.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:50:57.770297974Z | 53 | PC: 137ca | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:50:57.772668427Z | 53 | PC: 137ca | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:50:57.775153475Z | 53 | PC: 137ca | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:50:57.777157229Z | 53 | PC: 137ca | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:50:57.779181592Z | 53 | PC: 137ca | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:50:57.782345647Z | 53 | PC: 137ca | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:50:57.783989515Z | 53 | PC: 137ca | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:50:57.785608226Z | 53 | PC: 137ca | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:50:57.791095334Z | 53 | PC: 137ca | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:50:57.793062189Z | 53 | PC: 137ca | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:50:57.794631237Z | 53 | PC: 137ca | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:50:57.796803127Z | 53 | PC: 137ca | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:50:57.804710632Z | 53 | PC: 137ca | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:50:57.807566978Z | 53 | PC: 137ca | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:50:57.811984086Z | 53 | PC: 137ca | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:50:57.814311308Z | 53 | PC: 137ca | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:50:57.817747774Z | 53 | PC: 137ca | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:50:57.81989612Z | 53 | PC: 137ca | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:50:57.83552478Z | 53 | PC: 137ca | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:50:57.837100971Z | 37 | PC: 137df | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:50:57.838358173Z | 37 | PC: 137e7 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:50:57.840354183Z | 37 | PC: 137ef | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:50:57.841559457Z | 37 | PC: 137f7 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:50:57.843361262Z | 68 | PC: 144db | I/O control for devices (Set for = '') |
| 2018-12-17T22:50:57.846465513Z | 64 | PC: 13b8d | Write file or device (Write 7 bytes on handle 1) |
| 2018-12-17T22:50:57.850405395Z | 64 | PC: 13b8d | Write file or device (Write 7 bytes on handle 1) |
| 2018-12-17T22:50:57.854218599Z | 44 | PC: 14612 | Get time 0x14612: mov word ptr [0x13e], cx 0x14616: mov word ptr [0x140], dx 0x1461a: retf 0x1461b: call 0x14662 0x1461e: jb 0x1462f 0x14620: mov cx, word ptr es:[di + 4] 0x14624: cmp cx, 1 0x14627: je 0x1462f 0x14629: xor bx, bx 0x1462b: push cs 0x1462c: call 0x2418f 0x1462f: retf 4 0x14632: call 0x14662 0x14635: jb 0x1464a 0x14637: mov ax, cx 0x14639: mov dx, bx 0x1463b: mov cx, word ptr es:[di + 4] 0x1463f: cmp cx, 1 0x14642: je 0x1464a 0x14644: xor bx, bx |
| 2018-12-17T22:50:57.857183519Z | 44 | PC: 1342d | Get time 0x1342d: xor ah, ah 0x1342f: mov al, dl 0x13431: les di, ptr [bp + 6] 0x13434: stosw word ptr es:[di], ax 0x13435: mov al, dh 0x13437: les di, ptr [bp + 0xa] 0x1343a: stosw word ptr es:[di], ax 0x1343b: mov al, cl 0x1343d: les di, ptr [bp + 0xe] 0x13440: stosw word ptr es:[di], ax 0x13441: mov al, ch 0x13443: les di, ptr [bp + 0x12] 0x13446: stosw word ptr es:[di], ax 0x13447: pop bp 0x13448: retf 0x10 0x1344b: push bp 0x1344c: mov bp, sp 0x1344e: mov ch, byte ptr [bp + 0xc] 0x13451: mov cl, byte ptr [bp + 0xa] 0x13454: mov dh, byte ptr [bp + 8] |
| 2018-12-17T22:50:57.860467438Z | 42 | PC: 133f7 | Get date 0x133f7: xor ah, ah 0x133f9: les di, ptr [bp + 6] 0x133fc: stosw word ptr es:[di], ax 0x133fd: mov al, dl 0x133ff: les di, ptr [bp + 0xa] 0x13402: stosw word ptr es:[di], ax 0x13403: mov al, dh 0x13405: les di, ptr [bp + 0xe] 0x13408: stosw word ptr es:[di], ax 0x13409: xchg ax, cx 0x1340a: les di, ptr [bp + 0x12] 0x1340d: stosw word ptr es:[di], ax 0x1340e: pop bp 0x1340f: retf 0x10 0x13412: push bp 0x13413: mov bp, sp 0x13415: mov cx, word ptr [bp + 0xa] 0x13418: mov dh, byte ptr [bp + 8] 0x1341b: mov dl, byte ptr [bp + 6] 0x1341e: mov ah, 0x2b |
| 2018-12-17T22:50:57.864239645Z | 48 | PC: 13ff7 | Get DOS version |
| 2018-12-17T22:50:57.867890864Z | 67 | PC: 13471 | Get or set file attributes |
| 2018-12-17T22:50:57.874913437Z | 67 | PC: 13498 | Get or set file attributes |
| 2018-12-17T22:50:57.892370903Z | 61 | PC: 13e35 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T22:50:57.899927569Z | 63 | PC: 13f08 | Read file or device (Read 5658 bytes on handle 5) |
| 2018-12-17T22:50:57.909738991Z | 62 | PC: 13e85 | Close file |
| 2018-12-17T22:50:57.912364604Z | 25 | PC: 14084 | Get default drive |
| 2018-12-17T22:50:57.914054198Z | 71 | PC: 14097 | Get current directory |
| 2018-12-17T22:50:57.918897326Z | 26 | PC: 1350f | Set disk transfer address |
| 2018-12-17T22:50:57.920546304Z | 78 | PC: 1351b | Find first file |
| 2018-12-17T22:50:57.928445514Z | 67 | PC: 13471 | Get or set file attributes |
| 2018-12-17T22:50:57.937890046Z | 67 | PC: 13498 | Get or set file attributes |
| 2018-12-17T22:50:57.950604191Z | 61 | PC: 13e35 | Open file (Filename = 'TEST.EXE') |
| 2018-12-17T22:50:57.957738815Z | 66 | PC: 1467c | Move file pointer |
| 2018-12-17T22:50:57.961691891Z | 66 | PC: 1468a | Move file pointer |
| 2018-12-17T22:50:57.964196716Z | 66 | PC: 14698 | Move file pointer |
| 2018-12-17T22:50:57.966086667Z | 66 | PC: 1467c | Move file pointer |
| 2018-12-17T22:50:57.970102712Z | 66 | PC: 1468a | Move file pointer |
| 2018-12-17T22:50:57.972500817Z | 66 | PC: 14698 | Move file pointer |
| 2018-12-17T22:50:57.974118997Z | 87 | PC: 134b2 | Get or set file date and time |
| 2018-12-17T22:50:57.977109124Z | 87 | PC: 134b2 | Get or set file date and time |
| 2018-12-17T22:50:57.978933121Z | 63 | PC: 13f08 | Read file or device (Read 5658 bytes on handle 5) |
| 2018-12-17T22:50:57.988538505Z | 62 | PC: 13e85 | Close file |
| 2018-12-17T22:50:57.99278321Z | 61 | PC: 13e35 | Open file (Filename = 'TEST.EXE') |
| 2018-12-17T22:50:58.000419275Z | 87 | PC: 134df | Get or set file date and time |
| 2018-12-17T22:50:58.002750484Z | 62 | PC: 13e85 | Close file |
| 2018-12-17T22:50:58.01080173Z | 67 | PC: 13498 | Get or set file attributes |
| 2018-12-17T22:50:58.022984918Z | 26 | PC: 13533 | Set disk transfer address |
| 2018-12-17T22:50:58.024842888Z | 79 | PC: 13538 | Find next file |
| 2018-12-17T22:50:58.028318758Z | 59 | PC: 1414b | Change current directory |
| 2018-12-17T22:50:58.034226717Z | 26 | PC: 1350f | Set disk transfer address |
| 2018-12-17T22:50:58.036237615Z | 78 | PC: 1351b | Find first file |
| 2018-12-17T22:50:58.043388258Z | 26 | PC: 13533 | Set disk transfer address |
| 2018-12-17T22:50:58.045915085Z | 79 | PC: 13538 | Find next file |
| 2018-12-17T22:50:58.049594988Z | 26 | PC: 13533 | Set disk transfer address |
| 2018-12-17T22:50:58.051409347Z | 79 | PC: 13538 | Find next file |
| 2018-12-17T22:50:58.056408748Z | 26 | PC: 13533 | Set disk transfer address |
| 2018-12-17T22:50:58.058510487Z | 79 | PC: 13538 | Find next file |
| 2018-12-17T22:50:58.062111752Z | 26 | PC: 13533 | Set disk transfer address |
| 2018-12-17T22:50:58.064838996Z | 79 | PC: 13538 | Find next file |
| 2018-12-17T22:50:58.070078488Z | 26 | PC: 13533 | Set disk transfer address |
| 2018-12-17T22:50:58.071906753Z | 79 | PC: 13538 | Find next file |
| 2018-12-17T22:50:58.07544488Z | 26 | PC: 13533 | Set disk transfer address |
| 2018-12-17T22:50:58.07787241Z | 79 | PC: 13538 | Find next file |
| 2018-12-17T22:50:58.081370453Z | 26 | PC: 13533 | Set disk transfer address |
| 2018-12-17T22:50:58.083100653Z | 79 | PC: 13538 | Find next file |
| 2018-12-17T22:50:58.087456866Z | 26 | PC: 13533 | Set disk transfer address |
| 2018-12-17T22:50:58.089183179Z | 79 | PC: 13538 | Find next file |
| 2018-12-17T22:50:58.092688465Z | 26 | PC: 13533 | Set disk transfer address |
| 2018-12-17T22:50:58.095077483Z | 79 | PC: 13538 | Find next file |
| 2018-12-17T22:50:58.098079382Z | 48 | PC: 13ff7 | Get DOS version |
| 2018-12-17T22:50:58.100135204Z | 67 | PC: 13498 | Get or set file attributes |
| 2018-12-17T22:50:58.111952564Z | 48 | PC: 13ff7 | Get DOS version |
| 2018-12-17T22:50:58.114275698Z | 67 | PC: 13471 | Get or set file attributes |
| 2018-12-17T22:50:58.121065274Z | 67 | PC: 13498 | Get or set file attributes |
| 2018-12-17T22:50:58.132379589Z | 61 | PC: 13e35 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T22:50:58.141555818Z | 87 | PC: 134b2 | Get or set file date and time |
| 2018-12-17T22:50:58.14398451Z | 87 | PC: 134b2 | Get or set file date and time |
| 2018-12-17T22:50:58.146131874Z | 66 | PC: 1467c | Move file pointer |
| 2018-12-17T22:50:58.149835964Z | 66 | PC: 1468a | Move file pointer |
| 2018-12-17T22:50:58.151917153Z | 66 | PC: 14698 | Move file pointer |
| 2018-12-17T22:50:58.154068034Z | 66 | PC: 13f67 | Move file pointer |
| 2018-12-17T22:50:58.156544666Z | 63 | PC: 13f08 | Read file or device (Read 5658 bytes on handle 5) |
| 2018-12-17T22:50:58.165293302Z | 66 | PC: 13f67 | Move file pointer |
| 2018-12-17T22:50:58.167173955Z | 64 | PC: 13f08 | Write file or device (Write 5658 bytes on handle 5) |
| 2018-12-17T22:50:58.176970699Z | 62 | PC: 13e85 | Close file |
| 2018-12-17T22:50:58.197023882Z | 53 | PC: 13739 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:50:58.19840148Z | 37 | PC: 13742 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:50:58.200135898Z | 53 | PC: 13739 | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:50:58.201655052Z | 37 | PC: 13742 | Set interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:50:58.20301718Z | 53 | PC: 13739 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:50:58.205383616Z | 37 | PC: 13742 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:50:58.207228352Z | 53 | PC: 13739 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:50:58.208750501Z | 37 | PC: 13742 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:50:58.2109692Z | 53 | PC: 13739 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:50:58.212398505Z | 37 | PC: 13742 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:50:58.213719296Z | 53 | PC: 13739 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:50:58.215509118Z | 37 | PC: 13742 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:50:58.21797953Z | 53 | PC: 13739 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:50:58.220313234Z | 37 | PC: 13742 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:50:58.222870518Z | 53 | PC: 13739 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:50:58.225374271Z | 37 | PC: 13742 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:50:58.227010475Z | 53 | PC: 13739 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:50:58.228732801Z | 37 | PC: 13742 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:50:58.231480242Z | 53 | PC: 13739 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:50:58.233740498Z | 37 | PC: 13742 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:50:58.235527215Z | 53 | PC: 13739 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:50:58.238340249Z | 37 | PC: 13742 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:50:58.240942679Z | 53 | PC: 13739 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:50:58.242827219Z | 37 | PC: 13742 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:50:58.245689907Z | 53 | PC: 13739 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:50:58.250367073Z | 37 | PC: 13742 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:50:58.252083067Z | 53 | PC: 13739 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:50:58.25387835Z | 37 | PC: 13742 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:50:58.256633235Z | 53 | PC: 13739 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:50:58.258415393Z | 37 | PC: 13742 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:50:58.260206678Z | 53 | PC: 13739 | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:50:58.263062463Z | 37 | PC: 13742 | Set interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:50:58.264836045Z | 53 | PC: 13739 | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:50:58.266681091Z | 37 | PC: 13742 | Set interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:50:58.269309078Z | 53 | PC: 13739 | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:50:58.271606614Z | 37 | PC: 13742 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:50:58.273390716Z | 53 | PC: 13739 | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:50:58.27592646Z | 37 | PC: 13742 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:50:58.278168602Z | 48 | PC: 13ff7 | Get DOS version |
| 2018-12-17T22:50:58.280319352Z | 41 | PC: 13688 | Parse filename |
| 2018-12-17T22:50:58.283495179Z | 41 | PC: 13696 | Parse filename |
| 2018-12-17T22:50:58.285601005Z | 75 | PC: 136a1 | Execute program |