.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T23:02:23.673613669Z | 48 | PC: 12a4c | Get DOS version |
| 2018-12-17T23:02:23.675082773Z | 53 | PC: 12bab | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:02:23.67595434Z | 53 | PC: 12bb8 | Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output') |
| 2018-12-17T23:02:23.676758248Z | 53 | PC: 12bc5 | Get interrupt vector (Interrupt = '5' AKA 'Printer output') |
| 2018-12-17T23:02:23.678054845Z | 53 | PC: 12bd2 | Get interrupt vector (Interrupt = '6' AKA 'Direct console I/O') |
| 2018-12-17T23:02:23.679075233Z | 37 | PC: 12be6 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:02:23.680117654Z | 74 | PC: 12af4 | Reallocate memory |
| 2018-12-17T23:02:23.68223976Z | 68 | PC: 14ec5 | I/O control for devices (Set for = '����') |
| 2018-12-17T23:02:23.68426188Z | 68 | PC: 14ec5 | I/O control for devices (Set for = '����') |
| 2018-12-17T23:02:23.686671064Z | 42 | PC: 14006 | Get date 0x14006: mov word ptr [si], cx
0x14008: mov word ptr [si + 2], dx
0x1400b: pop si
0x1400c: pop bp
0x1400d: ret
0x1400e: push bp
0x1400f: mov bp, sp
0x14011: push si
0x14012: mov si, word ptr [bp + 4]
0x14015: mov ah, 0x2c
0x14017: int 0x21
0x14019: mov word ptr [si], cx
0x1401b: mov word ptr [si + 2], dx
0x1401e: pop si
0x1401f: pop bp
0x14020: ret
0x14021: push bp
0x14022: mov bp, sp
0x14024: sub sp, 6
0x14027: push si
|
| 2018-12-17T23:02:23.689950936Z | 44 | PC: 14019 | Get time 0x14019: mov word ptr [si], cx
0x1401b: mov word ptr [si + 2], dx
0x1401e: pop si
0x1401f: pop bp
0x14020: ret
0x14021: push bp
0x14022: mov bp, sp
0x14024: sub sp, 6
0x14027: push si
0x14028: push di
0x14029: mov di, word ptr [bp + 6]
0x1402c: push di
0x1402d: mov ax, word ptr [bp + 0xc]
0x14030: or ax, 2
0x14033: push ax
0x14034: call 0x1539c
0x14037: mov di, ax
0x14039: or ax, ax
0x1403b: jne 0x14048
0x1403d: mov word ptr [0x92], 2
|
| 2018-12-17T23:02:23.695177998Z | 61 | PC: 151b8 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T23:02:23.701363342Z | 68 | PC: 14e69 | I/O control for devices (Set for = '��') |
| 2018-12-17T23:02:23.702703012Z | 66 | PC: 14ee9 | Move file pointer |
| 2018-12-17T23:02:23.704460523Z | 63 | PC: 152a1 | Read file or device (Read 420 bytes on handle 5) |
| 2018-12-17T23:02:23.710876583Z | 62 | PC: 14b2e | Close file |
| 2018-12-17T23:02:23.713272654Z | 42 | PC: 14006 | Get date 0x14006: mov word ptr [si], cx
0x14008: mov word ptr [si + 2], dx
0x1400b: pop si
0x1400c: pop bp
0x1400d: ret
0x1400e: push bp
0x1400f: mov bp, sp
0x14011: push si
0x14012: mov si, word ptr [bp + 4]
0x14015: mov ah, 0x2c
0x14017: int 0x21
0x14019: mov word ptr [si], cx
0x1401b: mov word ptr [si + 2], dx
0x1401e: pop si
0x1401f: pop bp
0x14020: ret
0x14021: push bp
0x14022: mov bp, sp
0x14024: sub sp, 6
0x14027: push si
|
| 2018-12-17T23:02:23.715812063Z | 46 | PC: 14db6 | Set verify flag |
| 2018-12-17T23:02:23.716898448Z | 37 | PC: 14da1 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:02:23.71936927Z | 14 | PC: 14b06 | Set default drive (Drive = 'U') |
| 2018-12-17T23:02:23.722839343Z | 54 | PC: 14d52 | Get free disk space |
| 2018-12-17T23:02:23.725350268Z | 61 | PC: 151b8 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T23:02:23.732345642Z | 68 | PC: 14e69 | I/O control for devices (Set for = '��') |
| 2018-12-17T23:02:23.740663111Z | 66 | PC: 14ee9 | Move file pointer |
| 2018-12-17T23:02:23.742158995Z | 64 | PC: 15deb | Write file or device (Write 420 bytes on handle 5) |
| 2018-12-17T23:02:23.74936351Z | 87 | PC: 14d6f | Get or set file date and time |
| 2018-12-17T23:02:23.751698722Z | 87 | PC: 15546 | Get or set file date and time |
| 2018-12-17T23:02:23.753555954Z | 62 | PC: 14b2e | Close file |
| 2018-12-17T23:02:23.824402059Z | 47 | PC: 14c45 | Get disk transfer address |
| 2018-12-17T23:02:23.826593018Z | 26 | PC: 14c4e | Set disk transfer address |
| 2018-12-17T23:02:23.828188916Z | 78 | PC: 14c58 | Find first file |
| 2018-12-17T23:02:23.835346568Z | 26 | PC: 14c61 | Set disk transfer address |
| 2018-12-17T23:02:23.838517412Z | 64 | PC: 15deb | Write file or device (Write 26 bytes on handle 1) |
| 2018-12-17T23:02:23.843439302Z | 37 | PC: 12bf2 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:02:23.844614951Z | 37 | PC: 12bfd | Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output') |
| 2018-12-17T23:02:23.846899803Z | 37 | PC: 12c08 | Set interrupt vector (Interrupt = '5' AKA 'Printer output') |
| 2018-12-17T23:02:23.848035499Z | 37 | PC: 12c13 | Set interrupt vector (Interrupt = '6' AKA 'Direct console I/O') |
| 2018-12-17T23:02:23.84923195Z | 64 | PC: 12c5f | Write file or device (Write 25 bytes on handle 2) |
| 2018-12-17T23:02:23.854999187Z | 76 | PC: 12b9c | Terminate with return code (Return code = '1') |
