.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T22:07:33.118339351Z | 42 | PC: 144a8 | Get date 0x144a8: push dx
0x144a9: xor ax, ax
0x144ab: mov ds, ax
0x144ad: cli
0x144ae: mov ax, word ptr [0x84]
0x144b1: mov word ptr cs:[bp + 0x23], ax
0x144b5: mov ax, word ptr [0x86]
0x144b8: mov word ptr cs:[bp + 0x25], ax
0x144bc: mov word ptr [0x84], 0x130
0x144c2: mov word ptr [0x86], es
0x144c6: pop dx
0x144c7: cmp dl, 0x13
0x144ca: jne 0x144e4
0x144cc: mov ax, word ptr [0x24]
0x144cf: mov word ptr cs:[bp + 0x27], ax
0x144d3: mov ax, word ptr [0x26]
0x144d6: mov word ptr cs:[bp + 0x29], ax
0x144da: mov word ptr [0x24], 0x162
0x144e0: mov word ptr [0x26], es
0x144e4: sti
|
| 2018-12-17T22:07:33.121862723Z | 48 | PC: 12a63 | Get DOS version |
| 2018-12-17T22:07:33.123471364Z | 9 | PC: 12a7a | Display string (String= '
--=[ Selfchecking AntiStealth Goat COM/EXE file, 01/06/01 ]=------------------
(c) 1995-2001 by ROSE SWE, Dipl.-Ing. Ralph Roth - Version 1.18 - Freeware
') |
| 2018-12-17T22:07:33.133339292Z | 61 | PC: 12cb7 | Open file (Filename = '�') |
| 2018-12-17T22:07:33.141679871Z | 9 | PC: 12a88 | Display string (String= 'Self test: ') |
| 2018-12-17T22:07:33.143992217Z | 93 | PC: 12b24 | File sharing functions |
| 2018-12-17T22:07:33.145827184Z | 9 | PC: 12b03 | Display string (String= 'Size change=+0453h/01107d. Virus might be activ?
��') |
| 2018-12-17T22:07:33.151185998Z | 76 | PC: 12b09 | Terminate with return code (Return code = '1') |
