.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:54:29.779607887Z | 53 | PC: 12c63 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:54:29.781157802Z | 37 | PC: 12c71 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:54:29.783438514Z | 26 | PC: 12c98 | Set disk transfer address |
| 2018-12-17T22:54:29.789415686Z | 78 | PC: 12cea | Find first file |
| 2018-12-17T22:54:29.794871821Z | 61 | PC: 12cf6 | Open file (Filename = 'TEST.EXE') |
| 2018-12-17T22:54:29.799894726Z | 63 | PC: 12d02 | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-17T22:54:29.80207358Z | 62 | PC: 12d06 | Close file |
| 2018-12-17T22:54:29.803425864Z | 79 | PC: 12cea | Find next file |
| 2018-12-17T22:54:29.805776825Z | 78 | PC: 12cea | Find first file |
| 2018-12-17T22:54:29.812491915Z | 61 | PC: 12cf6 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:54:29.817157281Z | 63 | PC: 12d02 | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-17T22:54:29.830176725Z | 62 | PC: 12d06 | Close file |
| 2018-12-17T22:54:29.832225656Z | 67 | PC: 12d7a | Get or set file attributes |
| 2018-12-17T22:54:29.851034994Z | 61 | PC: 12d7f | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:54:29.858999433Z | 66 | PC: 12d88 | Move file pointer |
| 2018-12-17T22:54:29.866694889Z | 44 | PC: 12dfb | Get time 0x12dfb: xchg ch, cl 0x12dfd: add dx, cx 0x12dff: xor dx, word ptr [bp + 0x3f2] 0x12e03: mov word ptr [bp + 0x3f2], dx 0x12e07: lea si, word ptr [bp + 0x39b] 0x12e0b: lea di, word ptr [bp + 0x44b] 0x12e0f: mov cx, 0x18 0x12e12: rep movsb byte ptr es:[di], byte ptr [si] 0x12e14: mov ah, 0x40 0x12e16: mov cx, 0x2f7 0x12e19: lea dx, word ptr [bp + 0x100] 0x12e1d: pushaw 0x12e1e: call 0x12f73 0x12e21: mov ax, 0x4200 0x12e24: xor cx, cx 0x12e26: cdq 0x12e27: int 0x21 0x12e29: mov ah, 0x40 0x12e2b: cmp byte ptr [bp + 0x448], 0x63 0x12e30: jne 0x12e3e |
| 2018-12-17T22:54:29.869776338Z | 64 | PC: 12f80 | Write file or device (Write 759 bytes on handle 5) |
| 2018-12-17T22:54:29.883395415Z | 66 | PC: 12e29 | Move file pointer |
| 2018-12-17T22:54:29.900608727Z | 64 | PC: 12e3b | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:54:29.908503843Z | 87 | PC: 12e55 | Get or set file date and time |
| 2018-12-17T22:54:29.910518661Z | 62 | PC: 12e59 | Close file |
| 2018-12-17T22:54:29.920375357Z | 67 | PC: 12e66 | Get or set file attributes |
| 2018-12-17T22:54:29.931638631Z | 37 | PC: 12e6e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:54:29.933014926Z | 26 | PC: 12e78 | Set disk transfer address |
| 2018-12-17T22:54:29.934929153Z | 9 | PC: 12a82 | Display string (String= 'Goat file (EXE). Size=000003E8h/0000001000d bytes. ') |
| 2018-12-17T22:54:29.94018452Z | 76 | PC: 12a86 | Terminate with return code (Return code = '36') |