.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T23:01:10.642083539Z | 44 | PC: 13e5c | Get time 0x13e5c: pop dx 0x13e5d: cmp cl, 0x14 0x13e60: jb 0x13e65 0x13e62: jmp 0x14028 0x13e65: mov ah, 0x30 0x13e67: int 0x21 0x13e69: cmp al, 1 0x13e6b: jae 0x13e70 0x13e6d: jmp 0x14028 0x13e70: push es 0x13e71: mov ah, 0x2f 0x13e73: int 0x21 0x13e75: mov word ptr [si + 0x313], bx 0x13e79: mov word ptr [si + 0x315], es 0x13e7d: pop es 0x13e7e: mov dx, 0x372 0x13e81: mov ah, 0x1a 0x13e83: add dx, si 0x13e85: int 0x21 0x13e87: push es |
| 2018-12-17T23:01:10.644592668Z | 48 | PC: 13e69 | Get DOS version |
| 2018-12-17T23:01:10.646052198Z | 47 | PC: 13e75 | Get disk transfer address |
| 2018-12-17T23:01:10.647376431Z | 26 | PC: 13e87 | Set disk transfer address |
| 2018-12-17T23:01:10.64874865Z | 71 | PC: 13ec0 | Get current directory |
| 2018-12-17T23:01:10.652598215Z | 78 | PC: 13f27 | Find first file |
| 2018-12-17T23:01:10.658213774Z | 26 | PC: 14027 | Set disk transfer address |
| 2018-12-17T23:01:10.659456069Z | 9 | PC: 12a85 | Display string (String= 'Sophos Ltd, Oxford sacrificial COM goat 1400H bytes long ') |
| 2018-12-17T23:01:10.666041682Z | 0 | PC: 12a89 | Program terminate |