attributes (See above)
2018-12-25T11:39:53.91373972Z	61	PC: 12c93 \| Open file (See above)
2018-12-25T11:39:53.923438116Z	87	PC: 12c9b \| Get or set file date and time (See above)
2018-12-25T11:39:53.925440752Z	63	PC: 12ca8 \| Read file or device (See above)
2018-12-25T11:39:53.931793567Z	66	PC: 12cb8 \| Move file pointer (See above)
2018-12-25T11:39:53.934184096Z	87	PC: 12d08 \| Get or set file date and time (See above)
2018-12-25T11:39:53.936060493Z	62	PC: 12d0c \| Close file (See above)
2018-12-25T11:39:53.941642228Z	79	PC: 12bf5 \| Find next file (See above)
2018-12-25T11:39:53.944991332Z	67	PC: 12c8b \| Get or set file attributes (See above)
2018-12-25T11:39:53.952230606Z	61	PC: 12c93 \| Open file (See above)
2018-12-25T11:39:53.957360271Z	87	PC: 12c9b \| Get or set file date and time (See above)
2018-12-25T11:39:53.959212412Z	63	PC: 12ca8 \| Read file or device (See above)
2018-12-25T11:39:53.964630737Z	66	PC: 12cb8 \| Move file pointer (See above)
2018-12-25T11:39:53.965901991Z	87	PC: 12d08 \| Get or set file date and time (See above)
2018-12-25T11:39:53.968021117Z	62	PC: 12d0c \| Close file (See above)
2018-12-25T11:39:53.976319433Z	79	PC: 12bf5 \| Find next file (See above)
2018-12-25T11:39:53.979315307Z	67	PC: 12c8b \| Get or set file attributes (See above)
2018-12-25T11:39:53.994555488Z	61	PC: 12c93 \| Open file (See above)
2018-12-25T11:39:54.002505308Z	87	PC: 12c9b \| Get or set file date and time (See above)
2018-12-25T11:39:54.00437862Z	63	PC: 12ca8 \| Read file or device (See above)
2018-12-25T11:39:54.012863066Z	66	PC: 12cb8 \| Move file pointer (See above)
2018-12-25T11:39:54.015379613Z	87	PC: 12d08 \| Get or set file date and time (See above)
2018-12-25T11:39:54.017201103Z	62	PC: 12d0c \| Close file (See above)
2018-12-25T11:39:54.025437291Z	79	PC: 12bf5 \| Find next file (See above)
2018-12-25T11:39:54.029679323Z	67	PC: 12c8b \| Get or set file attributes (See above)
2018-12-25T11:39:54.041293504Z	61	PC: 12c93 \| Open file (See above)
2018-12-25T11:39:54.048815142Z	87	PC: 12c9b \| Get or set file date and time (See above)
2018-12-25T11:39:54.051104553Z	63	PC: 12ca8 \| Read file or device (See above)
2018-12-25T11:39:54.066548057Z	66	PC: 12cb8 \| Move file pointer (See above)
2018-12-25T11:39:54.068623789Z	87	PC: 12d08 \| Get or set file date and time (See above)
2018-12-25T11:39:54.071640772Z	62	PC: 12d0c \| Close file (See above)
2018-12-25T11:39:54.079929421Z	79	PC: 12bf5 \| Find next file (See above)
2018-12-25T11:39:54.100732641Z	67	PC: 12c8b \| Get or set file attributes (See above)
2018-12-25T11:39:54.11329968Z	61	PC: 12c93 \| Open file (See above)
2018-12-25T11:39:54.136990533Z	87	PC: 12c9b \| Get or set file date and time (See above)
2018-12-25T11:39:54.138974175Z	63	PC: 12ca8 \| Read file or device (See above)
2018-12-25T11:39:54.146802229Z	66	PC: 12cb8 \| Move file pointer (See above)
2018-12-25T11:39:54.150564951Z	64	PC: 12ba2 \| Write file or device (See above)
2018-12-25T11:39:54.161596233Z	66	PC: 12cf6 \| Move file pointer (See above)
2018-12-25T11:39:54.163629557Z	64	PC: 12d01 \| Write file or device (See above)
2018-12-25T11:39:54.17261893Z	87	PC: 12d08 \| Get or set file date and time (See above)
2018-12-25T11:39:54.174772418Z	62	PC: 12d0c \| Close file (See above)
2018-12-25T11:39:54.185007637Z	79	PC: 12bf5 \| Find next file (See above)
2018-12-25T11:39:54.18937483Z	67	PC: 12c8b \| Get or set file attributes (See above)
2018-12-25T11:39:54.201743389Z	61	PC: 12c93 \| Open file (See above)
2018-12-25T11:39:54.209631543Z	87	PC: 12c9b \| Get or set file date and time (See above)
2018-12-25T11:39:54.212571549Z	63	PC: 12ca8 \| Read file or device (See above)
2018-12-25T11:39:54.220577786Z	66	PC: 12cb8 \| Move file pointer (See above)
2018-12-25T11:39:54.222628434Z	87	PC: 12d08 \| Get or set file date and time (See above)
2018-12-25T11:39:54.225010704Z	62	PC: 12d0c \| Close file (See above)
2018-12-25T11:39:54.234946078Z	79	PC: 12bf5 \| Find next file (See above)
2018-12-25T11:39:54.23835476Z	67	PC: 12c8b \| Get or set file attributes (See above)
2018-12-25T11:39:54.250719687Z	61	PC: 12c93 \| Open file (See above)
2018-12-25T11:39:54.259826281Z	87	PC: 12c9b \| Get or set file date and time (See above)
2018-12-25T11:39:54.2619028Z	63	PC: 12ca8 \| Read file or device (See above)
2018-12-25T11:39:54.269561882Z	87	PC: 12d08 \| Get or set file date and time (See above)
2018-12-25T11:39:54.272637439Z	62	PC: 12d0c \| Close file (See above)
2018-12-25T11:39:54.281942867Z	79	PC: 12bf5 \| Find next file (See above)
2018-12-25T11:39:54.285104312Z	51	PC: 12c08 \| Get or set Ctrl-Break
2018-12-25T11:39:54.287403649Z	44	PC: 12c11 \| Get time 0x12c11: cmp dl, 1 0x12c14: ja 0x12c1e 0x12c16: cmp dh, 4 0x12c19: ja 0x12c1e 0x12c1b: call 0x12c26 0x12c1e: mov dx, 0x80 0x12c21: mov ah, 0x1a 0x12c23: int 0x21 0x12c25: ret 0x12c26: lea bx, word ptr [bp + 0x5d7] 0x12c2a: mov cx, 1 0x12c2d: mov dx, 0x80 0x12c30: mov ax, 0x201 0x12c33: int 0x13 0x12c35: jb 0x12c25 0x12c37: mov ax, 0x301 0x12c3a: mov dx, 0x80 0x12c3d: mov cx, 2 0x12c40: lea bx, word ptr [bp + 0x5d7] 0x12c44: int 0x13
2018-12-25T11:39:54.290566493Z	26	PC: 12c25 \| Set disk transfer address
2018-12-25T11:39:54.292235051Z	9	PC: 12a82 \| Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ')
2018-12-25T11:39:54.299009642Z	76	PC: 12a86 \| Terminate with return code (Return code = '36')