.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:50:39.419510796Z | 44 | PC: 12b8b | Get time 0x12b8b: test dh, 1 0x12b8e: jne 0x12b93 0x12b90: jmp 0x12d47 0x12b93: mov byte ptr [0x257], dh 0x12b97: push es 0x12b98: mov ah, 0x2f 0x12b9a: int 0x21 0x12b9c: mov word ptr [0x228], bx 0x12ba0: mov word ptr [0x22a], es 0x12ba4: pop es 0x12ba5: mov dx, 0x22c 0x12ba8: mov ah, 0x1a 0x12baa: int 0x21 0x12bac: mov ah, 0x4e 0x12bae: mov dx, 0x223 0x12bb1: mov cx, 8 0x12bb4: int 0x21 0x12bb6: jb 0x12bd1 0x12bb8: cmp word ptr [0x244], 0x1021 0x12bbe: jne 0x12bd1 |
| 2018-12-17T22:50:39.42222238Z | 47 | PC: 12b9c | Get disk transfer address |
| 2018-12-17T22:50:39.424522712Z | 26 | PC: 12bac | Set disk transfer address |
| 2018-12-17T22:50:39.426098952Z | 78 | PC: 12bb6 | Find first file |
| 2018-12-17T22:50:39.431256568Z | 78 | PC: 12c28 | Find first file |
| 2018-12-17T22:50:39.442055697Z | 67 | PC: 12c64 | Get or set file attributes |
| 2018-12-17T22:50:39.794754895Z | 61 | PC: 12c69 | Open file (Filename = '') |
| 2018-12-17T22:50:39.803695938Z | 63 | PC: 12ca6 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:50:39.811816237Z | 66 | PC: 12cb8 | Move file pointer |
| 2018-12-17T22:50:39.813660266Z | 64 | PC: 12cd5 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:50:39.817031013Z | 66 | PC: 12ce5 | Move file pointer |
| 2018-12-17T22:50:39.819986891Z | 64 | PC: 12cfe | Write file or device (Write 547 bytes on handle 5) |
| 2018-12-17T22:50:39.827408113Z | 87 | PC: 12d11 | Get or set file date and time |
| 2018-12-17T22:50:39.829597519Z | 62 | PC: 12d15 | Close file |
| 2018-12-17T22:50:39.837316283Z | 67 | PC: 12d25 | Get or set file attributes |
| 2018-12-17T22:50:39.842479643Z | 26 | PC: 12d47 | Set disk transfer address |