.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:54:37.588676167Z | 26 | PC: 12a64 | Set disk transfer address |
| 2018-12-17T22:54:37.590029376Z | 37 | PC: 12a6f | Set interrupt vector (Interrupt = '1' AKA 'Character input') |
| 2018-12-17T22:54:37.591855056Z | 37 | PC: 12a73 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input') |
| 2018-12-17T22:54:37.59361306Z | 78 | PC: 12ab9 | Find first file |
| 2018-12-17T22:54:37.601395905Z | 61 | PC: 12b4f | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:54:37.609709248Z | 63 | PC: 12b5e | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:54:37.616735326Z | 66 | PC: 12b6d | Move file pointer |
| 2018-12-17T22:54:37.618494964Z | 66 | PC: 12b7c | Move file pointer |
| 2018-12-17T22:54:37.621510899Z | 64 | PC: 12b88 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:54:37.624587695Z | 66 | PC: 12b94 | Move file pointer |
| 2018-12-17T22:54:37.626282227Z | 44 | PC: 12b98 | Get time 0x12b98: mov byte ptr [bp + 0x17b], dl 0x12b9c: call 0x12bb2 0x12b9f: mov ah, 0x40 0x12ba1: mov cx, 0x17b 0x12ba4: lea dx, word ptr [bp + 6] 0x12ba8: int 0x21 0x12baa: call 0x12bb2 0x12bad: mov ah, 0x3e 0x12baf: int 0x21 0x12bb1: ret 0x12bb2: lea si, word ptr [bp + 0x11] 0x12bb6: mov cx, 0x14b 0x12bb9: xor byte ptr [si], 0 0x12bbc: inc si 0x12bbd: dec cx 0x12bbe: jne 0x12bb9 0x12bc0: ret 0x12bc1: add word ptr [bx], di 0x12bc3: aas 0x12bc4: aas |
| 2018-12-17T22:54:37.630320638Z | 64 | PC: 12baa | Write file or device (Write 379 bytes on handle 5) |
| 2018-12-17T22:54:37.64754922Z | 62 | PC: 12bb1 | Close file |
| 2018-12-17T22:54:37.656749477Z | 79 | PC: 12ab9 | Find next file |
| 2018-12-17T22:54:37.659776411Z | 61 | PC: 12b4f | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:54:37.668032654Z | 63 | PC: 12b5e | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:54:37.676202583Z | 66 | PC: 12b6d | Move file pointer |
| 2018-12-17T22:54:37.678415834Z | 66 | PC: 12b7c | Move file pointer |
| 2018-12-17T22:54:37.6816633Z | 64 | PC: 12b88 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:54:37.684831482Z | 66 | PC: 12b94 | Move file pointer |
| 2018-12-17T22:54:37.686499072Z | 44 | PC: 12b98 | Get time 0x12b98: mov byte ptr [bp + 0x17b], dl 0x12b9c: call 0x12bb2 0x12b9f: mov ah, 0x40 0x12ba1: mov cx, 0x17b 0x12ba4: lea dx, word ptr [bp + 6] 0x12ba8: int 0x21 0x12baa: call 0x12bb2 0x12bad: mov ah, 0x3e 0x12baf: int 0x21 0x12bb1: ret 0x12bb2: lea si, word ptr [bp + 0x11] 0x12bb6: mov cx, 0x14b 0x12bb9: xor byte ptr [si], 0x41 0x12bbc: inc si 0x12bbd: dec cx 0x12bbe: jne 0x12bb9 0x12bc0: ret 0x12bc1: add word ptr [bx], di 0x12bc3: aas 0x12bc4: aas |
| 2018-12-17T22:54:37.689765651Z | 64 | PC: 12baa | Write file or device (Write 379 bytes on handle 5) |
| 2018-12-17T22:54:37.692844153Z | 62 | PC: 12bb1 | Close file |
| 2018-12-17T22:54:37.701359296Z | 79 | PC: 12ab9 | Find next file |
| 2018-12-17T22:54:37.704885503Z | 61 | PC: 12b4f | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:54:37.712341564Z | 63 | PC: 12b5e | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:54:37.719637067Z | 66 | PC: 12b6d | Move file pointer |
| 2018-12-17T22:54:37.730191476Z | 66 | PC: 12b7c | Move file pointer |
| 2018-12-17T22:54:37.731794304Z | 64 | PC: 12b88 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:54:37.734821478Z | 66 | PC: 12b94 | Move file pointer |
| 2018-12-17T22:54:37.736703278Z | 44 | PC: 12b98 | Get time 0x12b98: mov byte ptr [bp + 0x17b], dl 0x12b9c: call 0x12bb2 0x12b9f: mov ah, 0x40 0x12ba1: mov cx, 0x17b 0x12ba4: lea dx, word ptr [bp + 6] 0x12ba8: int 0x21 0x12baa: call 0x12bb2 0x12bad: mov ah, 0x3e 0x12baf: int 0x21 0x12bb1: ret 0x12bb2: lea si, word ptr [bp + 0x11] 0x12bb6: mov cx, 0x14b 0x12bb9: xor byte ptr [si], 0x46 0x12bbc: inc si 0x12bbd: dec cx 0x12bbe: jne 0x12bb9 0x12bc0: ret 0x12bc1: add word ptr [bx], di 0x12bc3: aas 0x12bc4: aas |
| 2018-12-17T22:54:37.739796962Z | 64 | PC: 12baa | Write file or device (Write 379 bytes on handle 5) |
| 2018-12-17T22:54:37.743011153Z | 62 | PC: 12bb1 | Close file |
| 2018-12-17T22:54:37.752529011Z | 79 | PC: 12ab9 | Find next file |
| 2018-12-17T22:54:37.757248532Z | 61 | PC: 12b4f | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T22:54:37.765244388Z | 63 | PC: 12b5e | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:54:37.773155483Z | 66 | PC: 12b6d | Move file pointer |
| 2018-12-17T22:54:37.777706396Z | 66 | PC: 12b7c | Move file pointer |
| 2018-12-17T22:54:37.779733887Z | 64 | PC: 12b88 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:54:37.782732378Z | 66 | PC: 12b94 | Move file pointer |
| 2018-12-17T22:54:37.786085501Z | 44 | PC: 12b98 | Get time 0x12b98: mov byte ptr [bp + 0x17b], dl 0x12b9c: call 0x12bb2 0x12b9f: mov ah, 0x40 0x12ba1: mov cx, 0x17b 0x12ba4: lea dx, word ptr [bp + 6] 0x12ba8: int 0x21 0x12baa: call 0x12bb2 0x12bad: mov ah, 0x3e 0x12baf: int 0x21 0x12bb1: ret 0x12bb2: lea si, word ptr [bp + 0x11] 0x12bb6: mov cx, 0x14b 0x12bb9: xor byte ptr [si], 0x46 0x12bbc: inc si 0x12bbd: dec cx 0x12bbe: jne 0x12bb9 0x12bc0: ret 0x12bc1: add word ptr [bx], di 0x12bc3: aas 0x12bc4: aas |
| 2018-12-17T22:54:37.788718048Z | 64 | PC: 12baa | Write file or device (Write 379 bytes on handle 5) |
| 2018-12-17T22:54:37.791936278Z | 62 | PC: 12bb1 | Close file |
| 2018-12-17T22:54:37.801511868Z | 79 | PC: 12ab9 | Find next file |
| 2018-12-17T22:54:37.804434359Z | 61 | PC: 12b4f | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T22:54:37.811659495Z | 63 | PC: 12b5e | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:54:37.819532801Z | 66 | PC: 12b6d | Move file pointer |
| 2018-12-17T22:54:37.822179747Z | 66 | PC: 12b7c | Move file pointer |
| 2018-12-17T22:54:37.823832989Z | 64 | PC: 12b88 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:54:37.827190851Z | 66 | PC: 12b94 | Move file pointer |
| 2018-12-17T22:54:37.829265276Z | 44 | PC: 12b98 | Get time 0x12b98: mov byte ptr [bp + 0x17b], dl 0x12b9c: call 0x12bb2 0x12b9f: mov ah, 0x40 0x12ba1: mov cx, 0x17b 0x12ba4: lea dx, word ptr [bp + 6] 0x12ba8: int 0x21 0x12baa: call 0x12bb2 0x12bad: mov ah, 0x3e 0x12baf: int 0x21 0x12bb1: ret 0x12bb2: lea si, word ptr [bp + 0x11] 0x12bb6: mov cx, 0x14b 0x12bb9: xor byte ptr [si], 0x4c 0x12bbc: inc si 0x12bbd: dec cx 0x12bbe: jne 0x12bb9 0x12bc0: ret 0x12bc1: add word ptr [bx], di 0x12bc3: aas 0x12bc4: aas |
| 2018-12-17T22:54:37.831806575Z | 64 | PC: 12baa | Write file or device (Write 379 bytes on handle 5) |
| 2018-12-17T22:54:37.835144248Z | 62 | PC: 12bb1 | Close file |
| 2018-12-17T22:54:37.86688298Z | 79 | PC: 12ab9 | Find next file |
| 2018-12-17T22:54:37.869772327Z | 61 | PC: 12b4f | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T22:54:37.876979083Z | 63 | PC: 12b5e | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:54:37.886229305Z | 66 | PC: 12b6d | Move file pointer |
| 2018-12-17T22:54:37.888161664Z | 66 | PC: 12b7c | Move file pointer |
| 2018-12-17T22:54:37.889805304Z | 64 | PC: 12b88 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:54:37.893474479Z | 66 | PC: 12b94 | Move file pointer |
| 2018-12-17T22:54:37.895454277Z | 44 | PC: 12b98 | Get time 0x12b98: mov byte ptr [bp + 0x17b], dl 0x12b9c: call 0x12bb2 0x12b9f: mov ah, 0x40 0x12ba1: mov cx, 0x17b 0x12ba4: lea dx, word ptr [bp + 6] 0x12ba8: int 0x21 0x12baa: call 0x12bb2 0x12bad: mov ah, 0x3e 0x12baf: int 0x21 0x12bb1: ret 0x12bb2: lea si, word ptr [bp + 0x11] 0x12bb6: mov cx, 0x14b 0x12bb9: xor byte ptr [si], 0x51 0x12bbc: inc si 0x12bbd: dec cx 0x12bbe: jne 0x12bb9 0x12bc0: ret 0x12bc1: add word ptr [bx], di 0x12bc3: aas 0x12bc4: aas |
| 2018-12-17T22:54:37.898746844Z | 64 | PC: 12baa | Write file or device (Write 379 bytes on handle 5) |
| 2018-12-17T22:54:37.908962207Z | 62 | PC: 12bb1 | Close file |
| 2018-12-17T22:54:37.918751627Z | 79 | PC: 12ab9 | Find next file |
| 2018-12-17T22:54:37.922180874Z | 61 | PC: 12b4f | Open file (Filename = 'PAH.COM') |
| 2018-12-17T22:54:37.929810633Z | 63 | PC: 12b5e | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:54:37.938252677Z | 66 | PC: 12b6d | Move file pointer |
| 2018-12-17T22:54:37.939894201Z | 66 | PC: 12b7c | Move file pointer |
| 2018-12-17T22:54:37.941500056Z | 64 | PC: 12b88 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:54:37.945141763Z | 66 | PC: 12b94 | Move file pointer |
| 2018-12-17T22:54:37.946521167Z | 44 | PC: 12b98 | Get time 0x12b98: mov byte ptr [bp + 0x17b], dl 0x12b9c: call 0x12bb2 0x12b9f: mov ah, 0x40 0x12ba1: mov cx, 0x17b 0x12ba4: lea dx, word ptr [bp + 6] 0x12ba8: int 0x21 0x12baa: call 0x12bb2 0x12bad: mov ah, 0x3e 0x12baf: int 0x21 0x12bb1: ret 0x12bb2: lea si, word ptr [bp + 0x11] 0x12bb6: mov cx, 0x14b 0x12bb9: xor byte ptr [si], 0x57 0x12bbc: inc si 0x12bbd: dec cx 0x12bbe: jne 0x12bb9 0x12bc0: ret 0x12bc1: add word ptr [bx], di 0x12bc3: aas 0x12bc4: aas |
| 2018-12-17T22:54:37.949065195Z | 64 | PC: 12baa | Write file or device (Write 379 bytes on handle 5) |
| 2018-12-17T22:54:37.953551146Z | 62 | PC: 12bb1 | Close file |
| 2018-12-17T22:54:37.963171167Z | 79 | PC: 12ab9 | Find next file |
| 2018-12-17T22:54:37.966835765Z | 61 | PC: 12b4f | Open file (Filename = 'TEST.COM') |
| 2018-12-17T22:54:37.976383206Z | 63 | PC: 12b5e | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:54:37.980611922Z | 62 | PC: 12bb1 | Close file |
| 2018-12-17T22:54:37.983833831Z | 79 | PC: 12ab9 | Find next file |
| 2018-12-17T22:54:37.987425429Z | 59 | PC: 12aca | Change current directory |
| 2018-12-17T22:54:37.993119659Z | 26 | PC: 12ad3 | Set disk transfer address |