.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:59:59.373452294Z | 26 | PC: 12ac0 | Set disk transfer address |
| 2018-12-17T22:59:59.375229614Z | 78 | PC: 12ac8 | Find first file |
| 2018-12-17T22:59:59.383447508Z | 47 | PC: 12ad3 | Get disk transfer address |
| 2018-12-17T22:59:59.38508746Z | 61 | PC: 12ae3 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:59:59.392355959Z | 87 | PC: 12ae9 | Get or set file date and time |
| 2018-12-17T22:59:59.397763481Z | 63 | PC: 12b09 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:59:59.404680921Z | 66 | PC: 12b1b | Move file pointer |
| 2018-12-17T22:59:59.40653746Z | 64 | PC: 12b26 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:59:59.41036295Z | 66 | PC: 12b2f | Move file pointer |
| 2018-12-17T22:59:59.412586939Z | 44 | PC: 12a6a | Get time 0x12a6a: mov byte ptr [bp + 0x122], cl 0x12a6e: mov cx, 0xdd 0x12a71: lea si, word ptr [bp + 0x16d] 0x12a75: lea di, word ptr [bp + 0x232] 0x12a79: movsb byte ptr es:[di], byte ptr [si] 0x12a7a: mov al, byte ptr [bp + 0x232] 0x12a7e: xor al, byte ptr [bp + 0x122] 0x12a82: mov byte ptr [bp + 0x232], al 0x12a86: lea di, word ptr [si - 1] 0x12a89: lea si, word ptr [bp + 0x232] 0x12a8d: movsb byte ptr es:[di], byte ptr [si] 0x12a8e: mov si, di 0x12a90: loop 0x12a75 0x12a92: ret 0x12a93: jmp 0x12aad 0x12a95: call 0x22a66 0x12a98: mov ah, 0x40 0x12a9a: mov cx, 0x14a 0x12a9d: lea dx, word ptr [bp + 0x100] 0x12aa1: int 0x21 |
| 2018-12-17T22:59:59.415552302Z | 64 | PC: 12aa3 | Write file or device (Write 330 bytes on handle 5) |
| 2018-12-17T22:59:59.431929699Z | 87 | PC: 12b41 | Get or set file date and time |
| 2018-12-17T22:59:59.433828387Z | 62 | PC: 12b45 | Close file |
| 2018-12-17T22:59:59.44239169Z | 79 | PC: 12ac8 | Find next file |
| 2018-12-17T22:59:59.445282813Z | 47 | PC: 12ad3 | Get disk transfer address |
| 2018-12-17T22:59:59.447927633Z | 61 | PC: 12ae3 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:59:59.455050539Z | 87 | PC: 12ae9 | Get or set file date and time |
| 2018-12-17T22:59:59.456517436Z | 63 | PC: 12b09 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:59:59.464383228Z | 66 | PC: 12b1b | Move file pointer |
| 2018-12-17T22:59:59.467119169Z | 64 | PC: 12b26 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:59:59.474875986Z | 66 | PC: 12b2f | Move file pointer |
| 2018-12-17T22:59:59.47835282Z | 44 | PC: 12a6a | Get time 0x12a6a: mov byte ptr [bp + 0x122], cl 0x12a6e: mov cx, 0xdd 0x12a71: lea si, word ptr [bp + 0x16d] 0x12a75: lea di, word ptr [bp + 0x232] 0x12a79: movsb byte ptr es:[di], byte ptr [si] 0x12a7a: mov al, byte ptr [bp + 0x232] 0x12a7e: xor al, byte ptr [bp + 0x122] 0x12a82: mov byte ptr [bp + 0x232], al 0x12a86: lea di, word ptr [si - 1] 0x12a89: lea si, word ptr [bp + 0x232] 0x12a8d: movsb byte ptr es:[di], byte ptr [si] 0x12a8e: mov si, di 0x12a90: loop 0x12a75 0x12a92: ret 0x12a93: jmp 0x12aad 0x12a95: call 0x22a66 0x12a98: mov ah, 0x40 0x12a9a: mov cx, 0x14a 0x12a9d: lea dx, word ptr [bp + 0x100] 0x12aa1: int 0x21 |
| 2018-12-17T22:59:59.481294198Z | 64 | PC: 12aa3 | Write file or device (Write 330 bytes on handle 5) |
| 2018-12-17T22:59:59.484828129Z | 87 | PC: 12b41 | Get or set file date and time |
| 2018-12-17T22:59:59.487023775Z | 62 | PC: 12b45 | Close file |
| 2018-12-17T22:59:59.496693598Z | 79 | PC: 12ac8 | Find next file |
| 2018-12-17T22:59:59.499543694Z | 47 | PC: 12ad3 | Get disk transfer address |
| 2018-12-17T22:59:59.50082929Z | 61 | PC: 12ae3 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:59:59.508632053Z | 87 | PC: 12ae9 | Get or set file date and time |
| 2018-12-17T22:59:59.510411798Z | 63 | PC: 12b09 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:59:59.518002372Z | 66 | PC: 12b1b | Move file pointer |
| 2018-12-17T22:59:59.520852729Z | 64 | PC: 12b26 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:59:59.52369487Z | 66 | PC: 12b2f | Move file pointer |
| 2018-12-17T22:59:59.525362223Z | 44 | PC: 12a6a | Get time 0x12a6a: mov byte ptr [bp + 0x122], cl 0x12a6e: mov cx, 0xdd 0x12a71: lea si, word ptr [bp + 0x16d] 0x12a75: lea di, word ptr [bp + 0x232] 0x12a79: movsb byte ptr es:[di], byte ptr [si] 0x12a7a: mov al, byte ptr [bp + 0x232] 0x12a7e: xor al, byte ptr [bp + 0x122] 0x12a82: mov byte ptr [bp + 0x232], al 0x12a86: lea di, word ptr [si - 1] 0x12a89: lea si, word ptr [bp + 0x232] 0x12a8d: movsb byte ptr es:[di], byte ptr [si] 0x12a8e: mov si, di 0x12a90: loop 0x12a75 0x12a92: ret 0x12a93: jmp 0x12aad 0x12a95: call 0x22a66 0x12a98: mov ah, 0x40 0x12a9a: mov cx, 0x14a 0x12a9d: lea dx, word ptr [bp + 0x100] 0x12aa1: int 0x21 |
| 2018-12-17T22:59:59.52856352Z | 64 | PC: 12aa3 | Write file or device (Write 330 bytes on handle 5) |
| 2018-12-17T22:59:59.53217712Z | 87 | PC: 12b41 | Get or set file date and time |
| 2018-12-17T22:59:59.53374146Z | 62 | PC: 12b45 | Close file |
| 2018-12-17T22:59:59.542515278Z | 26 | PC: 12b59 | Set disk transfer address |