.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T22:59:25.575482591Z | 26 | PC: 12a73 | Set disk transfer address |
| 2018-12-17T22:59:25.577446533Z | 37 | PC: 12a81 | Set interrupt vector (Interrupt = '1' AKA 'Character input') |
| 2018-12-17T22:59:25.57853146Z | 37 | PC: 12a85 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input') |
| 2018-12-17T22:59:25.579574898Z | 78 | PC: 12acd | Find first file |
| 2018-12-17T22:59:25.58639787Z | 61 | PC: 12bb4 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:59:25.592713073Z | 63 | PC: 12bc3 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:59:25.598542188Z | 66 | PC: 12bd2 | Move file pointer |
| 2018-12-17T22:59:25.599870557Z | 66 | PC: 12be1 | Move file pointer |
| 2018-12-17T22:59:25.601724915Z | 64 | PC: 12bed | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:59:25.604214166Z | 66 | PC: 12bf9 | Move file pointer |
| 2018-12-17T22:59:25.605565498Z | 44 | PC: 12bfd | Get time 0x12bfd: mov byte ptr [bp + 0x2e0], dl
0x12c01: call 0x12c17
0x12c04: mov ah, 0x40
0x12c06: mov cx, 0x1e0
0x12c09: lea dx, word ptr [bp + 0x106]
0x12c0d: int 0x21
0x12c0f: call 0x12c17
0x12c12: mov ah, 0x3e
0x12c14: int 0x21
0x12c16: ret
0x12c17: lea si, word ptr [bp + 0x120]
0x12c1b: mov cx, 0x1a1
0x12c1e: xor byte ptr [si], 0
0x12c21: inc si
0x12c22: dec cx
0x12c23: jne 0x12c1e
0x12c25: ret
0x12c26: add word ptr [bx], di
0x12c28: aas
0x12c29: aas
|
| 2018-12-17T22:59:25.608622718Z | 64 | PC: 12c0f | Write file or device (Write 480 bytes on handle 5) |
| 2018-12-17T22:59:25.624040196Z | 62 | PC: 12c16 | Close file |
| 2018-12-17T22:59:25.631987149Z | 79 | PC: 12acd | Find next file |
| 2018-12-17T22:59:25.635279387Z | 61 | PC: 12bb4 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:59:25.641781472Z | 63 | PC: 12bc3 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:59:25.648684099Z | 66 | PC: 12bd2 | Move file pointer |
| 2018-12-17T22:59:25.650802241Z | 66 | PC: 12be1 | Move file pointer |
| 2018-12-17T22:59:25.65330184Z | 64 | PC: 12bed | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:59:25.656121094Z | 66 | PC: 12bf9 | Move file pointer |
| 2018-12-17T22:59:25.658570949Z | 44 | PC: 12bfd | Get time 0x12bfd: mov byte ptr [bp + 0x2e0], dl
0x12c01: call 0x12c17
0x12c04: mov ah, 0x40
0x12c06: mov cx, 0x1e0
0x12c09: lea dx, word ptr [bp + 0x106]
0x12c0d: int 0x21
0x12c0f: call 0x12c17
0x12c12: mov ah, 0x3e
0x12c14: int 0x21
0x12c16: ret
0x12c17: lea si, word ptr [bp + 0x120]
0x12c1b: mov cx, 0x1a1
0x12c1e: xor byte ptr [si], 0x39
0x12c21: inc si
0x12c22: dec cx
0x12c23: jne 0x12c1e
0x12c25: ret
0x12c26: add word ptr [bx], di
0x12c28: aas
0x12c29: aas
|
| 2018-12-17T22:59:25.660765106Z | 64 | PC: 12c0f | Write file or device (Write 480 bytes on handle 5) |
| 2018-12-17T22:59:25.663598399Z | 62 | PC: 12c16 | Close file |
| 2018-12-17T22:59:25.67158615Z | 79 | PC: 12acd | Find next file |
| 2018-12-17T22:59:25.675239325Z | 61 | PC: 12bb4 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:59:25.681607689Z | 63 | PC: 12bc3 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:59:25.688962126Z | 66 | PC: 12bd2 | Move file pointer |
| 2018-12-17T22:59:25.690791055Z | 66 | PC: 12be1 | Move file pointer |
| 2018-12-17T22:59:25.692064432Z | 64 | PC: 12bed | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:59:25.694677931Z | 66 | PC: 12bf9 | Move file pointer |
| 2018-12-17T22:59:25.696840126Z | 44 | PC: 12bfd | Get time 0x12bfd: mov byte ptr [bp + 0x2e0], dl
0x12c01: call 0x12c17
0x12c04: mov ah, 0x40
0x12c06: mov cx, 0x1e0
0x12c09: lea dx, word ptr [bp + 0x106]
0x12c0d: int 0x21
0x12c0f: call 0x12c17
0x12c12: mov ah, 0x3e
0x12c14: int 0x21
0x12c16: ret
0x12c17: lea si, word ptr [bp + 0x120]
0x12c1b: mov cx, 0x1a1
0x12c1e: xor byte ptr [si], 0x3e
0x12c21: inc si
0x12c22: dec cx
0x12c23: jne 0x12c1e
0x12c25: ret
0x12c26: add word ptr [bx], di
0x12c28: aas
0x12c29: aas
|
| 2018-12-17T22:59:25.699006041Z | 64 | PC: 12c0f | Write file or device (Write 480 bytes on handle 5) |
| 2018-12-17T22:59:25.707952029Z | 62 | PC: 12c16 | Close file |
| 2018-12-17T22:59:25.71703886Z | 79 | PC: 12acd | Find next file |
| 2018-12-17T22:59:25.719563322Z | 61 | PC: 12bb4 | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T22:59:25.725792989Z | 63 | PC: 12bc3 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:59:25.732745061Z | 66 | PC: 12bd2 | Move file pointer |
| 2018-12-17T22:59:25.734387486Z | 66 | PC: 12be1 | Move file pointer |
| 2018-12-17T22:59:25.735546743Z | 64 | PC: 12bed | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:59:25.738784609Z | 66 | PC: 12bf9 | Move file pointer |
| 2018-12-17T22:59:25.740062173Z | 44 | PC: 12bfd | Get time 0x12bfd: mov byte ptr [bp + 0x2e0], dl
0x12c01: call 0x12c17
0x12c04: mov ah, 0x40
0x12c06: mov cx, 0x1e0
0x12c09: lea dx, word ptr [bp + 0x106]
0x12c0d: int 0x21
0x12c0f: call 0x12c17
0x12c12: mov ah, 0x3e
0x12c14: int 0x21
0x12c16: ret
0x12c17: lea si, word ptr [bp + 0x120]
0x12c1b: mov cx, 0x1a1
0x12c1e: xor byte ptr [si], 0x3e
0x12c21: inc si
0x12c22: dec cx
0x12c23: jne 0x12c1e
0x12c25: ret
0x12c26: add word ptr [bx], di
0x12c28: aas
0x12c29: aas
|
| 2018-12-17T22:59:25.742129837Z | 64 | PC: 12c0f | Write file or device (Write 480 bytes on handle 5) |
| 2018-12-17T22:59:25.757534473Z | 62 | PC: 12c16 | Close file |
| 2018-12-17T22:59:25.76524503Z | 79 | PC: 12acd | Find next file |
| 2018-12-17T22:59:25.767797037Z | 61 | PC: 12bb4 | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T22:59:25.776051781Z | 63 | PC: 12bc3 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:59:25.78216638Z | 66 | PC: 12bd2 | Move file pointer |
| 2018-12-17T22:59:25.783406232Z | 66 | PC: 12be1 | Move file pointer |
| 2018-12-17T22:59:25.785899201Z | 64 | PC: 12bed | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:59:25.788665219Z | 66 | PC: 12bf9 | Move file pointer |
| 2018-12-17T22:59:25.790028094Z | 44 | PC: 12bfd | Get time 0x12bfd: mov byte ptr [bp + 0x2e0], dl
0x12c01: call 0x12c17
0x12c04: mov ah, 0x40
0x12c06: mov cx, 0x1e0
0x12c09: lea dx, word ptr [bp + 0x106]
0x12c0d: int 0x21
0x12c0f: call 0x12c17
0x12c12: mov ah, 0x3e
0x12c14: int 0x21
0x12c16: ret
0x12c17: lea si, word ptr [bp + 0x120]
0x12c1b: mov cx, 0x1a1
0x12c1e: xor byte ptr [si], 0x44
0x12c21: inc si
0x12c22: dec cx
0x12c23: jne 0x12c1e
0x12c25: ret
0x12c26: add word ptr [bx], di
0x12c28: aas
0x12c29: aas
|
| 2018-12-17T22:59:25.792940222Z | 64 | PC: 12c0f | Write file or device (Write 480 bytes on handle 5) |
| 2018-12-17T22:59:25.796325181Z | 62 | PC: 12c16 | Close file |
| 2018-12-17T22:59:25.803884605Z | 79 | PC: 12acd | Find next file |
| 2018-12-17T22:59:25.807788296Z | 61 | PC: 12bb4 | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T22:59:25.814319519Z | 63 | PC: 12bc3 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:59:25.82054183Z | 66 | PC: 12bd2 | Move file pointer |
| 2018-12-17T22:59:25.831451579Z | 66 | PC: 12be1 | Move file pointer |
| 2018-12-17T22:59:25.833204988Z | 64 | PC: 12bed | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:59:25.836071182Z | 66 | PC: 12bf9 | Move file pointer |
| 2018-12-17T22:59:25.838230953Z | 44 | PC: 12bfd | Get time 0x12bfd: mov byte ptr [bp + 0x2e0], dl
0x12c01: call 0x12c17
0x12c04: mov ah, 0x40
0x12c06: mov cx, 0x1e0
0x12c09: lea dx, word ptr [bp + 0x106]
0x12c0d: int 0x21
0x12c0f: call 0x12c17
0x12c12: mov ah, 0x3e
0x12c14: int 0x21
0x12c16: ret
0x12c17: lea si, word ptr [bp + 0x120]
0x12c1b: mov cx, 0x1a1
0x12c1e: xor byte ptr [si], 0x44
0x12c21: inc si
0x12c22: dec cx
0x12c23: jne 0x12c1e
0x12c25: ret
0x12c26: add word ptr [bx], di
0x12c28: aas
0x12c29: aas
|
| 2018-12-17T22:59:25.840780648Z | 64 | PC: 12c0f | Write file or device (Write 480 bytes on handle 5) |
| 2018-12-17T22:59:25.848861587Z | 62 | PC: 12c16 | Close file |
| 2018-12-17T22:59:25.857542175Z | 79 | PC: 12acd | Find next file |
| 2018-12-17T22:59:25.86014616Z | 61 | PC: 12bb4 | Open file (Filename = 'PAH.COM') |
| 2018-12-17T22:59:25.866416138Z | 63 | PC: 12bc3 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:59:25.87330288Z | 66 | PC: 12bd2 | Move file pointer |
| 2018-12-17T22:59:25.874851916Z | 66 | PC: 12be1 | Move file pointer |
| 2018-12-17T22:59:25.876380921Z | 64 | PC: 12bed | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:59:25.879287494Z | 66 | PC: 12bf9 | Move file pointer |
| 2018-12-17T22:59:25.880562154Z | 44 | PC: 12bfd | Get time 0x12bfd: mov byte ptr [bp + 0x2e0], dl
0x12c01: call 0x12c17
0x12c04: mov ah, 0x40
0x12c06: mov cx, 0x1e0
0x12c09: lea dx, word ptr [bp + 0x106]
0x12c0d: int 0x21
0x12c0f: call 0x12c17
0x12c12: mov ah, 0x3e
0x12c14: int 0x21
0x12c16: ret
0x12c17: lea si, word ptr [bp + 0x120]
0x12c1b: mov cx, 0x1a1
0x12c1e: xor byte ptr [si], 0x49
0x12c21: inc si
0x12c22: dec cx
0x12c23: jne 0x12c1e
0x12c25: ret
0x12c26: add word ptr [bx], di
0x12c28: aas
0x12c29: aas
|
| 2018-12-17T22:59:25.88255464Z | 64 | PC: 12c0f | Write file or device (Write 480 bytes on handle 5) |
| 2018-12-17T22:59:25.885931187Z | 62 | PC: 12c16 | Close file |
| 2018-12-17T22:59:25.89308256Z | 79 | PC: 12acd | Find next file |
| 2018-12-17T22:59:25.895467039Z | 61 | PC: 12bb4 | Open file (Filename = 'TEST.COM') |
| 2018-12-17T22:59:25.902453074Z | 63 | PC: 12bc3 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:59:25.904685165Z | 62 | PC: 12c16 | Close file |
| 2018-12-17T22:59:25.906208232Z | 79 | PC: 12acd | Find next file |
| 2018-12-17T22:59:25.908853415Z | 59 | PC: 12ade | Change current directory |
| 2018-12-17T22:59:25.912574225Z | 26 | PC: 12ae7 | Set disk transfer address |
| 2018-12-17T22:59:25.91347799Z | 9 | PC: 12af9 | Display string (String= 'EvuLz Dancer has waltzed into your puter
Dance-Macabre�
Dream EvuL
') |
