.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T21:51:24.572737524Z | 25 | PC: 12a58 | Get default drive |
| 2018-12-17T21:51:24.580560756Z | 98 | PC: 1a0f6 | Get current PSP |
| 2018-12-17T21:51:24.581867232Z | 44 | PC: 12b17 | Get time 0x12b17: xchg dx, cx 0x12b19: mov al, dh 0x12b1b: mov ah, 0 0x12b1d: mov bl, 0xa 0x12b1f: jmp 0x12b35 0x12b21: div bl 0x12b23: add al, 0x30 0x12b25: mov byte ptr [di], al 0x12b27: inc di 0x12b28: xchg al, ah 0x12b2a: add al, 0x30 0x12b2c: mov byte ptr [di], al 0x12b2e: inc di 0x12b2f: mov al, 0x3a 0x12b31: mov byte ptr [di], al 0x12b33: inc di 0x12b34: ret 0x12b35: call 0x22b21 0x12b38: mov al, dl 0x12b3a: mov ah, 0 |
| 2018-12-17T21:51:24.584690722Z | 71 | PC: 12db6 | Get current directory |
| 2018-12-17T21:51:24.588437492Z | 67 | PC: 14420 | Get or set file attributes |
| 2018-12-17T21:51:24.592995254Z | 65 | PC: 1386a | Delete file (Filename = 'anti-vir.dat') |
| 2018-12-17T21:51:24.599333813Z | 67 | PC: 14420 | Get or set file attributes |
| 2018-12-17T21:51:24.605296937Z | 65 | PC: 1386a | Delete file (Filename = 'chklist.ms') |
| 2018-12-17T21:51:24.617812613Z | 67 | PC: 14420 | Get or set file attributes |
| 2018-12-17T21:51:24.623517979Z | 65 | PC: 1386a | Delete file (Filename = 'chklist.cps') |
| 2018-12-17T21:51:24.629691465Z | 67 | PC: 14420 | Get or set file attributes |
| 2018-12-17T21:51:24.640840339Z | 65 | PC: 1386a | Delete file (Filename = 'vs.vsn') |
| 2018-12-17T21:51:24.647348406Z | 67 | PC: 14420 | Get or set file attributes |
| 2018-12-17T21:51:24.658117935Z | 65 | PC: 1386a | Delete file (Filename = 'ivb.ntz') |
| 2018-12-17T21:51:24.669259208Z | 26 | PC: 12e77 | Set disk transfer address |
| 2018-12-17T21:51:24.670718423Z | 78 | PC: 12e89 | Find first file |
| 2018-12-17T21:51:24.689381002Z | 67 | PC: 143e9 | Get or set file attributes |
| 2018-12-17T21:51:24.696789164Z | 67 | PC: 14420 | Get or set file attributes |
| 2018-12-17T21:51:24.712748944Z | 61 | PC: 14565 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T21:51:24.719495468Z | 63 | PC: 14607 | Read file or device (Read 6585 bytes on handle 5) |
| 2018-12-17T21:51:24.727778537Z | 62 | PC: 1464d | Close file |
| 2018-12-17T21:51:24.729801631Z | 67 | PC: 14420 | Get or set file attributes |
| 2018-12-17T21:51:24.743124739Z | 47 | PC: 19f35 | Get disk transfer address |
| 2018-12-17T21:51:24.745496228Z | 26 | PC: 19f40 | Set disk transfer address |
| 2018-12-17T21:51:24.747022454Z | 78 | PC: 19f4c | Find first file |
| 2018-12-17T21:51:24.753778357Z | 26 | PC: 19f5e | Set disk transfer address |
| 2018-12-17T21:51:24.757584064Z | 26 | PC: 1371b | Set disk transfer address |
| 2018-12-17T21:51:24.759538738Z | 78 | PC: 1372d | Find first file |
| 2018-12-17T21:51:24.763774867Z | 67 | PC: 143e9 | Get or set file attributes |
| 2018-12-17T21:51:24.767585468Z | 67 | PC: 14420 | Get or set file attributes |
| 2018-12-17T21:51:24.774384796Z | 61 | PC: 14565 | Open file (Filename = 'TEST.EXE') |
| 2018-12-17T21:51:24.778586865Z | 66 | PC: 1a21b | Move file pointer |
| 2018-12-17T21:51:24.779978166Z | 63 | PC: 14607 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T21:51:24.784498914Z | 62 | PC: 1464d | Close file |
| 2018-12-17T21:51:24.785801552Z | 67 | PC: 14420 | Get or set file attributes |
| 2018-12-17T21:51:24.791965225Z | 47 | PC: 19f72 | Get disk transfer address |
| 2018-12-17T21:51:24.794717744Z | 26 | PC: 19f7d | Set disk transfer address |
| 2018-12-17T21:51:24.795804599Z | 79 | PC: 19f81 | Find next file |
| 2018-12-17T21:51:24.798444875Z | 26 | PC: 19f91 | Set disk transfer address |
| 2018-12-17T21:51:24.803660061Z | 76 | PC: 12f1e | Terminate with return code (Return code = '0') |