.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T22:07:54.813435835Z | 74 | PC: 12aa9 | Reallocate memory |
| 2018-12-17T22:07:54.815860248Z | 72 | PC: 12ab0 | Allocate memory |
| 2018-12-17T22:07:54.817638477Z | 37 | PC: 12abd | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:07:54.8187293Z | 26 | PC: 12ac4 | Set disk transfer address |
| 2018-12-17T22:07:54.82090381Z | 25 | PC: 12ac8 | Get default drive |
| 2018-12-17T22:07:54.822283127Z | 78 | PC: 12bd5 | Find first file |
| 2018-12-17T22:07:54.828133322Z | 62 | PC: 12c0a | Close file |
| 2018-12-17T22:07:54.830152258Z | 79 | PC: 12bd5 | Find next file |
| 2018-12-17T22:07:54.839359085Z | 62 | PC: 12c0a | Close file |
| 2018-12-17T22:07:54.841615988Z | 79 | PC: 12bd5 | Find next file |
| 2018-12-17T22:07:54.845233034Z | 62 | PC: 12c0a | Close file |
| 2018-12-17T22:07:54.849417535Z | 79 | PC: 12bd5 | Find next file |
| 2018-12-17T22:07:54.852643382Z | 62 | PC: 12c0a | Close file |
| 2018-12-17T22:07:54.854704863Z | 79 | PC: 12bd5 | Find next file |
| 2018-12-17T22:07:54.858005916Z | 62 | PC: 12c0a | Close file |
| 2018-12-17T22:07:54.859581289Z | 79 | PC: 12bd5 | Find next file |
| 2018-12-17T22:07:54.86289923Z | 62 | PC: 12c0a | Close file |
| 2018-12-17T22:07:54.866220808Z | 79 | PC: 12bd5 | Find next file |
| 2018-12-17T22:07:54.868714357Z | 62 | PC: 12c0a | Close file |
| 2018-12-17T22:07:54.870313708Z | 79 | PC: 12bd5 | Find next file |
| 2018-12-17T22:07:54.875605787Z | 61 | PC: 12b80 | Open file (Filename = 'TEST.COM') |
| 2018-12-17T22:07:54.882391503Z | 63 | PC: 12b90 | Read file or device (Read 529 bytes on handle 5) |
| 2018-12-17T22:07:54.889623621Z | 62 | PC: 12c0a | Close file |
| 2018-12-17T22:07:54.893181507Z | 79 | PC: 12bd5 | Find next file |
| 2018-12-17T22:07:54.895849039Z | 78 | PC: 12c1a | Find first file |
| 2018-12-17T22:07:54.901829834Z | 78 | PC: 12c2b | Find first file |
| 2018-12-17T22:07:54.908736806Z | 68 | PC: 12aef | I/O control for devices (Set for = '*.pas') |
| 2018-12-17T22:07:54.910637043Z | 14 | PC: 12afd | Set default drive (Drive = 'C') |
| 2018-12-17T22:07:54.912941237Z | 78 | PC: 12bd5 | Find first file |
| 2018-12-17T22:07:54.920696417Z | 61 | PC: 12b80 | Open file (Filename = 'COMMAND.COM') |
| 2018-12-17T22:07:54.926894284Z | 63 | PC: 12b90 | Read file or device (Read 529 bytes on handle 5) |
| 2018-12-17T22:07:54.933142894Z | 66 | PC: 12b68 | Move file pointer |
| 2018-12-17T22:07:54.935297281Z | 64 | PC: 12bab | Write file or device (Write 529 bytes on handle 5) |
| 2018-12-17T22:07:55.62019326Z | 66 | PC: 12b68 | Move file pointer |
| 2018-12-17T22:07:55.621646619Z | 64 | PC: 12c05 | Write file or device (Write 529 bytes on handle 5) |
| 2018-12-17T22:07:55.628120157Z | 62 | PC: 12c0a | Close file |
| 2018-12-17T22:07:55.63540054Z | 14 | PC: 12b05 | Set default drive (Drive = 'A') |
| 2018-12-17T22:07:55.636440406Z | 73 | PC: 12b11 | Release memory |
| 2018-12-17T22:07:55.637675112Z | 74 | PC: 12b1a | Reallocate memory |
| 2018-12-17T22:07:55.639680457Z | 74 | PC: 12b1e | Reallocate memory |
| 2018-12-17T22:07:55.640606042Z | 26 | PC: 12b25 | Set disk transfer address |
| 2018-12-17T22:07:55.641424742Z | 37 | PC: 12b2f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:07:55.642896277Z | 9 | PC: 13a3b | Display string (String= 'Infected file. Original length = 4096 bytes.
�') |
| 2018-12-17T22:07:55.645613448Z | 76 | PC: 13a40 | Terminate with return code (Return code = '0') |
