.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T23:03:43.524563705Z | 53 | PC: 1377a | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:03:43.52653281Z | 53 | PC: 1377a | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T23:03:43.527769978Z | 53 | PC: 1377a | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T23:03:43.52897138Z | 53 | PC: 1377a | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T23:03:43.531170303Z | 53 | PC: 1377a | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:03:43.532517209Z | 53 | PC: 1377a | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:03:43.533931117Z | 53 | PC: 1377a | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T23:03:43.535299381Z | 53 | PC: 1377a | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T23:03:43.537461366Z | 53 | PC: 1377a | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T23:03:43.539502491Z | 53 | PC: 1377a | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T23:03:43.541531147Z | 53 | PC: 1377a | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T23:03:43.544080815Z | 53 | PC: 1377a | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T23:03:43.556364163Z | 53 | PC: 1377a | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T23:03:43.558492Z | 53 | PC: 1377a | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T23:03:43.560821194Z | 53 | PC: 1377a | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T23:03:43.562652968Z | 53 | PC: 1377a | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T23:03:43.564013779Z | 53 | PC: 1377a | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T23:03:43.566188921Z | 53 | PC: 1377a | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:03:43.568361558Z | 53 | PC: 1377a | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T23:03:43.57050996Z | 37 | PC: 1378f | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:03:43.572731415Z | 37 | PC: 13797 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:03:43.57411107Z | 37 | PC: 1379f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:03:43.575341535Z | 37 | PC: 137a7 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:03:43.577772382Z | 68 | PC: 14477 | I/O control for devices (Set for = '') |
| 2018-12-17T23:03:43.58000787Z | 44 | PC: 145ae | Get time 0x145ae: mov word ptr [0x13e], cx 0x145b2: mov word ptr [0x140], dx 0x145b6: retf 0x145b7: call 0x145fe 0x145ba: jb 0x145cb 0x145bc: mov cx, word ptr es:[di + 4] 0x145c0: cmp cx, 1 0x145c3: je 0x145cb 0x145c5: xor bx, bx 0x145c7: push cs 0x145c8: call 0x2413f 0x145cb: retf 4 0x145ce: call 0x145fe 0x145d1: jb 0x145e6 0x145d3: mov ax, cx 0x145d5: mov dx, bx 0x145d7: mov cx, word ptr es:[di + 4] 0x145db: cmp cx, 1 0x145de: je 0x145e6 0x145e0: xor bx, bx |
| 2018-12-17T23:03:43.583109842Z | 44 | PC: 133dd | Get time 0x133dd: xor ah, ah 0x133df: mov al, dl 0x133e1: les di, ptr [bp + 6] 0x133e4: stosw word ptr es:[di], ax 0x133e5: mov al, dh 0x133e7: les di, ptr [bp + 0xa] 0x133ea: stosw word ptr es:[di], ax 0x133eb: mov al, cl 0x133ed: les di, ptr [bp + 0xe] 0x133f0: stosw word ptr es:[di], ax 0x133f1: mov al, ch 0x133f3: les di, ptr [bp + 0x12] 0x133f6: stosw word ptr es:[di], ax 0x133f7: pop bp 0x133f8: retf 0x10 0x133fb: push bp 0x133fc: mov bp, sp 0x133fe: mov ch, byte ptr [bp + 0xc] 0x13401: mov cl, byte ptr [bp + 0xa] 0x13404: mov dh, byte ptr [bp + 8] |
| 2018-12-17T23:03:43.587195621Z | 42 | PC: 133a7 | Get date 0x133a7: xor ah, ah 0x133a9: les di, ptr [bp + 6] 0x133ac: stosw word ptr es:[di], ax 0x133ad: mov al, dl 0x133af: les di, ptr [bp + 0xa] 0x133b2: stosw word ptr es:[di], ax 0x133b3: mov al, dh 0x133b5: les di, ptr [bp + 0xe] 0x133b8: stosw word ptr es:[di], ax 0x133b9: xchg ax, cx 0x133ba: les di, ptr [bp + 0x12] 0x133bd: stosw word ptr es:[di], ax 0x133be: pop bp 0x133bf: retf 0x10 0x133c2: push bp 0x133c3: mov bp, sp 0x133c5: mov cx, word ptr [bp + 0xa] 0x133c8: mov dh, byte ptr [bp + 8] 0x133cb: mov dl, byte ptr [bp + 6] 0x133ce: mov ah, 0x2b |
| 2018-12-17T23:03:43.591056128Z | 48 | PC: 13fa7 | Get DOS version |
| 2018-12-17T23:03:43.593070953Z | 67 | PC: 13421 | Get or set file attributes |
| 2018-12-17T23:03:43.600154202Z | 67 | PC: 13448 | Get or set file attributes |
| 2018-12-17T23:03:43.620894959Z | 61 | PC: 13de5 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T23:03:43.629874259Z | 63 | PC: 13eb8 | Read file or device (Read 5658 bytes on handle 5) |
| 2018-12-17T23:03:43.638450475Z | 62 | PC: 13e35 | Close file |
| 2018-12-17T23:03:43.641875871Z | 25 | PC: 14034 | Get default drive |
| 2018-12-17T23:03:43.643296733Z | 71 | PC: 14047 | Get current directory |
| 2018-12-17T23:03:43.646971382Z | 26 | PC: 134bf | Set disk transfer address |
| 2018-12-17T23:03:43.650867291Z | 78 | PC: 134cb | Find first file |
| 2018-12-17T23:03:43.65810252Z | 67 | PC: 13421 | Get or set file attributes |
| 2018-12-17T23:03:43.666068092Z | 67 | PC: 13448 | Get or set file attributes |
| 2018-12-17T23:03:43.679206641Z | 61 | PC: 13de5 | Open file (Filename = 'TEST.EXE') |
| 2018-12-17T23:03:43.686845167Z | 66 | PC: 14618 | Move file pointer |
| 2018-12-17T23:03:43.688418565Z | 66 | PC: 14626 | Move file pointer |
| 2018-12-17T23:03:43.690583361Z | 66 | PC: 14634 | Move file pointer |
| 2018-12-17T23:03:43.692304641Z | 66 | PC: 14618 | Move file pointer |
| 2018-12-17T23:03:43.693958137Z | 66 | PC: 14626 | Move file pointer |
| 2018-12-17T23:03:43.69617202Z | 66 | PC: 14634 | Move file pointer |
| 2018-12-17T23:03:43.697832819Z | 87 | PC: 13462 | Get or set file date and time |
| 2018-12-17T23:03:43.699761907Z | 87 | PC: 13462 | Get or set file date and time |
| 2018-12-17T23:03:43.70170618Z | 63 | PC: 13eb8 | Read file or device (Read 5658 bytes on handle 5) |
| 2018-12-17T23:03:43.711379358Z | 62 | PC: 13e35 | Close file |
| 2018-12-17T23:03:43.713805874Z | 61 | PC: 13de5 | Open file (Filename = 'TEST.EXE') |
| 2018-12-17T23:03:43.721705067Z | 87 | PC: 1348f | Get or set file date and time |
| 2018-12-17T23:03:43.724816136Z | 62 | PC: 13e35 | Close file |
| 2018-12-17T23:03:43.733069787Z | 67 | PC: 13448 | Get or set file attributes |
| 2018-12-17T23:03:43.744316677Z | 26 | PC: 134e3 | Set disk transfer address |
| 2018-12-17T23:03:43.746101273Z | 79 | PC: 134e8 | Find next file |
| 2018-12-17T23:03:43.748082466Z | 59 | PC: 140fb | Change current directory |
| 2018-12-17T23:03:43.751025547Z | 26 | PC: 134bf | Set disk transfer address |
| 2018-12-17T23:03:43.752527588Z | 78 | PC: 134cb | Find first file |
| 2018-12-17T23:03:43.756614722Z | 26 | PC: 134e3 | Set disk transfer address |
| 2018-12-17T23:03:43.757613016Z | 79 | PC: 134e8 | Find next file |
| 2018-12-17T23:03:43.760098778Z | 26 | PC: 134e3 | Set disk transfer address |
| 2018-12-17T23:03:43.76105712Z | 79 | PC: 134e8 | Find next file |
| 2018-12-17T23:03:43.763141148Z | 26 | PC: 134e3 | Set disk transfer address |
| 2018-12-17T23:03:43.764139094Z | 79 | PC: 134e8 | Find next file |
| 2018-12-17T23:03:43.766291635Z | 26 | PC: 134e3 | Set disk transfer address |
| 2018-12-17T23:03:43.767139165Z | 79 | PC: 134e8 | Find next file |
| 2018-12-17T23:03:43.769167404Z | 26 | PC: 134e3 | Set disk transfer address |
| 2018-12-17T23:03:43.770478008Z | 79 | PC: 134e8 | Find next file |
| 2018-12-17T23:03:43.773477905Z | 26 | PC: 134e3 | Set disk transfer address |
| 2018-12-17T23:03:43.774593674Z | 79 | PC: 134e8 | Find next file |
| 2018-12-17T23:03:43.777780541Z | 26 | PC: 134e3 | Set disk transfer address |
| 2018-12-17T23:03:43.778843009Z | 79 | PC: 134e8 | Find next file |
| 2018-12-17T23:03:43.781642162Z | 26 | PC: 134e3 | Set disk transfer address |
| 2018-12-17T23:03:43.783336748Z | 79 | PC: 134e8 | Find next file |
| 2018-12-17T23:03:43.78623688Z | 26 | PC: 134e3 | Set disk transfer address |
| 2018-12-17T23:03:43.787140757Z | 79 | PC: 134e8 | Find next file |
| 2018-12-17T23:03:43.789938598Z | 48 | PC: 13fa7 | Get DOS version |
| 2018-12-17T23:03:43.791364051Z | 67 | PC: 13448 | Get or set file attributes |
| 2018-12-17T23:03:43.802528663Z | 48 | PC: 13fa7 | Get DOS version |
| 2018-12-17T23:03:43.804509497Z | 67 | PC: 13421 | Get or set file attributes |
| 2018-12-17T23:03:43.810922997Z | 67 | PC: 13448 | Get or set file attributes |
| 2018-12-17T23:03:43.821646372Z | 61 | PC: 13de5 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T23:03:43.83292565Z | 87 | PC: 13462 | Get or set file date and time |
| 2018-12-17T23:03:43.834690127Z | 87 | PC: 13462 | Get or set file date and time |
| 2018-12-17T23:03:43.836263557Z | 66 | PC: 14618 | Move file pointer |
| 2018-12-17T23:03:43.83809051Z | 66 | PC: 14626 | Move file pointer |
| 2018-12-17T23:03:43.839381305Z | 66 | PC: 14634 | Move file pointer |
| 2018-12-17T23:03:43.840609717Z | 66 | PC: 13f17 | Move file pointer |
| 2018-12-17T23:03:43.842451155Z | 63 | PC: 13eb8 | Read file or device (Read 5658 bytes on handle 5) |
| 2018-12-17T23:03:43.848492373Z | 66 | PC: 13f17 | Move file pointer |
| 2018-12-17T23:03:43.850083653Z | 64 | PC: 13eb8 | Write file or device (Write 5658 bytes on handle 5) |
| 2018-12-17T23:03:43.869229979Z | 62 | PC: 13e35 | Close file |
| 2018-12-17T23:03:43.874486494Z | 53 | PC: 136e9 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:03:43.875426104Z | 37 | PC: 136f2 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:03:43.876491657Z | 53 | PC: 136e9 | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T23:03:43.878166516Z | 37 | PC: 136f2 | Set interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T23:03:43.879207069Z | 53 | PC: 136e9 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T23:03:43.880805439Z | 37 | PC: 136f2 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T23:03:43.882832714Z | 53 | PC: 136e9 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T23:03:43.883999474Z | 37 | PC: 136f2 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T23:03:43.885678479Z | 53 | PC: 136e9 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:03:43.887496425Z | 37 | PC: 136f2 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:03:43.888742177Z | 53 | PC: 136e9 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:03:43.89068346Z | 37 | PC: 136f2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:03:43.892434355Z | 53 | PC: 136e9 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T23:03:43.893568796Z | 37 | PC: 136f2 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T23:03:43.894662273Z | 53 | PC: 136e9 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T23:03:43.896441237Z | 37 | PC: 136f2 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T23:03:43.897577293Z | 53 | PC: 136e9 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T23:03:43.898760977Z | 37 | PC: 136f2 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T23:03:43.900558931Z | 53 | PC: 136e9 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T23:03:43.901715463Z | 37 | PC: 136f2 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T23:03:43.90286958Z | 53 | PC: 136e9 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T23:03:43.904601288Z | 37 | PC: 136f2 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T23:03:43.905878905Z | 53 | PC: 136e9 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T23:03:43.907058397Z | 37 | PC: 136f2 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T23:03:43.908899723Z | 53 | PC: 136e9 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T23:03:43.910061727Z | 37 | PC: 136f2 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T23:03:43.911154127Z | 53 | PC: 136e9 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T23:03:43.912758273Z | 37 | PC: 136f2 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T23:03:43.914327813Z | 53 | PC: 136e9 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T23:03:43.915454581Z | 37 | PC: 136f2 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T23:03:43.916525533Z | 53 | PC: 136e9 | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T23:03:43.917907575Z | 37 | PC: 136f2 | Set interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T23:03:43.919342964Z | 53 | PC: 136e9 | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T23:03:43.920923555Z | 37 | PC: 136f2 | Set interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T23:03:43.923065729Z | 53 | PC: 136e9 | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:03:43.924326445Z | 37 | PC: 136f2 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:03:43.925983658Z | 53 | PC: 136e9 | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T23:03:43.928104002Z | 37 | PC: 136f2 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T23:03:43.92959718Z | 48 | PC: 13fa7 | Get DOS version |
| 2018-12-17T23:03:43.931472374Z | 41 | PC: 13638 | Parse filename |
| 2018-12-17T23:03:43.934275045Z | 41 | PC: 13646 | Parse filename |
| 2018-12-17T23:03:43.936209469Z | 75 | PC: 13651 | Execute program |