.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T23:00:10.865867833Z | 48 | PC: 12b12 | Get DOS version |
| 2018-12-17T23:00:10.867852052Z | 47 | PC: 12b20 | Get disk transfer address |
| 2018-12-17T23:00:10.86959642Z | 26 | PC: 12b35 | Set disk transfer address |
| 2018-12-17T23:00:10.871276357Z | 78 | PC: 12bb9 | Find first file |
| 2018-12-17T23:00:10.878120208Z | 67 | PC: 12bf9 | Get or set file attributes |
| 2018-12-17T23:00:10.891533615Z | 67 | PC: 12c0a | Get or set file attributes |
| 2018-12-17T23:00:10.911499555Z | 61 | PC: 12c15 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T23:00:10.919634232Z | 87 | PC: 12c22 | Get or set file date and time |
| 2018-12-17T23:00:10.924357358Z | 63 | PC: 12c35 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T23:00:10.932899581Z | 66 | PC: 12c51 | Move file pointer |
| 2018-12-17T23:00:10.934986022Z | 44 | PC: 12c7f | Get time 0x12c7f: xor dx, cx 0x12c81: nop 0x12c82: nop 0x12c83: mov cx, word ptr [si + 0xe2] 0x12c87: nop 0x12c88: nop 0x12c89: xor cx, dx 0x12c8b: nop 0x12c8c: nop 0x12c8d: mov word ptr [si + 0xe2], dx 0x12c91: nop 0x12c92: nop 0x12c93: mov word ptr [bp - 0x1e], dx 0x12c96: call 0x12f8e 0x12c99: mov al, byte ptr [bp - 0x1e] 0x12c9c: and al, 3 0x12c9e: cmp al, 3 0x12ca0: je 0x12c96 0x12ca2: push ax 0x12ca3: ror al, 1 |
| 2018-12-17T23:00:10.940070638Z | 64 | PC: 132fc | Write file or device (Write 2068 bytes on handle 5) |
| 2018-12-17T23:00:10.950591618Z | 66 | PC: 12f12 | Move file pointer |
| 2018-12-17T23:00:10.952942165Z | 64 | PC: 12f23 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T23:00:10.962332021Z | 87 | PC: 12f34 | Get or set file date and time |
| 2018-12-17T23:00:10.964262139Z | 62 | PC: 12f38 | Close file |
| 2018-12-17T23:00:10.973086041Z | 67 | PC: 12f46 | Get or set file attributes |
| 2018-12-17T23:00:10.984230835Z | 26 | PC: 12f51 | Set disk transfer address |
| 2018-12-17T23:00:10.986458551Z | 9 | PC: 12aa2 | Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ') |