.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T23:02:42.028887021Z | 26 | PC: 12a64 | Set disk transfer address |
| 2018-12-17T23:02:42.030682655Z | 78 | PC: 12a78 | Find first file |
| 2018-12-17T23:02:42.038847806Z | 61 | PC: 12c26 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T23:02:42.047606102Z | 63 | PC: 12c35 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:02:42.055150838Z | 66 | PC: 12c44 | Move file pointer |
| 2018-12-17T23:02:42.061804739Z | 66 | PC: 12c53 | Move file pointer |
| 2018-12-17T23:02:42.063970349Z | 64 | PC: 12c5f | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T23:02:42.06737729Z | 66 | PC: 12c6b | Move file pointer |
| 2018-12-17T23:02:42.070619101Z | 44 | PC: 12c6f | Get time 0x12c6f: mov byte ptr [bp + 0x252], dl 0x12c73: call 0x12c89 0x12c76: mov ah, 0x40 0x12c78: mov cx, 0x252 0x12c7b: lea dx, word ptr [bp + 6] 0x12c7f: int 0x21 0x12c81: call 0x12c89 0x12c84: mov ah, 0x3e 0x12c86: int 0x21 0x12c88: ret 0x12c89: lea si, word ptr [bp + 0x11] 0x12c8d: mov cx, 0x222 0x12c90: xor byte ptr [si], 0 0x12c93: inc si 0x12c94: dec cx 0x12c95: jne 0x12c90 0x12c97: ret 0x12c98: add word ptr [bx], di 0x12c9a: aas 0x12c9b: aas |
| 2018-12-17T23:02:42.074012196Z | 64 | PC: 12c81 | Write file or device (Write 594 bytes on handle 5) |
| 2018-12-17T23:02:42.091397181Z | 62 | PC: 12c88 | Close file |
| 2018-12-17T23:02:42.100447225Z | 79 | PC: 12a78 | Find next file |
| 2018-12-17T23:02:42.105246963Z | 61 | PC: 12c26 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T23:02:42.113917163Z | 63 | PC: 12c35 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:02:42.122010099Z | 66 | PC: 12c44 | Move file pointer |
| 2018-12-17T23:02:42.125256769Z | 66 | PC: 12c53 | Move file pointer |
| 2018-12-17T23:02:42.127385238Z | 64 | PC: 12c5f | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T23:02:42.132268073Z | 66 | PC: 12c6b | Move file pointer |
| 2018-12-17T23:02:42.135279521Z | 44 | PC: 12c6f | Get time 0x12c6f: mov byte ptr [bp + 0x252], dl 0x12c73: call 0x12c89 0x12c76: mov ah, 0x40 0x12c78: mov cx, 0x252 0x12c7b: lea dx, word ptr [bp + 6] 0x12c7f: int 0x21 0x12c81: call 0x12c89 0x12c84: mov ah, 0x3e 0x12c86: int 0x21 0x12c88: ret 0x12c89: lea si, word ptr [bp + 0x11] 0x12c8d: mov cx, 0x222 0x12c90: xor byte ptr [si], 0x46 0x12c93: inc si 0x12c94: dec cx 0x12c95: jne 0x12c90 0x12c97: ret 0x12c98: add word ptr [bx], di 0x12c9a: aas 0x12c9b: aas |
| 2018-12-17T23:02:42.138453644Z | 64 | PC: 12c81 | Write file or device (Write 594 bytes on handle 5) |
| 2018-12-17T23:02:42.147599068Z | 62 | PC: 12c88 | Close file |
| 2018-12-17T23:02:42.157357503Z | 79 | PC: 12a78 | Find next file |
| 2018-12-17T23:02:42.160457758Z | 61 | PC: 12c26 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T23:02:42.167591111Z | 63 | PC: 12c35 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:02:42.175166413Z | 66 | PC: 12c44 | Move file pointer |
| 2018-12-17T23:02:42.177130103Z | 66 | PC: 12c53 | Move file pointer |
| 2018-12-17T23:02:42.178726733Z | 64 | PC: 12c5f | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T23:02:42.181699759Z | 66 | PC: 12c6b | Move file pointer |
| 2018-12-17T23:02:42.185694465Z | 44 | PC: 12c6f | Get time 0x12c6f: mov byte ptr [bp + 0x252], dl 0x12c73: call 0x12c89 0x12c76: mov ah, 0x40 0x12c78: mov cx, 0x252 0x12c7b: lea dx, word ptr [bp + 6] 0x12c7f: int 0x21 0x12c81: call 0x12c89 0x12c84: mov ah, 0x3e 0x12c86: int 0x21 0x12c88: ret 0x12c89: lea si, word ptr [bp + 0x11] 0x12c8d: mov cx, 0x222 0x12c90: xor byte ptr [si], 0x4b 0x12c93: inc si 0x12c94: dec cx 0x12c95: jne 0x12c90 0x12c97: ret 0x12c98: add word ptr [bx], di 0x12c9a: aas 0x12c9b: aas |
| 2018-12-17T23:02:42.188783438Z | 64 | PC: 12c81 | Write file or device (Write 594 bytes on handle 5) |
| 2018-12-17T23:02:42.197729337Z | 62 | PC: 12c88 | Close file |
| 2018-12-17T23:02:42.208525412Z | 79 | PC: 12a78 | Find next file |
| 2018-12-17T23:02:42.212097062Z | 61 | PC: 12c26 | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T23:02:42.219697763Z | 63 | PC: 12c35 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:02:42.228225085Z | 66 | PC: 12c44 | Move file pointer |
| 2018-12-17T23:02:42.230895112Z | 66 | PC: 12c53 | Move file pointer |
| 2018-12-17T23:02:42.23261314Z | 64 | PC: 12c5f | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T23:02:42.235526223Z | 66 | PC: 12c6b | Move file pointer |
| 2018-12-17T23:02:42.237037012Z | 44 | PC: 12c6f | Get time 0x12c6f: mov byte ptr [bp + 0x252], dl 0x12c73: call 0x12c89 0x12c76: mov ah, 0x40 0x12c78: mov cx, 0x252 0x12c7b: lea dx, word ptr [bp + 6] 0x12c7f: int 0x21 0x12c81: call 0x12c89 0x12c84: mov ah, 0x3e 0x12c86: int 0x21 0x12c88: ret 0x12c89: lea si, word ptr [bp + 0x11] 0x12c8d: mov cx, 0x222 0x12c90: xor byte ptr [si], 0x4b 0x12c93: inc si 0x12c94: dec cx 0x12c95: jne 0x12c90 0x12c97: ret 0x12c98: add word ptr [bx], di 0x12c9a: aas 0x12c9b: aas |
| 2018-12-17T23:02:42.239755289Z | 64 | PC: 12c81 | Write file or device (Write 594 bytes on handle 5) |
| 2018-12-17T23:02:42.24895843Z | 62 | PC: 12c88 | Close file |
| 2018-12-17T23:02:42.258465032Z | 79 | PC: 12a78 | Find next file |
| 2018-12-17T23:02:42.26130028Z | 61 | PC: 12c26 | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T23:02:42.268433522Z | 63 | PC: 12c35 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:02:42.276991873Z | 66 | PC: 12c44 | Move file pointer |
| 2018-12-17T23:02:42.279073955Z | 66 | PC: 12c53 | Move file pointer |
| 2018-12-17T23:02:42.28104626Z | 64 | PC: 12c5f | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T23:02:42.286196217Z | 66 | PC: 12c6b | Move file pointer |
| 2018-12-17T23:02:42.28879007Z | 44 | PC: 12c6f | Get time 0x12c6f: mov byte ptr [bp + 0x252], dl 0x12c73: call 0x12c89 0x12c76: mov ah, 0x40 0x12c78: mov cx, 0x252 0x12c7b: lea dx, word ptr [bp + 6] 0x12c7f: int 0x21 0x12c81: call 0x12c89 0x12c84: mov ah, 0x3e 0x12c86: int 0x21 0x12c88: ret 0x12c89: lea si, word ptr [bp + 0x11] 0x12c8d: mov cx, 0x222 0x12c90: xor byte ptr [si], 0x51 0x12c93: inc si 0x12c94: dec cx 0x12c95: jne 0x12c90 0x12c97: ret 0x12c98: add word ptr [bx], di 0x12c9a: aas 0x12c9b: aas |
| 2018-12-17T23:02:42.291820063Z | 64 | PC: 12c81 | Write file or device (Write 594 bytes on handle 5) |
| 2018-12-17T23:02:42.301994058Z | 62 | PC: 12c88 | Close file |
| 2018-12-17T23:02:42.311396625Z | 79 | PC: 12a78 | Find next file |
| 2018-12-17T23:02:42.318317008Z | 61 | PC: 12c26 | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T23:02:42.327051729Z | 63 | PC: 12c35 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:02:42.334315818Z | 66 | PC: 12c44 | Move file pointer |
| 2018-12-17T23:02:42.336296389Z | 66 | PC: 12c53 | Move file pointer |
| 2018-12-17T23:02:42.338216607Z | 64 | PC: 12c5f | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T23:02:42.342969337Z | 66 | PC: 12c6b | Move file pointer |
| 2018-12-17T23:02:42.344991517Z | 44 | PC: 12c6f | Get time 0x12c6f: mov byte ptr [bp + 0x252], dl 0x12c73: call 0x12c89 0x12c76: mov ah, 0x40 0x12c78: mov cx, 0x252 0x12c7b: lea dx, word ptr [bp + 6] 0x12c7f: int 0x21 0x12c81: call 0x12c89 0x12c84: mov ah, 0x3e 0x12c86: int 0x21 0x12c88: ret 0x12c89: lea si, word ptr [bp + 0x11] 0x12c8d: mov cx, 0x222 0x12c90: xor byte ptr [si], 0x56 0x12c93: inc si 0x12c94: dec cx 0x12c95: jne 0x12c90 0x12c97: ret 0x12c98: add word ptr [bx], di 0x12c9a: aas 0x12c9b: aas |
| 2018-12-17T23:02:42.347835831Z | 64 | PC: 12c81 | Write file or device (Write 594 bytes on handle 5) |
| 2018-12-17T23:02:42.361816138Z | 62 | PC: 12c88 | Close file |
| 2018-12-17T23:02:42.374639171Z | 79 | PC: 12a78 | Find next file |
| 2018-12-17T23:02:42.377519112Z | 61 | PC: 12c26 | Open file (Filename = 'PAH.COM') |
| 2018-12-17T23:02:42.385338654Z | 63 | PC: 12c35 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:02:42.392269436Z | 66 | PC: 12c44 | Move file pointer |
| 2018-12-17T23:02:42.393972105Z | 66 | PC: 12c53 | Move file pointer |
| 2018-12-17T23:02:42.396363008Z | 64 | PC: 12c5f | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T23:02:42.399301569Z | 66 | PC: 12c6b | Move file pointer |
| 2018-12-17T23:02:42.400860859Z | 44 | PC: 12c6f | Get time 0x12c6f: mov byte ptr [bp + 0x252], dl 0x12c73: call 0x12c89 0x12c76: mov ah, 0x40 0x12c78: mov cx, 0x252 0x12c7b: lea dx, word ptr [bp + 6] 0x12c7f: int 0x21 0x12c81: call 0x12c89 0x12c84: mov ah, 0x3e 0x12c86: int 0x21 0x12c88: ret 0x12c89: lea si, word ptr [bp + 0x11] 0x12c8d: mov cx, 0x222 0x12c90: xor byte ptr [si], 0x5c 0x12c93: inc si 0x12c94: dec cx 0x12c95: jne 0x12c90 0x12c97: ret 0x12c98: add word ptr [bx], di 0x12c9a: aas 0x12c9b: aas |
| 2018-12-17T23:02:42.403669306Z | 64 | PC: 12c81 | Write file or device (Write 594 bytes on handle 5) |
| 2018-12-17T23:02:42.413426258Z | 62 | PC: 12c88 | Close file |
| 2018-12-17T23:02:42.423133677Z | 79 | PC: 12a78 | Find next file |
| 2018-12-17T23:02:42.426490624Z | 61 | PC: 12c26 | Open file (Filename = 'TEST.COM') |
| 2018-12-17T23:02:42.434666385Z | 63 | PC: 12c35 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:02:42.438009316Z | 62 | PC: 12c88 | Close file |
| 2018-12-17T23:02:42.439925958Z | 79 | PC: 12a78 | Find next file |
| 2018-12-17T23:02:42.443872402Z | 26 | PC: 12a88 | Set disk transfer address |
| 2018-12-17T23:02:42.445677975Z | 9 | PC: 12aa6 | Display string (Could not find end pointer) |