.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T23:00:19.71473593Z | 53 | PC: 1357a | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:00:19.71730804Z | 53 | PC: 1357a | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T23:00:19.719388171Z | 53 | PC: 1357a | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T23:00:19.721084909Z | 53 | PC: 1357a | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T23:00:19.722770006Z | 53 | PC: 1357a | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:00:19.72546995Z | 53 | PC: 1357a | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:00:19.727149448Z | 53 | PC: 1357a | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T23:00:19.728823256Z | 53 | PC: 1357a | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T23:00:19.731513801Z | 53 | PC: 1357a | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T23:00:19.733206674Z | 53 | PC: 1357a | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T23:00:19.734905862Z | 53 | PC: 1357a | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T23:00:19.737549003Z | 53 | PC: 1357a | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T23:00:19.739260546Z | 53 | PC: 1357a | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T23:00:19.740945268Z | 53 | PC: 1357a | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T23:00:19.743743197Z | 53 | PC: 1357a | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T23:00:19.745527213Z | 53 | PC: 1357a | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T23:00:19.747237455Z | 53 | PC: 1357a | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T23:00:19.748920476Z | 53 | PC: 1357a | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:00:19.751676331Z | 53 | PC: 1357a | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T23:00:19.753367352Z | 37 | PC: 1358f | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:00:19.754990444Z | 37 | PC: 13597 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:00:19.757637672Z | 37 | PC: 1359f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:00:19.759259443Z | 37 | PC: 135a7 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:00:19.761333626Z | 68 | PC: 13e05 | I/O control for devices (Set for = '') |
| 2018-12-17T23:00:19.764290719Z | 42 | PC: 132e4 | Get date 0x132e4: mov byte ptr [0x5c], dl 0x132e8: cmp byte ptr [0x5c], 0x17 0x132ed: ja 0x13318 0x132ef: mov di, 0x503 0x132f2: push cs 0x132f3: push di 0x132f4: mov di, 0x5e 0x132f7: push ds 0x132f8: push di 0x132f9: mov ax, 0xff 0x132fc: push ax 0x132fd: lcall 0x1352:0x69f 0x13302: mov di, 0x5e 0x13305: push ds 0x13306: push di 0x13307: call 0x22a40 0x1330a: mov ah, 0x40 0x1330c: mov bx, 1 0x1330f: lea dx, word ptr [0x5e] 0x13313: mov cx, 0x30 |
| 2018-12-17T23:00:19.767476643Z | 64 | PC: 13318 | Write file or device (Write 48 bytes on handle 1) |
| 2018-12-17T23:00:19.774841817Z | 48 | PC: 13b30 | Get DOS version |
| 2018-12-17T23:00:19.777715112Z | 48 | PC: 13b30 | Get DOS version |
| 2018-12-17T23:00:19.779569727Z | 61 | PC: 139e2 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T23:00:19.787494215Z | 63 | PC: 13ab5 | Read file or device (Read 5664 bytes on handle 5) |
| 2018-12-17T23:00:19.796428252Z | 62 | PC: 13a32 | Close file |
| 2018-12-17T23:00:19.799903519Z | 26 | PC: 133f5 | Set disk transfer address |
| 2018-12-17T23:00:19.801115289Z | 78 | PC: 13401 | Find first file |
| 2018-12-17T23:00:19.808515914Z | 61 | PC: 139e2 | Open file (Filename = 'TEST.EXE') |
| 2018-12-17T23:00:19.817273195Z | 66 | PC: 13b14 | Move file pointer |
| 2018-12-17T23:00:19.819331014Z | 63 | PC: 13ab5 | Read file or device (Read 10 bytes on handle 5) |
| 2018-12-17T23:00:19.827570236Z | 26 | PC: 13419 | Set disk transfer address |
| 2018-12-17T23:00:19.82986605Z | 79 | PC: 1341e | Find next file |
| 2018-12-17T23:00:19.833795684Z | 48 | PC: 13b30 | Get DOS version |
| 2018-12-17T23:00:19.835700278Z | 26 | PC: 133f5 | Set disk transfer address |
| 2018-12-17T23:00:19.838053733Z | 78 | PC: 13401 | Find first file |
| 2018-12-17T23:00:19.845381072Z | 48 | PC: 13b30 | Get DOS version |
| 2018-12-17T23:00:19.847342245Z | 67 | PC: 12bc2 | Get or set file attributes |
| 2018-12-17T23:00:19.854226465Z | 61 | PC: 139e2 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T23:00:19.863520351Z | 66 | PC: 13b14 | Move file pointer |
| 2018-12-17T23:00:19.865543337Z | 63 | PC: 13ab5 | Read file or device (Read 5664 bytes on handle 6) |
| 2018-12-17T23:00:19.874473543Z | 66 | PC: 13b14 | Move file pointer |
| 2018-12-17T23:00:19.877396573Z | 64 | PC: 13a13 | Write file or device (Write 0 bytes on handle 6) |
| 2018-12-17T23:00:19.892015738Z | 66 | PC: 13b14 | Move file pointer |
| 2018-12-17T23:00:19.89412041Z | 64 | PC: 13ab5 | Write file or device (Write 5664 bytes on handle 6) |
| 2018-12-17T23:00:19.904269286Z | 62 | PC: 13a32 | Close file |
| 2018-12-17T23:00:19.916378264Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:00:19.918150249Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:00:19.920659668Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T23:00:19.922682535Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T23:00:19.924387394Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T23:00:19.926276648Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T23:00:19.928697331Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T23:00:19.930365357Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T23:00:19.93199986Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:00:19.935506532Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:00:19.937167405Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:00:19.938872181Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:00:19.941345005Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T23:00:19.943324811Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T23:00:19.944969946Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T23:00:19.947428503Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T23:00:19.949347961Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T23:00:19.951042909Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T23:00:19.952890472Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T23:00:19.955332559Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T23:00:19.956971692Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T23:00:19.958660629Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T23:00:19.961273311Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T23:00:19.962990025Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T23:00:19.964637125Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T23:00:19.967156382Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T23:00:19.969082922Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T23:00:19.974231375Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T23:00:19.976755506Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T23:00:19.985949328Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T23:00:19.993163538Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T23:00:19.995101605Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T23:00:19.997932718Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T23:00:19.999569911Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T23:00:20.001187805Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:00:20.006933624Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:00:20.008215174Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T23:00:20.009663481Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T23:00:20.011653417Z | 41 | PC: 134ad | Parse filename |
| 2018-12-17T23:00:20.013494592Z | 41 | PC: 134bb | Parse filename |
| 2018-12-17T23:00:20.015385976Z | 75 | PC: 134c6 | Execute program |
| 2018-12-17T23:00:20.036505622Z | 9 | PC: 17d68 | Display string (Could not find end pointer) |
| 2018-12-17T23:00:20.045012035Z | 76 | PC: 17d6c | Terminate with return code (Return code = '36') |
| 2018-12-17T23:00:20.04725433Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:00:20.048809808Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:00:20.04982549Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T23:00:20.050967335Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T23:00:20.052566051Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T23:00:20.053705873Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T23:00:20.054750741Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T23:00:20.056462313Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T23:00:20.057471075Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:00:20.058554826Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:00:20.06016097Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:00:20.061310655Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:00:20.062307911Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T23:00:20.063484266Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T23:00:20.064822197Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T23:00:20.065887789Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T23:00:20.067108583Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T23:00:20.068438284Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T23:00:20.069422032Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T23:00:20.071192597Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T23:00:20.072714473Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T23:00:20.073900293Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T23:00:20.075111655Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T23:00:20.076793688Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T23:00:20.077837238Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T23:00:20.078940616Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T23:00:20.080612709Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T23:00:20.081741972Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T23:00:20.082931736Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T23:00:20.084534552Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T23:00:20.085585619Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T23:00:20.086695322Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T23:00:20.088579004Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T23:00:20.089706338Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T23:00:20.090815398Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:00:20.092625942Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:00:20.093915733Z | 53 | PC: 134f6 | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T23:00:20.095650881Z | 37 | PC: 134ff | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T23:00:20.097800309Z | 48 | PC: 13b30 | Get DOS version |
| 2018-12-17T23:00:20.099437041Z | 61 | PC: 139e2 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T23:00:20.108593769Z | 64 | PC: 13ab5 | Write file or device (Write 5664 bytes on handle 6) |
| 2018-12-17T23:00:20.119416051Z | 66 | PC: 13b14 | Move file pointer |
| 2018-12-17T23:00:20.12422034Z | 64 | PC: 13ab5 | Write file or device (Write 5664 bytes on handle 6) |
| 2018-12-17T23:00:20.134035318Z | 66 | PC: 13b14 | Move file pointer |
| 2018-12-17T23:00:20.137116213Z | 64 | PC: 13ab5 | Write file or device (Write 10 bytes on handle 6) |
| 2018-12-17T23:00:20.141035873Z | 62 | PC: 13a32 | Close file |
| 2018-12-17T23:00:20.151005247Z | 64 | PC: 1393d | Write file or device (Write 0 bytes on handle 1) |
| 2018-12-17T23:00:20.15481643Z | 37 | PC: 136d1 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:00:20.156398463Z | 37 | PC: 136d1 | Set interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T23:00:20.158192547Z | 37 | PC: 136d1 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T23:00:20.1607696Z | 37 | PC: 136d1 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T23:00:20.16242463Z | 37 | PC: 136d1 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:00:20.163979213Z | 37 | PC: 136d1 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:00:20.170528788Z | 37 | PC: 136d1 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T23:00:20.172656252Z | 37 | PC: 136d1 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T23:00:20.174561475Z | 37 | PC: 136d1 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T23:00:20.177004437Z | 37 | PC: 136d1 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T23:00:20.178538467Z | 37 | PC: 136d1 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T23:00:20.179939794Z | 37 | PC: 136d1 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T23:00:20.182275426Z | 37 | PC: 136d1 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T23:00:20.183638233Z | 37 | PC: 136d1 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T23:00:20.185497446Z | 37 | PC: 136d1 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T23:00:20.187939806Z | 37 | PC: 136d1 | Set interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T23:00:20.189378461Z | 37 | PC: 136d1 | Set interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T23:00:20.1910407Z | 37 | PC: 136d1 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:00:20.193386781Z | 37 | PC: 136d1 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T23:00:20.195394156Z | 76 | PC: 13710 | Terminate with return code (Return code = '0') |