.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T23:03:21.372705468Z | 222 | PC: 15101 | UNKNOWN! |
| 2018-12-17T23:03:21.374207527Z | 44 | PC: 1512f | Get time 0x1512f: jmp 0x15136
0x15131: nop
0x15132: clc
0x15133: inc ax
0x15134: sbb word ptr [bx + si], ax
0x15136: mov dh, 0
0x15138: shl dx, 4
0x1513b: mov word ptr [0x716], dx
0x1513f: mov ax, es
0x15141: dec ax
0x15142: mov es, ax
0x15144: mov ax, word ptr es:[3]
0x15148: mov bx, word ptr [0x13c]
0x1514c: sub ax, bx
0x1514e: mov word ptr es:[3], ax
0x15152: mov bx, word ptr es:[1]
0x15157: add bx, ax
0x15159: mov si, bx
0x1515b: xor ax, ax
0x1515d: mov es, ax
|
| 2018-12-17T23:03:21.376428167Z | 42 | PC: 151c3 | Get date 0x151c3: jmp 0x151ca
0x151c5: nop
0x151c6: add ax, word ptr [bx + di]
0x151c8: dec ax
0x151c9: lahf
0x151ca: mov dh, dl
0x151cc: shr dl, 1
0x151ce: shl dl, 1
0x151d0: cmp dh, dl
0x151d2: je 0x15208
0x151d4: nop
0x151d5: nop
0x151d6: mov ax, 0x6f7
0x151d9: cli
0x151da: mov word ptr es:[0x24], ax
0x151de: mov word ptr es:[0x26], si
0x151e3: sti
0x151e4: jmp 0x15208
0x151e6: nop
0x151e7: pushf
|
| 2018-12-17T23:03:21.37850247Z | 44 | PC: 15228 | Get time 0x15228: jmp 0x1522f
0x1522a: nop
0x1522b: add ax, word ptr [bx + di]
0x1522d: dec ax
0x1522e: lahf
0x1522f: cmp dl, 0
0x15232: jne 0x15260
0x15234: nop
0x15235: nop
0x15236: mov ah, 9
0x15238: mov dx, 0x144
0x1523b: push ax
0x1523c: push es
0x1523d: xor ax, ax
0x1523f: mov es, ax
0x15241: mov ax, word ptr es:[0x84]
0x15245: mov word ptr cs:[0x76c], ax
0x15249: mov ax, word ptr es:[0x86]
0x1524d: mov word ptr cs:[0x76e], ax
0x15251: pop es
|
| 2018-12-17T23:03:21.381306908Z | 48 | PC: 12a6d | Get DOS version |
| 2018-12-17T23:03:21.382495648Z | 9 | PC: 12a84 | Display string (Could not find end pointer) |
| 2018-12-17T23:03:21.391614664Z | 61 | PC: 12cc4 | Open file (Filename = '�') |
| 2018-12-17T23:03:21.398473252Z | 9 | PC: 12a92 | Display string (Could not find end pointer) |
| 2018-12-17T23:03:21.400604362Z | 93 | PC: 12b31 | File sharing functions |
| 2018-12-17T23:03:21.402326828Z | 9 | PC: 12b10 | Display string (String= 'Size change=+1174h/04468d. Virus might be activ?
��') |
| 2018-12-17T23:03:21.407678486Z | 76 | PC: 12b16 | Terminate with return code (Return code = '1') |
| 2018-12-17T23:03:21.410767454Z | 77 | PC: 11fe0 | Get program return code |
| 2018-12-17T23:03:21.411897753Z | 98 | PC: 9f632 | Get current PSP |
| 2018-12-17T23:03:21.412611153Z | 72 | PC: 12174 | Allocate memory |
| 2018-12-17T23:03:21.414746478Z | 98 | PC: 9f632 | Get current PSP |
| 2018-12-17T23:03:21.415428284Z | 72 | PC: 1218d | Allocate memory |
| 2018-12-17T23:03:21.417400394Z | 37 | PC: 123c4 | Set interrupt vector (Interrupt = '34' AKA 'Random write') |
| 2018-12-17T23:03:21.419114991Z | 37 | PC: 123cb | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:03:21.420227793Z | 37 | PC: 123d2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:03:21.421375747Z | 62 | PC: 122ab | Close file |
| 2018-12-17T23:03:21.423905176Z | 62 | PC: 122ab | Close file |
| 2018-12-17T23:03:21.425364995Z | 62 | PC: 122ab | Close file |
| 2018-12-17T23:03:21.426807107Z | 62 | PC: 122ab | Close file |
| 2018-12-17T23:03:21.438320534Z | 62 | PC: 122ab | Close file |
| 2018-12-17T23:03:21.43987567Z | 62 | PC: 122ab | Close file |
| 2018-12-17T23:03:21.441203033Z | 62 | PC: 122ab | Close file |
| 2018-12-17T23:03:21.443228246Z | 62 | PC: 122ab | Close file |
| 2018-12-17T23:03:21.444813671Z | 62 | PC: 122ab | Close file |
| 2018-12-17T23:03:21.446483159Z | 62 | PC: 122ab | Close file |
| 2018-12-17T23:03:21.44874603Z | 62 | PC: 122ab | Close file |
| 2018-12-17T23:03:21.450335139Z | 62 | PC: 122ab | Close file |
| 2018-12-17T23:03:21.452013162Z | 62 | PC: 122ab | Close file |
| 2018-12-17T23:03:21.455201046Z | 62 | PC: 122ab | Close file |
| 2018-12-17T23:03:21.456837474Z | 62 | PC: 122ab | Close file |
| 2018-12-17T23:03:21.459761426Z | 99 | PC: 99e57 | Get DBCS lead byte table pointer |
| 2018-12-17T23:03:21.461952132Z | 56 | PC: 94679 | Get or set country info |
| 2018-12-17T23:03:21.463950331Z | 64 | PC: 9a0c8 | Write file or device (Write 2 bytes on handle 1) |
| 2018-12-17T23:03:21.468266463Z | 25 | PC: 946e2 | Get default drive |
| 2018-12-17T23:03:21.470414648Z | 71 | PC: 9695d | Get current directory |
| 2018-12-17T23:03:21.474276845Z | 64 | PC: 9a0c8 | Write file or device (Write 3 bytes on handle 1) |
| 2018-12-17T23:03:21.477383367Z | 2 | PC: 96932 | Character output (Char = '3e') |
| 2018-12-17T23:03:21.481895432Z | 93 | PC: 947a0 | File sharing functions |
| 2018-12-17T23:03:21.483974915Z | 93 | PC: 947a7 | File sharing functions |
| 2018-12-17T23:03:21.486135661Z | 10 | PC: 947b9 | Buffered keyboard input |
| 2018-12-17T23:03:36.354885198Z | 0 | PC: 0 | Program terminate |
| 2018-12-17T23:03:37.709726847Z | 0 | PC: 0 | Program terminate |
| 2018-12-17T23:03:37.813337567Z | 64 | PC: 9a0c8 | Write file or device (Write 2 bytes on handle 1) |
| 2018-12-17T23:03:37.81971719Z | 41 | PC: 9482e | Parse filename |
| 2018-12-17T23:03:37.82182217Z | 41 | PC: 948af | Parse filename |
| 2018-12-17T23:03:37.824380753Z | 41 | PC: 948cc | Parse filename |
| 2018-12-17T23:03:37.828813701Z | 26 | PC: 97d77 | Set disk transfer address |
| 2018-12-17T23:03:37.830743968Z | 71 | PC: 97f73 | Get current directory |
| 2018-12-17T23:03:37.85361604Z | 78 | PC: 97f7e | Find first file |
| 2018-12-17T23:03:37.868919906Z | 71 | PC: 97dec | Get current directory |
| 2018-12-17T23:03:37.872305341Z | 73 | PC: 97489 | Release memory |
| 2018-12-17T23:03:37.874453037Z | 67 | PC: 9f6d2 | Get or set file attributes |
| 2018-12-17T23:03:37.881350379Z | 67 | PC: 9f703 | Get or set file attributes |
| 2018-12-17T23:03:37.897139435Z | 61 | PC: 9f72c | Open file (Filename = '��W��������@���B�P�3���&��') |
| 2018-12-17T23:03:37.914280009Z | 87 | PC: 9f771 | Get or set file date and time |
| 2018-12-17T23:03:37.915815364Z | 63 | PC: 9f7aa | Read file or device (Read 24 bytes on handle 5) |
| 2018-12-17T23:03:37.919903867Z | 87 | PC: 9f9e4 | Get or set file date and time |
| 2018-12-17T23:03:37.921025688Z | 62 | PC: 9fa0f | Close file |
| 2018-12-17T23:03:37.926796026Z | 67 | PC: 9fa4b | Get or set file attributes |
| 2018-12-17T23:03:37.933000731Z | 75 | PC: 11821 | Execute program |
| 2018-12-17T23:03:37.940167079Z | 9 | PC: 12a47 | Display string (String= 'Hello, World!
') |
| 2018-12-17T23:03:37.945617638Z | 76 | PC: 12a4b | Terminate with return code (Return code = '36') |
| 2018-12-17T23:03:37.948532529Z | 77 | PC: 11fe0 | Get program return code |
| 2018-12-17T23:03:37.949797435Z | 98 | PC: 9f632 | Get current PSP |
| 2018-12-17T23:03:37.950904859Z | 72 | PC: 12174 | Allocate memory |
| 2018-12-17T23:03:37.952545606Z | 98 | PC: 9f632 | Get current PSP |
| 2018-12-17T23:03:37.954936748Z | 72 | PC: 1218d | Allocate memory |
| 2018-12-17T23:03:37.956882757Z | 37 | PC: 123c4 | Set interrupt vector (Interrupt = '34' AKA 'Random write') |
| 2018-12-17T23:03:37.95796794Z | 37 | PC: 123cb | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:03:37.959061814Z | 37 | PC: 123d2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:03:37.960632846Z | 62 | PC: 122ab | Close file |
| 2018-12-17T23:03:37.962052395Z | 62 | PC: 122ab | Close file |
| 2018-12-17T23:03:37.963284773Z | 62 | PC: 122ab | Close file |
| 2018-12-17T23:03:37.970660132Z | 62 | PC: 122ab | Close file |
| 2018-12-17T23:03:37.972048961Z | 62 | PC: 122ab | Close file |
| 2018-12-17T23:03:37.973521457Z | 62 | PC: 122ab | Close file |
| 2018-12-17T23:03:37.975562532Z | 62 | PC: 122ab | Close file |
| 2018-12-17T23:03:37.976917313Z | 62 | PC: 122ab | Close file |
| 2018-12-17T23:03:37.97849459Z | 62 | PC: 122ab | Close file |
| 2018-12-17T23:03:37.987964997Z | 62 | PC: 122ab | Close file |
| 2018-12-17T23:03:37.990559462Z | 62 | PC: 122ab | Close file |
| 2018-12-17T23:03:37.992345461Z | 62 | PC: 122ab | Close file |
| 2018-12-17T23:03:37.995179229Z | 62 | PC: 122ab | Close file |
| 2018-12-17T23:03:37.996936258Z | 62 | PC: 122ab | Close file |
| 2018-12-17T23:03:37.998678593Z | 62 | PC: 122ab | Close file |
| 2018-12-17T23:03:38.002646121Z | 99 | PC: 99e57 | Get DBCS lead byte table pointer |
| 2018-12-17T23:03:38.003939403Z | 56 | PC: 94679 | Get or set country info |
| 2018-12-17T23:03:38.006357448Z | 64 | PC: 9a0c8 | Write file or device (Write 2 bytes on handle 1) |
| 2018-12-17T23:03:38.011202654Z | 25 | PC: 946e2 | Get default drive |
| 2018-12-17T23:03:38.012807277Z | 71 | PC: 9695d | Get current directory |
| 2018-12-17T23:03:38.016957579Z | 64 | PC: 9a0c8 | Write file or device (Write 3 bytes on handle 1) |
| 2018-12-17T23:03:38.021393101Z | 2 | PC: 96932 | Character output (Char = '3e') |
| 2018-12-17T23:03:38.023978485Z | 93 | PC: 947a0 | File sharing functions |
| 2018-12-17T23:03:38.026807289Z | 93 | PC: 947a7 | File sharing functions |
| 2018-12-17T23:03:38.030118731Z | 10 | PC: 947b9 | Buffered keyboard input |
