.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:20:04.082727798Z | 78 | PC: 12c62 | Find first file |
| 2018-12-17T22:20:04.088959272Z | 67 | PC: 12c6f | Get or set file attributes |
| 2018-12-17T22:20:04.093458447Z | 61 | PC: 12c74 | Open file (Filename = 'TEST.EXE') |
| 2018-12-17T22:20:04.104840984Z | 87 | PC: 12cec | Get or set file date and time |
| 2018-12-17T22:20:04.106693715Z | 87 | PC: 12cfa | Get or set file date and time |
| 2018-12-17T22:20:04.108150575Z | 63 | PC: 12d06 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:20:04.114282396Z | 66 | PC: 12d0f | Move file pointer |
| 2018-12-17T22:20:04.115885017Z | 66 | PC: 12d26 | Move file pointer |
| 2018-12-17T22:20:04.117383798Z | 64 | PC: 12d32 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:20:04.11979872Z | 66 | PC: 12d3b | Move file pointer |
| 2018-12-17T22:20:04.12107738Z | 64 | PC: 12d44 | Write file or device (Write 277 bytes on handle 5) |
| 2018-12-17T22:20:04.135749908Z | 62 | PC: 12d48 | Close file |
| 2018-12-17T22:20:04.143902159Z | 79 | PC: 12c7f | Find next file |
| 2018-12-17T22:20:04.146190103Z | 78 | PC: 12c62 | Find first file |
| 2018-12-17T22:20:04.154942004Z | 67 | PC: 12c6f | Get or set file attributes |
| 2018-12-17T22:20:04.159359996Z | 61 | PC: 12c74 | Open file (Filename = 'ATTRIB.EXE') |
| 2018-12-17T22:20:04.165353889Z | 9 | PC: 12b36 | Display string (String= ' YOU HAVE JUST RELEASED A VIRUS! Entry=3h, Size=500, Stack=0, Overlay(0)=0 not loaded, Fill=FFFF* exe file, code at start, JMP at start, SS:SP != CS:IP ') |
| 2018-12-17T22:20:04.176790007Z | 76 | PC: 12b3a | Terminate with return code (Return code = '36') |