.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:22:11.891404144Z | 48 | PC: 178fc | Get DOS version |
| 2018-12-17T22:22:11.893203098Z | 74 | PC: 17898 | Reallocate memory |
| 2018-12-17T22:22:11.894848716Z | 61 | PC: 9fa64 | Open file (Filename = 'C:\COMMAND.COM') |
| 2018-12-17T22:22:11.901150107Z | 63 | PC: 9fa64 | Read file or device (Read 5 bytes on handle 5) |
| 2018-12-17T22:22:11.90427891Z | 62 | PC: 9f9ed | Close file |
| 2018-12-17T22:22:11.906021768Z | 37 | PC: 9fa64 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:22:11.907047083Z | 67 | PC: 9fa0f | Get or set file attributes |
| 2018-12-17T22:22:11.912581835Z | 67 | PC: 9fa64 | Get or set file attributes |
| 2018-12-17T22:22:12.256335193Z | 61 | PC: 9fa64 | Open file (Filename = 'C:\COMMAND.COM') |
| 2018-12-17T22:22:12.262713279Z | 87 | PC: 9fa37 | Get or set file date and time |
| 2018-12-17T22:22:12.26475139Z | 66 | PC: 9fa64 | Move file pointer |
| 2018-12-17T22:22:12.266209027Z | 64 | PC: 9fa64 | Write file or device (Write 1000 bytes on handle 5) |
| 2018-12-17T22:22:12.275575613Z | 66 | PC: 9fa64 | Move file pointer |
| 2018-12-17T22:22:12.277587467Z | 64 | PC: 9fa64 | Write file or device (Write 5 bytes on handle 5) |
| 2018-12-17T22:22:12.280376226Z | 87 | PC: 9fa45 | Get or set file date and time |
| 2018-12-17T22:22:12.281910616Z | 62 | PC: 9f9ed | Close file |
| 2018-12-17T22:22:12.289734132Z | 37 | PC: 9fa64 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:22:12.290987167Z | 9 | PC: 12a47 | Display string (String= 'This GOAT file was generated by Andreas Marx. ROSEGOAT by RR! (26.08.1998) File: ROSE001.COM - 20.000 (4E20h) bytes length! ') |