.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:52:46.169225028Z | 78 | PC: 12a6f | Find first file |
| 2018-12-17T22:52:46.177811335Z | 44 | PC: 12a90 | Get time 0x12a90: cmp dl, 0 0x12a93: je 0x12a8c 0x12a95: mov byte ptr [0x14b], dl 0x12a99: ret 0x12a9a: mov cx, 0x25 0x12a9d: mov si, 0x126 0x12aa0: mov di, si 0x12aa2: lodsb al, byte ptr [si] 0x12aa3: xor al, byte ptr [0x14b] 0x12aa7: stosb byte ptr es:[di], al 0x12aa8: loop 0x12aa2 0x12aaa: ret 0x12aab: add si, di 0x12aad: enter 0x2774, -2 0x12ab1: enter 0x2b74, -0x75 0x12ab5: pop es 0x12ab6: mov cx, 4 0x12ab9: rol ax, 1 0x12abb: rol ax, 1 0x12abd: rol ax, 1 |
| 2018-12-17T22:52:46.182412674Z | 61 | PC: 12a53 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:52:46.190243613Z | 64 | PC: 12a5e | Write file or device (Write 107 bytes on handle 5) |
| 2018-12-17T22:52:46.198399296Z | 62 | PC: 12a62 | Close file |
| 2018-12-17T22:52:46.222356586Z | 79 | PC: 12a7d | Find next file |
| 2018-12-17T22:52:46.225784115Z | 44 | PC: 12a90 | Get time 0x12a90: cmp dl, 0 0x12a93: je 0x12a8c 0x12a95: mov byte ptr [0x14b], dl 0x12a99: ret 0x12a9a: mov cx, 0x25 0x12a9d: mov si, 0x126 0x12aa0: mov di, si 0x12aa2: lodsb al, byte ptr [si] 0x12aa3: xor al, byte ptr [0x14b] 0x12aa7: stosb byte ptr es:[di], al 0x12aa8: loop 0x12aa2 0x12aaa: ret 0x12aab: add si, di 0x12aad: enter 0x2774, -2 0x12ab1: enter 0x2b74, -0x75 0x12ab5: pop es 0x12ab6: mov cx, 4 0x12ab9: rol ax, 1 0x12abb: rol ax, 1 0x12abd: rol ax, 1 |
| 2018-12-17T22:52:46.228745527Z | 61 | PC: 12a53 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:52:46.242174986Z | 64 | PC: 12a5e | Write file or device (Write 107 bytes on handle 5) |
| 2018-12-17T22:52:46.25824454Z | 62 | PC: 12a62 | Close file |
| 2018-12-17T22:52:46.280481601Z | 79 | PC: 12a7d | Find next file |
| 2018-12-17T22:52:46.284995889Z | 44 | PC: 12a90 | Get time 0x12a90: cmp dl, 0 0x12a93: je 0x12a8c 0x12a95: mov byte ptr [0x14b], dl 0x12a99: ret 0x12a9a: mov cx, 0x25 0x12a9d: mov si, 0x126 0x12aa0: mov di, si 0x12aa2: lodsb al, byte ptr [si] 0x12aa3: xor al, byte ptr [0x14b] 0x12aa7: stosb byte ptr es:[di], al 0x12aa8: loop 0x12aa2 0x12aaa: ret 0x12aab: add si, di 0x12aad: enter 0x2774, -2 0x12ab1: enter 0x2b74, -0x75 0x12ab5: pop es 0x12ab6: mov cx, 4 0x12ab9: rol ax, 1 0x12abb: rol ax, 1 0x12abd: rol ax, 1 |
| 2018-12-17T22:52:46.288039641Z | 61 | PC: 12a53 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:52:46.297117041Z | 64 | PC: 12a5e | Write file or device (Write 107 bytes on handle 5) |
| 2018-12-17T22:52:46.321962741Z | 62 | PC: 12a62 | Close file |
| 2018-12-17T22:52:46.331853893Z | 79 | PC: 12a7d | Find next file |
| 2018-12-17T22:52:46.335308252Z | 44 | PC: 12a90 | Get time 0x12a90: cmp dl, 0 0x12a93: je 0x12a8c 0x12a95: mov byte ptr [0x14b], dl 0x12a99: ret 0x12a9a: mov cx, 0x25 0x12a9d: mov si, 0x126 0x12aa0: mov di, si 0x12aa2: lodsb al, byte ptr [si] 0x12aa3: xor al, byte ptr [0x14b] 0x12aa7: stosb byte ptr es:[di], al 0x12aa8: loop 0x12aa2 0x12aaa: ret 0x12aab: add si, di 0x12aad: enter 0x2774, -2 0x12ab1: enter 0x2b74, -0x75 0x12ab5: pop es 0x12ab6: mov cx, 4 0x12ab9: rol ax, 1 0x12abb: rol ax, 1 0x12abd: rol ax, 1 |
| 2018-12-17T22:52:46.346803972Z | 61 | PC: 12a53 | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T22:52:46.355441635Z | 64 | PC: 12a5e | Write file or device (Write 107 bytes on handle 5) |
| 2018-12-17T22:52:46.364955291Z | 62 | PC: 12a62 | Close file |
| 2018-12-17T22:52:46.374024228Z | 79 | PC: 12a7d | Find next file |
| 2018-12-17T22:52:46.377966345Z | 44 | PC: 12a90 | Get time 0x12a90: cmp dl, 0 0x12a93: je 0x12a8c 0x12a95: mov byte ptr [0x14b], dl 0x12a99: ret 0x12a9a: mov cx, 0x25 0x12a9d: mov si, 0x126 0x12aa0: mov di, si 0x12aa2: lodsb al, byte ptr [si] 0x12aa3: xor al, byte ptr [0x14b] 0x12aa7: stosb byte ptr es:[di], al 0x12aa8: loop 0x12aa2 0x12aaa: ret 0x12aab: add si, di 0x12aad: enter 0x2774, -2 0x12ab1: enter 0x2b74, -0x75 0x12ab5: pop es 0x12ab6: mov cx, 4 0x12ab9: rol ax, 1 0x12abb: rol ax, 1 0x12abd: rol ax, 1 |
| 2018-12-17T22:52:46.380916891Z | 61 | PC: 12a53 | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T22:52:46.389729785Z | 64 | PC: 12a5e | Write file or device (Write 107 bytes on handle 5) |
| 2018-12-17T22:52:46.398269863Z | 62 | PC: 12a62 | Close file |
| 2018-12-17T22:52:46.407984018Z | 79 | PC: 12a7d | Find next file |
| 2018-12-17T22:52:46.411242838Z | 44 | PC: 12a90 | Get time 0x12a90: cmp dl, 0 0x12a93: je 0x12a8c 0x12a95: mov byte ptr [0x14b], dl 0x12a99: ret 0x12a9a: mov cx, 0x25 0x12a9d: mov si, 0x126 0x12aa0: mov di, si 0x12aa2: lodsb al, byte ptr [si] 0x12aa3: xor al, byte ptr [0x14b] 0x12aa7: stosb byte ptr es:[di], al 0x12aa8: loop 0x12aa2 0x12aaa: ret 0x12aab: add si, di 0x12aad: enter 0x2774, -2 0x12ab1: enter 0x2b74, -0x75 0x12ab5: pop es 0x12ab6: mov cx, 4 0x12ab9: rol ax, 1 0x12abb: rol ax, 1 0x12abd: rol ax, 1 |
| 2018-12-17T22:52:46.414587862Z | 61 | PC: 12a53 | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T22:52:46.422474209Z | 64 | PC: 12a5e | Write file or device (Write 107 bytes on handle 5) |
| 2018-12-17T22:52:46.430320218Z | 62 | PC: 12a62 | Close file |
| 2018-12-17T22:52:46.440473766Z | 79 | PC: 12a7d | Find next file |
| 2018-12-17T22:52:46.443957126Z | 44 | PC: 12a90 | Get time 0x12a90: cmp dl, 0 0x12a93: je 0x12a8c 0x12a95: mov byte ptr [0x14b], dl 0x12a99: ret 0x12a9a: mov cx, 0x25 0x12a9d: mov si, 0x126 0x12aa0: mov di, si 0x12aa2: lodsb al, byte ptr [si] 0x12aa3: xor al, byte ptr [0x14b] 0x12aa7: stosb byte ptr es:[di], al 0x12aa8: loop 0x12aa2 0x12aaa: ret 0x12aab: add si, di 0x12aad: enter 0x2774, -2 0x12ab1: enter 0x2b74, -0x75 0x12ab5: pop es 0x12ab6: mov cx, 4 0x12ab9: rol ax, 1 0x12abb: rol ax, 1 0x12abd: rol ax, 1 |
| 2018-12-17T22:52:46.446957228Z | 61 | PC: 12a53 | Open file (Filename = 'PAH.COM') |
| 2018-12-17T22:52:46.460120005Z | 64 | PC: 12a5e | Write file or device (Write 107 bytes on handle 5) |
| 2018-12-17T22:52:46.468054914Z | 62 | PC: 12a62 | Close file |
| 2018-12-17T22:52:46.477736494Z | 79 | PC: 12a7d | Find next file |
| 2018-12-17T22:52:46.48174291Z | 44 | PC: 12a90 | Get time 0x12a90: cmp dl, 0 0x12a93: je 0x12a8c 0x12a95: mov byte ptr [0x14b], dl 0x12a99: ret 0x12a9a: mov cx, 0x25 0x12a9d: mov si, 0x126 0x12aa0: mov di, si 0x12aa2: lodsb al, byte ptr [si] 0x12aa3: xor al, byte ptr [0x14b] 0x12aa7: stosb byte ptr es:[di], al 0x12aa8: loop 0x12aa2 0x12aaa: ret 0x12aab: add si, di 0x12aad: enter 0x2774, -2 0x12ab1: enter 0x2b74, -0x75 0x12ab5: pop es 0x12ab6: mov cx, 4 0x12ab9: rol ax, 1 0x12abb: rol ax, 1 0x12abd: rol ax, 1 |
| 2018-12-17T22:52:46.484570397Z | 61 | PC: 12a53 | Open file (Filename = 'TEST.COM') |
| 2018-12-17T22:52:46.49197096Z | 64 | PC: 12a5e | Write file or device (Write 107 bytes on handle 5) |
| 2018-12-17T22:52:46.495360223Z | 62 | PC: 12a62 | Close file |
| 2018-12-17T22:52:46.519457619Z | 79 | PC: 12a7d | Find next file |