.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T22:35:21.543211704Z | 48 | PC: 12d88 | Get DOS version |
| 2018-12-17T22:35:21.545752408Z | 82 | PC: 12f89 | Get DOS internal pointers (SYSVARS) |
| 2018-12-17T22:35:21.547236868Z | 26 | PC: 12fce | Set disk transfer address |
| 2018-12-17T22:35:21.548519792Z | 67 | PC: 12f1e | Get or set file attributes |
| 2018-12-17T22:35:21.555304805Z | 67 | PC: 12f1e | Get or set file attributes |
| 2018-12-17T22:35:21.564678007Z | 67 | PC: 12f1e | Get or set file attributes |
| 2018-12-17T22:35:21.570112086Z | 67 | PC: 12f1e | Get or set file attributes |
| 2018-12-17T22:35:21.576618072Z | 67 | PC: 12f1e | Get or set file attributes |
| 2018-12-17T22:35:21.582260425Z | 67 | PC: 12f1e | Get or set file attributes |
| 2018-12-17T22:35:21.588569333Z | 67 | PC: 12f1e | Get or set file attributes |
| 2018-12-17T22:35:21.59487123Z | 67 | PC: 12f1e | Get or set file attributes |
| 2018-12-17T22:35:21.600566851Z | 67 | PC: 12f1e | Get or set file attributes |
| 2018-12-17T22:35:21.606456816Z | 67 | PC: 12f1e | Get or set file attributes |
| 2018-12-17T22:35:21.613374368Z | 67 | PC: 12f1e | Get or set file attributes |
| 2018-12-17T22:35:21.620334391Z | 67 | PC: 12f1e | Get or set file attributes |
| 2018-12-17T22:35:21.626239019Z | 67 | PC: 12f1e | Get or set file attributes |
| 2018-12-17T22:35:21.632138252Z | 67 | PC: 12f1e | Get or set file attributes |
| 2018-12-17T22:35:21.637563Z | 67 | PC: 12f1e | Get or set file attributes |
| 2018-12-17T22:35:21.642950675Z | 67 | PC: 12f1e | Get or set file attributes |
| 2018-12-17T22:35:21.649036115Z | 67 | PC: 12f1e | Get or set file attributes |
| 2018-12-17T22:35:21.654609299Z | 67 | PC: 12f1e | Get or set file attributes |
| 2018-12-17T22:35:21.660123071Z | 67 | PC: 12f1e | Get or set file attributes |
| 2018-12-17T22:35:21.67196732Z | 67 | PC: 12f1e | Get or set file attributes |
| 2018-12-17T22:35:21.678570829Z | 78 | PC: 13020 | Find first file |
| 2018-12-17T22:35:21.684504821Z | 61 | PC: 13038 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:35:21.692013188Z | 62 | PC: 13079 | Close file |
| 2018-12-17T22:35:21.69386059Z | 79 | PC: 13080 | Find next file |
| 2018-12-17T22:35:21.696493247Z | 61 | PC: 13038 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:35:21.703354439Z | 62 | PC: 13079 | Close file |
| 2018-12-17T22:35:21.705645758Z | 79 | PC: 13080 | Find next file |
| 2018-12-17T22:35:21.708413702Z | 61 | PC: 13038 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:35:21.715258788Z | 62 | PC: 13079 | Close file |
| 2018-12-17T22:35:21.717537715Z | 79 | PC: 13080 | Find next file |
| 2018-12-17T22:35:21.720207685Z | 61 | PC: 13038 | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T22:35:21.72675121Z | 62 | PC: 13079 | Close file |
| 2018-12-17T22:35:21.729011042Z | 79 | PC: 13080 | Find next file |
| 2018-12-17T22:35:21.731571399Z | 61 | PC: 13038 | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T22:35:21.738862369Z | 62 | PC: 13079 | Close file |
| 2018-12-17T22:35:21.74164712Z | 79 | PC: 13080 | Find next file |
| 2018-12-17T22:35:21.744240499Z | 61 | PC: 13038 | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T22:35:21.750829309Z | 62 | PC: 13079 | Close file |
| 2018-12-17T22:35:21.753237823Z | 79 | PC: 13080 | Find next file |
| 2018-12-17T22:35:21.756170566Z | 61 | PC: 13038 | Open file (Filename = 'PAH.COM') |
| 2018-12-17T22:35:21.763124651Z | 62 | PC: 13079 | Close file |
| 2018-12-17T22:35:21.766596295Z | 79 | PC: 13080 | Find next file |
| 2018-12-17T22:35:21.769321554Z | 61 | PC: 13038 | Open file (Filename = 'TEST.COM') |
| 2018-12-17T22:35:21.775963658Z | 63 | PC: 1309c | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:35:21.779806197Z | 66 | PC: 13193 | Move file pointer |
| 2018-12-17T22:35:21.781778225Z | 64 | PC: 130f3 | Write file or device (Write 1055 bytes on handle 5) |
| 2018-12-17T22:35:21.797164385Z | 66 | PC: 13193 | Move file pointer |
| 2018-12-17T22:35:21.799893799Z | 64 | PC: 1310c | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:35:21.802680541Z | 87 | PC: 13116 | Get or set file date and time |
| 2018-12-17T22:35:21.80430824Z | 62 | PC: 13079 | Close file |
| 2018-12-17T22:35:21.812566099Z | 79 | PC: 13080 | Find next file |
| 2018-12-17T22:35:21.815790545Z | 26 | PC: 13125 | Set disk transfer address |
| 2018-12-17T22:35:21.816922668Z | 48 | PC: 12aa8 | Get DOS version |
| 2018-12-17T22:35:21.818501416Z | 9 | PC: 12abf | Display string (String= '
--=[ Selfchecking AntiStealth Goat COM/EXE file, 05/10/98 ]=------------------
(c) 1995-98 by ROSE SWE, Dipl.-Ing. Ralph Roth - Version 1.01 - Freeware
') |
| 2018-12-17T22:35:21.826950222Z | 61 | PC: 12b9d | Open file (Filename = '�') |
| 2018-12-17T22:35:21.833727232Z | 93 | PC: 12b3f | File sharing functions |
| 2018-12-17T22:35:21.836315275Z | 9 | PC: 12b1e | Display string (String= 'Size change=083Eh/02110d. Virus activ?
��') |
| 2018-12-17T22:35:21.841607634Z | 76 | PC: 12b24 | Terminate with return code (Return code = '1') |
