.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T23:01:15.209161166Z | 66 | PC: 12a68 | Move file pointer |
| 2018-12-17T23:01:15.210785819Z | 61 | PC: 12a71 | Open file (Filename = 'L�N�P�R�T�V�X�Z�\�^�`�b�d�f�h�j�l�n�p�r�t�v�x�z�|�~�����������������������������������������������������������������') |
| 2018-12-17T23:01:15.215632926Z | 13 | PC: 12a8b | Disk reset |
| 2018-12-17T23:01:15.217285271Z | 13 | PC: 12a99 | Disk reset |
| 2018-12-17T23:01:15.218702825Z | 62 | PC: 12a9d | Close file |
| 2018-12-17T23:01:15.220841774Z | 44 | PC: 12aa1 | Get time 0x12aa1: or ch, dl
0x12aa3: mov al, 0x85
0x12aa5: nop
0x12aa7: xor bh, cl
0x12aaa: cmp cl, bh
0x12aad: and dl, bh
0x12aaf: cmp bp, bx
0x12ab1: mov dh, bh
0x12ab3: xchg cl, dh
0x12ab6: in al, 0x1a
0x12ab8: aas
0x12ab9: add dh, bl
0x12abb: aas
0x12abc: xor al, 0x3c
0x12abe: xor ax, 0x83db
0x12ac1: cld
0x12ac2: mov ah, 0x42
0x12ac4: int 0x21
0x12ac6: cmp bp, si
0x12ac8: in ax, dx
|
| 2018-12-17T23:01:15.22301102Z | 66 | PC: 12ac6 | Move file pointer |
| 2018-12-17T23:01:15.224693923Z | 81 | PC: 12ad6 | Get current PSP |
| 2018-12-17T23:01:15.225977174Z | 11 | PC: 12ada | Get input status |
| 2018-12-17T23:01:15.227966122Z | 66 | PC: 12ae9 | Move file pointer |
| 2018-12-17T23:01:15.236419486Z | 9 | PC: 12d51 | Display string (String= '
This file infected with [yet another data encryption kernel advance] demo virii
') |
| 2018-12-17T23:01:15.244136776Z | 240 | PC: 12d58 | UNKNOWN! |
| 2018-12-17T23:01:15.245115776Z | 74 | PC: 12d70 | Reallocate memory |
| 2018-12-17T23:01:15.247359903Z | 74 | PC: 12d76 | Reallocate memory |
| 2018-12-17T23:01:15.249753391Z | 72 | PC: 12d7c | Allocate memory |
| 2018-12-17T23:01:15.251607495Z | 53 | PC: 9d8d4 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T23:01:15.252948886Z | 37 | PC: 9d8e4 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T23:01:15.25545256Z | 9 | PC: 12ab8 | Display string (String= 'Goat file (COM/mpi.). Size=00000D48h/0000003400d bytes.
') |
| 2018-12-17T23:01:15.261319714Z | 48 | PC: 12ac1 | Get DOS version |
| 2018-12-17T23:01:15.262960738Z | 61 | PC: 12b8e | Open file (Filename = '�') |
| 2018-12-17T23:01:15.274026772Z | 93 | PC: 12b30 | File sharing functions |
| 2018-12-17T23:01:15.277442901Z | 9 | PC: 12ab8 | Display string (String= 'Size change=0C47h/03143d.
') |
| 2018-12-17T23:01:15.281446284Z | 76 | PC: 12b15 | Terminate with return code (Return code = '1') |
