.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:55:38.730610247Z | 47 | PC: 13e60 | Get disk transfer address |
| 2018-12-17T22:55:38.733243768Z | 26 | PC: 13e68 | Set disk transfer address |
| 2018-12-17T22:55:38.734527948Z | 42 | PC: 14007 | Get date 0x14007: mov al, dl 0x14009: cwde 0x1400a: ret 0x1400b: and byte ptr [bx + di + 0x7a], al 0x1400e: push dx 0x1400f: dec sp 0x14010: and byte ptr [bx + si], ch 0x14012: arpl word ptr [bx + di], bp 0x14014: and byte ptr [bx + di], dh 0x14016: cmp word ptr [bx + di], di 0x14018: xor sp, word ptr [bx + si] 0x1401a: sub ax, 0x4120 0x1401d: pop dx 0x1401e: push dx 0x1401f: inc cx 0x14020: inc bp 0x14021: dec sp 0x14022: and byte ptr [bp + si + 0x59], al 0x14025: and byte ptr [bp + di + 0x61], dl 0x14028: push sp |
| 2018-12-17T22:55:38.736951012Z | 71 | PC: 13eaf | Get current directory |
| 2018-12-17T22:55:38.740106105Z | 59 | PC: 13eb7 | Change current directory |
| 2018-12-17T22:55:38.74635754Z | 47 | PC: 13ecc | Get disk transfer address |
| 2018-12-17T22:55:38.747633923Z | 26 | PC: 13eda | Set disk transfer address |
| 2018-12-17T22:55:38.748872496Z | 78 | PC: 13ee5 | Find first file |
| 2018-12-17T22:55:38.756402997Z | 79 | PC: 13f0d | Find next file |
| 2018-12-17T22:55:38.759368003Z | 79 | PC: 13f0d | Find next file |
| 2018-12-17T22:55:38.762421303Z | 79 | PC: 13f0d | Find next file |
| 2018-12-17T22:55:38.766026332Z | 79 | PC: 13f0d | Find next file |
| 2018-12-17T22:55:38.768861351Z | 79 | PC: 13f0d | Find next file |
| 2018-12-17T22:55:38.771867954Z | 79 | PC: 13f0d | Find next file |
| 2018-12-17T22:55:38.77854152Z | 79 | PC: 13f0d | Find next file |
| 2018-12-17T22:55:38.781659921Z | 79 | PC: 13f0d | Find next file |
| 2018-12-17T22:55:38.785588452Z | 79 | PC: 13f0d | Find next file |
| 2018-12-17T22:55:38.788737411Z | 47 | PC: 13f33 | Get disk transfer address |
| 2018-12-17T22:55:38.79113881Z | 26 | PC: 13f42 | Set disk transfer address |
| 2018-12-17T22:55:38.792687662Z | 78 | PC: 13f4c | Find first file |
| 2018-12-17T22:55:38.799396891Z | 47 | PC: 13f64 | Get disk transfer address |
| 2018-12-17T22:55:38.806443787Z | 61 | PC: 13f7d | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:55:38.813986271Z | 63 | PC: 13f89 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:55:38.82142298Z | 66 | PC: 13f91 | Move file pointer |
| 2018-12-17T22:55:38.823841106Z | 62 | PC: 13f96 | Close file |
| 2018-12-17T22:55:38.826271191Z | 67 | PC: 13fb6 | Get or set file attributes |
| 2018-12-17T22:55:38.844221274Z | 61 | PC: 13fbb | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:55:38.852175079Z | 64 | PC: 13fc7 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:55:38.855170418Z | 66 | PC: 13fcf | Move file pointer |
| 2018-12-17T22:55:38.856506437Z | 64 | PC: 13fda | Write file or device (Write 549 bytes on handle 5) |
| 2018-12-17T22:55:38.872818869Z | 87 | PC: 13fe5 | Get or set file date and time |
| 2018-12-17T22:55:38.875164731Z | 62 | PC: 13fe9 | Close file |
| 2018-12-17T22:55:38.885630665Z | 67 | PC: 13ff6 | Get or set file attributes |
| 2018-12-17T22:55:38.902939987Z | 26 | PC: 13f5e | Set disk transfer address |
| 2018-12-17T22:55:38.905386438Z | 26 | PC: 13f1d | Set disk transfer address |
| 2018-12-17T22:55:38.90798507Z | 59 | PC: 13ec1 | Change current directory |
| 2018-12-17T22:55:38.910790343Z | 71 | PC: 13eaf | Get current directory |
| 2018-12-17T22:55:38.914898107Z | 59 | PC: 13eb7 | Change current directory |
| 2018-12-17T22:55:38.919922484Z | 47 | PC: 13ecc | Get disk transfer address |
| 2018-12-17T22:55:38.921826157Z | 26 | PC: 13eda | Set disk transfer address |
| 2018-12-17T22:55:38.923229994Z | 78 | PC: 13ee5 | Find first file |
| 2018-12-17T22:55:38.936708766Z | 79 | PC: 13f0d | Find next file |
| 2018-12-17T22:55:38.941262502Z | 79 | PC: 13f0d | Find next file |
| 2018-12-17T22:55:38.944277791Z | 79 | PC: 13f0d | Find next file |
| 2018-12-17T22:55:38.947188788Z | 79 | PC: 13f0d | Find next file |
| 2018-12-17T22:55:38.950589627Z | 79 | PC: 13f0d | Find next file |
| 2018-12-17T22:55:38.953908174Z | 79 | PC: 13f0d | Find next file |
| 2018-12-17T22:55:38.957005122Z | 79 | PC: 13f0d | Find next file |
| 2018-12-17T22:55:38.960947799Z | 79 | PC: 13f0d | Find next file |
| 2018-12-17T22:55:38.964224944Z | 79 | PC: 13f0d | Find next file |
| 2018-12-17T22:55:38.967295558Z | 47 | PC: 13f33 | Get disk transfer address |
| 2018-12-17T22:55:38.970143615Z | 26 | PC: 13f42 | Set disk transfer address |
| 2018-12-17T22:55:38.97187002Z | 78 | PC: 13f4c | Find first file |
| 2018-12-17T22:55:38.978476643Z | 47 | PC: 13f64 | Get disk transfer address |
| 2018-12-17T22:55:38.98079123Z | 61 | PC: 13f7d | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:55:38.988373088Z | 63 | PC: 13f89 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:55:38.995652766Z | 66 | PC: 13f91 | Move file pointer |
| 2018-12-17T22:55:38.997579738Z | 62 | PC: 13f96 | Close file |
| 2018-12-17T22:55:39.000676744Z | 79 | PC: 13f4c | Find next file |
| 2018-12-17T22:55:39.003970428Z | 47 | PC: 13f64 | Get disk transfer address |
| 2018-12-17T22:55:39.005545078Z | 61 | PC: 13f7d | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:55:39.015114419Z | 63 | PC: 13f89 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:55:39.023216257Z | 66 | PC: 13f91 | Move file pointer |
| 2018-12-17T22:55:39.025059064Z | 62 | PC: 13f96 | Close file |
| 2018-12-17T22:55:39.028164856Z | 67 | PC: 13fb6 | Get or set file attributes |
| 2018-12-17T22:55:39.039370127Z | 61 | PC: 13fbb | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:55:39.04674304Z | 64 | PC: 13fc7 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:55:39.050742412Z | 66 | PC: 13fcf | Move file pointer |
| 2018-12-17T22:55:39.052032973Z | 64 | PC: 13fda | Write file or device (Write 549 bytes on handle 5) |
| 2018-12-17T22:55:39.057366828Z | 87 | PC: 13fe5 | Get or set file date and time |
| 2018-12-17T22:55:39.059036358Z | 62 | PC: 13fe9 | Close file |
| 2018-12-17T22:55:39.064615937Z | 67 | PC: 13ff6 | Get or set file attributes |
| 2018-12-17T22:55:39.071343503Z | 26 | PC: 13f5e | Set disk transfer address |
| 2018-12-17T22:55:39.072501894Z | 26 | PC: 13f1d | Set disk transfer address |
| 2018-12-17T22:55:39.074152872Z | 59 | PC: 13ec1 | Change current directory |
| 2018-12-17T22:55:39.075671396Z | 71 | PC: 13eaf | Get current directory |
| 2018-12-17T22:55:39.083811911Z | 59 | PC: 13eb7 | Change current directory |
| 2018-12-17T22:55:39.089527034Z | 47 | PC: 13ecc | Get disk transfer address |
| 2018-12-17T22:55:39.091758352Z | 26 | PC: 13eda | Set disk transfer address |
| 2018-12-17T22:55:39.093466963Z | 78 | PC: 13ee5 | Find first file |
| 2018-12-17T22:55:39.10607246Z | 79 | PC: 13f0d | Find next file |
| 2018-12-17T22:55:39.111023548Z | 79 | PC: 13f0d | Find next file |
| 2018-12-17T22:55:39.113777536Z | 79 | PC: 13f0d | Find next file |
| 2018-12-17T22:55:39.117183128Z | 79 | PC: 13f0d | Find next file |
| 2018-12-17T22:55:39.120361329Z | 79 | PC: 13f0d | Find next file |
| 2018-12-17T22:55:39.123650675Z | 79 | PC: 13f0d | Find next file |
| 2018-12-17T22:55:39.12723555Z | 79 | PC: 13f0d | Find next file |
| 2018-12-17T22:55:39.130974213Z | 79 | PC: 13f0d | Find next file |
| 2018-12-17T22:55:39.134408083Z | 79 | PC: 13f0d | Find next file |
| 2018-12-17T22:55:39.138616876Z | 47 | PC: 13f33 | Get disk transfer address |
| 2018-12-17T22:55:39.140317692Z | 26 | PC: 13f42 | Set disk transfer address |
| 2018-12-17T22:55:39.141988694Z | 78 | PC: 13f4c | Find first file |
| 2018-12-17T22:55:39.148994674Z | 47 | PC: 13f64 | Get disk transfer address |
| 2018-12-17T22:55:39.151519462Z | 61 | PC: 13f7d | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:55:39.159906173Z | 63 | PC: 13f89 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:55:39.167267688Z | 66 | PC: 13f91 | Move file pointer |
| 2018-12-17T22:55:39.170307764Z | 62 | PC: 13f96 | Close file |
| 2018-12-17T22:55:39.172910105Z | 79 | PC: 13f4c | Find next file |
| 2018-12-17T22:55:39.176388408Z | 47 | PC: 13f64 | Get disk transfer address |
| 2018-12-17T22:55:39.179163983Z | 61 | PC: 13f7d | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:55:39.186679567Z | 63 | PC: 13f89 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:55:39.194483747Z | 66 | PC: 13f91 | Move file pointer |
| 2018-12-17T22:55:39.197789239Z | 62 | PC: 13f96 | Close file |
| 2018-12-17T22:55:39.200340043Z | 79 | PC: 13f4c | Find next file |
| 2018-12-17T22:55:39.203720625Z | 47 | PC: 13f64 | Get disk transfer address |
| 2018-12-17T22:55:39.205212868Z | 61 | PC: 13f7d | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:55:39.21346187Z | 63 | PC: 13f89 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:55:39.220838473Z | 66 | PC: 13f91 | Move file pointer |
| 2018-12-17T22:55:39.222678932Z | 62 | PC: 13f96 | Close file |
| 2018-12-17T22:55:39.225878596Z | 67 | PC: 13fb6 | Get or set file attributes |
| 2018-12-17T22:55:39.237813414Z | 61 | PC: 13fbb | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:55:39.245197023Z | 64 | PC: 13fc7 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:55:39.248996749Z | 66 | PC: 13fcf | Move file pointer |
| 2018-12-17T22:55:39.250473931Z | 64 | PC: 13fda | Write file or device (Write 549 bytes on handle 5) |
| 2018-12-17T22:55:39.259305668Z | 87 | PC: 13fe5 | Get or set file date and time |
| 2018-12-17T22:55:39.261498383Z | 62 | PC: 13fe9 | Close file |
| 2018-12-17T22:55:39.270026294Z | 67 | PC: 13ff6 | Get or set file attributes |
| 2018-12-17T22:55:39.280552021Z | 26 | PC: 13f5e | Set disk transfer address |
| 2018-12-17T22:55:39.282421592Z | 26 | PC: 13f1d | Set disk transfer address |
| 2018-12-17T22:55:39.2834985Z | 59 | PC: 13ec1 | Change current directory |
| 2018-12-17T22:55:39.285291024Z | 26 | PC: 13e8f | Set disk transfer address |
| 2018-12-17T22:55:39.286357431Z | 9 | PC: 12a85 | Display string (String= 'Sophos Ltd, Oxford sacrificial COM goat 1400H bytes long ') |
| 2018-12-17T22:55:39.292334232Z | 0 | PC: 12a89 | Program terminate |