.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:15:43.609051906Z | 48 | PC: 1340a | Get DOS version |
| 2018-12-17T22:15:43.611664107Z | 47 | PC: 13416 | Get disk transfer address |
| 2018-12-17T22:15:43.613043106Z | 26 | PC: 13423 | Set disk transfer address |
| 2018-12-17T22:15:43.614556649Z | 78 | PC: 13496 | Find first file |
| 2018-12-17T22:15:43.621102766Z | 67 | PC: 134da | Get or set file attributes |
| 2018-12-17T22:15:43.637086841Z | 67 | PC: 134e8 | Get or set file attributes |
| 2018-12-17T22:15:43.66577598Z | 61 | PC: 134f0 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:15:43.672614911Z | 87 | PC: 134fc | Get or set file date and time |
| 2018-12-17T22:15:43.675068068Z | 44 | PC: 13506 | Get time 0x13506: mov ah, 0x3f 0x13508: mov cx, 3 0x1350b: lea dx, word ptr [si + 0x13] 0x1350e: int 0x21 0x13510: jb 0x13559 0x13512: cmp ax, 3 0x13515: jne 0x13559 0x13517: mov ax, 0x4202 0x1351a: xor cx, cx 0x1351c: xor dx, dx 0x1351e: int 0x21 0x13520: jb 0x13559 0x13522: mov cx, ax 0x13524: sub ax, 3 0x13527: mov word ptr [si + 0x17], ax 0x1352a: add cx, 0x2bd 0x1352e: mov word ptr [si - 0x1bc], cx 0x13532: mov ah, 0x40 0x13534: mov cx, 0x1e1 0x13537: nop |
| 2018-12-17T22:15:43.67716028Z | 63 | PC: 13510 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:15:43.683529781Z | 66 | PC: 13520 | Move file pointer |
| 2018-12-17T22:15:43.686206602Z | 64 | PC: 1353e | Write file or device (Write 481 bytes on handle 5) |
| 2018-12-17T22:15:43.697386223Z | 66 | PC: 1354d | Move file pointer |
| 2018-12-17T22:15:43.713837932Z | 64 | PC: 13559 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:15:43.721385813Z | 87 | PC: 1356a | Get or set file date and time |
| 2018-12-17T22:15:43.723667926Z | 62 | PC: 1356e | Close file |
| 2018-12-17T22:15:43.731451065Z | 67 | PC: 13579 | Get or set file attributes |
| 2018-12-17T22:15:43.742375768Z | 26 | PC: 13584 | Set disk transfer address |
| 2018-12-17T22:15:43.743640175Z | 26 | PC: 13227 | Set disk transfer address |
| 2018-12-17T22:15:43.752259713Z | 78 | PC: 13265 | Find first file |
| 2018-12-17T22:15:43.759975192Z | 61 | PC: 13271 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:15:43.766624826Z | 63 | PC: 13280 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:15:43.769230545Z | 66 | PC: 13299 | Move file pointer |
| 2018-12-17T22:15:43.771028615Z | 64 | PC: 132ae | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:15:43.778813796Z | 64 | PC: 132b9 | Write file or device (Write 481 bytes on handle 5) |
| 2018-12-17T22:15:43.78728474Z | 66 | PC: 132c2 | Move file pointer |
| 2018-12-17T22:15:43.789053702Z | 64 | PC: 132e4 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:15:43.793395554Z | 62 | PC: 13259 | Close file |
| 2018-12-17T22:15:43.801871927Z | 79 | PC: 13265 | Find next file |
| 2018-12-17T22:15:43.804840946Z | 61 | PC: 13271 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:15:43.812735621Z | 63 | PC: 13280 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:15:43.819445191Z | 66 | PC: 13299 | Move file pointer |
| 2018-12-17T22:15:43.821297205Z | 64 | PC: 132ae | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:15:43.824959953Z | 64 | PC: 132b9 | Write file or device (Write 481 bytes on handle 5) |
| 2018-12-17T22:15:43.828677771Z | 66 | PC: 132c2 | Move file pointer |
| 2018-12-17T22:15:43.831412203Z | 64 | PC: 132e4 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:15:43.841702442Z | 62 | PC: 13259 | Close file |
| 2018-12-17T22:15:43.849508164Z | 79 | PC: 13265 | Find next file |
| 2018-12-17T22:15:43.852161655Z | 61 | PC: 13271 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:15:43.859284407Z | 63 | PC: 13280 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:15:43.865853464Z | 66 | PC: 13299 | Move file pointer |
| 2018-12-17T22:15:43.867533942Z | 64 | PC: 132ae | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:15:43.870959007Z | 64 | PC: 132b9 | Write file or device (Write 481 bytes on handle 5) |
| 2018-12-17T22:15:43.879315803Z | 66 | PC: 132c2 | Move file pointer |
| 2018-12-17T22:15:43.880982027Z | 64 | PC: 132e4 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:15:43.888463475Z | 62 | PC: 13259 | Close file |
| 2018-12-17T22:15:43.896870699Z | 79 | PC: 13265 | Find next file |
| 2018-12-17T22:15:43.899717373Z | 61 | PC: 13271 | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T22:15:43.907272121Z | 63 | PC: 13280 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:15:43.915348602Z | 66 | PC: 13299 | Move file pointer |
| 2018-12-17T22:15:43.916959367Z | 64 | PC: 132ae | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:15:43.919855519Z | 64 | PC: 132b9 | Write file or device (Write 481 bytes on handle 5) |
| 2018-12-17T22:15:43.928793593Z | 66 | PC: 132c2 | Move file pointer |
| 2018-12-17T22:15:43.930399889Z | 64 | PC: 132e4 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:15:43.936995769Z | 62 | PC: 13259 | Close file |
| 2018-12-17T22:15:43.947942902Z | 79 | PC: 13265 | Find next file |
| 2018-12-17T22:15:43.950544369Z | 61 | PC: 13271 | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T22:15:43.95734775Z | 63 | PC: 13280 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:15:43.964224711Z | 66 | PC: 13299 | Move file pointer |
| 2018-12-17T22:15:43.965512788Z | 64 | PC: 132ae | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:15:43.968999953Z | 64 | PC: 132b9 | Write file or device (Write 481 bytes on handle 5) |
| 2018-12-17T22:15:43.978203928Z | 66 | PC: 132c2 | Move file pointer |
| 2018-12-17T22:15:43.979515352Z | 64 | PC: 132e4 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:15:43.985806145Z | 62 | PC: 13259 | Close file |
| 2018-12-17T22:15:43.994377988Z | 79 | PC: 13265 | Find next file |
| 2018-12-17T22:15:43.997052192Z | 61 | PC: 13271 | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T22:15:44.003666869Z | 63 | PC: 13280 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:15:44.010514306Z | 66 | PC: 13299 | Move file pointer |
| 2018-12-17T22:15:44.011887171Z | 64 | PC: 132ae | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:15:44.014754346Z | 64 | PC: 132b9 | Write file or device (Write 481 bytes on handle 5) |
| 2018-12-17T22:15:44.02367513Z | 66 | PC: 132c2 | Move file pointer |
| 2018-12-17T22:15:44.025230286Z | 64 | PC: 132e4 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:15:44.031815552Z | 62 | PC: 13259 | Close file |
| 2018-12-17T22:15:44.041161275Z | 79 | PC: 13265 | Find next file |
| 2018-12-17T22:15:44.043617141Z | 61 | PC: 13271 | Open file (Filename = 'PAH.COM') |
| 2018-12-17T22:15:44.050007148Z | 63 | PC: 13280 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:15:44.056913379Z | 66 | PC: 13299 | Move file pointer |
| 2018-12-17T22:15:44.058317148Z | 64 | PC: 132ae | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:15:44.060921683Z | 64 | PC: 132b9 | Write file or device (Write 481 bytes on handle 5) |
| 2018-12-17T22:15:44.069468181Z | 66 | PC: 132c2 | Move file pointer |
| 2018-12-17T22:15:44.070820019Z | 64 | PC: 132e4 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:15:44.07719919Z | 62 | PC: 13259 | Close file |
| 2018-12-17T22:15:44.086010307Z | 79 | PC: 13265 | Find next file |
| 2018-12-17T22:15:44.08858198Z | 61 | PC: 13271 | Open file (Filename = 'TEST.COM') |
| 2018-12-17T22:15:44.094960094Z | 63 | PC: 13280 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:15:44.09895327Z | 62 | PC: 13259 | Close file |
| 2018-12-17T22:15:44.100835684Z | 79 | PC: 13265 | Find next file |
| 2018-12-17T22:15:44.103373602Z | 26 | PC: 1323b | Set disk transfer address |
| 2018-12-17T22:15:44.10512522Z | 9 | PC: 12a4c | Display string (String= '(C) 1993 American Eagle Poblications Inc., All Rights Reserved. Unauthorized use will be prosecuted under applicable copyright and software piracy laws. HOST #5 - You have just released a virus!') |
| 2018-12-17T22:15:44.112316839Z | 76 | PC: 12a51 | Terminate with return code (Return code = '0') |