.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T23:03:26.678252769Z | 44 | PC: 12a58 | Get time 0x12a58: mov byte ptr [0x111], dh 0x12a5c: mov byte ptr [0x110], 0 0x12a61: call 0x12eb0 0x12a64: cmp byte ptr [0x111], 5 0x12a69: jg 0x12a73 0x12a6b: mov byte ptr [0x110], 1 0x12a70: jmp 0x12aab 0x12a72: nop 0x12a73: cmp byte ptr [0x111], 0xc 0x12a78: jg 0x12a89 0x12a7a: mov ax, 0x2505 0x12a7d: mov dx, 0 0x12a80: mov ds, dx 0x12a82: int 0x21 0x12a84: push cs 0x12a85: pop ds 0x12a86: jmp 0x12aab 0x12a88: nop 0x12a89: cmp byte ptr [0x111], 0x10 0x12a8e: jg 0x12aab |
| 2018-12-17T23:03:26.681492444Z | 103 | PC: 12ab5 | Set handle count |
| 2018-12-17T23:03:26.68270495Z | 44 | PC: 12e9f | Get time 0x12e9f: mov word ptr [0x611], cx 0x12ea3: mov ah, 0x2a 0x12ea5: int 0x21 0x12ea7: mov word ptr [0x60d], cx 0x12eab: mov word ptr [0x60f], dx 0x12eaf: ret 0x12eb0: lea di, word ptr [0x62c] 0x12eb4: mov cx, word ptr [0x108] 0x12eb8: mov al, byte ptr cs:[di] 0x12ebb: xor al, 0x4e 0x12ebd: mov byte ptr cs:[di], al 0x12ec0: inc di 0x12ec1: loop 0x12eb8 0x12ec3: ret 0x12ec4: ret 0x12ec5: push cs 0x12ec6: pop ds 0x12ec7: push cs 0x12ec8: pop ax 0x12ec9: add al, byte ptr [0x107] |
| 2018-12-17T23:03:26.684775222Z | 42 | PC: 12ea7 | Get date 0x12ea7: mov word ptr [0x60d], cx 0x12eab: mov word ptr [0x60f], dx 0x12eaf: ret 0x12eb0: lea di, word ptr [0x62c] 0x12eb4: mov cx, word ptr [0x108] 0x12eb8: mov al, byte ptr cs:[di] 0x12ebb: xor al, 0x4e 0x12ebd: mov byte ptr cs:[di], al 0x12ec0: inc di 0x12ec1: loop 0x12eb8 0x12ec3: ret 0x12ec4: ret 0x12ec5: push cs 0x12ec6: pop ds 0x12ec7: push cs 0x12ec8: pop ax 0x12ec9: add al, byte ptr [0x107] 0x12ecd: mov word ptr [0x10a], ax 0x12ed0: push ds 0x12ed1: mov ah, 0x3f |
| 2018-12-17T23:03:26.687234465Z | 53 | PC: 12e3a | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T23:03:26.688632721Z | 53 | PC: 12e47 | Get interrupt vector (Interrupt = '19' AKA 'Delete file') |
| 2018-12-17T23:03:26.690035531Z | 53 | PC: 12e54 | Get interrupt vector (Interrupt = '20' AKA 'Sequential read') |
| 2018-12-17T23:03:26.691489514Z | 37 | PC: 12e86 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T23:03:26.69353215Z | 37 | PC: 12e8f | Set interrupt vector (Interrupt = '19' AKA 'Delete file') |
| 2018-12-17T23:03:26.695290058Z | 37 | PC: 12e98 | Set interrupt vector (Interrupt = '20' AKA 'Sequential read') |
| 2018-12-17T23:03:26.697082405Z | 9 | PC: 12a47 | Display string (String= '') |