.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:50:40.950821388Z | 42 | PC: 22762 | Get date 0x22762: shr al, 1 0x22764: jae 0x22756 0x22766: cmp dl, 0x1f 0x22769: je 0x2272a 0x2276b: mov ah, 0x1a 0x2276d: mov dx, 0xff98 0x22770: int 0x21 0x22772: mov ah, 0x4e 0x22774: mov dx, 0xfd94 0x22777: xor cx, cx 0x22779: int 0x21 0x2277b: jb 0x227f9 0x2277d: mov al, byte ptr [0xffae] 0x22780: inc ax 0x22781: mov ah, 0x4f 0x22783: and al, 0x1f 0x22785: je 0x22777 0x22787: mov dx, 0xffb6 0x2278a: mov ax, 0x4300 0x2278d: int 0x21 |
| 2018-12-17T22:50:40.95388641Z | 26 | PC: 22772 | Set disk transfer address |
| 2018-12-17T22:50:40.955273059Z | 78 | PC: 2277b | Find first file |
| 2018-12-17T22:50:40.961136151Z | 67 | PC: 2278f | Get or set file attributes |
| 2018-12-17T22:50:40.966546237Z | 67 | PC: 2279b | Get or set file attributes |
| 2018-12-17T22:50:40.98469963Z | 61 | PC: 227a2 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:50:40.991433583Z | 63 | PC: 227af | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:50:40.997640366Z | 66 | PC: 227b9 | Move file pointer |
| 2018-12-17T22:50:40.999437806Z | 44 | PC: 226ea | Get time 0x226ea: xchg ax, dx 0x226eb: and ax, 0xa0a 0x226ee: add ax, 0x2929 0x226f1: mov byte ptr [0xfe75], al 0x226f4: mov byte ptr [0xfe93], ah 0x226f8: mov ax, 0xde01 0x226fb: ror cx, 1 0x226fd: jb 0x22702 0x226ff: mov ax, 0xf303 0x22702: mov word ptr [0xfd67], ax 0x22705: xchg ax, cx 0x22706: and ax, 0xa0a 0x22709: add ax, 0x2929 0x2270c: mov byte ptr [0xfe57], al 0x2270f: mov byte ptr [0xfe37], ah 0x22713: mov al, 0xbe 0x22715: xchg byte ptr [0xfd5e], al 0x22719: mov byte ptr [0xfe1d], al 0x2271c: mov si, 0xfed2 0x2271f: mov al, 0x35 |
| 2018-12-17T22:50:41.001076521Z | 64 | PC: 227d0 | Write file or device (Write 382 bytes on handle 5) |
| 2018-12-17T22:50:41.006146233Z | 66 | PC: 227d8 | Move file pointer |
| 2018-12-17T22:50:41.007752543Z | 64 | PC: 227e2 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:50:41.012039767Z | 87 | PC: 227f0 | Get or set file date and time |
| 2018-12-17T22:50:41.013196353Z | 62 | PC: 227f4 | Close file |
| 2018-12-17T22:50:41.019509473Z | 67 | PC: 227f9 | Get or set file attributes |
| 2018-12-17T22:50:41.026165724Z | 26 | PC: 22800 | Set disk transfer address |
| 2018-12-17T22:50:41.027025364Z | 9 | PC: 12a85 | Display string (String= 'Sophos Ltd, Oxford sacrificial COM goat 1400H bytes long ') |
| 2018-12-17T22:50:41.030806976Z | 0 | PC: 12a89 | Program terminate |