.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T22:55:23.246462435Z | 48 | PC: 14ae1 | Get DOS version |
| 2018-12-17T22:55:23.249091453Z | 53 | PC: 14b60 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:55:23.250714547Z | 37 | PC: 14b97 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:55:23.252009242Z | 48 | PC: 14bfd | Get DOS version |
| 2018-12-17T22:55:23.257591026Z | 53 | PC: 14c07 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:55:23.259653271Z | 37 | PC: 14c1c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:55:23.2616175Z | 47 | PC: 14c22 | Get disk transfer address |
| 2018-12-17T22:55:23.264419904Z | 26 | PC: 14c32 | Set disk transfer address |
| 2018-12-17T22:55:23.266544795Z | 78 | PC: 14c3c | Find first file |
| 2018-12-17T22:55:23.274288223Z | 53 | PC: 9ef3c | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:55:23.276244155Z | 37 | PC: 9ef3c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:55:23.278680946Z | 67 | PC: 9ef3c | Get or set file attributes |
| 2018-12-17T22:55:23.285666821Z | 67 | PC: 9ef3c | Get or set file attributes |
| 2018-12-17T22:55:23.312550665Z | 61 | PC: 9ef3c | Open file (Filename = '5KE.EXE') |
| 2018-12-17T22:55:23.321196253Z | 87 | PC: 9ef3c | Get or set file date and time |
| 2018-12-17T22:55:23.322840041Z | 66 | PC: 9ef3c | Move file pointer |
| 2018-12-17T22:55:23.32444137Z | 66 | PC: 9ef3c | Move file pointer |
| 2018-12-17T22:55:23.326734355Z | 63 | PC: 9ef3c | Read file or device (Read 28 bytes on handle 5) |
| 2018-12-17T22:55:23.334221964Z | 66 | PC: 9ef3c | Move file pointer |
| 2018-12-17T22:55:23.336056485Z | 63 | PC: 9ef3c | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:55:23.344746926Z | 62 | PC: 9ef3c | Close file |
| 2018-12-17T22:55:23.346918457Z | 42 | PC: 9ef3c | Get date 0x9ef3c: ret
0x9ef3d: push ds
0x9ef3e: pop es
0x9ef3f: push ds
0x9ef40: pop word ptr cs:[0xe36]
0x9ef45: mov word ptr cs:[0xe34], dx
0x9ef4a: mov ax, 0x4300
0x9ef4d: call 0xaef36
0x9ef50: jb 0x9ef27
0x9ef52: test cx, 0x1e
0x9ef56: jne 0x9ef27
0x9ef58: mov word ptr cs:[0xe3a], cx
0x9ef5d: and cx, 0xfe
0x9ef61: mov dx, word ptr cs:[0xe34]
0x9ef66: mov ax, 0x4301
0x9ef69: call 0xaef36
0x9ef6c: jb 0x9ef27
0x9ef6e: mov dx, word ptr cs:[0xe34]
0x9ef73: mov di, dx
0x9ef75: xor al, al
|
| 2018-12-17T22:55:23.349790655Z | 37 | PC: 9ef3c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:55:23.352553298Z | 61 | PC: 14c46 | Open file (Filename = '') |
| 2018-12-17T22:55:23.362092201Z | 62 | PC: 14c4e | Close file |
| 2018-12-17T22:55:23.364192483Z | 79 | PC: 14c5a | Find next file |
| 2018-12-17T22:55:23.36710052Z | 37 | PC: 14c6c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:55:23.369064207Z | 26 | PC: 14c75 | Set disk transfer address |
| 2018-12-17T22:55:23.370409888Z | 222 | PC: 14314 | UNKNOWN! |
| 2018-12-17T22:55:23.371957257Z | 128 | PC: 12cc3 | UNKNOWN! |
| 2018-12-17T22:55:23.378483858Z | 49 | PC: 12dba | Terminate and stay resident (Return code = '0' | Memory size = '191') |
| 2018-12-17T22:55:23.381249723Z | 47 | PC: 12f7c | Get disk transfer address |
| 2018-12-17T22:55:23.382513849Z | 26 | PC: 12f8d | Set disk transfer address |
| 2018-12-17T22:55:23.384489549Z | 78 | PC: 12f97 | Find first file |
| 2018-12-17T22:55:23.391075534Z | 67 | PC: 1310e | Get or set file attributes |
| 2018-12-17T22:55:23.402020874Z | 61 | PC: 12fca | Open file (Filename = 'TEST.EXE') |
| 2018-12-17T22:55:23.410185831Z | 66 | PC: 13104 | Move file pointer |
| 2018-12-17T22:55:23.411714547Z | 63 | PC: 12fdd | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-17T22:55:23.414369198Z | 62 | PC: 13011 | Close file |
| 2018-12-17T22:55:23.416970524Z | 67 | PC: 1310e | Get or set file attributes |
| 2018-12-17T22:55:23.428780225Z | 79 | PC: 12fa6 | Find next file |
| 2018-12-17T22:55:23.430604008Z | 26 | PC: 130f9 | Set disk transfer address |
| 2018-12-17T22:55:23.432424286Z | 53 | PC: 9ef3c | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:55:23.43352399Z | 37 | PC: 9ef3c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:55:23.434553463Z | 67 | PC: 9ef3c | Get or set file attributes |
| 2018-12-17T22:55:23.438586446Z | 67 | PC: 9ef3c | Get or set file attributes |
| 2018-12-17T22:55:23.446289391Z | 61 | PC: 9ef3c | Open file (Filename = '4 Microsoft Corp Licensed Material - Property of Microsoft All rights reserved �') |
| 2018-12-17T22:55:23.45100537Z | 87 | PC: 9ef3c | Get or set file date and time |
| 2018-12-17T22:55:23.452874487Z | 66 | PC: 9ef3c | Move file pointer |
| 2018-12-17T22:55:23.454375726Z | 66 | PC: 9ef3c | Move file pointer |
| 2018-12-17T22:55:23.455832674Z | 63 | PC: 9ef3c | Read file or device (Read 28 bytes on handle 5) |
| 2018-12-17T22:55:23.457758635Z | 66 | PC: 9ef3c | Move file pointer |
| 2018-12-17T22:55:23.459878863Z | 63 | PC: 9ef3c | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:55:23.462210893Z | 62 | PC: 9ef3c | Close file |
| 2018-12-17T22:55:23.464227648Z | 42 | PC: 9ef3c | Get date 0x9ef3c: ret
0x9ef3d: push ds
0x9ef3e: pop es
0x9ef3f: push ds
0x9ef40: pop word ptr cs:[0xe36]
0x9ef45: mov word ptr cs:[0xe34], dx
0x9ef4a: mov ax, 0x4300
0x9ef4d: call 0xaef36
0x9ef50: jb 0x9ef27
0x9ef52: test cx, 0x1e
0x9ef56: jne 0x9ef27
0x9ef58: mov word ptr cs:[0xe3a], cx
0x9ef5d: and cx, 0xfe
0x9ef61: mov dx, word ptr cs:[0xe34]
0x9ef66: mov ax, 0x4301
0x9ef69: call 0xaef36
0x9ef6c: jb 0x9ef27
0x9ef6e: mov dx, word ptr cs:[0xe34]
0x9ef73: mov di, dx
0x9ef75: xor al, al
|
| 2018-12-17T22:55:23.467747688Z | 37 | PC: 9ef3c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:55:23.470107596Z | 75 | PC: 12df9 | Execute program |
| 2018-12-17T22:55:23.489424452Z | 48 | PC: 15731 | Get DOS version |
| 2018-12-17T22:55:23.491983536Z | 48 | PC: 1584d | Get DOS version |
| 2018-12-17T22:55:23.493533198Z | 53 | PC: 15857 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:55:23.495133369Z | 37 | PC: 1586c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:55:23.497292617Z | 47 | PC: 15872 | Get disk transfer address |
| 2018-12-17T22:55:23.498884591Z | 26 | PC: 15882 | Set disk transfer address |
| 2018-12-17T22:55:23.500407666Z | 78 | PC: 1588c | Find first file |
| 2018-12-17T22:55:23.515433727Z | 53 | PC: 9ef3c | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:55:23.517262284Z | 37 | PC: 9ef3c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:55:23.518866954Z | 67 | PC: 9ef3c | Get or set file attributes |
| 2018-12-17T22:55:23.525956561Z | 67 | PC: 9ef3c | Get or set file attributes |
| 2018-12-17T22:55:23.538535821Z | 61 | PC: 9ef3c | Open file (Filename = '5KE.EXE') |
| 2018-12-17T22:55:23.546365526Z | 87 | PC: 9ef3c | Get or set file date and time |
| 2018-12-17T22:55:23.548358781Z | 66 | PC: 9ef3c | Move file pointer |
| 2018-12-17T22:55:23.551537136Z | 66 | PC: 9ef3c | Move file pointer |
| 2018-12-17T22:55:23.553618382Z | 63 | PC: 9ef3c | Read file or device (Read 28 bytes on handle 5) |
| 2018-12-17T22:55:23.556941149Z | 66 | PC: 9ef3c | Move file pointer |
| 2018-12-17T22:55:23.559153289Z | 63 | PC: 9ef3c | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:55:23.56264218Z | 62 | PC: 9ef3c | Close file |
| 2018-12-17T22:55:23.565120871Z | 42 | PC: 9ef3c | Get date 0x9ef3c: ret
0x9ef3d: push ds
0x9ef3e: pop es
0x9ef3f: push ds
0x9ef40: pop word ptr cs:[0xe36]
0x9ef45: mov word ptr cs:[0xe34], dx
0x9ef4a: mov ax, 0x4300
0x9ef4d: call 0xaef36
0x9ef50: jb 0x9ef27
0x9ef52: test cx, 0x1e
0x9ef56: jne 0x9ef27
0x9ef58: mov word ptr cs:[0xe3a], cx
0x9ef5d: and cx, 0xfe
0x9ef61: mov dx, word ptr cs:[0xe34]
0x9ef66: mov ax, 0x4301
0x9ef69: call 0xaef36
0x9ef6c: jb 0x9ef27
0x9ef6e: mov dx, word ptr cs:[0xe34]
0x9ef73: mov di, dx
0x9ef75: xor al, al
|
| 2018-12-17T22:55:23.569030042Z | 37 | PC: 9ef3c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:55:23.571173402Z | 61 | PC: 15896 | Open file (Filename = '') |
| 2018-12-17T22:55:23.578916019Z | 62 | PC: 1589e | Close file |
| 2018-12-17T22:55:23.581824209Z | 79 | PC: 158aa | Find next file |
| 2018-12-17T22:55:23.584604542Z | 37 | PC: 158bc | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:55:23.586076905Z | 26 | PC: 158c5 | Set disk transfer address |
| 2018-12-17T22:55:23.588169175Z | 222 | PC: 12e18 | UNKNOWN! |
| 2018-12-17T22:55:23.589301996Z | 9 | PC: 136ac | Display string (Could not find end pointer) |
| 2018-12-17T22:55:23.595767089Z | 76 | PC: 136b1 | Terminate with return code (Return code = '0') |
