.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T23:01:34.661992407Z | 61 | PC: 13a02 | Open file (Filename = 'T�.¡\�.‹�X�.‹�Z�.‹�V�é8ÿ ') |
| 2018-12-17T23:01:34.668085295Z | 74 | PC: 12e38 | Reallocate memory |
| 2018-12-17T23:01:34.670271022Z | 42 | PC: 12b8f | Get date 0x12b8f: ret
0x12b90: clc
0x12b91: iret
0x12b92: push es
0x12b93: adc al, 6
0x12b95: adc al, 0x35
0x12b97: add ax, 0x50f
0x12b9a: push es
0x12b9b: adc al, 0
0x12b9d: dec bx
0x12b9e: cmp al, 0xf0
0x12ba0: je 0x12b90
0x12ba2: mov word ptr cs:[0x252], ds
0x12ba7: mov word ptr cs:[0x254], es
0x12bac: mov word ptr cs:[0x25c], ax
0x12bb0: mov word ptr cs:[0x258], bx
0x12bb5: mov word ptr cs:[0x25a], cx
0x12bba: mov word ptr cs:[0x256], dx
0x12bbf: cld
0x12bc0: push si
|
| 2018-12-17T23:01:34.673255921Z | 67 | PC: 12c57 | Get or set file attributes |
| 2018-12-17T23:01:34.680090123Z | 67 | PC: 12b8f | Get or set file attributes |
| 2018-12-17T23:01:35.09459288Z | 61 | PC: 12b8f | Open file (Filename = '�') |
| 2018-12-17T23:01:35.102159518Z | 87 | PC: 12b8f | Get or set file date and time |
| 2018-12-17T23:01:35.104244996Z | 66 | PC: 12b8f | Move file pointer |
| 2018-12-17T23:01:35.106408111Z | 66 | PC: 12cd6 | Move file pointer |
| 2018-12-17T23:01:35.108171444Z | 63 | PC: 12b8f | Read file or device (Read 32 bytes on handle 5) |
| 2018-12-17T23:01:35.115600574Z | 66 | PC: 12d89 | Move file pointer |
| 2018-12-17T23:01:35.118458033Z | 64 | PC: 12b8f | Write file or device (Write 32 bytes on handle 5) |
| 2018-12-17T23:01:35.121648929Z | 66 | PC: 12da6 | Move file pointer |
| 2018-12-17T23:01:35.123791465Z | 64 | PC: 12fa2 | Write file or device (Write 1472 bytes on handle 5) |
| 2018-12-17T23:01:35.136084223Z | 87 | PC: 12b8f | Get or set file date and time |
| 2018-12-17T23:01:35.138558091Z | 62 | PC: 12cb4 | Close file |
| 2018-12-17T23:01:35.147571678Z | 67 | PC: 12b8f | Get or set file attributes |
| 2018-12-17T23:01:35.159379335Z | 75 | PC: 12ecb | Execute program |
| 2018-12-17T23:01:35.17616747Z | 9 | PC: 131a2 | Display string (String= 'Goat file (EXE). Size=000011A0h/0000004512d bytes.
') |
| 2018-12-17T23:01:35.179321096Z | 76 | PC: 131a6 | Terminate with return code (Return code = '36') |
| 2018-12-17T23:01:35.184185346Z | 77 | PC: 12ecf | Get program return code |
| 2018-12-17T23:01:35.187140829Z | 49 | PC: 12ed8 | Terminate and stay resident (Return code = '36' | Memory size = '108') |
