.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:50:38.697686202Z | 26 | PC: 12ac2 | Set disk transfer address |
| 2018-12-17T22:50:38.699903833Z | 78 | PC: 12aca | Find first file |
| 2018-12-17T22:50:38.70692284Z | 47 | PC: 12ad6 | Get disk transfer address |
| 2018-12-17T22:50:38.708326888Z | 61 | PC: 12ae6 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:50:38.715464703Z | 87 | PC: 12aec | Get or set file date and time |
| 2018-12-17T22:50:38.727123847Z | 63 | PC: 12b0c | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:50:38.734608369Z | 66 | PC: 12b1e | Move file pointer |
| 2018-12-17T22:50:38.741800933Z | 64 | PC: 12b29 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:50:38.746555527Z | 66 | PC: 12b32 | Move file pointer |
| 2018-12-17T22:50:38.748341946Z | 44 | PC: 12a6b | Get time 0x12a6b: mov byte ptr [bp + 0x123], cl 0x12a6f: mov cx, 0xde 0x12a72: lea si, word ptr [bp + 0x16f] 0x12a76: lea di, word ptr [bp + 0x235] 0x12a7a: movsb byte ptr es:[di], byte ptr [si] 0x12a7b: mov al, byte ptr [bp + 0x235] 0x12a7f: xor al, byte ptr [bp + 0x123] 0x12a83: mov byte ptr [bp + 0x235], al 0x12a87: lea di, word ptr [si - 1] 0x12a8a: lea si, word ptr [bp + 0x235] 0x12a8e: movsb byte ptr es:[di], byte ptr [si] 0x12a8f: mov si, di 0x12a91: loop 0x12a76 0x12a93: ret 0x12a94: jmp 0x12aaf 0x12a97: call 0x22a67 0x12a9a: mov ah, 0x40 0x12a9c: mov cx, 0x14d 0x12a9f: lea dx, word ptr [bp + 0x100] 0x12aa3: int 0x21 |
| 2018-12-17T22:50:38.75141173Z | 64 | PC: 12aa5 | Write file or device (Write 333 bytes on handle 5) |
| 2018-12-17T22:50:38.767586385Z | 87 | PC: 12b44 | Get or set file date and time |
| 2018-12-17T22:50:38.769595612Z | 62 | PC: 12b48 | Close file |
| 2018-12-17T22:50:38.778863742Z | 79 | PC: 12aca | Find next file |
| 2018-12-17T22:50:38.783188217Z | 47 | PC: 12ad6 | Get disk transfer address |
| 2018-12-17T22:50:38.784504781Z | 61 | PC: 12ae6 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:50:38.792077581Z | 87 | PC: 12aec | Get or set file date and time |
| 2018-12-17T22:50:38.79461619Z | 63 | PC: 12b0c | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:50:38.802263187Z | 66 | PC: 12b1e | Move file pointer |
| 2018-12-17T22:50:38.803834744Z | 64 | PC: 12b29 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:50:38.807013308Z | 66 | PC: 12b32 | Move file pointer |
| 2018-12-17T22:50:38.809050464Z | 44 | PC: 12a6b | Get time 0x12a6b: mov byte ptr [bp + 0x123], cl 0x12a6f: mov cx, 0xde 0x12a72: lea si, word ptr [bp + 0x16f] 0x12a76: lea di, word ptr [bp + 0x235] 0x12a7a: movsb byte ptr es:[di], byte ptr [si] 0x12a7b: mov al, byte ptr [bp + 0x235] 0x12a7f: xor al, byte ptr [bp + 0x123] 0x12a83: mov byte ptr [bp + 0x235], al 0x12a87: lea di, word ptr [si - 1] 0x12a8a: lea si, word ptr [bp + 0x235] 0x12a8e: movsb byte ptr es:[di], byte ptr [si] 0x12a8f: mov si, di 0x12a91: loop 0x12a76 0x12a93: ret 0x12a94: jmp 0x12aaf 0x12a97: call 0x22a67 0x12a9a: mov ah, 0x40 0x12a9c: mov cx, 0x14d 0x12a9f: lea dx, word ptr [bp + 0x100] 0x12aa3: int 0x21 |
| 2018-12-17T22:50:38.812109219Z | 64 | PC: 12aa5 | Write file or device (Write 333 bytes on handle 5) |
| 2018-12-17T22:50:38.81575723Z | 87 | PC: 12b44 | Get or set file date and time |
| 2018-12-17T22:50:38.818160872Z | 62 | PC: 12b48 | Close file |
| 2018-12-17T22:50:38.827638113Z | 79 | PC: 12aca | Find next file |
| 2018-12-17T22:50:38.830789467Z | 47 | PC: 12ad6 | Get disk transfer address |
| 2018-12-17T22:50:38.833197325Z | 61 | PC: 12ae6 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:50:38.840633075Z | 87 | PC: 12aec | Get or set file date and time |
| 2018-12-17T22:50:38.8433189Z | 63 | PC: 12b0c | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:50:38.851624387Z | 66 | PC: 12b1e | Move file pointer |
| 2018-12-17T22:50:38.853387157Z | 64 | PC: 12b29 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:50:38.856518137Z | 66 | PC: 12b32 | Move file pointer |
| 2018-12-17T22:50:38.859293005Z | 44 | PC: 12a6b | Get time 0x12a6b: mov byte ptr [bp + 0x123], cl 0x12a6f: mov cx, 0xde 0x12a72: lea si, word ptr [bp + 0x16f] 0x12a76: lea di, word ptr [bp + 0x235] 0x12a7a: movsb byte ptr es:[di], byte ptr [si] 0x12a7b: mov al, byte ptr [bp + 0x235] 0x12a7f: xor al, byte ptr [bp + 0x123] 0x12a83: mov byte ptr [bp + 0x235], al 0x12a87: lea di, word ptr [si - 1] 0x12a8a: lea si, word ptr [bp + 0x235] 0x12a8e: movsb byte ptr es:[di], byte ptr [si] 0x12a8f: mov si, di 0x12a91: loop 0x12a76 0x12a93: ret 0x12a94: jmp 0x12aaf 0x12a97: call 0x22a67 0x12a9a: mov ah, 0x40 0x12a9c: mov cx, 0x14d 0x12a9f: lea dx, word ptr [bp + 0x100] 0x12aa3: int 0x21 |
| 2018-12-17T22:50:38.86233778Z | 64 | PC: 12aa5 | Write file or device (Write 333 bytes on handle 5) |
| 2018-12-17T22:50:38.866419274Z | 87 | PC: 12b44 | Get or set file date and time |
| 2018-12-17T22:50:38.868794865Z | 62 | PC: 12b48 | Close file |
| 2018-12-17T22:50:38.877451218Z | 26 | PC: 12b5c | Set disk transfer address |