.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:42:23.633615422Z | 26 | PC: 12a7e | Set disk transfer address |
| 2018-12-17T22:42:23.635162049Z | 71 | PC: 12a88 | Get current directory |
| 2018-12-17T22:42:23.637657917Z | 67 | PC: 12cc1 | Get or set file attributes |
| 2018-12-17T22:42:23.641867969Z | 65 | PC: 12cc5 | Delete file (Filename = 'ANTI-VIR.DAT') |
| 2018-12-17T22:42:23.64561729Z | 67 | PC: 12cc1 | Get or set file attributes |
| 2018-12-17T22:42:23.650116721Z | 65 | PC: 12cc5 | Delete file (Filename = 'CHKLIST.MS') |
| 2018-12-17T22:42:23.654026646Z | 67 | PC: 12cc1 | Get or set file attributes |
| 2018-12-17T22:42:23.657796343Z | 65 | PC: 12cc5 | Delete file (Filename = 'CHKLIST.CPS') |
| 2018-12-17T22:42:23.662987756Z | 67 | PC: 12cc1 | Get or set file attributes |
| 2018-12-17T22:42:23.667261322Z | 65 | PC: 12cc5 | Delete file (Filename = 'IVB.NTZ') |
| 2018-12-17T22:42:23.671439965Z | 78 | PC: 12a90 | Find first file |
| 2018-12-17T22:42:23.676162818Z | 67 | PC: 12b7f | Get or set file attributes |
| 2018-12-17T22:42:23.689725126Z | 61 | PC: 12b94 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:42:23.697148756Z | 63 | PC: 12ba9 | Read file or device (Read 5 bytes on handle 5) |
| 2018-12-17T22:42:23.704956064Z | 66 | PC: 12be1 | Move file pointer |
| 2018-12-17T22:42:23.707173513Z | 63 | PC: 12bf8 | Read file or device (Read 7 bytes on handle 5) |
| 2018-12-17T22:42:23.710747418Z | 44 | PC: 12c0c | Get time 0x12c0c: mov word ptr [bp + 0x3e5], dx 0x12c10: mov cx, 0x15 0x12c13: lea dx, word ptr [bp + 0x105] 0x12c17: pop ax 0x12c18: int 0x21 0x12c1a: push ax 0x12c1b: push bp 0x12c1c: mov bp, sp 0x12c1e: mov word ptr [bp + 2], 0x4001 0x12c23: pop bp 0x12c24: mov cx, 0x166 0x12c27: mov dx, word ptr [bp + 0x3e5] 0x12c2b: lea si, word ptr [bp + 0x11a] 0x12c2f: lea di, word ptr [bp + 0x4bd] 0x12c33: lodsw ax, word ptr [si] 0x12c34: xor ax, dx 0x12c36: stosw word ptr es:[di], ax 0x12c37: loop 0x12c33 0x12c39: mov cx, 0x2cb 0x12c3c: lea dx, word ptr [bp + 0x4bd] |
| 2018-12-17T22:42:23.713313312Z | 64 | PC: 12c1a | Write file or device (Write 21 bytes on handle 5) |
| 2018-12-17T22:42:23.719077443Z | 64 | PC: 12c4e | Write file or device (Write 715 bytes on handle 5) |
| 2018-12-17T22:42:23.728557393Z | 64 | PC: 12c58 | Write file or device (Write 35 bytes on handle 5) |
| 2018-12-17T22:42:23.73168941Z | 66 | PC: 12c6a | Move file pointer |
| 2018-12-17T22:42:23.734098953Z | 64 | PC: 12c74 | Write file or device (Write 5 bytes on handle 5) |
| 2018-12-17T22:42:23.741372692Z | 87 | PC: 12c89 | Get or set file date and time |
| 2018-12-17T22:42:23.742954671Z | 62 | PC: 12c8d | Close file |
| 2018-12-17T22:42:23.748981311Z | 67 | PC: 12c9c | Get or set file attributes |
| 2018-12-17T22:42:23.752548793Z | 79 | PC: 12a90 | Find next file |
| 2018-12-17T22:42:23.754863139Z | 79 | PC: 12a90 | Find next file |
| 2018-12-17T22:42:23.757417274Z | 67 | PC: 12b7f | Get or set file attributes |
| 2018-12-17T22:42:23.768671953Z | 61 | PC: 12b94 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:42:23.775977339Z | 63 | PC: 12ba9 | Read file or device (Read 5 bytes on handle 5) |
| 2018-12-17T22:42:23.783907318Z | 66 | PC: 12be1 | Move file pointer |
| 2018-12-17T22:42:23.785840517Z | 63 | PC: 12bf8 | Read file or device (Read 7 bytes on handle 5) |
| 2018-12-17T22:42:23.788905962Z | 44 | PC: 12c0c | Get time 0x12c0c: mov word ptr [bp + 0x3e5], dx 0x12c10: mov cx, 0x15 0x12c13: lea dx, word ptr [bp + 0x105] 0x12c17: pop ax 0x12c18: int 0x21 0x12c1a: push ax 0x12c1b: push bp 0x12c1c: mov bp, sp 0x12c1e: mov word ptr [bp + 2], 0x4001 0x12c23: pop bp 0x12c24: mov cx, 0x166 0x12c27: mov dx, word ptr [bp + 0x3e5] 0x12c2b: lea si, word ptr [bp + 0x11a] 0x12c2f: lea di, word ptr [bp + 0x4bd] 0x12c33: lodsw ax, word ptr [si] 0x12c34: xor ax, dx 0x12c36: stosw word ptr es:[di], ax 0x12c37: loop 0x12c33 0x12c39: mov cx, 0x2cb 0x12c3c: lea dx, word ptr [bp + 0x4bd] |
| 2018-12-17T22:42:23.791906506Z | 64 | PC: 12c1a | Write file or device (Write 21 bytes on handle 5) |
| 2018-12-17T22:42:23.796151815Z | 64 | PC: 12c4e | Write file or device (Write 715 bytes on handle 5) |
| 2018-12-17T22:42:23.80528984Z | 64 | PC: 12c58 | Write file or device (Write 35 bytes on handle 5) |
| 2018-12-17T22:42:23.808679368Z | 66 | PC: 12c6a | Move file pointer |
| 2018-12-17T22:42:23.811157694Z | 64 | PC: 12c74 | Write file or device (Write 5 bytes on handle 5) |
| 2018-12-17T22:42:23.818557721Z | 87 | PC: 12c89 | Get or set file date and time |
| 2018-12-17T22:42:23.82043923Z | 62 | PC: 12c8d | Close file |
| 2018-12-17T22:42:23.829550098Z | 67 | PC: 12c9c | Get or set file attributes |
| 2018-12-17T22:42:23.83303374Z | 79 | PC: 12a90 | Find next file |
| 2018-12-17T22:42:23.835927342Z | 67 | PC: 12b7f | Get or set file attributes |
| 2018-12-17T22:42:23.843628259Z | 61 | PC: 12b94 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:42:23.852470623Z | 63 | PC: 12ba9 | Read file or device (Read 5 bytes on handle 5) |
| 2018-12-17T22:42:23.860193129Z | 66 | PC: 12be1 | Move file pointer |
| 2018-12-17T22:42:23.86253055Z | 63 | PC: 12bf8 | Read file or device (Read 7 bytes on handle 5) |
| 2018-12-17T22:42:23.865352972Z | 44 | PC: 12c0c | Get time 0x12c0c: mov word ptr [bp + 0x3e5], dx 0x12c10: mov cx, 0x15 0x12c13: lea dx, word ptr [bp + 0x105] 0x12c17: pop ax 0x12c18: int 0x21 0x12c1a: push ax 0x12c1b: push bp 0x12c1c: mov bp, sp 0x12c1e: mov word ptr [bp + 2], 0x4001 0x12c23: pop bp 0x12c24: mov cx, 0x166 0x12c27: mov dx, word ptr [bp + 0x3e5] 0x12c2b: lea si, word ptr [bp + 0x11a] 0x12c2f: lea di, word ptr [bp + 0x4bd] 0x12c33: lodsw ax, word ptr [si] 0x12c34: xor ax, dx 0x12c36: stosw word ptr es:[di], ax 0x12c37: loop 0x12c33 0x12c39: mov cx, 0x2cb 0x12c3c: lea dx, word ptr [bp + 0x4bd] |
| 2018-12-17T22:42:23.868560057Z | 64 | PC: 12c1a | Write file or device (Write 21 bytes on handle 5) |
| 2018-12-17T22:42:23.872822735Z | 64 | PC: 12c4e | Write file or device (Write 715 bytes on handle 5) |
| 2018-12-17T22:42:23.881692037Z | 64 | PC: 12c58 | Write file or device (Write 35 bytes on handle 5) |
| 2018-12-17T22:42:23.88403252Z | 66 | PC: 12c6a | Move file pointer |
| 2018-12-17T22:42:23.886297881Z | 64 | PC: 12c74 | Write file or device (Write 5 bytes on handle 5) |
| 2018-12-17T22:42:23.891194532Z | 87 | PC: 12c89 | Get or set file date and time |
| 2018-12-17T22:42:23.892864677Z | 62 | PC: 12c8d | Close file |
| 2018-12-17T22:42:23.898378238Z | 67 | PC: 12c9c | Get or set file attributes |
| 2018-12-17T22:42:23.903619553Z | 79 | PC: 12a90 | Find next file |
| 2018-12-17T22:42:23.906560879Z | 67 | PC: 12b7f | Get or set file attributes |
| 2018-12-17T22:42:23.917654092Z | 61 | PC: 12b94 | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T22:42:23.925149774Z | 63 | PC: 12ba9 | Read file or device (Read 5 bytes on handle 5) |
| 2018-12-17T22:42:23.932573733Z | 66 | PC: 12be1 | Move file pointer |
| 2018-12-17T22:42:23.934728922Z | 63 | PC: 12bf8 | Read file or device (Read 7 bytes on handle 5) |
| 2018-12-17T22:42:23.938342217Z | 44 | PC: 12c0c | Get time 0x12c0c: mov word ptr [bp + 0x3e5], dx 0x12c10: mov cx, 0x15 0x12c13: lea dx, word ptr [bp + 0x105] 0x12c17: pop ax 0x12c18: int 0x21 0x12c1a: push ax 0x12c1b: push bp 0x12c1c: mov bp, sp 0x12c1e: mov word ptr [bp + 2], 0x4001 0x12c23: pop bp 0x12c24: mov cx, 0x166 0x12c27: mov dx, word ptr [bp + 0x3e5] 0x12c2b: lea si, word ptr [bp + 0x11a] 0x12c2f: lea di, word ptr [bp + 0x4bd] 0x12c33: lodsw ax, word ptr [si] 0x12c34: xor ax, dx 0x12c36: stosw word ptr es:[di], ax 0x12c37: loop 0x12c33 0x12c39: mov cx, 0x2cb 0x12c3c: lea dx, word ptr [bp + 0x4bd] |
| 2018-12-17T22:42:23.94184415Z | 64 | PC: 12c1a | Write file or device (Write 21 bytes on handle 5) |
| 2018-12-17T22:42:23.945253357Z | 64 | PC: 12c4e | Write file or device (Write 715 bytes on handle 5) |
| 2018-12-17T22:42:23.955263557Z | 64 | PC: 12c58 | Write file or device (Write 35 bytes on handle 5) |
| 2018-12-17T22:42:23.958750325Z | 66 | PC: 12c6a | Move file pointer |
| 2018-12-17T22:42:23.960811015Z | 64 | PC: 12c74 | Write file or device (Write 5 bytes on handle 5) |
| 2018-12-17T22:42:23.969177664Z | 87 | PC: 12c89 | Get or set file date and time |
| 2018-12-17T22:42:23.971109644Z | 62 | PC: 12c8d | Close file |
| 2018-12-17T22:42:23.980099Z | 67 | PC: 12c9c | Get or set file attributes |
| 2018-12-17T22:42:23.987190222Z | 79 | PC: 12a90 | Find next file |
| 2018-12-17T22:42:23.990262488Z | 67 | PC: 12b7f | Get or set file attributes |
| 2018-12-17T22:42:24.001070746Z | 61 | PC: 12b94 | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T22:42:24.009912158Z | 63 | PC: 12ba9 | Read file or device (Read 5 bytes on handle 5) |
| 2018-12-17T22:42:24.018020224Z | 66 | PC: 12be1 | Move file pointer |
| 2018-12-17T22:42:24.019742581Z | 63 | PC: 12bf8 | Read file or device (Read 7 bytes on handle 5) |
| 2018-12-17T22:42:24.022774666Z | 44 | PC: 12c0c | Get time 0x12c0c: mov word ptr [bp + 0x3e5], dx 0x12c10: mov cx, 0x15 0x12c13: lea dx, word ptr [bp + 0x105] 0x12c17: pop ax 0x12c18: int 0x21 0x12c1a: push ax 0x12c1b: push bp 0x12c1c: mov bp, sp 0x12c1e: mov word ptr [bp + 2], 0x4001 0x12c23: pop bp 0x12c24: mov cx, 0x166 0x12c27: mov dx, word ptr [bp + 0x3e5] 0x12c2b: lea si, word ptr [bp + 0x11a] 0x12c2f: lea di, word ptr [bp + 0x4bd] 0x12c33: lodsw ax, word ptr [si] 0x12c34: xor ax, dx 0x12c36: stosw word ptr es:[di], ax 0x12c37: loop 0x12c33 0x12c39: mov cx, 0x2cb 0x12c3c: lea dx, word ptr [bp + 0x4bd] |
| 2018-12-17T22:42:24.026351918Z | 64 | PC: 12c1a | Write file or device (Write 21 bytes on handle 5) |
| 2018-12-17T22:42:24.029845097Z | 64 | PC: 12c4e | Write file or device (Write 715 bytes on handle 5) |
| 2018-12-17T22:42:24.038976588Z | 64 | PC: 12c58 | Write file or device (Write 35 bytes on handle 5) |
| 2018-12-17T22:42:24.0429491Z | 66 | PC: 12c6a | Move file pointer |
| 2018-12-17T22:42:24.044896193Z | 64 | PC: 12c74 | Write file or device (Write 5 bytes on handle 5) |
| 2018-12-17T22:42:24.052996109Z | 87 | PC: 12c89 | Get or set file date and time |
| 2018-12-17T22:42:24.055907347Z | 62 | PC: 12c8d | Close file |
| 2018-12-17T22:42:24.064733708Z | 67 | PC: 12c9c | Get or set file attributes |
| 2018-12-17T22:42:24.070281899Z | 79 | PC: 12a90 | Find next file |
| 2018-12-17T22:42:24.074539212Z | 67 | PC: 12b7f | Get or set file attributes |
| 2018-12-17T22:42:24.086210924Z | 61 | PC: 12b94 | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T22:42:24.094023505Z | 63 | PC: 12ba9 | Read file or device (Read 5 bytes on handle 5) |
| 2018-12-17T22:42:24.102806494Z | 66 | PC: 12be1 | Move file pointer |
| 2018-12-17T22:42:24.105798184Z | 63 | PC: 12bf8 | Read file or device (Read 7 bytes on handle 5) |
| 2018-12-17T22:42:24.108844748Z | 44 | PC: 12c0c | Get time 0x12c0c: mov word ptr [bp + 0x3e5], dx 0x12c10: mov cx, 0x15 0x12c13: lea dx, word ptr [bp + 0x105] 0x12c17: pop ax 0x12c18: int 0x21 0x12c1a: push ax 0x12c1b: push bp 0x12c1c: mov bp, sp 0x12c1e: mov word ptr [bp + 2], 0x4001 0x12c23: pop bp 0x12c24: mov cx, 0x166 0x12c27: mov dx, word ptr [bp + 0x3e5] 0x12c2b: lea si, word ptr [bp + 0x11a] 0x12c2f: lea di, word ptr [bp + 0x4bd] 0x12c33: lodsw ax, word ptr [si] 0x12c34: xor ax, dx 0x12c36: stosw word ptr es:[di], ax 0x12c37: loop 0x12c33 0x12c39: mov cx, 0x2cb 0x12c3c: lea dx, word ptr [bp + 0x4bd] |
| 2018-12-17T22:42:24.11155207Z | 64 | PC: 12c1a | Write file or device (Write 21 bytes on handle 5) |
| 2018-12-17T22:42:24.121671248Z | 64 | PC: 12c4e | Write file or device (Write 715 bytes on handle 5) |
| 2018-12-17T22:42:24.130804281Z | 64 | PC: 12c58 | Write file or device (Write 35 bytes on handle 5) |
| 2018-12-17T22:42:24.133820115Z | 66 | PC: 12c6a | Move file pointer |
| 2018-12-17T22:42:24.136388894Z | 64 | PC: 12c74 | Write file or device (Write 5 bytes on handle 5) |
| 2018-12-17T22:42:24.148646144Z | 87 | PC: 12c89 | Get or set file date and time |
| 2018-12-17T22:42:24.150603337Z | 62 | PC: 12c8d | Close file |
| 2018-12-17T22:42:24.160619357Z | 67 | PC: 12c9c | Get or set file attributes |
| 2018-12-17T22:42:24.166732666Z | 79 | PC: 12a90 | Find next file |
| 2018-12-17T22:42:24.170162419Z | 67 | PC: 12b7f | Get or set file attributes |
| 2018-12-17T22:42:24.182248061Z | 61 | PC: 12b94 | Open file (Filename = 'PAH.COM') |
| 2018-12-17T22:42:24.191232395Z | 63 | PC: 12ba9 | Read file or device (Read 5 bytes on handle 5) |
| 2018-12-17T22:42:24.198892533Z | 66 | PC: 12be1 | Move file pointer |
| 2018-12-17T22:42:24.200955265Z | 63 | PC: 12bf8 | Read file or device (Read 7 bytes on handle 5) |
| 2018-12-17T22:42:24.205405303Z | 44 | PC: 12c0c | Get time 0x12c0c: mov word ptr [bp + 0x3e5], dx 0x12c10: mov cx, 0x15 0x12c13: lea dx, word ptr [bp + 0x105] 0x12c17: pop ax 0x12c18: int 0x21 0x12c1a: push ax 0x12c1b: push bp 0x12c1c: mov bp, sp 0x12c1e: mov word ptr [bp + 2], 0x4001 0x12c23: pop bp 0x12c24: mov cx, 0x166 0x12c27: mov dx, word ptr [bp + 0x3e5] 0x12c2b: lea si, word ptr [bp + 0x11a] 0x12c2f: lea di, word ptr [bp + 0x4bd] 0x12c33: lodsw ax, word ptr [si] 0x12c34: xor ax, dx 0x12c36: stosw word ptr es:[di], ax 0x12c37: loop 0x12c33 0x12c39: mov cx, 0x2cb 0x12c3c: lea dx, word ptr [bp + 0x4bd] |
| 2018-12-17T22:42:24.20837545Z | 64 | PC: 12c1a | Write file or device (Write 21 bytes on handle 5) |
| 2018-12-17T22:42:24.212079617Z | 64 | PC: 12c4e | Write file or device (Write 715 bytes on handle 5) |
| 2018-12-17T22:42:24.222606355Z | 64 | PC: 12c58 | Write file or device (Write 35 bytes on handle 5) |
| 2018-12-17T22:42:24.226084403Z | 66 | PC: 12c6a | Move file pointer |
| 2018-12-17T22:42:24.228085019Z | 64 | PC: 12c74 | Write file or device (Write 5 bytes on handle 5) |
| 2018-12-17T22:42:24.23680591Z | 87 | PC: 12c89 | Get or set file date and time |
| 2018-12-17T22:42:24.239360099Z | 62 | PC: 12c8d | Close file |
| 2018-12-17T22:42:24.248810097Z | 67 | PC: 12c9c | Get or set file attributes |
| 2018-12-17T22:42:24.256005839Z | 79 | PC: 12a90 | Find next file |
| 2018-12-17T22:42:24.259691168Z | 67 | PC: 12b7f | Get or set file attributes |
| 2018-12-17T22:42:24.2710923Z | 61 | PC: 12b94 | Open file (Filename = 'TEST.COM') |
| 2018-12-17T22:42:24.279027136Z | 63 | PC: 12ba9 | Read file or device (Read 5 bytes on handle 5) |
| 2018-12-17T22:42:24.28367431Z | 87 | PC: 12c89 | Get or set file date and time |
| 2018-12-17T22:42:24.285828455Z | 62 | PC: 12c8d | Close file |
| 2018-12-17T22:42:24.294215316Z | 67 | PC: 12c9c | Get or set file attributes |
| 2018-12-17T22:42:24.301112741Z | 79 | PC: 12a90 | Find next file |
| 2018-12-17T22:42:24.30425232Z | 59 | PC: 12aa4 | Change current directory |
| 2018-12-17T22:42:24.30931675Z | 71 | PC: 12ac7 | Get current directory |
| 2018-12-17T22:42:24.319295385Z | 59 | PC: 12afa | Change current directory |
| 2018-12-17T22:42:24.33178395Z | 59 | PC: 12b1b | Change current directory |
| 2018-12-17T22:42:24.334263817Z | 26 | PC: 12b2b | Set disk transfer address |