Sample viewer

vx.netlux.org/Virus.DOS.Mpoc.804

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:49:33.33810397Z 26 PC: 12a55 | Set disk transfer address
2018-12-17T22:49:33.340346362Z 78 PC: 12ac5 | Find first file
2018-12-17T22:49:33.347282091Z 67 PC: 12ad5 | Get or set file attributes
2018-12-17T22:49:33.377654106Z 61 PC: 12adf | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:49:33.38592748Z 63 PC: 12aec | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:49:33.393010884Z 63 PC: 12af7 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:49:33.395711255Z 63 PC: 12b02 | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:49:33.398898664Z 66 PC: 12b32 | Move file pointer
2018-12-17T22:49:33.401213336Z 64 PC: 12b3d | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:49:33.404577413Z 64 PC: 12b48 | Write file or device (Write 2 bytes on handle 5)
2018-12-17T22:49:33.407871043Z 66 PC: 12b51 | Move file pointer
2018-12-17T22:49:33.411687556Z 64 PC: 12b5c | Write file or device (Write 804 bytes on handle 5)
2018-12-17T22:49:33.422628477Z 87 PC: 12b6b | Get or set file date and time
2018-12-17T22:49:33.427950601Z 67 PC: 12b79 | Get or set file attributes
2018-12-17T22:49:33.439368053Z 79 PC: 12ac5 | Find next file
2018-12-17T22:49:33.446110917Z 67 PC: 12ad5 | Get or set file attributes
2018-12-17T22:49:33.45162238Z 61 PC: 12adf | Open file (Filename = 'PRINT.COM')
2018-12-17T22:49:33.459775474Z 63 PC: 12aec | Read file or device (Read 2 bytes on handle 6)
2018-12-17T22:49:33.46794106Z 63 PC: 12af7 | Read file or device (Read 1 bytes on handle 6)
2018-12-17T22:49:33.47089217Z 63 PC: 12b02 | Read file or device (Read 2 bytes on handle 6)
2018-12-17T22:49:33.474467268Z 66 PC: 12b32 | Move file pointer
2018-12-17T22:49:33.476847473Z 64 PC: 12b3d | Write file or device (Write 3 bytes on handle 6)
2018-12-17T22:49:33.479811392Z 64 PC: 12b48 | Write file or device (Write 2 bytes on handle 6)
2018-12-17T22:49:33.483802492Z 66 PC: 12b51 | Move file pointer
2018-12-17T22:49:33.48584931Z 64 PC: 12b5c | Write file or device (Write 804 bytes on handle 6)
2018-12-17T22:49:33.494657704Z 87 PC: 12b6b | Get or set file date and time
2018-12-17T22:49:33.496375028Z 67 PC: 12b79 | Get or set file attributes
2018-12-17T22:49:33.502467621Z 79 PC: 12ac5 | Find next file
2018-12-17T22:49:33.505744823Z 67 PC: 12ad5 | Get or set file attributes
2018-12-17T22:49:33.511324402Z 61 PC: 12adf | Open file (Filename = 'HELLO.COM')
2018-12-17T22:49:33.519362243Z 63 PC: 12aec | Read file or device (Read 2 bytes on handle 7)
2018-12-17T22:49:33.526879239Z 63 PC: 12af7 | Read file or device (Read 1 bytes on handle 7)
2018-12-17T22:49:33.530002468Z 63 PC: 12b02 | Read file or device (Read 2 bytes on handle 7)
2018-12-17T22:49:33.534320121Z 66 PC: 12b32 | Move file pointer
2018-12-17T22:49:33.53596667Z 64 PC: 12b3d | Write file or device (Write 3 bytes on handle 7)
2018-12-17T22:49:33.539352621Z 64 PC: 12b48 | Write file or device (Write 2 bytes on handle 7)
2018-12-17T22:49:33.543183529Z 66 PC: 12b51 | Move file pointer
2018-12-17T22:49:33.544974923Z 64 PC: 12b5c | Write file or device (Write 804 bytes on handle 7)
2018-12-17T22:49:33.554480412Z 87 PC: 12b6b | Get or set file date and time
2018-12-17T22:49:33.557002234Z 67 PC: 12b79 | Get or set file attributes
2018-12-17T22:49:33.562539773Z 79 PC: 12ac5 | Find next file
2018-12-17T22:49:33.565680934Z 67 PC: 12ad5 | Get or set file attributes
2018-12-17T22:49:33.569877119Z 61 PC: 12adf | Open file (Filename = 'PHANG.COM')
2018-12-17T22:49:33.575049927Z 63 PC: 12aec | Read file or device (Read 2 bytes on handle 8)
2018-12-17T22:49:33.581354011Z 63 PC: 12af7 | Read file or device (Read 1 bytes on handle 8)
2018-12-17T22:49:33.584691788Z 63 PC: 12b02 | Read file or device (Read 2 bytes on handle 8)
2018-12-17T22:49:33.587890151Z 66 PC: 12b32 | Move file pointer
2018-12-17T22:49:33.589618521Z 64 PC: 12b3d | Write file or device (Write 3 bytes on handle 8)
2018-12-17T22:49:33.592820203Z 64 PC: 12b48 | Write file or device (Write 2 bytes on handle 8)
2018-12-17T22:49:33.59855141Z 66 PC: 12b51 | Move file pointer
2018-12-17T22:49:33.600044275Z 64 PC: 12b5c | Write file or device (Write 804 bytes on handle 8)
2018-12-17T22:49:33.608641553Z 87 PC: 12b6b | Get or set file date and time
2018-12-17T22:49:33.610611985Z 67 PC: 12b79 | Get or set file attributes
2018-12-17T22:49:33.616828674Z 79 PC: 12ac5 | Find next file
2018-12-17T22:49:33.619702687Z 67 PC: 12ad5 | Get or set file attributes
2018-12-17T22:49:33.624957031Z 61 PC: 12adf | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:49:33.631945632Z 63 PC: 12aec | Read file or device (Read 2 bytes on handle 9)
2018-12-17T22:49:33.638830074Z 63 PC: 12af7 | Read file or device (Read 1 bytes on handle 9)
2018-12-17T22:49:33.641881739Z 63 PC: 12b02 | Read file or device (Read 2 bytes on handle 9)
2018-12-17T22:49:33.644685919Z 66 PC: 12b32 | Move file pointer
2018-12-17T22:49:33.646096585Z 64 PC: 12b3d | Write file or device (Write 3 bytes on handle 9)
2018-12-17T22:49:33.649662985Z 64 PC: 12b48 | Write file or device (Write 2 bytes on handle 9)
2018-12-17T22:49:33.652701456Z 66 PC: 12b51 | Move file pointer
2018-12-17T22:49:33.654253871Z 64 PC: 12b5c | Write file or device (Write 804 bytes on handle 9)
2018-12-17T22:49:33.663367172Z 87 PC: 12b6b | Get or set file date and time
2018-12-17T22:49:33.665699356Z 67 PC: 12b79 | Get or set file attributes
2018-12-17T22:49:33.670967515Z 79 PC: 12ac5 | Find next file
2018-12-17T22:49:33.674138885Z 67 PC: 12ad5 | Get or set file attributes
2018-12-17T22:49:33.679519023Z 61 PC: 12adf | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:49:33.687490068Z 63 PC: 12aec | Read file or device (Read 2 bytes on handle 10)
2018-12-17T22:49:33.694827497Z 63 PC: 12af7 | Read file or device (Read 1 bytes on handle 10)
2018-12-17T22:49:33.697495412Z 63 PC: 12b02 | Read file or device (Read 2 bytes on handle 10)
2018-12-17T22:49:33.699972337Z 66 PC: 12b32 | Move file pointer
2018-12-17T22:49:33.702602485Z 64 PC: 12b3d | Write file or device (Write 3 bytes on handle 10)
2018-12-17T22:49:33.705674965Z 64 PC: 12b48 | Write file or device (Write 2 bytes on handle 10)
2018-12-17T22:49:33.708649384Z 66 PC: 12b51 | Move file pointer
2018-12-17T22:49:33.710382614Z 64 PC: 12b5c | Write file or device (Write 804 bytes on handle 10)
2018-12-17T22:49:33.720118422Z 87 PC: 12b6b | Get or set file date and time
2018-12-17T22:49:33.721706843Z 67 PC: 12b79 | Get or set file attributes
2018-12-17T22:49:33.727057022Z 79 PC: 12ac5 | Find next file
2018-12-17T22:49:33.730314612Z 67 PC: 12ad5 | Get or set file attributes
2018-12-17T22:49:33.735488681Z 61 PC: 12adf | Open file (Filename = 'PAH.COM')
2018-12-17T22:49:33.742713436Z 63 PC: 12aec | Read file or device (Read 2 bytes on handle 11)
2018-12-17T22:49:33.7643257Z 63 PC: 12af7 | Read file or device (Read 1 bytes on handle 11)
2018-12-17T22:49:33.767492363Z 63 PC: 12b02 | Read file or device (Read 2 bytes on handle 11)
2018-12-17T22:49:33.770684857Z 66 PC: 12b32 | Move file pointer
2018-12-17T22:49:33.773770617Z 64 PC: 12b3d | Write file or device (Write 3 bytes on handle 11)
2018-12-17T22:49:33.776820244Z 64 PC: 12b48 | Write file or device (Write 2 bytes on handle 11)
2018-12-17T22:49:33.780093209Z 66 PC: 12b51 | Move file pointer
2018-12-17T22:49:33.782906291Z 64 PC: 12b5c | Write file or device (Write 804 bytes on handle 11)
2018-12-17T22:49:33.791785038Z 87 PC: 12b6b | Get or set file date and time
2018-12-17T22:49:33.793572915Z 67 PC: 12b79 | Get or set file attributes
2018-12-17T22:49:33.800176229Z 79 PC: 12ac5 | Find next file
2018-12-17T22:49:33.803999758Z 67 PC: 12ad5 | Get or set file attributes
2018-12-17T22:49:33.809403902Z 61 PC: 12adf | Open file (Filename = 'TEST.COM')
2018-12-17T22:49:33.817233519Z 63 PC: 12aec | Read file or device (Read 2 bytes on handle 12)
2018-12-17T22:49:33.821837509Z 63 PC: 12af7 | Read file or device (Read 1 bytes on handle 12)
2018-12-17T22:49:33.824942331Z 63 PC: 12b02 | Read file or device (Read 2 bytes on handle 12)
2018-12-17T22:49:33.827935883Z 79 PC: 12ac5 | Find next file
2018-12-17T22:49:33.831318254Z 42 PC: 12b86 | Get date 0x12b86: cmp dx, 0x603
0x12b8a: je 0x12b92
0x12b8c: nop
0x12b8d: nop
0x12b8e: nop
0x12b8f: jmp 0x12b9a
0x12b91: nop
0x12b92: mov ah, 9
0x12b94: lea dx, word ptr [bp + 0x25f]
0x12b98: int 0x21
0x12b9a: mov si, 0x100
0x12b9d: jmp si
0x12b9f: dec bp
0x12ba0: jae 0x12c16
0x12ba3: popaw
0x12ba4: and byte ptr gs:[edx + 0x65], dh
0x12ba9: arpl word ptr [bx + di + 0x65], bp
0x12bac: jbe 0x12c13
0x12bae: and byte ptr fs:[bp + 0x72], ah
0x12bb2: outsw dx, word ptr [si]

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9924,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:26:42.614116134Z 26 PC: 12a55 | Set disk transfer address
2018-12-25T12:26:42.616299545Z 78 PC: 12ac5 | Find first file
2018-12-25T12:26:42.624534415Z 67 PC: 12ad5 | Get or set file attributes
2018-12-25T12:26:42.644274259Z 61 PC: 12adf | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:26:42.653602323Z 63 PC: 12aec | Read file or device (Read 2 bytes on handle 5)
2018-12-25T12:26:42.663951847Z 63 PC: 12af7 | Read file or device (Read 1 bytes on handle 5)
2018-12-25T12:26:42.667423953Z 63 PC: 12b02 | Read file or device (Read 2 bytes on handle 5)
2018-12-25T12:26:42.670872259Z 66 PC: 12b32 | Move file pointer
2018-12-25T12:26:42.673664827Z 64 PC: 12b3d | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:26:42.677228187Z 64 PC: 12b48 | Write file or device (Write 2 bytes on handle 5)
2018-12-25T12:26:42.68079409Z 66 PC: 12b51 | Move file pointer
2018-12-25T12:26:42.683725014Z 64 PC: 12b5c | Write file or device (Write 804 bytes on handle 5)
2018-12-25T12:26:42.694437581Z 87 PC: 12b6b | Get or set file date and time
2018-12-25T12:26:42.696766738Z 67 PC: 12b79 | Get or set file attributes
2018-12-25T12:26:42.703364382Z 79 PC: 12ac5 | Find next file (See above)
2018-12-25T12:26:42.708296328Z 67 PC: 12ad5 | Get or set file attributes (See above)
2018-12-25T12:26:42.714030826Z 61 PC: 12adf | Open file (See above)
2018-12-25T12:26:42.722946181Z 63 PC: 12aec | Read file or device (See above)
2018-12-25T12:26:42.735018123Z 63 PC: 12af7 | Read file or device (See above)
2018-12-25T12:26:42.738057506Z 63 PC: 12b02 | Read file or device (See above)
2018-12-25T12:26:42.741055591Z 66 PC: 12b32 | Move file pointer (See above)
2018-12-25T12:26:42.743991362Z 64 PC: 12b3d | Write file or device (See above)
2018-12-25T12:26:42.747190594Z 64 PC: 12b48 | Write file or device (See above)
2018-12-25T12:26:42.754317511Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T12:26:42.756676937Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T12:26:42.7760758Z 87 PC: 12b6b | Get or set file date and time (See above)
2018-12-25T12:26:42.786928107Z 67 PC: 12b79 | Get or set file attributes (See above)
2018-12-25T12:26:42.793738707Z 79 PC: 12ac5 | Find next file (See above)
2018-12-25T12:26:42.797791302Z 67 PC: 12ad5 | Get or set file attributes (See above)
2018-12-25T12:26:42.803881192Z 61 PC: 12adf | Open file (See above)
2018-12-25T12:26:42.812033003Z 63 PC: 12aec | Read file or device (See above)
2018-12-25T12:26:42.820597355Z 63 PC: 12af7 | Read file or device (See above)
2018-12-25T12:26:42.823558584Z 63 PC: 12b02 | Read file or device (See above)
2018-12-25T12:26:42.826671444Z 66 PC: 12b32 | Move file pointer (See above)
2018-12-25T12:26:42.829624382Z 64 PC: 12b3d | Write file or device (See above)
2018-12-25T12:26:42.833195838Z 64 PC: 12b48 | Write file or device (See above)
2018-12-25T12:26:42.836858803Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T12:26:42.839754278Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T12:26:42.849583204Z 87 PC: 12b6b | Get or set file date and time (See above)
2018-12-25T12:26:42.85183973Z 67 PC: 12b79 | Get or set file attributes (See above)
2018-12-25T12:26:42.858907641Z 79 PC: 12ac5 | Find next file (See above)
2018-12-25T12:26:42.862681682Z 67 PC: 12ad5 | Get or set file attributes (See above)
2018-12-25T12:26:42.868424713Z 61 PC: 12adf | Open file (See above)
2018-12-25T12:26:42.876193101Z 63 PC: 12aec | Read file or device (See above)
2018-12-25T12:26:42.884411968Z 63 PC: 12af7 | Read file or device (See above)
2018-12-25T12:26:42.887689164Z 63 PC: 12b02 | Read file or device (See above)
2018-12-25T12:26:42.89089786Z 66 PC: 12b32 | Move file pointer (See above)
2018-12-25T12:26:42.894020153Z 64 PC: 12b3d | Write file or device (See above)
2018-12-25T12:26:42.897459221Z 64 PC: 12b48 | Write file or device (See above)
2018-12-25T12:26:42.900902077Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T12:26:42.904010485Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T12:26:42.913608376Z 87 PC: 12b6b | Get or set file date and time (See above)
2018-12-25T12:26:42.915865033Z 67 PC: 12b79 | Get or set file attributes (See above)
2018-12-25T12:26:42.922657478Z 79 PC: 12ac5 | Find next file (See above)
2018-12-25T12:26:42.927394074Z 67 PC: 12ad5 | Get or set file attributes (See above)
2018-12-25T12:26:42.933103758Z 61 PC: 12adf | Open file (See above)
2018-12-25T12:26:42.942008057Z 63 PC: 12aec | Read file or device (See above)
2018-12-25T12:26:42.950066869Z 63 PC: 12af7 | Read file or device (See above)
2018-12-25T12:26:42.953379235Z 63 PC: 12b02 | Read file or device (See above)
2018-12-25T12:26:42.956700142Z 66 PC: 12b32 | Move file pointer (See above)
2018-12-25T12:26:42.959933674Z 64 PC: 12b3d | Write file or device (See above)
2018-12-25T12:26:42.963762516Z 64 PC: 12b48 | Write file or device (See above)
2018-12-25T12:26:42.967461181Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T12:26:42.970993899Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T12:26:42.981366511Z 87 PC: 12b6b | Get or set file date and time (See above)
2018-12-25T12:26:42.983808807Z 67 PC: 12b79 | Get or set file attributes (See above)
2018-12-25T12:26:42.991439559Z 79 PC: 12ac5 | Find next file (See above)
2018-12-25T12:26:42.994923701Z 67 PC: 12ad5 | Get or set file attributes (See above)
2018-12-25T12:26:43.001478396Z 61 PC: 12adf | Open file (See above)
2018-12-25T12:26:43.011201014Z 63 PC: 12aec | Read file or device (See above)
2018-12-25T12:26:43.019082919Z 63 PC: 12af7 | Read file or device (See above)
2018-12-25T12:26:43.022506613Z 63 PC: 12b02 | Read file or device (See above)
2018-12-25T12:26:43.026156181Z 66 PC: 12b32 | Move file pointer (See above)
2018-12-25T12:26:43.028889067Z 64 PC: 12b3d | Write file or device (See above)
2018-12-25T12:26:43.039364849Z 64 PC: 12b48 | Write file or device (See above)
2018-12-25T12:26:43.042984882Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T12:26:43.045913186Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T12:26:43.056581935Z 87 PC: 12b6b | Get or set file date and time (See above)
2018-12-25T12:26:43.059019091Z 67 PC: 12b79 | Get or set file attributes (See above)
2018-12-25T12:26:43.066763512Z 79 PC: 12ac5 | Find next file (See above)
2018-12-25T12:26:43.070082087Z 67 PC: 12ad5 | Get or set file attributes (See above)
2018-12-25T12:26:43.075702021Z 61 PC: 12adf | Open file (See above)
2018-12-25T12:26:43.085220462Z 63 PC: 12aec | Read file or device (See above)
2018-12-25T12:26:43.093584396Z 63 PC: 12af7 | Read file or device (See above)
2018-12-25T12:26:43.097312752Z 63 PC: 12b02 | Read file or device (See above)
2018-12-25T12:26:43.101637946Z 66 PC: 12b32 | Move file pointer (See above)
2018-12-25T12:26:43.104280885Z 64 PC: 12b3d | Write file or device (See above)
2018-12-25T12:26:43.107907975Z 64 PC: 12b48 | Write file or device (See above)
2018-12-25T12:26:43.113383203Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T12:26:43.116074036Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T12:26:43.1256139Z 87 PC: 12b6b | Get or set file date and time (See above)
2018-12-25T12:26:43.128000484Z 67 PC: 12b79 | Get or set file attributes (See above)
2018-12-25T12:26:43.135333517Z 79 PC: 12ac5 | Find next file (See above)
2018-12-25T12:26:43.139790748Z 67 PC: 12ad5 | Get or set file attributes (See above)
2018-12-25T12:26:43.145724506Z 61 PC: 12adf | Open file (See above)
2018-12-25T12:26:43.154888175Z 63 PC: 12aec | Read file or device (See above)
2018-12-25T12:26:43.158389243Z 63 PC: 12af7 | Read file or device (See above)
2018-12-25T12:26:43.161669521Z 63 PC: 12b02 | Read file or device (See above)
2018-12-25T12:26:43.166187402Z 79 PC: 12ac5 | Find next file (See above)
2018-12-25T12:26:43.170251637Z 42 PC: 12b86 | Get date 0x12b86: cmp dx, 0x603
0x12b8a: je 0x12b92
0x12b8c: nop
0x12b8d: nop
0x12b8e: nop
0x12b8f: jmp 0x12b9a
0x12b91: nop
0x12b92: mov ah, 9
0x12b94: lea dx, word ptr [bp + 0x25f]
0x12b98: int 0x21
0x12b9a: mov si, 0x100
0x12b9d: jmp si
0x12b9f: dec bp
0x12ba0: jae 0x12c16
0x12ba3: popaw
0x12ba4: and byte ptr gs:[edx + 0x65], dh
0x12ba9: arpl word ptr [bx + di + 0x65], bp
0x12bac: jbe 0x12c13
0x12bae: and byte ptr fs:[bp + 0x72], ah
0x12bb2: outsw dx, word ptr [si]

{"DateBased":true,"Day":3,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9924,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:26:42.781990471Z 26 PC: 12a55 | Set disk transfer address
2018-12-25T12:26:42.78373278Z 78 PC: 12ac5 | Find first file
2018-12-25T12:26:42.791570553Z 67 PC: 12ad5 | Get or set file attributes
2018-12-25T12:26:42.811406814Z 61 PC: 12adf | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:26:42.828980056Z 63 PC: 12aec | Read file or device (Read 2 bytes on handle 5)
2018-12-25T12:26:42.843040762Z 63 PC: 12af7 | Read file or device (Read 1 bytes on handle 5)
2018-12-25T12:26:42.848815675Z 63 PC: 12b02 | Read file or device (Read 2 bytes on handle 5)
2018-12-25T12:26:42.854671344Z 66 PC: 12b32 | Move file pointer
2018-12-25T12:26:42.859604566Z 64 PC: 12b3d | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:26:42.863113557Z 64 PC: 12b48 | Write file or device (Write 2 bytes on handle 5)
2018-12-25T12:26:42.866249604Z 66 PC: 12b51 | Move file pointer
2018-12-25T12:26:42.874682387Z 64 PC: 12b5c | Write file or device (Write 804 bytes on handle 5)
2018-12-25T12:26:42.900082014Z 87 PC: 12b6b | Get or set file date and time
2018-12-25T12:26:42.902282921Z 67 PC: 12b79 | Get or set file attributes
2018-12-25T12:26:42.908386487Z 79 PC: 12ac5 | Find next file (See above)
2018-12-25T12:26:42.912440551Z 67 PC: 12ad5 | Get or set file attributes (See above)
2018-12-25T12:26:42.924832107Z 61 PC: 12adf | Open file (See above)
2018-12-25T12:26:42.933973669Z 63 PC: 12aec | Read file or device (See above)
2018-12-25T12:26:42.943280365Z 63 PC: 12af7 | Read file or device (See above)
2018-12-25T12:26:42.946659176Z 63 PC: 12b02 | Read file or device (See above)
2018-12-25T12:26:42.949790906Z 66 PC: 12b32 | Move file pointer (See above)
2018-12-25T12:26:42.952552287Z 64 PC: 12b3d | Write file or device (See above)
2018-12-25T12:26:42.955538415Z 64 PC: 12b48 | Write file or device (See above)
2018-12-25T12:26:42.958455605Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T12:26:42.9621321Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T12:26:42.971574424Z 87 PC: 12b6b | Get or set file date and time (See above)
2018-12-25T12:26:42.974021119Z 67 PC: 12b79 | Get or set file attributes (See above)
2018-12-25T12:26:42.980865392Z 79 PC: 12ac5 | Find next file (See above)
2018-12-25T12:26:42.98460005Z 67 PC: 12ad5 | Get or set file attributes (See above)
2018-12-25T12:26:43.009199082Z 61 PC: 12adf | Open file (See above)
2018-12-25T12:26:43.018640341Z 63 PC: 12aec | Read file or device (See above)
2018-12-25T12:26:43.026966622Z 63 PC: 12af7 | Read file or device (See above)
2018-12-25T12:26:43.030360562Z 63 PC: 12b02 | Read file or device (See above)
2018-12-25T12:26:43.033578378Z 66 PC: 12b32 | Move file pointer (See above)
2018-12-25T12:26:43.036462426Z 64 PC: 12b3d | Write file or device (See above)
2018-12-25T12:26:43.039772532Z 64 PC: 12b48 | Write file or device (See above)
2018-12-25T12:26:43.042957819Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T12:26:43.051973747Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T12:26:43.067845317Z 87 PC: 12b6b | Get or set file date and time (See above)
2018-12-25T12:26:43.07004529Z 67 PC: 12b79 | Get or set file attributes (See above)
2018-12-25T12:26:43.077279993Z 79 PC: 12ac5 | Find next file (See above)
2018-12-25T12:26:43.080809735Z 67 PC: 12ad5 | Get or set file attributes (See above)
2018-12-25T12:26:43.087286403Z 61 PC: 12adf | Open file (See above)
2018-12-25T12:26:43.096011327Z 63 PC: 12aec | Read file or device (See above)
2018-12-25T12:26:43.104042431Z 63 PC: 12af7 | Read file or device (See above)
2018-12-25T12:26:43.107346728Z 63 PC: 12b02 | Read file or device (See above)
2018-12-25T12:26:43.111407099Z 66 PC: 12b32 | Move file pointer (See above)
2018-12-25T12:26:43.11346354Z 64 PC: 12b3d | Write file or device (See above)
2018-12-25T12:26:43.116945999Z 64 PC: 12b48 | Write file or device (See above)
2018-12-25T12:26:43.12144439Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T12:26:43.123092352Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T12:26:43.132630016Z 87 PC: 12b6b | Get or set file date and time (See above)
2018-12-25T12:26:43.134470782Z 67 PC: 12b79 | Get or set file attributes (See above)
2018-12-25T12:26:43.140861273Z 79 PC: 12ac5 | Find next file (See above)
2018-12-25T12:26:43.145340007Z 67 PC: 12ad5 | Get or set file attributes (See above)
2018-12-25T12:26:43.151090649Z 61 PC: 12adf | Open file (See above)
2018-12-25T12:26:43.159295337Z 63 PC: 12aec | Read file or device (See above)
2018-12-25T12:26:43.167086496Z 63 PC: 12af7 | Read file or device (See above)
2018-12-25T12:26:43.17036449Z 63 PC: 12b02 | Read file or device (See above)
2018-12-25T12:26:43.174372963Z 66 PC: 12b32 | Move file pointer (See above)
2018-12-25T12:26:43.176123366Z 64 PC: 12b3d | Write file or device (See above)
2018-12-25T12:26:43.179416567Z 64 PC: 12b48 | Write file or device (See above)
2018-12-25T12:26:43.183388613Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T12:26:43.185491288Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T12:26:43.19513967Z 87 PC: 12b6b | Get or set file date and time (See above)
2018-12-25T12:26:43.198102128Z 67 PC: 12b79 | Get or set file attributes (See above)
2018-12-25T12:26:43.204128183Z 79 PC: 12ac5 | Find next file (See above)
2018-12-25T12:26:43.207565283Z 67 PC: 12ad5 | Get or set file attributes (See above)
2018-12-25T12:26:43.215091926Z 61 PC: 12adf | Open file (See above)
2018-12-25T12:26:43.222582408Z 63 PC: 12aec | Read file or device (See above)
2018-12-25T12:26:43.22724089Z 63 PC: 12af7 | Read file or device (See above)
2018-12-25T12:26:43.229887683Z 63 PC: 12b02 | Read file or device (See above)
2018-12-25T12:26:43.232439791Z 66 PC: 12b32 | Move file pointer (See above)
2018-12-25T12:26:43.233733195Z 64 PC: 12b3d | Write file or device (See above)
2018-12-25T12:26:43.236891534Z 64 PC: 12b48 | Write file or device (See above)
2018-12-25T12:26:43.241174283Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T12:26:43.242910512Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T12:26:43.253856574Z 87 PC: 12b6b | Get or set file date and time (See above)
2018-12-25T12:26:43.256974958Z 67 PC: 12b79 | Get or set file attributes (See above)
2018-12-25T12:26:43.263073729Z 79 PC: 12ac5 | Find next file (See above)
2018-12-25T12:26:43.266632258Z 67 PC: 12ad5 | Get or set file attributes (See above)
2018-12-25T12:26:43.273921979Z 61 PC: 12adf | Open file (See above)
2018-12-25T12:26:43.281992191Z 63 PC: 12aec | Read file or device (See above)
2018-12-25T12:26:43.290261875Z 63 PC: 12af7 | Read file or device (See above)
2018-12-25T12:26:43.294389445Z 63 PC: 12b02 | Read file or device (See above)
2018-12-25T12:26:43.297730472Z 66 PC: 12b32 | Move file pointer (See above)
2018-12-25T12:26:43.299862302Z 64 PC: 12b3d | Write file or device (See above)
2018-12-25T12:26:43.304086227Z 64 PC: 12b48 | Write file or device (See above)
2018-12-25T12:26:43.307597075Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T12:26:43.309572973Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T12:26:43.319179574Z 87 PC: 12b6b | Get or set file date and time (See above)
2018-12-25T12:26:43.321802916Z 67 PC: 12b79 | Get or set file attributes (See above)
2018-12-25T12:26:43.32806418Z 79 PC: 12ac5 | Find next file (See above)
2018-12-25T12:26:43.331666536Z 67 PC: 12ad5 | Get or set file attributes (See above)
2018-12-25T12:26:43.337654852Z 61 PC: 12adf | Open file (See above)
2018-12-25T12:26:43.342558991Z 63 PC: 12aec | Read file or device (See above)
2018-12-25T12:26:43.344568846Z 63 PC: 12af7 | Read file or device (See above)
2018-12-25T12:26:43.34762815Z 63 PC: 12b02 | Read file or device (See above)
2018-12-25T12:26:43.349738643Z 79 PC: 12ac5 | Find next file (See above)
2018-12-25T12:26:43.352347863Z 42 PC: 12b86 | Get date 0x12b86: cmp dx, 0x603
0x12b8a: je 0x12b92
0x12b8c: nop
0x12b8d: nop
0x12b8e: nop
0x12b8f: jmp 0x12b9a
0x12b91: nop
0x12b92: mov ah, 9
0x12b94: lea dx, word ptr [bp + 0x25f]
0x12b98: int 0x21
0x12b9a: mov si, 0x100
0x12b9d: jmp si
0x12b9f: dec bp
0x12ba0: jae 0x12c16
0x12ba3: popaw
0x12ba4: and byte ptr gs:[edx + 0x65], dh
0x12ba9: arpl word ptr [bx + di + 0x65], bp
0x12bac: jbe 0x12c13
0x12bae: and byte ptr fs:[bp + 0x72], ah
0x12bb2: outsw dx, word ptr [si]
2018-12-25T12:26:43.355126896Z 9 PC: 12b9a | Display string (String= 'Message recieved from M-POC Generation 2: I am outta here!')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9924,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:26:42.756299763Z 26 PC: 12a55 | Set disk transfer address
2018-12-25T12:26:42.758624436Z 78 PC: 12ac5 | Find first file
2018-12-25T12:26:42.76519516Z 67 PC: 12ad5 | Get or set file attributes
2018-12-25T12:26:42.782768093Z 61 PC: 12adf | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:26:42.806651163Z 63 PC: 12aec | Read file or device (Read 2 bytes on handle 5)
2018-12-25T12:26:42.81295337Z 63 PC: 12af7 | Read file or device (Read 1 bytes on handle 5)
2018-12-25T12:26:42.822968732Z 63 PC: 12b02 | Read file or device (Read 2 bytes on handle 5)
2018-12-25T12:26:42.827371546Z 66 PC: 12b32 | Move file pointer
2018-12-25T12:26:42.829025925Z 64 PC: 12b3d | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:26:42.831950033Z 64 PC: 12b48 | Write file or device (Write 2 bytes on handle 5)
2018-12-25T12:26:42.835216794Z 66 PC: 12b51 | Move file pointer
2018-12-25T12:26:42.837626156Z 64 PC: 12b5c | Write file or device (Write 804 bytes on handle 5)
2018-12-25T12:26:42.8549186Z 87 PC: 12b6b | Get or set file date and time
2018-12-25T12:26:42.856748262Z 67 PC: 12b79 | Get or set file attributes
2018-12-25T12:26:42.865578551Z 79 PC: 12ac5 | Find next file (See above)
2018-12-25T12:26:42.868520285Z 67 PC: 12ad5 | Get or set file attributes (See above)
2018-12-25T12:26:42.873420696Z 61 PC: 12adf | Open file (See above)
2018-12-25T12:26:42.881005587Z 63 PC: 12aec | Read file or device (See above)
2018-12-25T12:26:42.88739361Z 63 PC: 12af7 | Read file or device (See above)
2018-12-25T12:26:42.889802497Z 63 PC: 12b02 | Read file or device (See above)
2018-12-25T12:26:42.893402946Z 66 PC: 12b32 | Move file pointer (See above)
2018-12-25T12:26:42.894845674Z 64 PC: 12b3d | Write file or device (See above)
2018-12-25T12:26:42.897297119Z 64 PC: 12b48 | Write file or device (See above)
2018-12-25T12:26:42.9013147Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T12:26:42.902710326Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T12:26:42.910935242Z 87 PC: 12b6b | Get or set file date and time (See above)
2018-12-25T12:26:42.91239278Z 67 PC: 12b79 | Get or set file attributes (See above)
2018-12-25T12:26:42.918136243Z 79 PC: 12ac5 | Find next file (See above)
2018-12-25T12:26:42.921098092Z 67 PC: 12ad5 | Get or set file attributes (See above)
2018-12-25T12:26:42.926261028Z 61 PC: 12adf | Open file (See above)
2018-12-25T12:26:42.93448626Z 63 PC: 12aec | Read file or device (See above)
2018-12-25T12:26:42.94120195Z 63 PC: 12af7 | Read file or device (See above)
2018-12-25T12:26:42.943764189Z 63 PC: 12b02 | Read file or device (See above)
2018-12-25T12:26:42.94730835Z 66 PC: 12b32 | Move file pointer (See above)
2018-12-25T12:26:42.948729Z 64 PC: 12b3d | Write file or device (See above)
2018-12-25T12:26:42.951459071Z 64 PC: 12b48 | Write file or device (See above)
2018-12-25T12:26:42.955075991Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T12:26:42.956533336Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T12:26:42.96475705Z 87 PC: 12b6b | Get or set file date and time (See above)
2018-12-25T12:26:42.967741649Z 67 PC: 12b79 | Get or set file attributes (See above)
2018-12-25T12:26:42.972900756Z 79 PC: 12ac5 | Find next file (See above)
2018-12-25T12:26:42.976011172Z 67 PC: 12ad5 | Get or set file attributes (See above)
2018-12-25T12:26:42.982144999Z 61 PC: 12adf | Open file (See above)
2018-12-25T12:26:42.989624162Z 63 PC: 12aec | Read file or device (See above)
2018-12-25T12:26:42.996711712Z 63 PC: 12af7 | Read file or device (See above)
2018-12-25T12:26:42.999983776Z 63 PC: 12b02 | Read file or device (See above)
2018-12-25T12:26:43.002451225Z 66 PC: 12b32 | Move file pointer (See above)
2018-12-25T12:26:43.003613595Z 64 PC: 12b3d | Write file or device (See above)
2018-12-25T12:26:43.006137948Z 64 PC: 12b48 | Write file or device (See above)
2018-12-25T12:26:43.007994049Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T12:26:43.009108931Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T12:26:43.015716614Z 87 PC: 12b6b | Get or set file date and time (See above)
2018-12-25T12:26:43.016874434Z 67 PC: 12b79 | Get or set file attributes (See above)
2018-12-25T12:26:43.019958221Z 79 PC: 12ac5 | Find next file (See above)
2018-12-25T12:26:43.022586166Z 67 PC: 12ad5 | Get or set file attributes (See above)
2018-12-25T12:26:43.02589865Z 61 PC: 12adf | Open file (See above)
2018-12-25T12:26:43.029875692Z 63 PC: 12aec | Read file or device (See above)
2018-12-25T12:26:43.034520096Z 63 PC: 12af7 | Read file or device (See above)
2018-12-25T12:26:43.036279617Z 63 PC: 12b02 | Read file or device (See above)
2018-12-25T12:26:43.037997163Z 66 PC: 12b32 | Move file pointer (See above)
2018-12-25T12:26:43.039185342Z 64 PC: 12b3d | Write file or device (See above)
2018-12-25T12:26:43.041337116Z 64 PC: 12b48 | Write file or device (See above)
2018-12-25T12:26:43.043214827Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T12:26:43.044449843Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T12:26:43.050110927Z 87 PC: 12b6b | Get or set file date and time (See above)
2018-12-25T12:26:43.051439247Z 67 PC: 12b79 | Get or set file attributes (See above)
2018-12-25T12:26:43.054990914Z 79 PC: 12ac5 | Find next file (See above)
2018-12-25T12:26:43.05694298Z 67 PC: 12ad5 | Get or set file attributes (See above)
2018-12-25T12:26:43.059965415Z 61 PC: 12adf | Open file (See above)
2018-12-25T12:26:43.067236141Z 63 PC: 12aec | Read file or device (See above)
2018-12-25T12:26:43.074259282Z 63 PC: 12af7 | Read file or device (See above)
2018-12-25T12:26:43.077081034Z 63 PC: 12b02 | Read file or device (See above)
2018-12-25T12:26:43.080564511Z 66 PC: 12b32 | Move file pointer (See above)
2018-12-25T12:26:43.08195355Z 64 PC: 12b3d | Write file or device (See above)
2018-12-25T12:26:43.085204705Z 64 PC: 12b48 | Write file or device (See above)
2018-12-25T12:26:43.090875282Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T12:26:43.09238253Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T12:26:43.101441138Z 87 PC: 12b6b | Get or set file date and time (See above)
2018-12-25T12:26:43.103290417Z 67 PC: 12b79 | Get or set file attributes (See above)
2018-12-25T12:26:43.108873285Z 79 PC: 12ac5 | Find next file (See above)
2018-12-25T12:26:43.11240727Z 67 PC: 12ad5 | Get or set file attributes (See above)
2018-12-25T12:26:43.118781469Z 61 PC: 12adf | Open file (See above)
2018-12-25T12:26:43.127085483Z 63 PC: 12aec | Read file or device (See above)
2018-12-25T12:26:43.131415405Z 63 PC: 12af7 | Read file or device (See above)
2018-12-25T12:26:43.133301611Z 63 PC: 12b02 | Read file or device (See above)
2018-12-25T12:26:43.135676567Z 66 PC: 12b32 | Move file pointer (See above)
2018-12-25T12:26:43.137041055Z 64 PC: 12b3d | Write file or device (See above)
2018-12-25T12:26:43.139748788Z 64 PC: 12b48 | Write file or device (See above)
2018-12-25T12:26:43.141628938Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T12:26:43.142762662Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T12:26:43.149012787Z 87 PC: 12b6b | Get or set file date and time (See above)
2018-12-25T12:26:43.150228497Z 67 PC: 12b79 | Get or set file attributes (See above)
2018-12-25T12:26:43.15340469Z 79 PC: 12ac5 | Find next file (See above)
2018-12-25T12:26:43.155883891Z 67 PC: 12ad5 | Get or set file attributes (See above)
2018-12-25T12:26:43.159203606Z 61 PC: 12adf | Open file (See above)
2018-12-25T12:26:43.163337823Z 63 PC: 12aec | Read file or device (See above)
2018-12-25T12:26:43.165961632Z 63 PC: 12af7 | Read file or device (See above)
2018-12-25T12:26:43.168424452Z 63 PC: 12b02 | Read file or device (See above)
2018-12-25T12:26:43.171131314Z 79 PC: 12ac5 | Find next file (See above)
2018-12-25T12:26:43.174454243Z 42 PC: 12b86 | Get date 0x12b86: cmp dx, 0x603
0x12b8a: je 0x12b92
0x12b8c: nop
0x12b8d: nop
0x12b8e: nop
0x12b8f: jmp 0x12b9a
0x12b91: nop
0x12b92: mov ah, 9
0x12b94: lea dx, word ptr [bp + 0x25f]
0x12b98: int 0x21
0x12b9a: mov si, 0x100
0x12b9d: jmp si
0x12b9f: dec bp
0x12ba0: jae 0x12c16
0x12ba3: popaw
0x12ba4: and byte ptr gs:[edx + 0x65], dh
0x12ba9: arpl word ptr [bx + di + 0x65], bp
0x12bac: jbe 0x12c13
0x12bae: and byte ptr fs:[bp + 0x72], ah
0x12bb2: outsw dx, word ptr [si]

{"DateBased":true,"Day":3,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9924,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:26:42.8458394Z 26 PC: 12a55 | Set disk transfer address
2018-12-25T12:26:42.848109898Z 78 PC: 12ac5 | Find first file
2018-12-25T12:26:42.855310869Z 67 PC: 12ad5 | Get or set file attributes
2018-12-25T12:26:42.872269367Z 61 PC: 12adf | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:26:42.880721568Z 63 PC: 12aec | Read file or device (Read 2 bytes on handle 5)
2018-12-25T12:26:42.889361079Z 63 PC: 12af7 | Read file or device (Read 1 bytes on handle 5)
2018-12-25T12:26:42.892456266Z 63 PC: 12b02 | Read file or device (Read 2 bytes on handle 5)
2018-12-25T12:26:42.895573697Z 66 PC: 12b32 | Move file pointer
2018-12-25T12:26:42.898736983Z 64 PC: 12b3d | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:26:42.902097717Z 64 PC: 12b48 | Write file or device (Write 2 bytes on handle 5)
2018-12-25T12:26:42.905992866Z 66 PC: 12b51 | Move file pointer
2018-12-25T12:26:42.909087276Z 64 PC: 12b5c | Write file or device (Write 804 bytes on handle 5)
2018-12-25T12:26:42.91883917Z 87 PC: 12b6b | Get or set file date and time
2018-12-25T12:26:42.92095211Z 67 PC: 12b79 | Get or set file attributes
2018-12-25T12:26:42.927558656Z 79 PC: 12ac5 | Find next file (See above)
2018-12-25T12:26:42.93136839Z 67 PC: 12ad5 | Get or set file attributes (See above)
2018-12-25T12:26:42.936924742Z 61 PC: 12adf | Open file (See above)
2018-12-25T12:26:42.944485302Z 63 PC: 12aec | Read file or device (See above)
2018-12-25T12:26:42.953478368Z 63 PC: 12af7 | Read file or device (See above)
2018-12-25T12:26:42.956548589Z 63 PC: 12b02 | Read file or device (See above)
2018-12-25T12:26:42.959646176Z 66 PC: 12b32 | Move file pointer (See above)
2018-12-25T12:26:42.962263731Z 64 PC: 12b3d | Write file or device (See above)
2018-12-25T12:26:42.969124769Z 64 PC: 12b48 | Write file or device (See above)
2018-12-25T12:26:42.972101815Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T12:26:42.978368773Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T12:26:42.987588834Z 87 PC: 12b6b | Get or set file date and time (See above)
2018-12-25T12:26:42.98968326Z 67 PC: 12b79 | Get or set file attributes (See above)
2018-12-25T12:26:42.996177675Z 79 PC: 12ac5 | Find next file (See above)
2018-12-25T12:26:42.999435602Z 67 PC: 12ad5 | Get or set file attributes (See above)
2018-12-25T12:26:43.005012433Z 61 PC: 12adf | Open file (See above)
2018-12-25T12:26:43.013258408Z 63 PC: 12aec | Read file or device (See above)
2018-12-25T12:26:43.02085727Z 63 PC: 12af7 | Read file or device (See above)
2018-12-25T12:26:43.024859154Z 63 PC: 12b02 | Read file or device (See above)
2018-12-25T12:26:43.029179045Z 66 PC: 12b32 | Move file pointer (See above)
2018-12-25T12:26:43.031292057Z 64 PC: 12b3d | Write file or device (See above)
2018-12-25T12:26:43.034641063Z 64 PC: 12b48 | Write file or device (See above)
2018-12-25T12:26:43.03798295Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T12:26:43.041152909Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T12:26:43.050448445Z 87 PC: 12b6b | Get or set file date and time (See above)
2018-12-25T12:26:43.052653668Z 67 PC: 12b79 | Get or set file attributes (See above)
2018-12-25T12:26:43.059549708Z 79 PC: 12ac5 | Find next file (See above)
2018-12-25T12:26:43.062951732Z 67 PC: 12ad5 | Get or set file attributes (See above)
2018-12-25T12:26:43.068582759Z 61 PC: 12adf | Open file (See above)
2018-12-25T12:26:43.077189357Z 63 PC: 12aec | Read file or device (See above)
2018-12-25T12:26:43.085049413Z 63 PC: 12af7 | Read file or device (See above)
2018-12-25T12:26:43.088211653Z 63 PC: 12b02 | Read file or device (See above)
2018-12-25T12:26:43.092139782Z 66 PC: 12b32 | Move file pointer (See above)
2018-12-25T12:26:43.094169026Z 64 PC: 12b3d | Write file or device (See above)
2018-12-25T12:26:43.098376139Z 64 PC: 12b48 | Write file or device (See above)
2018-12-25T12:26:43.101676089Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T12:26:43.104080191Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T12:26:43.113322032Z 87 PC: 12b6b | Get or set file date and time (See above)
2018-12-25T12:26:43.115509435Z 67 PC: 12b79 | Get or set file attributes (See above)
2018-12-25T12:26:43.122410981Z 79 PC: 12ac5 | Find next file (See above)
2018-12-25T12:26:43.125771303Z 67 PC: 12ad5 | Get or set file attributes (See above)
2018-12-25T12:26:43.131397142Z 61 PC: 12adf | Open file (See above)
2018-12-25T12:26:43.139524297Z 63 PC: 12aec | Read file or device (See above)
2018-12-25T12:26:43.147119999Z 63 PC: 12af7 | Read file or device (See above)
2018-12-25T12:26:43.150308835Z 63 PC: 12b02 | Read file or device (See above)
2018-12-25T12:26:43.153870201Z 66 PC: 12b32 | Move file pointer (See above)
2018-12-25T12:26:43.156143027Z 64 PC: 12b3d | Write file or device (See above)
2018-12-25T12:26:43.159525798Z 64 PC: 12b48 | Write file or device (See above)
2018-12-25T12:26:43.163432721Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T12:26:43.165478973Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T12:26:43.175435493Z 87 PC: 12b6b | Get or set file date and time (See above)
2018-12-25T12:26:43.178382217Z 67 PC: 12b79 | Get or set file attributes (See above)
2018-12-25T12:26:43.184289926Z 79 PC: 12ac5 | Find next file (See above)
2018-12-25T12:26:43.187566105Z 67 PC: 12ad5 | Get or set file attributes (See above)
2018-12-25T12:26:43.193349137Z 61 PC: 12adf | Open file (See above)
2018-12-25T12:26:43.200970944Z 63 PC: 12aec | Read file or device (See above)
2018-12-25T12:26:43.208481965Z 63 PC: 12af7 | Read file or device (See above)
2018-12-25T12:26:43.211333772Z 63 PC: 12b02 | Read file or device (See above)
2018-12-25T12:26:43.215216587Z 66 PC: 12b32 | Move file pointer (See above)
2018-12-25T12:26:43.217138449Z 64 PC: 12b3d | Write file or device (See above)
2018-12-25T12:26:43.220443722Z 64 PC: 12b48 | Write file or device (See above)
2018-12-25T12:26:43.224105326Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T12:26:43.226118827Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T12:26:43.236661333Z 87 PC: 12b6b | Get or set file date and time (See above)
2018-12-25T12:26:43.239800221Z 67 PC: 12b79 | Get or set file attributes (See above)
2018-12-25T12:26:43.245968837Z 79 PC: 12ac5 | Find next file (See above)
2018-12-25T12:26:43.249465383Z 67 PC: 12ad5 | Get or set file attributes (See above)
2018-12-25T12:26:43.255913054Z 61 PC: 12adf | Open file (See above)
2018-12-25T12:26:43.263768984Z 63 PC: 12aec | Read file or device (See above)
2018-12-25T12:26:43.271479634Z 63 PC: 12af7 | Read file or device (See above)
2018-12-25T12:26:43.27530064Z 63 PC: 12b02 | Read file or device (See above)
2018-12-25T12:26:43.278575243Z 66 PC: 12b32 | Move file pointer (See above)
2018-12-25T12:26:43.280662573Z 64 PC: 12b3d | Write file or device (See above)
2018-12-25T12:26:43.284334952Z 64 PC: 12b48 | Write file or device (See above)
2018-12-25T12:26:43.288500058Z 66 PC: 12b51 | Move file pointer (See above)
2018-12-25T12:26:43.290565415Z 64 PC: 12b5c | Write file or device (See above)
2018-12-25T12:26:43.300145372Z 87 PC: 12b6b | Get or set file date and time (See above)
2018-12-25T12:26:43.303482641Z 67 PC: 12b79 | Get or set file attributes (See above)
2018-12-25T12:26:43.310233087Z 79 PC: 12ac5 | Find next file (See above)
2018-12-25T12:26:43.31367694Z 67 PC: 12ad5 | Get or set file attributes (See above)
2018-12-25T12:26:43.320389029Z 61 PC: 12adf | Open file (See above)
2018-12-25T12:26:43.328525735Z 63 PC: 12aec | Read file or device (See above)
2018-12-25T12:26:43.331885355Z 63 PC: 12af7 | Read file or device (See above)
2018-12-25T12:26:43.3359772Z 63 PC: 12b02 | Read file or device (See above)
2018-12-25T12:26:43.33990907Z 79 PC: 12ac5 | Find next file (See above)
2018-12-25T12:26:43.343050047Z 42 PC: 12b86 | Get date 0x12b86: cmp dx, 0x603
0x12b8a: je 0x12b92
0x12b8c: nop
0x12b8d: nop
0x12b8e: nop
0x12b8f: jmp 0x12b9a
0x12b91: nop
0x12b92: mov ah, 9
0x12b94: lea dx, word ptr [bp + 0x25f]
0x12b98: int 0x21
0x12b9a: mov si, 0x100
0x12b9d: jmp si
0x12b9f: dec bp
0x12ba0: jae 0x12c16
0x12ba3: popaw
0x12ba4: and byte ptr gs:[edx + 0x65], dh
0x12ba9: arpl word ptr [bx + di + 0x65], bp
0x12bac: jbe 0x12c13
0x12bae: and byte ptr fs:[bp + 0x72], ah
0x12bb2: outsw dx, word ptr [si]
2018-12-25T12:26:43.346069988Z 9 PC: 12b9a | Display string (String= 'Message recieved from M-POC Generation 2: I am outta here!')