.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T22:38:33.388298496Z | 26 | PC: 14106 | Set disk transfer address |
| 2018-12-17T22:38:33.390027713Z | 78 | PC: 1415d | Find first file |
| 2018-12-17T22:38:33.396092923Z | 61 | PC: 14172 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:38:33.402640185Z | 63 | PC: 14181 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:38:33.413062246Z | 66 | PC: 141a2 | Move file pointer |
| 2018-12-17T22:38:33.41454207Z | 64 | PC: 141b6 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:38:33.41750032Z | 64 | PC: 141c1 | Write file or device (Write 298 bytes on handle 5) |
| 2018-12-17T22:38:33.432268575Z | 66 | PC: 141c9 | Move file pointer |
| 2018-12-17T22:38:33.434266126Z | 64 | PC: 141e7 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:38:33.442934265Z | 87 | PC: 1414c | Get or set file date and time |
| 2018-12-17T22:38:33.446425795Z | 62 | PC: 14150 | Close file |
| 2018-12-17T22:38:33.468070934Z | 79 | PC: 1415d | Find next file |
| 2018-12-17T22:38:33.470979806Z | 61 | PC: 14172 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:38:33.481113954Z | 63 | PC: 14181 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:38:33.488079353Z | 87 | PC: 1414c | Get or set file date and time |
| 2018-12-17T22:38:33.489556538Z | 62 | PC: 14150 | Close file |
| 2018-12-17T22:38:33.496570752Z | 79 | PC: 1415d | Find next file |
| 2018-12-17T22:38:33.50026537Z | 61 | PC: 14172 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:38:33.506419814Z | 63 | PC: 14181 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:38:33.512436328Z | 87 | PC: 1414c | Get or set file date and time |
| 2018-12-17T22:38:33.515030186Z | 62 | PC: 14150 | Close file |
| 2018-12-17T22:38:33.522342088Z | 79 | PC: 1415d | Find next file |
| 2018-12-17T22:38:33.525233906Z | 61 | PC: 14172 | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T22:38:33.532320706Z | 63 | PC: 14181 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:38:33.538654441Z | 87 | PC: 1414c | Get or set file date and time |
| 2018-12-17T22:38:33.540011981Z | 62 | PC: 14150 | Close file |
| 2018-12-17T22:38:33.5479095Z | 79 | PC: 1415d | Find next file |
| 2018-12-17T22:38:33.550689393Z | 61 | PC: 14172 | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T22:38:33.557228607Z | 63 | PC: 14181 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:38:33.565785666Z | 87 | PC: 1414c | Get or set file date and time |
| 2018-12-17T22:38:33.568162917Z | 62 | PC: 14150 | Close file |
| 2018-12-17T22:38:33.575077983Z | 79 | PC: 1415d | Find next file |
| 2018-12-17T22:38:33.579400528Z | 61 | PC: 14172 | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T22:38:33.585857157Z | 63 | PC: 14181 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:38:33.592001481Z | 66 | PC: 141a2 | Move file pointer |
| 2018-12-17T22:38:33.593808755Z | 64 | PC: 141b6 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:38:33.597761197Z | 64 | PC: 141c1 | Write file or device (Write 298 bytes on handle 5) |
| 2018-12-17T22:38:33.605467327Z | 66 | PC: 141c9 | Move file pointer |
| 2018-12-17T22:38:33.606847326Z | 64 | PC: 141e7 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:38:33.614685502Z | 87 | PC: 1414c | Get or set file date and time |
| 2018-12-17T22:38:33.616481079Z | 62 | PC: 14150 | Close file |
| 2018-12-17T22:38:33.624365389Z | 79 | PC: 1415d | Find next file |
| 2018-12-17T22:38:33.62846421Z | 61 | PC: 14172 | Open file (Filename = 'PAH.COM') |
| 2018-12-17T22:38:33.635184797Z | 63 | PC: 14181 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:38:33.642055988Z | 87 | PC: 1414c | Get or set file date and time |
| 2018-12-17T22:38:33.644592419Z | 62 | PC: 14150 | Close file |
| 2018-12-17T22:38:33.652207734Z | 79 | PC: 1415d | Find next file |
| 2018-12-17T22:38:33.65511566Z | 61 | PC: 14172 | Open file (Filename = 'TEST.COM') |
| 2018-12-17T22:38:33.662142801Z | 63 | PC: 14181 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:38:33.665323672Z | 87 | PC: 1414c | Get or set file date and time |
| 2018-12-17T22:38:33.667108941Z | 62 | PC: 14150 | Close file |
| 2018-12-17T22:38:33.674491215Z | 79 | PC: 1415d | Find next file |
| 2018-12-17T22:38:33.678033009Z | 26 | PC: 1411f | Set disk transfer address |
| 2018-12-17T22:38:33.679513003Z | 48 | PC: 12a63 | Get DOS version |
| 2018-12-17T22:38:33.680953584Z | 9 | PC: 12a7a | Display string (String= '
--=[ Selfchecking AntiStealth Goat COM/EXE file, 01/06/01 ]=------------------
(c) 1995-2001 by ROSE SWE, Dipl.-Ing. Ralph Roth - Version 1.18 - Freeware
') |
| 2018-12-17T22:38:33.691298256Z | 61 | PC: 12cb7 | Open file (Filename = '�') |
| 2018-12-17T22:38:33.698080816Z | 9 | PC: 12a88 | Display string (String= 'Self test: ') |
| 2018-12-17T22:38:33.700575596Z | 93 | PC: 12b24 | File sharing functions |
| 2018-12-17T22:38:33.703524411Z | 9 | PC: 12b03 | Display string (String= 'Size change=+012Eh/00302d. Virus might be activ?
��') |
| 2018-12-17T22:38:33.710018553Z | 76 | PC: 12b09 | Terminate with return code (Return code = '1') |
