.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T23:00:16.569374865Z | 25 | PC: 12b75 | Get default drive |
| 2018-12-17T23:00:16.571763925Z | 14 | PC: 12b7c | Set default drive (Drive = 'C') |
| 2018-12-17T23:00:16.573732364Z | 71 | PC: 12b86 | Get current directory |
| 2018-12-17T23:00:16.576710901Z | 78 | PC: 12b8d | Find first file |
| 2018-12-17T23:00:16.579553272Z | 78 | PC: 12b96 | Find first file |
| 2018-12-17T23:00:16.582259007Z | 59 | PC: 12be2 | Change current directory |
| 2018-12-17T23:00:16.584504136Z | 44 | PC: 12be8 | Get time 0x12be8: cmp dl, 0x32 0x12beb: ja 0x12c0f 0x12bed: jmp 0x12bf0 0x12bef: nop 0x12bf0: mov ah, 9 0x12bf2: mov dx, 0x32a 0x12bf5: int 0x21 0x12bf7: mov ah, 0x2c 0x12bf9: int 0x21 0x12bfb: cmp dl, 0xa 0x12bfe: ja 0x12c0f 0x12c00: jmp 0x12c03 0x12c02: nop 0x12c03: cli 0x12c04: mov ah, 2 0x12c06: cdq 0x12c07: mov cx, 0x100 0x12c0a: int 0x26 0x12c0c: jmp 0x12c0f 0x12c0e: nop |
| 2018-12-17T23:00:16.587208639Z | 14 | PC: 12c14 | Set default drive (Drive = 'A') |
| 2018-12-17T23:00:16.589685944Z | 59 | PC: 12c1c | Change current directory |
| 2018-12-17T23:00:16.592015041Z | 76 | PC: 12c20 | Terminate with return code (Return code = '3') |