.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T22:51:36.71599272Z | 48 | PC: 131ae | Get DOS version |
| 2018-12-17T22:51:36.718700563Z | 53 | PC: 1322c | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:51:36.720255504Z | 37 | PC: 13263 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:51:36.721882335Z | 48 | PC: 132b8 | Get DOS version |
| 2018-12-17T22:51:36.723764129Z | 53 | PC: 132c2 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:51:36.725977471Z | 37 | PC: 132d7 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:51:36.727949503Z | 47 | PC: 132dd | Get disk transfer address |
| 2018-12-17T22:51:36.729859455Z | 26 | PC: 132ed | Set disk transfer address |
| 2018-12-17T22:51:36.733608358Z | 78 | PC: 132f7 | Find first file |
| 2018-12-17T22:51:36.74052048Z | 53 | PC: 9ef12 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:51:36.742474169Z | 37 | PC: 9ef12 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:51:36.745402875Z | 67 | PC: 9ef12 | Get or set file attributes |
| 2018-12-17T22:51:36.751048644Z | 67 | PC: 9ef12 | Get or set file attributes |
| 2018-12-17T22:51:36.771436093Z | 61 | PC: 9ef12 | Open file (Filename = 'FILENAME.EXT') |
| 2018-12-17T22:51:36.77926157Z | 87 | PC: 9ef12 | Get or set file date and time |
| 2018-12-17T22:51:36.780993364Z | 66 | PC: 9ef12 | Move file pointer |
| 2018-12-17T22:51:36.782701944Z | 66 | PC: 9ef12 | Move file pointer |
| 2018-12-17T22:51:36.78582091Z | 63 | PC: 9ef12 | Read file or device (Read 28 bytes on handle 5) |
| 2018-12-17T22:51:36.790783354Z | 62 | PC: 9ef12 | Close file |
| 2018-12-17T22:51:36.793229717Z | 42 | PC: 9ef12 | Get date 0x9ef12: ret
0x9ef13: push ds
0x9ef14: pop es
0x9ef15: push ds
0x9ef16: pop word ptr cs:[0xcb8]
0x9ef1b: mov word ptr cs:[0xcb6], dx
0x9ef20: mov ax, 0x4300
0x9ef23: call 0xaef0c
0x9ef26: jb 0x9eef7
0x9ef28: test cx, 0x1e
0x9ef2c: jne 0x9eef7
0x9ef2e: mov word ptr cs:[0xcbc], cx
0x9ef33: and cx, 0xfe
0x9ef37: mov dx, word ptr cs:[0xcb6]
0x9ef3c: mov ax, 0x4301
0x9ef3f: call 0xaef0c
0x9ef42: jb 0x9eef7
0x9ef44: mov dx, word ptr cs:[0xcb6]
0x9ef49: mov di, dx
0x9ef4b: xor al, al
|
| 2018-12-17T22:51:36.796869437Z | 37 | PC: 9ef12 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:51:36.799530608Z | 61 | PC: 13301 | Open file (Filename = '.�����0�!<�s��') |
| 2018-12-17T22:51:36.806919471Z | 62 | PC: 13309 | Close file |
| 2018-12-17T22:51:36.809940017Z | 79 | PC: 13315 | Find next file |
| 2018-12-17T22:51:36.813481264Z | 37 | PC: 13327 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:51:36.815610343Z | 26 | PC: 13330 | Set disk transfer address |
| 2018-12-17T22:51:36.818275249Z | 9 | PC: 13773 | Display string (String= '�����������������������������X X X X ��#�������X X ���
�
�
�
�
��8�8�8�8�8���X X ��#�#���X #�#�#�#�������COMMAND.COM�AIDSTEST.EXE�
Ce��ac �� ����a
') |
| 2018-12-17T22:51:36.824235379Z | 76 | PC: 13778 | Terminate with return code (Return code = '0') |
