{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8305,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:04:10.358209829Z | 64 | PC: 0 | Write file or device (Write 2 bytes on handle 1) |
| 2018-12-25T12:04:10.363984023Z | 41 | PC: 94fae | Parse filename |
| 2018-12-25T12:04:10.38288914Z | 41 | PC: 9502f | Parse filename |
| 2018-12-25T12:04:10.386379938Z | 41 | PC: 9504c | Parse filename |
| 2018-12-25T12:04:10.388724478Z | 26 | PC: 984f7 | Set disk transfer address |
| 2018-12-25T12:04:10.391569873Z | 71 | PC: 986f3 | Get current directory |
| 2018-12-25T12:04:10.395322263Z | 78 | PC: 986fe | Find first file |
| 2018-12-25T12:04:10.404579658Z | 71 | PC: 986f3 | Get current directory (See above) |
| 2018-12-25T12:04:10.408274364Z | 78 | PC: 986fe | Find first file (See above) |
| 2018-12-25T12:04:10.418315473Z | 64 | PC: 9a848 | Write file or device (Write 26 bytes on handle 2) |
| 2018-12-25T12:04:10.423307829Z | 37 | PC: 123c4 | Set interrupt vector (Interrupt = '34' AKA 'Random write') |
| 2018-12-25T12:04:10.425807985Z | 37 | PC: 123cb | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-25T12:04:10.427294489Z | 37 | PC: 123d2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-25T12:04:10.428711831Z | 62 | PC: 122ab | Close file |
| 2018-12-25T12:04:10.430730555Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:04:10.43308603Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:04:10.434798771Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:04:10.436302706Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:04:10.438424101Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:04:10.440257372Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:04:10.441646418Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:04:10.443764449Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:04:10.445255665Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:04:10.446912858Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:04:10.449196093Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:04:10.450893254Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:04:10.452567102Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:04:10.454811761Z | 62 | PC: 122ab | Close file (See above) |
| 2018-12-25T12:04:10.456703506Z | 99 | PC: 9a5d7 | Get DBCS lead byte table pointer |
| 2018-12-25T12:04:10.458231143Z | 56 | PC: 94df9 | Get or set country info |
| 2018-12-25T12:04:10.461713151Z | 64 | PC: 9a848 | Write file or device (See above) |
| 2018-12-25T12:04:10.466337043Z | 25 | PC: 94e62 | Get default drive |
| 2018-12-25T12:04:10.472043919Z | 71 | PC: 970dd | Get current directory |
| 2018-12-25T12:04:10.477446373Z | 64 | PC: 9a848 | Write file or device (See above) |
| 2018-12-25T12:04:10.480881698Z | 2 | PC: 970b2 | Character output (Char = '3e') |
| 2018-12-25T12:04:10.483392008Z | 93 | PC: 94f20 | File sharing functions |
| 2018-12-25T12:04:10.488931222Z | 93 | PC: 94f27 | File sharing functions |
| 2018-12-25T12:04:10.496075827Z | 10 | PC: 94f39 | Buffered keyboard input |
| 2018-12-25T12:04:25.405213654Z | 0 | PC: 0 | Program terminate (See above) |
| 2018-12-25T12:04:26.759796269Z | 0 | PC: 0 | Program terminate (See above) |
| 2018-12-25T12:04:26.862024126Z | 64 | PC: 9a848 | Write file or device (See above) |
| 2018-12-25T12:04:26.868824936Z | 41 | PC: 94fae | Parse filename (See above) |
| 2018-12-25T12:04:26.870520475Z | 41 | PC: 9502f | Parse filename (See above) |
| 2018-12-25T12:04:26.872066262Z | 41 | PC: 9504c | Parse filename (See above) |
| 2018-12-25T12:04:26.876144358Z | 26 | PC: 984f7 | Set disk transfer address (See above) |
| 2018-12-25T12:04:26.877823937Z | 71 | PC: 986f3 | Get current directory (See above) |
| 2018-12-25T12:04:26.888042556Z | 78 | PC: 986fe | Find first file (See above) |
| 2018-12-25T12:04:26.898073555Z | 71 | PC: 9856c | Get current directory |
| 2018-12-25T12:04:26.901471629Z | 73 | PC: 97c09 | Release memory |
| 2018-12-25T12:04:26.903183408Z | 75 | PC: 11821 | Execute program |
| 2018-12-25T12:04:26.917898136Z | 9 | PC: 12a47 | Display string (String= 'Hello, World! ') |
| 2018-12-25T12:04:26.92312283Z | 76 | PC: 12a4b | Terminate with return code (Return code = '36') |
{"DateBased":true,"Day":2,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8305,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:04:10.490719187Z | 78 | PC: 12a9b | Find first file |
| 2018-12-25T12:04:10.497963844Z | 61 | PC: 12ad3 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:04:10.504782219Z | 87 | PC: 12ad9 | Get or set file date and time |
| 2018-12-25T12:04:10.506488707Z | 63 | PC: 12aec | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:04:10.515548979Z | 66 | PC: 12b0b | Move file pointer |
| 2018-12-25T12:04:10.518022021Z | 64 | PC: 12b16 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:04:10.520573106Z | 66 | PC: 12b1f | Move file pointer |
| 2018-12-25T12:04:10.521889085Z | 64 | PC: 12b2a | Write file or device (Write 66 bytes on handle 5) |
| 2018-12-25T12:04:10.525654923Z | 64 | PC: 12b43 | Write file or device (Write 307 bytes on handle 5) |
| 2018-12-25T12:04:10.540373307Z | 87 | PC: 12b4a | Get or set file date and time |
| 2018-12-25T12:04:10.542330748Z | 62 | PC: 12b4e | Close file |
| 2018-12-25T12:04:10.551440623Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:10.55448678Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:10.561152125Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:10.563406946Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:10.569959173Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:10.571592937Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:10.574787857Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:10.5765918Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:10.581044672Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:10.584257056Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:10.586604989Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:10.594394808Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:10.596927794Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:10.604671309Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:10.606377371Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:10.612929693Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:10.616029321Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:10.618933447Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:10.620588452Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:10.624568557Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:10.639279411Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:10.641064467Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:10.862870039Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:10.865043515Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:10.86951447Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:10.87124745Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:10.876017268Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:10.877243062Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:10.879273261Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:10.88095702Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:10.883029154Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:10.885081446Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:10.886838024Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:10.918997714Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:10.920997994Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:10.928798549Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:10.929994878Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:10.93520863Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:10.937653511Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:10.939737432Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:10.940895244Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:10.943763232Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:10.945674264Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:10.947118614Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:10.952247136Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:10.954557148Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:10.959372169Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:10.960491812Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:10.965326806Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:10.966633584Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:10.968486587Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:10.970228571Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:10.97557352Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:10.977663776Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:10.979478502Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:10.98465057Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:10.986696731Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:10.992421724Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:10.99369672Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:10.9977407Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:11.000300844Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:11.002155413Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:11.003198547Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:11.005686422Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:11.007659442Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:11.00873335Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:11.019310476Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:11.030681375Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:11.03699108Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:11.039022115Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:11.041710349Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:11.050988916Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:11.058637649Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:11.074849846Z | 42 | PC: 12aa1 | Get date 0x12aa1: cmp al, 2 0x12aa3: je 0x12ab0 0x12aa5: cmp al, 4 0x12aa7: je 0x12ab0 0x12aa9: cmp al, 6 0x12aab: je 0x12ab0 0x12aad: jmp 0x12ac7 0x12ab0: mov ah, 9 0x12ab2: lea dx, word ptr [bp + 0x213] 0x12ab6: int 0x21 0x12ab8: mov ah, 0x2b 0x12aba: mov cx, 0x7d1 0x12abd: int 0x21 0x12abf: mov ah, 0x39 0x12ac1: lea dx, word ptr [bp + 0x26d] 0x12ac5: int 0x21 0x12ac7: push 0x100 0x12aca: ret 0x12acb: mov ax, 0x3d02 0x12ace: mov dx, 0x9e |
{"DateBased":true,"Day":3,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8305,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:04:10.624397415Z | 78 | PC: 12a9b | Find first file |
| 2018-12-25T12:04:10.631359058Z | 61 | PC: 12ad3 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:04:10.638805238Z | 87 | PC: 12ad9 | Get or set file date and time |
| 2018-12-25T12:04:10.64168691Z | 63 | PC: 12aec | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:04:10.650849316Z | 66 | PC: 12b0b | Move file pointer |
| 2018-12-25T12:04:10.652404059Z | 64 | PC: 12b16 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:04:10.655351226Z | 66 | PC: 12b1f | Move file pointer |
| 2018-12-25T12:04:10.657628983Z | 64 | PC: 12b2a | Write file or device (Write 66 bytes on handle 5) |
| 2018-12-25T12:04:10.660977712Z | 64 | PC: 12b43 | Write file or device (Write 307 bytes on handle 5) |
| 2018-12-25T12:04:10.919905236Z | 87 | PC: 12b4a | Get or set file date and time |
| 2018-12-25T12:04:10.922894253Z | 62 | PC: 12b4e | Close file |
| 2018-12-25T12:04:10.931572094Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:10.934184874Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:10.942626836Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:10.944623311Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:10.95092291Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:10.952710616Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:10.956192195Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:10.957553761Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:10.961341813Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:10.965328976Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:10.966802403Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:10.974045017Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:10.978162066Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:10.984720351Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:10.986192113Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:10.993881538Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:10.995944027Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:10.998886267Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:11.00675941Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:11.010022844Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:11.01282822Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:11.015041677Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:11.022725047Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:11.025683507Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:11.033179875Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:11.035083639Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:11.042660614Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:11.044889669Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:11.047642009Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:11.04924673Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:11.052948985Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:11.05645657Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:11.058205239Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:11.066535875Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:11.06957282Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:11.076312812Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:11.078228323Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:11.085709158Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:11.087394301Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:11.090311588Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:11.092850952Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:11.096115282Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:11.099189129Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:11.101698234Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:11.109116415Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:11.112660625Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:11.120404977Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:11.122065019Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:11.128990347Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:11.131649725Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:11.134506739Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:11.136112703Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:11.145424218Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:11.148297947Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:11.149995443Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:11.158567371Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:11.161712409Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:11.168421296Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:11.170847747Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:11.177349108Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:11.179669887Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:11.183249485Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:11.185132889Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:11.188155779Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:11.191205976Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:11.193776179Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:11.201317826Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:11.204100048Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:11.212198652Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:11.213801333Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:11.216572632Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:11.219344258Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:11.226495411Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:11.229065092Z | 42 | PC: 12aa1 | Get date 0x12aa1: cmp al, 2 0x12aa3: je 0x12ab0 0x12aa5: cmp al, 4 0x12aa7: je 0x12ab0 0x12aa9: cmp al, 6 0x12aab: je 0x12ab0 0x12aad: jmp 0x12ac7 0x12ab0: mov ah, 9 0x12ab2: lea dx, word ptr [bp + 0x213] 0x12ab6: int 0x21 0x12ab8: mov ah, 0x2b 0x12aba: mov cx, 0x7d1 0x12abd: int 0x21 0x12abf: mov ah, 0x39 0x12ac1: lea dx, word ptr [bp + 0x26d] 0x12ac5: int 0x21 0x12ac7: push 0x100 0x12aca: ret 0x12acb: mov ax, 0x3d02 0x12ace: mov dx, 0x9e |
| 2018-12-25T12:04:11.232446294Z | 9 | PC: 12ab8 | Display string (String= 'Are we having fun yet? � The Anti-Sea-AV virus, (C) Opic [codebreakers 1998] ') |
| 2018-12-25T12:04:11.2403878Z | 43 | PC: 12abf | Set date |
| 2018-12-25T12:04:11.243791725Z | 57 | PC: 12ac7 | Create subdirectory |
{"DateBased":true,"Day":5,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8305,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:04:10.702641651Z | 78 | PC: 12a9b | Find first file |
| 2018-12-25T12:04:10.70975089Z | 61 | PC: 12ad3 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:04:10.717523718Z | 87 | PC: 12ad9 | Get or set file date and time |
| 2018-12-25T12:04:10.71978454Z | 63 | PC: 12aec | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:04:10.727022418Z | 66 | PC: 12b0b | Move file pointer |
| 2018-12-25T12:04:10.72926911Z | 64 | PC: 12b16 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:04:10.732418778Z | 66 | PC: 12b1f | Move file pointer |
| 2018-12-25T12:04:10.734814036Z | 64 | PC: 12b2a | Write file or device (Write 66 bytes on handle 5) |
| 2018-12-25T12:04:10.739325716Z | 64 | PC: 12b43 | Write file or device (Write 307 bytes on handle 5) |
| 2018-12-25T12:04:10.758659496Z | 87 | PC: 12b4a | Get or set file date and time |
| 2018-12-25T12:04:10.760566834Z | 62 | PC: 12b4e | Close file |
| 2018-12-25T12:04:10.770275593Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:10.773925044Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:10.781840138Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:10.783960602Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:10.792742844Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:10.795679927Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:10.799584068Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:10.801486726Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:10.805014822Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:10.808632272Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:10.81067042Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:10.818684375Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:10.821553856Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:10.82894635Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:10.830360028Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:10.837200196Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:10.839491335Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:10.842316483Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:10.84374943Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:10.848205173Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:10.851394351Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:10.853365414Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:10.862326889Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:10.866253327Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:10.873703332Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:10.875818709Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:10.888433586Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:10.890155139Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:10.900327487Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:10.902222293Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:10.905841496Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:10.909469072Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:10.9118165Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:10.920633849Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:10.923954115Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:10.931669599Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:10.93346056Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:10.940777608Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:10.943474012Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:10.947234393Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:10.949084427Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:10.953310592Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:10.956414714Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:10.958590165Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:10.973587562Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:10.976692936Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:10.984009456Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:10.9866193Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:10.993597691Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:10.995488908Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:10.999665794Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:11.002390116Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:11.011563482Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:11.015133868Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:11.016543482Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:11.026609599Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:11.029182155Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:11.036580158Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:11.038058631Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:11.045609328Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:11.047459004Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:11.050329114Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:11.051762384Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:11.055377084Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:11.058239779Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:11.059854608Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:11.068346014Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:11.071162121Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:11.082030621Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:11.083989564Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:11.086867261Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:11.088516295Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:11.101153124Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:11.104045588Z | 42 | PC: 12aa1 | Get date 0x12aa1: cmp al, 2 0x12aa3: je 0x12ab0 0x12aa5: cmp al, 4 0x12aa7: je 0x12ab0 0x12aa9: cmp al, 6 0x12aab: je 0x12ab0 0x12aad: jmp 0x12ac7 0x12ab0: mov ah, 9 0x12ab2: lea dx, word ptr [bp + 0x213] 0x12ab6: int 0x21 0x12ab8: mov ah, 0x2b 0x12aba: mov cx, 0x7d1 0x12abd: int 0x21 0x12abf: mov ah, 0x39 0x12ac1: lea dx, word ptr [bp + 0x26d] 0x12ac5: int 0x21 0x12ac7: push 0x100 0x12aca: ret 0x12acb: mov ax, 0x3d02 0x12ace: mov dx, 0x9e |
| 2018-12-25T12:04:11.106348807Z | 9 | PC: 12ab8 | Display string (String= 'Are we having fun yet? � The Anti-Sea-AV virus, (C) Opic [codebreakers 1998] ') |
| 2018-12-25T12:04:11.115605641Z | 43 | PC: 12abf | Set date |
| 2018-12-25T12:04:11.118982083Z | 57 | PC: 12ac7 | Create subdirectory |
{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8305,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:04:12.665762424Z | 78 | PC: 12a9b | Find first file |
| 2018-12-25T12:04:12.672632325Z | 61 | PC: 12ad3 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:04:12.679694831Z | 87 | PC: 12ad9 | Get or set file date and time |
| 2018-12-25T12:04:12.681628008Z | 63 | PC: 12aec | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:04:12.689489826Z | 66 | PC: 12b0b | Move file pointer |
| 2018-12-25T12:04:12.693086413Z | 64 | PC: 12b16 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:04:12.696400006Z | 66 | PC: 12b1f | Move file pointer |
| 2018-12-25T12:04:12.698139136Z | 64 | PC: 12b2a | Write file or device (Write 66 bytes on handle 5) |
| 2018-12-25T12:04:12.703447592Z | 64 | PC: 12b43 | Write file or device (Write 307 bytes on handle 5) |
| 2018-12-25T12:04:12.719871691Z | 87 | PC: 12b4a | Get or set file date and time |
| 2018-12-25T12:04:12.721420352Z | 62 | PC: 12b4e | Close file |
| 2018-12-25T12:04:12.733435506Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:12.736157528Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:12.742623277Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:12.745171242Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:12.751497762Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:12.753087905Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:12.75697593Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:12.758667675Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:12.761659387Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:12.764735148Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:12.767236549Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:12.78393688Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:12.787464717Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:12.794456882Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:12.795818714Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:12.80201001Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:12.804116154Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:12.806711026Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:12.808086617Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:12.811620287Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:12.814475564Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:12.816168963Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:12.82471574Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:12.827567836Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:12.834145712Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:12.836932912Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:12.843296197Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:12.844821063Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:12.849260635Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:12.851260017Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:12.854295552Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:12.857352568Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:12.859872511Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:12.867438155Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:12.870303491Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:12.87810632Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:12.879833121Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:12.886412084Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:12.889012102Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:12.892335102Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:12.894032972Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:12.897923686Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:12.901067799Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:12.902617548Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:12.907769034Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:12.910184631Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:12.914432988Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:12.915787677Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:12.920639328Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:12.921776955Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:12.923775849Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:12.925395756Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:12.930728445Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:12.932608913Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:12.934452523Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:12.939425292Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:12.941296487Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:12.946089158Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:12.947965629Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:12.955784355Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:12.958460376Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:12.961217908Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:12.962866843Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:12.96678549Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:12.969607265Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:12.971337423Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:12.979387519Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:12.982705501Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:12.989202676Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:12.991980961Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:12.995950308Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:12.997782323Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:13.00547138Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:13.008307607Z | 42 | PC: 12aa1 | Get date 0x12aa1: cmp al, 2 0x12aa3: je 0x12ab0 0x12aa5: cmp al, 4 0x12aa7: je 0x12ab0 0x12aa9: cmp al, 6 0x12aab: je 0x12ab0 0x12aad: jmp 0x12ac7 0x12ab0: mov ah, 9 0x12ab2: lea dx, word ptr [bp + 0x213] 0x12ab6: int 0x21 0x12ab8: mov ah, 0x2b 0x12aba: mov cx, 0x7d1 0x12abd: int 0x21 0x12abf: mov ah, 0x39 0x12ac1: lea dx, word ptr [bp + 0x26d] 0x12ac5: int 0x21 0x12ac7: push 0x100 0x12aca: ret 0x12acb: mov ax, 0x3d02 0x12ace: mov dx, 0x9e |
| 2018-12-25T12:04:13.010615552Z | 9 | PC: 12ab8 | Display string (String= 'Are we having fun yet? � The Anti-Sea-AV virus, (C) Opic [codebreakers 1998] ') |
| 2018-12-25T12:04:13.018803909Z | 43 | PC: 12abf | Set date |
| 2018-12-25T12:04:13.022440842Z | 57 | PC: 12ac7 | Create subdirectory |
{"DateBased":true,"Day":2,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8305,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:04:12.681104844Z | 78 | PC: 12a9b | Find first file |
| 2018-12-25T12:04:12.687911563Z | 61 | PC: 12ad3 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:04:12.694618055Z | 87 | PC: 12ad9 | Get or set file date and time |
| 2018-12-25T12:04:12.703038244Z | 63 | PC: 12aec | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:04:12.710494947Z | 66 | PC: 12b0b | Move file pointer |
| 2018-12-25T12:04:12.712131951Z | 64 | PC: 12b16 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:04:12.71468758Z | 66 | PC: 12b1f | Move file pointer |
| 2018-12-25T12:04:12.716371724Z | 64 | PC: 12b2a | Write file or device (Write 66 bytes on handle 5) |
| 2018-12-25T12:04:12.719704511Z | 64 | PC: 12b43 | Write file or device (Write 307 bytes on handle 5) |
| 2018-12-25T12:04:12.733013652Z | 87 | PC: 12b4a | Get or set file date and time |
| 2018-12-25T12:04:12.734688558Z | 62 | PC: 12b4e | Close file |
| 2018-12-25T12:04:12.749094371Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:12.752037094Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:12.75845621Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:12.760377253Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:12.767029266Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:12.768536467Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:12.772652795Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:12.774261745Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:12.77701494Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:12.780529549Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:12.78207502Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:12.790177704Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:12.7983116Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:12.802734711Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:12.803878637Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:12.808599929Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:12.809759063Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:12.811782424Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:12.813238252Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:12.815312899Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:12.817140394Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:12.818494383Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:12.825089774Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:12.827721565Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:12.832878859Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:12.847772984Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:12.85436832Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:12.856685263Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:12.860436852Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:12.867674748Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:12.870618848Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:12.874242978Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:12.876227562Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:12.888997343Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:12.893479881Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:12.900951091Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:12.903046594Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:12.911225985Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:12.913359893Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:12.916428305Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:12.918945188Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:12.921947583Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:12.924554399Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:12.927952953Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:12.936239433Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:12.939381763Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:12.946939415Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:12.949095019Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:12.9556798Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:12.957788312Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:12.961247443Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:12.962917905Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:12.97206086Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:12.974667088Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:12.977264031Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:12.986899261Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:12.989477241Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:12.996806025Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:12.99905616Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:13.008093551Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:13.009858115Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:13.012765529Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:13.015036602Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:13.018027841Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:13.021275154Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:13.023736902Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:13.031802053Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:13.034529291Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:13.04196495Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:13.043425355Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:13.046211194Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:13.049142372Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:13.056737892Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:13.059377376Z | 42 | PC: 12aa1 | Get date 0x12aa1: cmp al, 2 0x12aa3: je 0x12ab0 0x12aa5: cmp al, 4 0x12aa7: je 0x12ab0 0x12aa9: cmp al, 6 0x12aab: je 0x12ab0 0x12aad: jmp 0x12ac7 0x12ab0: mov ah, 9 0x12ab2: lea dx, word ptr [bp + 0x213] 0x12ab6: int 0x21 0x12ab8: mov ah, 0x2b 0x12aba: mov cx, 0x7d1 0x12abd: int 0x21 0x12abf: mov ah, 0x39 0x12ac1: lea dx, word ptr [bp + 0x26d] 0x12ac5: int 0x21 0x12ac7: push 0x100 0x12aca: ret 0x12acb: mov ax, 0x3d02 0x12ace: mov dx, 0x9e |
{"DateBased":true,"Day":3,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8305,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:04:13.193525973Z | 78 | PC: 12a9b | Find first file |
| 2018-12-25T12:04:13.211915871Z | 61 | PC: 12ad3 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:04:13.219607096Z | 87 | PC: 12ad9 | Get or set file date and time |
| 2018-12-25T12:04:13.221465503Z | 63 | PC: 12aec | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:04:13.23127583Z | 66 | PC: 12b0b | Move file pointer |
| 2018-12-25T12:04:13.247754456Z | 64 | PC: 12b16 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:04:13.250466643Z | 66 | PC: 12b1f | Move file pointer |
| 2018-12-25T12:04:13.258976472Z | 64 | PC: 12b2a | Write file or device (Write 66 bytes on handle 5) |
| 2018-12-25T12:04:13.262499429Z | 64 | PC: 12b43 | Write file or device (Write 307 bytes on handle 5) |
| 2018-12-25T12:04:13.281889292Z | 87 | PC: 12b4a | Get or set file date and time |
| 2018-12-25T12:04:13.284067594Z | 62 | PC: 12b4e | Close file |
| 2018-12-25T12:04:13.293687562Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:13.296572319Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:13.303170168Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:13.315136801Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:13.321698225Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:13.323349682Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:13.327244121Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:13.329577563Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:13.333295553Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:13.336701805Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:13.338981785Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:13.359117401Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:13.362917802Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:13.370464878Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:13.379096659Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:13.387563426Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:13.389243201Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:13.392128127Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:13.394339284Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:13.397605961Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:13.400544646Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:13.403402596Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:13.426888979Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:13.429843167Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:13.438667765Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:13.440476307Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:13.447221418Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:13.449626489Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:13.452693951Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:13.454502448Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:13.458604898Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:13.461719469Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:13.463519957Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:13.4714176Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:13.474668403Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:13.481407135Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:13.483159611Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:13.490378531Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:13.492073831Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:13.495038488Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:13.497852458Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:13.500997171Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:13.504014692Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:13.506704016Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:13.514934844Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:13.517919228Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:13.525415815Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:13.527178653Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:13.533626644Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:13.536101874Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:13.539299151Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:13.540957502Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:13.550085348Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:13.553319122Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:13.555085824Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:13.563076019Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:13.566798348Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:13.573478402Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:13.575195926Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:13.583152947Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:13.584795583Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:13.587701445Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:13.590449052Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:13.593389957Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:13.596324987Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:13.599138915Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:13.606752609Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:13.60963815Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:13.61719734Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:13.619241451Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:13.622056367Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:13.624634772Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:13.632157607Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:13.634797262Z | 42 | PC: 12aa1 | Get date 0x12aa1: cmp al, 2 0x12aa3: je 0x12ab0 0x12aa5: cmp al, 4 0x12aa7: je 0x12ab0 0x12aa9: cmp al, 6 0x12aab: je 0x12ab0 0x12aad: jmp 0x12ac7 0x12ab0: mov ah, 9 0x12ab2: lea dx, word ptr [bp + 0x213] 0x12ab6: int 0x21 0x12ab8: mov ah, 0x2b 0x12aba: mov cx, 0x7d1 0x12abd: int 0x21 0x12abf: mov ah, 0x39 0x12ac1: lea dx, word ptr [bp + 0x26d] 0x12ac5: int 0x21 0x12ac7: push 0x100 0x12aca: ret 0x12acb: mov ax, 0x3d02 0x12ace: mov dx, 0x9e |
| 2018-12-25T12:04:13.637997665Z | 9 | PC: 12ab8 | Display string (String= 'Are we having fun yet? � The Anti-Sea-AV virus, (C) Opic [codebreakers 1998] ') |
| 2018-12-25T12:04:13.646281592Z | 43 | PC: 12abf | Set date |
| 2018-12-25T12:04:13.650425554Z | 57 | PC: 12ac7 | Create subdirectory |
{"DateBased":true,"Day":5,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8305,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:04:14.968537252Z | 78 | PC: 12a9b | Find first file |
| 2018-12-25T12:04:14.975746779Z | 61 | PC: 12ad3 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-25T12:04:14.983244891Z | 87 | PC: 12ad9 | Get or set file date and time |
| 2018-12-25T12:04:14.98512048Z | 63 | PC: 12aec | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-25T12:04:14.992769804Z | 66 | PC: 12b0b | Move file pointer |
| 2018-12-25T12:04:14.994772598Z | 64 | PC: 12b16 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-25T12:04:14.997548969Z | 66 | PC: 12b1f | Move file pointer |
| 2018-12-25T12:04:14.999007373Z | 64 | PC: 12b2a | Write file or device (Write 66 bytes on handle 5) |
| 2018-12-25T12:04:15.003014346Z | 64 | PC: 12b43 | Write file or device (Write 307 bytes on handle 5) |
| 2018-12-25T12:04:15.652841852Z | 87 | PC: 12b4a | Get or set file date and time |
| 2018-12-25T12:04:15.654685801Z | 62 | PC: 12b4e | Close file |
| 2018-12-25T12:04:15.881464551Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:15.884397347Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:15.892130124Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:15.89475943Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:15.901651107Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:15.904135873Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:15.909726893Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:15.911487559Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:15.915170252Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:15.918632901Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:15.920011258Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:16.10934506Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:16.111681735Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:16.13110766Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:16.132230122Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:16.137248053Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:16.138459176Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:16.140338939Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:16.157238272Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:16.161037392Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:16.16407312Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:16.166008309Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:16.188772771Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:16.191256335Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:16.197618524Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:16.199236985Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:16.205115628Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:16.206525032Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:16.209368936Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:16.210801402Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:16.213808186Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:16.217270972Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:16.218989988Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:16.249125855Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:16.254187694Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:16.263457799Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:16.265241899Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:16.26992619Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:16.271295558Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:16.273953651Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:16.275629154Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:16.277816654Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:16.280246463Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:16.281909727Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:16.310701661Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:16.313519343Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:16.318828662Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:16.320750069Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:16.324984816Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:16.326740981Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:16.328783919Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:16.329986536Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:16.35755297Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:16.360501269Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:16.362261578Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:16.418728386Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:16.421418026Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:16.428148304Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:16.431094584Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:16.437484634Z | 66 | PC: 12b0b | Move file pointer (See above) |
| 2018-12-25T12:04:16.438950194Z | 64 | PC: 12b16 | Write file or device (See above) |
| 2018-12-25T12:04:16.443046723Z | 66 | PC: 12b1f | Move file pointer (See above) |
| 2018-12-25T12:04:16.444476171Z | 64 | PC: 12b2a | Write file or device (See above) |
| 2018-12-25T12:04:16.447508919Z | 64 | PC: 12b43 | Write file or device (See above) |
| 2018-12-25T12:04:16.451460065Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:16.453243396Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:16.488132049Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:16.493953629Z | 61 | PC: 12ad3 | Open file (See above) |
| 2018-12-25T12:04:16.502011866Z | 87 | PC: 12ad9 | Get or set file date and time (See above) |
| 2018-12-25T12:04:16.503433088Z | 63 | PC: 12aec | Read file or device (See above) |
| 2018-12-25T12:04:16.507290204Z | 87 | PC: 12b4a | Get or set file date and time (See above) |
| 2018-12-25T12:04:16.509502549Z | 62 | PC: 12b4e | Close file (See above) |
| 2018-12-25T12:04:16.553846954Z | 79 | PC: 12a9b | Find next file (See above) |
| 2018-12-25T12:04:16.556932604Z | 42 | PC: 12aa1 | Get date 0x12aa1: cmp al, 2 0x12aa3: je 0x12ab0 0x12aa5: cmp al, 4 0x12aa7: je 0x12ab0 0x12aa9: cmp al, 6 0x12aab: je 0x12ab0 0x12aad: jmp 0x12ac7 0x12ab0: mov ah, 9 0x12ab2: lea dx, word ptr [bp + 0x213] 0x12ab6: int 0x21 0x12ab8: mov ah, 0x2b 0x12aba: mov cx, 0x7d1 0x12abd: int 0x21 0x12abf: mov ah, 0x39 0x12ac1: lea dx, word ptr [bp + 0x26d] 0x12ac5: int 0x21 0x12ac7: push 0x100 0x12aca: ret 0x12acb: mov ax, 0x3d02 0x12ace: mov dx, 0x9e |
| 2018-12-25T12:04:16.559956361Z | 9 | PC: 12ab8 | Display string (String= 'Are we having fun yet? � The Anti-Sea-AV virus, (C) Opic [codebreakers 1998] ') |
| 2018-12-25T12:04:16.568612579Z | 43 | PC: 12abf | Set date |
| 2018-12-25T12:04:16.572624314Z | 57 | PC: 12ac7 | Create subdirectory |