.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:49:01.210209724Z | 26 | PC: 12c91 | Set disk transfer address |
| 2018-12-17T22:49:01.211920555Z | 9 | PC: 12c58 | Display string (String= 'This program has been infected by: ') |
| 2018-12-17T22:49:01.21953434Z | 9 | PC: 12c58 | Display string (String= 'Virus Demo Ver.: 1.1 - Handle with care! By STAF (Tel.: (819) 595-0787) Generation #') |
| 2018-12-17T22:49:01.227654075Z | 2 | PC: 12c4c | Character output (Char = '35') |
| 2018-12-17T22:49:01.230463831Z | 48 | PC: 12cb5 | Get DOS version |
| 2018-12-17T22:49:01.233369388Z | 78 | PC: 12cd3 | Find first file |
| 2018-12-17T22:49:01.240208805Z | 61 | PC: 12ce0 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:49:01.247593472Z | 63 | PC: 12c6e | Read file or device (Read 24 bytes on handle 5) |
| 2018-12-17T22:49:01.255359612Z | 66 | PC: 12c64 | Move file pointer |
| 2018-12-17T22:49:01.25686647Z | 62 | PC: 12d16 | Close file |
| 2018-12-17T22:49:01.258765696Z | 79 | PC: 12d1a | Find next file |
| 2018-12-17T22:49:01.262724823Z | 61 | PC: 12ce0 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:49:01.269966606Z | 63 | PC: 12c6e | Read file or device (Read 24 bytes on handle 5) |
| 2018-12-17T22:49:01.276919796Z | 66 | PC: 12c64 | Move file pointer |
| 2018-12-17T22:49:01.28316724Z | 62 | PC: 12d16 | Close file |
| 2018-12-17T22:49:01.287326707Z | 79 | PC: 12d1a | Find next file |
| 2018-12-17T22:49:01.290155673Z | 61 | PC: 12ce0 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:49:01.29788748Z | 63 | PC: 12c6e | Read file or device (Read 24 bytes on handle 5) |
| 2018-12-17T22:49:01.305231415Z | 66 | PC: 12c64 | Move file pointer |
| 2018-12-17T22:49:01.30700002Z | 62 | PC: 12d16 | Close file |
| 2018-12-17T22:49:01.30958937Z | 79 | PC: 12d1a | Find next file |
| 2018-12-17T22:49:01.312689289Z | 61 | PC: 12ce0 | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T22:49:01.319913731Z | 63 | PC: 12c6e | Read file or device (Read 24 bytes on handle 5) |
| 2018-12-17T22:49:01.326673239Z | 66 | PC: 12c64 | Move file pointer |
| 2018-12-17T22:49:01.327831013Z | 62 | PC: 12d16 | Close file |
| 2018-12-17T22:49:01.330241243Z | 79 | PC: 12d1a | Find next file |
| 2018-12-17T22:49:01.333614479Z | 61 | PC: 12ce0 | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T22:49:01.341662356Z | 63 | PC: 12c6e | Read file or device (Read 24 bytes on handle 5) |
| 2018-12-17T22:49:01.348758758Z | 66 | PC: 12c64 | Move file pointer |
| 2018-12-17T22:49:01.350221356Z | 62 | PC: 12d16 | Close file |
| 2018-12-17T22:49:01.352577322Z | 79 | PC: 12d1a | Find next file |
| 2018-12-17T22:49:01.356210822Z | 61 | PC: 12ce0 | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T22:49:01.363387879Z | 63 | PC: 12c6e | Read file or device (Read 24 bytes on handle 5) |
| 2018-12-17T22:49:01.368373749Z | 66 | PC: 12c64 | Move file pointer |
| 2018-12-17T22:49:01.370168392Z | 62 | PC: 12d16 | Close file |
| 2018-12-17T22:49:01.372074301Z | 79 | PC: 12d1a | Find next file |
| 2018-12-17T22:49:01.375495074Z | 61 | PC: 12ce0 | Open file (Filename = 'PAH.COM') |
| 2018-12-17T22:49:01.389205017Z | 63 | PC: 12c6e | Read file or device (Read 24 bytes on handle 5) |
| 2018-12-17T22:49:01.39651258Z | 66 | PC: 12c64 | Move file pointer |
| 2018-12-17T22:49:01.398593445Z | 62 | PC: 12d16 | Close file |
| 2018-12-17T22:49:01.400566156Z | 79 | PC: 12d1a | Find next file |
| 2018-12-17T22:49:01.403258214Z | 61 | PC: 12ce0 | Open file (Filename = 'TEST.COM') |
| 2018-12-17T22:49:01.411112912Z | 63 | PC: 12c6e | Read file or device (Read 24 bytes on handle 5) |
| 2018-12-17T22:49:01.414022448Z | 62 | PC: 12d16 | Close file |
| 2018-12-17T22:49:01.416275532Z | 79 | PC: 12d1a | Find next file |
| 2018-12-17T22:49:01.419428837Z | 9 | PC: 12c58 | Display string (String= ' I have infected all your files in the current directory! Have a nice day!') |
| 2018-12-17T22:49:01.430059141Z | 62 | PC: 12e2b | Close file |
| 2018-12-17T22:49:01.431697101Z | 9 | PC: 12c58 | Display string (String= ' Press any key to execute original program... ') |