.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T23:01:27.41042481Z | 47 | PC: 12a9f | Get disk transfer address |
| 2018-12-17T23:01:27.41165957Z | 26 | PC: 12aab | Set disk transfer address |
| 2018-12-17T23:01:27.413808417Z | 78 | PC: 12ab6 | Find first file |
| 2018-12-17T23:01:27.422312457Z | 67 | PC: 12ac4 | Get or set file attributes |
| 2018-12-17T23:01:27.428741096Z | 67 | PC: 12ad4 | Get or set file attributes |
| 2018-12-17T23:01:27.448894265Z | 61 | PC: 12ae5 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T23:01:27.456481542Z | 63 | PC: 12aff | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T23:01:27.467067774Z | 66 | PC: 12b46 | Move file pointer |
| 2018-12-17T23:01:27.472381137Z | 64 | PC: 12b51 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T23:01:27.477486501Z | 66 | PC: 12b5a | Move file pointer |
| 2018-12-17T23:01:27.481199317Z | 44 | PC: 12b5e | Get time 0x12b5e: mov byte ptr [bp + 0x2b9], dl 0x12b62: lea dx, word ptr [bp + 0x107] 0x12b66: mov cx, 0x1c0 0x12b69: lea ax, word ptr [bp + 0x23d] 0x12b6d: push ax 0x12b6e: push cx 0x12b6f: push dx 0x12b70: push ax 0x12b71: push bp 0x12b72: mov bp, sp 0x12b74: mov word ptr [bp + 2], 0xff 0x12b79: pop bp 0x12b7a: jmp 0x12a59 0x12b7d: mov ax, 0x5701 0x12b80: mov cx, word ptr [bp + 0x2b1] 0x12b84: mov dx, word ptr [bp + 0x2b3] 0x12b88: int 0x21 0x12b8a: mov ah, 0x3e 0x12b8c: int 0x21 0x12b8e: mov ax, 0x4301 |
| 2018-12-17T23:01:27.484797728Z | 64 | PC: 12a83 | Write file or device (Write 448 bytes on handle 5) |
| 2018-12-17T23:01:27.494623491Z | 87 | PC: 12b8a | Get or set file date and time |
| 2018-12-17T23:01:27.496766728Z | 62 | PC: 12b8e | Close file |
| 2018-12-17T23:01:27.505373091Z | 67 | PC: 12b9d | Get or set file attributes |
| 2018-12-17T23:01:27.516872879Z | 76 | PC: 12ba9 | Terminate with return code (Return code = '0') |