.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T21:56:08.250394334Z | 26 | PC: 12b60 | Set disk transfer address |
| 2018-12-17T21:56:08.254733927Z | 78 | PC: 12b69 | Find first file |
| 2018-12-17T21:56:08.26170799Z | 67 | PC: 12b76 | Get or set file attributes |
| 2018-12-17T21:56:08.266218818Z | 61 | PC: 12b7f | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T21:56:08.272935056Z | 63 | PC: 12b8e | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T21:56:08.279987066Z | 66 | PC: 12ba0 | Move file pointer |
| 2018-12-17T21:56:08.281473217Z | 64 | PC: 12b38 | Write file or device (Write 305 bytes on handle 5) |
| 2018-12-17T21:56:08.295389401Z | 66 | PC: 12bb7 | Move file pointer |
| 2018-12-17T21:56:08.297905516Z | 64 | PC: 12bc3 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T21:56:08.312091118Z | 62 | PC: 12bc9 | Close file |
| 2018-12-17T21:56:08.333745161Z | 79 | PC: 12b69 | Find next file |
| 2018-12-17T21:56:08.349436975Z | 61 | PC: 12b7f | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T21:56:08.37147728Z | 63 | PC: 12b8e | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T21:56:08.378075932Z | 66 | PC: 12ba0 | Move file pointer |
| 2018-12-17T21:56:08.380518082Z | 64 | PC: 12b38 | Write file or device (Write 305 bytes on handle 5) |
| 2018-12-17T21:56:08.38427089Z | 66 | PC: 12bb7 | Move file pointer |
| 2018-12-17T21:56:08.38589425Z | 64 | PC: 12bc3 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T21:56:08.389591734Z | 62 | PC: 12bc9 | Close file |
| 2018-12-17T21:56:08.41088547Z | 79 | PC: 12b69 | Find next file |
| 2018-12-17T21:56:08.413438962Z | 61 | PC: 12b7f | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T21:56:08.419916799Z | 63 | PC: 12b8e | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T21:56:08.435266544Z | 66 | PC: 12ba0 | Move file pointer |
| 2018-12-17T21:56:08.437192013Z | 64 | PC: 12b38 | Write file or device (Write 305 bytes on handle 5) |
| 2018-12-17T21:56:08.440352038Z | 66 | PC: 12bb7 | Move file pointer |
| 2018-12-17T21:56:08.442453728Z | 64 | PC: 12bc3 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T21:56:08.4452771Z | 62 | PC: 12bc9 | Close file |
| 2018-12-17T21:56:08.453405334Z | 79 | PC: 12b69 | Find next file |
| 2018-12-17T21:56:08.456689057Z | 61 | PC: 12b7f | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T21:56:08.46361843Z | 63 | PC: 12b8e | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T21:56:08.475975758Z | 66 | PC: 12ba0 | Move file pointer |
| 2018-12-17T21:56:08.479370593Z | 64 | PC: 12b38 | Write file or device (Write 305 bytes on handle 5) |
| 2018-12-17T21:56:08.482195934Z | 66 | PC: 12bb7 | Move file pointer |
| 2018-12-17T21:56:08.483550237Z | 64 | PC: 12bc3 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T21:56:08.487068621Z | 62 | PC: 12bc9 | Close file |
| 2018-12-17T21:56:08.49507931Z | 79 | PC: 12b69 | Find next file |
| 2018-12-17T21:56:08.497680332Z | 61 | PC: 12b7f | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T21:56:08.504775691Z | 63 | PC: 12b8e | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T21:56:08.517841709Z | 66 | PC: 12ba0 | Move file pointer |
| 2018-12-17T21:56:08.52043549Z | 64 | PC: 12b38 | Write file or device (Write 305 bytes on handle 5) |
| 2018-12-17T21:56:08.523699989Z | 66 | PC: 12bb7 | Move file pointer |
| 2018-12-17T21:56:08.526285954Z | 64 | PC: 12bc3 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T21:56:08.529114427Z | 62 | PC: 12bc9 | Close file |
| 2018-12-17T21:56:08.536882272Z | 79 | PC: 12b69 | Find next file |
| 2018-12-17T21:56:08.540695129Z | 61 | PC: 12b7f | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T21:56:08.547278675Z | 63 | PC: 12b8e | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T21:56:08.553718409Z | 66 | PC: 12ba0 | Move file pointer |
| 2018-12-17T21:56:08.556771729Z | 64 | PC: 12b38 | Write file or device (Write 305 bytes on handle 5) |
| 2018-12-17T21:56:08.564964191Z | 66 | PC: 12bb7 | Move file pointer |
| 2018-12-17T21:56:08.56658284Z | 64 | PC: 12bc3 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T21:56:08.574063715Z | 62 | PC: 12bc9 | Close file |
| 2018-12-17T21:56:08.58269824Z | 79 | PC: 12b69 | Find next file |
| 2018-12-17T21:56:08.58553643Z | 61 | PC: 12b7f | Open file (Filename = 'PAH.COM') |
| 2018-12-17T21:56:08.59359217Z | 63 | PC: 12b8e | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T21:56:08.600428748Z | 66 | PC: 12ba0 | Move file pointer |
| 2018-12-17T21:56:08.602222735Z | 64 | PC: 12b38 | Write file or device (Write 305 bytes on handle 5) |
| 2018-12-17T21:56:08.60542386Z | 66 | PC: 12bb7 | Move file pointer |
| 2018-12-17T21:56:08.607771381Z | 64 | PC: 12bc3 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T21:56:08.610587111Z | 62 | PC: 12bc9 | Close file |
| 2018-12-17T21:56:08.618384477Z | 79 | PC: 12b69 | Find next file |
| 2018-12-17T21:56:08.621711772Z | 61 | PC: 12b7f | Open file (Filename = 'TEST.COM') |
| 2018-12-17T21:56:08.628361514Z | 63 | PC: 12b8e | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T21:56:08.631150604Z | 79 | PC: 12b69 | Find next file |
| 2018-12-17T21:56:08.633915836Z | 44 | PC: 12bd1 | Get time 0x12bd1: cmp dl, 5 0x12bd4: ja 0x12bfd 0x12bd6: jmp 0x12bd9 0x12bd8: nop 0x12bd9: mov ah, 0x2c 0x12bdb: int 0x21 0x12bdd: cmp dl, 0x50 0x12be0: ja 0x12be5 0x12be2: jmp 0x12bf1 0x12be4: nop 0x12be5: cli 0x12be6: mov ah, 2 0x12be8: cdq 0x12be9: mov cx, 0x100 0x12bec: int 0x26 0x12bee: jmp 0x12bfd 0x12bf0: nop 0x12bf1: cli 0x12bf2: mov ah, 3 0x12bf4: cdq |
| 2018-12-17T21:56:08.636141765Z | 9 | PC: 12a47 | Display string (String= '(C) 1993 American Eagle Publications Inc., All Rights Reserved. Unauthorized use will be prosecuted under applicable copyright and software piracy laws. HOST #1 - You have just released a virus!') |
| 2018-12-17T21:56:08.643841164Z | 76 | PC: 12a4c | Terminate with return code (Return code = '0') |