.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:52:59.204535209Z | 48 | PC: 12b8a | Get DOS version |
| 2018-12-17T22:52:59.206574961Z | 47 | PC: 12bb6 | Get disk transfer address |
| 2018-12-17T22:52:59.208434604Z | 26 | PC: 12bc7 | Set disk transfer address |
| 2018-12-17T22:52:59.210425885Z | 78 | PC: 12c48 | Find first file |
| 2018-12-17T22:52:59.217321107Z | 67 | PC: 12c95 | Get or set file attributes |
| 2018-12-17T22:52:59.224656276Z | 67 | PC: 12ca6 | Get or set file attributes |
| 2018-12-17T22:52:59.245690118Z | 61 | PC: 12cb1 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:52:59.253053279Z | 87 | PC: 12cbd | Get or set file date and time |
| 2018-12-17T22:52:59.255531063Z | 63 | PC: 12cd0 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:52:59.26344551Z | 66 | PC: 12ce2 | Move file pointer |
| 2018-12-17T22:52:59.265662595Z | 44 | PC: 12d02 | Get time 0x12d02: xor dx, cx 0x12d04: mov cx, word ptr [si + 0xe2] 0x12d08: xor cx, dx 0x12d0a: mov word ptr [si + 0xe2], cx 0x12d0e: mov word ptr [bp - 0x1e], cx 0x12d11: call 0x12fed 0x12d14: mov al, byte ptr [bp - 0x1e] 0x12d17: and al, 3 0x12d19: cmp al, 3 0x12d1b: je 0x12d11 0x12d1d: push ax 0x12d1e: ror al, 1 0x12d20: ror al, 1 0x12d22: mov byte ptr [si + 0x10], al 0x12d26: pop ax 0x12d27: add al, 2 0x12d29: mov byte ptr [si + 0x3c], al 0x12d2d: call 0x12fed 0x12d30: mov al, byte ptr [bp - 0x1e] 0x12d33: and al, 7 |
| 2018-12-17T22:52:59.271406775Z | 64 | PC: 132cf | Write file or device (Write 1948 bytes on handle 5) |
| 2018-12-17T22:52:59.282390207Z | 66 | PC: 12f6c | Move file pointer |
| 2018-12-17T22:52:59.28440401Z | 64 | PC: 12f7b | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:52:59.293627386Z | 87 | PC: 12f96 | Get or set file date and time |
| 2018-12-17T22:52:59.295498621Z | 62 | PC: 12f9a | Close file |
| 2018-12-17T22:52:59.304289804Z | 67 | PC: 12fa8 | Get or set file attributes |
| 2018-12-17T22:52:59.315826205Z | 26 | PC: 12fb3 | Set disk transfer address |