.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T22:23:32.830011738Z | 26 | PC: 14101 | Set disk transfer address |
| 2018-12-17T22:23:32.831674081Z | 78 | PC: 1410d | Find first file |
| 2018-12-17T22:23:32.838729592Z | 53 | PC: 14151 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:23:32.840126023Z | 37 | PC: 14163 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:23:32.842180598Z | 67 | PC: 14179 | Get or set file attributes |
| 2018-12-17T22:23:32.859497047Z | 61 | PC: 14182 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:23:32.865892404Z | 87 | PC: 14188 | Get or set file date and time |
| 2018-12-17T22:23:32.867968052Z | 63 | PC: 1419b | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:23:32.872922045Z | 87 | PC: 1422a | Get or set file date and time |
| 2018-12-17T22:23:32.874451395Z | 62 | PC: 1422e | Close file |
| 2018-12-17T22:23:32.881840242Z | 67 | PC: 1423e | Get or set file attributes |
| 2018-12-17T22:23:32.897887987Z | 37 | PC: 1424b | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:23:32.899394071Z | 79 | PC: 1410d | Find next file |
| 2018-12-17T22:23:32.908562279Z | 79 | PC: 1410d | Find next file |
| 2018-12-17T22:23:32.911938552Z | 79 | PC: 1410d | Find next file |
| 2018-12-17T22:23:32.91478411Z | 79 | PC: 1410d | Find next file |
| 2018-12-17T22:23:32.917399715Z | 79 | PC: 1410d | Find next file |
| 2018-12-17T22:23:32.920487694Z | 79 | PC: 1410d | Find next file |
| 2018-12-17T22:23:32.922887978Z | 79 | PC: 1410d | Find next file |
| 2018-12-17T22:23:32.925335527Z | 79 | PC: 1410d | Find next file |
| 2018-12-17T22:23:32.927809386Z | 26 | PC: 1412d | Set disk transfer address |
| 2018-12-17T22:23:32.929007576Z | 48 | PC: 12a63 | Get DOS version |
| 2018-12-17T22:23:32.930173977Z | 9 | PC: 12a7a | Display string (String= '
--=[ Selfchecking AntiStealth Goat COM/EXE file, 01/06/01 ]=------------------
(c) 1995-2001 by ROSE SWE, Dipl.-Ing. Ralph Roth - Version 1.18 - Freeware
') |
| 2018-12-17T22:23:32.941382173Z | 61 | PC: 12cb7 | Open file (Filename = '�') |
| 2018-12-17T22:23:32.947814299Z | 9 | PC: 12a88 | Display string (String= 'Self test: ') |
| 2018-12-17T22:23:32.950151805Z | 93 | PC: 12b24 | File sharing functions |
| 2018-12-17T22:23:32.953839805Z | 9 | PC: 12b03 | Display string (String= 'Size change=+0192h/00402d. Virus might be activ?
��') |
| 2018-12-17T22:23:32.959995338Z | 76 | PC: 12b09 | Terminate with return code (Return code = '1') |
