.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T22:43:32.060008399Z | 26 | PC: 14106 | Set disk transfer address |
| 2018-12-17T22:43:32.061679055Z | 78 | PC: 14157 | Find first file |
| 2018-12-17T22:43:32.065724902Z | 61 | PC: 14178 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:43:32.06992351Z | 63 | PC: 14187 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:43:32.075012946Z | 66 | PC: 141a8 | Move file pointer |
| 2018-12-17T22:43:32.076074696Z | 64 | PC: 141bc | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:43:32.077910787Z | 64 | PC: 141c7 | Write file or device (Write 283 bytes on handle 5) |
| 2018-12-17T22:43:32.090272849Z | 66 | PC: 141cf | Move file pointer |
| 2018-12-17T22:43:32.09132965Z | 64 | PC: 141ed | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:43:32.095339749Z | 87 | PC: 14146 | Get or set file date and time |
| 2018-12-17T22:43:32.096925429Z | 62 | PC: 1414a | Close file |
| 2018-12-17T22:43:32.102730147Z | 79 | PC: 14157 | Find next file |
| 2018-12-17T22:43:32.106516094Z | 61 | PC: 14178 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:43:32.114759398Z | 63 | PC: 14187 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:43:32.121385786Z | 87 | PC: 14146 | Get or set file date and time |
| 2018-12-17T22:43:32.122871731Z | 62 | PC: 1414a | Close file |
| 2018-12-17T22:43:32.130620579Z | 79 | PC: 14157 | Find next file |
| 2018-12-17T22:43:32.133643922Z | 61 | PC: 14178 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:43:32.140505481Z | 63 | PC: 14187 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:43:32.147504265Z | 87 | PC: 14146 | Get or set file date and time |
| 2018-12-17T22:43:32.14943346Z | 62 | PC: 1414a | Close file |
| 2018-12-17T22:43:32.158438565Z | 79 | PC: 14157 | Find next file |
| 2018-12-17T22:43:32.161520813Z | 61 | PC: 14178 | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T22:43:32.166139957Z | 63 | PC: 14187 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:43:32.171089546Z | 87 | PC: 14146 | Get or set file date and time |
| 2018-12-17T22:43:32.172942131Z | 62 | PC: 1414a | Close file |
| 2018-12-17T22:43:32.180807542Z | 79 | PC: 14157 | Find next file |
| 2018-12-17T22:43:32.183373499Z | 61 | PC: 14178 | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T22:43:32.189983178Z | 63 | PC: 14187 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:43:32.197289017Z | 87 | PC: 14146 | Get or set file date and time |
| 2018-12-17T22:43:32.198960679Z | 62 | PC: 1414a | Close file |
| 2018-12-17T22:43:32.204197629Z | 79 | PC: 14157 | Find next file |
| 2018-12-17T22:43:32.206757436Z | 61 | PC: 14178 | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T22:43:32.214049819Z | 63 | PC: 14187 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:43:32.218480852Z | 66 | PC: 141a8 | Move file pointer |
| 2018-12-17T22:43:32.220848473Z | 64 | PC: 141bc | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:43:32.222849695Z | 64 | PC: 141c7 | Write file or device (Write 283 bytes on handle 5) |
| 2018-12-17T22:43:32.228073745Z | 66 | PC: 141cf | Move file pointer |
| 2018-12-17T22:43:32.229837856Z | 64 | PC: 141ed | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:43:32.234117665Z | 87 | PC: 14146 | Get or set file date and time |
| 2018-12-17T22:43:32.235214016Z | 62 | PC: 1414a | Close file |
| 2018-12-17T22:43:32.243414601Z | 79 | PC: 14157 | Find next file |
| 2018-12-17T22:43:32.245804228Z | 61 | PC: 14178 | Open file (Filename = 'PAH.COM') |
| 2018-12-17T22:43:32.252129344Z | 63 | PC: 14187 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:43:32.258941638Z | 87 | PC: 14146 | Get or set file date and time |
| 2018-12-17T22:43:32.260256509Z | 62 | PC: 1414a | Close file |
| 2018-12-17T22:43:32.267255758Z | 79 | PC: 14157 | Find next file |
| 2018-12-17T22:43:32.270741381Z | 61 | PC: 14178 | Open file (Filename = 'TEST.COM') |
| 2018-12-17T22:43:32.274708325Z | 63 | PC: 14187 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:43:32.278762114Z | 87 | PC: 14146 | Get or set file date and time |
| 2018-12-17T22:43:32.280565383Z | 62 | PC: 1414a | Close file |
| 2018-12-17T22:43:32.286638324Z | 79 | PC: 14157 | Find next file |
| 2018-12-17T22:43:32.288252637Z | 26 | PC: 1411f | Set disk transfer address |
| 2018-12-17T22:43:32.289971939Z | 48 | PC: 12a63 | Get DOS version |
| 2018-12-17T22:43:32.290819152Z | 9 | PC: 12a7a | Display string (String= '
--=[ Selfchecking AntiStealth Goat COM/EXE file, 01/06/01 ]=------------------
(c) 1995-2001 by ROSE SWE, Dipl.-Ing. Ralph Roth - Version 1.18 - Freeware
') |
| 2018-12-17T22:43:32.295726972Z | 61 | PC: 12cb7 | Open file (Filename = '�') |
| 2018-12-17T22:43:32.300241673Z | 9 | PC: 12a88 | Display string (String= 'Self test: ') |
| 2018-12-17T22:43:32.301695821Z | 93 | PC: 12b24 | File sharing functions |
| 2018-12-17T22:43:32.302895669Z | 9 | PC: 12b03 | Display string (String= 'Size change=+011Fh/00287d. Virus might be activ?
��') |
| 2018-12-17T22:43:32.306639726Z | 76 | PC: 12b09 | Terminate with return code (Return code = '1') |
