.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:54:51.432464329Z | 240 | PC: 16840 | UNKNOWN! |
| 2018-12-17T22:54:51.434719932Z | 74 | PC: 1339e | Reallocate memory |
| 2018-12-17T22:54:51.436524898Z | 53 | PC: 133b0 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:54:51.437951932Z | 37 | PC: 1314a | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:54:51.439795981Z | 53 | PC: 1314a | Get interrupt vector (Interrupt = '8' AKA 'Console input without echo') |
| 2018-12-17T22:54:51.442004546Z | 37 | PC: 1314a | Set interrupt vector (Interrupt = '8' AKA 'Console input without echo') |
| 2018-12-17T22:54:51.44417064Z | 26 | PC: 1314a | Set disk transfer address |
| 2018-12-17T22:54:51.445973121Z | 78 | PC: 1314a | Find first file |
| 2018-12-17T22:54:51.459020244Z | 53 | PC: 1314a | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:54:51.460417202Z | 37 | PC: 1314a | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:54:51.461739639Z | 61 | PC: 1314a | Open file (Filename = 'A:TEST.EXE') |
| 2018-12-17T22:54:51.470019485Z | 66 | PC: 1314a | Move file pointer |
| 2018-12-17T22:54:51.473067779Z | 63 | PC: 1314a | Read file or device (Read 11 bytes on handle 5) |
| 2018-12-17T22:54:51.476564117Z | 66 | PC: 1314a | Move file pointer |
| 2018-12-17T22:54:51.478606889Z | 63 | PC: 1314a | Read file or device (Read 2 bytes on handle 5) |
| 2018-12-17T22:54:51.492339331Z | 62 | PC: 1314a | Close file |
| 2018-12-17T22:54:51.494702697Z | 37 | PC: 1314a | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:54:51.496900161Z | 75 | PC: 1314a | Execute program |
| 2018-12-17T22:54:51.520440753Z | 53 | PC: 16fa2 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:54:51.522173613Z | 53 | PC: 16fa2 | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:54:51.524578667Z | 53 | PC: 16fa2 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:54:51.526340381Z | 53 | PC: 16fa2 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:54:51.528021935Z | 53 | PC: 16fa2 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:54:51.529869991Z | 53 | PC: 16fa2 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:54:51.534640776Z | 53 | PC: 16fa2 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:54:51.536610191Z | 53 | PC: 16fa2 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:54:51.538212665Z | 53 | PC: 16fa2 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:54:51.54570065Z | 53 | PC: 16fa2 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:54:51.547496689Z | 53 | PC: 16fa2 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:54:51.549253243Z | 53 | PC: 16fa2 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:54:51.552254489Z | 53 | PC: 16fa2 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:54:51.554166235Z | 53 | PC: 16fa2 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:54:51.55589658Z | 53 | PC: 16fa2 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:54:51.558557857Z | 53 | PC: 16fa2 | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:54:51.560188594Z | 53 | PC: 16fa2 | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:54:51.561726497Z | 53 | PC: 16fa2 | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:54:51.566955494Z | 53 | PC: 16fa2 | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:54:51.568363262Z | 37 | PC: 16fb7 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:54:51.569682644Z | 37 | PC: 16fbf | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:54:51.571852625Z | 37 | PC: 16fc7 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:54:51.573150316Z | 37 | PC: 16fcf | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:54:51.574860824Z | 68 | PC: 175a2 | I/O control for devices (Set for = '') |
| 2018-12-17T22:54:51.637862989Z | 37 | PC: 16705 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:54:51.641731827Z | 48 | PC: 16c94 | Get DOS version |
| 2018-12-17T22:54:51.643324903Z | 48 | PC: 16c94 | Get DOS version |
| 2018-12-17T22:54:51.645038176Z | 25 | PC: 18663 | Get default drive |
| 2018-12-17T22:54:51.647113581Z | 71 | PC: 18676 | Get current directory |
| 2018-12-17T22:54:51.650962812Z | 14 | PC: 186bc | Set default drive (Drive = 'Z') |
| 2018-12-17T22:54:51.65259403Z | 25 | PC: 186c0 | Get default drive |
| 2018-12-17T22:54:51.655615694Z | 14 | PC: 186bc | Set default drive (Drive = 'Y') |
| 2018-12-17T22:54:51.656914367Z | 25 | PC: 186c0 | Get default drive |
| 2018-12-17T22:54:51.658535577Z | 14 | PC: 186bc | Set default drive (Drive = 'X') |
| 2018-12-17T22:54:51.660691403Z | 25 | PC: 186c0 | Get default drive |
| 2018-12-17T22:54:51.662442677Z | 14 | PC: 186bc | Set default drive (Drive = 'W') |
| 2018-12-17T22:54:51.664560801Z | 25 | PC: 186c0 | Get default drive |
| 2018-12-17T22:54:51.667651655Z | 14 | PC: 186bc | Set default drive (Drive = 'V') |
| 2018-12-17T22:54:51.668959345Z | 25 | PC: 186c0 | Get default drive |
| 2018-12-17T22:54:51.670628485Z | 14 | PC: 186bc | Set default drive (Drive = 'U') |
| 2018-12-17T22:54:51.672745617Z | 25 | PC: 186c0 | Get default drive |
| 2018-12-17T22:54:51.675269395Z | 14 | PC: 186bc | Set default drive (Drive = 'T') |
| 2018-12-17T22:54:51.676671132Z | 25 | PC: 186c0 | Get default drive |
| 2018-12-17T22:54:51.679022265Z | 14 | PC: 186bc | Set default drive (Drive = 'S') |
| 2018-12-17T22:54:51.680637573Z | 25 | PC: 186c0 | Get default drive |
| 2018-12-17T22:54:51.682583274Z | 14 | PC: 186bc | Set default drive (Drive = 'R') |
| 2018-12-17T22:54:51.689510585Z | 25 | PC: 186c0 | Get default drive |
| 2018-12-17T22:54:51.691297496Z | 14 | PC: 186bc | Set default drive (Drive = 'Q') |
| 2018-12-17T22:54:51.693903278Z | 25 | PC: 186c0 | Get default drive |
| 2018-12-17T22:54:51.696478141Z | 14 | PC: 186bc | Set default drive (Drive = 'P') |
| 2018-12-17T22:54:51.698124127Z | 25 | PC: 186c0 | Get default drive |
| 2018-12-17T22:54:51.699760756Z | 14 | PC: 186bc | Set default drive (Drive = 'O') |
| 2018-12-17T22:54:51.702118732Z | 25 | PC: 186c0 | Get default drive |
| 2018-12-17T22:54:51.703955667Z | 14 | PC: 186bc | Set default drive (Drive = 'N') |
| 2018-12-17T22:54:51.705661556Z | 25 | PC: 186c0 | Get default drive |
| 2018-12-17T22:54:51.707947146Z | 14 | PC: 186bc | Set default drive (Drive = 'M') |
| 2018-12-17T22:54:51.710114283Z | 25 | PC: 186c0 | Get default drive |
| 2018-12-17T22:54:51.71174496Z | 14 | PC: 186bc | Set default drive (Drive = 'L') |
| 2018-12-17T22:54:51.713088077Z | 25 | PC: 186c0 | Get default drive |
| 2018-12-17T22:54:51.71542341Z | 14 | PC: 186bc | Set default drive (Drive = 'K') |
| 2018-12-17T22:54:51.717828154Z | 25 | PC: 186c0 | Get default drive |
| 2018-12-17T22:54:51.719412604Z | 14 | PC: 186bc | Set default drive (Drive = 'J') |
| 2018-12-17T22:54:51.721412937Z | 25 | PC: 186c0 | Get default drive |
| 2018-12-17T22:54:51.723433378Z | 14 | PC: 186bc | Set default drive (Drive = 'I') |
| 2018-12-17T22:54:51.724876513Z | 25 | PC: 186c0 | Get default drive |
| 2018-12-17T22:54:51.733095142Z | 14 | PC: 186bc | Set default drive (Drive = 'H') |
| 2018-12-17T22:54:51.734882595Z | 25 | PC: 186c0 | Get default drive |
| 2018-12-17T22:54:51.736842051Z | 14 | PC: 186bc | Set default drive (Drive = 'G') |
| 2018-12-17T22:54:51.739574992Z | 25 | PC: 186c0 | Get default drive |
| 2018-12-17T22:54:51.742501377Z | 14 | PC: 186bc | Set default drive (Drive = 'F') |
| 2018-12-17T22:54:51.744227584Z | 25 | PC: 186c0 | Get default drive |
| 2018-12-17T22:54:51.747421572Z | 14 | PC: 186bc | Set default drive (Drive = 'E') |
| 2018-12-17T22:54:51.749255502Z | 25 | PC: 186c0 | Get default drive |
| 2018-12-17T22:54:51.751320246Z | 14 | PC: 186bc | Set default drive (Drive = 'D') |
| 2018-12-17T22:54:51.754160279Z | 25 | PC: 186c0 | Get default drive |
| 2018-12-17T22:54:51.756215314Z | 14 | PC: 186bc | Set default drive (Drive = 'C') |
| 2018-12-17T22:54:51.757999841Z | 25 | PC: 186c0 | Get default drive |
| 2018-12-17T22:54:51.759981849Z | 14 | PC: 186bc | Set default drive (Drive = 'A') |
| 2018-12-17T22:54:51.762530924Z | 25 | PC: 186c0 | Get default drive |
| 2018-12-17T22:54:51.764241482Z | 59 | PC: 1872a | Change current directory |
| 2018-12-17T22:54:51.769563905Z | 42 | PC: 16d08 | Get date 0x16d08: xor ah, ah 0x16d0a: les di, ptr [bp + 6] 0x16d0d: stosw word ptr es:[di], ax 0x16d0e: mov al, dl 0x16d10: les di, ptr [bp + 0xa] 0x16d13: stosw word ptr es:[di], ax 0x16d14: mov al, dh 0x16d16: les di, ptr [bp + 0xe] 0x16d19: stosw word ptr es:[di], ax 0x16d1a: xchg ax, cx 0x16d1b: les di, ptr [bp + 0x12] 0x16d1e: stosw word ptr es:[di], ax 0x16d1f: pop bp 0x16d20: retf 0x10 0x16d23: push bp 0x16d24: mov bp, sp 0x16d26: mov cx, word ptr [bp + 0xa] 0x16d29: mov dh, byte ptr [bp + 8] 0x16d2c: mov dl, byte ptr [bp + 6] 0x16d2f: mov ah, 0x2b |
| 2018-12-17T22:54:51.772986233Z | 53 | PC: 16db1 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:54:51.774694807Z | 37 | PC: 16dcd | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:54:51.788147483Z | 44 | PC: 18152 | Get time 0x18152: mov word ptr [0x6c], cx 0x18156: mov word ptr [0x6e], dx 0x1815a: retf 0x1815b: push di 0x1815c: cld 0x1815d: mov bx, ax 0x1815f: or dx, dx 0x18161: jge 0x18170 0x18163: not bx 0x18165: not dx 0x18167: add bx, 1 0x1816a: adc dx, 0 0x1816d: mov al, 0x2d 0x1816f: stosb byte ptr es:[di], al 0x18170: mov si, 0x125d 0x18173: mov cl, 9 0x18175: cmp dx, word ptr cs:[si + 2] 0x18179: jb 0x18182 0x1817b: ja 0x18189 0x1817d: cmp bx, word ptr cs:[si] |
| 2018-12-17T22:54:51.793083037Z | 60 | PC: 17589 | Create or truncate file |
| 2018-12-17T22:54:52.14406185Z | 68 | PC: 175a2 | I/O control for devices (Set for = 'C:\UHNQF1X2') |
| 2018-12-17T22:54:52.146537807Z | 64 | PC: 17680 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:54:52.157883821Z | 62 | PC: 176bf | Close file |
| 2018-12-17T22:54:52.166781829Z | 86 | PC: 1856a | Rename file |
| 2018-12-17T22:54:52.178586174Z | 41 | PC: 16e33 | Parse filename |
| 2018-12-17T22:54:52.18170429Z | 41 | PC: 16e41 | Parse filename |
| 2018-12-17T22:54:52.184193833Z | 26 | PC: 1314a | Set disk transfer address |
| 2018-12-17T22:54:52.186046678Z | 78 | PC: 1314a | Find first file |
| 2018-12-17T22:54:52.193299681Z | 53 | PC: 1314a | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:54:52.195277392Z | 37 | PC: 1314a | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:54:52.19706262Z | 61 | PC: 1314a | Open file (Filename = 'C:\UHNQF1X2.COM') |
| 2018-12-17T22:54:52.204166043Z | 66 | PC: 1314a | Move file pointer |
| 2018-12-17T22:54:52.206213314Z | 63 | PC: 1314a | Read file or device (Read 11 bytes on handle 5) |
| 2018-12-17T22:54:52.208271285Z | 66 | PC: 1314a | Move file pointer |
| 2018-12-17T22:54:52.210284713Z | 63 | PC: 1314a | Read file or device (Read 2 bytes on handle 5) |
| 2018-12-17T22:54:52.213132219Z | 62 | PC: 1314a | Close file |
| 2018-12-17T22:54:52.215096574Z | 37 | PC: 1314a | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:54:52.216385839Z | 75 | PC: 16e4c | Execute program |
| 2018-12-17T22:54:52.230557188Z | 61 | PC: 1314a | Open file (Filename = 'C:\UHNQF1X2.COM') |
| 2018-12-17T22:54:52.237532879Z | 66 | PC: 1314a | Move file pointer |
| 2018-12-17T22:54:52.239358423Z | 63 | PC: 1314a | Read file or device (Read 2 bytes on handle 5) |
| 2018-12-17T22:54:52.242659262Z | 62 | PC: 1314a | Close file |
| 2018-12-17T22:54:52.244671638Z | 61 | PC: 1314a | Open file (Filename = 'C:\UHNQF1X2.COM') |
| 2018-12-17T22:54:52.252112726Z | 86 | PC: 1856a | Rename file |
| 2018-12-17T22:54:52.265307236Z | 61 | PC: 1835f | Open file (Filename = 'C:\UHNQF1X2') |
| 2018-12-17T22:54:52.272436828Z | 66 | PC: 184fb | Move file pointer |
| 2018-12-17T22:54:52.274292268Z | 66 | PC: 18509 | Move file pointer |
| 2018-12-17T22:54:52.276736416Z | 66 | PC: 18517 | Move file pointer |
| 2018-12-17T22:54:52.279278047Z | 62 | PC: 183af | Close file |
| 2018-12-17T22:54:52.309590247Z | 37 | PC: 170b6 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:54:52.312008316Z | 37 | PC: 170b6 | Set interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:54:52.313435451Z | 37 | PC: 170b6 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:54:52.31482793Z | 37 | PC: 170b6 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:54:52.317378528Z | 37 | PC: 170b6 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:54:52.318749687Z | 37 | PC: 170b6 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:54:52.319945697Z | 37 | PC: 170b6 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:54:52.32193Z | 37 | PC: 170b6 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:54:52.323189309Z | 37 | PC: 170b6 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:54:52.324367085Z | 37 | PC: 170b6 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:54:52.326508262Z | 37 | PC: 170b6 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:54:52.327614293Z | 37 | PC: 170b6 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:54:52.329123452Z | 37 | PC: 170b6 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:54:52.331047922Z | 37 | PC: 170b6 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:54:52.332194138Z | 37 | PC: 170b6 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:54:52.333464818Z | 37 | PC: 170b6 | Set interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:54:52.335355785Z | 37 | PC: 170b6 | Set interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:54:52.33653864Z | 37 | PC: 170b6 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:54:52.337836812Z | 37 | PC: 170b6 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:54:52.342015132Z | 76 | PC: 170f5 | Terminate with return code (Return code = '1') |
| 2018-12-17T22:54:52.345135292Z | 73 | PC: 1314a | Release memory |
| 2018-12-17T22:54:52.348114847Z | 77 | PC: 1314a | Get program return code |
| 2018-12-17T22:54:52.350706792Z | 49 | PC: 13410 | Terminate and stay resident (Return code = '1' | Memory size = '219') |