.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:41:54.711203786Z | 37 | PC: 12a48 | Set interrupt vector (Interrupt = '160' AKA 'UNKNOWN!') |
| 2018-12-17T22:41:54.794028196Z | 51 | PC: 140eb | Get or set Ctrl-Break |
| 2018-12-17T22:41:54.795964864Z | 9 | PC: 1410f | Display string (String= 'Warning : This file is infected by Apparition ! ') |
| 2018-12-17T22:41:54.8053175Z | 82 | PC: 14260 | Get DOS internal pointers (SYSVARS) |
| 2018-12-17T22:41:54.809304728Z | 47 | PC: 15097 | Get disk transfer address |
| 2018-12-17T22:41:54.812148169Z | 26 | PC: 150a7 | Set disk transfer address |
| 2018-12-17T22:41:54.813628209Z | 78 | PC: 150b0 | Find first file |
| 2018-12-17T22:41:54.821364349Z | 67 | PC: 14d43 | Get or set file attributes |
| 2018-12-17T22:41:54.839315645Z | 61 | PC: 14d50 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:41:54.851938593Z | 66 | PC: 14d62 | Move file pointer |
| 2018-12-17T22:41:54.857060493Z | 87 | PC: 14f3f | Get or set file date and time |
| 2018-12-17T22:41:54.860203196Z | 62 | PC: 14f47 | Close file |
| 2018-12-17T22:41:54.870862165Z | 79 | PC: 150b0 | Find next file |
| 2018-12-17T22:41:54.875179774Z | 67 | PC: 14d43 | Get or set file attributes |
| 2018-12-17T22:41:54.886476532Z | 61 | PC: 14d50 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:41:54.895970393Z | 66 | PC: 14d62 | Move file pointer |
| 2018-12-17T22:41:54.898414303Z | 87 | PC: 14f3f | Get or set file date and time |
| 2018-12-17T22:41:54.9037952Z | 62 | PC: 14f47 | Close file |
| 2018-12-17T22:41:54.912613442Z | 79 | PC: 150b0 | Find next file |
| 2018-12-17T22:41:54.917056758Z | 67 | PC: 14d43 | Get or set file attributes |
| 2018-12-17T22:41:54.930961564Z | 61 | PC: 14d50 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:41:54.93886083Z | 66 | PC: 14d62 | Move file pointer |
| 2018-12-17T22:41:54.941000028Z | 87 | PC: 14f3f | Get or set file date and time |
| 2018-12-17T22:41:54.944075875Z | 62 | PC: 14f47 | Close file |
| 2018-12-17T22:41:54.952933341Z | 79 | PC: 150b0 | Find next file |
| 2018-12-17T22:41:54.957126546Z | 67 | PC: 14d43 | Get or set file attributes |
| 2018-12-17T22:41:54.968642926Z | 61 | PC: 14d50 | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T22:41:54.977302501Z | 66 | PC: 14d62 | Move file pointer |
| 2018-12-17T22:41:54.981839493Z | 87 | PC: 14f3f | Get or set file date and time |
| 2018-12-17T22:41:54.984177984Z | 62 | PC: 14f47 | Close file |
| 2018-12-17T22:41:54.992903222Z | 79 | PC: 150b0 | Find next file |
| 2018-12-17T22:41:54.996867849Z | 67 | PC: 14d43 | Get or set file attributes |
| 2018-12-17T22:41:55.00708602Z | 61 | PC: 14d50 | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T22:41:55.015926414Z | 66 | PC: 14d62 | Move file pointer |
| 2018-12-17T22:41:55.020401249Z | 87 | PC: 14f3f | Get or set file date and time |
| 2018-12-17T22:41:55.022570002Z | 62 | PC: 14f47 | Close file |
| 2018-12-17T22:41:55.036100255Z | 79 | PC: 150b0 | Find next file |
| 2018-12-17T22:41:55.04046386Z | 67 | PC: 14d43 | Get or set file attributes |
| 2018-12-17T22:41:55.050635855Z | 61 | PC: 14d50 | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T22:41:55.058330788Z | 66 | PC: 14d62 | Move file pointer |
| 2018-12-17T22:41:55.060751575Z | 87 | PC: 14f3f | Get or set file date and time |
| 2018-12-17T22:41:55.062990871Z | 62 | PC: 14f47 | Close file |
| 2018-12-17T22:41:55.071757105Z | 79 | PC: 150b0 | Find next file |
| 2018-12-17T22:41:55.075437127Z | 67 | PC: 14d43 | Get or set file attributes |
| 2018-12-17T22:41:55.085716674Z | 61 | PC: 14d50 | Open file (Filename = 'PAH.COM') |
| 2018-12-17T22:41:55.100580311Z | 66 | PC: 14d62 | Move file pointer |
| 2018-12-17T22:41:55.103435223Z | 87 | PC: 14f3f | Get or set file date and time |
| 2018-12-17T22:41:55.105610479Z | 62 | PC: 14f47 | Close file |
| 2018-12-17T22:41:55.112879732Z | 79 | PC: 150b0 | Find next file |
| 2018-12-17T22:41:55.116847273Z | 67 | PC: 14d43 | Get or set file attributes |
| 2018-12-17T22:41:55.125016917Z | 61 | PC: 14d50 | Open file (Filename = 'TEST.COM') |
| 2018-12-17T22:41:55.131085786Z | 66 | PC: 14d62 | Move file pointer |
| 2018-12-17T22:41:55.133401425Z | 66 | PC: 14d9e | Move file pointer |
| 2018-12-17T22:41:55.136147763Z | 63 | PC: 14db1 | Read file or device (Read 32 bytes on handle 5) |
| 2018-12-17T22:41:55.143719965Z | 87 | PC: 14f3f | Get or set file date and time |
| 2018-12-17T22:41:55.146937098Z | 62 | PC: 14f47 | Close file |
| 2018-12-17T22:41:55.156032561Z | 79 | PC: 150b0 | Find next file |
| 2018-12-17T22:41:55.159300719Z | 26 | PC: 150f4 | Set disk transfer address |
| 2018-12-17T22:41:55.161941228Z | 47 | PC: 15097 | Get disk transfer address |
| 2018-12-17T22:41:55.163552385Z | 26 | PC: 150a7 | Set disk transfer address |
| 2018-12-17T22:41:55.164906107Z | 78 | PC: 150b0 | Find first file |
| 2018-12-17T22:41:55.172432343Z | 26 | PC: 150f4 | Set disk transfer address |
| 2018-12-17T22:41:55.17573215Z | 9 | PC: 12a85 | Display string (String= 'Sophos Ltd, Oxford sacrificial COM goat 1400H bytes long ') |
| 2018-12-17T22:41:55.181879196Z | 0 | PC: 12a89 | Program terminate |