.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T22:34:17.091174701Z | 53 | PC: 12a62 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:34:17.092657196Z | 37 | PC: 12a72 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:34:17.09478408Z | 26 | PC: 12a9f | Set disk transfer address |
| 2018-12-17T22:34:17.096071757Z | 71 | PC: 12aa9 | Get current directory |
| 2018-12-17T22:34:17.100286591Z | 78 | PC: 12b1e | Find first file |
| 2018-12-17T22:34:17.107738772Z | 78 | PC: 12b1e | Find first file |
| 2018-12-17T22:34:17.114552068Z | 61 | PC: 12de9 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:34:17.122153843Z | 63 | PC: 12b30 | Read file or device (Read 24 bytes on handle 5) |
| 2018-12-17T22:34:17.130840369Z | 62 | PC: 12b34 | Close file |
| 2018-12-17T22:34:17.133378143Z | 67 | PC: 12df4 | Get or set file attributes |
| 2018-12-17T22:34:17.155642028Z | 61 | PC: 12de9 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:34:17.164105833Z | 64 | PC: 12c07 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:34:17.171886471Z | 66 | PC: 12c0f | Move file pointer |
| 2018-12-17T22:34:17.173830113Z | 44 | PC: 12c13 | Get time 0x12c13: mov word ptr [bp + 0x10c], dx
0x12c17: lea di, word ptr [bp + 0x54f]
0x12c1b: mov cx, 0x11
0x12c1e: mov al, 0x53
0x12c20: stosb byte ptr es:[di], al
0x12c21: lea si, word ptr [bp + 0x103]
0x12c25: push si
0x12c26: push cx
0x12c27: rep movsb byte ptr es:[di], byte ptr [si]
0x12c29: lea si, word ptr [bp + 0x491]
0x12c2d: mov cx, 0xd
0x12c30: rep movsb byte ptr es:[di], byte ptr [si]
0x12c32: pop cx
0x12c33: pop si
0x12c34: rep movsb byte ptr es:[di], byte ptr [si]
0x12c36: mov ax, 0xc35b
0x12c39: stosw word ptr es:[di], ax
0x12c3a: pop ax
0x12c3b: mov word ptr [bp + 0x104], ax
0x12c3f: call 0x12e8f
|
| 2018-12-17T22:34:17.177257299Z | 64 | PC: 12eae | Write file or device (Write 965 bytes on handle 5) |
| 2018-12-17T22:34:17.188804009Z | 87 | PC: 12c4f | Get or set file date and time |
| 2018-12-17T22:34:17.190914573Z | 62 | PC: 12c53 | Close file |
| 2018-12-17T22:34:17.200235542Z | 67 | PC: 12df4 | Get or set file attributes |
| 2018-12-17T22:34:17.207179594Z | 9 | PC: 12c77 | Display string (String= '���������������������������������������������������ķ') |
| 2018-12-17T22:34:17.211144905Z | 9 | PC: 12c77 | Display string (String= '� Guess what ??? �') |
| 2018-12-17T22:34:17.21574111Z | 9 | PC: 12c77 | Display string (String= '� You have been victimized by a virus!!! Do not �') |
| 2018-12-17T22:34:17.22120336Z | 9 | PC: 12c77 | Display string (String= '� try to reboot your computer or even turn it �') |
| 2018-12-17T22:34:17.225789075Z | 9 | PC: 12c77 | Display string (String= '� off. You might as well read this and weep! �') |
| 2018-12-17T22:34:17.230316835Z | 9 | PC: 12c77 | Display string (String= '���������������������������������������������������Ľ��') |
