.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T23:10:39.757529995Z | 44 | PC: 12c2b | Get time 0x12c2b: cmp byte ptr [0x123], 0x80 0x12c30: jne 0x12c4d 0x12c32: mov byte ptr [0x123], 0x82 0x12c37: jmp 0x12c52 0x12c39: sub ch, ch 0x12c3b: sub al, al 0x12c3d: mov cl, 6 0x12c3f: shl al, cl 0x12c41: mov cl, al 0x12c43: or cl, 1 0x12c46: mov ax, 0x500 0x12c49: int 0x13 0x12c4b: int 0x20 0x12c4d: mov byte ptr [0x123], 0x80 0x12c52: mov ah, byte ptr [0x12d] 0x12c56: mov byte ptr [0x122], ah 0x12c5a: mov byte ptr [0x15a], ah 0x12c5e: mov ah, byte ptr [0x10b] 0x12c62: mov byte ptr [0x11f], ah 0x12c66: mov byte ptr [0x155], ah |
| 2018-12-17T23:10:39.762871524Z | 250 | PC: 12e11 | UNKNOWN! |
| 2018-12-17T23:10:39.767434888Z | 255 | PC: 12e34 | UNKNOWN! |
| 2018-12-17T23:10:39.771202716Z | 65 | PC: 12e41 | Delete file (Filename = '') |
| 2018-12-17T23:10:39.781439422Z | 60 | PC: 12e63 | Create or truncate file |
| 2018-12-17T23:10:39.788627043Z | 60 | PC: 12e6a | Create or truncate file |
| 2018-12-17T23:10:39.795271953Z | 65 | PC: 12e71 | Delete file (Filename = 'ANTI-VIR.DAT') |
| 2018-12-17T23:10:39.802215274Z | 65 | PC: 12e78 | Delete file (Filename = 'CHKLIST.CPS') |
| 2018-12-17T23:10:39.809650911Z | 65 | PC: 12e7f | Delete file (Filename = 'C:\CPAV\CHKLIST.CPS') |
| 2018-12-17T23:10:39.819101168Z | 65 | PC: 12e86 | Delete file (Filename = 'C:\NAV_._NO') |
| 2018-12-17T23:10:39.826279231Z | 65 | PC: 12e8d | Delete file (Filename = 'C:\NOVIRCVR.CTS') |
| 2018-12-17T23:10:39.833131521Z | 65 | PC: 12e94 | Delete file (Filename = 'C:\NOVIPERF.DAT') |
| 2018-12-17T23:10:39.839013175Z | 65 | PC: 12e9b | Delete file (Filename = 'C:\TOOLKIT\FILES.LST') |
| 2018-12-17T23:10:39.846262803Z | 65 | PC: 12ea2 | Delete file (Filename = 'C:\FSIZES.QCV') |
| 2018-12-17T23:10:39.855675018Z | 65 | PC: 12ea9 | Delete file (Filename = 'C:\UNTOUCH\UT.UT1') |
| 2018-12-17T23:10:39.867879867Z | 65 | PC: 12eb0 | Delete file (Filename = 'C:\UNTOUCH\UT.UT2') |
| 2018-12-17T23:10:39.874309542Z | 65 | PC: 12eb7 | Delete file (Filename = 'C:\VS.VS') |
| 2018-12-17T23:10:39.881736453Z | 78 | PC: 12ed0 | Find first file |
| 2018-12-17T23:10:39.889566752Z | 78 | PC: 12ee2 | Find first file |
| 2018-12-17T23:10:39.896403703Z | 62 | PC: 12f42 | Close file |
| 2018-12-17T23:10:39.899269274Z | 61 | PC: 12f4b | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T23:10:39.917348152Z | 64 | PC: 12a6d | Write file or device (Write 1356 bytes on handle 0) |
| 2018-12-17T23:10:39.936761081Z | 87 | PC: 12f74 | Get or set file date and time |
| 2018-12-17T23:10:39.93893489Z | 62 | PC: 12f7c | Close file |
| 2018-12-17T23:10:39.948257957Z | 67 | PC: 12f89 | Get or set file attributes |