.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:54:03.239234593Z | 42 | PC: 12aac | Get date 0x12aac: mov word ptr [0xf2], dx 0x12ab0: mov word ptr [0xf4], cx 0x12ab4: stc 0x12ab5: mov dx, 0x2a2 0x12ab8: mov ah, 0x4e 0x12aba: mov cx, 0x20 0x12abd: int 0x21 0x12abf: or ax, ax 0x12ac1: je 0x12ac6 0x12ac3: jmp 0x12b9b 0x12ac6: mov ah, 0x2f 0x12ac8: int 0x21 0x12aca: mov ax, word ptr es:[bx + 0x1a] 0x12ace: mov word ptr [0xfc], ax 0x12ad1: add bx, 0x1e 0x12ad4: mov word ptr [0xfe], bx 0x12ad8: mov ax, 0x4f43 0x12adb: sub ax, word ptr [0x9e] 0x12adf: jne 0x12ae4 0x12ae1: jmp 0x12b8f |
| 2018-12-17T22:54:03.242528589Z | 78 | PC: 12abf | Find first file |
| 2018-12-17T22:54:03.249801178Z | 47 | PC: 12aca | Get disk transfer address |
| 2018-12-17T22:54:03.251298947Z | 43 | PC: 12b20 | Set date |
| 2018-12-17T22:54:03.255144617Z | 61 | PC: 12b28 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:54:03.268608552Z | 63 | PC: 12b36 | Read file or device (Read 407 bytes on handle 5) |
| 2018-12-17T22:54:03.276677597Z | 60 | PC: 12b73 | Create or truncate file |
| 2018-12-17T22:54:03.298907647Z | 64 | PC: 12b85 | Write file or device (Write 834 bytes on handle 6) |
| 2018-12-17T22:54:03.309328845Z | 62 | PC: 12b89 | Close file |
| 2018-12-17T22:54:03.31856974Z | 79 | PC: 12b94 | Find next file |
| 2018-12-17T22:54:03.321966319Z | 47 | PC: 12aca | Get disk transfer address |
| 2018-12-17T22:54:03.32464613Z | 43 | PC: 12b20 | Set date |
| 2018-12-17T22:54:03.32879672Z | 61 | PC: 12b28 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:54:03.341694254Z | 63 | PC: 12b36 | Read file or device (Read 27 bytes on handle 6) |
| 2018-12-17T22:54:03.348901694Z | 60 | PC: 12b73 | Create or truncate file |
| 2018-12-17T22:54:03.364192561Z | 64 | PC: 12b85 | Write file or device (Write 454 bytes on handle 7) |
| 2018-12-17T22:54:03.369320465Z | 62 | PC: 12b89 | Close file |
| 2018-12-17T22:54:03.378461489Z | 79 | PC: 12b94 | Find next file |
| 2018-12-17T22:54:03.382189055Z | 47 | PC: 12aca | Get disk transfer address |
| 2018-12-17T22:54:03.383954671Z | 43 | PC: 12b20 | Set date |
| 2018-12-17T22:54:03.38809562Z | 61 | PC: 12b28 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:54:03.401847257Z | 63 | PC: 12b36 | Read file or device (Read 92 bytes on handle 7) |
| 2018-12-17T22:54:03.409141524Z | 60 | PC: 12b73 | Create or truncate file |
| 2018-12-17T22:54:03.422702515Z | 64 | PC: 12b85 | Write file or device (Write 519 bytes on handle 8) |
| 2018-12-17T22:54:03.433365652Z | 62 | PC: 12b89 | Close file |
| 2018-12-17T22:54:03.442515547Z | 79 | PC: 12b94 | Find next file |
| 2018-12-17T22:54:03.445650436Z | 47 | PC: 12aca | Get disk transfer address |
| 2018-12-17T22:54:03.455662512Z | 43 | PC: 12b20 | Set date |
| 2018-12-17T22:54:03.45963652Z | 61 | PC: 12b28 | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T22:54:03.472875134Z | 63 | PC: 12b36 | Read file or device (Read 29 bytes on handle 8) |
| 2018-12-17T22:54:03.480214832Z | 60 | PC: 12b73 | Create or truncate file |
| 2018-12-17T22:54:03.494970463Z | 64 | PC: 12b85 | Write file or device (Write 456 bytes on handle 9) |
| 2018-12-17T22:54:03.49944231Z | 62 | PC: 12b89 | Close file |
| 2018-12-17T22:54:03.509061623Z | 79 | PC: 12b94 | Find next file |
| 2018-12-17T22:54:03.517944563Z | 47 | PC: 12aca | Get disk transfer address |
| 2018-12-17T22:54:03.519403012Z | 43 | PC: 12b20 | Set date |
| 2018-12-17T22:54:03.523277771Z | 61 | PC: 12b28 | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T22:54:03.537390225Z | 63 | PC: 12b36 | Read file or device (Read 29 bytes on handle 9) |
| 2018-12-17T22:54:03.545183633Z | 60 | PC: 12b73 | Create or truncate file |
| 2018-12-17T22:54:03.55920669Z | 64 | PC: 12b85 | Write file or device (Write 456 bytes on handle 10) |
| 2018-12-17T22:54:03.565149711Z | 62 | PC: 12b89 | Close file |
| 2018-12-17T22:54:03.575218366Z | 79 | PC: 12b94 | Find next file |
| 2018-12-17T22:54:03.578775918Z | 47 | PC: 12aca | Get disk transfer address |
| 2018-12-17T22:54:03.581770694Z | 43 | PC: 12b20 | Set date |
| 2018-12-17T22:54:03.58615069Z | 61 | PC: 12b28 | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T22:54:03.599453422Z | 63 | PC: 12b36 | Read file or device (Read 501 bytes on handle 10) |
| 2018-12-17T22:54:03.607304254Z | 60 | PC: 12b73 | Create or truncate file |
| 2018-12-17T22:54:03.622370095Z | 64 | PC: 12b85 | Write file or device (Write 928 bytes on handle 11) |
| 2018-12-17T22:54:03.63196849Z | 62 | PC: 12b89 | Close file |
| 2018-12-17T22:54:03.642061801Z | 79 | PC: 12b94 | Find next file |
| 2018-12-17T22:54:03.646582864Z | 47 | PC: 12aca | Get disk transfer address |
| 2018-12-17T22:54:03.648542368Z | 43 | PC: 12b20 | Set date |
| 2018-12-17T22:54:03.652917558Z | 61 | PC: 12b28 | Open file (Filename = 'PAH.COM') |
| 2018-12-17T22:54:03.667110947Z | 63 | PC: 12b36 | Read file or device (Read 29 bytes on handle 11) |
| 2018-12-17T22:54:03.675293987Z | 60 | PC: 12b73 | Create or truncate file |
| 2018-12-17T22:54:03.689499273Z | 64 | PC: 12b85 | Write file or device (Write 456 bytes on handle 12) |
| 2018-12-17T22:54:03.695158799Z | 62 | PC: 12b89 | Close file |
| 2018-12-17T22:54:03.704867034Z | 79 | PC: 12b94 | Find next file |
| 2018-12-17T22:54:03.709192904Z | 47 | PC: 12aca | Get disk transfer address |
| 2018-12-17T22:54:03.711166718Z | 43 | PC: 12b20 | Set date |
| 2018-12-17T22:54:03.71649931Z | 61 | PC: 12b28 | Open file (Filename = 'TEST.COM') |
| 2018-12-17T22:54:03.724390641Z | 63 | PC: 12b36 | Read file or device (Read 2427 bytes on handle 12) |
| 2018-12-17T22:54:03.733202421Z | 79 | PC: 12b94 | Find next file |
| 2018-12-17T22:54:03.737531059Z | 43 | PC: 12ba7 | Set date |
| 2018-12-17T22:54:03.74184081Z | 43 | PC: 12bae | Set date |