.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T23:01:22.976320159Z | 53 | PC: 12e69 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:01:22.979400117Z | 37 | PC: 12e80 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:01:22.981122373Z | 26 | PC: 12e93 | Set disk transfer address |
| 2018-12-17T23:01:22.982610048Z | 78 | PC: 12e9e | Find first file |
| 2018-12-17T23:01:22.989614179Z | 61 | PC: 12ea9 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T23:01:22.99846517Z | 63 | PC: 12eb5 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:01:23.005774324Z | 62 | PC: 12ee3 | Close file |
| 2018-12-17T23:01:23.007738425Z | 67 | PC: 12eef | Get or set file attributes |
| 2018-12-17T23:01:23.054888893Z | 61 | PC: 12ef8 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T23:01:23.074376891Z | 44 | PC: 12efd | Get time 0x12efd: mov word ptr [bp + 0x230], dx 0x12f01: call 0x12f73 0x12f04: mov ax, 0x5700 0x12f07: mov dx, word ptr [bp + 0x12b] 0x12f0b: mov cx, word ptr [bp + 0x129] 0x12f0f: inc ax 0x12f10: int 0x21 0x12f12: mov ah, 0x3e 0x12f14: int 0x21 0x12f16: mov ax, 0x4300 0x12f19: lea dx, word ptr [bp + 0x29f] 0x12f1d: xor cx, cx 0x12f1f: inc ax 0x12f20: mov cl, byte ptr [bp + 0x128] 0x12f24: int 0x21 0x12f26: jmp 0x12f32 0x12f29: mov ah, 0x3e 0x12f2b: int 0x21 0x12f2d: mov ah, 0x4f 0x12f2f: jmp 0x12e9c |
| 2018-12-17T23:01:23.077387669Z | 66 | PC: 12f7f | Move file pointer |
| 2018-12-17T23:01:23.081843362Z | 64 | PC: 12f91 | Write file or device (Write 385 bytes on handle 5) |
| 2018-12-17T23:01:23.094540209Z | 66 | PC: 12f9a | Move file pointer |
| 2018-12-17T23:01:23.096529878Z | 64 | PC: 12fa5 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T23:01:23.105230276Z | 87 | PC: 12f12 | Get or set file date and time |
| 2018-12-17T23:01:23.107921243Z | 62 | PC: 12f16 | Close file |
| 2018-12-17T23:01:23.1166845Z | 67 | PC: 12f26 | Get or set file attributes |
| 2018-12-17T23:01:23.127962812Z | 26 | PC: 12f39 | Set disk transfer address |
| 2018-12-17T23:01:23.130864144Z | 37 | PC: 12f4a | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |