.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T23:00:24.825924523Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:24.827560257Z | 17 | PC: 12a6c | Find first file |
| 2018-12-17T23:00:24.835573226Z | 15 | PC: 12a78 | Open file (Filename = '�SLEEP COM �dLL��L�����Ŀ�[��PSQRV����;�t�Z�;rZH�;>�rG����� �l!r?؋3��3ɸ�B!r�5�@�?!r��u
F�5��u>!�&=�u�^ZY[X�ˊȸ�X!ɀက
ٸ�X!2�X!������
�P!�0!=��t�S"[&9���t &��£!') |
| 2018-12-17T23:00:24.845043848Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:24.846898317Z | 39 | PC: 12a9a | Random block read |
| 2018-12-17T23:00:24.855591396Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:24.857177414Z | 40 | PC: 12ab9 | Random block write |
| 2018-12-17T23:00:24.876885035Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:24.878510722Z | 40 | PC: 12ad4 | Random block write |
| 2018-12-17T23:00:24.888148016Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:24.890824667Z | 16 | PC: 12adc | Close file |
| 2018-12-17T23:00:24.918368918Z | 18 | PC: 12a6c | Find next file |
| 2018-12-17T23:00:24.921639583Z | 15 | PC: 12a78 | Open file (Filename = '�PRINT COM ��"M����"M����������[��PSQRV����;�t�Z�;rZH�;>�rG����� �l!r?؋3��3ɸ�B!r�5�@�?!r��u
F�5��u>!�&=�u�^ZY[X�ˊȸ�X!ɀက
ٸ�X!2�X!������
�P!�0!=��t�S"[&9���t &��£!') |
| 2018-12-17T23:00:24.930349494Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:24.932391547Z | 39 | PC: 12a9a | Random block read |
| 2018-12-17T23:00:24.945323979Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:24.94796346Z | 40 | PC: 12ab9 | Random block write |
| 2018-12-17T23:00:24.953834651Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:24.955470442Z | 40 | PC: 12ad4 | Random block write |
| 2018-12-17T23:00:24.96111885Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:24.963272709Z | 16 | PC: 12adc | Close file |
| 2018-12-17T23:00:24.972535331Z | 18 | PC: 12a6c | Find next file |
| 2018-12-17T23:00:24.975796894Z | 15 | PC: 12a78 | Open file (Filename = '�HELLO COM �dLL��L �\�������[��PSQRV����;�t�Z�;rZH�;>�rG����� �l!r?؋3��3ɸ�B!r�5�@�?!r��u
F�5��u>!�&=�u�^ZY[X�ˊȸ�X!ɀက
ٸ�X!2�X!������
�P!�0!=��t�S"[&9���t &��£!') |
| 2018-12-17T23:00:24.984253615Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:24.985827752Z | 39 | PC: 12a9a | Random block read |
| 2018-12-17T23:00:24.994500155Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:24.997375108Z | 40 | PC: 12ab9 | Random block write |
| 2018-12-17T23:00:25.003122768Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.004713729Z | 40 | PC: 12ad4 | Random block write |
| 2018-12-17T23:00:25.013339064Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.015371934Z | 16 | PC: 12adc | Close file |
| 2018-12-17T23:00:25.024829746Z | 18 | PC: 12a6c | Find next file |
| 2018-12-17T23:00:25.029053483Z | 15 | PC: 12a78 | Open file (Filename = '�PHANG COM ��rLL��rL
���������[��PSQRV����;�t�Z�;rZH�;>�rG����� �l!r?؋3��3ɸ�B!r�5�@�?!r��u
F�5��u>!�&=�u�^ZY[X�ˊȸ�X!ɀက
ٸ�X!2�X!������
�P!�0!=��t�S"[&9���t &��£!') |
| 2018-12-17T23:00:25.037305546Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.038991632Z | 39 | PC: 12a9a | Random block read |
| 2018-12-17T23:00:25.048761954Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.050801073Z | 40 | PC: 12ab9 | Random block write |
| 2018-12-17T23:00:25.056667964Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.058321918Z | 40 | PC: 12ad4 | Random block write |
| 2018-12-17T23:00:25.065060215Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.066701947Z | 16 | PC: 12adc | Close file |
| 2018-12-17T23:00:25.07841979Z | 18 | PC: 12a6c | Find next file |
| 2018-12-17T23:00:25.082713747Z | 15 | PC: 12a78 | Open file (Filename = '�PRINTA~1COM ���M�����M����������[��PSQRV����;�t�Z�;rZH�;>�rG����� �l!r?؋3��3ɸ�B!r�5�@�?!r��u
F�5��u>!�&=�u�^ZY[X�ˊȸ�X!ɀက
ٸ�X!2�X!������
�P!�0!=��t�S"[&9���t &��£!') |
| 2018-12-17T23:00:25.090766217Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.092431421Z | 39 | PC: 12a9a | Random block read |
| 2018-12-17T23:00:25.1025583Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.10458384Z | 40 | PC: 12ab9 | Random block write |
| 2018-12-17T23:00:25.110480145Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.112884679Z | 40 | PC: 12ad4 | Random block write |
| 2018-12-17T23:00:25.118953371Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.120622403Z | 16 | PC: 12adc | Close file |
| 2018-12-17T23:00:25.129722207Z | 18 | PC: 12a6c | Find next file |
| 2018-12-17T23:00:25.133934731Z | 15 | PC: 12a78 | Open file (Filename = '�MANDEL COM ��(M����(M���������[��PSQRV����;�t�Z�;rZH�;>�rG����� �l!r?؋3��3ɸ�B!r�5�@�?!r��u
F�5��u>!�&=�u�^ZY[X�ˊȸ�X!ɀက
ٸ�X!2�X!������
�P!�0!=��t�S"[&9���t &��£!') |
| 2018-12-17T23:00:25.146894986Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.148603807Z | 39 | PC: 12a9a | Random block read |
| 2018-12-17T23:00:25.158315939Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.15997687Z | 40 | PC: 12ab9 | Random block write |
| 2018-12-17T23:00:25.170869632Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.173383086Z | 40 | PC: 12ad4 | Random block write |
| 2018-12-17T23:00:25.182924727Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.184581624Z | 16 | PC: 12adc | Close file |
| 2018-12-17T23:00:25.195203647Z | 18 | PC: 12a6c | Find next file |
| 2018-12-17T23:00:25.19854791Z | 15 | PC: 12a78 | Open file (Filename = '�PAH COM �����������M����������[��PSQRV����;�t�Z�;rZH�;>�rG����� �l!r?؋3��3ɸ�B!r�5�@�?!r��u
F�5��u>!�&=�u�^ZY[X�ˊȸ�X!ɀက
ٸ�X!2�X!������
�P!�0!=��t�S"[&9���t &��£!') |
| 2018-12-17T23:00:25.206621534Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.208222696Z | 39 | PC: 12a9a | Random block read |
| 2018-12-17T23:00:25.21845713Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.220110643Z | 40 | PC: 12ab9 | Random block write |
| 2018-12-17T23:00:25.225940838Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.228611725Z | 40 | PC: 12ad4 | Random block write |
| 2018-12-17T23:00:25.234335353Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.235954613Z | 16 | PC: 12adc | Close file |
| 2018-12-17T23:00:25.246114619Z | 18 | PC: 12a6c | Find next file |
| 2018-12-17T23:00:25.249615929Z | 15 | PC: 12a78 | Open file (Filename = '�TEST COM ���M�����M���������[��PSQRV����;�t�Z�;rZH�;>�rG����� �l!r?؋3��3ɸ�B!r�5�@�?!r��u
F�5��u>!�&=�u�^ZY[X�ˊȸ�X!ɀက
ٸ�X!2�X!������
�P!�0!=��t�S"[&9���t &��£!') |
| 2018-12-17T23:00:25.257658994Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.260081764Z | 39 | PC: 12a9a | Random block read |
| 2018-12-17T23:00:25.264887584Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.266534093Z | 16 | PC: 12adc | Close file |
| 2018-12-17T23:00:25.269609567Z | 18 | PC: 12a6c | Find next file |
| 2018-12-17T23:00:25.273102867Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.274801658Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.276419001Z | 17 | PC: 12a6c | Find first file |
| 2018-12-17T23:00:25.279502279Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.281170524Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.283617001Z | 17 | PC: 12a6c | Find first file |
| 2018-12-17T23:00:25.291515378Z | 15 | PC: 12a78 | Open file (Filename = '�SLEEP COM �dLL��8 M��O�������[��PSQRV����;�t�Z�;rZH�;>�rG����� �l!r?؋3��3ɸ�B!r�5�@�?!r��u
F�5��u>!�&=�u�^ZY[X�ˊȸ�X!ɀက
ٸ�X!2�X!������
�P!�0!=��t�S"[&9���t &��£!') |
| 2018-12-17T23:00:25.299850813Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.301533503Z | 39 | PC: 12a9a | Random block read |
| 2018-12-17T23:00:25.305421221Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.307361729Z | 40 | PC: 12ab9 | Random block write |
| 2018-12-17T23:00:25.313660253Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.315278432Z | 40 | PC: 12ad4 | Random block write |
| 2018-12-17T23:00:25.322134443Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.323736704Z | 16 | PC: 12adc | Close file |
| 2018-12-17T23:00:25.328634235Z | 18 | PC: 12a6c | Find next file |
| 2018-12-17T23:00:25.332751353Z | 15 | PC: 12a78 | Open file (Filename = '�PRINT COM ��"M����8 M���������[��PSQRV����;�t�Z�;rZH�;>�rG����� �l!r?؋3��3ɸ�B!r�5�@�?!r��u
F�5��u>!�&=�u�^ZY[X�ˊȸ�X!ɀက
ٸ�X!2�X!������
�P!�0!=��t�S"[&9���t &��£!') |
| 2018-12-17T23:00:25.340746702Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.342354847Z | 39 | PC: 12a9a | Random block read |
| 2018-12-17T23:00:25.346214616Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.348086941Z | 16 | PC: 12adc | Close file |
| 2018-12-17T23:00:25.35112344Z | 18 | PC: 12a6c | Find next file |
| 2018-12-17T23:00:25.355765659Z | 15 | PC: 12a78 | Open file (Filename = '�HELLO COM �dLL��8 M ���������[��PSQRV����;�t�Z�;rZH�;>�rG����� �l!r?؋3��3ɸ�B!r�5�@�?!r��u
F�5��u>!�&=�u�^ZY[X�ˊȸ�X!ɀက
ٸ�X!2�X!������
�P!�0!=��t�S"[&9���t &��£!') |
| 2018-12-17T23:00:25.364010716Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.365614072Z | 39 | PC: 12a9a | Random block read |
| 2018-12-17T23:00:25.368955521Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.371531146Z | 16 | PC: 12adc | Close file |
| 2018-12-17T23:00:25.374552016Z | 18 | PC: 12a6c | Find next file |
| 2018-12-17T23:00:25.377602309Z | 15 | PC: 12a78 | Open file (Filename = '�PHANG COM ��rLL��8 M
��������[��PSQRV����;�t�Z�;rZH�;>�rG����� �l!r?؋3��3ɸ�B!r�5�@�?!r��u
F�5��u>!�&=�u�^ZY[X�ˊȸ�X!ɀက
ٸ�X!2�X!������
�P!�0!=��t�S"[&9���t &��£!') |
| 2018-12-17T23:00:25.386519212Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.388126488Z | 39 | PC: 12a9a | Random block read |
| 2018-12-17T23:00:25.391156581Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.393522708Z | 16 | PC: 12adc | Close file |
| 2018-12-17T23:00:25.396791963Z | 18 | PC: 12a6c | Find next file |
| 2018-12-17T23:00:25.399772551Z | 15 | PC: 12a78 | Open file (Filename = '�PRINTA~1COM ���M����8 M���������[��PSQRV����;�t�Z�;rZH�;>�rG����� �l!r?؋3��3ɸ�B!r�5�@�?!r��u
F�5��u>!�&=�u�^ZY[X�ˊȸ�X!ɀက
ٸ�X!2�X!������
�P!�0!=��t�S"[&9���t &��£!') |
| 2018-12-17T23:00:25.408843187Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.410675724Z | 39 | PC: 12a9a | Random block read |
| 2018-12-17T23:00:25.413631697Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.415135333Z | 16 | PC: 12adc | Close file |
| 2018-12-17T23:00:25.419123183Z | 18 | PC: 12a6c | Find next file |
| 2018-12-17T23:00:25.422075082Z | 15 | PC: 12a78 | Open file (Filename = '�MANDEL COM ��(M����8 M���������[��PSQRV����;�t�Z�;rZH�;>�rG����� �l!r?؋3��3ɸ�B!r�5�@�?!r��u
F�5��u>!�&=�u�^ZY[X�ˊȸ�X!ɀက
ٸ�X!2�X!������
�P!�0!=��t�S"[&9���t &��£!') |
| 2018-12-17T23:00:25.43068473Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.433185975Z | 39 | PC: 12a9a | Random block read |
| 2018-12-17T23:00:25.436157958Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.43766022Z | 16 | PC: 12adc | Close file |
| 2018-12-17T23:00:25.441437264Z | 18 | PC: 12a6c | Find next file |
| 2018-12-17T23:00:25.444688172Z | 15 | PC: 12a78 | Open file (Filename = '�PAH COM ����������8 M���������[��PSQRV����;�t�Z�;rZH�;>�rG����� �l!r?؋3��3ɸ�B!r�5�@�?!r��u
F�5��u>!�&=�u�^ZY[X�ˊȸ�X!ɀက
ٸ�X!2�X!������
�P!�0!=��t�S"[&9���t &��£!') |
| 2018-12-17T23:00:25.452630782Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.454867784Z | 39 | PC: 12a9a | Random block read |
| 2018-12-17T23:00:25.458054205Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.459299118Z | 16 | PC: 12adc | Close file |
| 2018-12-17T23:00:25.462013312Z | 18 | PC: 12a6c | Find next file |
| 2018-12-17T23:00:25.46571948Z | 15 | PC: 12a78 | Open file (Filename = '�TEST COM ���M�����M���������[��PSQRV����;�t�Z�;rZH�;>�rG����� �l!r?؋3��3ɸ�B!r�5�@�?!r��u
F�5��u>!�&=�u�^ZY[X�ˊȸ�X!ɀက
ٸ�X!2�X!������
�P!�0!=��t�S"[&9���t &��£!') |
| 2018-12-17T23:00:25.473494053Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.47485117Z | 39 | PC: 12a9a | Random block read |
| 2018-12-17T23:00:25.478247609Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.479563541Z | 16 | PC: 12adc | Close file |
| 2018-12-17T23:00:25.482315712Z | 18 | PC: 12a6c | Find next file |
| 2018-12-17T23:00:25.486129828Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T23:00:25.487556802Z | 74 | PC: 12cdc | Reallocate memory |
| 2018-12-17T23:00:25.489696973Z | 25 | PC: 12d13 | Get default drive |
