.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T22:17:12.666752839Z | 68 | PC: 12b02 | I/O control for devices (Set for = '¤') |
| 2018-12-17T22:17:12.66968571Z | 48 | PC: 12b02 | Get DOS version |
| 2018-12-17T22:17:12.67103541Z | 26 | PC: 12b02 | Set disk transfer address |
| 2018-12-17T22:17:12.672181629Z | 78 | PC: 12b02 | Find first file |
| 2018-12-17T22:17:12.678600171Z | 79 | PC: 12b02 | Find next file |
| 2018-12-17T22:17:12.681795286Z | 79 | PC: 12b02 | Find next file |
| 2018-12-17T22:17:12.684324869Z | 79 | PC: 12b02 | Find next file |
| 2018-12-17T22:17:12.687839453Z | 79 | PC: 12b02 | Find next file |
| 2018-12-17T22:17:12.690806973Z | 79 | PC: 12b02 | Find next file |
| 2018-12-17T22:17:12.693816259Z | 79 | PC: 12b02 | Find next file |
| 2018-12-17T22:17:12.697264978Z | 79 | PC: 12b02 | Find next file |
| 2018-12-17T22:17:12.700487095Z | 61 | PC: 12b02 | Open file (Filename = '.¡À�ŽÀ.‹>¾�Š&9�&8%t�&ˆ%G¡:�&9�t�&‰�GG¡<�&9�t�&‰��º{�´�èéþº/�¹�') |
| 2018-12-17T22:17:12.707618694Z | 63 | PC: 12b02 | Read file or device (Read 65535 bytes on handle 5) |
| 2018-12-17T22:17:12.716103646Z | 87 | PC: 12b02 | Get or set file date and time |
| 2018-12-17T22:17:12.718888853Z | 62 | PC: 12b02 | Close file |
| 2018-12-17T22:17:12.730659663Z | 79 | PC: 12b02 | Find next file |
| 2018-12-17T22:17:12.732613542Z | 26 | PC: 12b02 | Set disk transfer address |
| 2018-12-17T22:17:12.735441241Z | 68 | PC: 12b02 | I/O control for devices (Set for = ' The AVV version 1.09, Copyright (C) 1991 ') |
| 2018-12-17T22:17:12.737820252Z | 48 | PC: 12a63 | Get DOS version |
| 2018-12-17T22:17:12.738957854Z | 9 | PC: 12a7a | Display string (String= '
--=[ Selfchecking AntiStealth Goat COM/EXE file, 01/06/01 ]=------------------
(c) 1995-2001 by ROSE SWE, Dipl.-Ing. Ralph Roth - Version 1.18 - Freeware
') |
| 2018-12-17T22:17:12.750632421Z | 61 | PC: 12cb7 | Open file (Filename = '�') |
| 2018-12-17T22:17:12.757411829Z | 9 | PC: 12a88 | Display string (String= 'Self test: ') |
| 2018-12-17T22:17:12.759935458Z | 93 | PC: 12b24 | File sharing functions |
| 2018-12-17T22:17:12.763438587Z | 9 | PC: 12b03 | Display string (String= 'Size change=+0683h/01667d. Virus might be activ?
��') |
| 2018-12-17T22:17:12.768762518Z | 76 | PC: 12b09 | Terminate with return code (Return code = '1') |
