.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:54:32.443381163Z | 42 | PC: 13a8c | Get date 0x13a8c: mov byte ptr [bp + 0x997], 0 0x13a91: cmp dh, byte ptr [bp + 0x985] 0x13a95: jne 0x13aa2 0x13a97: cmp cx, word ptr [bp + 0x986] 0x13a9b: jne 0x13aa2 0x13a9d: mov byte ptr [bp + 0x997], 1 0x13aa2: mov byte ptr [bp + 0x985], dh 0x13aa6: mov word ptr [bp + 0x986], cx 0x13aaa: mov byte ptr [bp + 0x984], dl 0x13aae: xor bx, bx 0x13ab0: mov ax, 0xface 0x13ab3: int 0x21 0x13ab5: cmp ax, 0xcefa 0x13ab8: jne 0x13ac2 0x13aba: cmp bx, 0x10 0x13abd: jge 0x13adc 0x13abf: call 0x13c5e 0x13ac2: mov ax, 0x2c00 0x13ac5: int 0x13 0x13ac7: mov ax, 0xffa5 |
| 2018-12-17T22:54:32.446709741Z | 250 | PC: 13ab5 | UNKNOWN! |
| 2018-12-17T22:54:32.448463165Z | 53 | PC: 9e8ed | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:54:32.44976267Z | 53 | PC: 9e8fb | Get interrupt vector (Interrupt = '19' AKA 'Delete file') |
| 2018-12-17T22:54:32.45148728Z | 53 | PC: 9e909 | Get interrupt vector (Interrupt = '38' AKA 'Create PSP') |
| 2018-12-17T22:54:32.452726749Z | 53 | PC: 9e917 | Get interrupt vector (Interrupt = '8' AKA 'Console input without echo') |
| 2018-12-17T22:54:32.453906115Z | 53 | PC: 9e925 | Get interrupt vector (Interrupt = '16' AKA 'Close file') |
| 2018-12-17T22:54:32.455185276Z | 53 | PC: 9e933 | Get interrupt vector (Interrupt = '23' AKA 'Rename file') |
| 2018-12-17T22:54:32.457127897Z | 53 | PC: 9ead6 | Get interrupt vector (Interrupt = '1' AKA 'Character input') |
| 2018-12-17T22:54:32.458512592Z | 37 | PC: 9eaf4 | Set interrupt vector (Interrupt = '1' AKA 'Character input') |
| 2018-12-17T22:54:32.460072567Z | 25 | PC: 9eb04 | Get default drive |
| 2018-12-17T22:54:32.461973741Z | 37 | PC: 9eb13 | Set interrupt vector (Interrupt = '1' AKA 'Character input') |
| 2018-12-17T22:54:32.463731163Z | 53 | PC: 9e9f6 | Get interrupt vector (Interrupt = '1' AKA 'Character input') |
| 2018-12-17T22:54:32.465537034Z | 37 | PC: 9ea14 | Set interrupt vector (Interrupt = '1' AKA 'Character input') |
| 2018-12-17T22:54:32.468287078Z | 37 | PC: 9ea36 | Set interrupt vector (Interrupt = '1' AKA 'Character input') |
| 2018-12-17T22:54:32.469808652Z | 53 | PC: 9eb93 | Get interrupt vector (Interrupt = '1' AKA 'Character input') |
| 2018-12-17T22:54:32.471265357Z | 37 | PC: 9ebab | Set interrupt vector (Interrupt = '1' AKA 'Character input') |
| 2018-12-17T22:54:32.47353232Z | 37 | PC: 9ebce | Set interrupt vector (Interrupt = '1' AKA 'Character input') |
| 2018-12-17T22:54:32.475123314Z | 37 | PC: 9ed7e | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:54:32.476589132Z | 37 | PC: 9ed7e | Set interrupt vector (Interrupt = '16' AKA 'Close file') |
| 2018-12-17T22:54:32.478443254Z | 37 | PC: 9ed7e | Set interrupt vector (Interrupt = '8' AKA 'Console input without echo') |
| 2018-12-17T22:54:32.479842346Z | 37 | PC: 9ed7e | Set interrupt vector (Interrupt = '23' AKA 'Rename file') |
| 2018-12-17T22:54:32.481113751Z | 53 | PC: 9ed7e | Get interrupt vector (Interrupt = '9' AKA 'Display string') |
| 2018-12-17T22:54:32.483408309Z | 37 | PC: 9ed7e | Set interrupt vector (Interrupt = '9' AKA 'Display string') |
| 2018-12-17T22:54:32.485125479Z | 9 | PC: 13a3f | Display string (String= 'Virus bate of 4096 Bytes !!!') |