.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:51:47.019129358Z | 42 | PC: 132b3 | Get date 0x132b3: mov byte ptr ds:[bp + 0x2b6], dl 0x132b8: mov byte ptr ds:[bp + 0x2b5], dh 0x132bd: mov byte ptr ds:[bp + 0x2b4], al 0x132c2: cmp al, 0 0x132c4: je 0x132d0 0x132c6: mov di, 0x100 0x132c9: lea si, word ptr [bp + 0x28a] 0x132cd: push di 0x132ce: movsw word ptr es:[di], word ptr [si] 0x132cf: movsw word ptr es:[di], word ptr [si] 0x132d0: lea dx, word ptr [bp + 0x2d6] 0x132d4: call 0x133d6 0x132d7: jmp 0x133c1 0x132da: cmp byte ptr ds:[bp + 0x2b6], 0x1b 0x132e0: jne 0x132ed 0x132e2: call 0x13314 0x132e5: cmp byte ptr ds:[bp + 0x2b5], 6 0x132eb: je 0x1330b 0x132ed: mov dx, 0x80 0x132f0: call 0x133d6 |
| 2018-12-17T22:51:47.021644198Z | 26 | PC: 133da | Set disk transfer address |
| 2018-12-17T22:51:47.022602235Z | 78 | PC: 133cc | Find first file |
| 2018-12-17T22:51:47.026618472Z | 61 | PC: 13332 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:51:47.031451657Z | 87 | PC: 13338 | Get or set file date and time |
| 2018-12-17T22:51:47.032512932Z | 63 | PC: 13345 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:51:47.038773829Z | 66 | PC: 133e0 | Move file pointer |
| 2018-12-17T22:51:47.046279743Z | 66 | PC: 133e0 | Move file pointer |
| 2018-12-17T22:51:47.047406905Z | 64 | PC: 1341b | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:51:47.049275094Z | 66 | PC: 133e0 | Move file pointer |
| 2018-12-17T22:51:47.050519382Z | 44 | PC: 13378 | Get time 0x13378: mov word ptr ds:[bp + 0x2c1], dx 0x1337d: mov cx, 0x12 0x13380: lea di, word ptr [bp + 0x301] 0x13384: lea si, word ptr [bp + 0x2c3] 0x13388: push cx 0x13389: push si 0x1338a: rep movsb byte ptr es:[di], byte ptr [si] 0x1338c: cmp byte ptr ds:[bp + 0x2b4], 0 0x13392: jne 0x1339f 0x13394: mov cx, 0xd 0x13397: lea si, word ptr [bp + 0x24f] 0x1339b: rep movsb byte ptr es:[di], byte ptr [si] 0x1339d: jmp 0x133a8 0x1339f: mov cx, 0xb 0x133a2: lea si, word ptr [bp + 0x164] 0x133a6: rep movsb byte ptr es:[di], byte ptr [si] 0x133a8: pop si 0x133a9: pop cx 0x133aa: rep movsb byte ptr es:[di], byte ptr [si] 0x133ac: mov al, 0xc3 |
| 2018-12-17T22:51:47.065511622Z | 64 | PC: 134ba | Write file or device (Write 508 bytes on handle 5) |
| 2018-12-17T22:51:47.079441292Z | 87 | PC: 133b9 | Get or set file date and time |
| 2018-12-17T22:51:47.081186721Z | 62 | PC: 133bd | Close file |
| 2018-12-17T22:51:47.087200416Z | 79 | PC: 133cc | Find next file |
| 2018-12-17T22:51:47.089008873Z | 61 | PC: 13332 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:51:47.09309636Z | 87 | PC: 13338 | Get or set file date and time |
| 2018-12-17T22:51:47.095237862Z | 63 | PC: 13345 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:51:47.099534493Z | 87 | PC: 133b9 | Get or set file date and time |
| 2018-12-17T22:51:47.100661846Z | 62 | PC: 133bd | Close file |
| 2018-12-17T22:51:47.106554881Z | 79 | PC: 133cc | Find next file |
| 2018-12-17T22:51:47.110700094Z | 61 | PC: 13332 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:51:47.118596568Z | 87 | PC: 13338 | Get or set file date and time |
| 2018-12-17T22:51:47.122259945Z | 63 | PC: 13345 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:51:47.12901479Z | 66 | PC: 133e0 | Move file pointer |
| 2018-12-17T22:51:47.131201653Z | 66 | PC: 133e0 | Move file pointer |
| 2018-12-17T22:51:47.134341572Z | 64 | PC: 1341b | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:51:47.137082725Z | 66 | PC: 133e0 | Move file pointer |
| 2018-12-17T22:51:47.138610239Z | 44 | PC: 13378 | Get time 0x13378: mov word ptr ds:[bp + 0x2c1], dx 0x1337d: mov cx, 0x12 0x13380: lea di, word ptr [bp + 0x301] 0x13384: lea si, word ptr [bp + 0x2c3] 0x13388: push cx 0x13389: push si 0x1338a: rep movsb byte ptr es:[di], byte ptr [si] 0x1338c: cmp byte ptr ds:[bp + 0x2b4], 0 0x13392: jne 0x1339f 0x13394: mov cx, 0xd 0x13397: lea si, word ptr [bp + 0x24f] 0x1339b: rep movsb byte ptr es:[di], byte ptr [si] 0x1339d: jmp 0x133a8 0x1339f: mov cx, 0xb 0x133a2: lea si, word ptr [bp + 0x164] 0x133a6: rep movsb byte ptr es:[di], byte ptr [si] 0x133a8: pop si 0x133a9: pop cx 0x133aa: rep movsb byte ptr es:[di], byte ptr [si] 0x133ac: mov al, 0xc3 |
| 2018-12-17T22:51:47.145465689Z | 64 | PC: 134ba | Write file or device (Write 508 bytes on handle 5) |
| 2018-12-17T22:51:47.153653347Z | 87 | PC: 133b9 | Get or set file date and time |
| 2018-12-17T22:51:47.155475539Z | 62 | PC: 133bd | Close file |
| 2018-12-17T22:51:47.163587504Z | 79 | PC: 133cc | Find next file |
| 2018-12-17T22:51:47.166638172Z | 61 | PC: 13332 | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T22:51:47.173323782Z | 87 | PC: 13338 | Get or set file date and time |
| 2018-12-17T22:51:47.17596472Z | 63 | PC: 13345 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:51:47.182921065Z | 87 | PC: 133b9 | Get or set file date and time |
| 2018-12-17T22:51:47.18470802Z | 62 | PC: 133bd | Close file |
| 2018-12-17T22:51:47.192036943Z | 79 | PC: 133cc | Find next file |
| 2018-12-17T22:51:47.195427731Z | 61 | PC: 13332 | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T22:51:47.202155822Z | 87 | PC: 13338 | Get or set file date and time |
| 2018-12-17T22:51:47.203834024Z | 63 | PC: 13345 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:51:47.211457901Z | 87 | PC: 133b9 | Get or set file date and time |
| 2018-12-17T22:51:47.213256095Z | 62 | PC: 133bd | Close file |
| 2018-12-17T22:51:47.220370032Z | 79 | PC: 133cc | Find next file |
| 2018-12-17T22:51:47.224115679Z | 61 | PC: 13332 | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T22:51:47.231040565Z | 87 | PC: 13338 | Get or set file date and time |
| 2018-12-17T22:51:47.232714471Z | 63 | PC: 13345 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:51:47.240122911Z | 66 | PC: 133e0 | Move file pointer |
| 2018-12-17T22:51:47.24294832Z | 66 | PC: 133e0 | Move file pointer |
| 2018-12-17T22:51:47.24465573Z | 64 | PC: 1341b | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:51:47.247793147Z | 66 | PC: 133e0 | Move file pointer |
| 2018-12-17T22:51:47.250325936Z | 44 | PC: 13378 | Get time 0x13378: mov word ptr ds:[bp + 0x2c1], dx 0x1337d: mov cx, 0x12 0x13380: lea di, word ptr [bp + 0x301] 0x13384: lea si, word ptr [bp + 0x2c3] 0x13388: push cx 0x13389: push si 0x1338a: rep movsb byte ptr es:[di], byte ptr [si] 0x1338c: cmp byte ptr ds:[bp + 0x2b4], 0 0x13392: jne 0x1339f 0x13394: mov cx, 0xd 0x13397: lea si, word ptr [bp + 0x24f] 0x1339b: rep movsb byte ptr es:[di], byte ptr [si] 0x1339d: jmp 0x133a8 0x1339f: mov cx, 0xb 0x133a2: lea si, word ptr [bp + 0x164] 0x133a6: rep movsb byte ptr es:[di], byte ptr [si] 0x133a8: pop si 0x133a9: pop cx 0x133aa: rep movsb byte ptr es:[di], byte ptr [si] 0x133ac: mov al, 0xc3 |
| 2018-12-17T22:51:47.253064657Z | 64 | PC: 134ba | Write file or device (Write 508 bytes on handle 5) |
| 2018-12-17T22:51:47.261440143Z | 87 | PC: 133b9 | Get or set file date and time |
| 2018-12-17T22:51:47.264246453Z | 62 | PC: 133bd | Close file |
| 2018-12-17T22:51:47.272077957Z | 79 | PC: 133cc | Find next file |
| 2018-12-17T22:51:47.278956569Z | 61 | PC: 13332 | Open file (Filename = 'PAH.COM') |
| 2018-12-17T22:51:47.286203753Z | 87 | PC: 13338 | Get or set file date and time |
| 2018-12-17T22:51:47.29372118Z | 63 | PC: 13345 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:51:47.300338807Z | 87 | PC: 133b9 | Get or set file date and time |
| 2018-12-17T22:51:47.302896402Z | 62 | PC: 133bd | Close file |
| 2018-12-17T22:51:47.310579109Z | 79 | PC: 133cc | Find next file |
| 2018-12-17T22:51:47.314661962Z | 26 | PC: 133da | Set disk transfer address |
| 2018-12-17T22:51:47.316680341Z | 76 | PC: 12a4a | Terminate with return code (Return code = '0') |