.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T23:02:03.599269034Z | 48 | PC: 16cfc | Get DOS version |
| 2018-12-17T23:02:03.601815759Z | 26 | PC: 16d0a | Set disk transfer address |
| 2018-12-17T23:02:03.603720638Z | 78 | PC: 16d14 | Find first file |
| 2018-12-17T23:02:03.610594323Z | 67 | PC: 16d21 | Get or set file attributes |
| 2018-12-17T23:02:03.617614103Z | 67 | PC: 16d29 | Get or set file attributes |
| 2018-12-17T23:02:04.010163988Z | 61 | PC: 16d2e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T23:02:04.018691812Z | 87 | PC: 16d34 | Get or set file date and time |
| 2018-12-17T23:02:04.021775376Z | 63 | PC: 16d41 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:02:04.029318699Z | 66 | PC: 16d67 | Move file pointer |
| 2018-12-17T23:02:04.031135012Z | 66 | PC: 16e06 | Move file pointer |
| 2018-12-17T23:02:04.033378598Z | 63 | PC: 16e10 | Read file or device (Read 52 bytes on handle 5) |
| 2018-12-17T23:02:04.040565501Z | 66 | PC: 16d67 | Move file pointer |
| 2018-12-17T23:02:04.042299229Z | 44 | PC: 16e5d | Get time 0x16e5d: cmp dl, 0 0x16e60: jne 0x16e64 0x16e62: jmp 0x16e59 0x16e64: mov byte ptr cs:[bp + 0x17], dl 0x16e68: lea si, word ptr [bp + 4] 0x16e6b: mov di, 0xfb00 0x16e6e: mov cx, 0x17 0x16e71: rep movsb byte ptr es:[di], byte ptr [si] 0x16e73: lea si, word ptr [bp + 0x1b] 0x16e76: mov cx, 0x22e 0x16e79: lodsb al, byte ptr [si] 0x16e7a: xor al, dl 0x16e7c: stosb byte ptr es:[di], al 0x16e7d: loop 0x16e79 0x16e7f: mov ah, 0x40 0x16e81: mov dx, 0xfb00 0x16e84: mov cx, 0x245 0x16e87: int 0x21 0x16e89: mov ax, 0x4200 0x16e8c: call 0x26d61 |
| 2018-12-17T23:02:04.04512038Z | 64 | PC: 16e89 | Write file or device (Write 581 bytes on handle 5) |
| 2018-12-17T23:02:04.054549777Z | 66 | PC: 16d67 | Move file pointer |
| 2018-12-17T23:02:04.056393692Z | 64 | PC: 16e9a | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T23:02:04.063708135Z | 87 | PC: 16eca | Get or set file date and time |
| 2018-12-17T23:02:04.066538894Z | 62 | PC: 16ece | Close file |
| 2018-12-17T23:02:04.075672245Z | 67 | PC: 16ed7 | Get or set file attributes |
| 2018-12-17T23:02:04.080543759Z | 26 | PC: 16ea4 | Set disk transfer address |
| 2018-12-17T23:02:04.092625219Z | 9 | PC: 12a82 | Display string (String= 'Goat file (COM). Size=00004268h/0000017000d bytes. ') |
| 2018-12-17T23:02:04.097260449Z | 76 | PC: 12a86 | Terminate with return code (Return code = '36') |