.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T21:54:49.316541772Z | 47 | PC: 12a69 | Get disk transfer address |
| 2018-12-17T21:54:49.318943453Z | 26 | PC: 12a7b | Set disk transfer address |
| 2018-12-17T21:54:49.320732544Z | 44 | PC: 12a7f | Get time 0x12a7f: mov word ptr [si + 0x38a], dx 0x12a83: mov ah, 0x4e 0x12a85: mov cx, 3 0x12a88: mov dx, 0x384 0x12a8b: add dx, si 0x12a8d: int 0x21 0x12a8f: jb 0x12a98 0x12a91: mov bx, 0x19d 0x12a94: add bx, si 0x12a96: jmp bx 0x12a98: cmp byte ptr [si + 0x2a5], 2 0x12a9d: je 0x12aba 0x12a9f: mov byte ptr [si + 0x2a5], 2 0x12aa4: nop 0x12aa5: nop 0x12aa6: mov ah, 0x3d 0x12aa8: mov al, 2 0x12aaa: mov dx, 0x2a6 0x12aad: add dx, si 0x12aaf: int 0x21 |
| 2018-12-17T21:54:49.323607861Z | 78 | PC: 12a8f | Find first file |
| 2018-12-17T21:54:49.330739186Z | 67 | PC: 12ae7 | Get or set file attributes |
| 2018-12-17T21:54:49.336678347Z | 67 | PC: 12af8 | Get or set file attributes |
| 2018-12-17T21:54:49.346318187Z | 61 | PC: 12b13 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T21:54:49.358371027Z | 63 | PC: 12b23 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T21:54:49.369327081Z | 66 | PC: 12b3b | Move file pointer |
| 2018-12-17T21:54:49.371039479Z | 66 | PC: 12b53 | Move file pointer |
| 2018-12-17T21:54:49.372701383Z | 64 | PC: 12b5f | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T21:54:49.376869075Z | 66 | PC: 12b6b | Move file pointer |
| 2018-12-17T21:54:49.379187768Z | 64 | PC: 12b78 | Write file or device (Write 716 bytes on handle 5) |
| 2018-12-17T21:54:49.3933145Z | 62 | PC: 12b7c | Close file |
| 2018-12-17T21:54:49.403154875Z | 67 | PC: 12b8a | Get or set file attributes |
| 2018-12-17T21:54:49.413593779Z | 79 | PC: 12a8f | Find next file |
| 2018-12-17T21:54:49.416551515Z | 67 | PC: 12ae7 | Get or set file attributes |
| 2018-12-17T21:54:49.423436076Z | 67 | PC: 12af8 | Get or set file attributes |
| 2018-12-17T21:54:49.429429378Z | 67 | PC: 12b8a | Get or set file attributes |
| 2018-12-17T21:54:49.442567219Z | 79 | PC: 12a8f | Find next file |
| 2018-12-17T21:54:49.446080452Z | 67 | PC: 12ae7 | Get or set file attributes |
| 2018-12-17T21:54:49.452385918Z | 67 | PC: 12af8 | Get or set file attributes |
| 2018-12-17T21:54:49.457262079Z | 67 | PC: 12b8a | Get or set file attributes |
| 2018-12-17T21:54:49.465064389Z | 79 | PC: 12a8f | Find next file |
| 2018-12-17T21:54:49.470750232Z | 67 | PC: 12ae7 | Get or set file attributes |
| 2018-12-17T21:54:49.493093468Z | 67 | PC: 12af8 | Get or set file attributes |
| 2018-12-17T21:54:49.499083554Z | 67 | PC: 12b8a | Get or set file attributes |
| 2018-12-17T21:54:49.521777018Z | 79 | PC: 12a8f | Find next file |
| 2018-12-17T21:54:49.524310534Z | 67 | PC: 12ae7 | Get or set file attributes |
| 2018-12-17T21:54:49.530092605Z | 67 | PC: 12af8 | Get or set file attributes |
| 2018-12-17T21:54:49.549746736Z | 67 | PC: 12b8a | Get or set file attributes |
| 2018-12-17T21:54:49.560000134Z | 79 | PC: 12a8f | Find next file |
| 2018-12-17T21:54:49.562632883Z | 67 | PC: 12ae7 | Get or set file attributes |
| 2018-12-17T21:54:49.568699067Z | 67 | PC: 12af8 | Get or set file attributes |
| 2018-12-17T21:54:49.573360534Z | 61 | PC: 12b13 | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T21:54:49.579729425Z | 63 | PC: 12b23 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T21:54:49.586847108Z | 66 | PC: 12b3b | Move file pointer |
| 2018-12-17T21:54:49.588369356Z | 66 | PC: 12b53 | Move file pointer |
| 2018-12-17T21:54:49.590110794Z | 64 | PC: 12b5f | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T21:54:49.593834727Z | 66 | PC: 12b6b | Move file pointer |
| 2018-12-17T21:54:49.595685243Z | 64 | PC: 12b78 | Write file or device (Write 716 bytes on handle 5) |
| 2018-12-17T21:54:49.604343677Z | 62 | PC: 12b7c | Close file |
| 2018-12-17T21:54:49.613413197Z | 67 | PC: 12b8a | Get or set file attributes |
| 2018-12-17T21:54:49.637367696Z | 79 | PC: 12a8f | Find next file |
| 2018-12-17T21:54:49.640409859Z | 67 | PC: 12ae7 | Get or set file attributes |
| 2018-12-17T21:54:49.647011578Z | 67 | PC: 12af8 | Get or set file attributes |
| 2018-12-17T21:54:49.652424823Z | 67 | PC: 12b8a | Get or set file attributes |
| 2018-12-17T21:54:49.662238413Z | 79 | PC: 12a8f | Find next file |
| 2018-12-17T21:54:49.665982033Z | 67 | PC: 12ae7 | Get or set file attributes |
| 2018-12-17T21:54:49.672187504Z | 67 | PC: 12af8 | Get or set file attributes |
| 2018-12-17T21:54:49.682186046Z | 61 | PC: 12b13 | Open file (Filename = 'TEST.COM') |
| 2018-12-17T21:54:49.692241811Z | 63 | PC: 12b23 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T21:54:49.69972741Z | 67 | PC: 12b8a | Get or set file attributes |
| 2018-12-17T21:54:49.709862096Z | 79 | PC: 12a8f | Find next file |
| 2018-12-17T21:54:49.712629072Z | 61 | PC: 12ab1 | Open file (Filename = 'c:\command.com') |
| 2018-12-17T21:54:49.720181813Z | 67 | PC: 12ae7 | Get or set file attributes |
| 2018-12-17T21:54:49.726194481Z | 67 | PC: 12af8 | Get or set file attributes |
| 2018-12-17T21:54:49.731234955Z | 61 | PC: 12b13 | Open file (Filename = 'TEST.COM') |
| 2018-12-17T21:54:49.744029195Z | 63 | PC: 12b23 | Read file or device (Read 4 bytes on handle 7) |
| 2018-12-17T21:54:49.76335591Z | 67 | PC: 12b8a | Get or set file attributes |
| 2018-12-17T21:54:49.946411782Z | 79 | PC: 12a8f | Find next file |
| 2018-12-17T21:54:49.94972313Z | 9 | PC: 12ba3 | Display string (String= ' Este fichero ha sido infectado por el TSC virus. Usas mucho el ordenador, no si dejar que sigas con el. Voy a pensarlo un momento. ') |
| 2018-12-17T21:54:53.145101556Z | 9 | PC: 12bdc | Display string (String= ' Lo siento, he decidido que no. ') |