.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T22:02:00.908863575Z | 48 | PC: 12b4b | Get DOS version |
| 2018-12-17T22:02:00.91120831Z | 53 | PC: 12c83 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:02:00.912504853Z | 53 | PC: 12c90 | Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output') |
| 2018-12-17T22:02:00.920935596Z | 53 | PC: 12c9d | Get interrupt vector (Interrupt = '5' AKA 'Printer output') |
| 2018-12-17T22:02:00.923174988Z | 53 | PC: 12caa | Get interrupt vector (Interrupt = '6' AKA 'Direct console I/O') |
| 2018-12-17T22:02:00.924596191Z | 37 | PC: 12cbe | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:02:00.926176582Z | 74 | PC: 12bf3 | Reallocate memory |
| 2018-12-17T22:02:00.928509361Z | 68 | PC: 13f49 | I/O control for devices (Set for = '��1�') |
| 2018-12-17T22:02:00.931191748Z | 68 | PC: 13f49 | I/O control for devices (Set for = '') |
| 2018-12-17T22:02:00.933607731Z | 61 | PC: 14119 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T22:02:00.940127812Z | 68 | PC: 13eed | I/O control for devices (Set for = '') |
| 2018-12-17T22:02:00.94224559Z | 63 | PC: 14202 | Read file or device (Read 7000 bytes on handle 5) |
| 2018-12-17T22:02:00.9496616Z | 62 | PC: 13dae | Close file |
| 2018-12-17T22:02:00.951251054Z | 25 | PC: 13cb7 | Get default drive |
| 2018-12-17T22:02:00.95287111Z | 71 | PC: 13e6f | Get current directory |
| 2018-12-17T22:02:00.955812455Z | 47 | PC: 13dca | Get disk transfer address |
| 2018-12-17T22:02:00.956926038Z | 26 | PC: 13dd3 | Set disk transfer address |
| 2018-12-17T22:02:00.958527891Z | 78 | PC: 13ddd | Find first file |
| 2018-12-17T22:02:00.965239452Z | 26 | PC: 13de5 | Set disk transfer address |
| 2018-12-17T22:02:00.966387082Z | 67 | PC: 13cd6 | Get or set file attributes |
| 2018-12-17T22:02:00.973288007Z | 67 | PC: 13cd6 | Get or set file attributes |
| 2018-12-17T22:02:00.989075691Z | 61 | PC: 14119 | Open file (Filename = '') |
| 2018-12-17T22:02:00.996138429Z | 68 | PC: 13eed | I/O control for devices (Set for = '������6c#�!�[�����%��u����3�����?����&8�u��_^��%�]#�') |
| 2018-12-17T22:02:00.998855138Z | 66 | PC: 13f6d | Move file pointer |
| 2018-12-17T22:02:01.000642437Z | 63 | PC: 14202 | Read file or device (Read 1 bytes on handle 5) |
| 2018-12-17T22:02:01.003663429Z | 62 | PC: 13dae | Close file |
| 2018-12-17T22:02:01.007783282Z | 47 | PC: 13dfc | Get disk transfer address |
| 2018-12-17T22:02:01.012150445Z | 26 | PC: 13e05 | Set disk transfer address |
| 2018-12-17T22:02:01.014301606Z | 79 | PC: 13e09 | Find next file |
| 2018-12-17T22:02:01.01764879Z | 26 | PC: 13e11 | Set disk transfer address |
| 2018-12-17T22:02:01.019208077Z | 47 | PC: 13dca | Get disk transfer address |
| 2018-12-17T22:02:01.020550576Z | 26 | PC: 13dd3 | Set disk transfer address |
| 2018-12-17T22:02:01.022166759Z | 78 | PC: 13ddd | Find first file |
| 2018-12-17T22:02:01.028369179Z | 26 | PC: 13de5 | Set disk transfer address |
| 2018-12-17T22:02:01.029800381Z | 67 | PC: 13cd6 | Get or set file attributes |
| 2018-12-17T22:02:01.037015415Z | 67 | PC: 13cd6 | Get or set file attributes |
| 2018-12-17T22:02:01.060018162Z | 61 | PC: 14119 | Open file (Filename = '') |
| 2018-12-17T22:02:01.066899265Z | 68 | PC: 13eed | I/O control for devices (Set for = '������6c#�!�[�����%��u����3�����?����&8�u��_^��%�]#�') |
| 2018-12-17T22:02:01.068935755Z | 66 | PC: 13f6d | Move file pointer |
| 2018-12-17T22:02:01.071283399Z | 63 | PC: 14202 | Read file or device (Read 1 bytes on handle 5) |
| 2018-12-17T22:02:01.077806056Z | 87 | PC: 13101 | Get or set file date and time |
| 2018-12-17T22:02:01.079708672Z | 66 | PC: 13e32 | Move file pointer |
| 2018-12-17T22:02:01.082308921Z | 66 | PC: 13e3f | Move file pointer |
| 2018-12-17T22:02:01.084013912Z | 66 | PC: 13e4e | Move file pointer |
| 2018-12-17T22:02:01.085677151Z | 66 | PC: 13f6d | Move file pointer |
| 2018-12-17T22:02:01.088395275Z | 63 | PC: 14202 | Read file or device (Read 407 bytes on handle 5) |
| 2018-12-17T22:02:01.091483905Z | 66 | PC: 13f6d | Move file pointer |
| 2018-12-17T22:02:01.093188233Z | 64 | PC: 144e8 | Write file or device (Write 7000 bytes on handle 5) |
| 2018-12-17T22:02:01.103025726Z | 66 | PC: 13f6d | Move file pointer |
| 2018-12-17T22:02:01.105200806Z | 64 | PC: 144e8 | Write file or device (Write 407 bytes on handle 5) |
| 2018-12-17T22:02:01.113519807Z | 87 | PC: 13203 | Get or set file date and time |
| 2018-12-17T22:02:01.116032454Z | 62 | PC: 13dae | Close file |
| 2018-12-17T22:02:01.123598157Z | 59 | PC: 13ca7 | Change current directory |
| 2018-12-17T22:02:01.1277831Z | 59 | PC: 13ca7 | Change current directory |
| 2018-12-17T22:02:01.130090936Z | 14 | PC: 13cc3 | Set default drive (Drive = 'A') |
| 2018-12-17T22:02:01.132507086Z | 67 | PC: 13cd6 | Get or set file attributes |
| 2018-12-17T22:02:01.138426838Z | 67 | PC: 13cd6 | Get or set file attributes |
| 2018-12-17T22:02:01.155953851Z | 61 | PC: 14119 | Open file (Filename = '�') |
| 2018-12-17T22:02:01.168149582Z | 68 | PC: 13eed | I/O control for devices (Set for = '������6c#�!�[�����%��u����3�����?����&8�u��_^��%�]#�') |
| 2018-12-17T22:02:01.169574895Z | 44 | PC: 138dc | Get time 0x138dc: mov word ptr [si], cx
0x138de: mov word ptr [si + 2], dx
0x138e1: pop si
0x138e2: pop bp
0x138e3: ret
0x138e4: push bp
0x138e5: mov bp, sp
0x138e7: sub sp, 6
0x138ea: push si
0x138eb: push di
0x138ec: mov di, word ptr [bp + 6]
0x138ef: push di
0x138f0: mov ax, word ptr [bp + 0xc]
0x138f3: or ax, 2
0x138f6: push ax
0x138f7: call 0x142de
0x138fa: mov di, ax
0x138fc: or ax, ax
0x138fe: jne 0x1390b
0x13900: mov word ptr [0x2369], 2
|
| 2018-12-17T22:02:01.171857314Z | 87 | PC: 12f05 | Get or set file date and time |
| 2018-12-17T22:02:01.173883664Z | 66 | PC: 13e32 | Move file pointer |
| 2018-12-17T22:02:01.175201885Z | 66 | PC: 13e3f | Move file pointer |
| 2018-12-17T22:02:01.17652595Z | 66 | PC: 13e4e | Move file pointer |
| 2018-12-17T22:02:01.178845632Z | 66 | PC: 13f6d | Move file pointer |
| 2018-12-17T22:02:01.180241318Z | 63 | PC: 14202 | Read file or device (Read 46 bytes on handle 5) |
| 2018-12-17T22:02:01.192905186Z | 66 | PC: 13f6d | Move file pointer |
| 2018-12-17T22:02:01.195559046Z | 64 | PC: 144e8 | Write file or device (Write 46 bytes on handle 5) |
| 2018-12-17T22:02:01.20274754Z | 66 | PC: 13cf6 | Move file pointer |
| 2018-12-17T22:02:01.204351304Z | 66 | PC: 13d07 | Move file pointer |
| 2018-12-17T22:02:01.209011145Z | 66 | PC: 13d79 | Move file pointer |
| 2018-12-17T22:02:01.210469326Z | 64 | PC: 13d81 | Write file or device (Write 0 bytes on handle 5) |
| 2018-12-17T22:02:01.219429952Z | 66 | PC: 13d8f | Move file pointer |
| 2018-12-17T22:02:01.221691548Z | 87 | PC: 13022 | Get or set file date and time |
| 2018-12-17T22:02:01.223338682Z | 62 | PC: 13dae | Close file |
| 2018-12-17T22:02:01.232526567Z | 47 | PC: 13dca | Get disk transfer address |
| 2018-12-17T22:02:01.234960282Z | 26 | PC: 13dd3 | Set disk transfer address |
| 2018-12-17T22:02:01.23726981Z | 78 | PC: 13ddd | Find first file |
| 2018-12-17T22:02:01.244334529Z | 26 | PC: 13de5 | Set disk transfer address |
| 2018-12-17T22:02:01.248061259Z | 41 | PC: 14c92 | Parse filename |
| 2018-12-17T22:02:01.249772036Z | 41 | PC: 14ca0 | Parse filename |
| 2018-12-17T22:02:01.251445335Z | 75 | PC: 14ce0 | Execute program |
| 2018-12-17T22:02:01.263135235Z | 77 | PC: 14d04 | Get program return code |
| 2018-12-17T22:02:01.264653293Z | 61 | PC: 14119 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T22:02:01.272200917Z | 68 | PC: 13eed | I/O control for devices (Set for = '') |
| 2018-12-17T22:02:01.274887512Z | 66 | PC: 13f6d | Move file pointer |
| 2018-12-17T22:02:01.276347628Z | 63 | PC: 14202 | Read file or device (Read 1 bytes on handle 5) |
| 2018-12-17T22:02:01.278205749Z | 87 | PC: 13101 | Get or set file date and time |
| 2018-12-17T22:02:01.280129941Z | 66 | PC: 13e32 | Move file pointer |
| 2018-12-17T22:02:01.281665144Z | 66 | PC: 13e3f | Move file pointer |
| 2018-12-17T22:02:01.283212023Z | 66 | PC: 13e4e | Move file pointer |
| 2018-12-17T22:02:01.28547369Z | 66 | PC: 13f6d | Move file pointer |
| 2018-12-17T22:02:01.287193933Z | 63 | PC: 14202 | Read file or device (Read 46 bytes on handle 5) |
| 2018-12-17T22:02:01.290300326Z | 66 | PC: 13f6d | Move file pointer |
| 2018-12-17T22:02:01.292598601Z | 64 | PC: 144e8 | Write file or device (Write 7000 bytes on handle 5) |
| 2018-12-17T22:02:01.302222058Z | 66 | PC: 13f6d | Move file pointer |
| 2018-12-17T22:02:01.304233589Z | 64 | PC: 144e8 | Write file or device (Write 46 bytes on handle 5) |
| 2018-12-17T22:02:01.307527246Z | 87 | PC: 13203 | Get or set file date and time |
| 2018-12-17T22:02:01.309248432Z | 62 | PC: 13dae | Close file |
| 2018-12-17T22:02:01.317940262Z | 37 | PC: 12cca | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:02:01.320951221Z | 37 | PC: 12cd5 | Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output') |
| 2018-12-17T22:02:01.322383148Z | 37 | PC: 12ce0 | Set interrupt vector (Interrupt = '5' AKA 'Printer output') |
| 2018-12-17T22:02:01.323709334Z | 37 | PC: 12ceb | Set interrupt vector (Interrupt = '6' AKA 'Direct console I/O') |
| 2018-12-17T22:02:01.325495255Z | 76 | PC: 12c74 | Terminate with return code (Return code = '0') |
