.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:58:55.285111481Z | 44 | PC: 12d07 | Get time 0x12d07: ret 0x12d08: movsw word ptr es:[di], word ptr [si] 0x12d09: mov bh, byte ptr [bp + 0x6f6b] 0x12d0d: mov si, di 0x12d0f: mov ah, 0 0x12d11: lodsb al, byte ptr [si] 0x12d12: xor al, ah 0x12d14: add ah, 0x11 0x12d17: stosb byte ptr es:[di], al 0x12d18: loop 0x12d11 0x12d1a: ret 0x12d1b: or byte ptr [di - 0x75], bh 0x12d1e: cli 0x12d1f: sub di, 0x2e5 0x12d23: mov cx, 0x1cc 0x12d26: call 0x22d0a 0x12d29: mov cx, 0x61ce 0x12d2c: mov di, dx 0x12d2e: mov cx, 0x3e5 0x12d31: call 0x22d0a |
| 2018-12-17T22:58:55.288349096Z | 48 | PC: 12d07 | Get DOS version |
| 2018-12-17T22:58:55.291073737Z | 47 | PC: 12d07 | Get disk transfer address |
| 2018-12-17T22:58:55.29483133Z | 26 | PC: 12d07 | Set disk transfer address |
| 2018-12-17T22:58:55.296637805Z | 78 | PC: 12d07 | Find first file |
| 2018-12-17T22:58:55.30696762Z | 67 | PC: 12d07 | Get or set file attributes |
| 2018-12-17T22:58:55.315655308Z | 67 | PC: 12d07 | Get or set file attributes |
| 2018-12-17T22:58:55.337676607Z | 61 | PC: 12d07 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:58:55.346407506Z | 87 | PC: 12d07 | Get or set file date and time |
| 2018-12-17T22:58:55.348696479Z | 63 | PC: 12d07 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:58:55.356324275Z | 66 | PC: 12d07 | Move file pointer |
| 2018-12-17T22:58:55.358787745Z | 44 | PC: 12d07 | Get time 0x12d07: ret 0x12d08: mov di, 0xbe85 0x12d0b: test word ptr [bp + si - 0x75], bp 0x12d0e: div word ptr [si - 0x5400] 0x12d12: xor al, ah 0x12d14: add ah, 0x11 0x12d17: stosb byte ptr es:[di], al 0x12d18: loop 0x12d11 0x12d1a: ret 0x12d1b: and bh, byte ptr [bx + si - 0x75] 0x12d1e: cli 0x12d1f: sub di, 0x2e5 0x12d23: mov cx, 0x1cc 0x12d26: call 0x22d0a 0x12d29: mov cx, 0x5ce8 0x12d2c: mov di, dx 0x12d2e: mov cx, 0x3e5 0x12d31: call 0x22d0a 0x12d34: ret 0x12d35: pop sp |
| 2018-12-17T22:58:55.362381289Z | 64 | PC: 12d07 | Write file or device (Write 116 bytes on handle 5) |
| 2018-12-17T22:58:55.376727763Z | 44 | PC: 12d07 | Get time 0x12d07: ret 0x12d08: mov di, 0xbe85 0x12d0b: test word ptr [bp + si - 0x75], bp 0x12d0e: div word ptr [si - 0x5400] 0x12d12: xor al, ah 0x12d14: add ah, 0x11 0x12d17: stosb byte ptr es:[di], al 0x12d18: loop 0x12d11 0x12d1a: ret 0x12d1b: and bh, byte ptr [bx + si - 0x75] 0x12d1e: cli 0x12d1f: sub di, 0x2e5 0x12d23: mov cx, 0x1cc 0x12d26: call 0x22d0a 0x12d29: mov cx, 0x5ce8 0x12d2c: mov di, dx 0x12d2e: mov cx, 0x3e5 0x12d31: call 0x22d0a 0x12d34: ret 0x12d35: pop sp |
| 2018-12-17T22:58:55.379821488Z | 64 | PC: 12d07 | Write file or device (Write 937 bytes on handle 5) |
| 2018-12-17T22:58:55.390013494Z | 66 | PC: 12d07 | Move file pointer |
| 2018-12-17T22:58:55.392057986Z | 64 | PC: 12d07 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:58:55.399654574Z | 87 | PC: 12d07 | Get or set file date and time |
| 2018-12-17T22:58:55.402925552Z | 62 | PC: 12d07 | Close file |
| 2018-12-17T22:58:55.412000889Z | 67 | PC: 12d07 | Get or set file attributes |
| 2018-12-17T22:58:55.422259349Z | 26 | PC: 12d07 | Set disk transfer address |
| 2018-12-17T22:58:55.427315382Z | 9 | PC: 12a4b | Display string (String= 'Hello virus !') |
| 2018-12-17T22:58:55.430093323Z | 76 | PC: 12a50 | Terminate with return code (Return code = '0') |