.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:51:09.080086173Z | 254 | PC: 1368d | UNKNOWN! |
| 2018-12-17T22:51:09.081568628Z | 42 | PC: 136c0 | Get date 0x136c0: call 0x13777 0x136c3: mov word ptr [si + 0x48], ax 0x136c7: mov ax, 0x3d00 0x136ca: lea dx, word ptr [si + 0x53] 0x136ce: int3 0x136cf: mov bx, ax 0x136d1: jae 0x136d4 0x136d3: ret 0x136d4: mov ah, 0x3f 0x136d6: lea dx, word ptr [si + 0x9a2] 0x136da: mov cx, 0x28 0x136dd: int3 0x136de: and ax, ax 0x136e0: jne 0x136e5 0x136e2: jmp 0x13773 0x136e5: mov cx, ax 0x136e7: mov di, dx 0x136e9: mov al, 0xd 0x136eb: cld 0x136ec: repne scasb al, byte ptr es:[di] |
| 2018-12-17T22:51:09.084721278Z | 61 | PC: 136cf | Open file (Filename = 'c:\config.sys') |
| 2018-12-17T22:51:09.091096879Z | 63 | PC: 136de | Read file or device (Read 40 bytes on handle 5) |
| 2018-12-17T22:51:09.096895172Z | 66 | PC: 13700 | Move file pointer |
| 2018-12-17T22:51:09.099655879Z | 63 | PC: 136de | Read file or device (Read 40 bytes on handle 5) |
| 2018-12-17T22:51:09.102430676Z | 66 | PC: 13700 | Move file pointer |
| 2018-12-17T22:51:09.104185187Z | 63 | PC: 136de | Read file or device (Read 40 bytes on handle 5) |
| 2018-12-17T22:51:09.107716972Z | 66 | PC: 13700 | Move file pointer |
| 2018-12-17T22:51:09.109345385Z | 61 | PC: 13762 | Open file (Filename = 'C:\WINDOWS\HIMEM.SYS') |
| 2018-12-17T22:51:09.119821582Z | 66 | PC: 1381e | Move file pointer |
| 2018-12-17T22:51:09.12194462Z | 66 | PC: 137f7 | Move file pointer |
| 2018-12-17T22:51:09.12333756Z | 63 | PC: 1383b | Read file or device (Read 6 bytes on handle 6) |
| 2018-12-17T22:51:09.129173082Z | 87 | PC: 1386c | Get or set file date and time |
| 2018-12-17T22:51:09.131633185Z | 90 | PC: 138b7 | Create unique file |
| 2018-12-17T22:51:09.473173696Z | 62 | PC: 138be | Close file |
| 2018-12-17T22:51:09.47564192Z | 65 | PC: 138c3 | Delete file (Filename = 'c:\ABAACBEG') |
| 2018-12-17T22:51:09.485592488Z | 63 | PC: 1394b | Read file or device (Read 2 bytes on handle 6) |
| 2018-12-17T22:51:09.489420555Z | 63 | PC: 13955 | Read file or device (Read 2 bytes on handle 6) |
| 2018-12-17T22:51:09.49282178Z | 66 | PC: 137f7 | Move file pointer |
| 2018-12-17T22:51:09.495707002Z | 63 | PC: 13966 | Read file or device (Read 5 bytes on handle 6) |
| 2018-12-17T22:51:09.502078261Z | 66 | PC: 13808 | Move file pointer |
| 2018-12-17T22:51:09.503563359Z | 66 | PC: 137f7 | Move file pointer |
| 2018-12-17T22:51:09.505130887Z | 64 | PC: 13985 | Write file or device (Write 2 bytes on handle 6) |
| 2018-12-17T22:51:09.508625626Z | 66 | PC: 137f7 | Move file pointer |
| 2018-12-17T22:51:09.520944039Z | 64 | PC: 13996 | Write file or device (Write 5 bytes on handle 6) |
| 2018-12-17T22:51:09.523969615Z | 66 | PC: 13808 | Move file pointer |
| 2018-12-17T22:51:09.525566069Z | 64 | PC: 138e2 | Write file or device (Write 2370 bytes on handle 6) |
| 2018-12-17T22:51:09.548519551Z | 87 | PC: 13a56 | Get or set file date and time |
| 2018-12-17T22:51:09.550855679Z | 66 | PC: 13917 | Move file pointer |
| 2018-12-17T22:51:09.553480157Z | 62 | PC: 1376f | Close file |
| 2018-12-17T22:51:09.562012772Z | 63 | PC: 136de | Read file or device (Read 40 bytes on handle 5) |
| 2018-12-17T22:51:09.565155614Z | 63 | PC: 136de | Read file or device (Read 40 bytes on handle 5) |
| 2018-12-17T22:51:09.569649006Z | 66 | PC: 13700 | Move file pointer |
| 2018-12-17T22:51:09.571677183Z | 63 | PC: 136de | Read file or device (Read 40 bytes on handle 5) |
| 2018-12-17T22:51:09.574536103Z | 66 | PC: 13700 | Move file pointer |
| 2018-12-17T22:51:09.577210105Z | 63 | PC: 136de | Read file or device (Read 40 bytes on handle 5) |
| 2018-12-17T22:51:09.579384329Z | 62 | PC: 13776 | Close file |
| 2018-12-17T22:51:09.581906564Z | 9 | PC: 12a61 | Display string (String= '������� ��� ������� ') |