.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:55:41.107564944Z | 47 | PC: 12a88 | Get disk transfer address |
| 2018-12-17T22:55:41.113271027Z | 26 | PC: 12a93 | Set disk transfer address |
| 2018-12-17T22:55:41.1146937Z | 53 | PC: 12afc | Get interrupt vector (Interrupt = '19' AKA 'Delete file') |
| 2018-12-17T22:55:41.116242376Z | 37 | PC: 12b10 | Set interrupt vector (Interrupt = '19' AKA 'Delete file') |
| 2018-12-17T22:55:41.118092621Z | 78 | PC: 12b20 | Find first file |
| 2018-12-17T22:55:41.125534186Z | 47 | PC: 12b2a | Get disk transfer address |
| 2018-12-17T22:55:41.127183708Z | 67 | PC: 12b37 | Get or set file attributes |
| 2018-12-17T22:55:41.145111186Z | 61 | PC: 12b47 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:55:41.153495088Z | 66 | PC: 12b53 | Move file pointer |
| 2018-12-17T22:55:41.155466811Z | 66 | PC: 12b7d | Move file pointer |
| 2018-12-17T22:55:41.157326123Z | 63 | PC: 12b8a | Read file or device (Read 6 bytes on handle 5) |
| 2018-12-17T22:55:41.165889673Z | 66 | PC: 12b97 | Move file pointer |
| 2018-12-17T22:55:41.167401964Z | 63 | PC: 12ba9 | Read file or device (Read 7 bytes on handle 5) |
| 2018-12-17T22:55:41.170105776Z | 66 | PC: 12bc9 | Move file pointer |
| 2018-12-17T22:55:41.172745151Z | 64 | PC: 12c06 | Write file or device (Write 648 bytes on handle 5) |
| 2018-12-17T22:55:41.18211574Z | 66 | PC: 12c0f | Move file pointer |
| 2018-12-17T22:55:41.183560704Z | 64 | PC: 12c22 | Write file or device (Write 6 bytes on handle 5) |
| 2018-12-17T22:55:41.191464261Z | 62 | PC: 12c26 | Close file |
| 2018-12-17T22:55:41.201757243Z | 79 | PC: 12c2b | Find next file |
| 2018-12-17T22:55:41.205017803Z | 47 | PC: 12b2a | Get disk transfer address |
| 2018-12-17T22:55:41.207193704Z | 67 | PC: 12b37 | Get or set file attributes |
| 2018-12-17T22:55:41.219280697Z | 61 | PC: 12b47 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:55:41.227805041Z | 66 | PC: 12b53 | Move file pointer |
| 2018-12-17T22:55:41.229312221Z | 62 | PC: 12c26 | Close file |
| 2018-12-17T22:55:41.232497106Z | 79 | PC: 12c2b | Find next file |
| 2018-12-17T22:55:41.235565463Z | 47 | PC: 12b2a | Get disk transfer address |
| 2018-12-17T22:55:41.237299339Z | 67 | PC: 12b37 | Get or set file attributes |
| 2018-12-17T22:55:41.250402302Z | 61 | PC: 12b47 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:55:41.258002897Z | 66 | PC: 12b53 | Move file pointer |
| 2018-12-17T22:55:41.259843411Z | 66 | PC: 12b7d | Move file pointer |
| 2018-12-17T22:55:41.262234948Z | 63 | PC: 12b8a | Read file or device (Read 6 bytes on handle 5) |
| 2018-12-17T22:55:41.26990147Z | 66 | PC: 12b97 | Move file pointer |
| 2018-12-17T22:55:41.271749575Z | 63 | PC: 12ba9 | Read file or device (Read 7 bytes on handle 5) |
| 2018-12-17T22:55:41.274856929Z | 66 | PC: 12bc9 | Move file pointer |
| 2018-12-17T22:55:41.278578969Z | 64 | PC: 12c06 | Write file or device (Write 648 bytes on handle 5) |
| 2018-12-17T22:55:41.288463025Z | 66 | PC: 12c0f | Move file pointer |
| 2018-12-17T22:55:41.290145519Z | 64 | PC: 12c22 | Write file or device (Write 6 bytes on handle 5) |
| 2018-12-17T22:55:41.29972652Z | 62 | PC: 12c26 | Close file |
| 2018-12-17T22:55:41.308862027Z | 79 | PC: 12c2b | Find next file |
| 2018-12-17T22:55:41.312175664Z | 47 | PC: 12b2a | Get disk transfer address |
| 2018-12-17T22:55:41.314900944Z | 67 | PC: 12b37 | Get or set file attributes |
| 2018-12-17T22:55:41.325894835Z | 61 | PC: 12b47 | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T22:55:41.333662277Z | 66 | PC: 12b53 | Move file pointer |
| 2018-12-17T22:55:41.335940784Z | 62 | PC: 12c26 | Close file |
| 2018-12-17T22:55:41.338046318Z | 79 | PC: 12c2b | Find next file |
| 2018-12-17T22:55:41.341460919Z | 47 | PC: 12b2a | Get disk transfer address |
| 2018-12-17T22:55:41.343241697Z | 67 | PC: 12b37 | Get or set file attributes |
| 2018-12-17T22:55:41.355465814Z | 61 | PC: 12b47 | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T22:55:41.363020385Z | 66 | PC: 12b53 | Move file pointer |
| 2018-12-17T22:55:41.36564488Z | 62 | PC: 12c26 | Close file |
| 2018-12-17T22:55:41.36856954Z | 79 | PC: 12c2b | Find next file |
| 2018-12-17T22:55:41.371542135Z | 47 | PC: 12b2a | Get disk transfer address |
| 2018-12-17T22:55:41.372950169Z | 67 | PC: 12b37 | Get or set file attributes |
| 2018-12-17T22:55:41.385218343Z | 61 | PC: 12b47 | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T22:55:41.392812797Z | 66 | PC: 12b53 | Move file pointer |
| 2018-12-17T22:55:41.39493719Z | 66 | PC: 12b7d | Move file pointer |
| 2018-12-17T22:55:41.397708333Z | 63 | PC: 12b8a | Read file or device (Read 6 bytes on handle 5) |
| 2018-12-17T22:55:41.405134775Z | 66 | PC: 12b97 | Move file pointer |
| 2018-12-17T22:55:41.407087806Z | 63 | PC: 12ba9 | Read file or device (Read 7 bytes on handle 5) |
| 2018-12-17T22:55:41.410779801Z | 66 | PC: 12bc9 | Move file pointer |
| 2018-12-17T22:55:41.412921785Z | 64 | PC: 12c06 | Write file or device (Write 648 bytes on handle 5) |
| 2018-12-17T22:55:41.425822284Z | 66 | PC: 12c0f | Move file pointer |
| 2018-12-17T22:55:41.428923111Z | 64 | PC: 12c22 | Write file or device (Write 6 bytes on handle 5) |
| 2018-12-17T22:55:41.437549507Z | 62 | PC: 12c26 | Close file |
| 2018-12-17T22:55:41.447536217Z | 79 | PC: 12c2b | Find next file |
| 2018-12-17T22:55:41.451132976Z | 47 | PC: 12b2a | Get disk transfer address |
| 2018-12-17T22:55:41.453725916Z | 67 | PC: 12b37 | Get or set file attributes |
| 2018-12-17T22:55:41.466279403Z | 61 | PC: 12b47 | Open file (Filename = 'PAH.COM') |
| 2018-12-17T22:55:41.470807195Z | 66 | PC: 12b53 | Move file pointer |
| 2018-12-17T22:55:41.472597971Z | 62 | PC: 12c26 | Close file |
| 2018-12-17T22:55:41.474246239Z | 79 | PC: 12c2b | Find next file |
| 2018-12-17T22:55:41.476213901Z | 47 | PC: 12b2a | Get disk transfer address |
| 2018-12-17T22:55:41.477958838Z | 67 | PC: 12b37 | Get or set file attributes |
| 2018-12-17T22:55:41.486897795Z | 61 | PC: 12b47 | Open file (Filename = 'TEST.COM') |
| 2018-12-17T22:55:41.499324541Z | 66 | PC: 12b53 | Move file pointer |
| 2018-12-17T22:55:41.501473552Z | 66 | PC: 12b7d | Move file pointer |
| 2018-12-17T22:55:41.503718575Z | 63 | PC: 12b8a | Read file or device (Read 6 bytes on handle 5) |
| 2018-12-17T22:55:41.509679394Z | 66 | PC: 12b97 | Move file pointer |
| 2018-12-17T22:55:41.511636375Z | 63 | PC: 12ba9 | Read file or device (Read 7 bytes on handle 5) |
| 2018-12-17T22:55:41.517981564Z | 62 | PC: 12c26 | Close file |
| 2018-12-17T22:55:41.519954658Z | 79 | PC: 12c2b | Find next file |
| 2018-12-17T22:55:41.523093839Z | 37 | PC: 12c37 | Set interrupt vector (Interrupt = '19' AKA 'Delete file') |
| 2018-12-17T22:55:41.524497536Z | 44 | PC: 12c3c | Get time 0x12c3c: cmp dl, 0x5a 0x12c3f: jg 0x12c44 0x12c41: jmp 0x12c6d 0x12c43: nop 0x12c44: mov ah, 0x10 0x12c46: mov al, 0 0x12c48: mov bl, 1 0x12c4a: mov bh, 0x24 0x12c4c: mov dx, word ptr [di - 8] 0x12c4f: and dx, 3 0x12c52: cmp dl, 2 0x12c55: jne 0x12c59 0x12c57: mov bh, 0xa 0x12c59: int 0x10 0x12c5b: mov ax, 0x1000 0x12c5e: mov bl, 0xe 0x12c60: mov bh, 0x21 0x12c62: int 0x10 0x12c64: mov ax, 0x1000 0x12c67: mov bl, 3 |
| 2018-12-17T22:55:41.527165498Z | 26 | PC: 12c9c | Set disk transfer address |