.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T23:02:26.907391838Z | 48 | PC: 145be | Get DOS version |
| 2018-12-17T23:02:26.910405998Z | 53 | PC: 1463d | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T23:02:26.912798009Z | 37 | PC: 14674 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T23:02:26.914296657Z | 48 | PC: 14714 | Get DOS version |
| 2018-12-17T23:02:26.915907354Z | 53 | PC: 1471e | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:02:26.920234777Z | 37 | PC: 14733 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:02:26.922599229Z | 47 | PC: 14739 | Get disk transfer address |
| 2018-12-17T23:02:26.924921355Z | 26 | PC: 14749 | Set disk transfer address |
| 2018-12-17T23:02:26.92791477Z | 78 | PC: 14753 | Find first file |
| 2018-12-17T23:02:26.935545136Z | 53 | PC: 9ef69 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:02:26.936908322Z | 37 | PC: 9ef69 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:02:26.93980245Z | 67 | PC: 9ef69 | Get or set file attributes |
| 2018-12-17T23:02:26.946900821Z | 67 | PC: 9ef69 | Get or set file attributes |
| 2018-12-17T23:02:26.974972591Z | 61 | PC: 9ef69 | Open file (Filename = '5KE.EXE') |
| 2018-12-17T23:02:26.983437796Z | 87 | PC: 9ef69 | Get or set file date and time |
| 2018-12-17T23:02:26.986401719Z | 66 | PC: 9ef69 | Move file pointer |
| 2018-12-17T23:02:26.988546994Z | 66 | PC: 9ef69 | Move file pointer |
| 2018-12-17T23:02:26.991487044Z | 63 | PC: 9ef69 | Read file or device (Read 28 bytes on handle 5) |
| 2018-12-17T23:02:26.994527074Z | 66 | PC: 9ef69 | Move file pointer |
| 2018-12-17T23:02:26.996323801Z | 63 | PC: 9ef69 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T23:02:27.00651102Z | 62 | PC: 9ef69 | Close file |
| 2018-12-17T23:02:27.01073698Z | 42 | PC: 9ef69 | Get date 0x9ef69: ret 0x9ef6a: push ds 0x9ef6b: pop es 0x9ef6c: push ds 0x9ef6d: pop word ptr cs:[0xf32] 0x9ef72: mov word ptr cs:[0xf30], dx 0x9ef77: mov ax, 0x4300 0x9ef7a: call 0xaef63 0x9ef7d: jb 0x9ef54 0x9ef7f: test cx, 0x1e 0x9ef83: jne 0x9ef54 0x9ef85: mov word ptr cs:[0xf36], cx 0x9ef8a: and cx, 0xfe 0x9ef8e: mov dx, word ptr cs:[0xf30] 0x9ef93: mov ax, 0x4301 0x9ef96: call 0xaef63 0x9ef99: jb 0x9ef54 0x9ef9b: mov dx, word ptr cs:[0xf30] 0x9efa0: mov di, dx 0x9efa2: xor al, al |
| 2018-12-17T23:02:27.013325552Z | 37 | PC: 9ef69 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:02:27.015612057Z | 61 | PC: 1475d | Open file (Filename = '_^�') |
| 2018-12-17T23:02:27.02348954Z | 62 | PC: 14765 | Close file |
| 2018-12-17T23:02:27.025760662Z | 79 | PC: 14771 | Find next file |
| 2018-12-17T23:02:27.028579279Z | 37 | PC: 14783 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:02:27.031518646Z | 26 | PC: 1478c | Set disk transfer address |
| 2018-12-17T23:02:27.034048063Z | 53 | PC: 13292 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:02:27.036540134Z | 53 | PC: 13292 | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T23:02:27.039246293Z | 53 | PC: 13292 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T23:02:27.044905873Z | 53 | PC: 13292 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T23:02:27.046252393Z | 53 | PC: 13292 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:02:27.048037824Z | 53 | PC: 13292 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:02:27.05520367Z | 53 | PC: 13292 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T23:02:27.056506344Z | 53 | PC: 13292 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T23:02:27.05770226Z | 53 | PC: 13292 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T23:02:27.059450601Z | 53 | PC: 13292 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T23:02:27.061181084Z | 53 | PC: 13292 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T23:02:27.062853696Z | 53 | PC: 13292 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T23:02:27.065071226Z | 53 | PC: 13292 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T23:02:27.066745886Z | 53 | PC: 13292 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T23:02:27.068406524Z | 53 | PC: 13292 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T23:02:27.070732899Z | 53 | PC: 13292 | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T23:02:27.072377185Z | 53 | PC: 13292 | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T23:02:27.074095015Z | 53 | PC: 13292 | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:02:27.078677745Z | 53 | PC: 13292 | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T23:02:27.080370581Z | 37 | PC: 132a7 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:02:27.081955988Z | 37 | PC: 132af | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:02:27.086253329Z | 37 | PC: 132b7 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:02:27.087563073Z | 37 | PC: 132bf | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:02:27.089531011Z | 68 | PC: 1362f | I/O control for devices (Set for = '') |
| 2018-12-17T23:02:27.200954433Z | 37 | PC: 12cb5 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T23:02:27.203434821Z | 25 | PC: 13cc6 | Get default drive |
| 2018-12-17T23:02:27.205031292Z | 71 | PC: 13cd9 | Get current directory |
| 2018-12-17T23:02:27.209135589Z | 53 | PC: 9ef69 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:02:27.211832956Z | 37 | PC: 9ef69 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:02:27.213349908Z | 47 | PC: 9ef69 | Get disk transfer address |
| 2018-12-17T23:02:27.214858687Z | 26 | PC: 9ef69 | Set disk transfer address |
| 2018-12-17T23:02:27.21722331Z | 67 | PC: 9ef69 | Get or set file attributes |
| 2018-12-17T23:02:27.223671747Z | 67 | PC: 9ef69 | Get or set file attributes |
| 2018-12-17T23:02:27.230191233Z | 67 | PC: 9ef69 | Get or set file attributes |
| 2018-12-17T23:02:27.237292817Z | 42 | PC: 9ef69 | Get date 0x9ef69: ret 0x9ef6a: push ds 0x9ef6b: pop es 0x9ef6c: push ds 0x9ef6d: pop word ptr cs:[0xf32] 0x9ef72: mov word ptr cs:[0xf30], dx 0x9ef77: mov ax, 0x4300 0x9ef7a: call 0xaef63 0x9ef7d: jb 0x9ef54 0x9ef7f: test cx, 0x1e 0x9ef83: jne 0x9ef54 0x9ef85: mov word ptr cs:[0xf36], cx 0x9ef8a: and cx, 0xfe 0x9ef8e: mov dx, word ptr cs:[0xf30] 0x9ef93: mov ax, 0x4301 0x9ef96: call 0xaef63 0x9ef99: jb 0x9ef54 0x9ef9b: mov dx, word ptr cs:[0xf30] 0x9efa0: mov di, dx 0x9efa2: xor al, al |
| 2018-12-17T23:02:27.24010188Z | 60 | PC: 9ef69 | Create or truncate file |
| 2018-12-17T23:02:27.252526668Z | 64 | PC: 9ef69 | Write file or device (Write 145 bytes on handle 5) |
| 2018-12-17T23:02:27.257809355Z | 62 | PC: 9ef69 | Close file |
| 2018-12-17T23:02:27.267810617Z | 78 | PC: 9ef69 | Find first file |
| 2018-12-17T23:02:27.275336076Z | 53 | PC: 9ef69 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:02:27.277923832Z | 37 | PC: 9ef69 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:02:27.279930486Z | 67 | PC: 9ef69 | Get or set file attributes |
| 2018-12-17T23:02:27.286585053Z | 67 | PC: 9ef69 | Get or set file attributes |
| 2018-12-17T23:02:27.298086538Z | 61 | PC: 9ef69 | Open file (Filename = 'TEST.EXE') |
| 2018-12-17T23:02:27.306221181Z | 87 | PC: 9ef69 | Get or set file date and time |
| 2018-12-17T23:02:27.307973968Z | 66 | PC: 9ef69 | Move file pointer |
| 2018-12-17T23:02:27.309840485Z | 66 | PC: 9ef69 | Move file pointer |
| 2018-12-17T23:02:27.312959107Z | 63 | PC: 9ef69 | Read file or device (Read 28 bytes on handle 5) |
| 2018-12-17T23:02:27.316252209Z | 66 | PC: 9ef69 | Move file pointer |
| 2018-12-17T23:02:27.31812886Z | 63 | PC: 9ef69 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T23:02:27.322797492Z | 62 | PC: 9ef69 | Close file |
| 2018-12-17T23:02:27.325057612Z | 42 | PC: 9ef69 | Get date 0x9ef69: ret 0x9ef6a: push ds 0x9ef6b: pop es 0x9ef6c: push ds 0x9ef6d: pop word ptr cs:[0xf32] 0x9ef72: mov word ptr cs:[0xf30], dx 0x9ef77: mov ax, 0x4300 0x9ef7a: call 0xaef63 0x9ef7d: jb 0x9ef54 0x9ef7f: test cx, 0x1e 0x9ef83: jne 0x9ef54 0x9ef85: mov word ptr cs:[0xf36], cx 0x9ef8a: and cx, 0xfe 0x9ef8e: mov dx, word ptr cs:[0xf30] 0x9ef93: mov ax, 0x4301 0x9ef96: call 0xaef63 0x9ef99: jb 0x9ef54 0x9ef9b: mov dx, word ptr cs:[0xf30] 0x9efa0: mov di, dx 0x9efa2: xor al, al |
| 2018-12-17T23:02:27.32764377Z | 37 | PC: 9ef69 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:02:27.33076253Z | 61 | PC: 9eefa | Open file (Filename = '_^�') |
| 2018-12-17T23:02:27.34184138Z | 37 | PC: 9ef69 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:02:27.343353313Z | 26 | PC: 9ef69 | Set disk transfer address |
| 2018-12-17T23:02:27.344989697Z | 59 | PC: 13d8d | Change current directory |
| 2018-12-17T23:02:27.358178665Z | 14 | PC: 13d1f | Set default drive (Drive = 'A') |
| 2018-12-17T23:02:27.360017176Z | 25 | PC: 13d23 | Get default drive |
| 2018-12-17T23:02:27.362135795Z | 53 | PC: 9ef69 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:02:27.366862474Z | 37 | PC: 9ef69 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:02:27.370231077Z | 47 | PC: 9ef69 | Get disk transfer address |
| 2018-12-17T23:02:27.372063659Z | 26 | PC: 9ef69 | Set disk transfer address |
| 2018-12-17T23:02:27.374817961Z | 67 | PC: 9ef69 | Get or set file attributes |
| 2018-12-17T23:02:27.382256455Z | 67 | PC: 9ef69 | Get or set file attributes |
| 2018-12-17T23:02:27.389315575Z | 67 | PC: 9ef69 | Get or set file attributes |
| 2018-12-17T23:02:27.397004734Z | 42 | PC: 9ef69 | Get date 0x9ef69: ret 0x9ef6a: push ds 0x9ef6b: pop es 0x9ef6c: push ds 0x9ef6d: pop word ptr cs:[0xf32] 0x9ef72: mov word ptr cs:[0xf30], dx 0x9ef77: mov ax, 0x4300 0x9ef7a: call 0xaef63 0x9ef7d: jb 0x9ef54 0x9ef7f: test cx, 0x1e 0x9ef83: jne 0x9ef54 0x9ef85: mov word ptr cs:[0xf36], cx 0x9ef8a: and cx, 0xfe 0x9ef8e: mov dx, word ptr cs:[0xf30] 0x9ef93: mov ax, 0x4301 0x9ef96: call 0xaef63 0x9ef99: jb 0x9ef54 0x9ef9b: mov dx, word ptr cs:[0xf30] 0x9efa0: mov di, dx 0x9efa2: xor al, al |
| 2018-12-17T23:02:27.40013964Z | 60 | PC: 9ef69 | Create or truncate file |
| 2018-12-17T23:02:27.416684751Z | 64 | PC: 9ef69 | Write file or device (Write 145 bytes on handle 5) |
| 2018-12-17T23:02:27.42173184Z | 62 | PC: 9ef69 | Close file |
| 2018-12-17T23:02:27.431617443Z | 78 | PC: 9ef69 | Find first file |
| 2018-12-17T23:02:27.439072291Z | 53 | PC: 9ef69 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:02:27.440816987Z | 37 | PC: 9ef69 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:02:27.443478697Z | 67 | PC: 9ef69 | Get or set file attributes |
| 2018-12-17T23:02:27.450340859Z | 67 | PC: 9ef69 | Get or set file attributes |
| 2018-12-17T23:02:27.461482853Z | 61 | PC: 9ef69 | Open file (Filename = 'TEST.EXE') |
| 2018-12-17T23:02:27.475820487Z | 87 | PC: 9ef69 | Get or set file date and time |
| 2018-12-17T23:02:27.47748264Z | 66 | PC: 9ef69 | Move file pointer |
| 2018-12-17T23:02:27.479285008Z | 66 | PC: 9ef69 | Move file pointer |
| 2018-12-17T23:02:27.482020401Z | 63 | PC: 9ef69 | Read file or device (Read 28 bytes on handle 5) |
| 2018-12-17T23:02:27.489328881Z | 66 | PC: 9ef69 | Move file pointer |
| 2018-12-17T23:02:27.491374275Z | 63 | PC: 9ef69 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T23:02:27.500421695Z | 62 | PC: 9ef69 | Close file |
| 2018-12-17T23:02:27.503116589Z | 42 | PC: 9ef69 | Get date 0x9ef69: ret 0x9ef6a: push ds 0x9ef6b: pop es 0x9ef6c: push ds 0x9ef6d: pop word ptr cs:[0xf32] 0x9ef72: mov word ptr cs:[0xf30], dx 0x9ef77: mov ax, 0x4300 0x9ef7a: call 0xaef63 0x9ef7d: jb 0x9ef54 0x9ef7f: test cx, 0x1e 0x9ef83: jne 0x9ef54 0x9ef85: mov word ptr cs:[0xf36], cx 0x9ef8a: and cx, 0xfe 0x9ef8e: mov dx, word ptr cs:[0xf30] 0x9ef93: mov ax, 0x4301 0x9ef96: call 0xaef63 0x9ef99: jb 0x9ef54 0x9ef9b: mov dx, word ptr cs:[0xf30] 0x9efa0: mov di, dx 0x9efa2: xor al, al |
| 2018-12-17T23:02:27.506057805Z | 37 | PC: 9ef69 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:02:27.508588926Z | 61 | PC: 9eefa | Open file (Filename = '_^�') |
| 2018-12-17T23:02:27.515322513Z | 37 | PC: 9ef69 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:02:27.517090486Z | 26 | PC: 9ef69 | Set disk transfer address |
| 2018-12-17T23:02:27.518824482Z | 59 | PC: 13d8d | Change current directory |
| 2018-12-17T23:02:27.64260356Z | 37 | PC: 133a6 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:02:27.644456906Z | 37 | PC: 133a6 | Set interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T23:02:27.646287933Z | 37 | PC: 133a6 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T23:02:27.648854387Z | 37 | PC: 133a6 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T23:02:27.650207045Z | 37 | PC: 133a6 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:02:27.651465655Z | 37 | PC: 133a6 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:02:27.653267386Z | 37 | PC: 133a6 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T23:02:27.654504146Z | 37 | PC: 133a6 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T23:02:27.655733178Z | 37 | PC: 133a6 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T23:02:27.657492249Z | 37 | PC: 133a6 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T23:02:27.658745309Z | 37 | PC: 133a6 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T23:02:27.660790757Z | 37 | PC: 133a6 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T23:02:27.662374701Z | 37 | PC: 133a6 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T23:02:27.663899875Z | 37 | PC: 133a6 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T23:02:27.665167126Z | 37 | PC: 133a6 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T23:02:27.666937803Z | 37 | PC: 133a6 | Set interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T23:02:27.66834878Z | 37 | PC: 133a6 | Set interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T23:02:27.669619036Z | 37 | PC: 133a6 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:02:27.671007946Z | 37 | PC: 133a6 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T23:02:27.672381166Z | 76 | PC: 133e5 | Terminate with return code (Return code = '0') |