.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:02:04.623669776Z | 30 | PC: 12c82 | Reserved |
| 2018-12-17T22:02:04.633538876Z | 26 | PC: 12cae | Set disk transfer address |
| 2018-12-17T22:02:04.634693918Z | 44 | PC: 12cb2 | Get time 0x12cb2: mov ax, word ptr [0x22] 0x12cb5: mov word ptr [0x4e8], ax 0x12cb8: mov word ptr [0x22], dx 0x12cbc: xor ax, ax 0x12cbe: mov al, dl 0x12cc0: and al, 0xf 0x12cc2: push ax 0x12cc3: pop si 0x12cc4: mov al, byte ptr [si + 0x3aa] 0x12cc8: mov byte ptr [0x1a], al 0x12ccb: mov byte ptr [0x28], al 0x12cce: xor ax, ax 0x12cd0: mov al, dh 0x12cd2: and al, 0xf 0x12cd4: push ax 0x12cd5: pop si 0x12cd6: mov al, byte ptr [si + 0x3aa] 0x12cda: mov byte ptr [0x1e], al 0x12cdd: mov byte ptr [0x2d], al 0x12ce0: and dh, 0xf |
| 2018-12-17T22:02:04.636760434Z | 71 | PC: 12cf7 | Get current directory |
| 2018-12-17T22:02:04.640071811Z | 59 | PC: 12d04 | Change current directory |
| 2018-12-17T22:02:04.64516071Z | 78 | PC: 12d14 | Find first file |
| 2018-12-17T22:02:04.655531051Z | 79 | PC: 12d25 | Find next file |
| 2018-12-17T22:02:04.657884903Z | 79 | PC: 12d25 | Find next file |
| 2018-12-17T22:02:04.660744744Z | 79 | PC: 12d25 | Find next file |
| 2018-12-17T22:02:04.663050766Z | 79 | PC: 12d25 | Find next file |
| 2018-12-17T22:02:04.665352765Z | 79 | PC: 12d25 | Find next file |
| 2018-12-17T22:02:04.679035864Z | 79 | PC: 12d25 | Find next file |
| 2018-12-17T22:02:04.681492504Z | 79 | PC: 12d25 | Find next file |
| 2018-12-17T22:02:04.683375272Z | 79 | PC: 12d25 | Find next file |
| 2018-12-17T22:02:04.685696977Z | 79 | PC: 12d25 | Find next file |
| 2018-12-17T22:02:04.688143773Z | 79 | PC: 12d25 | Find next file |
| 2018-12-17T22:02:04.690458806Z | 79 | PC: 12d25 | Find next file |
| 2018-12-17T22:02:04.693745867Z | 79 | PC: 12d25 | Find next file |
| 2018-12-17T22:02:04.696209565Z | 59 | PC: 12d30 | Change current directory |
| 2018-12-17T22:02:04.701895581Z | 78 | PC: 12d14 | Find first file |
| 2018-12-17T22:02:04.70781014Z | 79 | PC: 12d25 | Find next file |
| 2018-12-17T22:02:04.710208444Z | 79 | PC: 12d25 | Find next file |
| 2018-12-17T22:02:04.7125581Z | 79 | PC: 12d25 | Find next file |
| 2018-12-17T22:02:04.715570005Z | 79 | PC: 12d25 | Find next file |
| 2018-12-17T22:02:04.718086769Z | 59 | PC: 12d30 | Change current directory |
| 2018-12-17T22:02:04.721740935Z | 78 | PC: 12d46 | Find first file |
| 2018-12-17T22:02:04.7279175Z | 67 | PC: 12d8f | Get or set file attributes |
| 2018-12-17T22:02:04.742889959Z | 61 | PC: 12d97 | Open file (Filename = '3�3Ҹ') |
| 2018-12-17T22:02:04.749938681Z | 66 | PC: 12daa | Move file pointer |
| 2018-12-17T22:02:04.751713216Z | 63 | PC: 12db4 | Read file or device (Read 24 bytes on handle 5) |
| 2018-12-17T22:02:04.75754513Z | 66 | PC: 12e5f | Move file pointer |
| 2018-12-17T22:02:04.758803919Z | 64 | PC: 12e69 | Write file or device (Write 24 bytes on handle 5) |
| 2018-12-17T22:02:04.761956657Z | 66 | PC: 12e72 | Move file pointer |
| 2018-12-17T22:02:04.763269169Z | 42 | PC: 12e7b | Get date 0x12e7b: mov byte ptr [0x4e7], dh 0x12e7f: push cs 0x12e80: pop ax 0x12e81: mov word ptr [0x2bc], ax 0x12e84: mov ax, 0x2be 0x12e87: mov word ptr [0x2ba], ax 0x12e8a: push ds 0x12e8b: pop es 0x12e8c: cld 0x12e8d: mov di, 0x587 0x12e90: mov si, 0x295 0x12e93: mov cx, 0x29 0x12e96: nop 0x12e97: rep movsb byte ptr es:[di], byte ptr [si] 0x12e99: mov si, 0x32 0x12e9c: mov di, 0x32 0x12e9f: mov cx, 0x25a 0x12ea2: mov dx, word ptr [0x22] 0x12ea6: not dx 0x12ea8: push dx |
| 2018-12-17T22:02:04.765516569Z | 64 | PC: 131bd | Write file or device (Write 1248 bytes on handle 5) |
| 2018-12-17T22:02:04.783482078Z | 87 | PC: 12ef1 | Get or set file date and time |
| 2018-12-17T22:02:04.784953018Z | 62 | PC: 12ef9 | Close file |
| 2018-12-17T22:02:04.792648373Z | 67 | PC: 12f07 | Get or set file attributes |
| 2018-12-17T22:02:04.802735409Z | 59 | PC: 12f0e | Change current directory |
| 2018-12-17T22:02:04.8068977Z | 42 | PC: 12f12 | Get date 0x12f12: cli 0x12f13: xor dh, byte ptr [0x4e7] 0x12f17: je 0x12f7c 0x12f19: and dl, 1 0x12f1c: je 0x12f7c 0x12f1e: and al, 1 0x12f20: jne 0x12f7c 0x12f22: mov ax, 0x3508 0x12f25: int 0x21 0x12f27: mov word ptr [0x4a2], bx 0x12f2b: mov word ptr [0x4a4], es 0x12f2f: mov cx, 0x8e3 0x12f32: mov bx, 0xa000 0x12f35: mov es, word ptr [0x585] 0x12f39: clc 0x12f3a: push bx 0x12f3b: mov ah, 0x4a 0x12f3d: int 0x21 0x12f3f: pop bx 0x12f40: jae 0x12f4b |
| 2018-12-17T22:02:04.809354525Z | 76 | PC: 12aa4 | Terminate with return code (Return code = '0') |