.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:55:22.871372636Z | 44 | PC: 12c6e | Get time 0x12c6e: cmp al, 0x88 0x12c70: je 0x12ccb 0x12c72: push es 0x12c73: mov ax, 0x3521 0x12c76: int 0x21 0x12c78: mov word ptr cs:[bp + 0x126], es 0x12c7d: mov word ptr cs:[bp + 0x128], bx 0x12c82: pop es 0x12c83: mov ah, 0x4a 0x12c85: mov bx, 0xffff 0x12c88: int 0x21 0x12c8a: mov ah, 0x4a 0x12c8c: sub bx, 0x101 0x12c90: int 0x21 0x12c92: mov ah, 0x48 0x12c94: mov bx, 0x100 0x12c97: int 0x21 0x12c99: dec ax 0x12c9a: mov es, ax 0x12c9c: mov byte ptr es:[0], 0x5a |
| 2018-12-17T22:55:22.874648326Z | 53 | PC: 12c78 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:55:22.875954689Z | 74 | PC: 12c8a | Reallocate memory |
| 2018-12-17T22:55:22.877614817Z | 74 | PC: 12c92 | Reallocate memory |
| 2018-12-17T22:55:22.880996351Z | 72 | PC: 12c99 | Allocate memory |
| 2018-12-17T22:55:22.88262801Z | 37 | PC: 12cca | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:55:22.885028314Z | 9 | PC: 12a82 | Display string (String= 'Goat file (EXE). Size=000003E8h/0000001000d bytes. ') |
| 2018-12-17T22:55:22.889890384Z | 76 | PC: 12a86 | Terminate with return code (Return code = '36') |