.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T23:05:12.158986369Z | 26 | PC: 14197 | Set disk transfer address |
| 2018-12-17T23:05:12.161052354Z | 78 | PC: 1417d | Find first file |
| 2018-12-17T23:05:12.169256001Z | 61 | PC: 1410e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T23:05:12.176682987Z | 87 | PC: 14114 | Get or set file date and time |
| 2018-12-17T23:05:12.178492761Z | 63 | PC: 14121 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:05:12.186076642Z | 66 | PC: 1419d | Move file pointer |
| 2018-12-17T23:05:12.187961236Z | 64 | PC: 14155 | Write file or device (Write 218 bytes on handle 5) |
| 2018-12-17T23:05:12.203779653Z | 66 | PC: 1419d | Move file pointer |
| 2018-12-17T23:05:12.206727927Z | 64 | PC: 14166 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T23:05:12.214559103Z | 87 | PC: 1416d | Get or set file date and time |
| 2018-12-17T23:05:12.216566789Z | 62 | PC: 14171 | Close file |
| 2018-12-17T23:05:12.225920959Z | 79 | PC: 1417d | Find next file |
| 2018-12-17T23:05:12.228359996Z | 61 | PC: 1410e | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T23:05:12.235628585Z | 87 | PC: 14114 | Get or set file date and time |
| 2018-12-17T23:05:12.238879147Z | 63 | PC: 14121 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:05:12.244031867Z | 66 | PC: 1419d | Move file pointer |
| 2018-12-17T23:05:12.245398988Z | 64 | PC: 14155 | Write file or device (Write 218 bytes on handle 5) |
| 2018-12-17T23:05:12.248023794Z | 66 | PC: 1419d | Move file pointer |
| 2018-12-17T23:05:12.250199997Z | 64 | PC: 14166 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T23:05:12.252652969Z | 87 | PC: 1416d | Get or set file date and time |
| 2018-12-17T23:05:12.254088108Z | 62 | PC: 14171 | Close file |
| 2018-12-17T23:05:12.260565398Z | 79 | PC: 1417d | Find next file |
| 2018-12-17T23:05:12.26288508Z | 61 | PC: 1410e | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T23:05:12.267938714Z | 87 | PC: 14114 | Get or set file date and time |
| 2018-12-17T23:05:12.270985413Z | 63 | PC: 14121 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:05:12.277305228Z | 66 | PC: 1419d | Move file pointer |
| 2018-12-17T23:05:12.279372225Z | 64 | PC: 14155 | Write file or device (Write 218 bytes on handle 5) |
| 2018-12-17T23:05:12.283430577Z | 66 | PC: 1419d | Move file pointer |
| 2018-12-17T23:05:12.285254937Z | 64 | PC: 14166 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T23:05:12.288424538Z | 87 | PC: 1416d | Get or set file date and time |
| 2018-12-17T23:05:12.291728852Z | 62 | PC: 14171 | Close file |
| 2018-12-17T23:05:12.299858219Z | 79 | PC: 1417d | Find next file |
| 2018-12-17T23:05:12.303046274Z | 61 | PC: 1410e | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T23:05:12.309853906Z | 87 | PC: 14114 | Get or set file date and time |
| 2018-12-17T23:05:12.311232809Z | 63 | PC: 14121 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:05:12.316596054Z | 66 | PC: 1419d | Move file pointer |
| 2018-12-17T23:05:12.318756547Z | 64 | PC: 14155 | Write file or device (Write 218 bytes on handle 5) |
| 2018-12-17T23:05:12.321778039Z | 66 | PC: 1419d | Move file pointer |
| 2018-12-17T23:05:12.323613992Z | 64 | PC: 14166 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T23:05:12.326290245Z | 87 | PC: 1416d | Get or set file date and time |
| 2018-12-17T23:05:12.328316765Z | 62 | PC: 14171 | Close file |
| 2018-12-17T23:05:12.334545478Z | 79 | PC: 1417d | Find next file |
| 2018-12-17T23:05:12.337307201Z | 61 | PC: 1410e | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T23:05:12.3446498Z | 87 | PC: 14114 | Get or set file date and time |
| 2018-12-17T23:05:12.346556956Z | 63 | PC: 14121 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:05:12.354712463Z | 66 | PC: 1419d | Move file pointer |
| 2018-12-17T23:05:12.356695582Z | 64 | PC: 14155 | Write file or device (Write 218 bytes on handle 5) |
| 2018-12-17T23:05:12.359995137Z | 66 | PC: 1419d | Move file pointer |
| 2018-12-17T23:05:12.363504967Z | 64 | PC: 14166 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T23:05:12.366995441Z | 87 | PC: 1416d | Get or set file date and time |
| 2018-12-17T23:05:12.368885896Z | 62 | PC: 14171 | Close file |
| 2018-12-17T23:05:12.377256597Z | 79 | PC: 1417d | Find next file |
| 2018-12-17T23:05:12.380469989Z | 61 | PC: 1410e | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T23:05:12.387872911Z | 87 | PC: 14114 | Get or set file date and time |
| 2018-12-17T23:05:12.390597404Z | 63 | PC: 14121 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:05:12.398039729Z | 66 | PC: 1419d | Move file pointer |
| 2018-12-17T23:05:12.399956805Z | 64 | PC: 14155 | Write file or device (Write 218 bytes on handle 5) |
| 2018-12-17T23:05:12.408171743Z | 66 | PC: 1419d | Move file pointer |
| 2018-12-17T23:05:12.410213572Z | 64 | PC: 14166 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T23:05:12.415739684Z | 87 | PC: 1416d | Get or set file date and time |
| 2018-12-17T23:05:12.417097237Z | 62 | PC: 14171 | Close file |
| 2018-12-17T23:05:12.424477746Z | 79 | PC: 1417d | Find next file |
| 2018-12-17T23:05:12.426716426Z | 61 | PC: 1410e | Open file (Filename = 'PAH.COM') |
| 2018-12-17T23:05:12.43263151Z | 87 | PC: 14114 | Get or set file date and time |
| 2018-12-17T23:05:12.435653092Z | 63 | PC: 14121 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:05:12.440851818Z | 66 | PC: 1419d | Move file pointer |
| 2018-12-17T23:05:12.442256539Z | 64 | PC: 14155 | Write file or device (Write 218 bytes on handle 5) |
| 2018-12-17T23:05:12.445290615Z | 66 | PC: 1419d | Move file pointer |
| 2018-12-17T23:05:12.446634823Z | 64 | PC: 14166 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T23:05:12.449164179Z | 87 | PC: 1416d | Get or set file date and time |
| 2018-12-17T23:05:12.451287903Z | 62 | PC: 14171 | Close file |
| 2018-12-17T23:05:12.457521805Z | 79 | PC: 1417d | Find next file |
| 2018-12-17T23:05:12.459869611Z | 61 | PC: 1410e | Open file (Filename = 'TEST.COM') |
| 2018-12-17T23:05:12.46595774Z | 87 | PC: 14114 | Get or set file date and time |
| 2018-12-17T23:05:12.467337945Z | 63 | PC: 14121 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:05:12.469688345Z | 87 | PC: 1416d | Get or set file date and time |
| 2018-12-17T23:05:12.47178616Z | 62 | PC: 14171 | Close file |
| 2018-12-17T23:05:12.477649316Z | 79 | PC: 1417d | Find next file |
| 2018-12-17T23:05:12.479806382Z | 26 | PC: 14197 | Set disk transfer address |
| 2018-12-17T23:05:12.481423503Z | 48 | PC: 12a63 | Get DOS version |
| 2018-12-17T23:05:12.483254927Z | 9 | PC: 12a7a | Display string (String= '
--=[ Selfchecking AntiStealth Goat COM/EXE file, 01/06/01 ]=------------------
(c) 1995-2001 by ROSE SWE, Dipl.-Ing. Ralph Roth - Version 1.18 - Freeware
') |
| 2018-12-17T23:05:12.490393671Z | 61 | PC: 12cb7 | Open file (Filename = '�') |
| 2018-12-17T23:05:12.495920455Z | 9 | PC: 12a88 | Display string (String= 'Self test: ') |
| 2018-12-17T23:05:12.498706844Z | 93 | PC: 12b24 | File sharing functions |
| 2018-12-17T23:05:12.500479588Z | 9 | PC: 12b03 | Display string (String= 'Size change=+00DAh/00218d. Virus might be activ?
��') |
| 2018-12-17T23:05:12.505242285Z | 76 | PC: 12b09 | Terminate with return code (Return code = '1') |
